From ce54aafa7546ee84b2761f7de60cfee641e759fd Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 08:47:37 +0000 Subject: [PATCH 01/13] Fix indentation hiccup in ssl_tls13_client.c --- library/ssl_tls13_client.c | 4571 ++++++++++++++++++------------------ 1 file changed, 2285 insertions(+), 2286 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 23d3cbad1e4e..170e39d71808 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1174,62 +1174,61 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, { /* info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); */ #else - for ( info = mbedtls_ecp_curve_list( ); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) - { + for ( info = mbedtls_ecp_curve_list( ); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) + { #endif - elliptic_curve_len += 2; - } + elliptic_curve_len += 2; + } - if( elliptic_curve_len == 0 ) - { - /* If we have no curves configured then we are in trouble. */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "No curves configured." ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + if( elliptic_curve_len == 0 ) + { + /* If we have no curves configured then we are in trouble. */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "No curves configured." ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } - if( end < p || (size_t)( end - p ) < 6 + elliptic_curve_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; - } + if( end < p || (size_t)( end - p ) < 6 + elliptic_curve_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_groups extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_groups extension" ) ); - elliptic_curve_len = 0; + elliptic_curve_len = 0; #if defined(MBEDTLS_ECP_C) - for ( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) - { - info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); + for ( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) + { + info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - if( info == NULL ) return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if( info == NULL ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else - for ( info = mbedtls_ecp_curve_list( ); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) - { + for ( info = mbedtls_ecp_curve_list( ); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) + { #endif - elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8; - elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; - MBEDTLS_SSL_DEBUG_MSG( 5, ( "Named Curve: %s ( %x )", mbedtls_ecp_curve_info_from_tls_id( info->tls_id )->name, info->tls_id ) ); - } + elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8; + elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; + MBEDTLS_SSL_DEBUG_MSG( 5, ( "Named Curve: %s ( %x )", mbedtls_ecp_curve_info_from_tls_id( info->tls_id )->name, info->tls_id ) ); + } - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 )) & 0xFF ); + *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 )) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len )) & 0xFF ); + *p++ = ( unsigned char )( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( elliptic_curve_len )) & 0xFF ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Supported groups extension", buf + 4, elliptic_curve_len + 2 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "Supported groups extension", buf + 4, elliptic_curve_len + 2 ); - *olen = 6 + elliptic_curve_len; - return 0; - } + *olen = 6 + elliptic_curve_len; + return 0; + } #endif /* defined(MBEDTLS_ECDH_C) */ - - /* Key Shares Extension @@ -1266,754 +1265,754 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, #if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) - static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, - unsigned char* buf, - unsigned char* end, - size_t* olen ) - { - unsigned char* p; - unsigned char *header = buf; /* Pointer where the header has to go. */ - size_t len; - int ret; - int nr; - /*const int *ciphersuites; */ +static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, + unsigned char* buf, + unsigned char* end, + size_t* olen ) +{ + unsigned char* p; + unsigned char *header = buf; /* Pointer where the header has to go. */ + size_t len; + int ret; + int nr; + /*const int *ciphersuites; */ - /* TODO: Add bounds checks! Only then remove the next line. */ - ((void) end); + /* TODO: Add bounds checks! Only then remove the next line. */ + ((void) end); #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - p = buf + 2; - } - else + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + p = buf + 2; + } + else #endif /* MBEDTLS_CTLS */ - { - p = buf + 4; - } + { + p = buf + 4; + } - const mbedtls_ecp_curve_info *info = NULL; - const mbedtls_ecp_group_id *grp_id; - /* int max_size = 0; */ - /*const mbedtls_ssl_ciphersuite_t *suite_info; */ + const mbedtls_ecp_curve_info *info = NULL; + const mbedtls_ecp_group_id *grp_id; + /* int max_size = 0; */ + /*const mbedtls_ssl_ciphersuite_t *suite_info; */ - *olen = 0; + *olen = 0; - if( ssl->conf->curve_list == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, key share extension: empty curve list" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + if( ssl->conf->curve_list == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, key share extension: empty curve list" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding key share extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding key share extension" ) ); - if( ssl->session_negotiate == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl->session_negotiate == NULL" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + if( ssl->session_negotiate == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl->session_negotiate == NULL" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } - /* - * Ciphersuite list - * - ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; + /* + * Ciphersuite list + * + ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; - for ( int i = 0; ciphersuites[i] != 0; i++ ) - { - suite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); + for ( int i = 0; ciphersuites[i] != 0; i++ ) + { + suite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); - if( suite_info == NULL ) - continue; + if( suite_info == NULL ) + continue; - if( suite_info->hash == MBEDTLS_MD_SHA256 ) max_size = 128; - else if( suite_info->hash == MBEDTLS_MD_SHA384 ) max_size = 384; - } + if( suite_info->hash == MBEDTLS_MD_SHA256 ) max_size = 128; + else if( suite_info->hash == MBEDTLS_MD_SHA384 ) max_size = 384; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Ciphersuites require a key length of max %d bits", max_size ) ); - */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Ciphersuites require a key length of max %d bits", max_size ) ); + */ - /* The key_shares_curve_list provides us information about what we are expected to - * send, either based on the info provided by the app or by info offered by the server - * using the HRR. - */ - nr = 0; + /* The key_shares_curve_list provides us information about what we are expected to + * send, either based on the info provided by the app or by info offered by the server + * using the HRR. + */ + nr = 0; - for ( grp_id = ssl->handshake->key_shares_curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { + for ( grp_id = ssl->handshake->key_shares_curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { - info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); + info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - /* Check whether the key share matches the selected ciphersuite - * in terms of key length. - * - * Hence, AES-128 should go with a group bit size of 192 and 224 bits. - * - * TBD: Do we need this check? + /* Check whether the key share matches the selected ciphersuite + * in terms of key length. + * + * Hence, AES-128 should go with a group bit size of 192 and 224 bits. + * + * TBD: Do we need this check? - switch ( max_size ) { - case 128: if( info->bit_size != 256 && info->bit_size!=192 && info->bit_size!= 224 ) continue; - break; - case 384: if( info->bit_size != 384 ) continue; - break; - } - */ + switch ( max_size ) { + case 128: if( info->bit_size != 256 && info->bit_size!=192 && info->bit_size!= 224 ) continue; + break; + case 384: if( info->bit_size != 384 ) continue; + break; + } + */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", info->name ) ); - if( ( ret = mbedtls_ecp_group_load( &ssl->handshake->ecdh_ctx[nr].grp, info->grp_id )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); - return( ret ); - } + if( ( ret = mbedtls_ecp_group_load( &ssl->handshake->ecdh_ctx[nr].grp, info->grp_id )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); + return( ret ); + } - if( ( ret = mbedtls_ecdh_make_params( &ssl->handshake->ecdh_ctx[nr], &len, - p+2, MBEDTLS_SSL_MAX_CONTENT_LEN - *olen, - ssl->conf->f_rng, ssl->conf->p_rng )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret ); - return( ret ); - } + if( ( ret = mbedtls_ecdh_make_params( &ssl->handshake->ecdh_ctx[nr], &len, + p+2, MBEDTLS_SSL_MAX_CONTENT_LEN - *olen, + ssl->conf->f_rng, ssl->conf->p_rng )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret ); + return( ret ); + } - /* Write length of the key_exchange entry */ - *p++ = ( unsigned char )( ( ( len ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( len )) & 0xFF ); + /* Write length of the key_exchange entry */ + *p++ = ( unsigned char )( ( ( len ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( len )) & 0xFF ); - p += len; - *olen += len + 2; - MBEDTLS_SSL_DEBUG_ECP( 3, "ECDHE: Q ", &ssl->handshake->ecdh_ctx[nr].Q ); + p += len; + *olen += len + 2; + MBEDTLS_SSL_DEBUG_ECP( 3, "ECDHE: Q ", &ssl->handshake->ecdh_ctx[nr].Q ); - nr++; - if( nr == MBEDTLS_SSL_MAX_KEY_SHARES ) - { - MBEDTLS_SSL_DEBUG_MSG( 4, ( "Reached maximum number of KeyShareEntries: %d", nr ) ); - break; - } - } + nr++; + if( nr == MBEDTLS_SSL_MAX_KEY_SHARES ) + { + MBEDTLS_SSL_DEBUG_MSG( 4, ( "Reached maximum number of KeyShareEntries: %d", nr ) ); + break; + } + } - /* Write extension header */ - *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); - *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); + /* Write extension header */ + *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); + *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - *olen += 2; /* 2 bytes for fixed header */ - } else + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + *olen += 2; /* 2 bytes for fixed header */ + } else #endif /* MBEDTLS_CTLS */ - { - /* Write total extension length */ - *header++ = ( unsigned char )( ( *olen >> 8 ) & 0xFF ); - *header++ = ( unsigned char )( *olen & 0xFF ); + { + /* Write total extension length */ + *header++ = ( unsigned char )( ( *olen >> 8 ) & 0xFF ); + *header++ = ( unsigned char )( *olen & 0xFF ); - *olen += 4; /* 4 bytes for fixed header */ - } + *olen += 4; /* 4 bytes for fixed header */ + } - return 0; - } + return 0; +} #endif /* MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C */ /* Main entry point; orchestrates the other functions */ - static int ssl_client_hello_process( mbedtls_ssl_context* ssl ); +static int ssl_client_hello_process( mbedtls_ssl_context* ssl ); - static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ); - static int ssl_client_hello_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ); +static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ); +static int ssl_client_hello_write( mbedtls_ssl_context* ssl, + unsigned char* buf, + size_t buflen, + size_t* olen ); - static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) - { - int ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); +static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) +{ + int ret = 0; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); - if( ssl->handshake->state_local.cli_hello_out.preparation_done == 0 ) - { - MBEDTLS_SSL_PROC_CHK( ssl_client_hello_prepare( ssl ) ); - ssl->handshake->state_local.cli_hello_out.preparation_done = 1; - } + if( ssl->handshake->state_local.cli_hello_out.preparation_done == 0 ) + { + MBEDTLS_SSL_PROC_CHK( ssl_client_hello_prepare( ssl ) ); + ssl->handshake->state_local.cli_hello_out.preparation_done = 1; + } - /* Make sure we can write a new message. */ - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_flush_output( ssl ) ); + /* Make sure we can write a new message. */ + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_flush_output( ssl ) ); - /* Prepare ClientHello message in output buffer. */ - MBEDTLS_SSL_PROC_CHK( ssl_client_hello_write( ssl, ssl->out_msg, - MBEDTLS_SSL_MAX_CONTENT_LEN, - &ssl->out_msglen ) ); + /* Prepare ClientHello message in output buffer. */ + MBEDTLS_SSL_PROC_CHK( ssl_client_hello_write( ssl, ssl->out_msg, + MBEDTLS_SSL_MAX_CONTENT_LEN, + &ssl->out_msglen ) ); - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_HELLO; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_HELLO; - MBEDTLS_SSL_DEBUG_BUF( 3, "ClientHello", ssl->out_msg, ssl->out_msglen ); + MBEDTLS_SSL_DEBUG_BUF( 3, "ClientHello", ssl->out_msg, ssl->out_msglen ); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_send_flight_completed( ssl ); #endif - /* Dispatch message */ - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_record( ssl ) ); - - /* NOTE: With the new messaging layer, the postprocessing - * step might come after the dispatching step if the - * latter doesn't send the message immediately. - * At the moment, we must do the postprocessing - * prior to the dispatching because if the latter - * returns WANT_WRITE, we want the handshake state - * to be updated in order to not enter - * this function again on retry. - * - * Further, once the two calls can be re-ordered, the two - * calls can be consolidated. - */ + /* Dispatch message */ + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_record( ssl ) ); + + /* NOTE: With the new messaging layer, the postprocessing + * step might come after the dispatching step if the + * latter doesn't send the message immediately. + * At the moment, we must do the postprocessing + * prior to the dispatching because if the latter + * returns WANT_WRITE, we want the handshake state + * to be updated in order to not enter + * this function again on retry. + * + * Further, once the two calls can be re-ordered, the two + * calls can be consolidated. + */ - cleanup: +cleanup: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); - return( ret ); - } + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); + return( ret ); +} - static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) - { - int ret; - size_t rand_bytes_len; +static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) +{ + int ret; + size_t rand_bytes_len; - if( ssl->conf->f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided" ) ); - return( MBEDTLS_ERR_SSL_NO_RNG ); - } + if( ssl->conf->f_rng == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided" ) ); + return( MBEDTLS_ERR_SSL_NO_RNG ); + } #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; - } - else + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; + } + else #endif /* MBEDTLS_CTLS */ - { - rand_bytes_len = 32; - } + { + rand_bytes_len = 32; + } - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes, rand_bytes_len )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); - return( ret ); - } + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes, rand_bytes_len )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); + return( ret ); + } #if defined(MBEDTLS_COMPATIBILITY_MODE) - /* Determine whether session id has not been created already */ - if( ssl->session_negotiate->id_len == 0 ) - { + /* Determine whether session id has not been created already */ + if( ssl->session_negotiate->id_len == 0 ) + { - /* Creating a session id with 32 byte length */ - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, 32 )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "creating session id failed", ret ); - return( ret ); - } - } + /* Creating a session id with 32 byte length */ + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, 32 )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "creating session id failed", ret ); + return( ret ); + } + } - ssl->session_negotiate->id_len = 32; + ssl->session_negotiate->id_len = 32; #endif /* MBEDTLS_COMPATIBILITY_MODE */ - return( 0 ); - } + return( 0 ); +} - static int ssl_client_hello_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ) - { - int ret; +static int ssl_client_hello_write( mbedtls_ssl_context* ssl, + unsigned char* buf, + size_t buflen, + size_t* olen ) +{ + int ret; - /* Extensions */ + /* Extensions */ - /* extension_start - * Used during extension writing where the - * buffer pointer to the beginning of the - * extension list must be kept to write - * the total extension list size in the end. - */ - unsigned char* extension_start; - size_t cur_ext_len; /* Size of the current extension */ - size_t total_ext_len; /* Size of list of extensions */ - - /* Length information */ - size_t const tls_hs_hdr_len = 4; - size_t rand_bytes_len; - size_t version_len; - - /* Buffer management */ - unsigned char* start = buf; - unsigned char* end = buf + buflen; - - /* Ciphersuite-related variables */ - const int* ciphersuites; - const mbedtls_ssl_ciphersuite_t* ciphersuite_info; - size_t i; /* used to iterate through ciphersuite list */ - /* ciphersuite_start points to the start of the ciphersuite list, i.e. to the length field*/ - unsigned char* ciphersuite_start; - size_t ciphersuite_count; - - /* Keeping track of the included extensions */ - ssl->handshake->extensions_present = NO_EXTENSION; + /* extension_start + * Used during extension writing where the + * buffer pointer to the beginning of the + * extension list must be kept to write + * the total extension list size in the end. + */ + unsigned char* extension_start; + size_t cur_ext_len; /* Size of the current extension */ + size_t total_ext_len; /* Size of list of extensions */ + + /* Length information */ + size_t const tls_hs_hdr_len = 4; + size_t rand_bytes_len; + size_t version_len; + + /* Buffer management */ + unsigned char* start = buf; + unsigned char* end = buf + buflen; + + /* Ciphersuite-related variables */ + const int* ciphersuites; + const mbedtls_ssl_ciphersuite_t* ciphersuite_info; + size_t i; /* used to iterate through ciphersuite list */ + /* ciphersuite_start points to the start of the ciphersuite list, i.e. to the length field*/ + unsigned char* ciphersuite_start; + size_t ciphersuite_count; + + /* Keeping track of the included extensions */ + ssl->handshake->extensions_present = NO_EXTENSION; #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; - } - else + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; + } + else #endif /* MBEDTLS_CTLS */ - { - rand_bytes_len = 32; - } + { + rand_bytes_len = 32; + } - /* NOTE: - * Even for DTLS 1.3, we are writing a TLS handshake header here. - * The actual DTLS 1.3 handshake header is inserted in - * the record writing routine mbedtls_ssl_write_record( ). - * - * For cTLS the length, and the version field - * are elided. The random bytes are shorter. - */ + /* NOTE: + * Even for DTLS 1.3, we are writing a TLS handshake header here. + * The actual DTLS 1.3 handshake header is inserted in + * the record writing routine mbedtls_ssl_write_record( ). + * + * For cTLS the length, and the version field + * are elided. The random bytes are shorter. + */ #if defined(MBEDTLS_CTLS) - /* With cTLS the version field is elided. */ - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - version_len = 0; - } - else + /* With cTLS the version field is elided. */ + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + version_len = 0; + } + else #endif /* MBEDTLS_CTLS */ - { - version_len = 2; - } + { + version_len = 2; + } - if( buflen < tls_hs_hdr_len + version_len + rand_bytes_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } + if( buflen < tls_hs_hdr_len + version_len + rand_bytes_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } - buf += tls_hs_hdr_len; - buflen -= tls_hs_hdr_len; + buf += tls_hs_hdr_len; + buflen -= tls_hs_hdr_len; - if( ssl->conf->max_major_ver == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "configured max major version is invalid, " - "consider using mbedtls_ssl_config_defaults( )" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } + if( ssl->conf->max_major_ver == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "configured max major version is invalid, " + "consider using mbedtls_ssl_config_defaults( )" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } - ssl->major_ver = ssl->conf->min_major_ver; - ssl->minor_ver = ssl->conf->min_minor_ver; + ssl->major_ver = ssl->conf->min_major_ver; + ssl->minor_ver = ssl->conf->min_minor_ver; - /* For TLS 1.3 we use the legacy version number {0x03, 0x03} - * instead of the true version number. - * - * For DTLS 1.3 we use the legacy version number - * {254,253}. - * - * In cTLS the version number is elided. - */ + /* For TLS 1.3 we use the legacy version number {0x03, 0x03} + * instead of the true version number. + * + * For DTLS 1.3 we use the legacy version number + * {254,253}. + * + * In cTLS the version number is elided. + */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { + { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - *buf++ = 0xfe; /* 254 */ - *buf++ = 0xfd; /* 253 */ - } - else + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + *buf++ = 0xfe; /* 254 */ + *buf++ = 0xfd; /* 253 */ + } + else #else - { - *buf++ = 0x03; - *buf++ = 0x03; - } + { + *buf++ = 0x03; + *buf++ = 0x03; + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - buflen -= version_len; - } + buflen -= version_len; + } - /* Write random bytes */ - memcpy( buf, ssl->handshake->randbytes, rand_bytes_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf, rand_bytes_len ); - - buf += rand_bytes_len; - buflen -= rand_bytes_len; - - /* Versions of TLS before TLS 1.3 supported a - * "session resumption" feature which has been merged with pre-shared - * keys in this version. A client which has a - * cached session ID set by a pre-TLS 1.3 server SHOULD set this - * field to that value. In compatibility mode, - * this field MUST be non-empty, so a client not offering a - * pre-TLS 1.3 session MUST generate a new 32-byte value. This value - * need not be random but SHOULD be unpredictable to avoid - * implementations fixating on a specific value ( also known as - * ossification ). Otherwise, it MUST be set as a zero-length vector - * ( i.e., a zero-valued single byte length field ). - */ + /* Write random bytes */ + memcpy( buf, ssl->handshake->randbytes, rand_bytes_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf, rand_bytes_len ); + + buf += rand_bytes_len; + buflen -= rand_bytes_len; + + /* Versions of TLS before TLS 1.3 supported a + * "session resumption" feature which has been merged with pre-shared + * keys in this version. A client which has a + * cached session ID set by a pre-TLS 1.3 server SHOULD set this + * field to that value. In compatibility mode, + * this field MUST be non-empty, so a client not offering a + * pre-TLS 1.3 session MUST generate a new 32-byte value. This value + * need not be random but SHOULD be unpredictable to avoid + * implementations fixating on a specific value ( also known as + * ossification ). Otherwise, it MUST be set as a zero-length vector + * ( i.e., a zero-valued single byte length field ). + */ #if defined(MBEDTLS_COMPATIBILITY_MODE) - if( buflen < ( ssl->session_negotiate->id_len + 1 )) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } + if( buflen < ( ssl->session_negotiate->id_len + 1 )) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } - *buff++ = ( unsigned char )ssl->session_negotiate->id_len; /* write session id length */ - memcpy( buf, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); /* write session id */ + *buff++ = ( unsigned char )ssl->session_negotiate->id_len; /* write session id length */ + memcpy( buf, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); /* write session id */ - buf += ssl->session_negotiate->id_len; - buflen -= ssl->session_negotiate->id_len; + buf += ssl->session_negotiate->id_len; + buflen -= ssl->session_negotiate->id_len; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "session id len.: %d", ssl->session_negotiate->id_len ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "session id len.: %d", ssl->session_negotiate->id_len ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); #else #if defined(MBEDTLS_CTLS) - /* For cTLS we are not using a session id */ - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + /* For cTLS we are not using a session id */ + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { - if( buflen < 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } - - *buf++ = 0; /* session id length set to zero */ - buflen -= 1; - } + { + if( buflen < 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } + + *buf++ = 0; /* session id length set to zero */ + buflen -= 1; + } #endif /* MBEDTLS_COMPATIBILITY_MODE */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - /* - * DTLS cookie - */ + /* + * DTLS cookie + */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - /* For DTLS 1.3 we don't put the cookie in the ClientHello header - * but rather into an extension. - */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "DTLS 1.3: no cookie in header" ) ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + /* For DTLS 1.3 we don't put the cookie in the ClientHello header + * but rather into an extension. + */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "DTLS 1.3: no cookie in header" ) ); - if( buflen < 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } + if( buflen < 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } - *buf++ = 0; /* Cookie length set to zero */ - buflen -= 1; - } + *buf++ = 0; /* Cookie length set to zero */ + buflen -= 1; + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - /* - * Ciphersuite list - * - * This is a list of the symmetric cipher options supported by - * the client, specifically the record protection algorithm - * ( including secret key length ) and a hash to be used with - * HKDF, in descending order of client preference. - */ - ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; + /* + * Ciphersuite list + * + * This is a list of the symmetric cipher options supported by + * the client, specifically the record protection algorithm + * ( including secret key length ) and a hash to be used with + * HKDF, in descending order of client preference. + */ + ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; - if( buflen < 2 /* for ciphersuite list length */ ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } + if( buflen < 2 /* for ciphersuite list length */ ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } - /* Skip writing ciphersuite length for now */ - ciphersuite_count = 0; - ciphersuite_start = buf; - buf += 2; - buflen -= 2; + /* Skip writing ciphersuite length for now */ + ciphersuite_count = 0; + ciphersuite_start = buf; + buf += 2; + buflen -= 2; - for ( i = 0; ciphersuites[i] != 0; i++ ) - { - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); + for ( i = 0; ciphersuites[i] != 0; i++ ) + { + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); - if( ciphersuite_info == NULL ) - continue; + if( ciphersuite_info == NULL ) + continue; - if( ciphersuite_info->min_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 || - ciphersuite_info->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ) - continue; + if( ciphersuite_info->min_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 || + ciphersuite_info->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ) + continue; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s", - ciphersuites[i], ciphersuite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s", + ciphersuites[i], ciphersuite_info->name ) ); - ciphersuite_count++; + ciphersuite_count++; - if( buflen < 2 /* for ciphersuite list length */ ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } + if( buflen < 2 /* for ciphersuite list length */ ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } - *buf++ = ( unsigned char )( ciphersuites[i] >> 8 ); - *buf++ = ( unsigned char )( ciphersuites[i] ); + *buf++ = ( unsigned char )( ciphersuites[i] >> 8 ); + *buf++ = ( unsigned char )( ciphersuites[i] ); - buflen -= 2; + buflen -= 2; #if defined(MBEDTLS_ZERO_RTT) - /* For ZeroRTT we only add a single ciphersuite. */ - break; + /* For ZeroRTT we only add a single ciphersuite. */ + break; #endif /* MBEDTLS_ZERO_RTT */ - } + } - /* write ciphersuite length now */ - *ciphersuite_start++ = ( unsigned char )( ciphersuite_count*2 >> 8 ); - *ciphersuite_start++ = ( unsigned char )( ciphersuite_count*2 ); + /* write ciphersuite length now */ + *ciphersuite_start++ = ( unsigned char )( ciphersuite_count*2 >> 8 ); + *ciphersuite_start++ = ( unsigned char )( ciphersuite_count*2 ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites", ciphersuite_count ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites", ciphersuite_count ) ); - /* For every TLS 1.3 ClientHello, this vector MUST contain exactly - * one byte set to zero, which corresponds to the 'null' compression - * method in prior versions of TLS. - * - * For cTLS this field is elided. - */ + /* For every TLS 1.3 ClientHello, this vector MUST contain exactly + * one byte set to zero, which corresponds to the 'null' compression + * method in prior versions of TLS. + * + * For cTLS this field is elided. + */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { - if( buflen < 2 /* for ciphersuite list length */ ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } + { + if( buflen < 2 /* for ciphersuite list length */ ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } - *buf++ = 1; - *buf++ = MBEDTLS_SSL_COMPRESS_NULL; + *buf++ = 1; + *buf++ = MBEDTLS_SSL_COMPRESS_NULL; - buflen -= 2; - } + buflen -= 2; + } - /* First write extensions, then the total length */ - extension_start = buf; - total_ext_len = 0; - buf += 2; + /* First write extensions, then the total length */ + extension_start = buf; + total_ext_len = 0; + buf += 2; - /* Supported Versions Extension is mandatory with TLS 1.3. - * - * For cTLS we only need to provide it if there is more than one version - * and currently there is only one. - */ + /* Supported Versions Extension is mandatory with TLS 1.3. + * + * For cTLS we only need to provide it if there is more than one version + * and currently there is only one. + */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { - ssl_write_supported_versions_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; - } + { + ssl_write_supported_versions_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; + } - /* For TLS / DTLS 1.3 we need to support the use of cookies - * ( if the server provided them ) */ - ssl_write_cookie_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; + /* For TLS / DTLS 1.3 we need to support the use of cookies + * ( if the server provided them ) */ + ssl_write_cookie_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; #if defined(MBEDTLS_SSL_ALPN) - ssl_write_alpn_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; + ssl_write_alpn_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - ssl_write_max_fragment_length_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; + ssl_write_max_fragment_length_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_ZERO_RTT) - ssl_write_early_data_ext( ssl, buf, (size_t)( end - buf ), &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; + ssl_write_early_data_ext( ssl, buf, (size_t)( end - buf ), &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; #endif /* MBEDTLS_ZERO_RTT */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - /* For PSK-based ciphersuites we don't really need the SNI extension */ - if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { - ssl_write_hostname_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; - } -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ + /* For PSK-based ciphersuites we don't really need the SNI extension */ + if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { + ssl_write_hostname_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; + } +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_CID) - ssl_write_cid_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; + ssl_write_cid_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; #endif #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - /* For PSK-based ciphersuites we need the pre-shared-key extension - * and the psk_key_exchange_modes extension. - * - * The pre_shared_key_ext extension MUST be the last extension in the ClientHello. - * Servers MUST check that it is the last extension and otherwise fail the handshake - * with an "illegal_parameter" alert. - */ + /* For PSK-based ciphersuites we need the pre-shared-key extension + * and the psk_key_exchange_modes extension. + * + * The pre_shared_key_ext extension MUST be the last extension in the ClientHello. + * Servers MUST check that it is the last extension and otherwise fail the handshake + * with an "illegal_parameter" alert. + */ - /* Add the psk_key_exchange_modes extension. - */ - if( ssl->conf->key_exchange_modes != KEY_EXCHANGE_MODE_ECDHE_ECDSA ) - { - ret = ssl_write_psk_key_exchange_modes_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; + /* Add the psk_key_exchange_modes extension. + */ + if( ssl->conf->key_exchange_modes != KEY_EXCHANGE_MODE_ECDHE_ECDSA ) + { + ret = ssl_write_psk_key_exchange_modes_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; - if( ret == 0 ) ssl->handshake->extensions_present += PSK_KEY_EXCHANGE_MODES_EXTENSION; - } + if( ret == 0 ) ssl->handshake->extensions_present += PSK_KEY_EXCHANGE_MODES_EXTENSION; + } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - /* The supported_groups and the key_share extensions are - * REQUIRED for ECDHE ciphersuites. - */ - if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { + /* The supported_groups and the key_share extensions are + * REQUIRED for ECDHE ciphersuites. + */ + if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { - ret = ssl_write_supported_groups_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; + ret = ssl_write_supported_groups_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; - if( ret == 0 ) ssl->handshake->extensions_present += SUPPORTED_GROUPS_EXTENSION; - } + if( ret == 0 ) ssl->handshake->extensions_present += SUPPORTED_GROUPS_EXTENSION; + } - /* The supported_signature_algorithms extension is REQUIRED for - * certificate authenticated ciphersuites. - */ + /* The supported_signature_algorithms extension is REQUIRED for + * certificate authenticated ciphersuites. + */ - if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { - ret = ssl_write_signature_algorithms_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; + if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { + ret = ssl_write_signature_algorithms_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; - if( ret == 0 ) ssl->handshake->extensions_present += SIGNATURE_ALGORITHM_EXTENSION; - } - /* We need to send the key shares under three conditions: - * 1 ) A certificate-based ciphersuite is being offered. In this case - * supported_groups and supported_signature extensions have been successfully added. - * 2 ) A PSK-based ciphersuite with ECDHE is offered. In this case the - * psk_key_exchange_modes has been added as the last extension. - * 3 ) Or, in case all ciphers are supported ( which includes #1 and #2 from above ) - */ - if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { - /* We are using a PSK-based key exchange with DHE */ - ret = ssl_write_key_shares_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; - - if( ret == 0 ) ssl->handshake->extensions_present += KEY_SHARE_EXTENSION; - } - else if( ssl->handshake->extensions_present & SUPPORTED_GROUPS_EXTENSION && ssl->handshake->extensions_present & SIGNATURE_ALGORITHM_EXTENSION ) - { - /* We are using a certificate-based key exchange */ - ret = ssl_write_key_shares_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; + if( ret == 0 ) ssl->handshake->extensions_present += SIGNATURE_ALGORITHM_EXTENSION; + } + /* We need to send the key shares under three conditions: + * 1 ) A certificate-based ciphersuite is being offered. In this case + * supported_groups and supported_signature extensions have been successfully added. + * 2 ) A PSK-based ciphersuite with ECDHE is offered. In this case the + * psk_key_exchange_modes has been added as the last extension. + * 3 ) Or, in case all ciphers are supported ( which includes #1 and #2 from above ) + */ + if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { + /* We are using a PSK-based key exchange with DHE */ + ret = ssl_write_key_shares_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; - if( ret == 0 ) ssl->handshake->extensions_present += KEY_SHARE_EXTENSION; - } + if( ret == 0 ) ssl->handshake->extensions_present += KEY_SHARE_EXTENSION; + } + else if( ssl->handshake->extensions_present & SUPPORTED_GROUPS_EXTENSION && ssl->handshake->extensions_present & SIGNATURE_ALGORITHM_EXTENSION ) + { + /* We are using a certificate-based key exchange */ + ret = ssl_write_key_shares_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; + + if( ret == 0 ) ssl->handshake->extensions_present += KEY_SHARE_EXTENSION; + } #endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { + if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { - /* We need to save the pointer to the pre-shared key extension - * because it has to be updated later. - */ - ssl->handshake->ptr_to_psk_ext = buf; - ret = ssl_write_pre_shared_key_ext( ssl, buf, end, &cur_ext_len,0 ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; + /* We need to save the pointer to the pre-shared key extension + * because it has to be updated later. + */ + ssl->handshake->ptr_to_psk_ext = buf; + ret = ssl_write_pre_shared_key_ext( ssl, buf, end, &cur_ext_len,0 ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; - if( ret == 0 ) ssl->handshake->extensions_present += PRE_SHARED_KEY_EXTENSION; - } + if( ret == 0 ) ssl->handshake->extensions_present += PRE_SHARED_KEY_EXTENSION; + } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d", - total_ext_len ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d", + total_ext_len ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extension_start, total_ext_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extension_start, total_ext_len ); - /* Write extension length */ - *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); - buflen -= 2 + total_ext_len; + /* Write extension length */ + *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); + buflen -= 2 + total_ext_len; - *olen = buf - start; - return( 0 ); - } + *olen = buf - start; + return( 0 ); +} - static int ssl_parse_supported_version_ext( mbedtls_ssl_context* ssl, - const unsigned char* buf, - size_t len ) - { +static int ssl_parse_supported_version_ext( mbedtls_ssl_context* ssl, + const unsigned char* buf, + size_t len ) +{ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( len != 2 && buf[0] != 254 && buf[1] != 253 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "unexpected version" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - } - else + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + if( len != 2 && buf[0] != 254 && buf[1] != 253 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "unexpected version" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + } + else #endif /* MBEDTLS_SSL_PROTO_DTLS */ - { - if( len != 2 && buf[0] != 0x3 && buf[1] != 0x3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "unexpected version" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - } + { + if( len != 2 && buf[0] != 0x3 && buf[1] != 0x3 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "unexpected version" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + } - return( 0 ); - } + return( 0 ); +} #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) - { - /* - * server should use the extension only if we did, - * and if so the server's value should match ours ( and len is always 1 ) - */ - if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE || - len != 1 || - buf[0] != ssl->conf->mfl_code ) - { - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } +static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + /* + * server should use the extension only if we did, + * and if so the server's value should match ours ( and len is always 1 ) + */ + if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE || + len != 1 || + buf[0] != ssl->conf->mfl_code ) + { + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } - return( 0 ); - } + return( 0 ); +} #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ @@ -2040,47 +2039,47 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, * */ - static int ssl_parse_server_psk_identity_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) - { - int ret = 0; - size_t selected_identity; +static int ssl_parse_server_psk_identity_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + int ret = 0; + size_t selected_identity; - if( ssl->conf->f_psk == NULL && - ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL || - ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 )) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); - } + if( ssl->conf->f_psk == NULL && + ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL || + ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 )) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) ); + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + } - if( len != (size_t)2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad psk_identity extension in server hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } + if( len != (size_t)2 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad psk_identity extension in server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } - selected_identity = ( buf[0] << 8 ) | buf[1]; + selected_identity = ( buf[0] << 8 ) | buf[1]; - if( selected_identity > 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unknown identity" ) ); + if( selected_identity > 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unknown identity" ) ); - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY )) != 0 ) - { - return( ret ); - } + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY )) != 0 ) + { + return( ret ); + } - return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ); - } + return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ); + } /* buf += 2; */ - ssl->handshake->extensions_present += PRE_SHARED_KEY_EXTENSION; - return( 0 ); - } + ssl->handshake->extensions_present += PRE_SHARED_KEY_EXTENSION; + return( 0 ); +} #endif @@ -2100,134 +2099,134 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, * * The server only provides a single KeyShareEntry. */ - static int ssl_parse_key_shares_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) { - - int ret = 0; - unsigned char *end = ( unsigned char* )buf + len; - unsigned char *start = ( unsigned char* )buf; - int named_group; - int i; - const mbedtls_ecp_curve_info *curve_info; - int match_found = 0; - mbedtls_ecp_group_id gid; - - /* Is there a key share available at the server config? */ - /* if( ssl->conf->keyshare_ctx == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no key share context" ) ); - - if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl )) != 0 ) - return( ret ); - - return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; - } - */ - - /* read named group */ - named_group = ( buf[0] << 8 ) | buf[1]; - - /* We need to find out which key share the server had selected from - * those sent out. - */ +static int ssl_parse_key_shares_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) { - for( i=0; - ssl->handshake->key_shares_curve_list[i] != MBEDTLS_ECP_DP_NONE; - i++ ) { + int ret = 0; + unsigned char *end = ( unsigned char* )buf + len; + unsigned char *start = ( unsigned char* )buf; + int named_group; + int i; + const mbedtls_ecp_curve_info *curve_info; + int match_found = 0; + mbedtls_ecp_group_id gid; - gid = ssl->handshake->key_shares_curve_list[i]; + /* Is there a key share available at the server config? */ + /* if( ssl->conf->keyshare_ctx == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no key share context" ) ); - curve_info = mbedtls_ecp_curve_info_from_grp_id( gid ); + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl )) != 0 ) + return( ret ); - /* If we find a match then we need to read the key share - * provided by the server and store it alongside the - * respective key share structure. - */ - if( curve_info->tls_id == named_group ) - { - match_found = 1; + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } + */ - break; - } - } + /* read named group */ + named_group = ( buf[0] << 8 ) | buf[1]; - if( match_found == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); - return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; - } + /* We need to find out which key share the server had selected from + * those sent out. + */ - /* We store the server-selected key share at a given place - * in our array of ECDH parameters. - */ - ssl->handshake->ecdh_ctx_selected = i; + for( i=0; + ssl->handshake->key_shares_curve_list[i] != MBEDTLS_ECP_DP_NONE; + i++ ) { - if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx[i], - ( const unsigned char ** )&start, end )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret ); - return( ret ); - } + gid = ssl->handshake->key_shares_curve_list[i]; - if( check_ecdh_params( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "check_ecdh_params( ) failed!" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } + curve_info = mbedtls_ecp_curve_info_from_grp_id( gid ); + + /* If we find a match then we need to read the key share + * provided by the server and store it alongside the + * respective key share structure. + */ + if( curve_info->tls_id == named_group ) + { + match_found = 1; - ssl->handshake->extensions_present += KEY_SHARE_EXTENSION; - return ret; + break; } + } + + if( match_found == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; + } + + /* We store the server-selected key share at a given place + * in our array of ECDH parameters. + */ + ssl->handshake->ecdh_ctx_selected = i; + + if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx[i], + ( const unsigned char ** )&start, end )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret ); + return( ret ); + } + + if( check_ecdh_params( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "check_ecdh_params( ) failed!" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + ssl->handshake->extensions_present += KEY_SHARE_EXTENSION; + return ret; +} #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ #if defined(MBEDTLS_SSL_ALPN) - static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) - { - size_t list_len, name_len; - const char **p; - - /* If we didn't send it, the server shouldn't send it */ - if( ssl->conf->alpn_list == NULL ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); +static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len ) +{ + size_t list_len, name_len; + const char **p; - /* - * opaque ProtocolName<1..2^8-1>; - * - * struct { - * ProtocolName protocol_name_list<2..2^16-1> - * } ProtocolNameList; - * - * the "ProtocolNameList" MUST contain exactly one "ProtocolName" - */ + /* If we didn't send it, the server shouldn't send it */ + if( ssl->conf->alpn_list == NULL ) + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - /* Min length is 2 ( list_len ) + 1 ( name_len ) + 1 ( name ) */ - if( len < 4 ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + /* + * opaque ProtocolName<1..2^8-1>; + * + * struct { + * ProtocolName protocol_name_list<2..2^16-1> + * } ProtocolNameList; + * + * the "ProtocolNameList" MUST contain exactly one "ProtocolName" + */ - list_len = ( buf[0] << 8 ) | buf[1]; - if( list_len != len - 2 ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + /* Min length is 2 ( list_len ) + 1 ( name_len ) + 1 ( name ) */ + if( len < 4 ) + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - name_len = buf[2]; - if( name_len != list_len - 1 ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + list_len = ( buf[0] << 8 ) | buf[1]; + if( list_len != len - 2 ) + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - /* Check that the server chosen protocol was in our list and save it */ - for ( p = ssl->conf->alpn_list; *p != NULL; p++ ) - { - if( name_len == strlen( *p ) && - memcmp( buf + 3, *p, name_len ) == 0 ) - { - ssl->alpn_chosen = *p; - return( 0 ); - } - } + name_len = buf[2]; + if( name_len != list_len - 1 ) + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + /* Check that the server chosen protocol was in our list and save it */ + for ( p = ssl->conf->alpn_list; *p != NULL; p++ ) + { + if( name_len == strlen( *p ) && + memcmp( buf + 3, *p, name_len ) == 0 ) + { + ssl->alpn_chosen = *p; + return( 0 ); } + } + + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); +} #endif /* MBEDTLS_SSL_ALPN */ /* @@ -2236,12 +2235,12 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, * */ - /* - * Overview - */ +/* + * Overview + */ - /* Main entry point; orchestrates the other functions */ - static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ); +/* Main entry point; orchestrates the other functions */ +static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ); /* Coordination: * Deals with the ambiguity of not knowing if a CertificateRequest @@ -2252,258 +2251,258 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, */ #define SSL_CERTIFICATE_REQUEST_EXPECT_REQUEST 0 #define SSL_CERTIFICATE_REQUEST_SKIP 1 - static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ); +static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ); #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, - unsigned char const* buf, - size_t buflen ); +static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, + unsigned char const* buf, + size_t buflen ); #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - static int ssl_certificate_request_postprocess( mbedtls_ssl_context* ssl ); +static int ssl_certificate_request_postprocess( mbedtls_ssl_context* ssl ); /* * Implementation */ - /* Main entry point; orchestrates the other functions */ - static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ) - { - int ret = 0; +/* Main entry point; orchestrates the other functions */ +static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ) +{ + int ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); - /* Coordination step - * - Fetch record - * - Make sure it's either a CertificateRequest or a ServerHelloDone - */ - MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_coordinate( ssl ) ); + /* Coordination step + * - Fetch record + * - Make sure it's either a CertificateRequest or a ServerHelloDone + */ + MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_coordinate( ssl ) ); #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( ret == SSL_CERTIFICATE_REQUEST_EXPECT_REQUEST ) - { - /* Parsing step */ - MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_parse( ssl, ssl->in_msg, - ssl->in_hslen ) ); - } - else + if( ret == SSL_CERTIFICATE_REQUEST_EXPECT_REQUEST ) + { + /* Parsing step */ + MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_parse( ssl, ssl->in_msg, + ssl->in_hslen ) ); + } + else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - if( ret == SSL_CERTIFICATE_REQUEST_SKIP ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + if( ret == SSL_CERTIFICATE_REQUEST_SKIP ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } - /* Update state */ - MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_postprocess( ssl ) ); + /* Update state */ + MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_postprocess( ssl ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request", - ssl->client_auth ? "a" : "no" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request", + ssl->client_auth ? "a" : "no" ) ); - cleanup: +cleanup: - /* In the MPS one would close the read-port here to - * ensure there's no overlap of reading and writing. */ + /* In the MPS one would close the read-port here to + * ensure there's no overlap of reading and writing. */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate request" ) ); - return( ret ); - } + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate request" ) ); + return( ret ); +} - static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ) - { - int ret; +static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ) +{ + int ret; - if( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= skip parse certificate request" ) ); - return( SSL_CERTIFICATE_REQUEST_SKIP ); - } + if( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= skip parse certificate request" ) ); + return( SSL_CERTIFICATE_REQUEST_SKIP ); + } #if !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - ( (void)ret ); - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + ( (void)ret ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else - if( ssl->keep_current_message == 0 ) - { - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - } + if( ssl->keep_current_message == 0 ) + { + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } - if( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ) - { - return( SSL_CERTIFICATE_REQUEST_EXPECT_REQUEST ); - } + if( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ) + { + return( SSL_CERTIFICATE_REQUEST_EXPECT_REQUEST ); + } - ssl->keep_current_message = 1; - return( SSL_CERTIFICATE_REQUEST_SKIP ); + ssl->keep_current_message = 1; + return( SSL_CERTIFICATE_REQUEST_SKIP ); #endif /* ( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ - } +} #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, - const unsigned char* buf, - size_t buflen ) - { +static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, + const unsigned char* buf, + size_t buflen ) +{ - int ret; - const unsigned char* p; - unsigned char* ext; - size_t ext_len = 0, total_len; - int context_len = 0; + int ret; + const unsigned char* p; + unsigned char* ext; + size_t ext_len = 0, total_len; + int context_len = 0; - /* TODO: Add bounds checks! Only then remove the next line. */ - ((void) buflen); + /* TODO: Add bounds checks! Only then remove the next line. */ + ((void) buflen); - /* - * - * struct { - * opaque certificate_request_context<0..2^8-1>; - * Extension extensions<2..2^16-1>; - * } CertificateRequest; - * - */ + /* + * + * struct { + * opaque certificate_request_context<0..2^8-1>; + * Extension extensions<2..2^16-1>; + * } CertificateRequest; + * + */ - p = buf; + p = buf; - /* Determine total message length */ - total_len = ( p[2] << 8 ) | p[3]; + /* Determine total message length */ + total_len = ( p[2] << 8 ) | p[3]; - p += mbedtls_ssl_hs_hdr_len( ssl ); + p += mbedtls_ssl_hs_hdr_len( ssl ); #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { - /* - * Parse certificate_request_context - */ - context_len = p[0]; - - /* skip context_len */ - p++; - - /* Fixed length fields are: - * - 1 for length of context - * - 2 for length of extensions - * ----- - * 3 bytes - */ - - if( total_len < (size_t)( 3 + context_len ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); - } + { + /* + * Parse certificate_request_context + */ + context_len = p[0]; - /* store context ( if necessary ) */ - if( context_len > 0 ) - { - MBEDTLS_SSL_DEBUG_BUF( 3, "Certificate Request Context", p, context_len ); + /* skip context_len */ + p++; - ssl->handshake->certificate_request_context = mbedtls_calloc( context_len, 1 ); - if( ssl->handshake->certificate_request_context == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return ( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - memcpy( ssl->handshake->certificate_request_context, p, context_len ); + /* Fixed length fields are: + * - 1 for length of context + * - 2 for length of extensions + * ----- + * 3 bytes + */ - /* jump over certificate_request_context */ - p += context_len; - } - } + if( total_len < (size_t)( 3 + context_len ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } - /* - * Parse extensions - */ - ext_len = ( p[0] << 8 ) | ( p[1] ); + /* store context ( if necessary ) */ + if( context_len > 0 ) + { + MBEDTLS_SSL_DEBUG_BUF( 3, "Certificate Request Context", p, context_len ); - /* At least one extension needs to be present, namely signature_algorithms ext. */ - if( ext_len < 4 ) + ssl->handshake->certificate_request_context = mbedtls_calloc( context_len, 1 ); + if( ssl->handshake->certificate_request_context == NULL ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return ( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } + memcpy( ssl->handshake->certificate_request_context, p, context_len ); - /* skip total extension length */ - p += 2; - - ext = ( unsigned char* )p; /* jump to extensions */ - while ( ext_len ) - { + /* jump over certificate_request_context */ + p += context_len; + } + } - unsigned int ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); - unsigned int ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); + /* + * Parse extensions + */ + ext_len = ( p[0] << 8 ) | ( p[1] ); - if( ext_size + 4 > ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); - } - - switch ( ext_id ) - { - - case MBEDTLS_TLS_EXT_SIG_ALG: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); - - if( ( ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl_parse_signature_algorithms_ext" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( ret ); - } - break; - - default: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d ( ignoring )", - ext_id ) ); - } - - ext_len -= 4 + ext_size; - ext += 4 + ext_size; - - if( ext_len > 0 && ext_len < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + /* At least one extension needs to be present, namely signature_algorithms ext. */ + if( ext_len < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } + + /* skip total extension length */ + p += 2; + + ext = ( unsigned char* )p; /* jump to extensions */ + while ( ext_len ) + { + + unsigned int ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); + unsigned int ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); + + if( ext_size + 4 > ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } + + switch ( ext_id ) + { + + case MBEDTLS_TLS_EXT_SIG_ALG: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); + + if( ( ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl_parse_signature_algorithms_ext" ) ); SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); - } - } + return( ret ); + } + break; - ssl->client_auth = 1; - return( 0 ); + default: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d ( ignoring )", + ext_id ) ); } -#endif /* ( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ + ext_len -= 4 + ext_size; + ext += 4 + ext_size; - static int ssl_certificate_request_postprocess( mbedtls_ssl_context* ssl ) + if( ext_len > 0 && ext_len < 4 ) { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } + } + + ssl->client_auth = 1; + return( 0 ); +} +#endif /* ( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ + + +static int ssl_certificate_request_postprocess( mbedtls_ssl_context* ssl ) +{ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CERTIFICATE ); - return( 0 ); - } + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CERTIFICATE ); + return( 0 ); +} /* * @@ -2514,235 +2513,235 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, * the cryptographic context. */ - /* - * Overview - */ +/* + * Overview + */ - /* Main entry point; orchestrates the other functions */ - static int ssl_encrypted_extensions_process( mbedtls_ssl_context* ssl ); +/* Main entry point; orchestrates the other functions */ +static int ssl_encrypted_extensions_process( mbedtls_ssl_context* ssl ); - static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ); - static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen ); - static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ); +static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ); +static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, + unsigned char* buf, + size_t buflen ); +static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ); - static int ssl_encrypted_extensions_process( mbedtls_ssl_context* ssl ) - { - int ret; +static int ssl_encrypted_extensions_process( mbedtls_ssl_context* ssl ) +{ + int ret; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse encrypted extensions" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse encrypted extensions" ) ); - MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_prepare( ssl ) ); + MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_prepare( ssl ) ); - if( ( ret = mbedtls_ssl_read_record( ssl )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - goto cleanup; - } + if( ( ret = mbedtls_ssl_read_record( ssl )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + goto cleanup; + } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad encrypted extensions" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; - goto cleanup; - } + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad encrypted extensions" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; + goto cleanup; + } - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_ENCRYPTED_EXTENSION ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad encrypted extensions" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - ret = MBEDTLS_ERR_SSL_BAD_HS_ENCRYPTED_EXTENSIONS; - goto cleanup; - } + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_ENCRYPTED_EXTENSION ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad encrypted extensions" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + ret = MBEDTLS_ERR_SSL_BAD_HS_ENCRYPTED_EXTENSIONS; + goto cleanup; + } - MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_parse( ssl, ssl->in_msg, ssl->in_hslen ) ); + MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_parse( ssl, ssl->in_msg, ssl->in_hslen ) ); - MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_postprocess( ssl ) ); + MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_postprocess( ssl ) ); - cleanup: +cleanup: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse encrypted extensions" ) ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse encrypted extensions" ) ); + return( ret ); - } +} - static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) { +static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) { - int ret; - KeySet traffic_keys; + int ret; + KeySet traffic_keys; - if( ssl->transform_in == NULL ) - { - ret = mbedtls_ssl_key_derivation( ssl, &traffic_keys ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_key_derivation", ret ); - return ( ret ); - } + if( ssl->transform_in == NULL ) + { + ret = mbedtls_ssl_key_derivation( ssl, &traffic_keys ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_key_derivation", ret ); + return ( ret ); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - traffic_keys.epoch = 2; + traffic_keys.epoch = 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate, 0 ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); - return ( ret ); - } + ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate, 0 ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); + return ( ret ); + } - } + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - /* epoch value ( 2 ) is used for messages - * protected using keys derived from the handshake_traffic_secret - */ - ssl->in_epoch = 2; - ssl->out_epoch = 2; + /* epoch value ( 2 ) is used for messages + * protected using keys derived from the handshake_traffic_secret + */ + ssl->in_epoch = 2; + ssl->out_epoch = 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return 0; - } + return 0; +} - static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen ) - { - int ret=0; - size_t ext_len; - unsigned char *ext; +static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, + unsigned char* buf, + size_t buflen ) +{ + int ret=0; + size_t ext_len; + unsigned char *ext; - /* TODO: Add bounds checks! Only then remove the next line. */ - ((void) buflen); + /* TODO: Add bounds checks! Only then remove the next line. */ + ((void) buflen); - /* skip handshake header */ - buf += mbedtls_ssl_hs_hdr_len( ssl ); + /* skip handshake header */ + buf += mbedtls_ssl_hs_hdr_len( ssl ); - ext_len = ( ( buf[0] << 8 ) | ( buf[1] ) ); + ext_len = ( ( buf[0] << 8 ) | ( buf[1] ) ); - buf += 2; /* skip extension length */ - ext = buf; + buf += 2; /* skip extension length */ + ext = buf; - /* Checking for an extension length that is too short */ - if( ext_len > 0UL && ext_len < 4UL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Extension length too short - bad encrypted extensions message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } + /* Checking for an extension length that is too short */ + if( ext_len > 0UL && ext_len < 4UL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Extension length too short - bad encrypted extensions message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } - /* Checking for an extension length that is not aligned with the rest of the message */ - if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 2 + ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Extension length misaligned - bad encrypted extensions message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } + /* Checking for an extension length that is not aligned with the rest of the message */ + if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 2 + ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Extension length misaligned - bad encrypted extensions message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "encrypted extensions, total extension length: %d", ext_len ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "encrypted extensions, total extension length: %d", ext_len ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "encrypted extensions extensions", ext, ext_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "encrypted extensions extensions", ext, ext_len ); - while ( ext_len ) - { - unsigned int ext_id = ( ( ext[0] << 8 ) - | ( ext[1] ) ); - unsigned int ext_size = ( ( ext[2] << 8 ) - | ( ext[3] ) ); - - if( ext_size + 4 > ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad encrypted extensions message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_ENCRYPTED_EXTENSIONS ); - } - - /* TBD: The client MUST check EncryptedExtensions for the - * presence of any forbidden extensions and if any are found MUST abort - * the handshake with an "illegal_parameter" alert. - */ + while ( ext_len ) + { + unsigned int ext_id = ( ( ext[0] << 8 ) + | ( ext[1] ) ); + unsigned int ext_size = ( ( ext[2] << 8 ) + | ( ext[3] ) ); + + if( ext_size + 4 > ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad encrypted extensions message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_ENCRYPTED_EXTENSIONS ); + } - switch ( ext_id ) - { + /* TBD: The client MUST check EncryptedExtensions for the + * presence of any forbidden extensions and if any are found MUST abort + * the handshake with an "illegal_parameter" alert. + */ + + switch ( ext_id ) + { #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max_fragment_length extension" ) ); + case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max_fragment_length extension" ) ); - if( ( ret = ssl_parse_max_fragment_length_ext( ssl, - ext + 4, ext_size )) != 0 ) - { - return( ret ); - } + if( ( ret = ssl_parse_max_fragment_length_ext( ssl, + ext + 4, ext_size )) != 0 ) + { + return( ret ); + } - break; + break; #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_ALPN) - case MBEDTLS_TLS_EXT_ALPN: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); + case MBEDTLS_TLS_EXT_ALPN: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); - if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) - { - return( ret ); - } + if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) + { + return( ret ); + } - break; + break; #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - case MBEDTLS_TLS_EXT_SERVERNAME: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found server_name extension" ) ); + case MBEDTLS_TLS_EXT_SERVERNAME: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found server_name extension" ) ); - /* The server_name extension is an empty extension */ + /* The server_name extension is an empty extension */ - break; + break; #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - default: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d ( ignoring )", ext_id ) ); - } + default: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d ( ignoring )", ext_id ) ); + } - ext_len -= 4 + ext_size; - ext += 4 + ext_size; + ext_len -= 4 + ext_size; + ext += 4 + ext_size; - if( ext_len > 0 && ext_len < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad encrypted extensions message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_ENCRYPTED_EXTENSIONS ); - } - } + if( ext_len > 0 && ext_len < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad encrypted extensions message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_ENCRYPTED_EXTENSIONS ); + } + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse encrypted extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse encrypted extension" ) ); - return ret; - } + return ret; +} - static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ) { +static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSION, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSION, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_ZERO_RTT) - if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) - { - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED ); - } - else + if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) + { + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED ); + } + else #endif /* MBEDTLS_ZERO_RTT */ - { + { #if defined(MBEDTLS_COMPATIBILITY_MODE) - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_CERTIFICATE_REQUEST ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_CERTIFICATE_REQUEST ); #else - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST ); #endif /* MBEDTLS_COMPATIBILITY_MODE */ - } + } - return 0; - } + return 0; +} /* @@ -2751,12 +2750,12 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, * */ - /* - * Overview - */ +/* + * Overview + */ - /* Main entry point; orchestrates the other functions */ - static int ssl_server_hello_process( mbedtls_ssl_context* ssl ); +/* Main entry point; orchestrates the other functions */ +static int ssl_server_hello_process( mbedtls_ssl_context* ssl ); /* Fetch and preprocess * Returns a negative value on failure, and otherwise @@ -2765,1556 +2764,1556 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, * to indicate which message is expected and to be parsed next. */ #define SSL_SERVER_HELLO_COORDINATE_HELLO 0 #define SSL_SERVER_HELLO_COORDINATE_HRR 1 - static int ssl_server_hello_coordinate( mbedtls_ssl_context* ssl ); +static int ssl_server_hello_coordinate( mbedtls_ssl_context* ssl ); /* Parse ServerHello */ - static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, - const unsigned char* buf, - size_t buflen ); +static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, + const unsigned char* buf, + size_t buflen ); - static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ); +static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ); - static int ssl_hrr_parse( mbedtls_ssl_context* ssl, - const unsigned char* buf, - size_t buflen ); +static int ssl_hrr_parse( mbedtls_ssl_context* ssl, + const unsigned char* buf, + size_t buflen ); - static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, - const unsigned char* buf, - size_t buflen ); +static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, + const unsigned char* buf, + size_t buflen ); /* * Implementation */ - static int ssl_server_hello_process( mbedtls_ssl_context* ssl ) - { - int ret = 0; - int msg_expect; +static int ssl_server_hello_process( mbedtls_ssl_context* ssl ) +{ + int ret = 0; + int msg_expect; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); - /* Coordination step - * - Fetch record - * - Make sure it's either a ServerHello or a HRR. - * - Switch processing routine in case of HRR - */ + /* Coordination step + * - Fetch record + * - Make sure it's either a ServerHello or a HRR. + * - Switch processing routine in case of HRR + */ - MBEDTLS_SSL_PROC_CHK( ssl_server_hello_coordinate( ssl ) ); - msg_expect = ret; + MBEDTLS_SSL_PROC_CHK( ssl_server_hello_coordinate( ssl ) ); + msg_expect = ret; - /* Parsing step - * We know what message to expect by now and call - * the respective parsing function. - */ + /* Parsing step + * We know what message to expect by now and call + * the respective parsing function. + */ - if( msg_expect == SSL_SERVER_HELLO_COORDINATE_HELLO ) - { - MBEDTLS_SSL_PROC_CHK( ssl_server_hello_parse( ssl, ssl->in_msg, - ssl->in_hslen ) ); - } - else - { - MBEDTLS_SSL_PROC_CHK( ssl_hrr_parse( ssl, ssl->in_msg, ssl->in_hslen ) ); - } + if( msg_expect == SSL_SERVER_HELLO_COORDINATE_HELLO ) + { + MBEDTLS_SSL_PROC_CHK( ssl_server_hello_parse( ssl, ssl->in_msg, + ssl->in_hslen ) ); + } + else + { + MBEDTLS_SSL_PROC_CHK( ssl_hrr_parse( ssl, ssl->in_msg, ssl->in_hslen ) ); + } - /* Post-processing step */ - if( msg_expect == SSL_SERVER_HELLO_COORDINATE_HELLO ) - { - MBEDTLS_SSL_PROC_CHK( ssl_server_hello_postprocess( ssl ) ); - } - else - { - MBEDTLS_SSL_PROC_CHK( ssl_hrr_postprocess( ssl, ssl->in_msg, ssl->in_hslen ) ); - } + /* Post-processing step */ + if( msg_expect == SSL_SERVER_HELLO_COORDINATE_HELLO ) + { + MBEDTLS_SSL_PROC_CHK( ssl_server_hello_postprocess( ssl ) ); + } + else + { + MBEDTLS_SSL_PROC_CHK( ssl_hrr_postprocess( ssl, ssl->in_msg, ssl->in_hslen ) ); + } - cleanup: +cleanup: - /* In the MPS one would close the read-port here to - * ensure there's no overlap of reading and writing. */ + /* In the MPS one would close the read-port here to + * ensure there's no overlap of reading and writing. */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); - return( ret ); - } + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); + return( ret ); +} - static int ssl_server_hello_coordinate( mbedtls_ssl_context* ssl ) - { - int ret; - /* SHA-256 of "HelloRetryRequest" stored in magic_hrr_string to distinguish HRR from regular ServerHello */ - const char magic_hrr_string[32] = { 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33 ,0x9C }; +static int ssl_server_hello_coordinate( mbedtls_ssl_context* ssl ) +{ + int ret; + /* SHA-256 of "HelloRetryRequest" stored in magic_hrr_string to distinguish HRR from regular ServerHello */ + const char magic_hrr_string[32] = { 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33 ,0x9C }; - if( ( ret = mbedtls_ssl_read_record( ssl )) != 0 ) - { - /* No alert on a read error. */ - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } + if( ( ret = mbedtls_ssl_read_record( ssl )) != 0 ) + { + /* No alert on a read error. */ + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } - /* TBD: If we do an HRR, keep track of the number - * of ClientHello's we sent, and fail if it - * exceeds the configured threshold. */ + /* TBD: If we do an HRR, keep track of the number + * of ClientHello's we sent, and fail if it + * exceeds the configured threshold. */ - if( ( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) && ( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO )) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "unexpected message" ) ); + if( ( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) && ( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO )) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "unexpected message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } - /* Check whether this message is a HelloRetryRequest ( HRR ) message. - * - * ServerHello and HRR are only distinguished by Random set to the - * special value of the SHA-256 of "HelloRetryRequest". - * - * struct { - * ProtocolVersion legacy_version = 0x0303; - * Random random; - * opaque legacy_session_id_echo<0..32>; - * CipherSuite cipher_suite; - * uint8 legacy_compression_method = 0; - * Extension extensions<6..2 ^ 16 - 1>; - * } ServerHello; - * - */ - if( memcmp( &ssl->in_msg[0] + mbedtls_ssl_hs_hdr_len( ssl ) + 2, &magic_hrr_string[0], 32 ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received HelloRetryRequest message" ) ); - ret = SSL_SERVER_HELLO_COORDINATE_HRR; - } - else - { - /* - TBD: When we made it through a cookie exchange we need to delete the state again. + /* Check whether this message is a HelloRetryRequest ( HRR ) message. + * + * ServerHello and HRR are only distinguished by Random set to the + * special value of the SHA-256 of "HelloRetryRequest". + * + * struct { + * ProtocolVersion legacy_version = 0x0303; + * Random random; + * opaque legacy_session_id_echo<0..32>; + * CipherSuite cipher_suite; + * uint8 legacy_compression_method = 0; + * Extension extensions<6..2 ^ 16 - 1>; + * } ServerHello; + * + */ + if( memcmp( &ssl->in_msg[0] + mbedtls_ssl_hs_hdr_len( ssl ) + 2, &magic_hrr_string[0], 32 ) == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "received HelloRetryRequest message" ) ); + ret = SSL_SERVER_HELLO_COORDINATE_HRR; + } + else + { + /* + TBD: When we made it through a cookie exchange we need to delete the state again. - mbedtls_free( ssl->handshake->verify_cookie ); - ssl->handshake->verify_cookie = NULL; - ssl->handshake->verify_cookie_len = 0; - */ + mbedtls_free( ssl->handshake->verify_cookie ); + ssl->handshake->verify_cookie = NULL; + ssl->handshake->verify_cookie_len = 0; + */ - ret = SSL_SERVER_HELLO_COORDINATE_HELLO; - } + ret = SSL_SERVER_HELLO_COORDINATE_HELLO; + } - return( ret ); - } + return( ret ); +} - static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, - const unsigned char* buf, - size_t buflen ) - { +static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, + const unsigned char* buf, + size_t buflen ) +{ - int ret; /* return value */ - int i; /* scratch value */ - const unsigned char* msg_end = buf + buflen; /* pointer to the end of the buffer for length checks */ + int ret; /* return value */ + int i; /* scratch value */ + const unsigned char* msg_end = buf + buflen; /* pointer to the end of the buffer for length checks */ - size_t ext_len; /* stores length of all extensions */ - unsigned int ext_id; /* id of an extension */ - const unsigned char* ext; /* pointer to an individual extension */ - unsigned int ext_size; /* size of an individual extension */ + size_t ext_len; /* stores length of all extensions */ + unsigned int ext_id; /* id of an extension */ + const unsigned char* ext; /* pointer to an individual extension */ + unsigned int ext_size; /* size of an individual extension */ - const mbedtls_ssl_ciphersuite_t* suite_info; /* pointer to ciphersuite */ + const mbedtls_ssl_ciphersuite_t* suite_info; /* pointer to ciphersuite */ - /* Check for minimal length */ + /* Check for minimal length */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - /* TBD: Add message header figure here. */ - /* 18 = 16 ( random bytes ) + 1 ( ciphersuite ) + 1 ( version ) + */ - if( buflen < 18 + mbedtls_ssl_hs_hdr_len( ssl )) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message - min size not reached" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - } - else + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + /* TBD: Add message header figure here. */ + /* 18 = 16 ( random bytes ) + 1 ( ciphersuite ) + 1 ( version ) + */ + if( buflen < 18 + mbedtls_ssl_hs_hdr_len( ssl )) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message - min size not reached" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + } + else #endif /* MBEDTLS_CTLS */ - { - /* struct { - * ProtocolVersion legacy_version = 0x0303; - * Random random; - * opaque legacy_session_id_echo<0..32>; - * CipherSuite cipher_suite; - * uint8 legacy_compression_method = 0; - * Extension extensions<6..2 ^ 16 - 1>; - * } ServerHello; - * - * - * 38 = 32 ( random bytes ) + 2 ( ciphersuite ) + 2 ( version ) + - * 1 ( legacy_compression_method ) + 1 ( minimum for legacy_session_id_echo ) - */ - if( ( buflen < 38 + mbedtls_ssl_hs_hdr_len( ssl )) || - buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message - min size not reached" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - } + { + /* struct { + * ProtocolVersion legacy_version = 0x0303; + * Random random; + * opaque legacy_session_id_echo<0..32>; + * CipherSuite cipher_suite; + * uint8 legacy_compression_method = 0; + * Extension extensions<6..2 ^ 16 - 1>; + * } ServerHello; + * + * + * 38 = 32 ( random bytes ) + 2 ( ciphersuite ) + 2 ( version ) + + * 1 ( legacy_compression_method ) + 1 ( minimum for legacy_session_id_echo ) + */ + if( ( buflen < 38 + mbedtls_ssl_hs_hdr_len( ssl )) || + buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message - min size not reached" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + } - MBEDTLS_SSL_DEBUG_BUF( 5, "server hello", buf, buflen ); + MBEDTLS_SSL_DEBUG_BUF( 5, "server hello", buf, buflen ); - /* skip header */ - buf += mbedtls_ssl_hs_hdr_len( ssl ); + /* skip header */ + buf += mbedtls_ssl_hs_hdr_len( ssl ); #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 ); - mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, - ssl->conf->transport, buf + 0 ); + { + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 ); + mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, + ssl->conf->transport, buf + 0 ); - /* The version field in the ServerHello must contain 0x303 */ - if( buf[0] != 0x03 || buf[1] != 0x03 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unsupported version of TLS." ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + /* The version field in the ServerHello must contain 0x303 */ + if( buf[0] != 0x03 || buf[1] != 0x03 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unsupported version of TLS." ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); - } + return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + } - /* skip version */ - buf += 2; - } + /* skip version */ + buf += 2; + } - /* Internally we use the correct 1.3 version */ - ssl->major_ver = 0x03; - ssl->minor_ver = 0x04; + /* Internally we use the correct 1.3 version */ + ssl->major_ver = 0x03; + ssl->minor_ver = 0x04; - /* store server-provided random values */ + /* store server-provided random values */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - memcpy( ssl->handshake->randbytes + 16, buf, 16 ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 2, 16 ); + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + memcpy( ssl->handshake->randbytes + 16, buf, 16 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 2, 16 ); - /* skip random bytes */ - buf += 16; - } - else + /* skip random bytes */ + buf += 16; + } + else #endif /* MBEDTLS_CTLS */ - { - memcpy( ssl->handshake->randbytes + 32, buf, 32 ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 2, 32 ); + { + memcpy( ssl->handshake->randbytes + 32, buf, 32 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 2, 32 ); - /* skip random bytes */ - buf += 32; - } + /* skip random bytes */ + buf += 32; + } #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { + { #if defined(MBEDTLS_COMPATIBILITY_MODE) - /* legacy_session_id_echo */ - if( ssl->session_negotiate->id_len != buf[0] ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Mismatch of session id length" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - buf++; /* skip session id length */ + /* legacy_session_id_echo */ + if( ssl->session_negotiate->id_len != buf[0] ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Mismatch of session id length" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + buf++; /* skip session id length */ - if( memcmp( ssl->session_negotiate->id, &buf[0], ssl->session_negotiate->id_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Mismatch of session id" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "- expected session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "- received session id", &buf[0], ssl->session_negotiate->id_len ); + if( memcmp( ssl->session_negotiate->id, &buf[0], ssl->session_negotiate->id_len ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Mismatch of session id" ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "- expected session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "- received session id", &buf[0], ssl->session_negotiate->id_len ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - buf += ssl->session_negotiate->id_len; /* skip session id */ + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + buf += ssl->session_negotiate->id_len; /* skip session id */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "session id length ( %d )", ssl->session_negotiate->id_len ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "session id length ( %d )", ssl->session_negotiate->id_len ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); #else - /* Length of the session id must be zero */ - if( *buf == 0 ) - { - buf++; /* skip session id length */ - } - else - { - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } + /* Length of the session id must be zero */ + if( *buf == 0 ) + { + buf++; /* skip session id length */ + } + else + { + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } #endif /* MBEDTLS_COMPATIBILITY_MODE */ - } + } #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - /* read server-selected ciphersuite, which follows random bytes */ - i = ( buf[0] << 8 ) | buf[1]; + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + /* read server-selected ciphersuite, which follows random bytes */ + i = ( buf[0] << 8 ) | buf[1]; - /* skip ciphersuite */ - buf += 2; - } - else + /* skip ciphersuite */ + buf += 2; + } + else #endif /* MBEDTLS_CTLS*/ - { - /* read server-selected ciphersuite, which follows random bytes */ - i = ( buf[0] << 8 ) | buf[1]; + { + /* read server-selected ciphersuite, which follows random bytes */ + i = ( buf[0] << 8 ) | buf[1]; - /* skip ciphersuite */ - buf += 2; - } + /* skip ciphersuite */ + buf += 2; + } - /* TBD: Check whether we have offered this ciphersuite */ - /* Via the force_ciphersuite version we may have instructed the client */ - /* to use a difference ciphersuite. */ + /* TBD: Check whether we have offered this ciphersuite */ + /* Via the force_ciphersuite version we may have instructed the client */ + /* to use a difference ciphersuite. */ - /* Configure ciphersuites */ - ssl->transform_negotiate->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i ); + /* Configure ciphersuites */ + ssl->transform_negotiate->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i ); - if( ssl->transform_negotiate->ciphersuite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found", i ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } + if( ssl->transform_negotiate->ciphersuite_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found", i ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } - mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); + mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); - ssl->session_negotiate->ciphersuite = i; + ssl->session_negotiate->ciphersuite = i; - suite_info = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ); - if( suite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } + suite_info = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ); + if( suite_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: ( %04x ) - %s", i, suite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: ( %04x ) - %s", i, suite_info->name ) ); #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = time( NULL ); + ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ - i = 0; - while ( 1 ) - { - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == - ssl->session_negotiate->ciphersuite ) - { - break; - } - } + i = 0; + while ( 1 ) + { + if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == + ssl->session_negotiate->ciphersuite ) + { + break; + } + } #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { - /* Ensure that compression method is set to zero */ - if( buf[0] != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } + { + /* Ensure that compression method is set to zero */ + if( buf[0] != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } - /* skip compression */ - buf++; - } + /* skip compression */ + buf++; + } - /* Are we reading beyond the message buffer? */ - if( ( buf + 2 ) > msg_end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } + /* Are we reading beyond the message buffer? */ + if( ( buf + 2 ) > msg_end ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } - ext_len = ( ( buf[0] << 8 ) | ( buf[1] ) ); - buf += 2; /* skip extension length */ + ext_len = ( ( buf[0] << 8 ) | ( buf[1] ) ); + buf += 2; /* skip extension length */ - /* Are we reading beyond the message buffer? */ - if( ( buf + ext_len ) > msg_end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } + /* Are we reading beyond the message buffer? */ + if( ( buf + ext_len ) > msg_end ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } - ext = buf; + ext = buf; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello extensions", ext, ext_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello extensions", ext, ext_len ); - while ( ext_len ) - { - ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); - ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); + while ( ext_len ) + { + ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); + ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); - if( ext_size + 4 > ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } + if( ext_size + 4 > ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } - switch ( ext_id ) - { + switch ( ext_id ) + { #if defined(MBEDTLS_CID) - case MBEDTLS_TLS_EXT_CID: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); - if( ssl->conf->cid == MBEDTLS_CID_CONF_DISABLED ) - break; - - ret = ssl_parse_cid_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + case MBEDTLS_TLS_EXT_CID: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); + if( ssl->conf->cid == MBEDTLS_CID_CONF_DISABLED ) + break; + + ret = ssl_parse_cid_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #endif /* MBEDTLS_CID */ - case MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported_versions extension" ) ); + case MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported_versions extension" ) ); - ret = ssl_parse_supported_version_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_supported_version_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - case MBEDTLS_TLS_EXT_PRE_SHARED_KEY: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) ); - if( ( ret = ssl_parse_server_psk_identity_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_server_psk_identity_ext" ), ret ); - return( ret ); - } - break; + case MBEDTLS_TLS_EXT_PRE_SHARED_KEY: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) ); + if( ( ret = ssl_parse_server_psk_identity_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_server_psk_identity_ext" ), ret ); + return( ret ); + } + break; #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) - case MBEDTLS_TLS_EXT_KEY_SHARES: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) ); - - if( ( ret = ssl_parse_key_shares_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_parse_key_shares_ext", ret ); - return( ret ); - } - break; -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ + case MBEDTLS_TLS_EXT_KEY_SHARES: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) ); - default: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d ( ignoring )", ext_id ) ); - } + if( ( ret = ssl_parse_key_shares_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_parse_key_shares_ext", ret ); + return( ret ); + } + break; +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ - ext_len -= 4 + ext_size; - ext += 4 + ext_size; + default: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d ( ignoring )", ext_id ) ); + } - if( ext_len > 0 && ext_len < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - } + ext_len -= 4 + ext_size; + ext += 4 + ext_size; - return( 0 ); + if( ext_len > 0 && ext_len < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } + } + + return( 0 ); +} - static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ) - { - /* We need to set the key exchange algorithm based on the - * following rules: - * - * 1 ) IF PRE_SHARED_KEY extension was received - * THEN set MBEDTLS_KEY_EXCHANGE_PSK - * 2 ) IF PRE_SHARED_KEY extension && KEY_SHARE was received - * THEN set MBEDTLS_KEY_EXCHANGE_ECDHE_PSK - * 3 ) IF KEY_SHARES extension was received && SIG_ALG extension received - * THEN set MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA - * ELSE unknown key exchange mechanism. - */ +static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ) +{ + /* We need to set the key exchange algorithm based on the + * following rules: + * + * 1 ) IF PRE_SHARED_KEY extension was received + * THEN set MBEDTLS_KEY_EXCHANGE_PSK + * 2 ) IF PRE_SHARED_KEY extension && KEY_SHARE was received + * THEN set MBEDTLS_KEY_EXCHANGE_ECDHE_PSK + * 3 ) IF KEY_SHARES extension was received && SIG_ALG extension received + * THEN set MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA + * ELSE unknown key exchange mechanism. + */ - if( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) - { - if( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) - ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_ECDHE_PSK; - else - ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_PSK; - } - else if( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) - ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA; - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unknown key exchange." ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } + if( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) + { + if( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) + ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_ECDHE_PSK; + else + ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_PSK; + } + else if( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) + ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA; + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unknown key exchange." ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } #if defined(MBEDTLS_CID) - /* Server does not want to use CID -> recover resources */ - if( ssl->session_negotiate->cid == MBEDTLS_CID_DISABLED && - ssl->in_cid_len > 0 ) { - free( ssl->in_cid ); - ssl->in_cid_len = 0; - } + /* Server does not want to use CID -> recover resources */ + if( ssl->session_negotiate->cid == MBEDTLS_CID_DISABLED && + ssl->in_cid_len > 0 ) { + free( ssl->in_cid ); + ssl->in_cid_len = 0; + } #endif /* MBEDTLS_CID */ - return( 0 ); - } + return( 0 ); +} - static int ssl_hrr_parse( mbedtls_ssl_context* ssl, - const unsigned char* buf, size_t buflen ) - { - int ret; /* return value */ - int i; /* scratch value */ - int found = 0; - const unsigned char* msg_end = buf + buflen; /* pointer to the end of the buffer for length checks */ +static int ssl_hrr_parse( mbedtls_ssl_context* ssl, + const unsigned char* buf, size_t buflen ) +{ + int ret; /* return value */ + int i; /* scratch value */ + int found = 0; + const unsigned char* msg_end = buf + buflen; /* pointer to the end of the buffer for length checks */ - size_t ext_len; /* stores length of all extensions */ - unsigned int ext_id; /* id of an extension */ - const unsigned char* ext; /* pointer to an individual extension */ - unsigned int ext_size; /* size of an individual extension */ + size_t ext_len; /* stores length of all extensions */ + unsigned int ext_id; /* id of an extension */ + const unsigned char* ext; /* pointer to an individual extension */ + unsigned int ext_size; /* size of an individual extension */ - const mbedtls_ssl_ciphersuite_t* suite_info; /* pointer to ciphersuite */ + const mbedtls_ssl_ciphersuite_t* suite_info; /* pointer to ciphersuite */ #if defined(MBEDTLS_ECDH_C) - /* Variables for parsing the key_share */ - const mbedtls_ecp_group_id* grp_id; - const mbedtls_ecp_curve_info* info, * curve = NULL; - int tls_id; + /* Variables for parsing the key_share */ + const mbedtls_ecp_group_id* grp_id; + const mbedtls_ecp_curve_info* info, * curve = NULL; + int tls_id; #endif /* MBEDTLS_ECDH_C */ - /* Check for minimal length */ + /* Check for minimal length */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - /* TBD: Add message header figure here. */ - /* 18 = 16 ( random bytes ) + 1 ( ciphersuite ) + 1 ( version ) + */ - if( buflen < 18 + mbedtls_ssl_hs_hdr_len( ssl )) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request - min size not reached" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } - } - else + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + /* TBD: Add message header figure here. */ + /* 18 = 16 ( random bytes ) + 1 ( ciphersuite ) + 1 ( version ) + */ + if( buflen < 18 + mbedtls_ssl_hs_hdr_len( ssl )) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request - min size not reached" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } + } + else #endif /* MBEDTLS_CTLS */ - { - /* struct { - * ProtocolVersion legacy_version = 0x0303; - * Random random; - * opaque legacy_session_id_echo<0..32>; - * CipherSuite cipher_suite; - * uint8 legacy_compression_method = 0; - * Extension extensions<6..2 ^ 16 - 1>; - * } ServerHello; - * - * - * 38 = 32 ( random bytes ) + 2 ( ciphersuite ) + 2 ( version ) + - * 1 ( legacy_compression_method ) + 1 ( minimum for legacy_session_id_echo ) - */ - if( ( buflen < 38 + mbedtls_ssl_hs_hdr_len( ssl )) || - buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message - min size not reached" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } - } + { + /* struct { + * ProtocolVersion legacy_version = 0x0303; + * Random random; + * opaque legacy_session_id_echo<0..32>; + * CipherSuite cipher_suite; + * uint8 legacy_compression_method = 0; + * Extension extensions<6..2 ^ 16 - 1>; + * } ServerHello; + * + * + * 38 = 32 ( random bytes ) + 2 ( ciphersuite ) + 2 ( version ) + + * 1 ( legacy_compression_method ) + 1 ( minimum for legacy_session_id_echo ) + */ + if( ( buflen < 38 + mbedtls_ssl_hs_hdr_len( ssl )) || + buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message - min size not reached" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } + } - MBEDTLS_SSL_DEBUG_BUF( 5, "hello retry request", buf, buflen ); + MBEDTLS_SSL_DEBUG_BUF( 5, "hello retry request", buf, buflen ); - /* skip header */ - buf += mbedtls_ssl_hs_hdr_len( ssl ); + /* skip header */ + buf += mbedtls_ssl_hs_hdr_len( ssl ); #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { - MBEDTLS_SSL_DEBUG_BUF( 3, "hello retry request, version", buf + 0, 2 ); - mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, - ssl->conf->transport, buf + 0 ); + { + MBEDTLS_SSL_DEBUG_BUF( 3, "hello retry request, version", buf + 0, 2 ); + mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, + ssl->conf->transport, buf + 0 ); - /* The version field must contain 0x303 */ - if( buf[0] != 0x03 || buf[1] != 0x03 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unsupported version of TLS." ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + /* The version field must contain 0x303 */ + if( buf[0] != 0x03 || buf[1] != 0x03 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unsupported version of TLS." ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); - } + return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + } - /* skip version */ - buf += 2; - } + /* skip version */ + buf += 2; + } - /* Internally we use the correct 1.3 version */ - ssl->major_ver = 0x03; - ssl->minor_ver = 0x04; + /* Internally we use the correct 1.3 version */ + ssl->major_ver = 0x03; + ssl->minor_ver = 0x04; - /* store server-provided random values */ + /* store server-provided random values */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - memcpy( ssl->handshake->randbytes + 16, buf, 16 ); - MBEDTLS_SSL_DEBUG_BUF( 3, "hello retry request, random bytes", buf + 2, 16 ); + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + memcpy( ssl->handshake->randbytes + 16, buf, 16 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "hello retry request, random bytes", buf + 2, 16 ); - /* skip random bytes */ - buf += 16; - } - else + /* skip random bytes */ + buf += 16; + } + else #endif /* MBEDTLS_CTLS */ - { - memcpy( ssl->handshake->randbytes + 32, buf, 32 ); - MBEDTLS_SSL_DEBUG_BUF( 3, "hello retry request, random bytes", buf + 2, 32 ); + { + memcpy( ssl->handshake->randbytes + 32, buf, 32 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "hello retry request, random bytes", buf + 2, 32 ); - /* skip random bytes */ - buf += 32; - } + /* skip random bytes */ + buf += 32; + } #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { + { #if defined(MBEDTLS_COMPATIBILITY_MODE) - /* legacy_session_id_echo */ - if( ssl->session_negotiate->id_len != buf[0] ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Mismatch of session id length" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } - buf++; /* skip session id length */ + /* legacy_session_id_echo */ + if( ssl->session_negotiate->id_len != buf[0] ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Mismatch of session id length" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } + buf++; /* skip session id length */ - if( memcmp( ssl->session_negotiate->id, &buf[0], ssl->session_negotiate->id_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Mismatch of session id" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "- expected session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "- received session id", &buf[0], ssl->session_negotiate->id_len ); + if( memcmp( ssl->session_negotiate->id, &buf[0], ssl->session_negotiate->id_len ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Mismatch of session id" ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "- expected session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "- received session id", &buf[0], ssl->session_negotiate->id_len ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } - buf += ssl->session_negotiate->id_len; /* skip session id */ + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } + buf += ssl->session_negotiate->id_len; /* skip session id */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "session id length ( %d )", ssl->session_negotiate->id_len ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "session id length ( %d )", ssl->session_negotiate->id_len ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); #else - /* Length of the session id must be zero */ - if( *buf == 0 ) - { - buf++; /* skip session id length */ - } - else - { - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } + /* Length of the session id must be zero */ + if( *buf == 0 ) + { + buf++; /* skip session id length */ + } + else + { + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } #endif /* MBEDTLS_COMPATIBILITY_MODE */ - } + } #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - /* read server-selected ciphersuite, which follows random bytes */ - i = ( buf[0] << 8 ) | buf[1]; + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + /* read server-selected ciphersuite, which follows random bytes */ + i = ( buf[0] << 8 ) | buf[1]; - /* skip ciphersuite */ - buf += 2; - } - else + /* skip ciphersuite */ + buf += 2; + } + else #endif /* MBEDTLS_CTLS*/ - { - /* read server-selected ciphersuite, which follows random bytes */ - i = ( buf[0] << 8 ) | buf[1]; + { + /* read server-selected ciphersuite, which follows random bytes */ + i = ( buf[0] << 8 ) | buf[1]; - /* skip ciphersuite */ - buf += 2; - } + /* skip ciphersuite */ + buf += 2; + } - /* TBD: Check whether we have offered this ciphersuite */ - /* Via the force_ciphersuite version we may have instructed the client */ - /* to use a difference ciphersuite. */ + /* TBD: Check whether we have offered this ciphersuite */ + /* Via the force_ciphersuite version we may have instructed the client */ + /* to use a difference ciphersuite. */ - /* Configure ciphersuites */ - ssl->transform_negotiate->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i ); + /* Configure ciphersuites */ + ssl->transform_negotiate->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i ); - if( ssl->transform_negotiate->ciphersuite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found", i ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } + if( ssl->transform_negotiate->ciphersuite_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found", i ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } - mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); + mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); - ssl->session_negotiate->ciphersuite = i; + ssl->session_negotiate->ciphersuite = i; - suite_info = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ); - if( suite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } + suite_info = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ); + if( suite_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "hello retry request, chosen ciphersuite: ( %04x ) - %s", i, suite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "hello retry request, chosen ciphersuite: ( %04x ) - %s", i, suite_info->name ) ); #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = time( NULL ); + ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ - i = 0; - while ( 1 ) - { - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } + i = 0; + while ( 1 ) + { + if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == - ssl->session_negotiate->ciphersuite ) - { - break; - } - } + if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == + ssl->session_negotiate->ciphersuite ) + { + break; + } + } #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { - /* Ensure that compression method is set to zero */ - if( buf[0] != 0 ) + { + /* Ensure that compression method is set to zero */ + if( buf[0] != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } + + /* skip compression */ + buf++; + } + + /* Are we reading beyond the message buffer? */ + if( ( buf + 2 ) > msg_end ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } + + ext_len = ( ( buf[0] << 8 ) | ( buf[1] ) ); + buf += 2; /* skip extension length */ + + /* Are we reading beyond the message buffer? */ + if( ( buf + ext_len ) > msg_end ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } + + ext = buf; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "hello retry request, total extension length: %d", ext_len ) ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "extensions", ext, ext_len ); + + while ( ext_len ) + { + ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); + ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); + + if( ext_size + 4 > ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } + + switch ( ext_id ) + { +#if defined(MBEDTLS_SSL_COOKIE_C) + case MBEDTLS_TLS_EXT_COOKIE: + + MBEDTLS_SSL_DEBUG_BUF( 3, "cookie extension", ext + 4, ext_size ); + + mbedtls_free( ssl->handshake->verify_cookie ); + + ssl->handshake->verify_cookie = mbedtls_calloc( 1, ext_size ); + if( ssl->handshake->verify_cookie == NULL ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed ( %d bytes )", ext_size ) ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } - /* skip compression */ - buf++; - } + memcpy( ssl->handshake->verify_cookie, ext + 4, ext_size ); + ssl->handshake->verify_cookie_len = ( unsigned char )ext_size; + break; +#endif /* MBEDTLS_SSL_COOKIE_C */ - /* Are we reading beyond the message buffer? */ - if( ( buf + 2 ) > msg_end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } - ext_len = ( ( buf[0] << 8 ) | ( buf[1] ) ); - buf += 2; /* skip extension length */ + case MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported_versions extension" ) ); - /* Are we reading beyond the message buffer? */ - if( ( buf + ext_len ) > msg_end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } + ret = ssl_parse_supported_version_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; - ext = buf; +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) + case MBEDTLS_TLS_EXT_KEY_SHARES: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "hello retry request, total extension length: %d", ext_len ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "key_share extension", ext + 4, ext_size ); - MBEDTLS_SSL_DEBUG_BUF( 3, "extensions", ext, ext_len ); + /* Read selected_group */ + tls_id = ( ( ext[4] << 8 ) | ( ext[5] ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected_group ( %d )", tls_id ) ); - while ( ext_len ) - { - ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); - ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); + info = mbedtls_ecp_curve_info_from_tls_id( tls_id ); + + if( info != NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected_group by name ( %s )", info->name ) ); + } + /* + * Upon receipt of this extension in a HelloRetryRequest, the client + * MUST first verify that the selected_group field corresponds to a + * group which was provided in the "supported_groups" extension in the + * original ClientHello. + * + * The supported_group was based on the info in ssl->conf->curve_list. + */ + + for ( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { + /* In the initial ClientHello we transmitted the key shares based on + * key_shares_curve_list. + */ + info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); + + if( info == NULL ) return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - if( ext_size + 4 > ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); + if( info->tls_id == tls_id ) + { + /* We found a match */ + found = 1; + break; + } + } + + /* If the server provided a key share that was not sent in the ClientHello + * then the client MUST abort the handshake with an "illegal_parameter" alert. + */ + if( found == 0 ) + { SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad HRR ( server provided key share that was not sent in ClientHello )" ) ); return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } + } - switch ( ext_id ) - { -#if defined(MBEDTLS_SSL_COOKIE_C) - case MBEDTLS_TLS_EXT_COOKIE: + /* + * Client MUST verify that the selected_group + * field does not correspond to a group which was provided in the + * "key_share" extension in the original ClientHello. + */ + found = 0; + for ( grp_id = ssl->conf->key_shares_curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { - MBEDTLS_SSL_DEBUG_BUF( 3, "cookie extension", ext + 4, ext_size ); + info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - mbedtls_free( ssl->handshake->verify_cookie ); + if( info == NULL ) return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - ssl->handshake->verify_cookie = mbedtls_calloc( 1, ext_size ); - if( ssl->handshake->verify_cookie == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed ( %d bytes )", ext_size ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } + if( info->tls_id == tls_id ) + { + /* We found a match */ + found = 1; + break; + } + } - memcpy( ssl->handshake->verify_cookie, ext + 4, ext_size ); - ssl->handshake->verify_cookie_len = ( unsigned char )ext_size; - break; -#endif /* MBEDTLS_SSL_COOKIE_C */ + /* If the server sent an HRR message with a key share already + * provided in the ClientHello then the client MUST abort the + * handshake with an "illegal_parameter" alert. + */ + if( found == 1 ) + { + SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad HRR ( server sent HRR with a key share already provided in ClientHello )" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } + /* Modify key_shares_curve_list for next ClientHello + * based on info provided by server. For the second + * ClientHello we only send the key share expected + * by the server. + */ + curve = mbedtls_ecp_curve_info_from_tls_id( tls_id ); - case MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported_versions extension" ) ); + if( curve == NULL ) return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - ret = ssl_parse_supported_version_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ssl->handshake->key_shares_curve_list[0] = curve->grp_id; + ssl->handshake->key_shares_curve_list[1] = MBEDTLS_ECP_DP_NONE; -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) - case MBEDTLS_TLS_EXT_KEY_SHARES: - - MBEDTLS_SSL_DEBUG_BUF( 3, "key_share extension", ext + 4, ext_size ); - - /* Read selected_group */ - tls_id = ( ( ext[4] << 8 ) | ( ext[5] ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected_group ( %d )", tls_id ) ); - - info = mbedtls_ecp_curve_info_from_tls_id( tls_id ); - - if( info != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected_group by name ( %s )", info->name ) ); - } - /* - * Upon receipt of this extension in a HelloRetryRequest, the client - * MUST first verify that the selected_group field corresponds to a - * group which was provided in the "supported_groups" extension in the - * original ClientHello. - * - * The supported_group was based on the info in ssl->conf->curve_list. - */ - - for ( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { - /* In the initial ClientHello we transmitted the key shares based on - * key_shares_curve_list. - */ - info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - - if( info == NULL ) return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - - if( info->tls_id == tls_id ) - { - /* We found a match */ - found = 1; - break; - } - } - - /* If the server provided a key share that was not sent in the ClientHello - * then the client MUST abort the handshake with an "illegal_parameter" alert. - */ - if( found == 0 ) - { - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad HRR ( server provided key share that was not sent in ClientHello )" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } - - /* - * Client MUST verify that the selected_group - * field does not correspond to a group which was provided in the - * "key_share" extension in the original ClientHello. - */ - found = 0; - for ( grp_id = ssl->conf->key_shares_curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { - - info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - - if( info == NULL ) return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - - if( info->tls_id == tls_id ) - { - /* We found a match */ - found = 1; - break; - } - } - - /* If the server sent an HRR message with a key share already - * provided in the ClientHello then the client MUST abort the - * handshake with an "illegal_parameter" alert. - */ - if( found == 1 ) - { - SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad HRR ( server sent HRR with a key share already provided in ClientHello )" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } - - /* Modify key_shares_curve_list for next ClientHello - * based on info provided by server. For the second - * ClientHello we only send the key share expected - * by the server. - */ - curve = mbedtls_ecp_curve_info_from_tls_id( tls_id ); - - if( curve == NULL ) return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - - ssl->handshake->key_shares_curve_list[0] = curve->grp_id; - ssl->handshake->key_shares_curve_list[1] = MBEDTLS_ECP_DP_NONE; - - break; + break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ - default: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d ( ignoring )", ext_id ) ); - } + default: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d ( ignoring )", ext_id ) ); + } - /* Jump to next extension */ - ext_len -= 4 + ext_size; - ext += 4 + ext_size; + /* Jump to next extension */ + ext_len -= 4 + ext_size; + ext += 4 + ext_size; - if( ext_len > 0 && ext_len < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); - } + if( ext_len > 0 && ext_len < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_HELLO_RETRY_REQUEST ); + } - } + } - return( 0 ); - } + return( 0 ); +} - static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, - const unsigned char* orig_buf, - size_t orig_msg_len ) - { - unsigned char transcript[MBEDTLS_MD_MAX_SIZE + 4]; /* used to store the ClientHello1 msg */ - int hash_length; +static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, + const unsigned char* orig_buf, + size_t orig_msg_len ) +{ + unsigned char transcript[MBEDTLS_MD_MAX_SIZE + 4]; /* used to store the ClientHello1 msg */ + int hash_length; - ssl->handshake->hello_retry_requests_received++; + ssl->handshake->hello_retry_requests_received++; - MBEDTLS_SSL_DEBUG_MSG( 5, ( "--- Update Checksum ( ssl_prepare_handshake_record, stateless transcript hash for HRR )" ) ); + MBEDTLS_SSL_DEBUG_MSG( 5, ( "--- Update Checksum ( ssl_prepare_handshake_record, stateless transcript hash for HRR )" ) ); - /* A special handling of the transcript hash is needed. We skipped - * updating the transcript hash when the HRR message was received. - * - * 1. The current transcript hash was computed over the first ClientHello. - * We need to compute a final hash of ClientHello1 and then put it - * into the following structure: - * - * Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN ) = - * Hash( message_hash || - * 00 00 Hash.length || - * Hash( ClientHello1 ) || - * HelloRetryRequest ... MN ) - * - * 2. Then, we need to reset the transcript and put the hash of the above- - * computed value. - * - */ + /* A special handling of the transcript hash is needed. We skipped + * updating the transcript hash when the HRR message was received. + * + * 1. The current transcript hash was computed over the first ClientHello. + * We need to compute a final hash of ClientHello1 and then put it + * into the following structure: + * + * Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN ) = + * Hash( message_hash || + * 00 00 Hash.length || + * Hash( ClientHello1 ) || + * HelloRetryRequest ... MN ) + * + * 2. Then, we need to reset the transcript and put the hash of the above- + * computed value. + * + */ - transcript[0] = MBEDTLS_SSL_HS_MESSAGE_HASH; - transcript[1] = 0; - transcript[2] = 0; + transcript[0] = MBEDTLS_SSL_HS_MESSAGE_HASH; + transcript[1] = 0; + transcript[2] = 0; - hash_length = mbedtls_hash_size_for_ciphersuite( ssl->transform_negotiate->ciphersuite_info ); + hash_length = mbedtls_hash_size_for_ciphersuite( ssl->transform_negotiate->ciphersuite_info ); - if( hash_length == -1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_hash_size_for_ciphersuite == -1" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + if( hash_length == -1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_hash_size_for_ciphersuite == -1" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } - transcript[3] = ( uint8_t )hash_length; + transcript[3] = ( uint8_t )hash_length; - /* #if defined(MBEDTLS_SHA256_C) - mbedtls_sha256_context sha256; - #endif + /* #if defined(MBEDTLS_SHA256_C) + mbedtls_sha256_context sha256; + #endif - #if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_context sha512; - #endif - */ - if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA256 ) - { + #if defined(MBEDTLS_SHA512_C) + mbedtls_sha512_context sha512; + #endif + */ + if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA256 ) + { #if defined(MBEDTLS_SHA256_C) - mbedtls_sha256_finish( &ssl->handshake->fin_sha256, &transcript[4] ); - MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 32 + 4 ); + mbedtls_sha256_finish( &ssl->handshake->fin_sha256, &transcript[4] ); + MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 32 + 4 ); - /* reset transcript */ - mbedtls_sha256_init( &ssl->handshake->fin_sha256 ); - mbedtls_sha256_starts( &ssl->handshake->fin_sha256, 0 /* = use SHA256 */ ); - /*mbedtls_sha256_update( &ssl->handshake->fin_sha256, &transcript[0], hash_length + 4 ); */ + /* reset transcript */ + mbedtls_sha256_init( &ssl->handshake->fin_sha256 ); + mbedtls_sha256_starts( &ssl->handshake->fin_sha256, 0 /* = use SHA256 */ ); + /*mbedtls_sha256_update( &ssl->handshake->fin_sha256, &transcript[0], hash_length + 4 ); */ #else - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #endif /* MBEDTLS_SHA256_C */ - } - else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) - { + } + else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + { #if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_finish( &ssl->handshake->fin_sha512, &transcript[4] ); - MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 48 + 4 ); + mbedtls_sha512_finish( &ssl->handshake->fin_sha512, &transcript[4] ); + MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 48 + 4 ); - /* reset transcript */ - mbedtls_sha512_init( &ssl->handshake->fin_sha512 ); - mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 1 /* = use SHA384 */ ); - /*mbedtls_sha256_update( &ssl->handshake->fin_sha512, &transcript[0], hash_length + 4 ); */ + /* reset transcript */ + mbedtls_sha512_init( &ssl->handshake->fin_sha512 ); + mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 1 /* = use SHA384 */ ); + /*mbedtls_sha256_update( &ssl->handshake->fin_sha512, &transcript[0], hash_length + 4 ); */ #else - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #endif /* MBEDTLS_SHA512_C */ - } - else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA512 ) - { + } + else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA512 ) + { #if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_finish( &ssl->handshake->fin_sha512, &transcript[4] ); - MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 64 + 4 ); + mbedtls_sha512_finish( &ssl->handshake->fin_sha512, &transcript[4] ); + MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 64 + 4 ); - /* reset transcript */ - mbedtls_sha512_init( &ssl->handshake->fin_sha512 ); - mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 0 /* = use SHA512 */ ); - /*mbedtls_sha256_update( &ssl->handshake->fin_sha512, &transcript[0], hash_length + 4 ); */ - } - else - { + /* reset transcript */ + mbedtls_sha512_init( &ssl->handshake->fin_sha512 ); + mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 0 /* = use SHA512 */ ); + /*mbedtls_sha256_update( &ssl->handshake->fin_sha512, &transcript[0], hash_length + 4 ); */ + } + else + { #else - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #endif /* MBEDTLS_SHA512_C */ - } + } - /* hash modified transcript for ClientHello1 */ - ssl->handshake->update_checksum( ssl, &transcript[0], hash_length + 4 ); - /* Add transcript for HRR */ - ssl->handshake->update_checksum( ssl, orig_buf, orig_msg_len ); + /* hash modified transcript for ClientHello1 */ + ssl->handshake->update_checksum( ssl, &transcript[0], hash_length + 4 ); + /* Add transcript for HRR */ + ssl->handshake->update_checksum( ssl, orig_buf, orig_msg_len ); #if defined(MBEDTLS_SSL_PROTO_DTLS) - mbedtls_ssl_recv_flight_completed( ssl ); + mbedtls_ssl_recv_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return( 0 ); - } + return( 0 ); +} #if !defined(foobar) - static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) - { - ( (void)ssl ); - } +static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) +{ + ( (void)ssl ); +} #else - static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) - { - /* In case we negotiated the use of CIDs then we need to - * adjust the pointers to various header fields. If we - * did not negotiate the use of a CID or our peer requested - * us not to add a CID value to the record header then the - * out_cid_len or in_cid_len will be zero. - */ +static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) +{ + /* In case we negotiated the use of CIDs then we need to + * adjust the pointers to various header fields. If we + * did not negotiate the use of a CID or our peer requested + * us not to add a CID value to the record header then the + * out_cid_len or in_cid_len will be zero. + */ #if defined(MBEDTLS_SSL_PROTO_DTLS) #if defined(MBEDTLS_CID) - size_t out_cid_len = ssl->out_cid_len; - size_t in_cid_len = ssl->in_cid_len; + size_t out_cid_len = ssl->out_cid_len; + size_t in_cid_len = ssl->in_cid_len; #else - size_t out_cid_len = 0; - size_t in_cid_len = 0; + size_t out_cid_len = 0; + size_t in_cid_len = 0; #endif /* MBEDTLS_CID */ - if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && - ( out_cid_len > 0 )) - { - ssl->out_hdr = ssl->out_buf; - ssl->out_ctr = ssl->out_buf + 1 + out_cid_len; - ssl->out_len = ssl->out_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_OUT, ssl->transform_negotiate ) - 2; - ssl->out_iv = ssl->out_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_OUT, ssl->transform_negotiate ); - /* ssl->out_msg = ssl->out_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_OUT ) + ssl->transform_negotiate->ivlen - - ssl->transform_negotiate->fixed_ivlen; */ - ssl->out_msg = ssl->out_iv; - } + if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && + ( out_cid_len > 0 )) + { + ssl->out_hdr = ssl->out_buf; + ssl->out_ctr = ssl->out_buf + 1 + out_cid_len; + ssl->out_len = ssl->out_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_OUT, ssl->transform_negotiate ) - 2; + ssl->out_iv = ssl->out_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_OUT, ssl->transform_negotiate ); + /* ssl->out_msg = ssl->out_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_OUT ) + ssl->transform_negotiate->ivlen - + ssl->transform_negotiate->fixed_ivlen; */ + ssl->out_msg = ssl->out_iv; + } - if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && - ( in_cid_len > 0 )) - { - ssl->in_hdr = ssl->in_buf; - ssl->in_ctr = ssl->in_buf + 1 + in_cid_len; - ssl->in_len = ssl->in_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_negotiate ) - 2; - ssl->in_iv = ssl->in_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_negotiate ); - /* ssl->in_msg = ssl->in_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_OUT ) + ssl->transform_negotiate->ivlen - - ssl->transform_negotiate->fixed_ivlen; */ - ssl->in_msg = ssl->in_iv; - } - else + if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && + ( in_cid_len > 0 )) + { + ssl->in_hdr = ssl->in_buf; + ssl->in_ctr = ssl->in_buf + 1 + in_cid_len; + ssl->in_len = ssl->in_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_negotiate ) - 2; + ssl->in_iv = ssl->in_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_negotiate ); + /* ssl->in_msg = ssl->in_buf + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_OUT ) + ssl->transform_negotiate->ivlen - + ssl->transform_negotiate->fixed_ivlen; */ + ssl->in_msg = ssl->in_iv; + } + else #endif /* MBEDTLS_SSL_PROTO_DTLS */ - { - ( (void)ssl ); - } - } + { + ( (void)ssl ); + } +} #endif /* foobar */ /* * TLS and DTLS 1.3 State Maschine -- client side */ - int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) - { - int ret = 0; +int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) +{ + int ret = 0; - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Handshake completed but ssl->handshake is NULL.\n" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Handshake completed but ssl->handshake is NULL.\n" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); - if( ( ret = mbedtls_ssl_flush_output( ssl )) != 0 ) - return( ret ); + if( ( ret = mbedtls_ssl_flush_output( ssl )) != 0 ) + return( ret ); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_resend( ssl )) != 0 ) - return( ret ); - } + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + if( ( ret = mbedtls_ssl_resend( ssl )) != 0 ) + return( ret ); + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - switch ( ssl->state ) - { - case MBEDTLS_SSL_HELLO_REQUEST: - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); - /* Reset hello_retry_requests_receive since we have not seen an HRR msg yet. */ - ssl->handshake->hello_retry_requests_received = 0; + switch ( ssl->state ) + { + case MBEDTLS_SSL_HELLO_REQUEST: + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); + /* Reset hello_retry_requests_receive since we have not seen an HRR msg yet. */ + ssl->handshake->hello_retry_requests_received = 0; #if defined(MBEDTLS_COMPATIBILITY_MODE) - /* Reset session id */ - memset( ssl->session_negotiate->id, 0, 32 ); - ssl->session_negotiate->id_len = 0; + /* Reset session id */ + memset( ssl->session_negotiate->id, 0, 32 ); + ssl->session_negotiate->id_len = 0; #endif /* MBEDTLS_COMPATIBILITY_MODE */ #if defined(MBEDTLS_ECP_C) - /* We need to initialize the handshake->key_shares_curve_list. */ - if( ssl->handshake->key_shares_curve_list == NULL ) - { - /* We need to allocate one additional key share for the delimiter. */ - ssl->handshake->key_shares_curve_list = mbedtls_calloc( 1, sizeof( mbedtls_ecp_group_id* ) * ( MBEDTLS_SSL_MAX_KEY_SHARES+1 ) ); - if( ssl->conf->key_shares_curve_list == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - memcpy( ssl->handshake->key_shares_curve_list, ssl->conf->key_shares_curve_list, sizeof( mbedtls_ecp_group_id* ) * ( MBEDTLS_SSL_MAX_KEY_SHARES+1 ) ); - - /* We need to put a delimiter to the end of the key shares curve list */ - ssl->handshake->key_shares_curve_list[MBEDTLS_SSL_MAX_KEY_SHARES] = MBEDTLS_ECP_DP_NONE; - } + /* We need to initialize the handshake->key_shares_curve_list. */ + if( ssl->handshake->key_shares_curve_list == NULL ) + { + /* We need to allocate one additional key share for the delimiter. */ + ssl->handshake->key_shares_curve_list = mbedtls_calloc( 1, sizeof( mbedtls_ecp_group_id* ) * ( MBEDTLS_SSL_MAX_KEY_SHARES+1 ) ); + if( ssl->conf->key_shares_curve_list == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + memcpy( ssl->handshake->key_shares_curve_list, ssl->conf->key_shares_curve_list, sizeof( mbedtls_ecp_group_id* ) * ( MBEDTLS_SSL_MAX_KEY_SHARES+1 ) ); + + /* We need to put a delimiter to the end of the key shares curve list */ + ssl->handshake->key_shares_curve_list[MBEDTLS_SSL_MAX_KEY_SHARES] = MBEDTLS_ECP_DP_NONE; + } #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - /* nothing sent or received so far */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); - mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); - } + /* nothing sent or received so far */ + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); + mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - break; + break; - /* ----- WRITE CLIENT HELLO ----*/ + /* ----- WRITE CLIENT HELLO ----*/ - case MBEDTLS_SSL_CLIENT_HELLO: - /* Reset pointers to buffers */ + case MBEDTLS_SSL_CLIENT_HELLO: + /* Reset pointers to buffers */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ssl->out_hdr = ssl->out_buf; - ssl->out_ctr = ssl->out_buf + 3; - ssl->out_len = ssl->out_buf + 11; - ssl->out_iv = ssl->out_buf + 13; - ssl->out_msg = ssl->out_buf + 13; - - ssl->in_hdr = ssl->in_buf; - ssl->in_ctr = ssl->in_buf + 3; - ssl->in_len = ssl->in_buf + 11; - ssl->in_iv = ssl->in_buf + 13; - ssl->in_msg = ssl->in_buf + 13; - } + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->out_hdr = ssl->out_buf; + ssl->out_ctr = ssl->out_buf + 3; + ssl->out_len = ssl->out_buf + 11; + ssl->out_iv = ssl->out_buf + 13; + ssl->out_msg = ssl->out_buf + 13; + + ssl->in_hdr = ssl->in_buf; + ssl->in_ctr = ssl->in_buf + 3; + ssl->in_len = ssl->in_buf + 11; + ssl->in_iv = ssl->in_buf + 13; + ssl->in_msg = ssl->in_buf + 13; + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - /* epoch value ( 0 ) is used with unencrypted messages */ - ssl->in_epoch = 0; - ssl->out_epoch = 0; + /* epoch value ( 0 ) is used with unencrypted messages */ + ssl->in_epoch = 0; + ssl->out_epoch = 0; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - ret = ssl_client_hello_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_client_hello", ret ); - return ( ret ); - } + ret = ssl_client_hello_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_client_hello", ret ); + return ( ret ); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, MBEDTLS_SSL_ACK_RECORDS_SENT ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_ZERO_RTT) - if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) - { + if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) + { #if defined(MBEDTLS_COMPATIBILITY_MODE) - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO ); #else - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_APP_DATA ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_APP_DATA ); #endif /* MBEDTLS_COMPATIBILITY_MODE */ - } - else + } + else #endif /* MBEDTLS_ZERO_RTT */ - { - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); - } + { + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_send_flight_completed( ssl ); #endif - break; + break; #if defined(MBEDTLS_ZERO_RTT) - /* ----- WRITE CHANGE CIPHER SPEC ----*/ + /* ----- WRITE CHANGE CIPHER SPEC ----*/ #if defined(MBEDTLS_COMPATIBILITY_MODE) - case MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO: + case MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO: - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_APP_DATA ); + ret = mbedtls_ssl_write_change_cipher_spec( ssl ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_APP_DATA ); - break; + break; #endif /* MBEDTLS_COMPATIBILITY_MODE */ - /* ----- WRITE EARLY DATA ----*/ + /* ----- WRITE EARLY DATA ----*/ - case MBEDTLS_SSL_EARLY_APP_DATA: + case MBEDTLS_SSL_EARLY_APP_DATA: - ret = ssl_write_early_data_process( ssl ); + ret = ssl_write_early_data_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_early_data_process", ret ); - return ( ret ); - } + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_early_data_process", ret ); + return ( ret ); + } - break; + break; #endif /* MBEDTLS_ZERO_RTT */ - /* ----- READ SERVER HELLO ----*/ + /* ----- READ SERVER HELLO ----*/ - case MBEDTLS_SSL_SERVER_HELLO: - /* In this state the client is expecting a ServerHello - * message but the server could also return a HelloRetryRequest. - * - * Reset extensions we have seen so far. - */ - ssl->handshake->extensions_present = NO_EXTENSION; - ret = ssl_server_hello_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_server_hello_process", ret ); - return ( ret ); - } + case MBEDTLS_SSL_SERVER_HELLO: + /* In this state the client is expecting a ServerHello + * message but the server could also return a HelloRetryRequest. + * + * Reset extensions we have seen so far. + */ + ssl->handshake->extensions_present = NO_EXTENSION; + ret = ssl_server_hello_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_server_hello_process", ret ); + return ( ret ); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( ssl->handshake->hello_retry_requests_received > 0 ) - { - /* If we received the HRR msg then we send another ClientHello */ + if( ssl->handshake->hello_retry_requests_received > 0 ) + { + /* If we received the HRR msg then we send another ClientHello */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_HELLO_RETRY_REQUEST, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_HELLO_RETRY_REQUEST, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_COMPATIBILITY_MODE) - /* If not offering early data, the client sends a dummy - * change_cipher_spec record immediately before its - * second flight. This may either be before its second - * ClientHello or before its encrypted handshake flight. - */ - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO ); + /* If not offering early data, the client sends a dummy + * change_cipher_spec record immediately before its + * second flight. This may either be before its second + * ClientHello or before its encrypted handshake flight. + */ + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO ); #else - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_CLIENT_HELLO ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_CLIENT_HELLO ); #endif /* MBEDTLS_COMPATIBILITY_MODE */ - } - else - { - /* Otherwise we continue with the handshake */ + } + else + { + /* Otherwise we continue with the handshake */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_SERVER_HELLO, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_SERVER_HELLO, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ - mbedtls_patch_pointers( ssl ); + mbedtls_patch_pointers( ssl ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); - } - break; + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); + } + break; - /* ----- WRITE CHANGE_CIPHER_SPEC ----*/ + /* ----- WRITE CHANGE_CIPHER_SPEC ----*/ #if defined(MBEDTLS_COMPATIBILITY_MODE) - case MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO: + case MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO: - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_CLIENT_HELLO ); + ret = mbedtls_ssl_write_change_cipher_spec( ssl ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_CLIENT_HELLO ); - break; + break; #endif /* MBEDTLS_COMPATIBILITY_MODE */ - /* ----- WRITE 2nd CLIENT HELLO ----*/ - case MBEDTLS_SSL_SECOND_CLIENT_HELLO: - ret = ssl_client_hello_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_client_hello", ret ); - return ( ret ); - } - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_SERVER_HELLO ); + /* ----- WRITE 2nd CLIENT HELLO ----*/ + case MBEDTLS_SSL_SECOND_CLIENT_HELLO: + ret = ssl_client_hello_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_client_hello", ret ); + return ( ret ); + } + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_SERVER_HELLO ); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, MBEDTLS_SSL_ACK_RECORDS_SENT ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_send_flight_completed( ssl ); #endif - break; + break; - /* ----- READ 2nd SERVER HELLO ----*/ + /* ----- READ 2nd SERVER HELLO ----*/ - case MBEDTLS_SSL_SECOND_SERVER_HELLO: - /* In this state the client is expecting a ServerHello - * message and not the HRR anymore. - */ - /* reset extensions we have seen so far */ - ssl->handshake->extensions_present = NO_EXTENSION; - ret = ssl_server_hello_process( ssl ); + case MBEDTLS_SSL_SECOND_SERVER_HELLO: + /* In this state the client is expecting a ServerHello + * message and not the HRR anymore. + */ + /* reset extensions we have seen so far */ + ssl->handshake->extensions_present = NO_EXTENSION; + ret = ssl_server_hello_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_parse_server_hello", ret ); - return ( ret ); - } + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_parse_server_hello", ret ); + return ( ret ); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ - /* if we received a second HRR we abort */ - if( ssl->handshake->hello_retry_requests_received == 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Too many HelloRetryRequests received from server; I give up." ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return ( MBEDTLS_ERR_SSL_BAD_HS_TOO_MANY_HRR ); - } - mbedtls_patch_pointers( ssl ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); - break; + /* if we received a second HRR we abort */ + if( ssl->handshake->hello_retry_requests_received == 2 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Too many HelloRetryRequests received from server; I give up." ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return ( MBEDTLS_ERR_SSL_BAD_HS_TOO_MANY_HRR ); + } + mbedtls_patch_pointers( ssl ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); + break; - /* ----- READ ENCRYPTED EXTENSIONS ----*/ + /* ----- READ ENCRYPTED EXTENSIONS ----*/ - case MBEDTLS_SSL_ENCRYPTED_EXTENSIONS: + case MBEDTLS_SSL_ENCRYPTED_EXTENSIONS: - ret = ssl_encrypted_extensions_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_parse_encrypted_extensions", ret ); - return ( ret ); - } + ret = ssl_encrypted_extensions_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_parse_encrypted_extensions", ret ); + return ( ret ); + } - break; + break; - /* ----- WRITE CHANGE CIPHER SPEC ----*/ + /* ----- WRITE CHANGE CIPHER SPEC ----*/ #if defined(MBEDTLS_COMPATIBILITY_MODE) - case MBEDTLS_SSL_CLIENT_CCS_BEFORE_CERTIFICATE_REQUEST: + case MBEDTLS_SSL_CLIENT_CCS_BEFORE_CERTIFICATE_REQUEST: - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST ); + ret = mbedtls_ssl_write_change_cipher_spec( ssl ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST ); - break; + break; #endif /* MBEDTLS_COMPATIBILITY_MODE */ - /* ----- READ CERTIFICATE REQUEST ----*/ + /* ----- READ CERTIFICATE REQUEST ----*/ - case MBEDTLS_SSL_CERTIFICATE_REQUEST: - ret = ssl_certificate_request_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_certificate_request_process", ret ); - return ( ret ); - } + case MBEDTLS_SSL_CERTIFICATE_REQUEST: + ret = ssl_certificate_request_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_certificate_request_process", ret ); + return ( ret ); + } - break; + break; - /* ----- READ SERVER CERTIFICATE ----*/ + /* ----- READ SERVER CERTIFICATE ----*/ - case MBEDTLS_SSL_SERVER_CERTIFICATE: - ret = ssl_read_certificate_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_read_certificate_process", ret ); - return ( ret ); - } - break; + case MBEDTLS_SSL_SERVER_CERTIFICATE: + ret = ssl_read_certificate_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_read_certificate_process", ret ); + return ( ret ); + } + break; - /* ----- READ CERTIFICATE VERIFY ----*/ + /* ----- READ CERTIFICATE VERIFY ----*/ - case MBEDTLS_SSL_CERTIFICATE_VERIFY: - ret = ssl_read_certificate_verify_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_read_certificate_verify_process", ret ); - return ( ret ); - } + case MBEDTLS_SSL_CERTIFICATE_VERIFY: + ret = ssl_read_certificate_verify_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_read_certificate_verify_process", ret ); + return ( ret ); + } - break; + break; - /* ----- READ FINISHED ----*/ + /* ----- READ FINISHED ----*/ - case MBEDTLS_SSL_SERVER_FINISHED: + case MBEDTLS_SSL_SERVER_FINISHED: - ret = ssl_finished_in_process( ssl ); + ret = ssl_finished_in_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_finished_in_process", ret ); - return ( ret ); - } + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_finished_in_process", ret ); + return ( ret ); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_FINISHED, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_FINISHED, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_ZERO_RTT) - if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) - { - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_DATA ); - } - else + if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) + { + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_DATA ); + } + else #endif /* MBEDTLS_ZERO_RTT */ - { - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE ); - } - break; + { + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE ); + } + break; #if defined(MBEDTLS_ZERO_RTT) - /* ----- WRITE END-OF-EARLY-DATA ----*/ + /* ----- WRITE END-OF-EARLY-DATA ----*/ - case MBEDTLS_SSL_EARLY_DATA: + case MBEDTLS_SSL_EARLY_DATA: - ret = ssl_write_end_of_early_data_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_end_of_early_data", ret ); - return ( ret ); - } + ret = ssl_write_end_of_early_data_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_end_of_early_data", ret ); + return ( ret ); + } - break; + break; #endif /* MBEDTLS_ZERO_RTT */ - /* ----- WRITE CERTIFICATE ----*/ + /* ----- WRITE CERTIFICATE ----*/ - case MBEDTLS_SSL_CLIENT_CERTIFICATE: + case MBEDTLS_SSL_CLIENT_CERTIFICATE: - ret = ssl_write_certificate_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_certificate", ret ); - return ( ret ); - } - break; + ret = ssl_write_certificate_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_certificate", ret ); + return ( ret ); + } + break; - /* ----- WRITE CLIENT CERTIFICATE VERIFY ----*/ + /* ----- WRITE CLIENT CERTIFICATE VERIFY ----*/ - case MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY: - ret = ssl_certificate_verify_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_certificate_verify_process", ret ); - return ( ret ); - } - break; + case MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY: + ret = ssl_certificate_verify_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_certificate_verify_process", ret ); + return ( ret ); + } + break; - /* ----- WRITE CHANGE CIPHER SPEC ----*/ + /* ----- WRITE CHANGE CIPHER SPEC ----*/ #if defined(MBEDTLS_COMPATIBILITY_MODE) - case MBEDTLS_SSL_CLIENT_CCS_BEFORE_FINISHED: + case MBEDTLS_SSL_CLIENT_CCS_BEFORE_FINISHED: - if( ssl->transform_out == NULL ) - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); + if( ssl->transform_out == NULL ) + ret = mbedtls_ssl_write_change_cipher_spec( ssl ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); - break; + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); + break; #endif /* MBEDTLS_COMPATIBILITY_MODE */ - /* ----- WRITE CLIENT FINISHED ----*/ + /* ----- WRITE CLIENT FINISHED ----*/ - case MBEDTLS_SSL_CLIENT_FINISHED: - ret = ssl_finished_out_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_finished_out_process", ret ); - return ( ret ); - } - break; + case MBEDTLS_SSL_CLIENT_FINISHED: + ret = ssl_finished_out_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_finished_out_process", ret ); + return ( ret ); + } + break; #if defined(MBEDTLS_SSL_PROTO_DTLS) - /* ----- READ ACK ----*/ + /* ----- READ ACK ----*/ - case MBEDTLS_SSL_HANDSHAKE_FINISH_ACK: - /* The server needs to reply with an ACK message after parsing - * the Finish message from the client. - */ + case MBEDTLS_SSL_HANDSHAKE_FINISH_ACK: + /* The server needs to reply with an ACK message after parsing + * the Finish message from the client. + */ /* ret = mbedtls_ssl_parse_ack( ssl ); */ /* if( ret != 0 ) { */ /* MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_parse_ack", ret ); */ /* return ( ret ); */ /* } */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_FLUSH_BUFFERS ); - break; + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_FLUSH_BUFFERS ); + break; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - case MBEDTLS_SSL_FLUSH_BUFFERS: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP ); - break; + case MBEDTLS_SSL_FLUSH_BUFFERS: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP ); + break; - case MBEDTLS_SSL_HANDSHAKE_WRAPUP: - mbedtls_ssl_handshake_wrapup( ssl ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_OVER ); - break; + case MBEDTLS_SSL_HANDSHAKE_WRAPUP: + mbedtls_ssl_handshake_wrapup( ssl ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_OVER ); + break; - default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } + default: + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } - return( ret ); - } + return( ret ); +} #endif /* MBEDTLS_SSL_CLI_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ From 651f19f7f63b5785749ca83189f42e2b057d01c1 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:19:19 +0000 Subject: [PATCH 02/13] Fix indentation hiccup in ssl_tls13_server.c Mix of preprocessor guards and nested for loops confused auto-indentation. --- library/ssl_tls13_server.c | 2725 ++++++++++++++++++------------------ 1 file changed, 1362 insertions(+), 1363 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index d5608fc90968..84ca81607ee7 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2746,83 +2746,83 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, { for ( i = 0; ciphersuites[i] != 0; i++ ) #else - for ( i = 0; ciphersuites[i] != 0; i++ ) - { - for ( j = 0, p = ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) + for ( i = 0; ciphersuites[i] != 0; i++ ) + { + for ( j = 0, p = ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) #endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */ - { - if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF )) - continue; + { + if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || + p[1] != ( ( ciphersuites[i] ) & 0xFF )) + continue; - got_common_suite = 1; - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); + got_common_suite = 1; + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); - if( ciphersuite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_ciphersuite_from_id: should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + if( ciphersuite_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_ciphersuite_from_id: should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } - goto have_ciphersuite; - /* - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info ) ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + goto have_ciphersuite; + /* + if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], + &ciphersuite_info ) ) != 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - if( ciphersuite_info != NULL ) - goto have_ciphersuite; - */ + if( ciphersuite_info != NULL ) + goto have_ciphersuite; + */ - } - } + } + } - if( got_common_suite ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, but none of them usable" ) ); - /*mbedtls_ssl_send_fatal_handshake_failure( ssl ); */ - return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); - /*mbedtls_ssl_send_fatal_handshake_failure( ssl ); */ - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); - } + if( got_common_suite ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, but none of them usable" ) ); + /*mbedtls_ssl_send_fatal_handshake_failure( ssl ); */ + return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); + /*mbedtls_ssl_send_fatal_handshake_failure( ssl ); */ + return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + } have_ciphersuite: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); - ssl->session_negotiate->ciphersuite = ciphersuites[i]; - ssl->transform_negotiate->ciphersuite_info = ciphersuite_info; + ssl->session_negotiate->ciphersuite = ciphersuites[i]; + ssl->transform_negotiate->ciphersuite_info = ciphersuite_info; - /* List all the extensions we have received */ + /* List all the extensions we have received */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Supported Extensions:" ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- KEY_SHARE_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- PSK_KEY_EXCHANGE_MODES_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- PRE_SHARED_KEY_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SIGNATURE_ALGORITHM_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SIGNATURE_ALGORITHM_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SUPPORTED_GROUPS_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SUPPORTED_GROUPS_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SUPPORTED_VERSION_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SUPPORTED_VERSION_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Supported Extensions:" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- KEY_SHARE_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- PSK_KEY_EXCHANGE_MODES_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- PRE_SHARED_KEY_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SIGNATURE_ALGORITHM_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SIGNATURE_ALGORITHM_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SUPPORTED_GROUPS_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SUPPORTED_GROUPS_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SUPPORTED_VERSION_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SUPPORTED_VERSION_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); #if defined(MBEDTLS_CID) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- CID_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & CID_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- CID_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & CID_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_CID */ #if defined ( MBEDTLS_SSL_SERVER_NAME_INDICATION ) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SERVERNAME_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SERVERNAME_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SERVERNAME_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SERVERNAME_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined ( MBEDTLS_SSL_ALPN ) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- ALPN_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & ALPN_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- ALPN_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & ALPN_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_SSL_ALPN */ #if defined ( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- MAX_FRAGMENT_LENGTH_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & MAX_FRAGMENT_LENGTH_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- MAX_FRAGMENT_LENGTH_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & MAX_FRAGMENT_LENGTH_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined ( MBEDTLS_SSL_COOKIE_C ) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- COOKIE_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & COOKIE_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- COOKIE_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & COOKIE_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_SSL_COOKIE_C */ #if defined(MBEDTLS_ZERO_RTT) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "- EARLY_DATA_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & EARLY_DATA_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "- EARLY_DATA_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & EARLY_DATA_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_ZERO_RTT*/ /* Determine key exchange algorithm to use. There are three types of key exchanges @@ -2831,106 +2831,43 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, */ #if defined(MBEDTLS_ZERO_RTT) - /* - * 0 ) Zero-RTT Exchange / Early Data - * It requires early_data extension, at least key_exchange_modes and the pre_shared_key extension - * It may additionally provide key share, and supported_groups - */ - if( ssl->handshake->extensions_present & EARLY_DATA_EXTENSION ) - { - - /* Pure PSK mode */ - if( ( ssl->conf->early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED ) && - ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) && - ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION )) { - /* Test whether we are allowed to use this mode ( server-side check ) */ - if( ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE ) || - ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL ) || - ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL )) { - /* Test whether we are allowed to use this mode ( client-side check ) */ - if( ( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE ) || - ( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL )) { - - if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); - } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Using a PSK key exchange" ) ); - ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_PSK; - ssl->handshake->early_data = MBEDTLS_SSL_EARLY_DATA_ON; - goto end_client_hello; - } - } - } - /* ECDHE-PSK mode */ - if( ( ssl->conf->early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED ) && - ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) && - ( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) && - ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION )) { - /* Test whether we are allowed to use this mode ( server-side check ) */ - if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) - { - /* Test whether we are allowed to use this mode ( client-side check ) */ - if( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL ) - { - - if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Using a ECDHE-PSK key exchange" ) ); - ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_ECDHE_PSK; - ssl->handshake->early_data = MBEDTLS_SSL_EARLY_DATA_ON; - goto end_client_hello; - } - } - } - } -#endif /* MBEDTLS_ZERO_RTT*/ + /* + * 0 ) Zero-RTT Exchange / Early Data + * It requires early_data extension, at least key_exchange_modes and the pre_shared_key extension + * It may additionally provide key share, and supported_groups + */ + if( ssl->handshake->extensions_present & EARLY_DATA_EXTENSION ) + { - /* The order of preference is - * 1 ) Plain PSK Mode - * 2 ) ( EC )DHE-PSK Mode - * 3 ) Certificate Mode - * - * Currently, the preference order is hard-coded - not configurable. - */ - /* - * 1 ) Plain PSK-based key exchange - * Requires key_exchange_modes and the pre_shared_key extension - * - */ - if( ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) && ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION ) ) - { + /* Pure PSK mode */ + if( ( ssl->conf->early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED ) && + ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) && + ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION )) { /* Test whether we are allowed to use this mode ( server-side check ) */ - if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) - { + if( ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE ) || + ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL ) || + ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL )) { /* Test whether we are allowed to use this mode ( client-side check ) */ - if( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE || ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL ) - { + if( ( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE ) || + ( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL )) { - if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext ) ) != 0 ) + if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext )) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); return( ret ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "Using a PSK key exchange" ) ); ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_PSK; + ssl->handshake->early_data = MBEDTLS_SSL_EARLY_DATA_ON; goto end_client_hello; } } - } - - /* - * 2 ) ( EC )DHE-PSK-based key exchange - * Requires key share, supported_groups, key_exchange_modes and the pre_shared_key extension - * - */ - if( ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) && ( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) && ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION ) ) - { + } + /* ECDHE-PSK mode */ + if( ( ssl->conf->early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED ) && + ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) && + ( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) && + ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION )) { /* Test whether we are allowed to use this mode ( server-side check ) */ if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { @@ -2946,214 +2883,277 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "Using a ECDHE-PSK key exchange" ) ); ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_ECDHE_PSK; + ssl->handshake->early_data = MBEDTLS_SSL_EARLY_DATA_ON; goto end_client_hello; } } - } + } + } +#endif /* MBEDTLS_ZERO_RTT*/ - /* - * 3 ) Certificate-based key exchange - * It requires supported_groups, supported_signature extensions, and key share - * - */ - if( ( ssl->handshake->extensions_present & SUPPORTED_GROUPS_EXTENSION ) && ( ssl->handshake->extensions_present & SIGNATURE_ALGORITHM_EXTENSION ) && ( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION )) - { - /* Test whether we are allowed to use this mode ( server-side check ) */ - if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) + /* The order of preference is + * 1 ) Plain PSK Mode + * 2 ) ( EC )DHE-PSK Mode + * 3 ) Certificate Mode + * + * Currently, the preference order is hard-coded - not configurable. + */ + /* + * 1 ) Plain PSK-based key exchange + * Requires key_exchange_modes and the pre_shared_key extension + * + */ + if( ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) && ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION ) ) + { + /* Test whether we are allowed to use this mode ( server-side check ) */ + if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) + { + /* Test whether we are allowed to use this mode ( client-side check ) */ + if( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE || ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL ) { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Using a ECDSA-ECDHE key exchange" ) ); - ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA; + + if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + return( ret ); + } + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Using a PSK key exchange" ) ); + ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_PSK; goto end_client_hello; } - } + } + } - /* If we previously determined that an HRR is needed then - * we will send it now. - */ - if( final_ret == MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE ) - return( MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE ); + /* + * 2 ) ( EC )DHE-PSK-based key exchange + * Requires key share, supported_groups, key_exchange_modes and the pre_shared_key extension + * + */ + if( ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) && ( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) && ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION ) ) + { + /* Test whether we are allowed to use this mode ( server-side check ) */ + if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) + { + /* Test whether we are allowed to use this mode ( client-side check ) */ + if( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL ) + { + + if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Using a ECDHE-PSK key exchange" ) ); + ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_ECDHE_PSK; + goto end_client_hello; + } + } + } + + /* + * 3 ) Certificate-based key exchange + * It requires supported_groups, supported_signature extensions, and key share + * + */ + if( ( ssl->handshake->extensions_present & SUPPORTED_GROUPS_EXTENSION ) && ( ssl->handshake->extensions_present & SIGNATURE_ALGORITHM_EXTENSION ) && ( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION )) + { + /* Test whether we are allowed to use this mode ( server-side check ) */ + if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Using a ECDSA-ECDHE key exchange" ) ); + ssl->session_negotiate->key_exchange = MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA; + goto end_client_hello; + } + } + + /* If we previously determined that an HRR is needed then + * we will send it now. + */ + if( final_ret == MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE ) + return( MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE ); /* if( ssl->session_negotiate->key_exchange == 0 ) { */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ClientHello message misses mandatory extensions." ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_MISSING_EXTENSION_EXT ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ClientHello message misses mandatory extensions." ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_MISSING_EXTENSION_EXT ); /* } */ end_client_hello: #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_recv_flight_completed( ssl ); + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_recv_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_COOKIE_C) - /* If we failed to see a cookie extension, and we required it through the - * configuration settings ( rr_config ), then we need to send a HRR msg. - * Conceptually, this is similiar to having received a cookie that failed - * the verification check. - */ - if( ( ssl->conf->rr_config == MBEDTLS_SSL_FORCE_RR_CHECK_ON ) && - !( ssl->handshake->extensions_present & COOKIE_EXTENSION )) { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Cookie extension missing. Need to send a HRR." ) ); - final_ret = MBEDTLS_ERR_SSL_BAD_HS_MISSING_COOKIE_EXT; - } + /* If we failed to see a cookie extension, and we required it through the + * configuration settings ( rr_config ), then we need to send a HRR msg. + * Conceptually, this is similiar to having received a cookie that failed + * the verification check. + */ + if( ( ssl->conf->rr_config == MBEDTLS_SSL_FORCE_RR_CHECK_ON ) && + !( ssl->handshake->extensions_present & COOKIE_EXTENSION )) { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Cookie extension missing. Need to send a HRR." ) ); + final_ret = MBEDTLS_ERR_SSL_BAD_HS_MISSING_COOKIE_EXT; + } #endif /* MBEDTLS_SSL_COOKIE_C */ - if( final_ret == MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE || final_ret == MBEDTLS_ERR_SSL_BAD_HS_MISSING_COOKIE_EXT ) - { - /* create stateless transcript hash for HRR */ + if( final_ret == MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE || final_ret == MBEDTLS_ERR_SSL_BAD_HS_MISSING_COOKIE_EXT ) + { + /* create stateless transcript hash for HRR */ - unsigned char transcript[MBEDTLS_MD_MAX_SIZE + 4]; /* used to store the ClientHello1 msg */ - int hash_length; + unsigned char transcript[MBEDTLS_MD_MAX_SIZE + 4]; /* used to store the ClientHello1 msg */ + int hash_length; - MBEDTLS_SSL_DEBUG_MSG( 5, ( "--- Checksum ( ssl_parse_client_hello, stateless transcript hash for HRR )" ) ); + MBEDTLS_SSL_DEBUG_MSG( 5, ( "--- Checksum ( ssl_parse_client_hello, stateless transcript hash for HRR )" ) ); - /* - * Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN ) = - * Hash( message_hash || - * 00 00 Hash.length || - * Hash( ClientHello1 ) || - * HelloRetryRequest ... MN ) - * - */ - transcript[0] = MBEDTLS_SSL_HS_MESSAGE_HASH; - transcript[1] = 0; - transcript[2] = 0; + /* + * Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN ) = + * Hash( message_hash || + * 00 00 Hash.length || + * Hash( ClientHello1 ) || + * HelloRetryRequest ... MN ) + * + */ + transcript[0] = MBEDTLS_SSL_HS_MESSAGE_HASH; + transcript[1] = 0; + transcript[2] = 0; - hash_length = mbedtls_hash_size_for_ciphersuite( ssl->transform_negotiate->ciphersuite_info ); + hash_length = mbedtls_hash_size_for_ciphersuite( ssl->transform_negotiate->ciphersuite_info ); - if( hash_length == -1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_hash_size_for_ciphersuite == -1" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + if( hash_length == -1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_hash_size_for_ciphersuite == -1" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } - transcript[3] = ( uint8_t )hash_length; + transcript[3] = ( uint8_t )hash_length; - if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA256 ) - { + if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA256 ) + { #if defined(MBEDTLS_SHA256_C) - mbedtls_sha256_init( &sha256 ); - mbedtls_sha256_starts( &sha256, 0 /* = use SHA256 */ ); - mbedtls_sha256_update( &sha256, orig_buf, orig_msg_len ); /* hash ClientHello message */ - mbedtls_sha256_finish( &sha256, &transcript[4] ); - MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 32+4 ); + mbedtls_sha256_init( &sha256 ); + mbedtls_sha256_starts( &sha256, 0 /* = use SHA256 */ ); + mbedtls_sha256_update( &sha256, orig_buf, orig_msg_len ); /* hash ClientHello message */ + mbedtls_sha256_finish( &sha256, &transcript[4] ); + MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 32+4 ); #else - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #endif /* MBEDTLS_SHA256_C */ - } - else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) - { + } + else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + { #if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_init( &sha512 ); - mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); - mbedtls_sha512_update( &sha512, orig_buf, orig_msg_len ); /* hash ClientHello message */ - mbedtls_sha512_finish( &sha512, &transcript[4] ); - MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 48+4 ); + mbedtls_sha512_init( &sha512 ); + mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); + mbedtls_sha512_update( &sha512, orig_buf, orig_msg_len ); /* hash ClientHello message */ + mbedtls_sha512_finish( &sha512, &transcript[4] ); + MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 48+4 ); #else - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #endif /* MBEDTLS_SHA512_C */ - } - else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA512 ) - { + } + else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA512 ) + { #if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_init( &sha512 ); - mbedtls_sha512_starts( &sha512, 0 /* = use SHA512 */ ); - mbedtls_sha512_update( &sha512, orig_buf, orig_msg_len ); /* hash ClientHello message */ - mbedtls_sha512_finish( &sha512, &transcript[4] ); - MBEDTLS_SSL_DEBUG_BUF( 5, "ClientHello hash", &transcript[4], 64 ); - } - else { + mbedtls_sha512_init( &sha512 ); + mbedtls_sha512_starts( &sha512, 0 /* = use SHA512 */ ); + mbedtls_sha512_update( &sha512, orig_buf, orig_msg_len ); /* hash ClientHello message */ + mbedtls_sha512_finish( &sha512, &transcript[4] ); + MBEDTLS_SSL_DEBUG_BUF( 5, "ClientHello hash", &transcript[4], 64 ); + } + else { #else - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #endif /* MBEDTLS_SHA512_C*/ - } - ssl->handshake->update_checksum( ssl, &transcript[0], hash_length + 4 ); - } - else { - /* create normal transcript hash */ - MBEDTLS_SSL_DEBUG_MSG( 5, ( "--- Checksum ( ssl_parse_client_hello, normal transcript hash )" ) ); - ssl->handshake->update_checksum( ssl, orig_buf, orig_msg_len ); - } - mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); - - return( final_ret ); + } + ssl->handshake->update_checksum( ssl, &transcript[0], hash_length + 4 ); + } + else { + /* create normal transcript hash */ + MBEDTLS_SSL_DEBUG_MSG( 5, ( "--- Checksum ( ssl_parse_client_hello, normal transcript hash )" ) ); + ssl->handshake->update_checksum( ssl, orig_buf, orig_msg_len ); } + mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); + + return( final_ret ); +} - static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl, int ret ) { +static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl, int ret ) { - ((void) ssl); - ((void) ret); - return ( 0 ); - } + ((void) ssl); + ((void) ret); + return ( 0 ); +} #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) - { - unsigned char *p = buf; +static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; - if( ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) - { - *olen = 0; - return; - } + if( ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) + { + *olen = 0; + return; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); - *p++ = 0x00; - *p++ = 1; + *p++ = 0x00; + *p++ = 1; - *p++ = ssl->session_negotiate->mfl_code; + *p++ = ssl->session_negotiate->mfl_code; - *olen = 5; - } + *olen = 5; +} #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_ALPN) - static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t *olen ) +static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, size_t *olen ) +{ + if( ssl->alpn_chosen == NULL ) { - if( ssl->alpn_chosen == NULL ) - { - *olen = 0; - return; - } + *olen = 0; + return; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) ); - /* - * 0 . 1 ext identifier - * 2 . 3 ext length - * 4 . 5 protocol list length - * 6 . 6 protocol name length - * 7 . 7+n protocol name - */ - buf[0] = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - buf[1] = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + /* + * 0 . 1 ext identifier + * 2 . 3 ext length + * 4 . 5 protocol list length + * 6 . 6 protocol name length + * 7 . 7+n protocol name + */ + buf[0] = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); + buf[1] = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); - *olen = 7 + strlen( ssl->alpn_chosen ); + *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = ( unsigned char )( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = ( unsigned char )( ( *olen - 4 ) & 0xFF ); + buf[2] = ( unsigned char )( ( ( *olen - 4 ) >> 8 ) & 0xFF ); + buf[3] = ( unsigned char )( ( *olen - 4 ) & 0xFF ); - buf[4] = ( unsigned char )( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = ( unsigned char )( ( *olen - 6 ) & 0xFF ); + buf[4] = ( unsigned char )( ( ( *olen - 6 ) >> 8 ) & 0xFF ); + buf[5] = ( unsigned char )( ( *olen - 6 ) & 0xFF ); - buf[6] = ( unsigned char )( ( *olen - 7 ) & 0xFF ); + buf[6] = ( unsigned char )( ( *olen - 7 ) & 0xFF ); - memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); - } + memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); +} #endif /* MBEDTLS_SSL_ALPN */ @@ -3167,248 +3167,248 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, * the cryptographic context. */ - /* - * Overview - */ +/* + * Overview + */ - /* Main entry point; orchestrates the other functions */ - static int ssl_encrypted_extensions_process( mbedtls_ssl_context* ssl ); +/* Main entry point; orchestrates the other functions */ +static int ssl_encrypted_extensions_process( mbedtls_ssl_context* ssl ); - static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ); - static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ); - static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ); +static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ); +static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, + unsigned char* buf, + size_t buflen, + size_t* olen ); +static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ); - static int ssl_encrypted_extensions_process( mbedtls_ssl_context* ssl ) - { - int ret; +static int ssl_encrypted_extensions_process( mbedtls_ssl_context* ssl ) +{ + int ret; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write encrypted extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write encrypted extension" ) ); - /* Make sure we can write a new message. */ - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_flush_output( ssl ) ); + /* Make sure we can write a new message. */ + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_flush_output( ssl ) ); - MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_prepare( ssl ) ); + MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_prepare( ssl ) ); - MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_write( ssl, ssl->out_msg, - MBEDTLS_SSL_MAX_CONTENT_LEN, - &ssl->out_msglen ) ); + MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_write( ssl, ssl->out_msg, + MBEDTLS_SSL_MAX_CONTENT_LEN, + &ssl->out_msglen ) ); - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_ENCRYPTED_EXTENSION; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_ENCRYPTED_EXTENSION; - MBEDTLS_SSL_DEBUG_BUF( 3, "EncryptedExtensions", ssl->out_msg, ssl->out_msglen ); + MBEDTLS_SSL_DEBUG_BUF( 3, "EncryptedExtensions", ssl->out_msg, ssl->out_msglen ); - /* Update state */ - MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_postprocess( ssl ) ); + /* Update state */ + MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_postprocess( ssl ) ); - /* Dispatch message */ - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_record( ssl ) ); + /* Dispatch message */ + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_record( ssl ) ); - /* NOTE: For the new messaging layer, the postprocessing step - * might come after the dispatching step if the latter - * doesn't send the message immediately. - * At the moment, we must do the postprocessing - * prior to the dispatching because if the latter - * returns WANT_WRITE, we want the handshake state - * to be updated in order to not enter - * this function again on retry. */ + /* NOTE: For the new messaging layer, the postprocessing step + * might come after the dispatching step if the latter + * doesn't send the message immediately. + * At the moment, we must do the postprocessing + * prior to the dispatching because if the latter + * returns WANT_WRITE, we want the handshake state + * to be updated in order to not enter + * this function again on retry. */ - cleanup: +cleanup: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write encrypted extension" ) ); - return( ret ); - } + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write encrypted extension" ) ); + return( ret ); +} - static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) - { - int ret; - KeySet traffic_keys; +static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) +{ + int ret; + KeySet traffic_keys; - ret = mbedtls_ssl_key_derivation( ssl, &traffic_keys ); + ret = mbedtls_ssl_key_derivation( ssl, &traffic_keys ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_key_derivation", ret ); - return ( ret ); - } + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_key_derivation", ret ); + return ( ret ); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - /* Remember current sequence number / epoch settings for resending */ - ssl->handshake->alt_transform_out = ssl->transform_out; - memcpy( ssl->handshake->alt_out_ctr, ssl->out_ctr, 8 ); - } + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + /* Remember current sequence number / epoch settings for resending */ + ssl->handshake->alt_transform_out = ssl->transform_out; + memcpy( ssl->handshake->alt_out_ctr, ssl->out_ctr, 8 ); + } #endif - ssl->transform_out = ssl->transform_negotiate; - ssl->session_out = ssl->session_negotiate; + ssl->transform_out = ssl->transform_negotiate; + ssl->session_out = ssl->session_negotiate; - ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate, 0 ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); - return ( ret ); - } + ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate, 0 ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); + return ( ret ); + } - /* - * Set the out_msg pointer to the correct location based on IV length - */ + /* + * Set the out_msg pointer to the correct location based on IV length + */ - ssl->out_msg = ssl->out_iv; + ssl->out_msg = ssl->out_iv; - /* - * Switch to our negotiated transform and session parameters for outbound - * data. - */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); + /* + * Switch to our negotiated transform and session parameters for outbound + * data. + */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - /* Remember current sequence number / epoch settings for resending */ - /*ssl->handshake->alt_transform_out = ssl->transform_out; */ - /*memcpy( ssl->handshake->alt_out_ctr, ssl->out_ctr, 8 ); */ + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + /* Remember current sequence number / epoch settings for resending */ + /*ssl->handshake->alt_transform_out = ssl->transform_out; */ + /*memcpy( ssl->handshake->alt_out_ctr, ssl->out_ctr, 8 ); */ - /* Set sequence_number of record layer to zero */ - memset( ssl->out_ctr + 2, 0, 6 ); + /* Set sequence_number of record layer to zero */ + memset( ssl->out_ctr + 2, 0, 6 ); - /* - unsigned char i; - - /* Increment epoch */ - for ( i = 2; i > 0; i-- ) - if( ++ssl->out_ctr[i - 1] != 0 ) - break; - - /* The loop goes to its end iff the counter is wrapping */ - if( i == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); - } - */ - } - else + /* + unsigned char i; + + /* Increment epoch */ + for ( i = 2; i > 0; i-- ) + if( ++ssl->out_ctr[i - 1] != 0 ) + break; + + /* The loop goes to its end iff the counter is wrapping */ + if( i == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); + return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + } + */ + } + else #endif /* MBEDTLS_SSL_PROTO_DTLS */ - memset( ssl->out_ctr, 0, 8 ); + memset( ssl->out_ctr, 0, 8 ); - /* Set sequence number used at the handshake header to zero */ - memset( ssl->transform_out->sequence_number_enc, 0x0, 12 ); + /* Set sequence number used at the handshake header to zero */ + memset( ssl->transform_out->sequence_number_enc, 0x0, 12 ); #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_activate != NULL ) - { - if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - } + if( mbedtls_ssl_hw_record_activate != NULL ) + { + if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + } #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) - /* epoch value ( 2 ) is used for messages protected - * using keys derived from the handshake_traffic_secret. - */ - ssl->in_epoch = 2; - ssl->out_epoch = 2; + /* epoch value ( 2 ) is used for messages protected + * using keys derived from the handshake_traffic_secret. + */ + ssl->in_epoch = 2; + ssl->out_epoch = 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return 0; - } + return 0; +} - static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ) - { - int ret; - size_t n; - unsigned char *p, *end; +static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, + unsigned char* buf, + size_t buflen, + size_t* olen ) +{ + int ret; + size_t n; + unsigned char *p, *end; - /* If all extensions are disabled then olen is 0. */ - *olen = 0; + /* If all extensions are disabled then olen is 0. */ + *olen = 0; - end = buf + buflen; + end = buf + buflen; - if( buflen < ( 4 ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } + if( buflen < ( 4 ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } - /* Skip HS header */ - p = buf + 4; + /* Skip HS header */ + p = buf + 4; - /* - * struct { - * Extension extensions<0..2 ^ 16 - 1>; - * } EncryptedExtensions; - * - */ + /* + * struct { + * Extension extensions<0..2 ^ 16 - 1>; + * } EncryptedExtensions; + * + */ - /* Skip extension length; first write extensions, then update length */ - p += 2; + /* Skip extension length; first write extensions, then update length */ + p += 2; #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->extensions_present & SERVERNAME_EXTENSION ) - { - ret=ssl_write_sni_server_ext( ssl, p, end - p, &n ); - if( ret != 0 ) - return( ret ); + if( ssl->handshake->extensions_present & SERVERNAME_EXTENSION ) + { + ret=ssl_write_sni_server_ext( ssl, p, end - p, &n ); + if( ret != 0 ) + return( ret ); - p += n; - } + p += n; + } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_SSL_ALPN) - if( ssl->handshake->extensions_present & ALPN_EXTENSION ) - { - ret = ssl_write_alpn_ext( ssl, p, end - p, &n ); - p += n; - } + if( ssl->handshake->extensions_present & ALPN_EXTENSION ) + { + ret = ssl_write_alpn_ext( ssl, p, end - p, &n ); + p += n; + } #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( ssl->handshake->extensions_present & MAX_FRAGMENT_LENGTH_EXTENSION ) - { - ret=ssl_write_max_fragment_length_ext( ssl, p, end - p, &n ); - if( ret != 0 ) - return( ret ); + if( ssl->handshake->extensions_present & MAX_FRAGMENT_LENGTH_EXTENSION ) + { + ret=ssl_write_max_fragment_length_ext( ssl, p, end - p, &n ); + if( ret != 0 ) + return( ret ); - p += n; - } + p += n; + } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_ZERO_RTT) - if( ssl->handshake->extensions_present & EARLY_DATA_EXTENSION ) - { - ret = ssl_write_early_data_ext( ssl, p, (size_t)( end - p ), &n ); - if( ret != 0 ) - return( ret ); + if( ssl->handshake->extensions_present & EARLY_DATA_EXTENSION ) + { + ret = ssl_write_early_data_ext( ssl, p, (size_t)( end - p ), &n ); + if( ret != 0 ) + return( ret ); - p += n; - } + p += n; + } #endif /* MBEDTLS_ZERO_RTT */ - *olen = p - buf; + *olen = p - buf; - *( buf + 4 ) = ( unsigned char )( ( ( *olen - 4 - 2 ) >> 8 ) & 0xFF ); - *( buf + 5 ) = ( unsigned char )( ( *olen - 4 - 2 ) & 0xFF ); + *( buf + 4 ) = ( unsigned char )( ( ( *olen - 4 - 2 ) >> 8 ) & 0xFF ); + *( buf + 5 ) = ( unsigned char )( ( *olen - 4 - 2 ) & 0xFF ); - return( 0 ); - } + return( 0 ); +} - static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ) - { - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST ); - return 0; - } +static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ) +{ + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST ); + return 0; +} /* ssl_write_hello_retry_request( ) to transmit a HelloRetryRequest message @@ -3421,221 +3421,221 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, * We also send this message with DTLS 1.3 to perform a return-routability * check ( and we include a cookie ). */ - static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) - { - int ret; - unsigned char *p = ssl->out_msg + 4; - unsigned char *ext_len_byte; - int ext_length, total_ext_len = 0; - unsigned char *extension_start; - const char magic_hrr_string[32] = { 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33 ,0x9C }; +static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) +{ + int ret; + unsigned char *p = ssl->out_msg + 4; + unsigned char *ext_len_byte; + int ext_length, total_ext_len = 0; + unsigned char *extension_start; + const char magic_hrr_string[32] = { 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33 ,0x9C }; #if defined(MBEDTLS_ECDH_C) - const mbedtls_ecp_group_id *gid; - const mbedtls_ecp_curve_info **curve = NULL; + const mbedtls_ecp_group_id *gid; + const mbedtls_ecp_curve_info **curve = NULL; #endif /* MBEDTLS_ECDH_C */ - /*const mbedtls_ssl_ciphersuite_t *ciphersuite_info; */ - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello retry request" ) ); - - /* - * struct { - * ProtocolVersion legacy_version = 0x0303; - * Random random ( with magic value ); - * opaque legacy_session_id_echo<0..32>; - * CipherSuite cipher_suite; - * uint8 legacy_compression_method = 0; - * Extension extensions<0..2^16-1>; - * } ServerHello; --- aka HelloRetryRequest - */ + /*const mbedtls_ssl_ciphersuite_t *ciphersuite_info; */ + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello retry request" ) ); - /* For TLS 1.3 we use the legacy version number {0x03, 0x03} - * instead of the true version number. - * - * For DTLS 1.3 we use the legacy version number - * {254,253}. - * - * In cTLS the version number is elided. - */ + /* + * struct { + * ProtocolVersion legacy_version = 0x0303; + * Random random ( with magic value ); + * opaque legacy_session_id_echo<0..32>; + * CipherSuite cipher_suite; + * uint8 legacy_compression_method = 0; + * Extension extensions<0..2^16-1>; + * } ServerHello; --- aka HelloRetryRequest + */ + + + /* For TLS 1.3 we use the legacy version number {0x03, 0x03} + * instead of the true version number. + * + * For DTLS 1.3 we use the legacy version number + * {254,253}. + * + * In cTLS the version number is elided. + */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { + { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - *p++ = 0xfe; /* 254 */ - *p++ = 0xfd; /* 253 */ - MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p - 2, 2 ); - } - else + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + *p++ = 0xfe; /* 254 */ + *p++ = 0xfd; /* 253 */ + MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p - 2, 2 ); + } + else #else - { - *p++ = 0x03; - *p++ = 0x03; - MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p - 2, 2 ); - } + { + *p++ = 0x03; + *p++ = 0x03; + MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p - 2, 2 ); + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - } + } - if( ssl->transform_negotiate == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl_write_hello_retry_request: ssl->transform_negotiate == NULL" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + if( ssl->transform_negotiate == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl_write_hello_retry_request: ssl->transform_negotiate == NULL" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } - /*ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; */ + /*ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; */ - /* write magic string ( as a replacement for the random value ) */ - memcpy( p, &magic_hrr_string[0], 32 ); - MBEDTLS_SSL_DEBUG_BUF( 3, "random bytes", p, 32 ); - p += 32; + /* write magic string ( as a replacement for the random value ) */ + memcpy( p, &magic_hrr_string[0], 32 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "random bytes", p, 32 ); + p += 32; - /* write legacy_session_id_echo */ - *p++ = ( unsigned char ) ssl->session_negotiate->id_len; - memcpy( p, &ssl->session_negotiate->id[0], ssl->session_negotiate->id_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "session id", p, ssl->session_negotiate->id_len ); - p += ssl->session_negotiate->id_len; + /* write legacy_session_id_echo */ + *p++ = ( unsigned char ) ssl->session_negotiate->id_len; + memcpy( p, &ssl->session_negotiate->id[0], ssl->session_negotiate->id_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "session id", p, ssl->session_negotiate->id_len ); + p += ssl->session_negotiate->id_len; - /* write ciphersuite ( 2 bytes ) */ - *p++ = ( unsigned char )( ssl->session_negotiate->ciphersuite >> 8 ); - *p++ = ( unsigned char )( ssl->session_negotiate->ciphersuite ); - MBEDTLS_SSL_DEBUG_BUF( 3, "ciphersuite", p-2, 2 ); + /* write ciphersuite ( 2 bytes ) */ + *p++ = ( unsigned char )( ssl->session_negotiate->ciphersuite >> 8 ); + *p++ = ( unsigned char )( ssl->session_negotiate->ciphersuite ); + MBEDTLS_SSL_DEBUG_BUF( 3, "ciphersuite", p-2, 2 ); - /* write legacy_compression_method ( 0 ) */ - *p++ = 0x0; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "legacy compression method: [%d]", *( p-1 )) ); + /* write legacy_compression_method ( 0 ) */ + *p++ = 0x0; + MBEDTLS_SSL_DEBUG_MSG( 3, ( "legacy compression method: [%d]", *( p-1 )) ); - /* write extensions */ - extension_start = p; - /* Extension starts with a 2 byte length field; we skip it and write it later */ - p += 2; + /* write extensions */ + extension_start = p; + /* Extension starts with a 2 byte length field; we skip it and write it later */ + p += 2; #if defined(MBEDTLS_SSL_COOKIE_C) - /* Cookie Extension - * - * struct { - * opaque cookie<0..2^16-1>; - * } Cookie; - * - */ + /* Cookie Extension + * + * struct { + * opaque cookie<0..2^16-1>; + * } Cookie; + * + */ - /* Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); + /* Write extension header */ + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); - /* Write total extension length - * ( Skip it for now till we know the length ) - */ - ext_len_byte = p; - p = p + 2; + /* Write total extension length + * ( Skip it for now till we know the length ) + */ + ext_len_byte = p; + p = p + 2; - /* If we get here, f_cookie_check is not null */ - if( ssl->conf->f_cookie_write == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "inconsistent cookie callbacks" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + /* If we get here, f_cookie_check is not null */ + if( ssl->conf->f_cookie_write == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "inconsistent cookie callbacks" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } - if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie, - &p, ssl->out_buf + MBEDTLS_SSL_BUFFER_LEN, - ssl->cli_id, ssl->cli_id_len )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "f_cookie_write", ret ); - return( ret ); - } + if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie, + &p, ssl->out_buf + MBEDTLS_SSL_BUFFER_LEN, + ssl->cli_id, ssl->cli_id_len )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "f_cookie_write", ret ); + return( ret ); + } - ext_length = ( p - ( ext_len_byte + 2 ) ); + ext_length = ( p - ( ext_len_byte + 2 ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Cookie", ext_len_byte + 2, ext_length ); + MBEDTLS_SSL_DEBUG_BUF( 3, "Cookie", ext_len_byte + 2, ext_length ); - /* Write length */ - *ext_len_byte++ = ( unsigned char )( ( ext_length >> 8 ) & 0xFF ); - *ext_len_byte = ( unsigned char )( ext_length & 0xFF ); + /* Write length */ + *ext_len_byte++ = ( unsigned char )( ( ext_length >> 8 ) & 0xFF ); + *ext_len_byte = ( unsigned char )( ext_length & 0xFF ); - total_ext_len += ext_length + 4 /* 2 bytes for extension_type and 2 bytes for length field */; + total_ext_len += ext_length + 4 /* 2 bytes for extension_type and 2 bytes for length field */; #endif /* MBEDTLS_SSL_COOKIE_C */ #if defined(MBEDTLS_ECDH_C) - /* key_share Extension - * - * struct { - * select ( Handshake.msg_type ) { - * case client_hello: - * KeyShareEntry client_shares<0..2^16-1>; - * - * case hello_retry_request: - * NamedGroup selected_group; - * - * case server_hello: - * KeyShareEntry server_share; - * }; - * } KeyShare; - * - */ + /* key_share Extension + * + * struct { + * select ( Handshake.msg_type ) { + * case client_hello: + * KeyShareEntry client_shares<0..2^16-1>; + * + * case hello_retry_request: + * NamedGroup selected_group; + * + * case server_hello: + * KeyShareEntry server_share; + * }; + * } KeyShare; + * + */ - /* For a pure PSK-based ciphersuite there is no key share to declare. - * Hence, we focus on ECDHE-EDSA and ECDHE-PSK. - */ - if( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { + /* For a pure PSK-based ciphersuite there is no key share to declare. + * Hence, we focus on ECDHE-EDSA and ECDHE-PSK. + */ + if( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) + { - /* Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); + /* Write extension header */ + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); - ext_len_byte = p; + ext_len_byte = p; - /* Write length */ - *p++ = 0; - *p++ = 2; - ext_length = 2; + /* Write length */ + *p++ = 0; + *p++ = 2; + ext_length = 2; - for ( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) { - for ( curve = ssl->handshake->curves; *curve != NULL; curve++ ) { - if( ( *curve )->grp_id == *gid ) - goto curve_matching_done; - } + for ( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) { + for ( curve = ssl->handshake->curves; *curve != NULL; curve++ ) { + if( ( *curve )->grp_id == *gid ) + goto curve_matching_done; } + } - curve_matching_done: - if( curve == NULL || *curve == NULL ) - { - /* This case should not happen */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching named group found" ) ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); - } + curve_matching_done: + if( curve == NULL || *curve == NULL ) + { + /* This case should not happen */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching named group found" ) ); + return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + } - /* Write selected group */ - *p++ = ( *curve )->tls_id >> 8; - *p++ = ( *curve )->tls_id & 0xFF; + /* Write selected group */ + *p++ = ( *curve )->tls_id >> 8; + *p++ = ( *curve )->tls_id & 0xFF; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "NamedGroup in HRR: %s", ( *curve )->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "NamedGroup in HRR: %s", ( *curve )->name ) ); - } - total_ext_len += ext_length + 4 /* 2 bytes for extension_type and 2 bytes for length field */; + } + total_ext_len += ext_length + 4 /* 2 bytes for extension_type and 2 bytes for length field */; #endif /* MBEDTLS_ECDH_C */ - *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); + *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); - ssl->out_msglen = p - ssl->out_msg; - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; + ssl->out_msglen = p - ssl->out_msg; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; - if( ( ret = mbedtls_ssl_write_record( ssl )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); - return( ret ); - } + if( ( ret = mbedtls_ssl_write_record( ssl )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + return( ret ); + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello retry request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello retry request" ) ); - return( 0 ); - } + return( 0 ); +} /* * @@ -3643,70 +3643,70 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, * */ - /* - * Overview - */ +/* + * Overview + */ - /* Main entry point; orchestrates the other functions */ - static int ssl_server_hello_process( mbedtls_ssl_context* ssl ); +/* Main entry point; orchestrates the other functions */ +static int ssl_server_hello_process( mbedtls_ssl_context* ssl ); /* ServerHello handling sub-routines */ - static int ssl_server_hello_prepare( mbedtls_ssl_context* ssl ); - static int ssl_server_hello_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ); - static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ); +static int ssl_server_hello_prepare( mbedtls_ssl_context* ssl ); +static int ssl_server_hello_write( mbedtls_ssl_context* ssl, + unsigned char* buf, + size_t buflen, + size_t* olen ); +static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ); - static int ssl_server_hello_process( mbedtls_ssl_context* ssl ) { +static int ssl_server_hello_process( mbedtls_ssl_context* ssl ) { - int ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello" ) ); + int ret = 0; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello" ) ); - /* Coordination */ + /* Coordination */ - /* Preprocessing */ + /* Preprocessing */ - /* This might lead to ssl_process_server_hello( ) being called multiple - * times. The implementation of ssl_process_server_hello_preprocess( ) - * must either be safe to be called multiple times, or we need to add - * state to omit this call once we're calling ssl_process_server_hello( ) - * multiple times. */ - MBEDTLS_SSL_PROC_CHK( ssl_server_hello_prepare( ssl ) ); + /* This might lead to ssl_process_server_hello( ) being called multiple + * times. The implementation of ssl_process_server_hello_preprocess( ) + * must either be safe to be called multiple times, or we need to add + * state to omit this call once we're calling ssl_process_server_hello( ) + * multiple times. */ + MBEDTLS_SSL_PROC_CHK( ssl_server_hello_prepare( ssl ) ); - /* Writing */ + /* Writing */ - /* Make sure we can write a new message. */ - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_flush_output( ssl ) ); - MBEDTLS_SSL_PROC_CHK( ssl_server_hello_write( ssl, ssl->out_msg, MBEDTLS_SSL_MAX_CONTENT_LEN, &ssl->out_msglen ) ); + /* Make sure we can write a new message. */ + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_flush_output( ssl ) ); + MBEDTLS_SSL_PROC_CHK( ssl_server_hello_write( ssl, ssl->out_msg, MBEDTLS_SSL_MAX_CONTENT_LEN, &ssl->out_msglen ) ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; - /* Postprocess */ + /* Postprocess */ - MBEDTLS_SSL_PROC_CHK( ssl_server_hello_postprocess( ssl ) ); + MBEDTLS_SSL_PROC_CHK( ssl_server_hello_postprocess( ssl ) ); - /* Dispatch */ + /* Dispatch */ - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_record( ssl ) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_record( ssl ) ); - /* NOTE: For the new messaging layer, the postprocessing step - * might come after the dispatching step if the latter - * doesn't send the message immediately. - * At the moment, we must do the postprocessing - * prior to the dispatching because if the latter - * returns WANT_WRITE, we want the handshake state - * to be updated in order to not enter - * this function again on retry. */ + /* NOTE: For the new messaging layer, the postprocessing step + * might come after the dispatching step if the latter + * doesn't send the message immediately. + * At the moment, we must do the postprocessing + * prior to the dispatching because if the latter + * returns WANT_WRITE, we want the handshake state + * to be updated in order to not enter + * this function again on retry. */ - cleanup: +cleanup: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); - return( ret ); - } + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); + return( ret ); +} /* IMPORTANT: This function can currently be called multiple times @@ -3717,255 +3717,255 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, * can safely be repeated multiple times, or add logic * to ssl_process_server_hello( ) to never call it twice. */ - static int ssl_server_hello_prepare( mbedtls_ssl_context* ssl ) - { - int ret; +static int ssl_server_hello_prepare( mbedtls_ssl_context* ssl ) +{ + int ret; #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes + 16, 16 )) != 0 ) - return( ret ); + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes + 16, 16 )) != 0 ) + return( ret ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", ssl->handshake->randbytes + 16, 16 ); - } - else + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", ssl->handshake->randbytes + 16, 16 ); + } + else #endif /* MBEDTLS_CTLS */ - { - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes + 32, 32 )) != 0 ) - return( ret ); + { + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes + 32, 32 )) != 0 ) + return( ret ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", ssl->handshake->randbytes + 32, 32 ); - } + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", ssl->handshake->randbytes + 32, 32 ); + } #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = time( NULL ); + ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ - /* Check for session resumption - * - */ + /* Check for session resumption + * + */ - return( 0 ); - } + return( 0 ); +} - static int ssl_server_hello_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ) - { - int ret=0; - /* Extensions */ +static int ssl_server_hello_write( mbedtls_ssl_context* ssl, + unsigned char* buf, + size_t buflen, + size_t* olen ) +{ + int ret=0; + /* Extensions */ - /* extension_start - * Used during extension writing where the - * buffer pointer to the beginning of the - * extension list must be kept to write - * the total extension list size in the end. - */ - unsigned char* extension_start; - size_t cur_ext_len; /* Size of the current extension */ - size_t total_ext_len; /* Size of list of extensions */ - size_t rand_bytes_len; + /* extension_start + * Used during extension writing where the + * buffer pointer to the beginning of the + * extension list must be kept to write + * the total extension list size in the end. + */ + unsigned char* extension_start; + size_t cur_ext_len; /* Size of the current extension */ + size_t total_ext_len; /* Size of list of extensions */ + size_t rand_bytes_len; - /* Buffer management */ - unsigned char* start = buf; - unsigned char* end = buf + buflen; + /* Buffer management */ + unsigned char* start = buf; + unsigned char* end = buf + buflen; #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; - } - else + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; + } + else #endif /* MBEDTLS_CTLS */ - { - rand_bytes_len = 32; - } + { + rand_bytes_len = 32; + } - /* Ensure we have enough room for ServerHello - * up to but excluding the extensions. */ - if( buflen < ( 4+32+2+2+1+ssl->session_negotiate->id_len+1+1 )) /* TBD: FIXME */ - { - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } + /* Ensure we have enough room for ServerHello + * up to but excluding the extensions. */ + if( buflen < ( 4+32+2+2+1+ssl->session_negotiate->id_len+1+1 )) /* TBD: FIXME */ + { + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } - /* - * TLS 1.3 - * 0 . 0 handshake type - * 1 . 3 handshake length - * - * cTLS - * 0 . 0 handshake type - * - * The header is set by ssl_write_record. - * For DTLS 1.3 the other fields are adjusted. - */ + /* + * TLS 1.3 + * 0 . 0 handshake type + * 1 . 3 handshake length + * + * cTLS + * 0 . 0 handshake type + * + * The header is set by ssl_write_record. + * For DTLS 1.3 the other fields are adjusted. + */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) - { - buf++; /* skip handshake type */ - buflen--; - } else + if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) + { + buf++; /* skip handshake type */ + buflen--; + } else #endif /* MBEDTLS_CTLS */ - { - buf += 4; /* skip handshake type + length */ - buflen -=4; - } + { + buf += 4; /* skip handshake type + length */ + buflen -=4; + } - /* Version */ + /* Version */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) - { + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + { #endif /* MBEDTLS_CTLS */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - *buf++ = ( unsigned char ) 0xfe; - *buf++ = ( unsigned char ) 0xfd; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [0xfe:0xfd]" ) ); - } - else + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + *buf++ = ( unsigned char ) 0xfe; + *buf++ = ( unsigned char ) 0xfd; + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [0xfe:0xfd]" ) ); + } + else #endif /* MBEDTLS_SSL_PROTO_DTLS */ - { - *buf++ = ( unsigned char )0x3; - *buf++ = ( unsigned char )0x3; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [0x3:0x3]" ) ); - } - buflen -= 2; + { + *buf++ = ( unsigned char )0x3; + *buf++ = ( unsigned char )0x3; + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [0x3:0x3]" ) ); + } + buflen -= 2; #if defined(MBEDTLS_CTLS) - } + } #endif /* MBEDTLS_CTLS */ - /* Write random bytes */ - memcpy( buf, ssl->handshake->randbytes, rand_bytes_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf, rand_bytes_len ); + /* Write random bytes */ + memcpy( buf, ssl->handshake->randbytes, rand_bytes_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf, rand_bytes_len ); - buf += rand_bytes_len; - buflen -= rand_bytes_len; + buf += rand_bytes_len; + buflen -= rand_bytes_len; #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = time( NULL ); + ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ - /* Write legacy session id */ + /* Write legacy session id */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { - *buf++ = ( unsigned char )ssl->session_negotiate->id_len; - buflen--; - memcpy( buf, &ssl->session_negotiate->id[0], ssl->session_negotiate->id_len ); - buf += ssl->session_negotiate->id_len; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "session id length ( %d )", ssl->session_negotiate->id_len ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); - buflen -= ssl->session_negotiate->id_len; - } + { + *buf++ = ( unsigned char )ssl->session_negotiate->id_len; + buflen--; + memcpy( buf, &ssl->session_negotiate->id[0], ssl->session_negotiate->id_len ); + buf += ssl->session_negotiate->id_len; + MBEDTLS_SSL_DEBUG_MSG( 3, ( "session id length ( %d )", ssl->session_negotiate->id_len ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); + buflen -= ssl->session_negotiate->id_len; + } - /* write selected ciphersuite ( 2 bytes ) */ - *buf++ = ( unsigned char )( ssl->session_negotiate->ciphersuite >> 8 ); - *buf++ = ( unsigned char )( ssl->session_negotiate->ciphersuite ); - buflen -= 2; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s ( id=%d )", mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ), ssl->session_negotiate->ciphersuite ) ); + /* write selected ciphersuite ( 2 bytes ) */ + *buf++ = ( unsigned char )( ssl->session_negotiate->ciphersuite >> 8 ); + *buf++ = ( unsigned char )( ssl->session_negotiate->ciphersuite ); + buflen -= 2; + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s ( id=%d )", mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ), ssl->session_negotiate->ciphersuite ) ); #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { - /* write legacy_compression_method ( 0 ) */ - *buf++ = 0x0; - buflen--; - } + { + /* write legacy_compression_method ( 0 ) */ + *buf++ = 0x0; + buflen--; + } - /* First write extensions, then the total length */ - extension_start = buf; - total_ext_len = 0; - buf += 2; + /* First write extensions, then the total length */ + extension_start = buf; + total_ext_len = 0; + buf += 2; #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - /* Only add the pre_shared_key extension if the client provided it in the ClientHello - * and if the key exchange supports PSK - */ - if( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION && ( - ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || - ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK )) - { - ssl_write_server_pre_shared_key_ext( ssl, buf, end, &cur_ext_len ); - total_ext_len += cur_ext_len; - buf += cur_ext_len; - } + /* Only add the pre_shared_key extension if the client provided it in the ClientHello + * and if the key exchange supports PSK + */ + if( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION && ( + ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || + ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK )) + { + ssl_write_server_pre_shared_key_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; + } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) - /* Only add the key_share extension if the client provided it in the ClientHello - * and if the appropriate key exchange mechanism was selected - */ - if( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION && ( - ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || - ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )) - { - if( ( ret = ssl_write_key_shares_ext( ssl, buf, end, &cur_ext_len )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_key_shares_ext", ret ); - return( ret ); - } + /* Only add the key_share extension if the client provided it in the ClientHello + * and if the appropriate key exchange mechanism was selected + */ + if( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION && ( + ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || + ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )) + { + if( ( ret = ssl_write_key_shares_ext( ssl, buf, end, &cur_ext_len )) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_key_shares_ext", ret ); + return( ret ); + } - total_ext_len += cur_ext_len; - buf += cur_ext_len; - } + total_ext_len += cur_ext_len; + buf += cur_ext_len; + } #endif /* ( MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ - /* Add supported_version extension */ - if( ssl->handshake->extensions_present & SUPPORTED_VERSION_EXTENSION ) + /* Add supported_version extension */ + if( ssl->handshake->extensions_present & SUPPORTED_VERSION_EXTENSION ) + { + if( ( ret = ssl_write_supported_version_ext( ssl, buf, end, &cur_ext_len )) != 0 ) { - if( ( ret = ssl_write_supported_version_ext( ssl, buf, end, &cur_ext_len )) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_supported_version_ext", ret ); - return( ret ); - } + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_supported_version_ext", ret ); + return( ret ); + } - total_ext_len += cur_ext_len; - buf += cur_ext_len; - } + total_ext_len += cur_ext_len; + buf += cur_ext_len; + } #if defined(MBEDTLS_CID) - if( ssl->handshake->extensions_present & CID_EXTENSION ) + if( ssl->handshake->extensions_present & CID_EXTENSION ) + { + if( ( ret = ssl_write_cid_ext( ssl, buf, end, &cur_ext_len ) ) != 0 ) { - if( ( ret = ssl_write_cid_ext( ssl, buf, end, &cur_ext_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_cid_ext", ret ); - return( ret ); - } + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_cid_ext", ret ); + return( ret ); + } - total_ext_len += cur_ext_len; - buf += cur_ext_len; - } + total_ext_len += cur_ext_len; + buf += cur_ext_len; + } #endif /* MBEDTLS_CID */ - MBEDTLS_SSL_DEBUG_BUF( 4, "server hello extensions", extension_start, total_ext_len ); + MBEDTLS_SSL_DEBUG_BUF( 4, "server hello extensions", extension_start, total_ext_len ); - /* Write length information */ - *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); - buflen -= 2 + total_ext_len; + /* Write length information */ + *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); + buflen -= 2 + total_ext_len; - *olen = buf - start; + *olen = buf - start; - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello", start, *olen ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello", start, *olen ); - return( ret ); - } + return( ret ); +} static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ) - { - int ret = 0; - ((void) ssl); +{ + int ret = 0; + ((void) ssl); - return( ret ); - } + return( ret ); +} /* @@ -3974,8 +3974,8 @@ static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ) * */ - /* Main entry point; orchestrates the other functions */ - static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ); +/* Main entry point; orchestrates the other functions */ +static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ); /* Coordination: * Check whether a CertificateRequest message should be written. @@ -3987,181 +3987,181 @@ static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ) */ #define SSL_CERTIFICATE_REQUEST_SEND 0 #define SSL_CERTIFICATE_REQUEST_SKIP 1 - static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ); +static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ); #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ); +static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, + unsigned char* buf, + size_t buflen, + size_t* olen ); #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - static int ssl_certificate_request_postprocess( mbedtls_ssl_context* ssl ); +static int ssl_certificate_request_postprocess( mbedtls_ssl_context* ssl ); /* * Implementation */ - static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ) - { - int ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); +static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ) +{ + int ret = 0; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); - /* Coordination step: Check if we need to send a CertificateRequest */ - MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_coordinate( ssl ) ); + /* Coordination step: Check if we need to send a CertificateRequest */ + MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_coordinate( ssl ) ); #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( ret == SSL_CERTIFICATE_REQUEST_SEND ) - { - /* Make sure we can write a new message. */ - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_flush_output( ssl ) ); - - /* Prepare CertificateRequest message in output buffer. */ - MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_write( ssl, ssl->out_msg, - MBEDTLS_SSL_MAX_CONTENT_LEN, - &ssl->out_msglen ) ); - - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; + if( ret == SSL_CERTIFICATE_REQUEST_SEND ) + { + /* Make sure we can write a new message. */ + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_flush_output( ssl ) ); + + /* Prepare CertificateRequest message in output buffer. */ + MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_write( ssl, ssl->out_msg, + MBEDTLS_SSL_MAX_CONTENT_LEN, + &ssl->out_msglen ) ); + + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; + + /* Update state */ + MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_postprocess( ssl ) ); + + /* Dispatch message */ + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_record( ssl ) ); + + /* NOTE: With the new messaging layer, the postprocessing + * step might come after the dispatching step if the + * latter doesn't send the message immediately. + * At the moment, we must do the postprocessing + * prior to the dispatching because if the latter + * returns WANT_WRITE, we want the handshake state + * to be updated in order to not enter + * this function again on retry. + * + * Further, once the two calls can be re-ordered, the two + * calls to ssl_certificate_request_postprocess( ) can be + * consolidated. */ + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ + if( ret == SSL_CERTIFICATE_REQUEST_SKIP ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); /* Update state */ MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_postprocess( ssl ) ); + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } - /* Dispatch message */ - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_record( ssl ) ); - - /* NOTE: With the new messaging layer, the postprocessing - * step might come after the dispatching step if the - * latter doesn't send the message immediately. - * At the moment, we must do the postprocessing - * prior to the dispatching because if the latter - * returns WANT_WRITE, we want the handshake state - * to be updated in order to not enter - * this function again on retry. - * - * Further, once the two calls can be re-ordered, the two - * calls to ssl_certificate_request_postprocess( ) can be - * consolidated. */ - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - if( ret == SSL_CERTIFICATE_REQUEST_SKIP ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); - - /* Update state */ - MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_postprocess( ssl ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - cleanup: +cleanup: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); - return( ret ); - } + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); + return( ret ); +} - static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ) - { - int authmode; +static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ) +{ + int authmode; - if( ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )) - return( SSL_CERTIFICATE_REQUEST_SKIP ); + if( ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )) + return( SSL_CERTIFICATE_REQUEST_SKIP ); #if !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - ( (void)authmode ); - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + ( (void)authmode ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) - authmode = ssl->handshake->sni_authmode; - else + if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) + authmode = ssl->handshake->sni_authmode; + else #endif - authmode = ssl->conf->authmode; + authmode = ssl->conf->authmode; - if( authmode == MBEDTLS_SSL_VERIFY_NONE ) - return( SSL_CERTIFICATE_REQUEST_SKIP ); + if( authmode == MBEDTLS_SSL_VERIFY_NONE ) + return( SSL_CERTIFICATE_REQUEST_SKIP ); - return( SSL_CERTIFICATE_REQUEST_SEND ); + return( SSL_CERTIFICATE_REQUEST_SEND ); #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - } +} - static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ) - { - int ret; - unsigned char* p; - unsigned char* end = buf + buflen; - size_t const tls_hs_hdr_len = 4; +static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, + unsigned char* buf, + size_t buflen, + size_t* olen ) +{ + int ret; + unsigned char* p; + unsigned char* end = buf + buflen; + size_t const tls_hs_hdr_len = 4; - /* Skip over handshake header. - * - * NOTE: - * Even for DTLS, we are skipping 4 bytes for the TLS handshake - * header. The actual DTLS handshake header is inserted in - * the record writing routine mbedtls_ssl_write_record( ). - */ - p = buf + tls_hs_hdr_len; + /* Skip over handshake header. + * + * NOTE: + * Even for DTLS, we are skipping 4 bytes for the TLS handshake + * header. The actual DTLS handshake header is inserted in + * the record writing routine mbedtls_ssl_write_record( ). + */ + p = buf + tls_hs_hdr_len; - if( p + tls_hs_hdr_len + 1 + 2 > end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return ( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } + if( p + tls_hs_hdr_len + 1 + 2 > end ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return ( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } - /* - * - * struct { - * opaque certificate_request_context<0..2^8-1>; - * Extension extensions<2..2^16-1>; - * } CertificateRequest; - * - */ + /* + * + * struct { + * opaque certificate_request_context<0..2^8-1>; + * Extension extensions<2..2^16-1>; + * } CertificateRequest; + * + */ - /* - * Write certificate_request_context - */ + /* + * Write certificate_request_context + */ - /* - * We use a zero length context for the normal handshake - * messages. For post-authentication handshake messages - * this request context would be set to a non-zero value. - */ + /* + * We use a zero length context for the normal handshake + * messages. For post-authentication handshake messages + * this request context would be set to a non-zero value. + */ #if defined(MBEDTLS_CTLS) - if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) + if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ - { - *p++ = 0x0; - } + { + *p++ = 0x0; + } - /* - * Write extensions - */ + /* + * Write extensions + */ - /* The extensions must contain the signature_algorithms. */ - /* Currently we don't use any other extension */ - ret = ssl_write_signature_algorithms_ext( ssl, p+2, end, olen ); - if( ret != 0 ) return ret; + /* The extensions must contain the signature_algorithms. */ + /* Currently we don't use any other extension */ + ret = ssl_write_signature_algorithms_ext( ssl, p+2, end, olen ); + if( ret != 0 ) return ret; - /* length field for all extensions */ - *p++ = ( unsigned char )( ( *olen >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( *olen ) & 0xFF ); - p += *olen; + /* length field for all extensions */ + *p++ = ( unsigned char )( ( *olen >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( *olen ) & 0xFF ); + p += *olen; - *olen = p - buf; + *olen = p - buf; - return( ret ); - } + return( ret ); +} static int ssl_certificate_request_postprocess( mbedtls_ssl_context* ssl ) @@ -4174,491 +4174,490 @@ static int ssl_certificate_request_postprocess( mbedtls_ssl_context* ssl ) /* * TLS and DTLS 1.3 State Maschine -- server side */ - int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) - { - int ret = 0; - KeySet traffic_keys; +int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) +{ + int ret = 0; + KeySet traffic_keys; - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); - if( ( ret = mbedtls_ssl_flush_output( ssl )) != 0 ) - return( ret ); + if( ( ret = mbedtls_ssl_flush_output( ssl )) != 0 ) + return( ret ); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_resend( ssl )) != 0 ) - return( ret ); - } + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + if( ( ret = mbedtls_ssl_resend( ssl )) != 0 ) + return( ret ); + } #endif - switch ( ssl->state ) - { - /* start state */ - case MBEDTLS_SSL_HELLO_REQUEST: - ssl->handshake->hello_retry_requests_sent = 0; - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); + switch ( ssl->state ) + { + /* start state */ + case MBEDTLS_SSL_HELLO_REQUEST: + ssl->handshake->hello_retry_requests_sent = 0; + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); #if defined(MBEDTLS_SSL_PROTO_DTLS) - /* epoch value ( 0 ) is used with unencrypted messages */ - ssl->out_epoch = 0; - ssl->in_epoch = 0; + /* epoch value ( 0 ) is used with unencrypted messages */ + ssl->out_epoch = 0; + ssl->in_epoch = 0; #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_COMPATIBILITY_MODE) - ssl->handshake->ccs_sent = 0; + ssl->handshake->ccs_sent = 0; #endif /* MBEDTLS_COMPATIBILITY_MODE */ - break; + break; - /* ----- READ CLIENT HELLO ----*/ + /* ----- READ CLIENT HELLO ----*/ - case MBEDTLS_SSL_CLIENT_HELLO: + case MBEDTLS_SSL_CLIENT_HELLO: - /* Reset pointers to buffers */ + /* Reset pointers to buffers */ #if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_CID) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ssl->out_hdr = ssl->out_buf; - ssl->out_ctr = ssl->out_buf + 3; - ssl->out_len = ssl->out_buf + 11; - ssl->out_iv = ssl->out_buf + 13; - ssl->out_msg = ssl->out_buf + 13; - - ssl->in_hdr = ssl->in_buf; - ssl->in_ctr = ssl->in_buf + 3; - ssl->in_len = ssl->in_buf + 11; - ssl->in_iv = ssl->in_buf + 13; - ssl->in_msg = ssl->in_buf + 13; - } + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->out_hdr = ssl->out_buf; + ssl->out_ctr = ssl->out_buf + 3; + ssl->out_len = ssl->out_buf + 11; + ssl->out_iv = ssl->out_buf + 13; + ssl->out_msg = ssl->out_buf + 13; + + ssl->in_hdr = ssl->in_buf; + ssl->in_ctr = ssl->in_buf + 3; + ssl->in_len = ssl->in_buf + 11; + ssl->in_iv = ssl->in_buf + 13; + ssl->in_msg = ssl->in_buf + 13; + } #endif /* MBEDTLS_CID && MBEDTLS_SSL_PROTO_DTLS */ - ret = ssl_client_hello_process( ssl ); + ret = ssl_client_hello_process( ssl ); - /*ret = MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE; // for testing purposes */ - switch ( ret ) { - case 0: + /*ret = MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE; // for testing purposes */ + switch ( ret ) { + case 0: #if defined(MBEDTLS_SSL_COOKIE_C) && defined(MBEDTLS_SSL_PROTO_DTLS) - /* If we use DTLS 1.3 then we may need to send a HRR instead of a ClientHello - * to do a return-routability check. We use the ssl->conf->rr_config - * variable for determining the preference to use the RR-check. - */ - if( ssl->handshake->hello_retry_requests_sent == 0 && - ssl->conf->rr_config == MBEDTLS_SSL_FORCE_RR_CHECK_ON ) - { - /* Transmit Hello Retry Request */ - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); - } - else + /* If we use DTLS 1.3 then we may need to send a HRR instead of a ClientHello + * to do a return-routability check. We use the ssl->conf->rr_config + * variable for determining the preference to use the RR-check. + */ + if( ssl->handshake->hello_retry_requests_sent == 0 && + ssl->conf->rr_config == MBEDTLS_SSL_FORCE_RR_CHECK_ON ) + { + /* Transmit Hello Retry Request */ + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); + } + else #endif /* MBEDTLS_SSL_COOKIE_C && MBEDTLS_SSL_PROTO_DTLS */ - { + { #if defined(MBEDTLS_ZERO_RTT) - if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) - { - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_APP_DATA ); - } - else + if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) + { + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_APP_DATA ); + } + else #endif /* MBEDTLS_ZERO_RTT */ - { - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); - } - } - break; + { + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); + } + } + break; #if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) - case MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE: - /* Wrong key share --> send HRR */ - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); - ret = 0; - break; - case MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_SHARE: - /* Failed to parse the key share correctly --> send HRR */ - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); - ret = 0; - break; + case MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE: + /* Wrong key share --> send HRR */ + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); + ret = 0; + break; + case MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_SHARE: + /* Failed to parse the key share correctly --> send HRR */ + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); + ret = 0; + break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ - case MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION: - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - break; - case MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN: - mbedtls_ssl_send_fatal_handshake_failure( ssl ); - break; - case MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE: - mbedtls_ssl_send_fatal_handshake_failure( ssl ); - break; + case MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION: + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + break; + case MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN: + mbedtls_ssl_send_fatal_handshake_failure( ssl ); + break; + case MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE: + mbedtls_ssl_send_fatal_handshake_failure( ssl ); + break; #if defined(MBEDTLS_SSL_COOKIE_C) - case MBEDTLS_ERR_SSL_BAD_HS_COOKIE_EXT: - /* Cookie verification failed. This case is conceptually similar - * to MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE with the exception - * that we are definitely going to include a cookie. --> Send HRR - */ - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); - ret = 0; - break; - case MBEDTLS_ERR_SSL_BAD_HS_MISSING_COOKIE_EXT: - /* Cookie extension missing. Send HRR - */ - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); - ret = 0; - break; + case MBEDTLS_ERR_SSL_BAD_HS_COOKIE_EXT: + /* Cookie verification failed. This case is conceptually similar + * to MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE with the exception + * that we are definitely going to include a cookie. --> Send HRR + */ + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); + ret = 0; + break; + case MBEDTLS_ERR_SSL_BAD_HS_MISSING_COOKIE_EXT: + /* Cookie extension missing. Send HRR + */ + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); + ret = 0; + break; #endif /* MBEDTLS_SSL_COOKIE_C */ - case MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO: - /* We have encountered a problem parsing the ClientHello */ - /* Let us jump back to the initial state */ - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_REQUEST ); - ret = 0; - break; - case MBEDTLS_ERR_SSL_BAD_HS_MISSING_EXTENSION_EXT: - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_MISSING_EXTENSION ); - return ( MBEDTLS_ERR_SSL_BAD_HS_MISSING_EXTENSION_EXT ); - break; - case MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE: - return ( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - break; + case MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO: + /* We have encountered a problem parsing the ClientHello */ + /* Let us jump back to the initial state */ + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_REQUEST ); + ret = 0; + break; + case MBEDTLS_ERR_SSL_BAD_HS_MISSING_EXTENSION_EXT: + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_MISSING_EXTENSION ); + return ( MBEDTLS_ERR_SSL_BAD_HS_MISSING_EXTENSION_EXT ); + break; + case MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE: + return ( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + break; #if defined(MBEDTLS_COMPATIBILITY_MODE) - case MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO_CCS: - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); - ret = 0; - break; + case MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO_CCS: + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); + ret = 0; + break; #endif /* MBEDTLS_COMPATIBILITY_MODE */ - default: - /* Something went wrong and we jump back to initial state */ - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_REQUEST ); - /* TBD: Should we rather return an error here -- return ( ret )? */ - ret = 0; - } - break; - - /* ----- WRITE EARLY APP DATA ----*/ + default: + /* Something went wrong and we jump back to initial state */ + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_REQUEST ); + /* TBD: Should we rather return an error here -- return ( ret )? */ + ret = 0; + } + break; + + /* ----- WRITE EARLY APP DATA ----*/ #if defined(MBEDTLS_ZERO_RTT) - case MBEDTLS_SSL_EARLY_APP_DATA: + case MBEDTLS_SSL_EARLY_APP_DATA: - ret = ssl_read_early_data_process( ssl ); + ret = ssl_read_early_data_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_read_early_data_process", ret ); - return ( ret ); - } + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_read_early_data_process", ret ); + return ( ret ); + } - break; + break; #endif /* MBEDTLS_ZERO_RTT */ - /* ----- WRITE HELLO RETRY REQUEST ----*/ + /* ----- WRITE HELLO RETRY REQUEST ----*/ - case MBEDTLS_SSL_HELLO_RETRY_REQUEST: + case MBEDTLS_SSL_HELLO_RETRY_REQUEST: - if( ssl->handshake->hello_retry_requests_sent > 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Too many HRRs" ) ); - return ( MBEDTLS_ERR_SSL_BAD_HS_TOO_MANY_HRR ); - } + if( ssl->handshake->hello_retry_requests_sent > 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Too many HRRs" ) ); + return ( MBEDTLS_ERR_SSL_BAD_HS_TOO_MANY_HRR ); + } - ret = ssl_write_hello_retry_request( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_hello_retry_request", ret ); - return ( ret ); - } - ssl->handshake->hello_retry_requests_sent++; + ret = ssl_write_hello_retry_request( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_hello_retry_request", ret ); + return ( ret ); + } + ssl->handshake->hello_retry_requests_sent++; #if defined(MBEDTLS_COMPATIBILITY_MODE) - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CCS_AFTER_HRR ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CCS_AFTER_HRR ); #else - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); #endif /* MBEDTLS_COMPATIBILITY_MODE */ - break; + break; - /* ----- WRITE CHANGE CIPHER SPEC ----*/ + /* ----- WRITE CHANGE CIPHER SPEC ----*/ #if defined(MBEDTLS_COMPATIBILITY_MODE) - case MBEDTLS_SSL_SERVER_CCS_AFTER_HRR: + case MBEDTLS_SSL_SERVER_CCS_AFTER_HRR: - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_CLIENT_HELLO ); - ssl->handshake->ccs_sent++; + ret = mbedtls_ssl_write_change_cipher_spec( ssl ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_CLIENT_HELLO ); + ssl->handshake->ccs_sent++; - break; + break; #endif /* MBEDTLS_COMPATIBILITY_MODE */ - /* ----- READ 2nd CLIENT HELLO ----*/ - case MBEDTLS_SSL_SECOND_CLIENT_HELLO: - - ret = ssl_client_hello_process( ssl ); - - switch ( ret ) { - case 0: - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); - break; - case MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION: - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - break; - case MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN: - mbedtls_ssl_send_fatal_handshake_failure( ssl ); - break; - case MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE: - mbedtls_ssl_send_fatal_handshake_failure( ssl ); - break; - case MBEDTLS_ERR_SSL_BAD_HS_MISSING_EXTENSION_EXT: - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_MISSING_EXTENSION ); - return ( MBEDTLS_ERR_SSL_BAD_HS_MISSING_EXTENSION_EXT ); - break; - case MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC: - /* Stay in this state */ - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_CLIENT_HELLO ); - ret = 0; - break; - default: - return ( ret ); - } - - break; - /* ----- WRITE SERVER HELLO ----*/ - - case MBEDTLS_SSL_SERVER_HELLO: - ret = ssl_server_hello_process( ssl ); - - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_server_hello", ret ); + /* ----- READ 2nd CLIENT HELLO ----*/ + case MBEDTLS_SSL_SECOND_CLIENT_HELLO: + + ret = ssl_client_hello_process( ssl ); + + switch ( ret ) { + case 0: + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); + break; + case MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION: + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + break; + case MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN: + mbedtls_ssl_send_fatal_handshake_failure( ssl ); + break; + case MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE: + mbedtls_ssl_send_fatal_handshake_failure( ssl ); + break; + case MBEDTLS_ERR_SSL_BAD_HS_MISSING_EXTENSION_EXT: + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_MISSING_EXTENSION ); + return ( MBEDTLS_ERR_SSL_BAD_HS_MISSING_EXTENSION_EXT ); + break; + case MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC: + /* Stay in this state */ + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_CLIENT_HELLO ); + ret = 0; + break; + default: return ( ret ); - } + } + + break; + /* ----- WRITE SERVER HELLO ----*/ + + case MBEDTLS_SSL_SERVER_HELLO: + ret = ssl_server_hello_process( ssl ); + + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_server_hello", ret ); + return ( ret ); + } #if defined(MBEDTLS_COMPATIBILITY_MODE) - if( ssl->handshake->ccs_sent > 1 ) - { - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO ); - } - else - { - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); - } + if( ssl->handshake->ccs_sent > 1 ) + { + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO ); + } + else + { + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); + } #else - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); #endif /* MBEDTLS_COMPATIBILITY_MODE */ - break; + break; - /* ----- WRITE CHANGE CIPHER SPEC ----*/ + /* ----- WRITE CHANGE CIPHER SPEC ----*/ #if defined(MBEDTLS_COMPATIBILITY_MODE) - case MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO: + case MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO: - /* Only transmit the CCS if we have not done so - * earlier already after the HRR. - */ - if( ssl->handshake->hello_retry_requests_sent == 0 ) - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); + /* Only transmit the CCS if we have not done so + * earlier already after the HRR. + */ + if( ssl->handshake->hello_retry_requests_sent == 0 ) + ret = mbedtls_ssl_write_change_cipher_spec( ssl ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); #if defined(MBEDTLS_COMPATIBILITY_MODE) - ssl->handshake->ccs_sent++; + ssl->handshake->ccs_sent++; #endif /* MBEDTLS_COMPATIBILITY_MODE */ - break; + break; #endif /* MBEDTLS_COMPATIBILITY_MODE */ - /* ----- WRITE ENCRYPTED EXTENSIONS ----*/ + /* ----- WRITE ENCRYPTED EXTENSIONS ----*/ - case MBEDTLS_SSL_ENCRYPTED_EXTENSIONS: + case MBEDTLS_SSL_ENCRYPTED_EXTENSIONS: - ret = ssl_encrypted_extensions_process( ssl ); + ret = ssl_encrypted_extensions_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_encrypted_extensions_process", ret ); - return ( ret ); - } + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_encrypted_extensions_process", ret ); + return ( ret ); + } - break; + break; - /* ----- WRITE CERTIFICATE REQUEST ----*/ + /* ----- WRITE CERTIFICATE REQUEST ----*/ - case MBEDTLS_SSL_CERTIFICATE_REQUEST: - ret = ssl_certificate_request_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_certificate_request_process", ret ); - return ( ret ); - } + case MBEDTLS_SSL_CERTIFICATE_REQUEST: + ret = ssl_certificate_request_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_certificate_request_process", ret ); + return ( ret ); + } - break; + break; - /* ----- WRITE SERVER CERTIFICATE ----*/ + /* ----- WRITE SERVER CERTIFICATE ----*/ - case MBEDTLS_SSL_SERVER_CERTIFICATE: - ret = ssl_write_certificate_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_certificate", ret ); - return ( ret ); - } + case MBEDTLS_SSL_SERVER_CERTIFICATE: + ret = ssl_write_certificate_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_certificate", ret ); + return ( ret ); + } - break; + break; - /* ----- WRITE SERVER CERTIFICATE VERIFY ----*/ + /* ----- WRITE SERVER CERTIFICATE VERIFY ----*/ - case MBEDTLS_SSL_CERTIFICATE_VERIFY: - ret = ssl_certificate_verify_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_certificate_verify_process", ret ); - return ( ret ); - } - break; + case MBEDTLS_SSL_CERTIFICATE_VERIFY: + ret = ssl_certificate_verify_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_certificate_verify_process", ret ); + return ( ret ); + } + break; - /* ----- WRITE FINISHED ----*/ + /* ----- WRITE FINISHED ----*/ - case MBEDTLS_SSL_SERVER_FINISHED: - ret = ssl_finished_out_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_finished_out_process", ret ); - return ( ret ); - } - break; + case MBEDTLS_SSL_SERVER_FINISHED: + ret = ssl_finished_out_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_finished_out_process", ret ); + return ( ret ); + } + break; - /* ----- READ CLIENT CERTIFICATE ----*/ + /* ----- READ CLIENT CERTIFICATE ----*/ - case MBEDTLS_SSL_CLIENT_CERTIFICATE: - ret = ssl_read_certificate_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_read_certificate_process", ret ); - return ( ret ); - } - break; + case MBEDTLS_SSL_CLIENT_CERTIFICATE: + ret = ssl_read_certificate_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_read_certificate_process", ret ); + return ( ret ); + } + break; - /* ----- READ CLIENT CERTIFICATE VERIFY ----*/ + /* ----- READ CLIENT CERTIFICATE VERIFY ----*/ - case MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY: - ret=ssl_read_certificate_verify_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_read_certificate_verify_process", ret ); - return ( ret ); - } + case MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY: + ret=ssl_read_certificate_verify_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_read_certificate_verify_process", ret ); + return ( ret ); + } - break; + break; #if defined(MBEDTLS_ZERO_RTT) - case MBEDTLS_SSL_EARLY_DATA: + case MBEDTLS_SSL_EARLY_DATA: - ret = ssl_read_end_of_early_data_process( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_parse_end_of_early_data", ret ); - return ( ret ); - } - break; + ret = ssl_read_end_of_early_data_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_parse_end_of_early_data", ret ); + return ( ret ); + } + break; #endif /* MBEDTLS_ZERO_RTT */ - /* ----- READ FINISHED ----*/ + /* ----- READ FINISHED ----*/ - case MBEDTLS_SSL_CLIENT_FINISHED: + case MBEDTLS_SSL_CLIENT_FINISHED: #if defined(MBEDTLS_ZERO_RTT) - if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) - { - ret = mbedtls_ssl_key_derivation( ssl, &traffic_keys ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_key_derivation", ret ); - return ( ret ); - } - - ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate,0 ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); - return ( ret ); - } - } -#endif /* MBEDTLS_ZERO_RTT */ - - ret = mbedtls_ssl_generate_application_traffic_keys( ssl, &traffic_keys ); - if( ret != 0 ) + if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) + { + ret = mbedtls_ssl_key_derivation( ssl, &traffic_keys ); + if( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_generate_application_traffic_keys", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_key_derivation", ret ); return ( ret ); - } + } - ret = ssl_finished_in_process( ssl ); - if( ret != 0 ) + ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate,0 ); + if( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_finished_in_process", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); return ( ret ); - } + } + } +#endif /* MBEDTLS_ZERO_RTT */ - /* Compute resumption_master_secret */ - ret = mbedtls_ssl_generate_resumption_master_secret( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_generate_resumption_master_secret ", ret ); - return ( ret ); - } + ret = mbedtls_ssl_generate_application_traffic_keys( ssl, &traffic_keys ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_generate_application_traffic_keys", ret ); + return ( ret ); + } - ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate,0 ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); - return ( ret ); - } + ret = ssl_finished_in_process( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_finished_in_process", ret ); + return ( ret ); + } + + /* Compute resumption_master_secret */ + ret = mbedtls_ssl_generate_resumption_master_secret( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_generate_resumption_master_secret ", ret ); + return ( ret ); + } + + ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate,0 ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); + return ( ret ); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - /* epoch value ( 3 ) is used for payloads protected - * using keys derived from the initial traffic_secret_0. - */ - ssl->in_epoch = 3; - ssl->out_epoch = 3; + /* epoch value ( 3 ) is used for payloads protected + * using keys derived from the initial traffic_secret_0. + */ + ssl->in_epoch = 3; + ssl->out_epoch = 3; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_FINISH_ACK ); - else - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP ); - break; + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_FINISH_ACK ); + else + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP ); + break; #if defined(MBEDTLS_SSL_PROTO_DTLS) - case MBEDTLS_SSL_HANDSHAKE_FINISH_ACK: - /* The server needs to reply with an ACK message after parsing - * the Finish message from the client. - */ - ret = mbedtls_ssl_write_ack( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_ack", ret ); - return ( ret ); - } - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP ); - break; + case MBEDTLS_SSL_HANDSHAKE_FINISH_ACK: + /* The server needs to reply with an ACK message after parsing + * the Finish message from the client. + */ + ret = mbedtls_ssl_write_ack( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_ack", ret ); + return ( ret ); + } + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP ); + break; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - case MBEDTLS_SSL_HANDSHAKE_WRAPUP: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); - mbedtls_ssl_handshake_wrapup( ssl ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_OVER ); + case MBEDTLS_SSL_HANDSHAKE_WRAPUP: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); + mbedtls_ssl_handshake_wrapup( ssl ); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_OVER ); #if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) - ret = ssl_write_new_session_ticket( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_new_session_ticket ", ret ); - return ( ret ); - } + ret = ssl_write_new_session_ticket( ssl ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_new_session_ticket ", ret ); + return ( ret ); + } #endif /* MBEDTLS_SSL_NEW_SESSION_TICKET */ - break; - - default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } + break; - return( ret ); + default: + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } + return( ret ); +} #endif /* MBEDTLS_SSL_SRV_C */ From 6464454b5e3963700986799af2c34fc62c9b3841 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:19:40 +0000 Subject: [PATCH 03/13] Fix indentation in ssl_tls13_generic.c --- library/ssl_tls13_generic.c | 316 ++++++++++++++++++------------------ 1 file changed, 158 insertions(+), 158 deletions(-) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 2f3359b211fd..740e1d6e4a27 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -59,7 +59,7 @@ #endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_SHA256_C) - static int ssl_calc_verify_tls_sha256( mbedtls_ssl_context*, unsigned char*, int ); +static int ssl_calc_verify_tls_sha256( mbedtls_ssl_context*, unsigned char*, int ); static int ssl_calc_finished_tls_sha256( mbedtls_ssl_context*, unsigned char*, int ); #endif /* MBEDTLS_SHA256_C */ @@ -396,9 +396,9 @@ static int ssl_calc_finished_tls_sha384( #if defined(MBEDTLS_CID) void ssl_write_cid_ext( mbedtls_ssl_context *ssl, - unsigned char* buf, - unsigned char* end, - size_t* olen ) + unsigned char* buf, + unsigned char* end, + size_t* olen ) { unsigned char *p = buf; int ret; @@ -473,8 +473,8 @@ void ssl_write_cid_ext( mbedtls_ssl_context *ssl, int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) + const unsigned char *buf, + size_t len ) { const unsigned char *p = buf; uint8_t len_inner = 0; @@ -617,7 +617,7 @@ int mbedtls_ssl_parse_ack( mbedtls_ssl_context *ssl ) } mbedtls_ssl_safer_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), - record_numbers, sizeof( record_numbers ) ); + record_numbers, sizeof( record_numbers ) ); /* Determine whether we received every message or not. */ /* TBD: Do ack processing here */ @@ -690,9 +690,9 @@ int mbedtls_ssl_write_ack( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, - unsigned char* buf, - unsigned char* end, - size_t* olen ) + unsigned char* buf, + unsigned char* end, + size_t* olen ) { unsigned char *p = buf; size_t sig_alg_len = 0; @@ -747,8 +747,8 @@ int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, } int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) + const unsigned char *buf, + size_t len ) { size_t sig_alg_list_size; const unsigned char *p; @@ -815,7 +815,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k if( cipher_info == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %d not found", - transform->ciphersuite_info->cipher ) ); + transform->ciphersuite_info->cipher ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } @@ -823,7 +823,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k if( md_info == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found", - transform->ciphersuite_info->mac ) ); + transform->ciphersuite_info->mac ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } @@ -907,10 +907,10 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k */ ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), - ( const unsigned char* ) ssl->handshake->handshake_secret, ( int ) mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* ) "c hs traffic", strlen( "c hs traffic" ), - ( const unsigned char * ) hash, ( int ) mbedtls_hash_size_for_ciphersuite( suite_info ), - ( unsigned char * ) ssl->handshake->client_handshake_traffic_secret, ( int ) mbedtls_hash_size_for_ciphersuite( suite_info ) ); + ( const unsigned char* ) ssl->handshake->handshake_secret, ( int ) mbedtls_hash_size_for_ciphersuite( suite_info ), + ( const unsigned char* ) "c hs traffic", strlen( "c hs traffic" ), + ( const unsigned char * ) hash, ( int ) mbedtls_hash_size_for_ciphersuite( suite_info ), + ( unsigned char * ) ssl->handshake->client_handshake_traffic_secret, ( int ) mbedtls_hash_size_for_ciphersuite( suite_info ) ); if( ret != 0 ) { @@ -929,10 +929,10 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k */ ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), - ssl->handshake->handshake_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* ) "s hs traffic", strlen( "s hs traffic" ), - hash, mbedtls_hash_size_for_ciphersuite( suite_info ), - ssl->handshake->server_handshake_traffic_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); + ssl->handshake->handshake_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), + ( const unsigned char* ) "s hs traffic", strlen( "s hs traffic" ), + hash, mbedtls_hash_size_for_ciphersuite( suite_info ), + ssl->handshake->server_handshake_traffic_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); if( ret != 0 ) { @@ -951,10 +951,10 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k */ ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), - ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* )"exp master", strlen( "exp master" ), - hash, mbedtls_hash_size_for_ciphersuite( suite_info ), - ssl->handshake->exporter_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); + ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), + ( const unsigned char* )"exp master", strlen( "exp master" ), + hash, mbedtls_hash_size_for_ciphersuite( suite_info ), + ssl->handshake->exporter_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); if( ret != 0 ) { @@ -994,10 +994,10 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k MBEDTLS_SSL_DEBUG_MSG( 3, ( "-- IV Length: %d bytes", transform->ivlen ) ); if( ( ret = makeTrafficKeys( mbedtls_md_get_type( md_info ), - ssl->handshake->client_handshake_traffic_secret, - ssl->handshake->server_handshake_traffic_secret, - mbedtls_hash_size_for_ciphersuite( suite_info ), - transform->keylen, transform->ivlen, traffic_keys ) ) != 0 ) + ssl->handshake->client_handshake_traffic_secret, + ssl->handshake->server_handshake_traffic_secret, + mbedtls_hash_size_for_ciphersuite( suite_info ), + transform->keylen, transform->ivlen, traffic_keys ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "makeTrafficKeys failed", ret ); return( ret ); @@ -1300,7 +1300,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { /* If the psk callback was called, use its result */ if( ( ssl->handshake->psk != NULL ) && ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) ) + ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) ) { psk = ssl->handshake->psk; psk_len = ssl->handshake->psk_len; @@ -1397,10 +1397,10 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { */ ret = Derive_Secret( ssl, ssl->transform_in->ciphersuite_info->mac, - ssl->handshake->early_secret, hash_size, - ( const unsigned char* )"derived", strlen( "derived" ), - padbuf, hash_size, - intermediary_secret, hash_size ); + ssl->handshake->early_secret, hash_size, + ( const unsigned char* )"derived", strlen( "derived" ), + padbuf, hash_size, + intermediary_secret, hash_size ); if( ret != 0 ) { @@ -1418,10 +1418,10 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) ){ if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected], - &ECDHE_len, - ECDHE, - sizeof( ECDHE ), - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + &ECDHE_len, + ECDHE, + sizeof( ECDHE ), + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); if( psk_allocated == 1 ) mbedtls_free( psk ); @@ -1447,7 +1447,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { } ret = mbedtls_hkdf_extract( md, intermediary_secret, hash_size, - ECDHE, ECDHE_len, ssl->handshake->handshake_secret ); + ECDHE, ECDHE_len, ssl->handshake->handshake_secret ); if( ret != 0 ) { @@ -1466,10 +1466,10 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { */ ret = Derive_Secret( ssl, ssl->transform_in->ciphersuite_info->mac, - ssl->handshake->handshake_secret, hash_size, - ( const unsigned char* )"derived", strlen( "derived" ), - padbuf, hash_size, - intermediary_secret, hash_size ); + ssl->handshake->handshake_secret, hash_size, + ( const unsigned char* )"derived", strlen( "derived" ), + padbuf, hash_size, + intermediary_secret, hash_size ); if( ret != 0 ) { @@ -1485,7 +1485,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { memset( null_ikm, 0x0, hash_size ); ret = mbedtls_hkdf_extract( md, intermediary_secret, hash_size, - null_ikm, hash_size, ssl->handshake->master_secret ); + null_ikm, hash_size, ssl->handshake->master_secret ); if( ret != 0 ) { @@ -1529,9 +1529,9 @@ int ssl_certificate_verify_process( mbedtls_ssl_context* ssl ); static int ssl_certificate_verify_coordinate( mbedtls_ssl_context* ssl ); #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ); + unsigned char* buf, + size_t buflen, + size_t* olen ); #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ static int ssl_certificate_verify_postprocess( mbedtls_ssl_context* ssl ); @@ -1555,8 +1555,8 @@ int ssl_certificate_verify_process( mbedtls_ssl_context* ssl ) /* Prepare CertificateVerify message in output buffer. */ MBEDTLS_SSL_PROC_CHK( ssl_certificate_verify_write( ssl, ssl->out_msg, - MBEDTLS_SSL_MAX_CONTENT_LEN, - &ssl->out_msglen ) ); + MBEDTLS_SSL_MAX_CONTENT_LEN, + &ssl->out_msglen ) ); ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_VERIFY; @@ -1666,9 +1666,9 @@ static int ssl_certificate_verify_coordinate( mbedtls_ssl_context* ssl ) #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ) + unsigned char* buf, + size_t buflen, + size_t* olen ) { int ret; const mbedtls_ssl_ciphersuite_t* ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; @@ -1723,8 +1723,8 @@ static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, offset = 2; if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), ciphersuite_info->mac, hash_start, hashlen, - buf + 6 + offset, &n, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + buf + 6 + offset, &n, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); return( ret ); @@ -1793,10 +1793,10 @@ static int ssl_read_certificate_verify_coordinate( mbedtls_ssl_context* ssl ); * No bounds-checking is done inside the function. */ static int ssl_read_certificate_verify_parse( mbedtls_ssl_context* ssl, - unsigned char const* buf, - size_t buflen, - unsigned char const* hash, - size_t hashlen ); + unsigned char const* buf, + size_t buflen, + unsigned char const* hash, + size_t hashlen ); #endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ /* Update handshake state machine */ @@ -1845,7 +1845,7 @@ int ssl_read_certificate_verify_process( mbedtls_ssl_context* ssl ) /* Process the message contents */ MBEDTLS_SSL_PROC_CHK( ssl_read_certificate_verify_parse( ssl, ssl->in_msg, - ssl->in_hslen, ( unsigned char const* ) &hash, MBEDTLS_MD_MAX_SIZE ) ); + ssl->in_hslen, ( unsigned char const* ) &hash, MBEDTLS_MD_MAX_SIZE ) ); } else #endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ @@ -1895,10 +1895,10 @@ static int ssl_read_certificate_verify_coordinate( mbedtls_ssl_context* ssl ) #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) static int ssl_read_certificate_verify_parse( mbedtls_ssl_context* ssl, - unsigned char const* buf, - size_t buflen, - unsigned char const* hash, - size_t hashlen ) + unsigned char const* buf, + size_t buflen, + unsigned char const* hash, + size_t hashlen ) { int ret; int signature_scheme; @@ -1989,8 +1989,8 @@ static int ssl_read_certificate_verify_parse( mbedtls_ssl_context* ssl, /* hashlen set to 0 so that hash len is used from md_alg */ if( ( ret = mbedtls_pk_verify( &ssl->session_negotiate->peer_cert->pk, - md_alg, hash, 0, - buf, sig_len ) ) != 0 ) + md_alg, hash, 0, + buf, sig_len ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); return( ret ); @@ -2056,9 +2056,9 @@ static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ); #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) /* Write certificate message based on the configured certificate */ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ); + unsigned char* buf, + size_t buflen, + size_t* olen ); #endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ /* Update the state after handling the outgoing certificate message. */ static int ssl_write_certificate_postprocess( mbedtls_ssl_context* ssl ); @@ -2083,8 +2083,8 @@ int ssl_write_certificate_process( mbedtls_ssl_context* ssl ) /* Write certificate to message buffer. */ MBEDTLS_SSL_PROC_CHK( ssl_write_certificate_write( ssl, ssl->out_msg, - MBEDTLS_SSL_MAX_CONTENT_LEN, - &ssl->out_msglen ) ); + MBEDTLS_SSL_MAX_CONTENT_LEN, + &ssl->out_msglen ) ); ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE; @@ -2181,9 +2181,9 @@ static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ) #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ) + unsigned char* buf, + size_t buflen, + size_t* olen ) { size_t i, n, total_len; const mbedtls_x509_crt* crt; @@ -2242,7 +2242,7 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, if( n > MBEDTLS_SSL_MAX_CONTENT_LEN - 3 - i ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d", - i + 3 + n, MBEDTLS_SSL_MAX_CONTENT_LEN ) ); + i + 3 + n, MBEDTLS_SSL_MAX_CONTENT_LEN ) ); return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE ); } @@ -2339,8 +2339,8 @@ static int ssl_read_certificate_coordinate( mbedtls_ssl_context* ssl ); #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) /* Parse certificate chain send by the peer. */ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, - unsigned char const* buf, - size_t buflen ); + unsigned char const* buf, + size_t buflen ); /* Validate certificate chain sent by the peer. */ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ); @@ -2393,7 +2393,7 @@ int ssl_read_certificate_process( mbedtls_ssl_context* ssl ) { /* Parse the certificate chain sent by the peer. */ MBEDTLS_SSL_PROC_CHK( ssl_read_certificate_parse( ssl, ssl->in_msg, - ssl->in_hslen ) ); + ssl->in_hslen ) ); } /* Validate the certificate chain and set the verification results. */ @@ -2464,8 +2464,8 @@ static int ssl_read_certificate_coordinate( mbedtls_ssl_context* ssl ) #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) /* Write certificate message based on the configured certificate */ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, - unsigned char const* buf, - size_t buflen ) + unsigned char const* buf, + size_t buflen ) { int ret; size_t i, n, certificate_request_context_len; @@ -2532,10 +2532,10 @@ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, } if( ( ssl->session_negotiate->peer_cert = mbedtls_calloc( 1, - sizeof( mbedtls_x509_crt ) ) ) == NULL ) + sizeof( mbedtls_x509_crt ) ) ) == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc( %d bytes ) failed", - sizeof( mbedtls_x509_crt ) ) ); + sizeof( mbedtls_x509_crt ) ) ); SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } @@ -2565,7 +2565,7 @@ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, } ret = mbedtls_x509_crt_parse_der( ssl->session_negotiate->peer_cert, - buf + i, n ); + buf + i, n ); switch ( ret ) { @@ -2711,9 +2711,9 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) #endif /* MBEDTLS_ECP_C */ if( mbedtls_ssl_check_cert_usage( ssl->session_negotiate->peer_cert, - ssl->session_negotiate->key_exchange,/* ciphersuite_info, */ - !ssl->conf->endpoint, - &ssl->session_negotiate->verify_result ) != 0 ) + ssl->session_negotiate->key_exchange,/* ciphersuite_info, */ + !ssl->conf->endpoint, + &ssl->session_negotiate->verify_result ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate ( usage extensions )" ) ); if( ret == 0 ) @@ -2728,7 +2728,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) * ssl_parse_certificate even if verification was optional. */ if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL && ( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED || - ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ) ) + ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ) ) { ret = 0; } @@ -2772,7 +2772,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) if( ssl->session_negotiate->verify_result != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %x", - ssl->session_negotiate->verify_result ) ); + ssl->session_negotiate->verify_result ) ); } else { @@ -2852,7 +2852,7 @@ int mbedtls_ssl_generate_resumption_master_secret( mbedtls_ssl_context *ssl ) { if( md_info == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found", - transform->ciphersuite_info->mac ) ); + transform->ciphersuite_info->mac ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } @@ -2890,10 +2890,10 @@ int mbedtls_ssl_generate_resumption_master_secret( mbedtls_ssl_context *ssl ) { */ ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), - ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* )"res master", strlen( "res master" ), - hash, mbedtls_hash_size_for_ciphersuite( suite_info ), - ssl->session_negotiate->resumption_master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); + ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), + ( const unsigned char* )"res master", strlen( "res master" ), + hash, mbedtls_hash_size_for_ciphersuite( suite_info ), + ssl->session_negotiate->resumption_master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); if( ret != 0 ) { @@ -2934,7 +2934,7 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key if( cipher_info == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %d not found", - transform->ciphersuite_info->cipher ) ); + transform->ciphersuite_info->cipher ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } @@ -2942,7 +2942,7 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key if( md_info == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found", - transform->ciphersuite_info->mac ) ); + transform->ciphersuite_info->mac ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } @@ -3011,10 +3011,10 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key */ ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), - ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* )"c ap traffic", strlen( "c ap traffic" ), - padbuf, mbedtls_hash_size_for_ciphersuite( suite_info ), - ssl->handshake->client_traffic_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); + ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), + ( const unsigned char* )"c ap traffic", strlen( "c ap traffic" ), + padbuf, mbedtls_hash_size_for_ciphersuite( suite_info ), + ssl->handshake->client_traffic_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); if( ret != 0 ) { @@ -3032,10 +3032,10 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key */ ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), - ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* )"s ap traffic", strlen( "s ap traffic" ), - padbuf, mbedtls_hash_size_for_ciphersuite( suite_info ), - ssl->handshake->server_traffic_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); + ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), + ( const unsigned char* )"s ap traffic", strlen( "s ap traffic" ), + padbuf, mbedtls_hash_size_for_ciphersuite( suite_info ), + ssl->handshake->server_traffic_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); if( ret != 0 ) { @@ -3054,9 +3054,9 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key MBEDTLS_SSL_DEBUG_MSG( 3, ( "-- IV Length: %d bytes", transform->ivlen ) ); if( ( ret = makeTrafficKeys( mbedtls_md_get_type( md_info ), - ssl->handshake->client_traffic_secret, - ssl->handshake->server_traffic_secret, - mbedtls_hash_size_for_ciphersuite( suite_info ), transform->keylen, transform->ivlen, traffic_keys ) ) != 0 ) + ssl->handshake->client_traffic_secret, + ssl->handshake->server_traffic_secret, + mbedtls_hash_size_for_ciphersuite( suite_info ), transform->keylen, transform->ivlen, traffic_keys ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "makeTrafficKeys failed", ret ); return( ret ); @@ -3114,19 +3114,19 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe if( cipher_info == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %d not found", - transform->ciphersuite_info->cipher ) ); + transform->ciphersuite_info->cipher ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, - cipher_info ) ) != 0 ) + cipher_info ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); return( ret ); } if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, - cipher_info ) ) != 0 ) + cipher_info ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); return( ret ); @@ -3208,16 +3208,16 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe #endif /* MBEDTLS_SSL_CLI_C */ if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, key1, - cipher_info->key_bitlen, - MBEDTLS_ENCRYPT ) ) != 0 ) + cipher_info->key_bitlen, + MBEDTLS_ENCRYPT ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); return( ret ); } if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, key2, - cipher_info->key_bitlen, - MBEDTLS_DECRYPT ) ) != 0 ) + cipher_info->key_bitlen, + MBEDTLS_DECRYPT ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); return( ret ); @@ -3349,7 +3349,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra if( cipher_info == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %d not found", - ciphersuite_info->cipher ) ); + ciphersuite_info->cipher ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } @@ -3436,9 +3436,9 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra /* Create client_early_traffic_secret */ ret = Derive_Secret( ssl, mbedtls_md_get_type( md ), - ssl->handshake->early_secret, hash_length, - ( const unsigned char* )"c e traffic", strlen( "c e traffic" ), - padbuf, hash_length, ssl->handshake->client_early_traffic_secret, hash_length ); + ssl->handshake->early_secret, hash_length, + ( const unsigned char* )"c e traffic", strlen( "c e traffic" ), + padbuf, hash_length, ssl->handshake->client_early_traffic_secret, hash_length ); MBEDTLS_SSL_DEBUG_BUF( 5, "early_secret", ssl->handshake->early_secret, hash_length ); MBEDTLS_SSL_DEBUG_BUF( 5, "client_early_traffic_secret", ssl->handshake->client_early_traffic_secret, hash_length ); @@ -3479,10 +3479,10 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra MBEDTLS_SSL_DEBUG_MSG( 3, ( "-- IV Length: %d bytes", transform->ivlen ) ); if( ( ret = makeTrafficKeys( mbedtls_md_get_type( md ), - ssl->handshake->client_early_traffic_secret, - ssl->handshake->client_early_traffic_secret, - mbedtls_hash_size_for_ciphersuite( ciphersuite_info ), - transform->keylen, transform->ivlen, traffic_keys ) ) != 0 ) + ssl->handshake->client_early_traffic_secret, + ssl->handshake->client_early_traffic_secret, + mbedtls_hash_size_for_ciphersuite( ciphersuite_info ), + transform->keylen, transform->ivlen, traffic_keys ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "makeTrafficKeys failed", ret ); return( ret ); @@ -3606,9 +3606,9 @@ int ssl_finished_out_process( mbedtls_ssl_context* ssl ); static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ); static int ssl_finished_out_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ); + unsigned char* buf, + size_t buflen, + size_t* olen ); static int ssl_finished_out_postprocess( mbedtls_ssl_context* ssl ); @@ -3638,8 +3638,8 @@ int ssl_finished_out_process( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_flush_output( ssl ) ); MBEDTLS_SSL_PROC_CHK( ssl_finished_out_write( ssl, ssl->out_msg, - MBEDTLS_SSL_MAX_CONTENT_LEN, - &ssl->out_msglen ) ); + MBEDTLS_SSL_MAX_CONTENT_LEN, + &ssl->out_msglen ) ); ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_FINISHED; @@ -3718,8 +3718,8 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) ret = ssl->handshake->calc_finished( ssl, ssl->handshake->state_local.finished_out.digest, ssl->conf->endpoint ); ssl->handshake->calc_finished( ssl, - ssl->handshake->state_local.finished_out.digest, - ssl->conf->endpoint ); + ssl->handshake->state_local.finished_out.digest, + ssl->conf->endpoint ); #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_activate != NULL ) @@ -3811,9 +3811,9 @@ static int ssl_finished_out_postprocess( mbedtls_ssl_context* ssl ) } static int ssl_finished_out_write( mbedtls_ssl_context* ssl, - unsigned char* buf, - size_t buflen, - size_t* olen ) + unsigned char* buf, + size_t buflen, + size_t* olen ) { size_t const tls_hs_hdr_len = 4; @@ -3829,8 +3829,8 @@ static int ssl_finished_out_write( mbedtls_ssl_context* ssl, } memcpy( buf + tls_hs_hdr_len, - ssl->handshake->state_local.finished_out.digest, - ssl->handshake->state_local.finished_out.digest_len ); + ssl->handshake->state_local.finished_out.digest, + ssl->handshake->state_local.finished_out.digest_len ); *olen = tls_hs_hdr_len + ssl->handshake->state_local.finished_out.digest_len; @@ -3853,8 +3853,8 @@ int ssl_finished_in_process( mbedtls_ssl_context* ssl ); static int ssl_finished_in_preprocess( mbedtls_ssl_context* ssl ); static int ssl_finished_in_postprocess( mbedtls_ssl_context* ssl ); static int ssl_finished_in_parse( mbedtls_ssl_context* ssl, - const unsigned char* buf, - size_t buflen ); + const unsigned char* buf, + size_t buflen ); /* * Implementation @@ -3887,8 +3887,8 @@ int ssl_finished_in_process( mbedtls_ssl_context* ssl ) /* Parsing step */ MBEDTLS_SSL_PROC_CHK( ssl_finished_in_parse( ssl, - ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), - ssl->in_hslen - mbedtls_ssl_hs_hdr_len( ssl ) ) ); + ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), + ssl->in_hslen - mbedtls_ssl_hs_hdr_len( ssl ) ) ); #if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) @@ -3931,15 +3931,15 @@ static int ssl_finished_in_preprocess( mbedtls_ssl_context* ssl ) ssl->handshake->state_local.finished_in.digest_len = hash_len; ssl->handshake->calc_finished( ssl, - ssl->handshake->state_local.finished_in.digest, - ssl->conf->endpoint ^ 1 ); + ssl->handshake->state_local.finished_in.digest, + ssl->conf->endpoint ^ 1 ); return( 0 ); } static int ssl_finished_in_parse( mbedtls_ssl_context* ssl, - const unsigned char* buf, - size_t buflen ) + const unsigned char* buf, + size_t buflen ) { /* Structural validation */ if( buflen != ssl->handshake->state_local.finished_in.digest_len ) @@ -3953,13 +3953,13 @@ static int ssl_finished_in_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 5, ( "Verify finished message" ) ); MBEDTLS_SSL_DEBUG_BUF( 5, "Hash ( self-computed ):", - ssl->handshake->state_local.finished_in.digest, ssl->handshake->state_local.finished_in.digest_len ); + ssl->handshake->state_local.finished_in.digest, ssl->handshake->state_local.finished_in.digest_len ); MBEDTLS_SSL_DEBUG_BUF( 5, "Hash ( received message ):", buf, ssl->handshake->state_local.finished_in.digest_len ); /* Semantic validation */ if( mbedtls_ssl_safer_memcmp( buf, - ssl->handshake->state_local.finished_in.digest, - ssl->handshake->state_local.finished_in.digest_len ) != 0 ) + ssl->handshake->state_local.finished_in.digest, + ssl->handshake->state_local.finished_in.digest_len ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); @@ -4002,7 +4002,7 @@ void mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, unsigned int cid ) #if defined(MBEDTLS_ZERO_RTT) void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, int early_data, char *buffer, unsigned int len, int( *early_data_callback )( mbedtls_ssl_context *, - unsigned char *, size_t ) ) + unsigned char *, size_t ) ) { if( conf != NULL ) { @@ -4199,11 +4199,11 @@ int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) int mbedtls_ssl_conf_ticket_meta( mbedtls_ssl_config *conf, - const uint32_t ticket_age_add, - const time_t ticket_received ) + const uint32_t ticket_age_add, + const time_t ticket_received ) #else -int mbedtls_ssl_conf_ticket_meta( mbedtls_ssl_config *conf, - const uint32_t ticket_age_add ) + int mbedtls_ssl_conf_ticket_meta( mbedtls_ssl_config *conf, + const uint32_t ticket_age_add ) #endif /* MBEDTLS_HAVE_TIME */ { conf->ticket_age_add = ticket_age_add; @@ -4270,8 +4270,8 @@ int mbedtls_ssl_conf_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_ /* Set the psk and psk_identity */ ret = mbedtls_ssl_conf_psk( conf, ticket->key, ticket->key_len, - ( const unsigned char * )ticket->ticket, - ticket->ticket_len ); + ( const unsigned char * )ticket->ticket, + ticket->ticket_len ); if( ret != 0 ) return -1; @@ -4283,7 +4283,7 @@ int mbedtls_ssl_conf_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_ if( ret != 0 ) return -1; - /* We set the ticket_age_add and the time we received the ticket */ + /* We set the ticket_age_add and the time we received the ticket */ #if defined(MBEDTLS_HAVE_TIME) ret = mbedtls_ssl_conf_ticket_meta( conf, ticket->ticket_age_add, ticket->start ); #else @@ -4341,7 +4341,7 @@ int mbedtls_ssl_get_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_t /* store ticket_age_add */ ticket->ticket_age_add = ssl->session->ticket_age_add; -#if defined(MBEDTLS_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) /* store time we received the ticket */ ticket->start = ssl->session->ticket_received; #endif /* MBEDTLS_HAVE_TIME */ @@ -4394,9 +4394,9 @@ void mbedtls_ssl_conf_client_ticket_disable( mbedtls_ssl_context *ssl ) */ #if defined(MBEDTLS_ZERO_RTT) int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t buflen, - size_t *olen ) + unsigned char *buf, + size_t buflen, + size_t *olen ) { unsigned char *p = buf; const unsigned char* end = buf + buflen; @@ -4421,9 +4421,9 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || ssl->conf->early_data == MBEDTLS_SSL_EARLY_DATA_DISABLED ) { - MBEDTLS_SSL_DEBUG_MSG( 5, ( "<= skip write early_data extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 5, ( "<= skip write early_data extension" ) ); ssl->handshake->early_data = MBEDTLS_SSL_EARLY_DATA_OFF; - *olen = 0; + *olen = 0; return( 0 ); } } From 45d7dc9225dba0a6e7b14af60363565a9504c9d4 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:20:15 +0000 Subject: [PATCH 04/13] Fix indentation in ssl_tls13_messaging.c --- library/ssl_tls13_messaging.c | 88 +++++++++++++++++------------------ 1 file changed, 44 insertions(+), 44 deletions(-) diff --git a/library/ssl_tls13_messaging.c b/library/ssl_tls13_messaging.c index 326d8c07f39c..0903a20c55fa 100644 --- a/library/ssl_tls13_messaging.c +++ b/library/ssl_tls13_messaging.c @@ -46,7 +46,7 @@ #include "mbedtls/hkdf.h" #include -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) #include "mbedtls/oid.h" #endif @@ -98,7 +98,7 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context* ssl, /* Adjust out_msg to make space for explicit IV, if used. */ if( transform != NULL && - ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) { ssl->out_msg = ssl->out_iv + transform->ivlen - transform->fixed_ivlen; } @@ -291,7 +291,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) */ #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) if( mode == MBEDTLS_MODE_GCM || - mode == MBEDTLS_MODE_CCM || mode == MBEDTLS_MODE_CCM_8 ) + mode == MBEDTLS_MODE_CCM || mode == MBEDTLS_MODE_CCM_8 ) { int ret; size_t enc_msglen, olen; @@ -390,7 +390,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_SSL_PROTO_DTLS) /* For DTLS 1.3 and encrypted payloads only */ if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && - ( ssl->transform_out != NULL ) ) + ( ssl->transform_out != NULL ) ) { /* TBD: Need to optimize this code section */ @@ -482,8 +482,8 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) if( mode == MBEDTLS_MODE_GCM || - mode == MBEDTLS_MODE_CCM || - mode == MBEDTLS_MODE_CCM_8 ) + mode == MBEDTLS_MODE_CCM || + mode == MBEDTLS_MODE_CCM_8 ) { int ret; size_t dec_msglen, olen; @@ -568,7 +568,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_CID) /* For DTLS 1.3 and encrypted payloads we need to decrypt the sequence number */ if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && - ( ssl->transform_out != NULL ) ) + ( ssl->transform_out != NULL ) ) { /* TBD: Need to optimize this code section */ /* Need to find out whether this section is only executed when the CID extension has been agreed. */ @@ -1216,8 +1216,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake != NULL && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + ssl->handshake != NULL && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) { ; /* Skip special handshake treatment when resending */ } @@ -1228,7 +1228,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) { if( ssl->out_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST && - ssl->handshake == NULL && ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + ssl->handshake == NULL && ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -1328,15 +1328,15 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) * But: we only do that when in ClientHello state and when using a PSK mode */ if( ( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - && - ( ssl->state == MBEDTLS_SSL_CLIENT_HELLO ) - && - ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) - && - ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE || - ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE ) ) { + && + ( ssl->state == MBEDTLS_SSL_CLIENT_HELLO ) + && + ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) + && + ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE || + ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE ) ) { ssl_write_pre_shared_key_ext( ssl, ssl->handshake->ptr_to_psk_ext, &ssl->out_msg[len], &dummy_length, 1 ); } @@ -1366,10 +1366,10 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) /* Save handshake and CCS messages for resending */ #if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake != NULL && - ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING && - ( ssl->out_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC || - ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) ) + ssl->handshake != NULL && + ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING && + ( ssl->out_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC || + ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) ) { if( ( ret = ssl_flight_append( ssl ) ) != 0 ) { @@ -1923,7 +1923,7 @@ static int ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) * with the modified transcript hash is necessary. We compute this hash later. */ if( ( ssl->in_msg[0] == MBEDTLS_SSL_HS_SERVER_HELLO ) && - ( memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ) + 2, &magic_hrr_string[0], 32 ) == 0 ) ) + ( memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ) + 2, &magic_hrr_string[0], 32 ) == 0 ) ) { MBEDTLS_SSL_DEBUG_MSG( 5, ( "--- Special HRR Checksum Processing" ) ); } @@ -2239,7 +2239,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) int ptr_to_len; if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->transform_in != NULL ) { + ssl->transform_in != NULL ) { /* For DTLS 1.3 we need to process the variable length * header incrementally. */ @@ -2262,12 +2262,12 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) /* Check record type */ if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_msgtype != MBEDTLS_SSL_MSG_ALERT && + ssl->in_msgtype != MBEDTLS_SSL_MSG_ALERT && #if defined(MBEDTLS_COMPATIBILITY_MODE) - ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && + ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && #endif /* MBEDTLS_COMPATIBILITY_MODE */ - ssl->in_msgtype != MBEDTLS_SSL_MSG_ACK && - ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) + ssl->in_msgtype != MBEDTLS_SSL_MSG_ACK && + ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) ); @@ -2286,7 +2286,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) #if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->transform_in != NULL ) { + ssl->transform_in != NULL ) { /* For DTLS 1.3 we need to determine how long the header of the * received packet actually is. */ @@ -2400,11 +2400,11 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) * fact that the record header len is 13 instead. */ if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && - rec_epoch == 0 && - ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_left > 13 && - ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO ) + ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && + rec_epoch == 0 && + ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_left > 13 && + ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "possible client reconnect " "from the same port" ) ); @@ -2517,8 +2517,8 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) /* If we received an old record ( based on the epoch value ) * then we need to change the keys. */ if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && - ( ssl->rec_epoch != ssl->in_epoch ) && - ( ssl->transform_in->traffic_keys_previous.epoch == ssl->rec_epoch ) ) + ( ssl->rec_epoch != ssl->in_epoch ) && + ( ssl->transform_in->traffic_keys_previous.epoch == ssl->rec_epoch ) ) { ret = mbedtls_set_traffic_key( ssl, &ssl->transform_in->traffic_keys_previous, ssl->transform_in,1 ); if( ret != 0 ) @@ -2554,8 +2554,8 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) /* We re-set the key. */ if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && - ( ssl->rec_epoch != ssl->in_epoch ) && - ( ssl->transform_in->traffic_keys_previous.epoch == ssl->rec_epoch ) ) + ( ssl->rec_epoch != ssl->in_epoch ) && + ( ssl->transform_in->traffic_keys_previous.epoch == ssl->rec_epoch ) ) { ret = mbedtls_set_traffic_key( ssl, &ssl->transform_in->traffic_keys, ssl->transform_in,1 ); if( ret != 0 ) @@ -2842,7 +2842,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) } if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) { MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a close notify message" ) ); return( MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ); @@ -3055,7 +3055,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) { /* Start timer if not already running */ if( ssl->f_get_timer != NULL && - ssl->f_get_timer( ssl->p_timer ) == -1 ) + ssl->f_get_timer( ssl->p_timer ) == -1 ) { mbedtls_ssl_set_timer( ssl, ssl->conf->read_timeout ); } @@ -3094,8 +3094,8 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) #if defined(MBEDTLS_SSL_CLI_C) if( ( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) && - ( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) && - ( ssl->in_msg[0] == MBEDTLS_SSL_HS_NEW_SESSION_TICKET ) ) { + ( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) && + ( ssl->in_msg[0] == MBEDTLS_SSL_HS_NEW_SESSION_TICKET ) ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "NewSessionTicket received" ) ); if( ( ret = ssl_parse_new_session_ticket( ssl ) ) != 0 ) @@ -3126,7 +3126,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) if( ( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) && - ( ssl->in_msg[0] == MBEDTLS_SSL_HS_NEW_SESSION_TICKET ) ) + ( ssl->in_msg[0] == MBEDTLS_SSL_HS_NEW_SESSION_TICKET ) ) { /* We will not pass a NewSessionTicket to the application. */ ssl->in_offt = NULL; From 34aed964f9895a45c8566a8ebac6595984f382cd Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:21:11 +0000 Subject: [PATCH 05/13] Fix bracketing style `))` -> `) )` --- library/ssl_tls13_client.c | 102 +++++++++++++------------- library/ssl_tls13_server.c | 144 ++++++++++++++++++------------------- 2 files changed, 123 insertions(+), 123 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 170e39d71808..3333aad5c165 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -54,7 +54,7 @@ #endif -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) @@ -118,33 +118,33 @@ static int ssl_write_early_data_postprocess(mbedtls_ssl_context* ssl); int ssl_write_early_data_process(mbedtls_ssl_context* ssl) { int ret; - MBEDTLS_SSL_DEBUG_MSG(2, ("=> write early data")); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write early data") ); - MBEDTLS_SSL_PROC_CHK(ssl_write_early_data_prepare(ssl)); + MBEDTLS_SSL_PROC_CHK(ssl_write_early_data_prepare(ssl) ); if (ret == 0) { /* Make sure we can write a new message. */ - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_flush_output(ssl)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_flush_output(ssl) ); /* Write early-data to message buffer. */ MBEDTLS_SSL_PROC_CHK(ssl_write_early_data_write(ssl, ssl->out_msg, MBEDTLS_SSL_MAX_CONTENT_LEN, - &ssl->out_msglen)); + &ssl->out_msglen) ); ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; /* Dispatch message */ - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_write_record(ssl)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_write_record(ssl) ); /* Update state */ - MBEDTLS_SSL_PROC_CHK(ssl_write_early_data_postprocess(ssl)); + MBEDTLS_SSL_PROC_CHK(ssl_write_early_data_postprocess(ssl) ); } cleanup: - MBEDTLS_SSL_DEBUG_MSG(2, ("<= write early data")); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write early data") ); return(ret); } @@ -191,7 +191,7 @@ static int ssl_write_early_data_write(mbedtls_ssl_context* ssl, if (ssl->conf->early_data_len > buflen) { - MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small")); + MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small") ); return (MBEDTLS_ERR_SSL_ALLOC_FAILED); } else @@ -255,34 +255,34 @@ static int ssl_write_end_of_early_data_postprocess(mbedtls_ssl_context* ssl); int ssl_write_end_of_early_data_process(mbedtls_ssl_context* ssl) { int ret; - MBEDTLS_SSL_DEBUG_MSG(2, ("=> write EndOfEarlyData")); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write EndOfEarlyData") ); - MBEDTLS_SSL_PROC_CHK(ssl_write_end_of_early_data_prepare(ssl)); + MBEDTLS_SSL_PROC_CHK(ssl_write_end_of_early_data_prepare(ssl) ); if (ret == 0) { /* Make sure we can write a new message. */ - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_flush_output(ssl)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_flush_output(ssl) ); /* Write end-of-early-data to message buffer. */ MBEDTLS_SSL_PROC_CHK(ssl_write_end_of_early_data_write(ssl, ssl->out_msg, MBEDTLS_SSL_MAX_CONTENT_LEN, - &ssl->out_msglen)); + &ssl->out_msglen) ); ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_END_OF_EARLY_DATA; /* Dispatch message */ - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_write_record(ssl)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_write_record(ssl) ); /* Update state */ - MBEDTLS_SSL_PROC_CHK(ssl_write_end_of_early_data_postprocess(ssl)); + MBEDTLS_SSL_PROC_CHK(ssl_write_end_of_early_data_postprocess(ssl) ); } cleanup: - MBEDTLS_SSL_DEBUG_MSG(2, ("<= write EndOfEarlyData")); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write EndOfEarlyData") ); return(ret); } @@ -401,10 +401,10 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); *p++ = ( unsigned char )( ( ( hostname_len + 5 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( hostname_len + 5 )) & 0xFF ); + *p++ = ( unsigned char )( ( ( hostname_len + 5 ) ) & 0xFF ); *p++ = ( unsigned char )( ( ( hostname_len + 3 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( hostname_len + 3 )) & 0xFF ); + *p++ = ( unsigned char )( ( ( hostname_len + 3 ) ) & 0xFF ); *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); *p++ = ( unsigned char )( ( hostname_len >> 8 ) & 0xFF ); @@ -614,7 +614,7 @@ static int ssl_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, /*} */ /* max length of this extension is 7 bytes */ - if( (size_t)( end - p ) < ( 7 )) + if( (size_t)( end - p ) < ( 7 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Not enough buffer" ) ); return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; @@ -1008,7 +1008,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, ext_length = 2 + 2 + ssl->conf->psk_identity_len + 4 + 2 + 1 + hash_len; /* ext_length + Extension Type ( 2 bytes ) + Extension Length ( 2 bytes ) */ - if( end < p || (size_t)( end - p ) < ( ext_length + 4 )) + if( end < p || (size_t)( end - p ) < ( ext_length + 4 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too short" ) ); return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; @@ -1048,7 +1048,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_HAVE_TIME) now = time( NULL ); - if( !( ssl->conf->ticket_received <= now && now - ssl->conf->ticket_received < 7 * 86400 * 1000 )) + if( !( ssl->conf->ticket_received <= now && now - ssl->conf->ticket_received < 7 * 86400 * 1000 ) ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket expired" ) ); /* TBD: We would have to fall back to another PSK */ @@ -1217,10 +1217,10 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS ) & 0xFF ); *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 )) & 0xFF ); + *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); *p++ = ( unsigned char )( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len )) & 0xFF ); + *p++ = ( unsigned char )( ( ( elliptic_curve_len ) ) & 0xFF ); MBEDTLS_SSL_DEBUG_BUF( 3, "Supported groups extension", buf + 4, elliptic_curve_len + 2 ); @@ -1263,7 +1263,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, } KeyShare; */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, unsigned char* buf, @@ -1358,7 +1358,7 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", info->name ) ); - if( ( ret = mbedtls_ecp_group_load( &ssl->handshake->ecdh_ctx[nr].grp, info->grp_id )) != 0 ) + if( ( ret = mbedtls_ecp_group_load( &ssl->handshake->ecdh_ctx[nr].grp, info->grp_id ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); return( ret ); @@ -1366,7 +1366,7 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, if( ( ret = mbedtls_ecdh_make_params( &ssl->handshake->ecdh_ctx[nr], &len, p+2, MBEDTLS_SSL_MAX_CONTENT_LEN - *olen, - ssl->conf->f_rng, ssl->conf->p_rng )) != 0 ) + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret ); return( ret ); @@ -1374,7 +1374,7 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, /* Write length of the key_exchange entry */ *p++ = ( unsigned char )( ( ( len ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( len )) & 0xFF ); + *p++ = ( unsigned char )( ( ( len ) ) & 0xFF ); p += len; *olen += len + 2; @@ -1496,7 +1496,7 @@ static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) rand_bytes_len = 32; } - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes, rand_bytes_len )) != 0 ) + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes, rand_bytes_len ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); return( ret ); @@ -1508,7 +1508,7 @@ static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) { /* Creating a session id with 32 byte length */ - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, 32 )) != 0 ) + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, 32 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "creating session id failed", ret ); return( ret ); @@ -1658,7 +1658,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, * ( i.e., a zero-valued single byte length field ). */ #if defined(MBEDTLS_COMPATIBILITY_MODE) - if( buflen < ( ssl->session_negotiate->id_len + 1 )) + if( buflen < ( ssl->session_negotiate->id_len + 1 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -2048,7 +2048,7 @@ static int ssl_parse_server_psk_identity_ext( mbedtls_ssl_context *ssl, if( ssl->conf->f_psk == NULL && ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL || - ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 )) + ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) ); return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); @@ -2068,7 +2068,7 @@ static int ssl_parse_server_psk_identity_ext( mbedtls_ssl_context *ssl, if( ( ret = mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY )) != 0 ) + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ) ) != 0 ) { return( ret ); } @@ -2083,7 +2083,7 @@ static int ssl_parse_server_psk_identity_ext( mbedtls_ssl_context *ssl, #endif -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ /* @@ -2117,7 +2117,7 @@ static int ssl_parse_key_shares_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no key share context" ) ); - if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; @@ -2163,7 +2163,7 @@ static int ssl_parse_key_shares_ext( mbedtls_ssl_context *ssl, ssl->handshake->ecdh_ctx_selected = i; if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx[i], - ( const unsigned char ** )&start, end )) != 0 ) + ( const unsigned char ** )&start, end ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret ); return( ret ); @@ -2463,7 +2463,7 @@ static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, case MBEDTLS_TLS_EXT_SIG_ALG: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); - if( ( ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) + if( ( ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl_parse_signature_algorithms_ext" ) ); SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); @@ -2534,7 +2534,7 @@ static int ssl_encrypted_extensions_process( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_prepare( ssl ) ); - if( ( ret = mbedtls_ssl_read_record( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); goto cleanup; @@ -2669,7 +2669,7 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max_fragment_length extension" ) ); if( ( ret = ssl_parse_max_fragment_length_ext( ssl, - ext + 4, ext_size )) != 0 ) + ext + 4, ext_size ) ) != 0 ) { return( ret ); } @@ -2682,7 +2682,7 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, case MBEDTLS_TLS_EXT_ALPN: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); - if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) + if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) { return( ret ); } @@ -2841,7 +2841,7 @@ static int ssl_server_hello_coordinate( mbedtls_ssl_context* ssl ) /* SHA-256 of "HelloRetryRequest" stored in magic_hrr_string to distinguish HRR from regular ServerHello */ const char magic_hrr_string[32] = { 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33 ,0x9C }; - if( ( ret = mbedtls_ssl_read_record( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { /* No alert on a read error. */ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); @@ -2852,7 +2852,7 @@ static int ssl_server_hello_coordinate( mbedtls_ssl_context* ssl ) * of ClientHello's we sent, and fail if it * exceeds the configured threshold. */ - if( ( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) && ( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO )) + if( ( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) && ( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "unexpected message" ) ); @@ -2920,7 +2920,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, { /* TBD: Add message header figure here. */ /* 18 = 16 ( random bytes ) + 1 ( ciphersuite ) + 1 ( version ) + */ - if( buflen < 18 + mbedtls_ssl_hs_hdr_len( ssl )) + if( buflen < 18 + mbedtls_ssl_hs_hdr_len( ssl ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message - min size not reached" ) ); SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); @@ -2943,7 +2943,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, * 38 = 32 ( random bytes ) + 2 ( ciphersuite ) + 2 ( version ) + * 1 ( legacy_compression_method ) + 1 ( minimum for legacy_session_id_echo ) */ - if( ( buflen < 38 + mbedtls_ssl_hs_hdr_len( ssl )) || + if( ( buflen < 38 + mbedtls_ssl_hs_hdr_len( ssl ) ) || buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message - min size not reached" ) ); SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); @@ -3191,7 +3191,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) case MBEDTLS_TLS_EXT_PRE_SHARED_KEY: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) ); - if( ( ret = ssl_parse_server_psk_identity_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) + if( ( ret = ssl_parse_server_psk_identity_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_server_psk_identity_ext" ), ret ); return( ret ); @@ -3203,7 +3203,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, case MBEDTLS_TLS_EXT_KEY_SHARES: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) ); - if( ( ret = ssl_parse_key_shares_ext( ssl, ext + 4, (size_t)ext_size )) != 0 ) + if( ( ret = ssl_parse_key_shares_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_parse_key_shares_ext", ret ); return( ret ); @@ -3299,7 +3299,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, { /* TBD: Add message header figure here. */ /* 18 = 16 ( random bytes ) + 1 ( ciphersuite ) + 1 ( version ) + */ - if( buflen < 18 + mbedtls_ssl_hs_hdr_len( ssl )) + if( buflen < 18 + mbedtls_ssl_hs_hdr_len( ssl ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request - min size not reached" ) ); SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); @@ -3322,7 +3322,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, * 38 = 32 ( random bytes ) + 2 ( ciphersuite ) + 2 ( version ) + * 1 ( legacy_compression_method ) + 1 ( minimum for legacy_session_id_echo ) */ - if( ( buflen < 38 + mbedtls_ssl_hs_hdr_len( ssl )) || + if( ( buflen < 38 + mbedtls_ssl_hs_hdr_len( ssl ) ) || buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad hello retry request message - min size not reached" ) ); @@ -3826,7 +3826,7 @@ static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) #endif /* MBEDTLS_CID */ if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && - ( out_cid_len > 0 )) + ( out_cid_len > 0 ) ) { ssl->out_hdr = ssl->out_buf; ssl->out_ctr = ssl->out_buf + 1 + out_cid_len; @@ -3838,7 +3838,7 @@ static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) } if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && - ( in_cid_len > 0 )) + ( in_cid_len > 0 ) ) { ssl->in_hdr = ssl->in_buf; ssl->in_ctr = ssl->in_buf + 1 + in_cid_len; @@ -3870,14 +3870,14 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) } MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); - if( ( ret = mbedtls_ssl_flush_output( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) return( ret ); #if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) { - if( ( ret = mbedtls_ssl_resend( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) return( ret ); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 84ca81607ee7..111f622c9dab 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -127,7 +127,7 @@ static int ssl_write_sni_server_ext( } KeyShare; */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, unsigned char* buf, @@ -173,7 +173,7 @@ static int ssl_write_key_shares_ext( } MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", info->name ) ); - if( ( ret = mbedtls_ecp_group_load( &ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected].grp, info->grp_id )) != 0 ) + if( ( ret = mbedtls_ecp_group_load( &ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected].grp, info->grp_id ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); return( ret ); @@ -181,7 +181,7 @@ static int ssl_write_key_shares_ext( if( ( ret = mbedtls_ecdh_make_params( &ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected], &len, p, end-buf, - ssl->conf->f_rng, ssl->conf->p_rng )) != 0 ) + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret ); return( ret ); @@ -197,7 +197,7 @@ static int ssl_write_key_shares_ext( /* Write total extension length */ *header++ = ( unsigned char )( ( ( len ) >> 8 ) & 0xFF ); - *header++ = ( unsigned char )( ( ( len )) & 0xFF ); + *header++ = ( unsigned char )( ( ( len ) ) & 0xFF ); *olen = len + 4; /* 4 bytes for fixed header + length of key share */ @@ -206,7 +206,7 @@ static int ssl_write_key_shares_ext( #endif /* MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) @@ -236,7 +236,7 @@ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_ECDH_C || ( MBEDTLS_ECDSA_C */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* @@ -279,7 +279,7 @@ int ssl_parse_supported_groups_ext( if( our_size > MBEDTLS_ECP_DP_MAX ) our_size = MBEDTLS_ECP_DP_MAX; - if( ( curves = mbedtls_calloc( our_size, sizeof( *curves )) ) == NULL ) + if( ( curves = mbedtls_calloc( our_size, sizeof( *curves ) ) ) == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_calloc failed" ) ); return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); @@ -314,7 +314,7 @@ int ssl_parse_supported_groups_ext( } #endif /* MBEDTLS_ECDH_C || ( MBEDTLS_ECDSA_C */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ /* @@ -357,7 +357,7 @@ static int ssl_parse_key_shares_ext( { MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no key share context" ) ); - if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; @@ -399,7 +399,7 @@ static int ssl_parse_key_shares_ext( while ( extensions_available ) { if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected], - ( const unsigned char ** )&start, end )) != 0 ) + ( const unsigned char ** )&start, end ) ) != 0 ) { /* For some reason we didn't recognize the key share. We jump * to the next one @@ -509,7 +509,7 @@ int mbedtls_ssl_parse_new_session_ticket_server( } else memcpy( ticket_buffer, buf, len ); if( ( ret = ssl->conf->f_ticket_parse( ssl->conf->p_ticket, ticket, - ticket_buffer, len )) != 0 ) + ticket_buffer, len ) ) != 0 ) { mbedtls_platform_zeroize( &ticket, sizeof( mbedtls_ssl_ticket ) ); mbedtls_free( ticket_buffer ); @@ -773,7 +773,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, /* if( ssl->conf->f_psk == NULL && ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL || - ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 )) + ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "no pre-shared key configured" ) ); return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); @@ -800,7 +800,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk_identity length mismatch" ) ); - if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); @@ -964,7 +964,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "Neither PSK nor ticket found." ) ); if( ( ret = mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY )) != 0 ) + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ) ) != 0 ) { return( ret ); } @@ -977,7 +977,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", buf, item_length ); if( ( ret = mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY )) != 0 ) + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ) ) != 0 ) { return( ret ); } @@ -1015,7 +1015,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk binder length mismatch" ) ); - if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); @@ -1052,7 +1052,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "Received psk binder does not match computed psk binder." ) ); - if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); @@ -1149,7 +1149,7 @@ int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, mbedtls_free( ssl->cli_id ); - if( ( ssl->cli_id = mbedtls_calloc( 1, ilen )) == NULL ) + if( ( ssl->cli_id = mbedtls_calloc( 1, ilen ) ) == NULL ) return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); memcpy( ssl->cli_id, info, ilen ); @@ -1336,7 +1336,7 @@ static int ssl_parse_key_exchange_modes_ext( mbedtls_ssl_context *ssl, if( buf[0] == 2 ) { if( ( buf[1] == KEY_EXCHANGE_MODE_PSK_KE || buf[1] == KEY_EXCHANGE_MODE_PSK_DHE_KE ) && - ( buf[2] == KEY_EXCHANGE_MODE_PSK_KE || buf[2] == KEY_EXCHANGE_MODE_PSK_DHE_KE )) { + ( buf[2] == KEY_EXCHANGE_MODE_PSK_KE || buf[2] == KEY_EXCHANGE_MODE_PSK_DHE_KE ) ) { ssl->session_negotiate->key_exchange_modes = KEY_EXCHANGE_MODE_PSK_ALL; } else ret = MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; @@ -1404,7 +1404,7 @@ static int ssl_write_supported_version_ext( mbedtls_ssl_context *ssl, /* For TLS 1.3 and for DTLS 1.3 we use 0x0304 */ *p++ = 0x03; *p++ = 0x04; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "version [%d:%d]", *( p-2 ), *( p-1 )) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "version [%d:%d]", *( p-2 ), *( p-1 ) ) ); *olen = 6; @@ -1596,7 +1596,7 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_NEW_SESSION_TICKET; - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ( unsigned char* ) &ticket.ticket_age_add, 4 )) != 0 ) + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ( unsigned char* ) &ticket.ticket_age_add, 4 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "Generating the ticket_age_add failed", ret ); return( ret ); @@ -1636,7 +1636,7 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) */ /* Compute nonce ( and write it already into the outgoing NewSessionTicket message */ - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, &ssl->out_msg[13], MBEDTLS_SSL_TICKET_NONCE_LENGTH )) != 0 ) + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, &ssl->out_msg[13], MBEDTLS_SSL_TICKET_NONCE_LENGTH ) ) != 0 ) return( ret ); MBEDTLS_SSL_DEBUG_BUF( 3, "resumption_master_secret", ssl->session->resumption_master_secret, hash_length ); @@ -1658,7 +1658,7 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) &ticket, &ssl->out_msg[15+ MBEDTLS_SSL_TICKET_NONCE_LENGTH], ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN, - &tlen, &ticket.ticket_lifetime, &ticket.flags )) != 0 ) + &tlen, &ticket.ticket_lifetime, &ticket.flags ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ticket->mbedtls_ssl_ticket_write", ret ); /* tlen = 0; */ @@ -1701,7 +1701,7 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "NewSessionTicket ( ticket length ): %d", tlen ) ); MBEDTLS_SSL_DEBUG_BUF( 3, "NewSessionTicket ( ticket dump ):", &ssl->out_msg[15 + MBEDTLS_SSL_TICKET_NONCE_LENGTH], tlen ); - if( ( ret = mbedtls_ssl_write_record( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); @@ -1742,12 +1742,12 @@ static int ssl_read_end_of_early_data_postprocess(mbedtls_ssl_context* ssl); int ssl_read_end_of_early_data_process(mbedtls_ssl_context* ssl) { int ret; - MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse end_of_early_data")); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse end_of_early_data") ); - MBEDTLS_SSL_PROC_CHK(ssl_read_end_of_early_data_preprocess(ssl)); + MBEDTLS_SSL_PROC_CHK(ssl_read_end_of_early_data_preprocess(ssl) ); /* Fetching step */ - if ((ret = mbedtls_ssl_read_record(ssl)) != 0) + if ((ret = mbedtls_ssl_read_record(ssl) ) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); goto cleanup; @@ -1756,17 +1756,17 @@ int ssl_read_end_of_early_data_process(mbedtls_ssl_context* ssl) if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || ssl->in_msg[0] != MBEDTLS_SSL_HS_END_OF_EARLY_DATA) { - MBEDTLS_SSL_DEBUG_MSG(1, ("bad end_of_early_data message")); + MBEDTLS_SSL_DEBUG_MSG(1, ("bad end_of_early_data message") ); ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; goto cleanup; } /* Postprocessing step: Update state machine */ - MBEDTLS_SSL_PROC_CHK(ssl_read_end_of_early_data_postprocess(ssl)); + MBEDTLS_SSL_PROC_CHK(ssl_read_end_of_early_data_postprocess(ssl) ); cleanup: - MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse end_of_early_data")); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse end_of_early_data") ); return(ret); } @@ -1833,12 +1833,12 @@ static int ssl_read_early_data_postprocess(mbedtls_ssl_context* ssl); int ssl_read_early_data_process(mbedtls_ssl_context* ssl) { int ret; - MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse early data")); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse early data") ); - MBEDTLS_SSL_PROC_CHK(ssl_read_early_data_preprocess(ssl)); + MBEDTLS_SSL_PROC_CHK(ssl_read_early_data_preprocess(ssl) ); /* Fetching step */ - if ((ret = mbedtls_ssl_read_record(ssl)) != 0) + if ((ret = mbedtls_ssl_read_record(ssl) ) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); goto cleanup; @@ -1851,22 +1851,22 @@ int ssl_read_early_data_process(mbedtls_ssl_context* ssl) /* Parsing step */ MBEDTLS_SSL_PROC_CHK(ssl_read_early_data_parse(ssl, ssl->in_msg, - ssl->in_msglen )); + ssl->in_msglen ) ); } else { - MBEDTLS_SSL_DEBUG_MSG(1, ("No early data received!")); + MBEDTLS_SSL_DEBUG_MSG(1, ("No early data received!") ); ret = MBEDTLS_ERR_SSL_BAD_EARLY_DATA; goto cleanup; } /* Postprocessing step: Update state machine */ - MBEDTLS_SSL_PROC_CHK(ssl_read_early_data_postprocess(ssl)); + MBEDTLS_SSL_PROC_CHK(ssl_read_early_data_postprocess(ssl) ); cleanup: - MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse early data")); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse early data") ); return(ret); } @@ -1915,7 +1915,7 @@ static int ssl_read_early_data_parse(mbedtls_ssl_context* ssl, } else { - MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer too small (received early data size = %d, buffer size = %d", buflen, ssl->conf->early_data_len)); + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer too small (received early data size = %d, buffer size = %d", buflen, ssl->conf->early_data_len) ); return (MBEDTLS_ERR_SSL_ALLOC_FAILED); } @@ -2034,7 +2034,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, read_record_header: #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ - if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 )) != 0 ) + if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); @@ -2073,7 +2073,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "CCS, message len.: %d", msg_len ) ); - if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN ) + msg_len )) != 0 ) + if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN ) + msg_len ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); return( MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC ); @@ -2101,7 +2101,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, { if( ( ret = mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE )) != 0 ) + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ) ) != 0 ) { return( ret ); } @@ -2157,7 +2157,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_in ) + msg_len )) != 0 ) + if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_in ) + msg_len ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); @@ -2186,7 +2186,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, * 6 . 8 DTLS only: fragment offset * 9 . 11 DTLS only: fragment length */ - if( msg_len < mbedtls_ssl_hs_hdr_len( ssl )) + if( msg_len < mbedtls_ssl_hs_hdr_len( ssl ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); @@ -2205,7 +2205,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, /* We don't support fragmentation of ClientHello ( yet? ) */ if( buf[1] != 0 || - msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] )) + msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); @@ -2471,7 +2471,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, buf, comp_len ); /* Determine whether we are indeed using null compression */ - if( ( comp_len != 1 ) && ( buf[1] == 0 )) + if( ( comp_len != 1 ) && ( buf[1] == 0 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); @@ -2633,7 +2633,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) case MBEDTLS_TLS_EXT_KEY_SHARES: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key share extension" ) ); @@ -2752,7 +2752,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, #endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */ { if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF )) + p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) continue; got_common_suite = 1; @@ -2842,16 +2842,16 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, /* Pure PSK mode */ if( ( ssl->conf->early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED ) && ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) && - ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION )) { + ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION ) ) { /* Test whether we are allowed to use this mode ( server-side check ) */ if( ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE ) || ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL ) || - ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL )) { + ( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) ) { /* Test whether we are allowed to use this mode ( client-side check ) */ if( ( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE ) || - ( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL )) { + ( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL ) ) { - if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext )) != 0 ) + if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); return( ret ); @@ -2867,7 +2867,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, if( ( ssl->conf->early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED ) && ( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION ) && ( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) && - ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION )) { + ( ssl->handshake->extensions_present & PSK_KEY_EXCHANGE_MODES_EXTENSION ) ) { /* Test whether we are allowed to use this mode ( server-side check ) */ if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { @@ -2875,7 +2875,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, if( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL ) { - if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext )) != 0 ) + if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); return( ret ); @@ -2938,7 +2938,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, if( ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_DHE_KE || ssl->session_negotiate->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL ) { - if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext )) != 0 ) + if( ( ret = ssl_parse_client_psk_identity_ext( ssl, ext_psk_ptr, ext_len_psk_ext ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); return( ret ); @@ -2956,7 +2956,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, * It requires supported_groups, supported_signature extensions, and key share * */ - if( ( ssl->handshake->extensions_present & SUPPORTED_GROUPS_EXTENSION ) && ( ssl->handshake->extensions_present & SIGNATURE_ALGORITHM_EXTENSION ) && ( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION )) + if( ( ssl->handshake->extensions_present & SUPPORTED_GROUPS_EXTENSION ) && ( ssl->handshake->extensions_present & SIGNATURE_ALGORITHM_EXTENSION ) && ( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION ) ) { /* Test whether we are allowed to use this mode ( server-side check ) */ if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) @@ -2992,7 +2992,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, * the verification check. */ if( ( ssl->conf->rr_config == MBEDTLS_SSL_FORCE_RR_CHECK_ON ) && - !( ssl->handshake->extensions_present & COOKIE_EXTENSION )) { + !( ssl->handshake->extensions_present & COOKIE_EXTENSION ) ) { MBEDTLS_SSL_DEBUG_MSG( 2, ( "Cookie extension missing. Need to send a HRR." ) ); final_ret = MBEDTLS_ERR_SSL_BAD_HS_MISSING_COOKIE_EXT; } @@ -3304,7 +3304,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_activate != NULL ) { - if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND )) != 0 ) + if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); @@ -3505,7 +3505,7 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) /* write legacy_compression_method ( 0 ) */ *p++ = 0x0; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "legacy compression method: [%d]", *( p-1 )) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "legacy compression method: [%d]", *( p-1 ) ) ); /* write extensions */ extension_start = p; @@ -3541,7 +3541,7 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie, &p, ssl->out_buf + MBEDTLS_SSL_BUFFER_LEN, - ssl->cli_id, ssl->cli_id_len )) != 0 ) + ssl->cli_id, ssl->cli_id_len ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "f_cookie_write", ret ); return( ret ); @@ -3626,7 +3626,7 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; - if( ( ret = mbedtls_ssl_write_record( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); @@ -3725,7 +3725,7 @@ static int ssl_server_hello_prepare( mbedtls_ssl_context* ssl ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes + 16, 16 )) != 0 ) + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes + 16, 16 ) ) != 0 ) return( ret ); MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", ssl->handshake->randbytes + 16, 16 ); @@ -3733,7 +3733,7 @@ static int ssl_server_hello_prepare( mbedtls_ssl_context* ssl ) else #endif /* MBEDTLS_CTLS */ { - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes + 32, 32 )) != 0 ) + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes + 32, 32 ) ) != 0 ) return( ret ); MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", ssl->handshake->randbytes + 32, 32 ); @@ -3787,7 +3787,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, /* Ensure we have enough room for ServerHello * up to but excluding the extensions. */ - if( buflen < ( 4+32+2+2+1+ssl->session_negotiate->id_len+1+1 )) /* TBD: FIXME */ + if( buflen < ( 4+32+2+2+1+ssl->session_negotiate->id_len+1+1 ) ) /* TBD: FIXME */ { return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } @@ -3891,7 +3891,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, */ if( ssl->handshake->extensions_present & PRE_SHARED_KEY_EXTENSION && ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || - ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK )) + ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) ) { ssl_write_server_pre_shared_key_ext( ssl, buf, end, &cur_ext_len ); total_ext_len += cur_ext_len; @@ -3899,15 +3899,15 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* Only add the key_share extension if the client provided it in the ClientHello * and if the appropriate key exchange mechanism was selected */ if( ssl->handshake->extensions_present & KEY_SHARE_EXTENSION && ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || - ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )) + ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) ) { - if( ( ret = ssl_write_key_shares_ext( ssl, buf, end, &cur_ext_len )) != 0 ) + if( ( ret = ssl_write_key_shares_ext( ssl, buf, end, &cur_ext_len ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_key_shares_ext", ret ); return( ret ); @@ -3921,7 +3921,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, /* Add supported_version extension */ if( ssl->handshake->extensions_present & SUPPORTED_VERSION_EXTENSION ) { - if( ( ret = ssl_write_supported_version_ext( ssl, buf, end, &cur_ext_len )) != 0 ) + if( ( ret = ssl_write_supported_version_ext( ssl, buf, end, &cur_ext_len ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_supported_version_ext", ret ); return( ret ); @@ -4069,7 +4069,7 @@ static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ) int authmode; if( ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )) + ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) ) return( SSL_CERTIFICATE_REQUEST_SKIP ); #if !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) @@ -4185,14 +4185,14 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); - if( ( ret = mbedtls_ssl_flush_output( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) return( ret ); #if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) { - if( ( ret = mbedtls_ssl_resend( ssl )) != 0 ) + if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) return( ret ); } #endif @@ -4267,7 +4267,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) } } break; -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) case MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE: /* Wrong key share --> send HRR */ mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); From aede5bd02b83de388ca9d5db4f1154a03c8691ff Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:22:12 +0000 Subject: [PATCH 06/13] Fix style convention for explicit casts in TLS 1.3 source files Contrary to the general rule to have a space before/after `)` and `(`, explicit casts such as `(unsigned char) x` don't have this spacing. --- library/ssl_tls13_client.c | 116 +++++++++++++++++----------------- library/ssl_tls13_generic.c | 52 +++++++-------- library/ssl_tls13_messaging.c | 40 ++++++------ library/ssl_tls13_server.c | 98 ++++++++++++++-------------- 4 files changed, 153 insertions(+), 153 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 3333aad5c165..ebdae5cf41d1 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -397,18 +397,18 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * ServerName server_name_list<1..2^16-1> * } ServerNameList; */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); - *p++ = ( unsigned char )( ( ( hostname_len + 5 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( hostname_len + 5 ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( hostname_len + 5 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( hostname_len + 5 ) ) & 0xFF ); - *p++ = ( unsigned char )( ( ( hostname_len + 3 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( hostname_len + 3 ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( hostname_len + 3 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( hostname_len + 3 ) ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); - *p++ = ( unsigned char )( ( hostname_len >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( hostname_len ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); + *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( hostname_len ) & 0xFF ); memcpy( p, ssl->hostname, hostname_len ); @@ -442,8 +442,8 @@ static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, return; } - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); /* total length */ *p++ = 0x00; @@ -496,8 +496,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding max_fragment_length extension" ) ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); *p++ = 0x00; *p++ = 1; @@ -540,7 +540,7 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, } for ( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) - alpnlen += ( unsigned char )( strlen( *cur ) & 0xFF ) + 1; + alpnlen += (unsigned char)( strlen( *cur ) & 0xFF ) + 1; if( end < p || (size_t)( end - p ) < 6 + alpnlen ) { @@ -550,8 +550,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); /* * opaque ProtocolName<1..2^8-1>; @@ -566,7 +566,7 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, for ( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) { - *p = ( unsigned char )( strlen( *cur ) & 0xFF ); + *p = (unsigned char)( strlen( *cur ) & 0xFF ); memcpy( p + 1, *cur, *p ); p += 1 + *p; } @@ -574,12 +574,12 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 ( ext_type ) - 2 ( ext_len ) - 2 ( list_len ) */ - buf[4] = ( unsigned char )( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = ( unsigned char )( ( *olen - 6 ) & 0xFF ); + buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); + buf[5] = (unsigned char)( ( *olen - 6 ) & 0xFF ); /* Extension length = olen - 2 ( ext_type ) - 2 ( ext_len ) */ - buf[2] = ( unsigned char )( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = ( unsigned char )( ( *olen - 4 ) & 0xFF ); + buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); + buf[3] = (unsigned char)( ( *olen - 4 ) & 0xFF ); return 0; } @@ -623,8 +623,8 @@ static int ssl_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding psk_key_exchange_modes extension" ) ); /* Extension Type */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES ) & 0xFF ); if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { @@ -1021,20 +1021,20 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, else { /* Extension Type */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); /* Extension Length */ - *p++ = ( unsigned char )( ( ext_length >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ext_length & 0xFF ); + *p++ = (unsigned char)( ( ext_length >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ext_length & 0xFF ); /* 2 bytes length field for array of PskIdentity */ - *p++ = ( unsigned char )( ( ( ssl->conf->psk_identity_len + 4 + 2 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ssl->conf->psk_identity_len + 4 + 2 ) & 0xFF ); + *p++ = (unsigned char)( ( ( ssl->conf->psk_identity_len + 4 + 2 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ssl->conf->psk_identity_len + 4 + 2 ) & 0xFF ); /* 2 bytes length field for psk_identity */ - *p++ = ( unsigned char )( ( ( ssl->conf->psk_identity_len ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ssl->conf->psk_identity_len ) & 0xFF ); + *p++ = (unsigned char)( ( ( ssl->conf->psk_identity_len ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ssl->conf->psk_identity_len ) & 0xFF ); /* actual psk_identity */ memcpy( p, ssl->conf->psk_identity, ssl->conf->psk_identity_len ); @@ -1073,11 +1073,11 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, /* Add PSK binder for included identity */ /* 2 bytes length field for array of psk binders */ - *p++ = ( unsigned char )( ( ( hash_len + 1 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( hash_len + 1 ) & 0xFF ); + *p++ = (unsigned char)( ( ( hash_len + 1 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( hash_len + 1 ) & 0xFF ); /* 1 bytes length field for next psk binder */ - *p++ = ( unsigned char )( ( hash_len ) & 0xFF ); + *p++ = (unsigned char)( ( hash_len ) & 0xFF ); MBEDTLS_SSL_DEBUG_BUF( 3, "ssl_calc_binder computed over ", truncated_clienthello_start, truncated_clienthello_end - truncated_clienthello_start ); @@ -1128,12 +1128,12 @@ static int ssl_write_cookie_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding cookie extension" ) ); /* Extension Type */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); /* Extension Length */ - *p++ = ( unsigned char )( ( ssl->handshake->verify_cookie_len >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ssl->handshake->verify_cookie_len & 0xFF ); + *p++ = (unsigned char)( ( ssl->handshake->verify_cookie_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ssl->handshake->verify_cookie_len & 0xFF ); /* Copy Cookie */ memcpy( p, ssl->handshake->verify_cookie, ssl->handshake->verify_cookie_len ); @@ -1213,14 +1213,14 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 5, ( "Named Curve: %s ( %x )", mbedtls_ecp_curve_info_from_tls_id( info->tls_id )->name, info->tls_id ) ); } - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF ); MBEDTLS_SSL_DEBUG_BUF( 3, "Supported groups extension", buf + 4, elliptic_curve_len + 2 ); @@ -1373,8 +1373,8 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, } /* Write length of the key_exchange entry */ - *p++ = ( unsigned char )( ( ( len ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( len ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( len ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( len ) ) & 0xFF ); p += len; *olen += len + 2; @@ -1389,8 +1389,8 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, } /* Write extension header */ - *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); - *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); + *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); + *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); #if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) @@ -1400,8 +1400,8 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_CTLS */ { /* Write total extension length */ - *header++ = ( unsigned char )( ( *olen >> 8 ) & 0xFF ); - *header++ = ( unsigned char )( *olen & 0xFF ); + *header++ = (unsigned char)( ( *olen >> 8 ) & 0xFF ); + *header++ = (unsigned char)( *olen & 0xFF ); *olen += 4; /* 4 bytes for fixed header */ } @@ -1664,7 +1664,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - *buff++ = ( unsigned char )ssl->session_negotiate->id_len; /* write session id length */ + *buff++ = (unsigned char)ssl->session_negotiate->id_len; /* write session id length */ memcpy( buf, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); /* write session id */ buf += ssl->session_negotiate->id_len; @@ -1757,8 +1757,8 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - *buf++ = ( unsigned char )( ciphersuites[i] >> 8 ); - *buf++ = ( unsigned char )( ciphersuites[i] ); + *buf++ = (unsigned char)( ciphersuites[i] >> 8 ); + *buf++ = (unsigned char)( ciphersuites[i] ); buflen -= 2; @@ -1769,8 +1769,8 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, } /* write ciphersuite length now */ - *ciphersuite_start++ = ( unsigned char )( ciphersuite_count*2 >> 8 ); - *ciphersuite_start++ = ( unsigned char )( ciphersuite_count*2 ); + *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 >> 8 ); + *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites", ciphersuite_count ) ); @@ -1958,8 +1958,8 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extension_start, total_ext_len ); /* Write extension length */ - *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); buflen -= 2 + total_ext_len; *olen = buf - start; @@ -3560,7 +3560,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, } memcpy( ssl->handshake->verify_cookie, ext + 4, ext_size ); - ssl->handshake->verify_cookie_len = ( unsigned char )ext_size; + ssl->handshake->verify_cookie_len = (unsigned char)ext_size; break; #endif /* MBEDTLS_SSL_COOKIE_C */ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 740e1d6e4a27..126bdac78387 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -427,14 +427,14 @@ void ssl_write_cid_ext( mbedtls_ssl_context *ssl, return; } - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); if( ssl->conf->cid == MBEDTLS_CID_CONF_ZERO_LENGTH ) { - *p++ = ( unsigned char )( ( 1 >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( 1 & 0xFF ); + *p++ = (unsigned char)( ( 1 >> 8 ) & 0xFF ); + *p++ = (unsigned char)( 1 & 0xFF ); /* 1 byte length field set to zero */ *p++ = 0; @@ -450,8 +450,8 @@ void ssl_write_cid_ext( mbedtls_ssl_context *ssl, } ssl->in_cid_len = MBEDTLS_CID_MAX_SIZE; - *p++ = ( unsigned char )( ( ( ssl->in_cid_len + 1 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( ssl->in_cid_len + 1 ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( ssl->in_cid_len + 1 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( ssl->in_cid_len + 1 ) ) & 0xFF ); /* Length field set to MBEDTLS_CID_MAX_SIZE */ *p++ = MBEDTLS_CID_MAX_SIZE; @@ -723,8 +723,8 @@ int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, for ( md = ssl->conf->signature_schemes; *md != SIGNATURE_NONE; md++ ) { - *sig_alg_list++ = ( unsigned char )( ( *md >> 8 ) & 0xFF ); - *sig_alg_list++ = ( unsigned char )( ( *md ) & 0xFF ); + *sig_alg_list++ = (unsigned char)( ( *md >> 8 ) & 0xFF ); + *sig_alg_list++ = (unsigned char)( ( *md ) & 0xFF ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "signature scheme [%x]", *md ) ); } @@ -732,14 +732,14 @@ int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); - *p++ = ( unsigned char )( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( sig_alg_len + 2 ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF ); - *p++ = ( unsigned char )( ( sig_alg_len >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( sig_alg_len ) & 0xFF ); + *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF ); *olen = 6 + sig_alg_len; @@ -1715,8 +1715,8 @@ static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); } - buf[4] = ( unsigned char )( ( ssl->handshake->signature_scheme >> 8 ) & 0xFF ); - buf[5] = ( unsigned char )( ( ssl->handshake->signature_scheme ) & 0xFF ); + buf[4] = (unsigned char)( ( ssl->handshake->signature_scheme >> 8 ) & 0xFF ); + buf[5] = (unsigned char)( ( ssl->handshake->signature_scheme ) & 0xFF ); /* Info from ssl->transform_negotiate->ciphersuite_info->mac will be used instead */ hashlen = 0; @@ -1730,8 +1730,8 @@ static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, return( ret ); } - buf[4 + offset] = ( unsigned char )( n >> 8 ); - buf[5 + offset] = ( unsigned char )( n ); + buf[4 + offset] = (unsigned char)( n >> 8 ); + buf[5 + offset] = (unsigned char)( n ); *olen = 6 + n + offset; @@ -2246,9 +2246,9 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE ); } - buf[i] = ( unsigned char )( n >> 16 ); - buf[i + 1] = ( unsigned char )( n >> 8 ); - buf[i + 2] = ( unsigned char )( n ); + buf[i] = (unsigned char)( n >> 16 ); + buf[i + 1] = (unsigned char)( n >> 8 ); + buf[i + 2] = (unsigned char)( n ); i += 3; memcpy( buf + i, crt->raw.p, n ); i += n; crt = crt->next; @@ -2261,9 +2261,9 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, i += 2; } total_len = &buf[i] - start - 3; - *start++ = ( unsigned char )( ( total_len ) >> 16 ); - *start++ = ( unsigned char )( ( total_len ) >> 8 ); - *start++ = ( unsigned char )( ( total_len ) ); + *start++ = (unsigned char)( ( total_len ) >> 16 ); + *start++ = (unsigned char)( ( total_len ) >> 8 ); + *start++ = (unsigned char)( ( total_len ) ); #if defined(MBEDTLS_SSL_CLI_C) empty_cert: @@ -4452,8 +4452,8 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, ssl->handshake->early_data = MBEDTLS_SSL_EARLY_DATA_ON; /* Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_EARLY_DATA >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_EARLY_DATA ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EARLY_DATA >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EARLY_DATA ) & 0xFF ); /* Write total extension length */ *p++ = 0; diff --git a/library/ssl_tls13_messaging.c b/library/ssl_tls13_messaging.c index 0903a20c55fa..2960ffeadeae 100644 --- a/library/ssl_tls13_messaging.c +++ b/library/ssl_tls13_messaging.c @@ -739,7 +739,7 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - if( nb_want > MBEDTLS_SSL_BUFFER_LEN - ( size_t )( ssl->in_hdr - ssl->in_buf ) ) + if( nb_want > MBEDTLS_SSL_BUFFER_LEN - (size_t)( ssl->in_hdr - ssl->in_buf ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -1259,9 +1259,9 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) * */ /* Add handshake message length */ - ssl->out_msg[1] = ( unsigned char )( ( len - 4 ) >> 16 ); - ssl->out_msg[2] = ( unsigned char )( ( len - 4 ) >> 8 ); - ssl->out_msg[3] = ( unsigned char )( ( len - 4 ) ); + ssl->out_msg[1] = (unsigned char)( ( len - 4 ) >> 16 ); + ssl->out_msg[2] = (unsigned char)( ( len - 4 ) >> 8 ); + ssl->out_msg[3] = (unsigned char)( ( len - 4 ) ); if( ssl->transform_out != NULL ) { @@ -1465,8 +1465,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) /* TBD */ /* Write Length */ - ssl->out_len[0] = ( unsigned char )( len >> 8 ); - ssl->out_len[1] = ( unsigned char )( len ); + ssl->out_len[0] = (unsigned char)( len >> 8 ); + ssl->out_len[1] = (unsigned char)( len ); } else @@ -1519,8 +1519,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) /* Write 16 bit length */ ssl->out_hdr[0] |= MBEDTLS_SSL_UNIFIED_HDR_LEN; - ssl->out_hdr[3 + i] = ( unsigned char )( len >> 8 ); - ssl->out_hdr[4 + i] = ( unsigned char )( len ); + ssl->out_hdr[3 + i] = (unsigned char)( len >> 8 ); + ssl->out_hdr[4 + i] = (unsigned char)( len ); /* Change pointer to length field */ ssl->out_len = &ssl->out_hdr[3 + i]; @@ -1566,8 +1566,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) mbedtls_ssl_write_version( 3, 3, ssl->conf->transport, ssl->out_hdr + 1 ); /* Write Length */ - ssl->out_len[0] = ( unsigned char )( len >> 8 ); - ssl->out_len[1] = ( unsigned char )( len ); + ssl->out_len[0] = (unsigned char)( len >> 8 ); + ssl->out_len[1] = (unsigned char)( len ); } if( ssl->transform_out != NULL ) @@ -1579,8 +1579,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) } len = ssl->out_msglen; - ssl->out_len[0] = ( unsigned char )( len >> 8 ); - ssl->out_len[1] = ( unsigned char )( len ); + ssl->out_len[0] = (unsigned char)( len >> 8 ); + ssl->out_len[1] = (unsigned char)( len ); } /* Calculate the number of bytes we have to put on the wire */ @@ -1810,7 +1810,7 @@ static int ssl_reassemble_dtls_handshake( mbedtls_ssl_context *ssl ) ssl->in_left = ssl->next_record_offset + remain_len; if( ssl->in_left > MBEDTLS_SSL_BUFFER_LEN - - ( size_t )( ssl->in_hdr - ssl->in_buf ) ) + (size_t)( ssl->in_hdr - ssl->in_buf ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "reassembled message too large for buffer" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -2152,14 +2152,14 @@ static int ssl_check_dtls_clihlo_cookie( *olen = p - obuf; /* Go back and fill length fields */ - obuf[27] = ( unsigned char )( *olen - 28 ); + obuf[27] = (unsigned char)( *olen - 28 ); - obuf[14] = obuf[22] = ( unsigned char )( ( *olen - 25 ) >> 16 ); - obuf[15] = obuf[23] = ( unsigned char )( ( *olen - 25 ) >> 8 ); - obuf[16] = obuf[24] = ( unsigned char )( ( *olen - 25 ) ); + obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 ); + obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 ); + obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) ); - obuf[11] = ( unsigned char )( ( *olen - 13 ) >> 8 ); - obuf[12] = ( unsigned char )( ( *olen - 13 ) ); + obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 ); + obuf[12] = (unsigned char)( ( *olen - 13 ) ); return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); } @@ -2436,7 +2436,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) /* Check length against the size of our buffer */ if( ssl->in_msglen > MBEDTLS_SSL_BUFFER_LEN - - ( size_t )( ssl->in_msg - ssl->in_buf ) ) + - (size_t)( ssl->in_msg - ssl->in_buf ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); return( MBEDTLS_ERR_SSL_INVALID_RECORD ); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 111f622c9dab..d3405e641956 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -79,8 +79,8 @@ static int ssl_write_sni_server_ext( } /* Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); /* Write total extension length */ *p++ = 0; @@ -192,12 +192,12 @@ static int ssl_write_key_shares_ext( MBEDTLS_SSL_DEBUG_ECP( 3, "ECDHE: Q ", &ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected].Q ); /* Write extension header */ - *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); - *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); + *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); + *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); /* Write total extension length */ - *header++ = ( unsigned char )( ( ( len ) >> 8 ) & 0xFF ); - *header++ = ( unsigned char )( ( ( len ) ) & 0xFF ); + *header++ = (unsigned char)( ( ( len ) >> 8 ) & 0xFF ); + *header++ = (unsigned char)( ( ( len ) ) & 0xFF ); *olen = len + 4; /* 4 bytes for fixed header + length of key share */ @@ -1116,19 +1116,19 @@ static int ssl_write_server_pre_shared_key_ext( mbedtls_ssl_context *ssl, } /* Extension Type */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); /* Extension Length */ - *p++ = ( unsigned char )( ( 2 >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( 2 & 0xFF ); + *p++ = (unsigned char)( ( 2 >> 8 ) & 0xFF ); + *p++ = (unsigned char)( 2 & 0xFF ); /* retrieve selected_identity */ selected_identity = 0; /* Write selected_identity */ - *p++ = ( unsigned char )( ( selected_identity >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( selected_identity & 0xFF ); + *p++ = (unsigned char)( ( selected_identity >> 8 ) & 0xFF ); + *p++ = (unsigned char)( selected_identity & 0xFF ); *olen = 6; @@ -1394,8 +1394,8 @@ static int ssl_write_supported_version_ext( mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); /* length */ *p++ = 0x00; @@ -1687,8 +1687,8 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "NewSessionTicket ( nonce length ): %d", MBEDTLS_SSL_TICKET_NONCE_LENGTH ) ); /* Ticket Length */ - ssl->out_msg[13+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = ( unsigned char )( ( tlen >> 8 ) & 0xFF ); - ssl->out_msg[14+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = ( unsigned char )( ( tlen ) & 0xFF ); + ssl->out_msg[13+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); + ssl->out_msg[14+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = (unsigned char)( ( tlen ) & 0xFF ); /* no extensions for now -> set length to zero */ ssl->out_msg[15+ MBEDTLS_SSL_TICKET_NONCE_LENGTH +tlen] = ( ext_len >> 8 ) & 0xFF; @@ -3106,8 +3106,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); *p++ = 0x00; *p++ = 1; @@ -3139,18 +3139,18 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - buf[1] = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); + buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = ( unsigned char )( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = ( unsigned char )( ( *olen - 4 ) & 0xFF ); + buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); + buf[3] = (unsigned char)( ( *olen - 4 ) & 0xFF ); - buf[4] = ( unsigned char )( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = ( unsigned char )( ( *olen - 6 ) & 0xFF ); + buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); + buf[5] = (unsigned char)( ( *olen - 6 ) & 0xFF ); - buf[6] = ( unsigned char )( ( *olen - 7 ) & 0xFF ); + buf[6] = (unsigned char)( ( *olen - 7 ) & 0xFF ); memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); } @@ -3398,8 +3398,8 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, *olen = p - buf; - *( buf + 4 ) = ( unsigned char )( ( ( *olen - 4 - 2 ) >> 8 ) & 0xFF ); - *( buf + 5 ) = ( unsigned char )( ( *olen - 4 - 2 ) & 0xFF ); + *( buf + 4 ) = (unsigned char)( ( ( *olen - 4 - 2 ) >> 8 ) & 0xFF ); + *( buf + 5 ) = (unsigned char)( ( *olen - 4 - 2 ) & 0xFF ); return( 0 ); } @@ -3493,14 +3493,14 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) p += 32; /* write legacy_session_id_echo */ - *p++ = ( unsigned char ) ssl->session_negotiate->id_len; + *p++ = (unsigned char) ssl->session_negotiate->id_len; memcpy( p, &ssl->session_negotiate->id[0], ssl->session_negotiate->id_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "session id", p, ssl->session_negotiate->id_len ); p += ssl->session_negotiate->id_len; /* write ciphersuite ( 2 bytes ) */ - *p++ = ( unsigned char )( ssl->session_negotiate->ciphersuite >> 8 ); - *p++ = ( unsigned char )( ssl->session_negotiate->ciphersuite ); + *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); + *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); MBEDTLS_SSL_DEBUG_BUF( 3, "ciphersuite", p-2, 2 ); /* write legacy_compression_method ( 0 ) */ @@ -3523,8 +3523,8 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) */ /* Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); /* Write total extension length * ( Skip it for now till we know the length ) @@ -3552,8 +3552,8 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "Cookie", ext_len_byte + 2, ext_length ); /* Write length */ - *ext_len_byte++ = ( unsigned char )( ( ext_length >> 8 ) & 0xFF ); - *ext_len_byte = ( unsigned char )( ext_length & 0xFF ); + *ext_len_byte++ = (unsigned char)( ( ext_length >> 8 ) & 0xFF ); + *ext_len_byte = (unsigned char)( ext_length & 0xFF ); total_ext_len += ext_length + 4 /* 2 bytes for extension_type and 2 bytes for length field */; #endif /* MBEDTLS_SSL_COOKIE_C */ @@ -3584,8 +3584,8 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) { /* Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); ext_len_byte = p; @@ -3619,8 +3619,8 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) total_ext_len += ext_length + 4 /* 2 bytes for extension_type and 2 bytes for length field */; #endif /* MBEDTLS_ECDH_C */ - *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); ssl->out_msglen = p - ssl->out_msg; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; @@ -3824,15 +3824,15 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, #if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - *buf++ = ( unsigned char ) 0xfe; - *buf++ = ( unsigned char ) 0xfd; + *buf++ = (unsigned char) 0xfe; + *buf++ = (unsigned char) 0xfd; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [0xfe:0xfd]" ) ); } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { - *buf++ = ( unsigned char )0x3; - *buf++ = ( unsigned char )0x3; + *buf++ = (unsigned char)0x3; + *buf++ = (unsigned char)0x3; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [0x3:0x3]" ) ); } buflen -= 2; @@ -3856,7 +3856,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { - *buf++ = ( unsigned char )ssl->session_negotiate->id_len; + *buf++ = (unsigned char)ssl->session_negotiate->id_len; buflen--; memcpy( buf, &ssl->session_negotiate->id[0], ssl->session_negotiate->id_len ); buf += ssl->session_negotiate->id_len; @@ -3866,8 +3866,8 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, } /* write selected ciphersuite ( 2 bytes ) */ - *buf++ = ( unsigned char )( ssl->session_negotiate->ciphersuite >> 8 ); - *buf++ = ( unsigned char )( ssl->session_negotiate->ciphersuite ); + *buf++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); + *buf++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); buflen -= 2; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s ( id=%d )", mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ), ssl->session_negotiate->ciphersuite ) ); @@ -3948,8 +3948,8 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_BUF( 4, "server hello extensions", extension_start, total_ext_len ); /* Write length information */ - *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); buflen -= 2 + total_ext_len; *olen = buf - start; @@ -4154,8 +4154,8 @@ static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, if( ret != 0 ) return ret; /* length field for all extensions */ - *p++ = ( unsigned char )( ( *olen >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( *olen ) & 0xFF ); + *p++ = (unsigned char)( ( *olen >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( *olen ) & 0xFF ); p += *olen; *olen = p - buf; From 5d5e27baf81bce53c3e257e6b44fed32fca7f8f0 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:24:02 +0000 Subject: [PATCH 07/13] Adapt `return` statements to Mbed TLS coding style Mbed TLS uses style `return( value );` --- library/ssl_tls13_client.c | 48 +++++++++++------------ library/ssl_tls13_generic.c | 76 ++++++++++++++++++------------------- library/ssl_tls13_server.c | 30 +++++++-------- 3 files changed, 77 insertions(+), 77 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index ebdae5cf41d1..94ba909807a0 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -485,13 +485,13 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) { - return 0; + return( 0 ); } if( end < p || (size_t)( end - p ) < 5 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding max_fragment_length extension" ) ); @@ -506,7 +506,7 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "Maximum fragment length = %d", ssl->conf->mfl_code ) ); *olen = 5; - return 0; + return( 0 ); } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ @@ -536,7 +536,7 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, if( ssl->conf->alpn_list == NULL ) { - return 0; + return( 0 ); } for ( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) @@ -545,7 +545,7 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, if( end < p || (size_t)( end - p ) < 6 + alpnlen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) ); @@ -581,7 +581,7 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); buf[3] = (unsigned char)( ( *olen - 4 ) & 0xFF ); - return 0; + return( 0 ); } #endif /* MBEDTLS_SSL_ALPN */ @@ -617,7 +617,7 @@ static int ssl_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, if( (size_t)( end - p ) < ( 7 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Not enough buffer" ) ); - return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding psk_key_exchange_modes extension" ) ); @@ -748,7 +748,7 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hkdf_extract( ) with early_secret", ret ); - return ret; + return( ret ); } MBEDTLS_SSL_DEBUG_MSG( 5, ( "HKDF Extract -- early_secret" ) ); @@ -811,7 +811,7 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "Derive_Secret( ) with binder_key: Error", ret ); - return ret; + return( ret ); } if( suite_info->mac == MBEDTLS_MD_SHA256 ) @@ -914,7 +914,7 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ mbedtls_platform_zeroize( finished_key, hash_length ); - return ret; + return( ret ); } @@ -1011,7 +1011,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, if( end < p || (size_t)( end - p ) < ( ext_length + 4 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too short" ) ); - return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } if( dummy_run == 0 ) @@ -1092,7 +1092,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, } } *olen = ext_length + 4; - return 0; + return( 0 ); } @@ -1111,7 +1111,7 @@ static int ssl_write_cookie_ext( mbedtls_ssl_context *ssl, if( ssl->handshake->verify_cookie == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "no cookie to send; skip extension" ) ); - return 0; + return( 0 ); } MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", @@ -1122,7 +1122,7 @@ static int ssl_write_cookie_ext( mbedtls_ssl_context *ssl, (size_t)( end - p ) < ( ssl->handshake->verify_cookie_len + 4 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding cookie extension" ) ); @@ -1140,7 +1140,7 @@ static int ssl_write_cookie_ext( mbedtls_ssl_context *ssl, *olen = ssl->handshake->verify_cookie_len + 4; - return 0; + return( 0 ); } #if defined(MBEDTLS_ECDH_C) @@ -1190,7 +1190,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, if( end < p || (size_t)( end - p ) < 6 + elliptic_curve_len ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_groups extension" ) ); @@ -1225,7 +1225,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF( 3, "Supported groups extension", buf + 4, elliptic_curve_len + 2 ); *olen = 6 + elliptic_curve_len; - return 0; + return( 0 ); } #endif /* defined(MBEDTLS_ECDH_C) */ @@ -1406,7 +1406,7 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, *olen += 4; /* 4 bytes for fixed header */ } - return 0; + return( 0 ); } #endif /* MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C */ @@ -2120,7 +2120,7 @@ static int ssl_parse_key_shares_ext( mbedtls_ssl_context *ssl, if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); - return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } */ @@ -2154,7 +2154,7 @@ static int ssl_parse_key_shares_ext( mbedtls_ssl_context *ssl, if( match_found == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); - return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } /* We store the server-selected key share at a given place @@ -2176,7 +2176,7 @@ static int ssl_parse_key_shares_ext( mbedtls_ssl_context *ssl, } ssl->handshake->extensions_present += KEY_SHARE_EXTENSION; - return ret; + return( ret ); } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ @@ -2601,7 +2601,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) { ssl->out_epoch = 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return 0; + return( 0 ); } @@ -2715,7 +2715,7 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse encrypted extension" ) ); - return ret; + return( ret ); } static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ) { @@ -2740,7 +2740,7 @@ static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ) { #endif /* MBEDTLS_COMPATIBILITY_MODE */ } - return 0; + return( 0 ); } diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 126bdac78387..809a9fe288e1 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -74,24 +74,24 @@ static enum varint_length_enum set_varint_length( uint32_t input, uint32_t* outp if( input <= 127 ) { *output = input; - return VARINT_LENGTH_1_BYTE; + return( VARINT_LENGTH_1_BYTE ); } else if( input <= 16383 ) { *output = input; *output |= MBEDTLS_VARINT_HDR_1; *output &= ~( MBEDTLS_VARINT_HDR_2 ); - return VARINT_LENGTH_2_BYTE; + return( VARINT_LENGTH_2_BYTE ); } else if( input <= 4194303 ) { *output = input; *output |= MBEDTLS_VARINT_HDR_1; *output |= MBEDTLS_VARINT_HDR_2; - return VARINT_LENGTH_3_BYTE; + return( VARINT_LENGTH_3_BYTE ); } - return VARINT_LENGTH_FAILURE; + return( VARINT_LENGTH_FAILURE ); } @@ -714,7 +714,7 @@ int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, if( end < p || (size_t)( end - p ) < sig_alg_len + 6 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } /* @@ -743,7 +743,7 @@ int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, *olen = 6 + sig_alg_len; - return 0; + return( 0 ); } int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, @@ -915,7 +915,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "Derive_Secret( ) with client_handshake_traffic_secret: Error", ret ); - return ret; + return( ret ); } MBEDTLS_SSL_DEBUG_MSG( 5, ( "HKDF Expand: label=[TLS 1.3, c hs traffic], requested length %d", mbedtls_hash_size_for_ciphersuite( suite_info ) ) ); @@ -937,7 +937,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "Derive_Secret( ) with server_handshake_traffic_secret: Error", ret ); - return ret; + return( ret ); } MBEDTLS_SSL_DEBUG_MSG( 5, ( "HKDF Expand: label=[TLS 1.3, s hs traffic], requested length %d", mbedtls_hash_size_for_ciphersuite( suite_info ) ) ); @@ -959,7 +959,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "Derive_Secret( ) with exporter_secret: Error", ret ); - return ret; + return( ret ); } MBEDTLS_SSL_DEBUG_BUF( 5, "exporter_secret", ssl->handshake->exporter_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); @@ -1112,7 +1112,7 @@ static int ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char h mbedtls_free( verify_buffer ); mbedtls_free( context_string ); - return 0; + return( 0 ); } #endif /* MBEDTLS_SHA256_C */ @@ -1194,7 +1194,7 @@ static int ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char h mbedtls_free( verify_buffer ); mbedtls_free( context_string ); - return 0; + return( 0 ); } #endif /* MBEDTLS_SHA512_C */ @@ -1365,7 +1365,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hkdf_extract( ) with early_secret", ret ); if( psk_allocated == 1 ) mbedtls_free( psk ); - return ret; + return( ret ); } MBEDTLS_SSL_DEBUG_MSG( 5, ( "HKDF Extract -- early_secret" ) ); @@ -1406,7 +1406,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { { MBEDTLS_SSL_DEBUG_RET( 1, "Derive-Secret( ., 'derived', '' ): Error", ret ); if( psk_allocated == 1 ) mbedtls_free( psk ); - return ret; + return( ret ); } /* @@ -1453,7 +1453,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hkdf_extract( ) with handshake_secret: Error", ret ); if( psk_allocated == 1 ) mbedtls_free( psk ); - return ret; + return( ret ); } MBEDTLS_SSL_DEBUG_MSG( 5, ( "HKDF Extract -- handshake_secret" ) ); @@ -1475,7 +1475,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { { MBEDTLS_SSL_DEBUG_RET( 1, "Derive-Secret( ., 'derived', '' ): Error", ret ); if( psk_allocated == 1 ) mbedtls_free( psk ); - return ret; + return( ret ); } /* @@ -1491,7 +1491,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hkdf_extract( ) with master_secret: Error %d.", ret ); if( psk_allocated == 1 ) mbedtls_free( psk ); - return ret; + return( ret ); } MBEDTLS_SSL_DEBUG_MSG( 5, ( "HKDF Extract -- master_secret" ) ); @@ -2898,14 +2898,14 @@ int mbedtls_ssl_generate_resumption_master_secret( mbedtls_ssl_context *ssl ) { if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "Derive_Secret( ) with resumption_master_secret: Error", ret ); - return ret; + return( ret ); } MBEDTLS_SSL_DEBUG_BUF( 5, "resumption_master_secret", ssl->session_negotiate->resumption_master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); #endif /* MBEDTLS_SSL_NEW_SESSION_TICKET */ - return ret; + return( ret ); } /* Generate application traffic keys since any records following a 1-RTT Finished message @@ -3019,7 +3019,7 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "Derive_Secret( ) with client_traffic_secret_0: Error", ret ); - return ret; + return( ret ); } /* Generate server_application_traffic_secret_0 @@ -3040,7 +3040,7 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "Derive_Secret( ) with server_traffic_secret_0: Error", ret ); - return ret; + return( ret ); } /* Generate application traffic keys since any records following a 1-RTT Finished message @@ -4210,7 +4210,7 @@ int mbedtls_ssl_conf_ticket_meta( mbedtls_ssl_config *conf, #if defined(MBEDTLS_HAVE_TIME) conf->ticket_received = ticket_received; #endif /* MBEDTLS_HAVE_TIME */ - return 0; + return( 0 ); } #endif /* MBEDTLS_SSL_NEW_SESSION_TICKET */ @@ -4257,11 +4257,11 @@ int mbedtls_ssl_conf_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_ mbedtls_ssl_config *conf = ( mbedtls_ssl_config * ) ssl->conf; /* basic consistency checks */ - if( conf == NULL ) return -1; - if( ticket == NULL ) return -1; - if( ticket->key_len == 0 ) return -1; - if( ticket->ticket_len == 0 ) return -1; - if( ticket->ticket == NULL ) return -1; + if( conf == NULL ) return( -1 ); + if( ticket == NULL ) return( -1 ); + if( ticket->key_len == 0 ) return( -1 ); + if( ticket->ticket_len == 0 ) return( -1 ); + if( ticket->ticket == NULL ) return( -1 ); /* We don't request another ticket from the server. * TBD: This function could be moved to an application-visible API call. @@ -4273,7 +4273,7 @@ int mbedtls_ssl_conf_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_ ( const unsigned char * )ticket->ticket, ticket->ticket_len ); - if( ret != 0 ) return -1; + if( ret != 0 ) return( -1 ); /* Set the key exchange mode to PSK * TBD: Ideally, the application developer should have the option @@ -4281,7 +4281,7 @@ int mbedtls_ssl_conf_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_ */ ret = mbedtls_ssl_conf_ke( conf, 0 ); - if( ret != 0 ) return -1; + if( ret != 0 ) return( -1 ); /* We set the ticket_age_add and the time we received the ticket */ #if defined(MBEDTLS_HAVE_TIME) @@ -4290,9 +4290,9 @@ int mbedtls_ssl_conf_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_ ret = mbedtls_ssl_conf_ticket_meta( conf, ticket->ticket_age_add ); #endif /* MBEDTLS_HAVE_TIME */ - if( ret != 0 ) return -1; + if( ret != 0 ) return( -1 ); - return 0; + return( 0 ); } int mbedtls_ssl_get_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_ticket *ticket ) @@ -4300,7 +4300,7 @@ int mbedtls_ssl_get_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_t const mbedtls_ssl_ciphersuite_t *cur; int hash_size; - if( ssl->session == NULL ) return -1; + if( ssl->session == NULL ) return( -1 ); /* Check whether we got a ticket already */ if( ssl->session->ticket != NULL ) @@ -4308,9 +4308,9 @@ int mbedtls_ssl_get_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_t /* store ticket */ ticket->ticket_len = ssl->session->ticket_len; - if( ticket->ticket_len == 0 ) return -1; + if( ticket->ticket_len == 0 ) return( -1 ); ticket->ticket = mbedtls_calloc( ticket->ticket_len,1 ); - if( ticket->ticket == NULL ) return -1; + if( ticket->ticket == NULL ) return( -1 ); memcpy( ticket->ticket, ssl->session->ticket, ticket->ticket_len ); /* store ticket lifetime */ @@ -4321,7 +4321,7 @@ int mbedtls_ssl_get_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_t if( cur == NULL ) { mbedtls_free( ticket->ticket ); - return -1; + return( -1 ); } hash_size=mbedtls_hash_size_for_ciphersuite( cur ); @@ -4329,7 +4329,7 @@ int mbedtls_ssl_get_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_t if( hash_size < 0 ) { mbedtls_free( ticket->ticket ); - return -1; + return( -1 ); } else { @@ -4346,12 +4346,12 @@ int mbedtls_ssl_get_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_t ticket->start = ssl->session->ticket_received; #endif /* MBEDTLS_HAVE_TIME */ - return 0; + return( 0 ); } else { /* no ticket available */ - return 1; + return( 1 ); } } @@ -4460,7 +4460,7 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, *p++ = 0; *olen = 4; - return 0; + return( 0 ); } #endif /* MBEDTLS_ZERO_RTT */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index d3405e641956..450f72fc995e 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -88,7 +88,7 @@ static int ssl_write_sni_server_ext( *olen = 4; - return 0; + return( 0 ); } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ @@ -148,7 +148,7 @@ static int ssl_write_key_shares_ext( if( end < p || ( end - p ) < 4 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } if( ssl->conf->curve_list == NULL ) @@ -201,7 +201,7 @@ static int ssl_write_key_shares_ext( *olen = len + 4; /* 4 bytes for fixed header + length of key share */ - return 0; + return( 0 ); } #endif /* MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C */ @@ -360,7 +360,7 @@ static int ssl_parse_key_shares_ext( if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); - return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } */ @@ -597,7 +597,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hkdf_extract( ) with early_secret", ret ); - return ret; + return( ret ); } MBEDTLS_SSL_DEBUG_MSG( 5, ( "HKDF Extract -- early_secret" ) ); @@ -663,7 +663,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "Derive_Secret( ) with binder_key: Error", ret ); - return ret; + return( ret ); } @@ -752,7 +752,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t mbedtls_platform_zeroize( finished_key, hash_length ); - return ret; + return( ret ); } #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) @@ -1060,7 +1060,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, buf += item_length; - return 0; + return( 0 ); } /* no valid psk binder value found */ @@ -1112,7 +1112,7 @@ static int ssl_write_server_pre_shared_key_ext( mbedtls_ssl_context *ssl, if( end < p || ( end - p ) < 6 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } /* Extension Type */ @@ -1134,7 +1134,7 @@ static int ssl_write_server_pre_shared_key_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 5, ( "sent selected_identity: %d", selected_identity ) ); - return 0; + return( 0 ); } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ @@ -1391,7 +1391,7 @@ static int ssl_write_supported_version_ext( mbedtls_ssl_context *ssl, if( end < p || (size_t)( end - p ) < 6 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); @@ -2241,7 +2241,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, *dst = ssl->in_msg; *dstlen = msg_len; - return 0; + return( 0 ); } static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, @@ -3319,7 +3319,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) ssl->out_epoch = 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return 0; + return( 0 ); } static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, @@ -3407,7 +3407,7 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST ); - return 0; + return( 0 ); } @@ -4151,7 +4151,7 @@ static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, /* The extensions must contain the signature_algorithms. */ /* Currently we don't use any other extension */ ret = ssl_write_signature_algorithms_ext( ssl, p+2, end, olen ); - if( ret != 0 ) return ret; + if( ret != 0 ) return( ret ); /* length field for all extensions */ *p++ = (unsigned char)( ( *olen >> 8 ) & 0xFF ); From d2fbc9de73797ff7cb68fa211c00848923745eb8 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:30:01 +0000 Subject: [PATCH 08/13] Adapt TLS 1.3 source files to bracketing style - first step This replaces all occurrences of `([^ ]` by `( `, and all occurrences of `[^ ])` by ` )`, without exceptions. The exceptions such as explicit casts and preprocessor directives are fixed in the next commits. --- library/ssl_tls13_client.c | 590 +++++++++++++++++----------------- library/ssl_tls13_generic.c | 366 ++++++++++----------- library/ssl_tls13_messaging.c | 184 +++++------ library/ssl_tls13_server.c | 518 ++++++++++++++--------------- 4 files changed, 829 insertions(+), 829 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 94ba909807a0..53db1c5adbb5 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1,10 +1,10 @@ /* * TLS 1.3 client-side functions * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * Copyright ( C ) 2006-2015, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * - * Licensed under the Apache License, Version 2.0 (the "License"); you may + * Licensed under the Apache License, Version 2.0 ( the "License" ); you may * not use this file except in compliance with the License. * You may obtain a copy of the License at * @@ -16,22 +16,22 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of mbed TLS ( https://tls.mbed.org ) */ -#if !defined(MBEDTLS_CONFIG_FILE) +#if !defined( MBEDTLS_CONFIG_FILE ) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +#if defined( MBEDTLS_SSL_PROTO_TLS1_3 ) #include "mbedtls/hkdf-tls.h" #include "mbedtls/hkdf.h" -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) #include "mbedtls/debug.h" #include "mbedtls/ssl.h" @@ -39,7 +39,7 @@ #include -#if defined(MBEDTLS_PLATFORM_C) +#if defined( MBEDTLS_PLATFORM_C ) #include "mbedtls/platform.h" #else #include @@ -49,12 +49,12 @@ #include -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) #include #endif -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) @@ -70,7 +70,7 @@ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); -#if defined(MBEDTLS_ECP_C) +#if defined( MBEDTLS_ECP_C ) if( mbedtls_ssl_check_curve( ssl, ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected].grp.id ) != 0 ) #else if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || @@ -95,83 +95,83 @@ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) * Overview */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) /* Main state-handling entry point; orchestrates the other functions. */ -int ssl_write_early_data_process(mbedtls_ssl_context* ssl); +int ssl_write_early_data_process( mbedtls_ssl_context* ssl ); -static int ssl_write_early_data_prepare(mbedtls_ssl_context* ssl); +static int ssl_write_early_data_prepare( mbedtls_ssl_context* ssl ); /* Write early-data message */ -static int ssl_write_early_data_write(mbedtls_ssl_context* ssl, +static int ssl_write_early_data_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, - size_t* olen); + size_t* olen ); /* Update the state after handling the outgoing early-data message. */ -static int ssl_write_early_data_postprocess(mbedtls_ssl_context* ssl); +static int ssl_write_early_data_postprocess( mbedtls_ssl_context* ssl ); /* * Implementation */ -int ssl_write_early_data_process(mbedtls_ssl_context* ssl) +int ssl_write_early_data_process( mbedtls_ssl_context* ssl ) { int ret; - MBEDTLS_SSL_DEBUG_MSG(2, ("=> write early data") ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write early data" ) ); - MBEDTLS_SSL_PROC_CHK(ssl_write_early_data_prepare(ssl) ); + MBEDTLS_SSL_PROC_CHK( ssl_write_early_data_prepare( ssl ) ); - if (ret == 0) + if ( ret == 0 ) { /* Make sure we can write a new message. */ - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_flush_output(ssl) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_flush_output( ssl ) ); /* Write early-data to message buffer. */ - MBEDTLS_SSL_PROC_CHK(ssl_write_early_data_write(ssl, ssl->out_msg, + MBEDTLS_SSL_PROC_CHK( ssl_write_early_data_write( ssl, ssl->out_msg, MBEDTLS_SSL_MAX_CONTENT_LEN, - &ssl->out_msglen) ); + &ssl->out_msglen ) ); ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; /* Dispatch message */ - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_write_record(ssl) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_record( ssl ) ); /* Update state */ - MBEDTLS_SSL_PROC_CHK(ssl_write_early_data_postprocess(ssl) ); + MBEDTLS_SSL_PROC_CHK( ssl_write_early_data_postprocess( ssl ) ); } cleanup: - MBEDTLS_SSL_DEBUG_MSG(2, ("<= write early data") ); - return(ret); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write early data" ) ); + return( ret ); } -static int ssl_write_early_data_prepare(mbedtls_ssl_context* ssl) +static int ssl_write_early_data_prepare( mbedtls_ssl_context* ssl ) { int ret; KeySet traffic_keys; - ret = mbedtls_ssl_early_data_key_derivation(ssl, &traffic_keys); - if (ret != 0) + ret = mbedtls_ssl_early_data_key_derivation( ssl, &traffic_keys ); + if ( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_key_derivation", ret); - return (ret); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_key_derivation", ret ); + return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) traffic_keys.epoch = 1; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - ret = mbedtls_set_traffic_key(ssl, &traffic_keys, ssl->transform_negotiate, 0); - if (ret != 0) + ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate, 0 ); + if ( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_set_traffic_key", ret); - return (ret); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); + return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* epoch value( 1 ) is used for messages protected using keys derived * from early_traffic_secret. */ @@ -179,44 +179,44 @@ static int ssl_write_early_data_prepare(mbedtls_ssl_context* ssl) ssl->out_epoch = 1; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return(0); + return( 0 ); } -static int ssl_write_early_data_write(mbedtls_ssl_context* ssl, +static int ssl_write_early_data_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, - size_t* olen) + size_t* olen ) { - if (ssl->conf->early_data_len > buflen) + if ( ssl->conf->early_data_len > buflen ) { - MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small") ); - return (MBEDTLS_ERR_SSL_ALLOC_FAILED); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return ( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } else { - memcpy(buf, ssl->conf->early_data_buf, ssl->conf->early_data_len); + memcpy( buf, ssl->conf->early_data_buf, ssl->conf->early_data_len ); buf[ssl->conf->early_data_len] = MBEDTLS_SSL_MSG_APPLICATION_DATA; *olen = ssl->conf->early_data_len + 1; - MBEDTLS_SSL_DEBUG_BUF(3, "Early Data", ssl->out_msg, *olen); + MBEDTLS_SSL_DEBUG_BUF( 3, "Early Data", ssl->out_msg, *olen ); } - return(0); + return( 0 ); } -static int ssl_write_early_data_postprocess(mbedtls_ssl_context* ssl) +static int ssl_write_early_data_postprocess( mbedtls_ssl_context* ssl ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) - mbedtls_ssl_send_flight_completed(ssl); +#if defined( MBEDTLS_SSL_PROTO_DTLS ) + if ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_send_flight_completed( ssl ); #endif - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); - return (0); + return ( 0 ); } #endif /* MBEDTLS_ZERO_RTT */ @@ -232,84 +232,84 @@ static int ssl_write_early_data_postprocess(mbedtls_ssl_context* ssl) * Overview */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) /* Main state-handling entry point; orchestrates the other functions. */ -int ssl_write_end_of_early_data_process(mbedtls_ssl_context* ssl); +int ssl_write_end_of_early_data_process( mbedtls_ssl_context* ssl ); -static int ssl_write_end_of_early_data_prepare(mbedtls_ssl_context* ssl); +static int ssl_write_end_of_early_data_prepare( mbedtls_ssl_context* ssl ); /* Write nd-of-early-data message */ -static int ssl_write_end_of_early_data_write(mbedtls_ssl_context* ssl, +static int ssl_write_end_of_early_data_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, - size_t* olen); + size_t* olen ); /* Update the state after handling the outgoing end-of-early-data message. */ -static int ssl_write_end_of_early_data_postprocess(mbedtls_ssl_context* ssl); +static int ssl_write_end_of_early_data_postprocess( mbedtls_ssl_context* ssl ); /* * Implementation */ -int ssl_write_end_of_early_data_process(mbedtls_ssl_context* ssl) +int ssl_write_end_of_early_data_process( mbedtls_ssl_context* ssl ) { int ret; - MBEDTLS_SSL_DEBUG_MSG(2, ("=> write EndOfEarlyData") ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write EndOfEarlyData" ) ); - MBEDTLS_SSL_PROC_CHK(ssl_write_end_of_early_data_prepare(ssl) ); + MBEDTLS_SSL_PROC_CHK( ssl_write_end_of_early_data_prepare( ssl ) ); - if (ret == 0) + if ( ret == 0 ) { /* Make sure we can write a new message. */ - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_flush_output(ssl) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_flush_output( ssl ) ); /* Write end-of-early-data to message buffer. */ - MBEDTLS_SSL_PROC_CHK(ssl_write_end_of_early_data_write(ssl, ssl->out_msg, + MBEDTLS_SSL_PROC_CHK( ssl_write_end_of_early_data_write( ssl, ssl->out_msg, MBEDTLS_SSL_MAX_CONTENT_LEN, - &ssl->out_msglen) ); + &ssl->out_msglen ) ); ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_END_OF_EARLY_DATA; /* Dispatch message */ - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_write_record(ssl) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_record( ssl ) ); /* Update state */ - MBEDTLS_SSL_PROC_CHK(ssl_write_end_of_early_data_postprocess(ssl) ); + MBEDTLS_SSL_PROC_CHK( ssl_write_end_of_early_data_postprocess( ssl ) ); } cleanup: - MBEDTLS_SSL_DEBUG_MSG(2, ("<= write EndOfEarlyData") ); - return(ret); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write EndOfEarlyData" ) ); + return( ret ); } -static int ssl_write_end_of_early_data_prepare(mbedtls_ssl_context* ssl) +static int ssl_write_end_of_early_data_prepare( mbedtls_ssl_context* ssl ) { int ret; KeySet traffic_keys; - ret = mbedtls_ssl_early_data_key_derivation(ssl, &traffic_keys); - if (ret != 0) + ret = mbedtls_ssl_early_data_key_derivation( ssl, &traffic_keys ); + if ( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_key_derivation", ret); - return (ret); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_key_derivation", ret ); + return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) traffic_keys.epoch = 1; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - ret = mbedtls_set_traffic_key(ssl, &traffic_keys, ssl->transform_negotiate, 0); - if (ret != 0) + ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate, 0 ); + if ( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_set_traffic_key", ret); - return (ret); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); + return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* epoch value ( 1 ) is used for messages protected using keys derived * from early_traffic_secret. */ @@ -317,44 +317,44 @@ static int ssl_write_end_of_early_data_prepare(mbedtls_ssl_context* ssl) ssl->out_epoch = 1; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return(0); + return( 0 ); } -static int ssl_write_end_of_early_data_write(mbedtls_ssl_context* ssl, +static int ssl_write_end_of_early_data_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, size_t* olen ) { /* TODO: A bounds check is missing here -- fix later. */ - ((void) buf); - ((void) buflen); + ( (void ) buf ); + ( (void ) buflen ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) - mbedtls_ssl_send_flight_completed(ssl); +#if defined( MBEDTLS_SSL_PROTO_DTLS ) + if ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_send_flight_completed( ssl ); #endif /* length of the handshake message header */ - *olen = mbedtls_ssl_hs_hdr_len(ssl); + *olen = mbedtls_ssl_hs_hdr_len( ssl ); - return(0); + return( 0 ); } -static int ssl_write_end_of_early_data_postprocess(mbedtls_ssl_context* ssl) +static int ssl_write_end_of_early_data_postprocess( mbedtls_ssl_context* ssl ) { - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); - return (0); + return ( 0 ); } #endif /* MBEDTLS_ZERO_RTT */ -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, unsigned char* buf, unsigned char* end, @@ -373,7 +373,7 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, hostname_len = strlen( ssl->hostname ); - if( end < p || (size_t)( end - p ) < hostname_len + 9 ) + if( end < p || ( size_t )( end - p ) < hostname_len + 9 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return; @@ -397,18 +397,18 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * ServerName server_name_list<1..2^16-1> * } ServerNameList; */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); - *p++ = (unsigned char)( ( ( hostname_len + 5 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( hostname_len + 5 ) ) & 0xFF ); + *p++ = ( unsigned char )( ( ( hostname_len + 5 ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( hostname_len + 5 ) ) & 0xFF ); - *p++ = (unsigned char)( ( ( hostname_len + 3 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( hostname_len + 3 ) ) & 0xFF ); + *p++ = ( unsigned char )( ( ( hostname_len + 3 ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( hostname_len + 3 ) ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); + *p++ = ( unsigned char )( ( hostname_len >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( hostname_len ) & 0xFF ); memcpy( p, ssl->hostname, hostname_len ); @@ -436,14 +436,14 @@ static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported version extension" ) ); - if( end < p || (size_t)( end - p ) < 7 ) + if( end < p || ( size_t )( end - p ) < 7 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return; } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); /* total length */ *p++ = 0x00; @@ -463,7 +463,7 @@ static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, *olen = 7; } -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) /* * ssl_write_max_fragment_length_ext( ): @@ -488,7 +488,7 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, return( 0 ); } - if( end < p || (size_t)( end - p ) < 5 ) + if( end < p || ( size_t )( end - p ) < 5 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -496,8 +496,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding max_fragment_length extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); *p++ = 0x00; *p++ = 1; @@ -511,7 +511,7 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_ALPN) +#if defined( MBEDTLS_SSL_ALPN ) /* * ssl_write_alpn_ext( ) structure: * @@ -540,9 +540,9 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, } for ( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) - alpnlen += (unsigned char)( strlen( *cur ) & 0xFF ) + 1; + alpnlen += ( unsigned char )( strlen( *cur ) & 0xFF ) + 1; - if( end < p || (size_t)( end - p ) < 6 + alpnlen ) + if( end < p || ( size_t )( end - p ) < 6 + alpnlen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -550,8 +550,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); /* * opaque ProtocolName<1..2^8-1>; @@ -566,7 +566,7 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, for ( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) { - *p = (unsigned char)( strlen( *cur ) & 0xFF ); + *p = ( unsigned char )( strlen( *cur ) & 0xFF ); memcpy( p + 1, *cur, *p ); p += 1 + *p; } @@ -574,18 +574,18 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 ( ext_type ) - 2 ( ext_len ) - 2 ( list_len ) */ - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( *olen - 6 ) & 0xFF ); + buf[4] = ( unsigned char )( ( ( *olen - 6 ) >> 8 ) & 0xFF ); + buf[5] = ( unsigned char )( ( *olen - 6 ) & 0xFF ); /* Extension length = olen - 2 ( ext_type ) - 2 ( ext_len ) */ - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( *olen - 4 ) & 0xFF ); + buf[2] = ( unsigned char )( ( ( *olen - 4 ) >> 8 ) & 0xFF ); + buf[3] = ( unsigned char )( ( *olen - 4 ) & 0xFF ); return( 0 ); } #endif /* MBEDTLS_SSL_ALPN */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) /* * ssl_write_psk_key_exchange_modes_ext( ) structure: @@ -614,7 +614,7 @@ static int ssl_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, /*} */ /* max length of this extension is 7 bytes */ - if( (size_t)( end - p ) < ( 7 ) ) + if( ( size_t )( end - p ) < ( 7 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Not enough buffer" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -623,8 +623,8 @@ static int ssl_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding psk_key_exchange_modes extension" ) ); /* Extension Type */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES ) & 0xFF ); if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { @@ -688,7 +688,7 @@ static int ssl_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, * dummy_run == 1 --> second run */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) /* ssl_create_binder( ): @@ -721,11 +721,11 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ unsigned char binder_key[MBEDTLS_MD_MAX_SIZE]; unsigned char finished_key[MBEDTLS_MD_MAX_SIZE]; -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_context sha256; #endif -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_context sha512; #endif @@ -774,7 +774,7 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ if( suite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256( ( const unsigned char * )"", 0, hash, 0 ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); @@ -783,7 +783,7 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ } else if( suite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512( ( const unsigned char * )"", 0, hash, 1 /* for SHA384 */ ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); @@ -816,7 +816,7 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ if( suite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_init( &sha256 ); mbedtls_sha256_starts( &sha256, 0 /* = use SHA256 */ ); @@ -834,7 +834,7 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ } else if( suite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -893,14 +893,14 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ MBEDTLS_SSL_DEBUG_BUF( 3, "Key", finished_key, hash_length ); MBEDTLS_SSL_DEBUG_BUF( 3, "Output", result, hash_length ); -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) if( suite_info->mac == MBEDTLS_MD_SHA256 ) { mbedtls_sha256_free( &sha256 ); } else #endif -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) if( suite_info->mac == MBEDTLS_MD_SHA384 ) { mbedtls_sha512_free( &sha512 ); @@ -927,7 +927,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, const mbedtls_ssl_ciphersuite_t *suite_info; int hash_len=-1, ret; const int *ciphersuites; -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) time_t now; #endif @@ -973,7 +973,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, /* In this implementation we only add one pre-shared-key extension. */ ssl->session_negotiate->ciphersuite = ciphersuites[i]; ssl->transform_negotiate->ciphersuite_info = suite_info; -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) /* Even if we include a key_share extension in the ClientHello * message it will not be used at this stage for the key derivation. */ @@ -1008,7 +1008,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, ext_length = 2 + 2 + ssl->conf->psk_identity_len + 4 + 2 + 1 + hash_len; /* ext_length + Extension Type ( 2 bytes ) + Extension Length ( 2 bytes ) */ - if( end < p || (size_t)( end - p ) < ( ext_length + 4 ) ) + if( end < p || ( size_t )( end - p ) < ( ext_length + 4 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too short" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -1021,20 +1021,20 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, else { /* Extension Type */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); /* Extension Length */ - *p++ = (unsigned char)( ( ext_length >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ext_length & 0xFF ); + *p++ = ( unsigned char )( ( ext_length >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ext_length & 0xFF ); /* 2 bytes length field for array of PskIdentity */ - *p++ = (unsigned char)( ( ( ssl->conf->psk_identity_len + 4 + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->conf->psk_identity_len + 4 + 2 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( ssl->conf->psk_identity_len + 4 + 2 ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ssl->conf->psk_identity_len + 4 + 2 ) & 0xFF ); /* 2 bytes length field for psk_identity */ - *p++ = (unsigned char)( ( ( ssl->conf->psk_identity_len ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->conf->psk_identity_len ) & 0xFF ); + *p++ = ( unsigned char )( ( ( ssl->conf->psk_identity_len ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ssl->conf->psk_identity_len ) & 0xFF ); /* actual psk_identity */ memcpy( p, ssl->conf->psk_identity, ssl->conf->psk_identity_len ); @@ -1045,7 +1045,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, /* ( but not for externally configured PSKs ) */ if( ssl->conf->ticket_age_add > 0 ) { -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) now = time( NULL ); if( !( ssl->conf->ticket_received <= now && now - ssl->conf->ticket_received < 7 * 86400 * 1000 ) ) @@ -1073,11 +1073,11 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, /* Add PSK binder for included identity */ /* 2 bytes length field for array of psk binders */ - *p++ = (unsigned char)( ( ( hash_len + 1 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( hash_len + 1 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( hash_len + 1 ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( hash_len + 1 ) & 0xFF ); /* 1 bytes length field for next psk binder */ - *p++ = (unsigned char)( ( hash_len ) & 0xFF ); + *p++ = ( unsigned char )( ( hash_len ) & 0xFF ); MBEDTLS_SSL_DEBUG_BUF( 3, "ssl_calc_binder computed over ", truncated_clienthello_start, truncated_clienthello_end - truncated_clienthello_start ); @@ -1119,7 +1119,7 @@ static int ssl_write_cookie_ext( mbedtls_ssl_context *ssl, ssl->handshake->verify_cookie_len ); if( end < p || - (size_t)( end - p ) < ( ssl->handshake->verify_cookie_len + 4 ) ) + ( size_t )( end - p ) < ( ssl->handshake->verify_cookie_len + 4 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -1128,12 +1128,12 @@ static int ssl_write_cookie_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding cookie extension" ) ); /* Extension Type */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); /* Extension Length */ - *p++ = (unsigned char)( ( ssl->handshake->verify_cookie_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ssl->handshake->verify_cookie_len & 0xFF ); + *p++ = ( unsigned char )( ( ssl->handshake->verify_cookie_len >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ssl->handshake->verify_cookie_len & 0xFF ); /* Copy Cookie */ memcpy( p, ssl->handshake->verify_cookie, ssl->handshake->verify_cookie_len ); @@ -1143,7 +1143,7 @@ static int ssl_write_cookie_ext( mbedtls_ssl_context *ssl, return( 0 ); } -#if defined(MBEDTLS_ECDH_C) +#if defined( MBEDTLS_ECDH_C ) /* Supported Groups Extension @@ -1161,15 +1161,15 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, unsigned char *elliptic_curve_list = p + 6; size_t elliptic_curve_len = 0; const mbedtls_ecp_curve_info *info; -#if defined(MBEDTLS_ECP_C) +#if defined( MBEDTLS_ECP_C ) const mbedtls_ecp_group_id *grp_id; #else - ( (void)ssl ); + ( ( void )ssl ); #endif *olen = 0; -#if defined(MBEDTLS_ECP_C) +#if defined( MBEDTLS_ECP_C ) for ( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { /* info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); */ @@ -1187,7 +1187,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - if( end < p || (size_t)( end - p ) < 6 + elliptic_curve_len ) + if( end < p || ( size_t )( end - p ) < 6 + elliptic_curve_len ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -1197,7 +1197,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, elliptic_curve_len = 0; -#if defined(MBEDTLS_ECP_C) +#if defined( MBEDTLS_ECP_C ) for ( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); @@ -1213,21 +1213,21 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 5, ( "Named Curve: %s ( %x )", mbedtls_ecp_curve_info_from_tls_id( info->tls_id )->name, info->tls_id ) ); } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); + *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF ); + *p++ = ( unsigned char )( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( elliptic_curve_len ) ) & 0xFF ); MBEDTLS_SSL_DEBUG_BUF( 3, "Supported groups extension", buf + 4, elliptic_curve_len + 2 ); *olen = 6 + elliptic_curve_len; return( 0 ); } -#endif /* defined(MBEDTLS_ECDH_C) */ +#endif /* defined( MBEDTLS_ECDH_C ) */ /* @@ -1263,7 +1263,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, } KeyShare; */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, unsigned char* buf, @@ -1278,9 +1278,9 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, /*const int *ciphersuites; */ /* TODO: Add bounds checks! Only then remove the next line. */ - ((void) end); + ( (void ) end ); -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { p = buf + 2; @@ -1373,8 +1373,8 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, } /* Write length of the key_exchange entry */ - *p++ = (unsigned char)( ( ( len ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( len ) ) & 0xFF ); + *p++ = ( unsigned char )( ( ( len ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( len ) ) & 0xFF ); p += len; *olen += len + 2; @@ -1389,10 +1389,10 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, } /* Write extension header */ - *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); - *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); + *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); + *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { *olen += 2; /* 2 bytes for fixed header */ @@ -1400,8 +1400,8 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_CTLS */ { /* Write total extension length */ - *header++ = (unsigned char)( ( *olen >> 8 ) & 0xFF ); - *header++ = (unsigned char)( *olen & 0xFF ); + *header++ = ( unsigned char )( ( *olen >> 8 ) & 0xFF ); + *header++ = ( unsigned char )( *olen & 0xFF ); *olen += 4; /* 4 bytes for fixed header */ } @@ -1447,7 +1447,7 @@ static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "ClientHello", ssl->out_msg, ssl->out_msglen ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_send_flight_completed( ssl ); #endif @@ -1485,7 +1485,7 @@ static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) return( MBEDTLS_ERR_SSL_NO_RNG ); } -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; @@ -1502,7 +1502,7 @@ static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) return( ret ); } -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) /* Determine whether session id has not been created already */ if( ssl->session_negotiate->id_len == 0 ) { @@ -1560,7 +1560,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, /* Keeping track of the included extensions */ ssl->handshake->extensions_present = NO_EXTENSION; -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; @@ -1579,7 +1579,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, * For cTLS the length, and the version field * are elided. The random bytes are shorter. */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) /* With cTLS the version field is elided. */ if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { @@ -1618,11 +1618,11 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, * * In cTLS the version number is elided. */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { *buf++ = 0xfe; /* 254 */ @@ -1657,14 +1657,14 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, * ossification ). Otherwise, it MUST be set as a zero-length vector * ( i.e., a zero-valued single byte length field ). */ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) if( buflen < ( ssl->session_negotiate->id_len + 1 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - *buff++ = (unsigned char)ssl->session_negotiate->id_len; /* write session id length */ + *buff++ = ( unsigned char )ssl->session_negotiate->id_len; /* write session id length */ memcpy( buf, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); /* write session id */ buf += ssl->session_negotiate->id_len; @@ -1674,7 +1674,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "session id len.: %d", ssl->session_negotiate->id_len ) ); MBEDTLS_SSL_DEBUG_BUF( 3, "session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); #else -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) /* For cTLS we are not using a session id */ if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ @@ -1690,7 +1690,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_COMPATIBILITY_MODE */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* * DTLS cookie */ @@ -1757,20 +1757,20 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - *buf++ = (unsigned char)( ciphersuites[i] >> 8 ); - *buf++ = (unsigned char)( ciphersuites[i] ); + *buf++ = ( unsigned char )( ciphersuites[i] >> 8 ); + *buf++ = ( unsigned char )( ciphersuites[i] ); buflen -= 2; -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) /* For ZeroRTT we only add a single ciphersuite. */ break; #endif /* MBEDTLS_ZERO_RTT */ } /* write ciphersuite length now */ - *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 >> 8 ); - *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 ); + *ciphersuite_start++ = ( unsigned char )( ciphersuite_count*2 >> 8 ); + *ciphersuite_start++ = ( unsigned char )( ciphersuite_count*2 ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites", ciphersuite_count ) ); @@ -1780,7 +1780,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, * * For cTLS this field is elided. */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -1806,7 +1806,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, * For cTLS we only need to provide it if there is more than one version * and currently there is only one. */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -1821,25 +1821,25 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, total_ext_len += cur_ext_len; buf += cur_ext_len; -#if defined(MBEDTLS_SSL_ALPN) +#if defined( MBEDTLS_SSL_ALPN ) ssl_write_alpn_ext( ssl, buf, end, &cur_ext_len ); total_ext_len += cur_ext_len; buf += cur_ext_len; #endif /* MBEDTLS_SSL_ALPN */ -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) ssl_write_max_fragment_length_ext( ssl, buf, end, &cur_ext_len ); total_ext_len += cur_ext_len; buf += cur_ext_len; #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_ZERO_RTT) - ssl_write_early_data_ext( ssl, buf, (size_t)( end - buf ), &cur_ext_len ); +#if defined( MBEDTLS_ZERO_RTT ) + ssl_write_early_data_ext( ssl, buf, ( size_t )( end - buf ), &cur_ext_len ); total_ext_len += cur_ext_len; buf += cur_ext_len; #endif /* MBEDTLS_ZERO_RTT */ -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) /* For PSK-based ciphersuites we don't really need the SNI extension */ if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { @@ -1849,13 +1849,13 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined(MBEDTLS_CID) +#if defined( MBEDTLS_CID ) ssl_write_cid_ext( ssl, buf, end, &cur_ext_len ); total_ext_len += cur_ext_len; buf += cur_ext_len; #endif -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) /* For PSK-based ciphersuites we need the pre-shared-key extension * and the psk_key_exchange_modes extension. * @@ -1876,7 +1876,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) /* The supported_groups and the key_share extensions are * REQUIRED for ECDHE ciphersuites. */ @@ -1932,7 +1932,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE || @@ -1958,8 +1958,8 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extension_start, total_ext_len ); /* Write extension length */ - *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); + *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); buflen -= 2 + total_ext_len; *olen = buf - start; @@ -1971,7 +1971,7 @@ static int ssl_parse_supported_version_ext( mbedtls_ssl_context* ssl, size_t len ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { if( len != 2 && buf[0] != 254 && buf[1] != 253 ) @@ -1995,7 +1995,7 @@ static int ssl_parse_supported_version_ext( mbedtls_ssl_context* ssl, } -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -2016,7 +2016,7 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) /* * struct { @@ -2054,7 +2054,7 @@ static int ssl_parse_server_psk_identity_ext( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); } - if( len != (size_t)2 ) + if( len != ( size_t )2 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad psk_identity extension in server hello message" ) ); return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); @@ -2083,7 +2083,7 @@ static int ssl_parse_server_psk_identity_ext( mbedtls_ssl_context *ssl, #endif -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ /* @@ -2181,7 +2181,7 @@ static int ssl_parse_key_shares_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(MBEDTLS_SSL_ALPN) +#if defined( MBEDTLS_SSL_ALPN ) static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -2252,7 +2252,7 @@ static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ); #define SSL_CERTIFICATE_REQUEST_EXPECT_REQUEST 0 #define SSL_CERTIFICATE_REQUEST_SKIP 1 static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ); -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, unsigned char const* buf, size_t buflen ); @@ -2276,7 +2276,7 @@ static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ) */ MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_coordinate( ssl ) ); -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) if( ret == SSL_CERTIFICATE_REQUEST_EXPECT_REQUEST ) { /* Parsing step */ @@ -2321,8 +2321,8 @@ static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ) return( SSL_CERTIFICATE_REQUEST_SKIP ); } -#if !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - ( (void)ret ); +#if !defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) + ( ( void )ret ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else @@ -2352,7 +2352,7 @@ static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ) #endif /* ( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ } -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, const unsigned char* buf, size_t buflen ) @@ -2365,7 +2365,7 @@ static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, int context_len = 0; /* TODO: Add bounds checks! Only then remove the next line. */ - ((void) buflen); + ( (void ) buflen ); /* * @@ -2383,7 +2383,7 @@ static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, p += mbedtls_ssl_hs_hdr_len( ssl ); -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -2402,7 +2402,7 @@ static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, * 3 bytes */ - if( total_len < (size_t)( 3 + context_len ) ) + if( total_len < ( size_t )( 3 + context_len ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); @@ -2463,7 +2463,7 @@ static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, case MBEDTLS_TLS_EXT_SIG_ALG: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); - if( ( ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) + if( ( ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ( size_t )ext_size ) ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl_parse_signature_algorithms_ext" ) ); SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); @@ -2495,7 +2495,7 @@ static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, static int ssl_certificate_request_postprocess( mbedtls_ssl_context* ssl ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2581,7 +2581,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) { return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) traffic_keys.epoch = 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2593,7 +2593,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) { } } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* epoch value ( 2 ) is used for messages * protected using keys derived from the handshake_traffic_secret */ @@ -2615,7 +2615,7 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, unsigned char *ext; /* TODO: Add bounds checks! Only then remove the next line. */ - ((void) buflen); + ( (void ) buflen ); /* skip handshake header */ buf += mbedtls_ssl_hs_hdr_len( ssl ); @@ -2664,7 +2664,7 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, switch ( ext_id ) { -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max_fragment_length extension" ) ); @@ -2678,11 +2678,11 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_ALPN) +#if defined( MBEDTLS_SSL_ALPN ) case MBEDTLS_TLS_EXT_ALPN: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); - if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) + if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, ( size_t )ext_size ) ) != 0 ) { return( ret ); } @@ -2690,7 +2690,7 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_SSL_ALPN */ -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) case MBEDTLS_TLS_EXT_SERVERNAME: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found server_name extension" ) ); @@ -2720,12 +2720,12 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSION, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED ); @@ -2733,7 +2733,7 @@ static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ) { else #endif /* MBEDTLS_ZERO_RTT */ { -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_CERTIFICATE_REQUEST ); #else mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST ); @@ -2915,7 +2915,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, /* Check for minimal length */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { /* TBD: Add message header figure here. */ @@ -2956,7 +2956,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, /* skip header */ buf += mbedtls_ssl_hs_hdr_len( ssl ); -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -2982,7 +2982,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, ssl->minor_ver = 0x04; /* store server-provided random values */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { memcpy( ssl->handshake->randbytes + 16, buf, 16 ); @@ -3001,11 +3001,11 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, buf += 32; } -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) /* legacy_session_id_echo */ if( ssl->session_negotiate->id_len != buf[0] ) { @@ -3042,7 +3042,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, #endif /* MBEDTLS_COMPATIBILITY_MODE */ } -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { /* read server-selected ciphersuite, which follows random bytes */ @@ -3089,7 +3089,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: ( %04x ) - %s", i, suite_info->name ) ); -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ @@ -3111,7 +3111,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, } -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -3168,7 +3168,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, switch ( ext_id ) { -#if defined(MBEDTLS_CID) +#if defined( MBEDTLS_CID ) case MBEDTLS_TLS_EXT_CID: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); if( ssl->conf->cid == MBEDTLS_CID_CONF_DISABLED ) @@ -3188,10 +3188,10 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, return( ret ); break; -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ) case MBEDTLS_TLS_EXT_PRE_SHARED_KEY: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) ); - if( ( ret = ssl_parse_server_psk_identity_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) + if( ( ret = ssl_parse_server_psk_identity_ext( ssl, ext + 4, ( size_t )ext_size ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_server_psk_identity_ext" ), ret ); return( ret ); @@ -3199,11 +3199,11 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) case MBEDTLS_TLS_EXT_KEY_SHARES: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) ); - if( ( ret = ssl_parse_key_shares_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) + if( ( ret = ssl_parse_key_shares_ext( ssl, ext + 4, ( size_t )ext_size ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_parse_key_shares_ext", ret ); return( ret ); @@ -3258,7 +3258,7 @@ static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ) return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } -#if defined(MBEDTLS_CID) +#if defined( MBEDTLS_CID ) /* Server does not want to use CID -> recover resources */ if( ssl->session_negotiate->cid == MBEDTLS_CID_DISABLED && ssl->in_cid_len > 0 ) { @@ -3286,7 +3286,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, const mbedtls_ssl_ciphersuite_t* suite_info; /* pointer to ciphersuite */ -#if defined(MBEDTLS_ECDH_C) +#if defined( MBEDTLS_ECDH_C ) /* Variables for parsing the key_share */ const mbedtls_ecp_group_id* grp_id; const mbedtls_ecp_curve_info* info, * curve = NULL; @@ -3294,7 +3294,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, #endif /* MBEDTLS_ECDH_C */ /* Check for minimal length */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { /* TBD: Add message header figure here. */ @@ -3336,7 +3336,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, /* skip header */ buf += mbedtls_ssl_hs_hdr_len( ssl ); -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -3362,7 +3362,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, ssl->minor_ver = 0x04; /* store server-provided random values */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { memcpy( ssl->handshake->randbytes + 16, buf, 16 ); @@ -3381,11 +3381,11 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, buf += 32; } -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) /* legacy_session_id_echo */ if( ssl->session_negotiate->id_len != buf[0] ) { @@ -3422,7 +3422,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, #endif /* MBEDTLS_COMPATIBILITY_MODE */ } -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { /* read server-selected ciphersuite, which follows random bytes */ @@ -3469,7 +3469,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "hello retry request, chosen ciphersuite: ( %04x ) - %s", i, suite_info->name ) ); -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ @@ -3490,7 +3490,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, } } -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -3545,7 +3545,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, switch ( ext_id ) { -#if defined(MBEDTLS_SSL_COOKIE_C) +#if defined( MBEDTLS_SSL_COOKIE_C ) case MBEDTLS_TLS_EXT_COOKIE: MBEDTLS_SSL_DEBUG_BUF( 3, "cookie extension", ext + 4, ext_size ); @@ -3560,7 +3560,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, } memcpy( ssl->handshake->verify_cookie, ext + 4, ext_size ); - ssl->handshake->verify_cookie_len = (unsigned char)ext_size; + ssl->handshake->verify_cookie_len = ( unsigned char )ext_size; break; #endif /* MBEDTLS_SSL_COOKIE_C */ @@ -3573,7 +3573,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, return( ret ); break; -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) case MBEDTLS_TLS_EXT_KEY_SHARES: MBEDTLS_SSL_DEBUG_BUF( 3, "key_share extension", ext + 4, ext_size ); @@ -3730,17 +3730,17 @@ static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, transcript[3] = ( uint8_t )hash_length; - /* #if defined(MBEDTLS_SHA256_C) + /* #if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_context sha256; #endif - #if defined(MBEDTLS_SHA512_C) + #if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_context sha512; #endif */ if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_finish( &ssl->handshake->fin_sha256, &transcript[4] ); MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 32 + 4 ); @@ -3755,7 +3755,7 @@ static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, } else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_finish( &ssl->handshake->fin_sha512, &transcript[4] ); MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 48 + 4 ); @@ -3770,7 +3770,7 @@ static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, } else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA512 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_finish( &ssl->handshake->fin_sha512, &transcript[4] ); MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 64 + 4 ); @@ -3792,7 +3792,7 @@ static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, /* Add transcript for HRR */ ssl->handshake->update_checksum( ssl, orig_buf, orig_msg_len ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) mbedtls_ssl_recv_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ return( 0 ); @@ -3802,10 +3802,10 @@ static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, -#if !defined(foobar) +#if !defined( foobar ) static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) { - ( (void)ssl ); + ( ( void )ssl ); } #else static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) @@ -3816,8 +3816,8 @@ static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) * us not to add a CID value to the record header then the * out_cid_len or in_cid_len will be zero. */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) -#if defined(MBEDTLS_CID) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined( MBEDTLS_CID ) size_t out_cid_len = ssl->out_cid_len; size_t in_cid_len = ssl->in_cid_len; #else @@ -3851,7 +3851,7 @@ static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { - ( (void)ssl ); + ( ( void )ssl ); } } #endif /* foobar */ @@ -3873,7 +3873,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) return( ret ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) { @@ -3889,13 +3889,13 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) /* Reset hello_retry_requests_receive since we have not seen an HRR msg yet. */ ssl->handshake->hello_retry_requests_received = 0; -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) /* Reset session id */ memset( ssl->session_negotiate->id, 0, 32 ); ssl->session_negotiate->id_len = 0; #endif /* MBEDTLS_COMPATIBILITY_MODE */ -#if defined(MBEDTLS_ECP_C) +#if defined( MBEDTLS_ECP_C ) /* We need to initialize the handshake->key_shares_curve_list. */ if( ssl->handshake->key_shares_curve_list == NULL ) { @@ -3913,7 +3913,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_ECP_C */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* nothing sent or received so far */ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { @@ -3927,7 +3927,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) case MBEDTLS_SSL_CLIENT_HELLO: /* Reset pointers to buffers */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->out_hdr = ssl->out_buf; @@ -3944,7 +3944,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* epoch value ( 0 ) is used with unencrypted messages */ ssl->in_epoch = 0; ssl->out_epoch = 0; @@ -3956,15 +3956,15 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_client_hello", ret ); return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO ); #else mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_APP_DATA ); @@ -3976,17 +3976,17 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_send_flight_completed( ssl ); #endif break; -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) /* ----- WRITE CHANGE CIPHER SPEC ----*/ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) case MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO: ret = mbedtls_ssl_write_change_cipher_spec( ssl ); @@ -4027,7 +4027,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -4035,11 +4035,11 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) if( ssl->handshake->hello_retry_requests_received > 0 ) { /* If we received the HRR msg then we send another ClientHello */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_HELLO_RETRY_REQUEST, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) /* If not offering early data, the client sends a dummy * change_cipher_spec record immediately before its * second flight. This may either be before its second @@ -4053,7 +4053,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) else { /* Otherwise we continue with the handshake */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_SERVER_HELLO, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -4065,7 +4065,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) /* ----- WRITE CHANGE_CIPHER_SPEC ----*/ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) case MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO: ret = mbedtls_ssl_write_change_cipher_spec( ssl ); @@ -4084,12 +4084,12 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) } mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_SERVER_HELLO ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_send_flight_completed( ssl ); #endif @@ -4111,7 +4111,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -4142,7 +4142,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) /* ----- WRITE CHANGE CIPHER SPEC ----*/ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) case MBEDTLS_SSL_CLIENT_CCS_BEFORE_CERTIFICATE_REQUEST: ret = mbedtls_ssl_write_change_cipher_spec( ssl ); @@ -4197,12 +4197,12 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_RET( 1, "ssl_finished_in_process", ret ); return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_FINISHED, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_DATA ); @@ -4214,7 +4214,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) } break; -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) /* ----- WRITE END-OF-EARLY-DATA ----*/ @@ -4255,7 +4255,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) /* ----- WRITE CHANGE CIPHER SPEC ----*/ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) case MBEDTLS_SSL_CLIENT_CCS_BEFORE_FINISHED: if( ssl->transform_out == NULL ) @@ -4276,7 +4276,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) } break; -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* ----- READ ACK ----*/ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 809a9fe288e1..91fa403fd8d0 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1,11 +1,11 @@ /* * Handshake-related functions shared between the TLS/DTLS client - * and server ( ssl_tls13_client.c and ssl_tls13_server.c). + * and server ( ssl_tls13_client.c and ssl_tls13_server.c ). * * Copyright ( C ) 2006-2015, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * - * Licensed under the Apache License, Version 2.0 ( the "License"); you may + * Licensed under the Apache License, Version 2.0 ( the "License" ); you may * not use this file except in compliance with the License. * You may obtain a copy of the License at * @@ -17,23 +17,23 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS ( https://tls.mbed.org) + * This file is part of mbed TLS ( https://tls.mbed.org ) */ -#if !defined(MBEDTLS_CONFIG_FILE) +#if !defined( MBEDTLS_CONFIG_FILE ) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_SSL_TLS_C) +#if defined( MBEDTLS_SSL_TLS_C ) -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +#if defined( MBEDTLS_SSL_PROTO_TLS1_3 ) -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) #include "mbedtls/aes.h" #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -45,12 +45,12 @@ #include "mbedtls/hkdf.h" #include -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) +#if defined( MBEDTLS_X509_CRT_PARSE_C ) && \ + defined( MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE ) #include "mbedtls/oid.h" #endif -#if defined(MBEDTLS_PLATFORM_C) +#if defined( MBEDTLS_PLATFORM_C ) #include "mbedtls/platform.h" #else #include @@ -58,17 +58,17 @@ #define mbedtls_free free #endif /* MBEDTLS_PLATFORM_C */ -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) static int ssl_calc_verify_tls_sha256( mbedtls_ssl_context*, unsigned char*, int ); static int ssl_calc_finished_tls_sha256( mbedtls_ssl_context*, unsigned char*, int ); #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) static int ssl_calc_verify_tls_sha384( mbedtls_ssl_context*, unsigned char*, int ); static int ssl_calc_finished_tls_sha384( mbedtls_ssl_context*, unsigned char*, int ); #endif /* MBEDTLS_SHA512_C */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) static enum varint_length_enum set_varint_length( uint32_t input, uint32_t* output ) { if( input <= 127 ) @@ -152,7 +152,7 @@ static uint32_t get_varint_value( const uint32_t input ) } #endif /* MBEDTLS_CTLS */ -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) static int ssl_calc_finished_tls_sha256( mbedtls_ssl_context* ssl, unsigned char* buf, int from ) { @@ -177,7 +177,7 @@ static int ssl_calc_finished_tls_sha256( mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); /* - #if !defined(MBEDTLS_SHA256_ALT) + #if !defined( MBEDTLS_SHA256_ALT ) MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha2 state", ( unsigned char * ) sha256.state, sizeof( sha256.state ) ); #endif @@ -275,7 +275,7 @@ static int ssl_calc_finished_tls_sha256( } #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) static int ssl_calc_finished_tls_sha384( mbedtls_ssl_context* ssl, unsigned char* buf, int from ) { @@ -318,7 +318,7 @@ static int ssl_calc_finished_tls_sha384( * * Only included if present. */ - /*#if !defined(MBEDTLS_SHA512_ALT) + /*#if !defined( MBEDTLS_SHA512_ALT ) MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", ( unsigned char * ) sha512.state, sizeof( sha512.state ) ); #endif @@ -394,7 +394,7 @@ static int ssl_calc_finished_tls_sha384( #endif /* MBEDTLS_SHA512_C */ -#if defined(MBEDTLS_CID) +#if defined( MBEDTLS_CID ) void ssl_write_cid_ext( mbedtls_ssl_context *ssl, unsigned char* buf, unsigned char* end, @@ -421,20 +421,20 @@ void ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding cid extension" ) ); - if( end < p || (size_t)( end - p ) < ( 3 + MBEDTLS_CID_MAX_SIZE ) ) + if( end < p || ( size_t )( end - p ) < ( 3 + MBEDTLS_CID_MAX_SIZE ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return; } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); if( ssl->conf->cid == MBEDTLS_CID_CONF_ZERO_LENGTH ) { - *p++ = (unsigned char)( ( 1 >> 8 ) & 0xFF ); - *p++ = (unsigned char)( 1 & 0xFF ); + *p++ = ( unsigned char )( ( 1 >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( 1 & 0xFF ); /* 1 byte length field set to zero */ *p++ = 0; @@ -450,8 +450,8 @@ void ssl_write_cid_ext( mbedtls_ssl_context *ssl, } ssl->in_cid_len = MBEDTLS_CID_MAX_SIZE; - *p++ = (unsigned char)( ( ( ssl->in_cid_len + 1 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( ssl->in_cid_len + 1 ) ) & 0xFF ); + *p++ = ( unsigned char )( ( ( ssl->in_cid_len + 1 ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( ssl->in_cid_len + 1 ) ) & 0xFF ); /* Length field set to MBEDTLS_CID_MAX_SIZE */ *p++ = MBEDTLS_CID_MAX_SIZE; @@ -502,12 +502,12 @@ int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Incorrect CID extension length" ) ); -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); #endif /* MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); #endif /* MBEDTLS_SSL_SRV_C */ @@ -533,7 +533,7 @@ int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_CID */ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) { int ret; @@ -565,7 +565,7 @@ int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_COMPATIBILITY_MODE */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /*********************** * @@ -688,7 +688,7 @@ int mbedtls_ssl_write_ack( mbedtls_ssl_context *ssl ) * Only if we handle at least one key exchange that needs signatures. */ -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, unsigned char* buf, unsigned char* end, @@ -711,7 +711,7 @@ int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, sig_alg_len += 2; } - if( end < p || (size_t)( end - p ) < sig_alg_len + 6 ) + if( end < p || ( size_t )( end - p ) < sig_alg_len + 6 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -723,8 +723,8 @@ int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, for ( md = ssl->conf->signature_schemes; *md != SIGNATURE_NONE; md++ ) { - *sig_alg_list++ = (unsigned char)( ( *md >> 8 ) & 0xFF ); - *sig_alg_list++ = (unsigned char)( ( *md ) & 0xFF ); + *sig_alg_list++ = ( unsigned char )( ( *md >> 8 ) & 0xFF ); + *sig_alg_list++ = ( unsigned char )( ( *md ) & 0xFF ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "signature scheme [%x]", *md ) ); } @@ -732,14 +732,14 @@ int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * Write extension header */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF ); + *p++ = ( unsigned char )( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( ( sig_alg_len + 2 ) ) & 0xFF ); - *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF ); + *p++ = ( unsigned char )( ( sig_alg_len >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( sig_alg_len ) & 0xFF ); *olen = 6 + sig_alg_len; @@ -802,10 +802,10 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k const mbedtls_ssl_ciphersuite_t *suite_info; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_context sha256; #endif -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_context sha512; #endif @@ -836,7 +836,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 32 ) { -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) handshake->calc_verify = ssl_calc_verify_tls_sha256; handshake->calc_finished = ssl_calc_finished_tls_sha256; #else @@ -847,7 +847,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 48 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) handshake->calc_verify = ssl_calc_verify_tls_sha384; handshake->calc_finished = ssl_calc_finished_tls_sha384; #else @@ -863,7 +863,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k } -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 32 ) { mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); @@ -871,7 +871,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k } else #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 48 ) { mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -1035,7 +1035,7 @@ int incrementSequenceNumber( unsigned char *sequenceNumber, unsigned char *nonce return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); } -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) static int ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char hash[32], int from ) { mbedtls_sha256_context sha256; @@ -1116,7 +1116,7 @@ static int ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char h } #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) static int ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char hash[48], int from ) { mbedtls_sha512_context sha384; @@ -1223,7 +1223,7 @@ static int ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char h */ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { -#if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA256_C ) && !defined( MBEDTLS_SHA512_C ) unsigned char salt[32]; unsigned char ECDHE[32]; unsigned char null_ikm[32]; @@ -1235,13 +1235,13 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { unsigned char intermediary_secret[64]; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) /* SHA256 hash of "" string of length 0. */ static const unsigned char NULL_HASH_SHA256[32] = { 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 }; #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) /* SHA384 hash of "" string of length 0. */ static const unsigned char NULL_HASH_SHA384[48] = { 0x38, 0xb0, 0x60, 0xa7, 0x51, 0xac, 0x96, 0x38, 0x4c, 0xd9, 0x32, 0x7e, 0xb1, 0xb1, 0xe3, 0x6a, 0x21, 0xfd, 0xb7, 0x11, 0x14, 0xbe, 0x07, 0x43, 0x4c, 0x0c, 0xc7, 0xbf, 0x63, 0xf6, 0xe1, 0xda, 0x27, 0x4e, 0xde, 0xbf, 0xe7, 0x6f, 0x65, 0xfb, 0xd5, 0x1a, 0xd2, 0xf1, 0x48, 0x98, 0xb9, 0x5b }; @@ -1257,7 +1257,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { unsigned int psk_allocated = 0; int hash_size; -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) psk = ssl->conf->psk; psk_len = ssl->conf->psk_len; #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ @@ -1296,7 +1296,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) /* If the psk callback was called, use its result */ if( ( ssl->handshake->psk != NULL ) && ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || @@ -1306,7 +1306,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { psk_len = ssl->handshake->psk_len; } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) if( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) { @@ -1329,7 +1329,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { /* We point the padbuf variable to the appropriate constant */ if( hash_size == 32 ) { -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) padbuf = ( unsigned char* ) NULL_HASH_SHA256; #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA256_C not set but ciphersuite with SHA256 negotiated" ) ); @@ -1339,7 +1339,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { } else if( hash_size == 48 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) padbuf = ( unsigned char* ) NULL_HASH_SHA384; #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA512_C not set but ciphersuite with SHA384 negotiated" ) ); @@ -1378,7 +1378,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { */ /* if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 32 ) { - #if defined(MBEDTLS_SHA256_C) + #if defined( MBEDTLS_SHA256_C ) mbedtls_sha256( ( const unsigned char* ) "", 0, padbuf, 0 ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA256_C not set but ciphersuite with SHA256 negotiated" ) ); @@ -1387,7 +1387,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { } if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 48 ) { - #if defined(MBEDTLS_SHA512_C) + #if defined( MBEDTLS_SHA512_C ) mbedtls_sha512( ( const unsigned char* ) "", 0, padbuf, 1 ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA512_C not set but ciphersuite with SHA384 negotiated" ) ); @@ -1413,7 +1413,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { * Compute Handshake Secret with HKDF-Extract( Intermediary Secret, ECDHE ) */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED ) if( ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) || ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) ){ @@ -1432,7 +1432,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { } else #endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) if( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) { memset( ECDHE, 0x0, hash_size ); @@ -1527,7 +1527,7 @@ int ssl_certificate_verify_process( mbedtls_ssl_context* ssl ); #define SSL_CERTIFICATE_VERIFY_SKIP 0 #define SSL_CERTIFICATE_VERIFY_SEND 1 static int ssl_certificate_verify_coordinate( mbedtls_ssl_context* ssl ); -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, @@ -1547,7 +1547,7 @@ int ssl_certificate_verify_process( mbedtls_ssl_context* ssl ) /* Coordination step: Check if we need to send a CertificateVerify */ MBEDTLS_SSL_PROC_CHK( ssl_certificate_verify_coordinate( ssl ) ); -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) if( ret == SSL_CERTIFICATE_VERIFY_SEND ) { /* Make sure we can write a new message. */ @@ -1611,7 +1611,7 @@ static int ssl_certificate_verify_coordinate( mbedtls_ssl_context* ssl ) return( SSL_CERTIFICATE_VERIFY_SKIP ); } -#if !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if !defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else @@ -1664,7 +1664,7 @@ static int ssl_certificate_verify_coordinate( mbedtls_ssl_context* ssl ) } -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, @@ -1679,7 +1679,7 @@ static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, unsigned int hashlen; /* TODO: Add bounds checks! Only then remove the next line. */ - ((void) buflen); + ( (void ) buflen ); /* * Make a signature of the handshake transcript @@ -1715,8 +1715,8 @@ static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); } - buf[4] = (unsigned char)( ( ssl->handshake->signature_scheme >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( ssl->handshake->signature_scheme ) & 0xFF ); + buf[4] = ( unsigned char )( ( ssl->handshake->signature_scheme >> 8 ) & 0xFF ); + buf[5] = ( unsigned char )( ( ssl->handshake->signature_scheme ) & 0xFF ); /* Info from ssl->transform_negotiate->ciphersuite_info->mac will be used instead */ hashlen = 0; @@ -1730,8 +1730,8 @@ static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, return( ret ); } - buf[4 + offset] = (unsigned char)( n >> 8 ); - buf[5 + offset] = (unsigned char)( n ); + buf[4 + offset] = ( unsigned char )( n >> 8 ); + buf[5 + offset] = ( unsigned char )( n ); *olen = 6 + n + offset; @@ -1744,12 +1744,12 @@ static int ssl_certificate_verify_postprocess( mbedtls_ssl_context* ssl ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_FINISHED ); #else mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); @@ -1785,7 +1785,7 @@ int ssl_read_certificate_verify_process( mbedtls_ssl_context* ssl ); #define SSL_CERTIFICATE_VERIFY_READ 1 static int ssl_read_certificate_verify_coordinate( mbedtls_ssl_context* ssl ); -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) /* Parse and validate CertificateVerify message * * Note: The size of the hash buffer is assumed to be large enough to @@ -1816,7 +1816,7 @@ int ssl_read_certificate_verify_process( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_PROC_CHK( ssl_read_certificate_verify_coordinate( ssl ) ); -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) if( ret == SSL_CERTIFICATE_VERIFY_READ ) { /* Need to calculate the hash of the transcript first @@ -1881,7 +1881,7 @@ static int ssl_read_certificate_verify_coordinate( mbedtls_ssl_context* ssl ) return( SSL_CERTIFICATE_VERIFY_SKIP ); } -#if !defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if !defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else @@ -1893,7 +1893,7 @@ static int ssl_read_certificate_verify_coordinate( mbedtls_ssl_context* ssl ) } -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) static int ssl_read_certificate_verify_parse( mbedtls_ssl_context* ssl, unsigned char const* buf, size_t buflen, @@ -1907,7 +1907,7 @@ static int ssl_read_certificate_verify_parse( mbedtls_ssl_context* ssl, mbedtls_md_type_t md_alg; /* TODO: Why don't we use `hashlen` here? Look at this. */ - ((void) hashlen); + ( (void ) hashlen ); if( buflen < mbedtls_ssl_hs_hdr_len( ssl ) ) { @@ -2003,7 +2003,7 @@ static int ssl_read_certificate_verify_parse( mbedtls_ssl_context* ssl, static int ssl_read_certificate_verify_postprocess( mbedtls_ssl_context* ssl ) { -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); @@ -2012,7 +2012,7 @@ static int ssl_read_certificate_verify_postprocess( mbedtls_ssl_context* ssl ) #endif /* MBEDTLS_SSL_SRV_C */ { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); @@ -2053,7 +2053,7 @@ int ssl_write_certificate_process( mbedtls_ssl_context* ssl ); #define SSL_WRITE_CERTIFICATE_AVAILABLE 0 #define SSL_WRITE_CERTIFICATE_SKIP 1 static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ); -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) /* Write certificate message based on the configured certificate */ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, unsigned char* buf, @@ -2075,7 +2075,7 @@ int ssl_write_certificate_process( mbedtls_ssl_context* ssl ) /* Coordination: Check if we need to send a certificate. */ MBEDTLS_SSL_PROC_CHK( ssl_write_certificate_coordinate( ssl ) ); -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) if( ret == SSL_WRITE_CERTIFICATE_AVAILABLE ) { /* Make sure we can write a new message. */ @@ -2122,7 +2122,7 @@ static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ) { int have_own_cert = 1; -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { /* Pre-configuration */ @@ -2140,12 +2140,12 @@ static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ) return( SSL_WRITE_CERTIFICATE_SKIP ); } -#if !defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if !defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { /* The client MUST send a Certificate message if and only @@ -2162,7 +2162,7 @@ static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ) } } #endif /* MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { if( have_own_cert == 0 ) @@ -2179,7 +2179,7 @@ static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ) -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, @@ -2190,7 +2190,7 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, unsigned char* start; /* TODO: Add bounds checks! Only then remove the next line. */ - ((void) buflen); + ( (void ) buflen ); /* * Handshake Header is 4 ( before adding DTLS-specific fields, which is done later ) @@ -2210,7 +2210,7 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, */ i += 1; -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) /* If the server requests client authentication but no suitable * certificate is available, the client MUST send a * Certificate message containing no certificates @@ -2246,9 +2246,9 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE ); } - buf[i] = (unsigned char)( n >> 16 ); - buf[i + 1] = (unsigned char)( n >> 8 ); - buf[i + 2] = (unsigned char)( n ); + buf[i] = ( unsigned char )( n >> 16 ); + buf[i + 1] = ( unsigned char )( n >> 8 ); + buf[i + 2] = ( unsigned char )( n ); i += 3; memcpy( buf + i, crt->raw.p, n ); i += n; crt = crt->next; @@ -2261,11 +2261,11 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, i += 2; } total_len = &buf[i] - start - 3; - *start++ = (unsigned char)( ( total_len ) >> 16 ); - *start++ = (unsigned char)( ( total_len ) >> 8 ); - *start++ = (unsigned char)( ( total_len ) ); + *start++ = ( unsigned char )( ( total_len ) >> 16 ); + *start++ = ( unsigned char )( ( total_len ) >> 8 ); + *start++ = ( unsigned char )( ( total_len ) ); -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) empty_cert: #endif /* MBEDTLS_SSL_CLI_C */ * olen = i; @@ -2279,16 +2279,16 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, /* Update the state after handling the outgoing certificate message. */ static int ssl_write_certificate_postprocess( mbedtls_ssl_context* ssl ) { -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2300,7 +2300,7 @@ static int ssl_write_certificate_postprocess( mbedtls_ssl_context* ssl ) else #endif /* MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_VERIFY ); @@ -2336,7 +2336,7 @@ int ssl_read_certificate_process( mbedtls_ssl_context* ssl ); #define SSL_CERTIFICATE_SKIP 1 static int ssl_read_certificate_coordinate( mbedtls_ssl_context* ssl ); -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) /* Parse certificate chain send by the peer. */ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, unsigned char const* buf, @@ -2362,7 +2362,7 @@ int ssl_read_certificate_process( mbedtls_ssl_context* ssl ) * Check if we expect a certificate, and if yes, * check if a non-empty certificate has been sent. */ MBEDTLS_SSL_PROC_CHK( ssl_read_certificate_coordinate( ssl ) ); -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) if( ret == SSL_CERTIFICATE_EXPECTED ) { /* Reading step */ @@ -2430,18 +2430,18 @@ static int ssl_read_certificate_coordinate( mbedtls_ssl_context* ssl ) return( SSL_CERTIFICATE_SKIP ); } -#if !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - ( (void)authmode ); +#if !defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) + ( ( void )authmode ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { /* If SNI was used, overwrite authentication mode * from the configuration. */ -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) authmode = ssl->handshake->sni_authmode; #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ @@ -2461,7 +2461,7 @@ static int ssl_read_certificate_coordinate( mbedtls_ssl_context* ssl ) #endif /* !MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ } -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) /* Write certificate message based on the configured certificate */ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, unsigned char const* buf, @@ -2471,11 +2471,11 @@ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, size_t i, n, certificate_request_context_len; int authmode = ssl->conf->authmode; -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { /* read certificate request context length */ - certificate_request_context_len = (size_t) * ( buf + mbedtls_ssl_hs_hdr_len( ssl ) ); + certificate_request_context_len = ( size_t ) * ( buf + mbedtls_ssl_hs_hdr_len( ssl ) ); /* verify message length */ if( buflen < 3 + certificate_request_context_len + 1 + mbedtls_ssl_hs_hdr_len( ssl ) ) @@ -2553,8 +2553,8 @@ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); } - n = ( (unsigned int)buf[i + 1] << 8 ) - | (unsigned int)buf[i + 2]; + n = ( ( unsigned int )buf[i + 1] << 8 ) + | ( unsigned int )buf[i + 2]; i += 3; if( n < 128 || i + n > buflen ) @@ -2606,7 +2606,7 @@ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) { int ret = 0; @@ -2616,7 +2616,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) /* If SNI was used, overwrite authentication mode * from the configuration. */ -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) authmode = ssl->handshake->sni_authmode; #endif @@ -2628,7 +2628,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) * Check for that and handle it depending on the * server's authentication mode. */ -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && ssl->session_negotiate->peer_cert == NULL ) { @@ -2660,7 +2660,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) return( 0 ); } -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) if( ssl->handshake->sni_ca_chain != NULL ) { ca_chain = ssl->handshake->sni_ca_chain; @@ -2693,7 +2693,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) * Secondary checks: always done, but change 'ret' only if it was 0 */ -#if defined(MBEDTLS_ECP_C) +#if defined( MBEDTLS_ECP_C ) { const mbedtls_pk_context* pk = &ssl->session_negotiate->peer_cert->pk; @@ -2768,7 +2768,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN ); } -#if defined(MBEDTLS_DEBUG_C) +#if defined( MBEDTLS_DEBUG_C ) if( ssl->session_negotiate->verify_result != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %x", @@ -2787,13 +2787,13 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) static int ssl_read_certificate_postprocess( mbedtls_ssl_context* ssl ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY ); @@ -2834,17 +2834,17 @@ static int ssl_read_certificate_postprocess( mbedtls_ssl_context* ssl ) int mbedtls_ssl_generate_resumption_master_secret( mbedtls_ssl_context *ssl ) { int ret = 0; -#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) +#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) const mbedtls_md_info_t *md_info; const mbedtls_ssl_ciphersuite_t *suite_info; mbedtls_ssl_transform *transform = ssl->transform_negotiate; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_context sha256; #endif -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_context sha512; #endif @@ -2863,7 +2863,7 @@ int mbedtls_ssl_generate_resumption_master_secret( mbedtls_ssl_context *ssl ) { return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 32 ) { mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); @@ -2871,7 +2871,7 @@ int mbedtls_ssl_generate_resumption_master_secret( mbedtls_ssl_context *ssl ) { } else #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 48 ) { mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -2920,11 +2920,11 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key unsigned char padbuf[MBEDTLS_MD_MAX_SIZE]; -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_context sha256; #endif -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_context sha512; #endif @@ -2978,7 +2978,7 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 32 ) { -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_init( &sha256 ); mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); mbedtls_sha256_finish( &sha256, padbuf ); @@ -2990,7 +2990,7 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 48 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -3088,7 +3088,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe unsigned char *key2; size_t out_cid_len; size_t in_cid_len; -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) unsigned char *temp; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3137,7 +3137,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe /* Copy current traffic_key structure to previous */ transform->traffic_keys_previous.clientWriteIV = transform->traffic_keys.clientWriteIV; transform->traffic_keys_previous.clientWriteKey = transform->traffic_keys.clientWriteKey; -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) transform->traffic_keys_previous.epoch = transform->traffic_keys.epoch; #endif /* MBEDTLS_SSL_PROTO_DTLS */ transform->traffic_keys_previous.ivLen = transform->traffic_keys.ivLen; @@ -3145,7 +3145,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe transform->traffic_keys_previous.serverWriteIV = transform->traffic_keys.serverWriteIV; transform->traffic_keys_previous.serverWriteKey = transform->traffic_keys.serverWriteKey; memcpy( transform->traffic_keys_previous.iv, transform->traffic_keys.iv, transform->ivlen ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) transform->traffic_keys_previous.client_sn_key = transform->traffic_keys.client_sn_key; transform->traffic_keys_previous.server_sn_key = transform->traffic_keys.server_sn_key; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3153,19 +3153,19 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe /* Store current traffic_key structure */ transform->traffic_keys.clientWriteIV = traffic_keys->clientWriteIV; transform->traffic_keys.clientWriteKey = traffic_keys->clientWriteKey; -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) transform->traffic_keys.epoch = traffic_keys->epoch; #endif /* MBEDTLS_SSL_PROTO_DTLS */ transform->traffic_keys.ivLen = traffic_keys->ivLen; transform->traffic_keys.keyLen = traffic_keys->keyLen; transform->traffic_keys.serverWriteIV = traffic_keys->serverWriteIV; transform->traffic_keys.serverWriteKey = traffic_keys->serverWriteKey; -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) transform->traffic_keys.client_sn_key = traffic_keys->client_sn_key; transform->traffic_keys.server_sn_key = traffic_keys->server_sn_key; #endif /* MBEDTLS_SSL_PROTO_DTLS */ } -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { @@ -3180,7 +3180,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe memcpy( transform->iv_dec, transform->traffic_keys_previous.clientWriteIV, transform->ivlen ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* Reverse the keys for server */ temp = transform->traffic_keys.client_sn_key; transform->traffic_keys.client_sn_key = transform->traffic_keys.server_sn_key; @@ -3190,7 +3190,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe } #endif /* MBEDTLS_SSL_SRV_C */ -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { key1 = traffic_keys->clientWriteKey; /* encryption key for the client */ @@ -3235,7 +3235,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe * out_cid_len or in_cid_len will be zero. */ -#if defined(MBEDTLS_CID) && defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_CID ) && defined( MBEDTLS_SSL_PROTO_DTLS ) out_cid_len = ssl->out_cid_len; #else out_cid_len = 0; @@ -3252,7 +3252,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe ssl->out_msg = ssl->out_iv; } -#if defined(MBEDTLS_CID) && defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_CID ) && defined( MBEDTLS_SSL_PROTO_DTLS ) in_cid_len = ssl->in_cid_len; #else in_cid_len = 0; @@ -3272,7 +3272,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe return ( 0 ); } -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) /* Early Data Key Derivation for TLS 1.3 * * Three tasks: @@ -3290,11 +3290,11 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra unsigned char padbuf[MBEDTLS_MD_MAX_SIZE]; mbedtls_ssl_transform *transform; -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_context sha256; #endif -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_context sha512; #endif @@ -3319,7 +3319,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) ); @@ -3328,7 +3328,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra transform = ssl->transform_negotiate; } #endif -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); @@ -3353,7 +3353,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - md = mbedtls_md_info_from_type( transform->ciphersuite_info->mac); + md = mbedtls_md_info_from_type( transform->ciphersuite_info->mac ); if( md == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "md == NULL, mbedtls_ssl_early_data_key_derivation failed" ) ); @@ -3368,20 +3368,20 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { memset( transform->sequence_number_dec, 0x0, 12 ); /* Set sequence number to zero */ } #endif -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { memset( transform->sequence_number_enc, 0x0, 12 ); /* Set sequence number to zero */ } #endif -#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) && defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl_dtls_replay_reset( ssl ); @@ -3390,7 +3390,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra if( ciphersuite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_init( &sha256 ); mbedtls_sha256_starts( &sha256, 0 /* = use SHA256 */ ); mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); @@ -3404,7 +3404,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra } else if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -3418,7 +3418,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra } else if( ciphersuite_info->mac == MBEDTLS_MD_SHA512 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 0 /* = use SHA512 */ ); mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -3518,7 +3518,7 @@ int mbedtls_ssl_key_derivation( mbedtls_ssl_context *ssl, KeySet *traffic_keys ) memset( ssl->transform_in->sequence_number_dec, 0x0, 12 ); /* Set sequence number to zero */ memset( ssl->in_ctr, 0, 8 ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) && defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ssl_dtls_replay_reset( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -3543,7 +3543,7 @@ int mbedtls_ssl_key_derivation( mbedtls_ssl_context *ssl, KeySet *traffic_keys ) */ ssl->in_msg = ssl->in_iv; -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) +#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) if( mbedtls_ssl_hw_record_activate != NULL ) { if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_INBOUND ) ) != 0 ) @@ -3581,7 +3581,7 @@ void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) /* With DTLS 1.3 we keep the handshake and transform structures alive. */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip freeing handshake and transform" ) ); @@ -3658,10 +3658,10 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) int ret; KeySet* traffic_keys=ssl->handshake->state_local.finished_out.traffic_keys; -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { ssl->transform_out = ssl->transform_negotiate; @@ -3675,7 +3675,7 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) traffic_keys.epoch = 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3685,7 +3685,7 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* epoch value ( 2 ) is used for messages protected using keys derived * from the handshake_traffic_secret. */ @@ -3709,7 +3709,7 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) /* * Set the out_msg pointer to the correct location based on IV length */ -#if !defined(MBEDTLS_SSL_PROTO_DTLS) +#if !defined( MBEDTLS_SSL_PROTO_DTLS ) ssl->out_msg = ssl->out_iv; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3721,7 +3721,7 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) ssl->handshake->state_local.finished_out.digest, ssl->conf->endpoint ); -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) +#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) if( mbedtls_ssl_hw_record_activate != NULL ) { if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) @@ -3732,7 +3732,7 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) } #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_send_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3745,11 +3745,11 @@ static int ssl_finished_out_postprocess( mbedtls_ssl_context* ssl ) int ret; KeySet* traffic_keys = ssl->handshake->state_local.finished_out.traffic_keys; -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_FINISHED, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3763,7 +3763,7 @@ static int ssl_finished_out_postprocess( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) traffic_keys.epoch = 3; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3774,7 +3774,7 @@ static int ssl_finished_out_postprocess( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* epoch value ( 3 ) is used for payloads protected using keys * derived from the initial traffic_secret_0. */ @@ -3790,10 +3790,10 @@ static int ssl_finished_out_postprocess( mbedtls_ssl_context* ssl ) } #endif /* MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_DATA ); @@ -3890,7 +3890,7 @@ int ssl_finished_in_process( mbedtls_ssl_context* ssl ) ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), ssl->in_hslen - mbedtls_ssl_hs_hdr_len( ssl ) ) ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_recv_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3972,13 +3972,13 @@ static int ssl_finished_in_parse( mbedtls_ssl_context* ssl, static int ssl_finished_in_postprocess( mbedtls_ssl_context* ssl ) { /* Update logic state machine */ -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { } #endif /* MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { @@ -3990,7 +3990,7 @@ static int ssl_finished_in_postprocess( mbedtls_ssl_context* ssl ) -#if defined(MBEDTLS_CID) +#if defined( MBEDTLS_CID ) void mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, unsigned int cid ) { if( cid == MBEDTLS_CID_CONF_DISABLED || cid == MBEDTLS_CID_CONF_ENABLED || @@ -4000,7 +4000,7 @@ void mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, unsigned int cid ) #endif -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, int early_data, char *buffer, unsigned int len, int( *early_data_callback )( mbedtls_ssl_context *, unsigned char *, size_t ) ) { @@ -4018,7 +4018,7 @@ void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, int early_data, char #endif /* MBEDTLS_ZERO_RTT */ -#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) +#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) /* The ssl_parse_new_session_ticket( ) function is used by the * client to parse the NewSessionTicket message, which contains @@ -4181,7 +4181,7 @@ int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "Key_len: %d", mbedtls_hash_size_for_ciphersuite( suite_info ) ) ); -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) /* Store ticket creation time */ ssl->session->ticket_received = time( NULL ); #endif @@ -4197,7 +4197,7 @@ int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) * received will be set. */ -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) int mbedtls_ssl_conf_ticket_meta( mbedtls_ssl_config *conf, const uint32_t ticket_age_add, const time_t ticket_received ) @@ -4207,7 +4207,7 @@ int mbedtls_ssl_conf_ticket_meta( mbedtls_ssl_config *conf, #endif /* MBEDTLS_HAVE_TIME */ { conf->ticket_age_add = ticket_age_add; -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) conf->ticket_received = ticket_received; #endif /* MBEDTLS_HAVE_TIME */ return( 0 ); @@ -4218,7 +4218,7 @@ int mbedtls_ssl_conf_ticket_meta( mbedtls_ssl_config *conf, -#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) +#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) /* * Init ticket structure @@ -4284,7 +4284,7 @@ int mbedtls_ssl_conf_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_ if( ret != 0 ) return( -1 ); /* We set the ticket_age_add and the time we received the ticket */ -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) ret = mbedtls_ssl_conf_ticket_meta( conf, ticket->ticket_age_add, ticket->start ); #else ret = mbedtls_ssl_conf_ticket_meta( conf, ticket->ticket_age_add ); @@ -4341,7 +4341,7 @@ int mbedtls_ssl_get_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_t /* store ticket_age_add */ ticket->ticket_age_add = ssl->session->ticket_age_add; -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) /* store time we received the ticket */ ticket->start = ssl->session->ticket_received; #endif /* MBEDTLS_HAVE_TIME */ @@ -4392,7 +4392,7 @@ void mbedtls_ssl_conf_client_ticket_disable( mbedtls_ssl_context *ssl ) * }; * } EarlyDataIndication; */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t buflen, @@ -4401,7 +4401,7 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, unsigned char *p = buf; const unsigned char* end = buf + buflen; -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { if( ssl->conf->key_exchange_modes != KEY_EXCHANGE_MODE_PSK_KE || @@ -4415,7 +4415,7 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_SRV_C */ -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || @@ -4429,20 +4429,20 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_CLI_C */ - if( (size_t)( end - p ) < 4 ) + if( ( size_t )( end - p ) < 4 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return ( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding early_data extension" ) ); } #endif /* MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding early_data extension" ) ); @@ -4452,8 +4452,8 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, ssl->handshake->early_data = MBEDTLS_SSL_EARLY_DATA_ON; /* Write extension header */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EARLY_DATA >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EARLY_DATA ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_EARLY_DATA >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_EARLY_DATA ) & 0xFF ); /* Write total extension length */ *p++ = 0; diff --git a/library/ssl_tls13_messaging.c b/library/ssl_tls13_messaging.c index 2960ffeadeae..2092fb6400c6 100644 --- a/library/ssl_tls13_messaging.c +++ b/library/ssl_tls13_messaging.c @@ -23,19 +23,19 @@ * https://github.com/hanno-arm/mbedtls/tree/mps_implementation/ */ -#if !defined(MBEDTLS_CONFIG_FILE) +#if !defined( MBEDTLS_CONFIG_FILE ) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_SSL_TLS_C) +#if defined( MBEDTLS_SSL_TLS_C ) -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +#if defined( MBEDTLS_SSL_PROTO_TLS1_3 ) -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) #include "mbedtls/aes.h" #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -46,12 +46,12 @@ #include "mbedtls/hkdf.h" #include -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) +#if defined( MBEDTLS_X509_CRT_PARSE_C ) && \ + defined( MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE ) #include "mbedtls/oid.h" #endif -#if defined(MBEDTLS_PLATFORM_C) +#if defined( MBEDTLS_PLATFORM_C ) #include "mbedtls/platform.h" #else #include @@ -71,11 +71,11 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context* ssl, mbedtls_ssl_transform* transform ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->out_ctr = ssl->out_hdr + 3; -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) +#if defined( MBEDTLS_SSL_DTLS_CONNECTION_ID ) ssl->out_cid = ssl->out_ctr + 8; ssl->out_len = ssl->out_cid; if( transform != NULL ) @@ -90,7 +90,7 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context* ssl, { ssl->out_ctr = ssl->out_hdr - 8; ssl->out_len = ssl->out_hdr + 3; -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) +#if defined( MBEDTLS_SSL_DTLS_CONNECTION_ID ) ssl->out_cid = ssl->out_len; #endif ssl->out_iv = ssl->out_hdr + 5; @@ -126,7 +126,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context* ssl ) * record plaintext. */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* This sets the header pointers to match records @@ -134,7 +134,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context* ssl ) * a CID, the fields are shifted accordingly in * ssl_parse_record_header( ). */ ssl->in_ctr = ssl->in_hdr + 3; -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) +#if defined( MBEDTLS_SSL_DTLS_CONNECTION_ID ) ssl->in_cid = ssl->in_ctr + 8; ssl->in_len = ssl->in_cid; /* Default: no CID */ #else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -147,7 +147,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context* ssl ) { ssl->in_ctr = ssl->in_hdr - 8; ssl->in_len = ssl->in_hdr + 3; -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) +#if defined( MBEDTLS_SSL_DTLS_CONNECTION_ID ) ssl->in_cid = ssl->in_len; #endif ssl->in_iv = ssl->in_hdr + 5; @@ -166,7 +166,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context* ssl ) void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context* ssl ) { /* Set the incoming and outgoing record pointers. */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->out_hdr = ssl->out_buf; @@ -216,7 +216,7 @@ static int ssl_check_timer( mbedtls_ssl_context *ssl ) /* Length of the "epoch" field in the record header */ static inline size_t ssl_ep_len( const mbedtls_ssl_context* ssl ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) return( 2 ); #else @@ -225,7 +225,7 @@ static inline size_t ssl_ep_len( const mbedtls_ssl_context* ssl ) return( 0 ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* @@ -289,7 +289,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) /* * Encrypt */ -#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) +#if defined( MBEDTLS_GCM_C ) || defined( MBEDTLS_CCM_C ) if( mode == MBEDTLS_MODE_GCM || mode == MBEDTLS_MODE_CCM || mode == MBEDTLS_MODE_CCM_8 ) { @@ -305,7 +305,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) taglen = 8; else taglen = 16; -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* TBD: We need to adjust the additional data calculation for CID use */ @@ -387,7 +387,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) * ( encrypted seqnr ) */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* For DTLS 1.3 and encrypted payloads only */ if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && ( ssl->transform_out != NULL ) ) @@ -480,7 +480,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) } -#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) +#if defined( MBEDTLS_GCM_C ) || defined( MBEDTLS_CCM_C ) if( mode == MBEDTLS_MODE_GCM || mode == MBEDTLS_MODE_CCM || mode == MBEDTLS_MODE_CCM_8 ) @@ -498,7 +498,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) taglen = 8; else taglen = 16; -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* Adding the content type to additional data */ @@ -565,7 +565,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 4, "Encrypted message ( without tag ):", dec_msg, dec_msglen ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_CID) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) && defined( MBEDTLS_CID ) /* For DTLS 1.3 and encrypted payloads we need to decrypt the sequence number */ if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && ( ssl->transform_out != NULL ) ) @@ -632,7 +632,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 4, "Sequence Number ( after ):", ssl->transform_in->sequence_number_dec, 12 ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* Always copy the most recent IV used for incoming data. */ memcpy( ssl->transform_in->traffic_keys_previous.iv, ssl->transform_in->iv_dec, ssl->transform_in->ivlen ); @@ -684,7 +684,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) else ssl->nb_zero = 0; -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ; /* in_ctr read from peer, not maintained internally */ @@ -739,13 +739,13 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - if( nb_want > MBEDTLS_SSL_BUFFER_LEN - (size_t)( ssl->in_hdr - ssl->in_buf ) ) + if( nb_want > MBEDTLS_SSL_BUFFER_LEN - ( size_t )( ssl->in_hdr - ssl->in_buf ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { uint32_t timeout; @@ -984,7 +984,7 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) /* * Functions to handle the DTLS retransmission state machine */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* * Append current handshake message to current outgoing flight */ @@ -1046,7 +1046,7 @@ static void ssl_flight_free( mbedtls_ssl_flight_item *flight ) } } -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ); #endif @@ -1086,7 +1086,7 @@ static void ssl_swap_epochs( mbedtls_ssl_context *ssl ) else ssl->out_msg = ssl->out_iv; -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) +#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) if( mbedtls_ssl_hw_record_activate != NULL ) { if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) @@ -1214,7 +1214,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 5, ( "=> write record" ) ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake != NULL && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) @@ -1259,9 +1259,9 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) * */ /* Add handshake message length */ - ssl->out_msg[1] = (unsigned char)( ( len - 4 ) >> 16 ); - ssl->out_msg[2] = (unsigned char)( ( len - 4 ) >> 8 ); - ssl->out_msg[3] = (unsigned char)( ( len - 4 ) ); + ssl->out_msg[1] = ( unsigned char )( ( len - 4 ) >> 16 ); + ssl->out_msg[2] = ( unsigned char )( ( len - 4 ) >> 8 ); + ssl->out_msg[3] = ( unsigned char )( ( len - 4 ) ); if( ssl->transform_out != NULL ) { @@ -1272,7 +1272,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) ssl->out_msglen += 1; } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* * DTLS has additional fields in the Handshake layer, * between the length field and the actual payload: @@ -1285,8 +1285,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) /* Make room for the additional DTLS fields */ memmove( ssl->out_msg + mbedtls_ssl_hs_hdr_len( ssl ), ssl->out_msg + 4, len - 4 ); ssl->out_msglen += 8; -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - /* Advancing also the pointer to the pre_shared_key extension (if used) */ +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) + /* Advancing also the pointer to the pre_shared_key extension ( if used ) */ if( ( ssl->handshake != NULL ) && ( ssl->handshake->pre_shared_key_pointer != NULL ) ) { ssl->handshake->pre_shared_key_pointer += 8; @@ -1322,7 +1322,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) /* We need to patch the psk binder by * re-running the function to get the correct length information for the extension. * But: we only do that when in ClientHello state and when using a PSK mode @@ -1364,7 +1364,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) } /* Save handshake and CCS messages for resending */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake != NULL && ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING && @@ -1379,7 +1379,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) +#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) if( mbedtls_ssl_hw_record_write != NULL ) { MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_write( )" ) ); @@ -1398,7 +1398,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) if( !done ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) size_t i=0; /* @@ -1465,8 +1465,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) /* TBD */ /* Write Length */ - ssl->out_len[0] = (unsigned char)( len >> 8 ); - ssl->out_len[1] = (unsigned char)( len ); + ssl->out_len[0] = ( unsigned char )( len >> 8 ); + ssl->out_len[1] = ( unsigned char )( len ); } else @@ -1476,7 +1476,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) /* Set flags in unified header */ ssl->out_hdr[0] = MBEDTLS_SSL_UNIFIED_HDR_PREAMBLE_3; -#if defined(MBEDTLS_CID) +#if defined( MBEDTLS_CID ) if( ssl->out_cid_len > 0 ) { @@ -1519,8 +1519,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) /* Write 16 bit length */ ssl->out_hdr[0] |= MBEDTLS_SSL_UNIFIED_HDR_LEN; - ssl->out_hdr[3 + i] = (unsigned char)( len >> 8 ); - ssl->out_hdr[4 + i] = (unsigned char)( len ); + ssl->out_hdr[3 + i] = ( unsigned char )( len >> 8 ); + ssl->out_hdr[4 + i] = ( unsigned char )( len ); /* Change pointer to length field */ ssl->out_len = &ssl->out_hdr[3 + i]; @@ -1566,8 +1566,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) mbedtls_ssl_write_version( 3, 3, ssl->conf->transport, ssl->out_hdr + 1 ); /* Write Length */ - ssl->out_len[0] = (unsigned char)( len >> 8 ); - ssl->out_len[1] = (unsigned char)( len ); + ssl->out_len[0] = ( unsigned char )( len >> 8 ); + ssl->out_len[1] = ( unsigned char )( len ); } if( ssl->transform_out != NULL ) @@ -1579,8 +1579,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) } len = ssl->out_msglen; - ssl->out_len[0] = (unsigned char)( len >> 8 ); - ssl->out_len[1] = (unsigned char)( len ); + ssl->out_len[0] = ( unsigned char )( len >> 8 ); + ssl->out_len[1] = ( unsigned char )( len ); } /* Calculate the number of bytes we have to put on the wire */ @@ -1613,7 +1613,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) return( 0 ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* * Mark bits in bitmask ( used for DTLS HS reassembly ) */ @@ -1810,7 +1810,7 @@ static int ssl_reassemble_dtls_handshake( mbedtls_ssl_context *ssl ) ssl->in_left = ssl->next_record_offset + remain_len; if( ssl->in_left > MBEDTLS_SSL_BUFFER_LEN - - (size_t)( ssl->in_hdr - ssl->in_buf ) ) + ( size_t )( ssl->in_hdr - ssl->in_buf ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "reassembled message too large for buffer" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -1851,7 +1851,7 @@ static int ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) " %d, type = %d, hslen = %d", ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { int ret; @@ -1935,7 +1935,7 @@ static int ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) } /* Handshake message is complete, increment counter */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake != NULL ) { @@ -1956,7 +1956,7 @@ static int ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) * in_window is set. The only exception is the initial state ( record number 0 * not seen yet ). */ -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ) { ssl->in_window_top = 0; @@ -2034,7 +2034,7 @@ void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE ) && defined( MBEDTLS_SSL_SRV_C ) /* Forward declaration */ static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ); @@ -2152,14 +2152,14 @@ static int ssl_check_dtls_clihlo_cookie( *olen = p - obuf; /* Go back and fill length fields */ - obuf[27] = (unsigned char)( *olen - 28 ); + obuf[27] = ( unsigned char )( *olen - 28 ); - obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 ); - obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 ); - obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) ); + obuf[14] = obuf[22] = ( unsigned char )( ( *olen - 25 ) >> 16 ); + obuf[15] = obuf[23] = ( unsigned char )( ( *olen - 25 ) >> 8 ); + obuf[16] = obuf[24] = ( unsigned char )( ( *olen - 25 ) ); - obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 ); - obuf[12] = (unsigned char)( ( *olen - 13 ) ); + obuf[11] = ( unsigned char )( ( *olen - 13 ) >> 8 ); + obuf[12] = ( unsigned char )( ( *olen - 13 ) ); return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); } @@ -2235,7 +2235,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) { int ret; int major_ver, minor_ver; -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) int ptr_to_len; if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && @@ -2263,7 +2263,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) /* Check record type */ if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && ssl->in_msgtype != MBEDTLS_SSL_MSG_ALERT && -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && #endif /* MBEDTLS_COMPATIBILITY_MODE */ ssl->in_msgtype != MBEDTLS_SSL_MSG_ACK && @@ -2284,7 +2284,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->transform_in != NULL ) { @@ -2304,7 +2304,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) /* ssl->in_msgtype = MBEDTLS_SSL_MSG_TLS_CID; ( in DTLS 1.3 we shouldn't be using this message type ) */ ssl->in_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; -#if defined(MBEDTLS_CID) +#if defined( MBEDTLS_CID ) if( ssl->in_hdr[0] & MBEDTLS_SSL_UNIFIED_HDR_CID ) { /* Datagram contains a CID */ @@ -2368,7 +2368,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) } } /* Check epoch with DTLS */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { unsigned int rec_epoch = 0; @@ -2392,7 +2392,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) "expected %d, received %d", ssl->in_epoch, rec_epoch ) ); -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE ) && defined( MBEDTLS_SSL_SRV_C ) /* * Check for an epoch 0 ClientHello. We can't use in_msg here to * access the first byte of record content ( handshake type ), as we @@ -2418,7 +2418,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) } } -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) /* Replay detection only works for the current epoch */ if( rec_epoch == ssl->in_epoch && mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) @@ -2436,7 +2436,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) /* Check length against the size of our buffer */ if( ssl->in_msglen > MBEDTLS_SSL_BUFFER_LEN - - (size_t)( ssl->in_msg - ssl->in_buf ) ) + - ( size_t )( ssl->in_msg - ssl->in_buf ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); return( MBEDTLS_ERR_SSL_INVALID_RECORD ); @@ -2454,7 +2454,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) } else { -#if !defined(MBEDTLS_COMPATIBILITY_MODE) +#if !defined( MBEDTLS_COMPATIBILITY_MODE ) /* In compatibility mode we will receive * Change Cipher Spec messages, which are * ssl->in_msglen = 1 in length. */ @@ -2469,7 +2469,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) * TLS encrypted messages can have up to 256 bytes of padding */ if( -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && #endif /* MBEDTLS_COMPATIBILITY_MODE */ ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 && @@ -2494,7 +2494,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 4, "RECEIVED FROM NETWORK", ssl->in_hdr, mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_in ) + ssl->in_msglen ); -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) +#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) if( mbedtls_ssl_hw_record_read != NULL ) { MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_read( )" ) ); @@ -2512,7 +2512,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ if( !done && ssl->transform_in != NULL ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* If we received an old record ( based on the epoch value ) * then we need to change the keys. */ @@ -2530,7 +2530,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) return( 0 ); #endif /* MBEDTLS_COMPATIBILITY_MODE */ @@ -2550,7 +2550,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_INVALID_RECORD ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* We re-set the key. */ if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && @@ -2568,7 +2568,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) } -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { mbedtls_ssl_dtls_replay_update( ssl ); @@ -2630,7 +2630,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) if( ( ret = ssl_parse_record_header( ssl ) ) != 0 ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ret != MBEDTLS_ERR_SSL_CLIENT_RECONNECT ) { @@ -2658,7 +2658,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) /* Done reading this record, get ready for the next one */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ssl->next_record_offset = ssl->in_msglen + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_in ); else @@ -2671,7 +2671,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) if( ( ret = ssl_prepare_record_content( ssl ) ) != 0 ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* Silently discard invalid records */ @@ -2684,7 +2684,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) if( ssl->state == MBEDTLS_SSL_CLIENT_FINISHED || ssl->state == MBEDTLS_SSL_SERVER_FINISHED ) { -#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) +#if defined( MBEDTLS_SSL_ALL_ALERT_MESSAGES ) if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) { mbedtls_ssl_send_alert_message( ssl, @@ -2695,7 +2695,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) return( ret ); } -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) +#if defined( MBEDTLS_SSL_DTLS_BADMAC_LIMIT ) if( ssl->conf->badmac_limit != 0 && ++ssl->badmac_seen >= ssl->conf->badmac_limit ) { @@ -2714,7 +2714,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ { /* Error out ( and send alert ) on invalid records */ -#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) +#if defined( MBEDTLS_SSL_ALL_ALERT_MESSAGES ) if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) { mbedtls_ssl_send_alert_message( ssl, @@ -2796,7 +2796,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) /* Skip the ContentType and padding */ ssl->in_msglen = i - 1; break; -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) case MBEDTLS_SSL_MSG_ACK: /* We received an ACK */ ssl->in_msgtype = MBEDTLS_SSL_MSG_ACK; @@ -2852,7 +2852,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) goto read_record_header; } -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) /* We ignore incoming ChangeCipherSpec messages */ if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) { @@ -2880,7 +2880,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "Ignoring CCS." ) ); /* Done reading this record, get ready for the next one */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->next_record_offset = mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN ) + ssl->in_msglen; @@ -3021,7 +3021,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read" ) ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) @@ -3085,14 +3085,14 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) return( MBEDTLS_ERR_SSL_WANT_READ ); } -#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) +#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) /* Post-Handshake messages, like the NewSessionTicket message, appear after the finished * message was sent */ if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "received post-handshake message" ) ); -#if defined(MBEDTLS_SSL_CLI_C) +#if defined( MBEDTLS_SSL_CLI_C ) if( ( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) && ( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) && ( ssl->in_msg[0] == MBEDTLS_SSL_HS_NEW_SESSION_TICKET ) ) { @@ -3107,7 +3107,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) #endif /* MBEDTLS_SSL_CLI_C */ } else #endif /* MBEDTLS_SSL_NEW_SESSION_TICKET */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ACK ) { /* We will not pass the Ack msg to the application. */ @@ -3174,13 +3174,13 @@ static int ssl_write_real( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { int ret; -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) size_t max_len = mbedtls_ssl_get_max_frag_len( ssl ); if( len > max_len ) { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment larger than the ( negotiated ) " @@ -3237,7 +3237,7 @@ int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) if( ( ssl->handshake!= NULL ) && ( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_OFF ) ) #endif/* MBEDTLS_ZERO_RTT */ { diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 450f72fc995e..0aba98ffe808 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -20,16 +20,16 @@ */ -#if !defined(MBEDTLS_CONFIG_FILE) +#if !defined( MBEDTLS_CONFIG_FILE ) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +#if defined( MBEDTLS_SSL_PROTO_TLS1_3 ) -#if defined(MBEDTLS_SSL_SRV_C) +#if defined( MBEDTLS_SSL_SRV_C ) #include "mbedtls/debug.h" #include "mbedtls/ssl.h" @@ -37,18 +37,18 @@ #include -#if defined(MBEDTLS_ECP_C) +#if defined( MBEDTLS_ECP_C ) #include "mbedtls/ecp.h" #endif /* MBEDTLS_ECP_C */ #include "mbedtls/hkdf-tls.h" #include "mbedtls/hkdf.h" -#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) +#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) #include "mbedtls/ssl_ticket.h" #endif /* MBEDTLS_SSL_NEW_SESSION_TICKET */ -#if defined(MBEDTLS_PLATFORM_C) +#if defined( MBEDTLS_PLATFORM_C ) #include "mbedtls/platform.h" #else #include @@ -56,12 +56,12 @@ #define mbedtls_free free #endif /* MBEDTLS_PLATFORM_C */ -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) #include #endif /* MBEDTLS_HAVE_TIME */ -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) static int ssl_write_sni_server_ext( mbedtls_ssl_context *ssl, unsigned char *buf, @@ -79,8 +79,8 @@ static int ssl_write_sni_server_ext( } /* Write extension header */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); /* Write total extension length */ *p++ = 0; @@ -127,7 +127,7 @@ static int ssl_write_sni_server_ext( } KeyShare; */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, unsigned char* buf, @@ -192,12 +192,12 @@ static int ssl_write_key_shares_ext( MBEDTLS_SSL_DEBUG_ECP( 3, "ECDHE: Q ", &ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected].Q ); /* Write extension header */ - *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); - *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); + *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); + *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); /* Write total extension length */ - *header++ = (unsigned char)( ( ( len ) >> 8 ) & 0xFF ); - *header++ = (unsigned char)( ( ( len ) ) & 0xFF ); + *header++ = ( unsigned char )( ( ( len ) >> 8 ) & 0xFF ); + *header++ = ( unsigned char )( ( ( len ) ) & 0xFF ); *olen = len + 4; /* 4 bytes for fixed header + length of key share */ @@ -206,7 +206,7 @@ static int ssl_write_key_shares_ext( #endif /* MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) @@ -222,7 +222,7 @@ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); -#if defined(MBEDTLS_ECP_C) +#if defined( MBEDTLS_ECP_C ) if( mbedtls_ssl_check_curve( ssl, ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected].grp.id ) != 0 ) #else if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || @@ -236,7 +236,7 @@ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_ECDH_C || ( MBEDTLS_ECDSA_C */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) /* @@ -314,7 +314,7 @@ int ssl_parse_supported_groups_ext( } #endif /* MBEDTLS_ECDH_C || ( MBEDTLS_ECDSA_C */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ /* @@ -343,7 +343,7 @@ static int ssl_parse_key_shares_ext( unsigned char *end = ( unsigned char* )buf + len; unsigned char *start = ( unsigned char* )buf; unsigned char *old; -#if !defined(MBEDTLS_CTLS) +#if !defined( MBEDTLS_CTLS ) size_t n; unsigned int ks_entry_size; #endif /* MBEDTLS_CTLS */ @@ -365,7 +365,7 @@ static int ssl_parse_key_shares_ext( */ /* With CTLS there is only one key share */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -444,7 +444,7 @@ static int ssl_parse_key_shares_ext( goto finish_key_share_parsing; } skip_parsing_key_share_entry: -#if !defined(MBEDTLS_CTLS) +#if !defined( MBEDTLS_CTLS ) /* we jump to the next key share entry, if there is one */ ks_entry_size = ( ( old[2] << 8 ) | ( old[3] ) ); /* skip named group id + length field + key share entry length */ @@ -457,7 +457,7 @@ static int ssl_parse_key_shares_ext( extensions_available = 0; } #else - ((void) buf); + ( (void ) buf ); #endif /* MBEDTLS_CTLS */ } @@ -469,13 +469,13 @@ static int ssl_parse_key_shares_ext( return ( 0 ); } else { - ((void) buf); + ( (void ) buf ); return ( final_ret ); } } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) +#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) int mbedtls_ssl_parse_new_session_ticket_server( mbedtls_ssl_context *ssl, unsigned char *buf, @@ -570,11 +570,11 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t unsigned char binder_key[MBEDTLS_MD_MAX_SIZE]; unsigned char finished_key[MBEDTLS_MD_MAX_SIZE]; -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_context sha256; #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_context sha512; #endif /* MBEDTLS_SHA512_C */ @@ -623,7 +623,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t if( suite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256( ( const unsigned char* )"", 0, hash, 0 ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); @@ -632,7 +632,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t } else if( suite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512( ( const unsigned char* )"", 0, hash, 1 /* for SHA384 */ ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); @@ -640,7 +640,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t #endif /* MBEDTLS_SHA512_C */ } -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_NEW_SESSION_TICKET) +#if defined( MBEDTLS_SSL_PROTO_TLS1_3 ) && defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) if( ( ssl->handshake->resume == 1 ) || ( ssl->conf->resumption_mode == 1 ) ) { ret = Derive_Secret( ssl, mbedtls_md_get_type( md ), @@ -669,7 +669,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t if( suite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_init( &sha256 ); mbedtls_sha256_starts( &sha256, 0 /* = use SHA256 */ ); /*mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); */ @@ -685,7 +685,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t } else if( suite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); /*mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); */ @@ -731,14 +731,14 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t MBEDTLS_SSL_DEBUG_BUF( 3, "Key", finished_key, hash_length ); MBEDTLS_SSL_DEBUG_BUF( 3, "Output", computed_binder, hash_length ); -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) if( suite_info->mac == MBEDTLS_MD_SHA256 ) { mbedtls_sha256_free( &sha256 ); } else #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) if( suite_info->mac == MBEDTLS_MD_SHA384 ) { mbedtls_sha512_free( &sha512 ); @@ -755,7 +755,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t return( ret ); } -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -766,7 +766,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, unsigned char server_computed_binder[MBEDTLS_MD_MAX_SIZE]; uint32_t obfuscated_ticket_age; mbedtls_ssl_ticket ticket; -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) time_t now; int64_t diff; #endif /* MBEDTLS_HAVE_TIME */ @@ -835,7 +835,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, goto psk_parsing_successful; } -#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) +#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) /* Check the ticket cache if previous lookup was unsuccessful */ if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ) { @@ -876,7 +876,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, * is within a small tolerance of the time since the ticket was issued. */ -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) now = time( NULL ); /* Check #1: @@ -912,7 +912,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; } -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) if( ssl->conf->early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED ) { if( diff <= MBEDTLS_SSL_EARLY_DATA_MAX_DELAY ) @@ -939,13 +939,13 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, /* Disable 0-RTT */ if( ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED ) { -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) if( ssl->conf->early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED ) { ssl->session_negotiate->process_early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED; } #else - ( (void)buf ); + ( ( void )buf ); #endif /* MBEDTLS_ZERO_RTT */ } } @@ -1069,7 +1069,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED*/ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) /* * struct { @@ -1116,19 +1116,19 @@ static int ssl_write_server_pre_shared_key_ext( mbedtls_ssl_context *ssl, } /* Extension Type */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); /* Extension Length */ - *p++ = (unsigned char)( ( 2 >> 8 ) & 0xFF ); - *p++ = (unsigned char)( 2 & 0xFF ); + *p++ = ( unsigned char )( ( 2 >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( 2 & 0xFF ); /* retrieve selected_identity */ selected_identity = 0; /* Write selected_identity */ - *p++ = (unsigned char)( ( selected_identity >> 8 ) & 0xFF ); - *p++ = (unsigned char)( selected_identity & 0xFF ); + *p++ = ( unsigned char )( ( selected_identity >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( selected_identity & 0xFF ); *olen = 6; @@ -1139,7 +1139,7 @@ static int ssl_write_server_pre_shared_key_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(MBEDTLS_SSL_COOKIE_C) +#if defined( MBEDTLS_SSL_COOKIE_C ) int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, const unsigned char *info, size_t ilen ) @@ -1159,7 +1159,7 @@ int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined(MBEDTLS_SSL_COOKIE_C) +#if defined( MBEDTLS_SSL_COOKIE_C ) void mbedtls_ssl_conf_cookies( mbedtls_ssl_config *conf, mbedtls_ssl_cookie_write_t *f_cookie_write, mbedtls_ssl_cookie_check_t *f_cookie_check, @@ -1173,7 +1173,7 @@ void mbedtls_ssl_conf_cookies( mbedtls_ssl_config *conf, } #endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined(MBEDTLS_SSL_COOKIE_C) && defined(MBEDTLS_SSL_PROTO_TLS1_3) +#if defined( MBEDTLS_SSL_COOKIE_C ) && defined( MBEDTLS_SSL_PROTO_TLS1_3 ) static int ssl_parse_cookie_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -1212,7 +1212,7 @@ static int ssl_parse_cookie_ext( mbedtls_ssl_context *ssl, -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -1276,7 +1276,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) /* static int ssl_parse_early_data_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, @@ -1289,7 +1289,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, */ #endif /* MBEDTLS_ZERO_RTT */ -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -1307,7 +1307,7 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) /* * ssl_parse_key_exchange_modes_ext( ) structure: @@ -1388,14 +1388,14 @@ static int ssl_write_supported_version_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding supported version extension" ) ); - if( end < p || (size_t)( end - p ) < 6 ) + if( end < p || ( size_t )( end - p ) < 6 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); /* length */ *p++ = 0x00; @@ -1477,7 +1477,7 @@ static int ssl_parse_supported_versions_ext( mbedtls_ssl_context *ssl, return( 0 ); } -#if defined(MBEDTLS_SSL_ALPN) +#if defined( MBEDTLS_SSL_ALPN ) static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -1541,7 +1541,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_ALPN */ -#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) +#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) /* This function creates a NewSessionTicket message in the following format. * The ticket inside the NewSessionTicket is an encrypted container carrying * the necessary information so that the server is later able to restore the @@ -1611,7 +1611,7 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) /* Store time when ticket was created. */ ticket.start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ @@ -1622,7 +1622,7 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) ticket.key_len = hash_length; ticket.ciphersuite = ssl->transform_negotiate->ciphersuite_info->id; -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined( MBEDTLS_X509_CRT_PARSE_C ) /* Check whether the client provided a certificate during the exchange */ if( ssl->session->peer_cert != NULL ) ticket.peer_cert = ssl->session->peer_cert; @@ -1687,8 +1687,8 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "NewSessionTicket ( nonce length ): %d", MBEDTLS_SSL_TICKET_NONCE_LENGTH ) ); /* Ticket Length */ - ssl->out_msg[13+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); - ssl->out_msg[14+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = (unsigned char)( ( tlen ) & 0xFF ); + ssl->out_msg[13+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = ( unsigned char )( ( tlen >> 8 ) & 0xFF ); + ssl->out_msg[14+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = ( unsigned char )( ( tlen ) & 0xFF ); /* no extensions for now -> set length to zero */ ssl->out_msg[15+ MBEDTLS_SSL_TICKET_NONCE_LENGTH +tlen] = ( ext_len >> 8 ) & 0xFF; @@ -1723,81 +1723,81 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) * Overview */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) /* Main state-handling entry point; orchestrates the other functions. */ -int ssl_read_end_of_early_data_process(mbedtls_ssl_context* ssl); +int ssl_read_end_of_early_data_process( mbedtls_ssl_context* ssl ); -static int ssl_read_end_of_early_data_preprocess(mbedtls_ssl_context* ssl); +static int ssl_read_end_of_early_data_preprocess( mbedtls_ssl_context* ssl ); /* There is no parse function for the end_of_early_data message. */ /* Update the state after handling the incoming end of early data message. */ -static int ssl_read_end_of_early_data_postprocess(mbedtls_ssl_context* ssl); +static int ssl_read_end_of_early_data_postprocess( mbedtls_ssl_context* ssl ); /* * Implementation */ -int ssl_read_end_of_early_data_process(mbedtls_ssl_context* ssl) +int ssl_read_end_of_early_data_process( mbedtls_ssl_context* ssl ) { int ret; - MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse end_of_early_data") ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse end_of_early_data" ) ); - MBEDTLS_SSL_PROC_CHK(ssl_read_end_of_early_data_preprocess(ssl) ); + MBEDTLS_SSL_PROC_CHK( ssl_read_end_of_early_data_preprocess( ssl ) ); /* Fetching step */ - if ((ret = mbedtls_ssl_read_record(ssl) ) != 0) + if ( (ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); goto cleanup; } - if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || - ssl->in_msg[0] != MBEDTLS_SSL_HS_END_OF_EARLY_DATA) + if ( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || + ssl->in_msg[0] != MBEDTLS_SSL_HS_END_OF_EARLY_DATA ) { - MBEDTLS_SSL_DEBUG_MSG(1, ("bad end_of_early_data message") ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad end_of_early_data message" ) ); ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; goto cleanup; } /* Postprocessing step: Update state machine */ - MBEDTLS_SSL_PROC_CHK(ssl_read_end_of_early_data_postprocess(ssl) ); + MBEDTLS_SSL_PROC_CHK( ssl_read_end_of_early_data_postprocess( ssl ) ); cleanup: - MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse end_of_early_data") ); - return(ret); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse end_of_early_data" ) ); + return( ret ); } -static int ssl_read_end_of_early_data_preprocess(mbedtls_ssl_context* ssl) +static int ssl_read_end_of_early_data_preprocess( mbedtls_ssl_context* ssl ) { int ret; KeySet traffic_keys; - ret = mbedtls_ssl_early_data_key_derivation(ssl, &traffic_keys); - if (ret != 0) + ret = mbedtls_ssl_early_data_key_derivation( ssl, &traffic_keys ); + if ( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_early_data_key_derivation", ret); - return (ret); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_early_data_key_derivation", ret ); + return ( ret ); } - ret = mbedtls_set_traffic_key(ssl, &traffic_keys, ssl->transform_negotiate, 0); - if (ret != 0) + ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate, 0 ); + if ( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_set_traffic_key", ret); - return (ret); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); + return ( ret ); } - return(0); + return( 0 ); } -static int ssl_read_end_of_early_data_postprocess(mbedtls_ssl_context* ssl) +static int ssl_read_end_of_early_data_postprocess( mbedtls_ssl_context* ssl ) { - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); - return (0); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); + return ( 0 ); } #endif /* MBEDTLS_ZERO_RTT */ @@ -1811,86 +1811,86 @@ static int ssl_read_end_of_early_data_postprocess(mbedtls_ssl_context* ssl) * Overview */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) /* Main state-handling entry point; orchestrates the other functions. */ -int ssl_read_early_data_process(mbedtls_ssl_context* ssl); +int ssl_read_early_data_process( mbedtls_ssl_context* ssl ); -static int ssl_read_early_data_preprocess(mbedtls_ssl_context* ssl); +static int ssl_read_early_data_preprocess( mbedtls_ssl_context* ssl ); /* Parse early data send by the peer. */ -static int ssl_read_early_data_parse(mbedtls_ssl_context* ssl, +static int ssl_read_early_data_parse( mbedtls_ssl_context* ssl, unsigned char const* buf, - size_t buflen); + size_t buflen ); /* Update the state after handling the incoming early data message. */ -static int ssl_read_early_data_postprocess(mbedtls_ssl_context* ssl); +static int ssl_read_early_data_postprocess( mbedtls_ssl_context* ssl ); /* * Implementation */ -int ssl_read_early_data_process(mbedtls_ssl_context* ssl) +int ssl_read_early_data_process( mbedtls_ssl_context* ssl ) { int ret; - MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse early data") ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse early data" ) ); - MBEDTLS_SSL_PROC_CHK(ssl_read_early_data_preprocess(ssl) ); + MBEDTLS_SSL_PROC_CHK( ssl_read_early_data_preprocess( ssl ) ); /* Fetching step */ - if ((ret = mbedtls_ssl_read_record(ssl) ) != 0) + if ( (ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); goto cleanup; } /* Check whether there is early data */ - if (ssl->in_msg != NULL && ssl->in_msglen > 0) + if ( ssl->in_msg != NULL && ssl->in_msglen > 0 ) { /* Parsing step */ - MBEDTLS_SSL_PROC_CHK(ssl_read_early_data_parse(ssl, + MBEDTLS_SSL_PROC_CHK( ssl_read_early_data_parse( ssl, ssl->in_msg, ssl->in_msglen ) ); } else { - MBEDTLS_SSL_DEBUG_MSG(1, ("No early data received!") ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "No early data received!" ) ); ret = MBEDTLS_ERR_SSL_BAD_EARLY_DATA; goto cleanup; } /* Postprocessing step: Update state machine */ - MBEDTLS_SSL_PROC_CHK(ssl_read_early_data_postprocess(ssl) ); + MBEDTLS_SSL_PROC_CHK( ssl_read_early_data_postprocess( ssl ) ); cleanup: - MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse early data") ); - return(ret); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse early data" ) ); + return( ret ); } -static int ssl_read_early_data_preprocess(mbedtls_ssl_context* ssl) +static int ssl_read_early_data_preprocess( mbedtls_ssl_context* ssl ) { int ret; KeySet traffic_keys; - ret = mbedtls_ssl_early_data_key_derivation(ssl, &traffic_keys); - if (ret != 0) + ret = mbedtls_ssl_early_data_key_derivation( ssl, &traffic_keys ); + if ( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_early_data_key_derivation", ret); - return (ret); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_early_data_key_derivation", ret ); + return ( ret ); } - ret = mbedtls_set_traffic_key(ssl, &traffic_keys, ssl->transform_negotiate, 0); - if (ret != 0) + ret = mbedtls_set_traffic_key( ssl, &traffic_keys, ssl->transform_negotiate, 0 ); + if ( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_set_traffic_key", ret); - return (ret); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); + return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* epoch value( 1 ) is used for messages protected using keys derived * from early_traffic_secret. */ @@ -1898,34 +1898,34 @@ static int ssl_read_early_data_preprocess(mbedtls_ssl_context* ssl) ssl->out_epoch = 1; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return(0); + return( 0 ); } -static int ssl_read_early_data_parse(mbedtls_ssl_context* ssl, +static int ssl_read_early_data_parse( mbedtls_ssl_context* ssl, unsigned char const* buf, - size_t buflen) + size_t buflen ) { /* Check whether we have enough buffer space */ - if (buflen <= ssl->conf->early_data_len) + if ( buflen <= ssl->conf->early_data_len ) { /* copy data to staging area */ - memcpy(ssl->conf->early_data_buf, buf, buflen); + memcpy( ssl->conf->early_data_buf, buf, buflen ); /* execute callback to process application data */ - ssl->conf->early_data_callback(ssl, (unsigned char*)ssl->conf->early_data_buf, buflen); + ssl->conf->early_data_callback( ssl, ( unsigned char* )ssl->conf->early_data_buf, buflen ); } else { - MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer too small (received early data size = %d, buffer size = %d", buflen, ssl->conf->early_data_len) ); - return (MBEDTLS_ERR_SSL_ALLOC_FAILED); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer too small ( received early data size = %d, buffer size = %d", buflen, ssl->conf->early_data_len ) ); + return ( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } - return(0); + return( 0 ); } -static int ssl_read_early_data_postprocess(mbedtls_ssl_context* ssl) +static int ssl_read_early_data_postprocess( mbedtls_ssl_context* ssl ) { - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO); - return (0); + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); + return ( 0 ); } #endif /* MBEDTLS_ZERO_RTT */ @@ -2011,7 +2011,7 @@ static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_PROC_CHK( ssl_client_hello_postprocess( ssl, ret ) ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_recv_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2030,7 +2030,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, unsigned char* buf; size_t msg_len; -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) read_record_header: #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -2058,7 +2058,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, if( buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE ) { -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) if( buf[0] == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) { @@ -2084,7 +2084,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "Change Cipher Spec message received and ignoring it." ) ); /* Done reading this record, get ready for the next one */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->next_record_offset = msg_len + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN ); @@ -2122,7 +2122,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, /* For DTLS if this is the initial handshake, remember the client sequence * number to use it in our next message ( RFC 6347 4.2.1 ) */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* Epoch should be 0 for initial handshakes */ @@ -2134,7 +2134,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, memcpy( ssl->out_ctr + 2, ssl->in_ctr + 2, 6 ); -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record, discarding" ) ); @@ -2164,7 +2164,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, } /* Done reading this record, get ready for the next one */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->next_record_offset = msg_len + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_in ); @@ -2211,7 +2211,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* @@ -2254,15 +2254,15 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, size_t orig_msg_len, ciph_len, ext_len, ext_len_psk_ext = 0; unsigned char *orig_buf, *end = buf + buflen; unsigned char *ciph_offset; -#if defined(MBEDTLS_SSL_COOKIE_C) && defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_COOKIE_C ) && defined( MBEDTLS_SSL_PROTO_DTLS ) size_t cookie_offset, cookie_len; #endif /* MBEDTLS_SSL_COOKIE_C && MBEDTLS_SSL_PROTO_DTLS */ unsigned char* p, * ext, * ext_psk_ptr = NULL; -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_context sha256; #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_context sha512; #endif /* MBEDTLS_SHA512_C */ @@ -2310,7 +2310,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, * We ignore the version field in the ClientHello. * We use the version field in the extension. */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { buf += 1; /* skip version */ @@ -2325,7 +2325,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, /* * Save client random */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf, 16 ); @@ -2343,7 +2343,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, } -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -2378,7 +2378,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, /* * Check the cookie length and content */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { cookie_len = buf[0]; @@ -2395,7 +2395,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", buf, cookie_len ); -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) +#if defined( MBEDTLS_SSL_DTLS_HELLO_VERIFY ) if( ssl->conf->f_cookie_check != NULL ) { @@ -2451,7 +2451,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, /* skip ciphersuites for now */ buf += ciph_len; -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -2518,7 +2518,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, } switch ( ext_id ) { -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) case MBEDTLS_TLS_EXT_SERVERNAME: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) ); ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); @@ -2531,7 +2531,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined(MBEDTLS_CID) +#if defined( MBEDTLS_CID ) case MBEDTLS_TLS_EXT_CID: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); if( ssl->conf->cid == MBEDTLS_CID_CONF_DISABLED ) @@ -2549,7 +2549,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_CID */ -#if defined(MBEDTLS_SSL_COOKIE_C) +#if defined( MBEDTLS_SSL_COOKIE_C ) case MBEDTLS_TLS_EXT_COOKIE: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found cookie extension" ) ); @@ -2567,7 +2567,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ) case MBEDTLS_TLS_EXT_PRE_SHARED_KEY: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) ); /* Delay processing of the PSK identity once we have @@ -2581,7 +2581,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) case MBEDTLS_TLS_EXT_EARLY_DATA: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found early_data extension" ) ); @@ -2597,7 +2597,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_ZERO_RTT */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) case MBEDTLS_TLS_EXT_SUPPORTED_GROUPS: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported group extension" ) ); @@ -2618,7 +2618,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) case MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found psk key exchange modes extension" ) ); @@ -2633,7 +2633,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) case MBEDTLS_TLS_EXT_KEY_SHARES: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key share extension" ) ); @@ -2667,7 +2667,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) ); @@ -2693,7 +2693,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, ssl->handshake->extensions_present += SUPPORTED_VERSION_EXTENSION; break; -#if defined(MBEDTLS_SSL_ALPN) +#if defined( MBEDTLS_SSL_ALPN ) case MBEDTLS_TLS_EXT_ALPN: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); @@ -2707,7 +2707,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_SSL_ALPN */ -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) case MBEDTLS_TLS_EXT_SIG_ALG: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); @@ -2741,7 +2741,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, got_common_suite = 0; ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; ciphersuite_info = NULL; -#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) +#if defined( MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE ) for ( j = 0, p = ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) { for ( i = 0; ciphersuites[i] != 0; i++ ) @@ -2806,7 +2806,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SIGNATURE_ALGORITHM_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SIGNATURE_ALGORITHM_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SUPPORTED_GROUPS_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SUPPORTED_GROUPS_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SUPPORTED_VERSION_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SUPPORTED_VERSION_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); -#if defined(MBEDTLS_CID) +#if defined( MBEDTLS_CID ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "- CID_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & CID_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_CID */ #if defined ( MBEDTLS_SSL_SERVER_NAME_INDICATION ) @@ -2821,7 +2821,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, #if defined ( MBEDTLS_SSL_COOKIE_C ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "- COOKIE_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & COOKIE_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "- EARLY_DATA_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & EARLY_DATA_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_ZERO_RTT*/ @@ -2830,7 +2830,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, * Additionally, we need to consider the ZeroRTT exchange as well. */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) /* * 0 ) Zero-RTT Exchange / Early Data * It requires early_data extension, at least key_exchange_modes and the pre_shared_key extension @@ -2980,12 +2980,12 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, end_client_hello: -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_recv_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_SSL_COOKIE_C) +#if defined( MBEDTLS_SSL_COOKIE_C ) /* If we failed to see a cookie extension, and we required it through the * configuration settings ( rr_config ), then we need to send a HRR msg. * Conceptually, this is similiar to having received a cookie that failed @@ -3032,7 +3032,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined(MBEDTLS_SHA256_C) +#if defined( MBEDTLS_SHA256_C ) mbedtls_sha256_init( &sha256 ); mbedtls_sha256_starts( &sha256, 0 /* = use SHA256 */ ); mbedtls_sha256_update( &sha256, orig_buf, orig_msg_len ); /* hash ClientHello message */ @@ -3045,7 +3045,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, } else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); mbedtls_sha512_update( &sha512, orig_buf, orig_msg_len ); /* hash ClientHello message */ @@ -3058,7 +3058,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, } else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA512 ) { -#if defined(MBEDTLS_SHA512_C) +#if defined( MBEDTLS_SHA512_C ) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 0 /* = use SHA512 */ ); mbedtls_sha512_update( &sha512, orig_buf, orig_msg_len ); /* hash ClientHello message */ @@ -3085,13 +3085,13 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl, int ret ) { - ((void) ssl); - ((void) ret); + ( (void ) ssl ); + ( (void ) ret ); return ( 0 ); } -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) @@ -3106,8 +3106,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); *p++ = 0x00; *p++ = 1; @@ -3120,7 +3120,7 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, -#if defined(MBEDTLS_SSL_ALPN) +#if defined( MBEDTLS_SSL_ALPN ) static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { @@ -3139,18 +3139,18 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + buf[0] = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); + buf[1] = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( *olen - 4 ) & 0xFF ); + buf[2] = ( unsigned char )( ( ( *olen - 4 ) >> 8 ) & 0xFF ); + buf[3] = ( unsigned char )( ( *olen - 4 ) & 0xFF ); - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( *olen - 6 ) & 0xFF ); + buf[4] = ( unsigned char )( ( ( *olen - 6 ) >> 8 ) & 0xFF ); + buf[5] = ( unsigned char )( ( *olen - 6 ) & 0xFF ); - buf[6] = (unsigned char)( ( *olen - 7 ) & 0xFF ); + buf[6] = ( unsigned char )( ( *olen - 7 ) & 0xFF ); memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); } @@ -3237,7 +3237,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* Remember current sequence number / epoch settings for resending */ @@ -3268,7 +3268,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) */ MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* Remember current sequence number / epoch settings for resending */ @@ -3301,7 +3301,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) /* Set sequence number used at the handshake header to zero */ memset( ssl->transform_out->sequence_number_enc, 0x0, 12 ); -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) +#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) if( mbedtls_ssl_hw_record_activate != NULL ) { if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) @@ -3311,7 +3311,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) } } #endif -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* epoch value ( 2 ) is used for messages protected * using keys derived from the handshake_traffic_secret. */ @@ -3355,7 +3355,7 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, /* Skip extension length; first write extensions, then update length */ p += 2; -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) if( ssl->handshake->extensions_present & SERVERNAME_EXTENSION ) { ret=ssl_write_sni_server_ext( ssl, p, end - p, &n ); @@ -3366,7 +3366,7 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined(MBEDTLS_SSL_ALPN) +#if defined( MBEDTLS_SSL_ALPN ) if( ssl->handshake->extensions_present & ALPN_EXTENSION ) { ret = ssl_write_alpn_ext( ssl, p, end - p, &n ); @@ -3374,7 +3374,7 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_SSL_ALPN */ -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) if( ssl->handshake->extensions_present & MAX_FRAGMENT_LENGTH_EXTENSION ) { ret=ssl_write_max_fragment_length_ext( ssl, p, end - p, &n ); @@ -3385,10 +3385,10 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) if( ssl->handshake->extensions_present & EARLY_DATA_EXTENSION ) { - ret = ssl_write_early_data_ext( ssl, p, (size_t)( end - p ), &n ); + ret = ssl_write_early_data_ext( ssl, p, ( size_t )( end - p ), &n ); if( ret != 0 ) return( ret ); @@ -3398,8 +3398,8 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, *olen = p - buf; - *( buf + 4 ) = (unsigned char)( ( ( *olen - 4 - 2 ) >> 8 ) & 0xFF ); - *( buf + 5 ) = (unsigned char)( ( *olen - 4 - 2 ) & 0xFF ); + *( buf + 4 ) = ( unsigned char )( ( ( *olen - 4 - 2 ) >> 8 ) & 0xFF ); + *( buf + 5 ) = ( unsigned char )( ( *olen - 4 - 2 ) & 0xFF ); return( 0 ); } @@ -3430,7 +3430,7 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) unsigned char *extension_start; const char magic_hrr_string[32] = { 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33 ,0x9C }; -#if defined(MBEDTLS_ECDH_C) +#if defined( MBEDTLS_ECDH_C ) const mbedtls_ecp_group_id *gid; const mbedtls_ecp_curve_info **curve = NULL; #endif /* MBEDTLS_ECDH_C */ @@ -3458,11 +3458,11 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) * * In cTLS the version number is elided. */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { *p++ = 0xfe; /* 254 */ @@ -3493,14 +3493,14 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) p += 32; /* write legacy_session_id_echo */ - *p++ = (unsigned char) ssl->session_negotiate->id_len; + *p++ = ( unsigned char ) ssl->session_negotiate->id_len; memcpy( p, &ssl->session_negotiate->id[0], ssl->session_negotiate->id_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "session id", p, ssl->session_negotiate->id_len ); p += ssl->session_negotiate->id_len; /* write ciphersuite ( 2 bytes ) */ - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); + *p++ = ( unsigned char )( ssl->session_negotiate->ciphersuite >> 8 ); + *p++ = ( unsigned char )( ssl->session_negotiate->ciphersuite ); MBEDTLS_SSL_DEBUG_BUF( 3, "ciphersuite", p-2, 2 ); /* write legacy_compression_method ( 0 ) */ @@ -3512,7 +3512,7 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) /* Extension starts with a 2 byte length field; we skip it and write it later */ p += 2; -#if defined(MBEDTLS_SSL_COOKIE_C) +#if defined( MBEDTLS_SSL_COOKIE_C ) /* Cookie Extension * @@ -3523,8 +3523,8 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) */ /* Write extension header */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); /* Write total extension length * ( Skip it for now till we know the length ) @@ -3552,13 +3552,13 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "Cookie", ext_len_byte + 2, ext_length ); /* Write length */ - *ext_len_byte++ = (unsigned char)( ( ext_length >> 8 ) & 0xFF ); - *ext_len_byte = (unsigned char)( ext_length & 0xFF ); + *ext_len_byte++ = ( unsigned char )( ( ext_length >> 8 ) & 0xFF ); + *ext_len_byte = ( unsigned char )( ext_length & 0xFF ); total_ext_len += ext_length + 4 /* 2 bytes for extension_type and 2 bytes for length field */; #endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined(MBEDTLS_ECDH_C) +#if defined( MBEDTLS_ECDH_C ) /* key_share Extension * @@ -3584,8 +3584,8 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) { /* Write extension header */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); ext_len_byte = p; @@ -3619,8 +3619,8 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) total_ext_len += ext_length + 4 /* 2 bytes for extension_type and 2 bytes for length field */; #endif /* MBEDTLS_ECDH_C */ - *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); + *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); ssl->out_msglen = p - ssl->out_msg; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; @@ -3721,7 +3721,7 @@ static int ssl_server_hello_prepare( mbedtls_ssl_context* ssl ) { int ret; -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { @@ -3739,7 +3739,7 @@ static int ssl_server_hello_prepare( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", ssl->handshake->randbytes + 32, 32 ); } -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ @@ -3774,7 +3774,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, unsigned char* start = buf; unsigned char* end = buf + buflen; -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; @@ -3803,7 +3803,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, * The header is set by ssl_write_record. * For DTLS 1.3 the other fields are adjusted. */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { buf++; /* skip handshake type */ @@ -3817,26 +3817,26 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, /* Version */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) { #endif /* MBEDTLS_CTLS */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - *buf++ = (unsigned char) 0xfe; - *buf++ = (unsigned char) 0xfd; + *buf++ = ( unsigned char ) 0xfe; + *buf++ = ( unsigned char ) 0xfd; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [0xfe:0xfd]" ) ); } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { - *buf++ = (unsigned char)0x3; - *buf++ = (unsigned char)0x3; + *buf++ = ( unsigned char )0x3; + *buf++ = ( unsigned char )0x3; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [0x3:0x3]" ) ); } buflen -= 2; -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) } #endif /* MBEDTLS_CTLS */ @@ -3847,16 +3847,16 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, buf += rand_bytes_len; buflen -= rand_bytes_len; -#if defined(MBEDTLS_HAVE_TIME) +#if defined( MBEDTLS_HAVE_TIME ) ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ /* Write legacy session id */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { - *buf++ = (unsigned char)ssl->session_negotiate->id_len; + *buf++ = ( unsigned char )ssl->session_negotiate->id_len; buflen--; memcpy( buf, &ssl->session_negotiate->id[0], ssl->session_negotiate->id_len ); buf += ssl->session_negotiate->id_len; @@ -3866,12 +3866,12 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, } /* write selected ciphersuite ( 2 bytes ) */ - *buf++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); - *buf++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); + *buf++ = ( unsigned char )( ssl->session_negotiate->ciphersuite >> 8 ); + *buf++ = ( unsigned char )( ssl->session_negotiate->ciphersuite ); buflen -= 2; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s ( id=%d )", mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ), ssl->session_negotiate->ciphersuite ) ); -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -3885,7 +3885,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, total_ext_len = 0; buf += 2; -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) /* Only add the pre_shared_key extension if the client provided it in the ClientHello * and if the key exchange supports PSK */ @@ -3899,7 +3899,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) /* Only add the key_share extension if the client provided it in the ClientHello * and if the appropriate key exchange mechanism was selected */ @@ -3931,7 +3931,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, buf += cur_ext_len; } -#if defined(MBEDTLS_CID) +#if defined( MBEDTLS_CID ) if( ssl->handshake->extensions_present & CID_EXTENSION ) { if( ( ret = ssl_write_cid_ext( ssl, buf, end, &cur_ext_len ) ) != 0 ) @@ -3948,8 +3948,8 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_BUF( 4, "server hello extensions", extension_start, total_ext_len ); /* Write length information */ - *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); + *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); buflen -= 2 + total_ext_len; *olen = buf - start; @@ -3962,7 +3962,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ) { int ret = 0; - ((void) ssl); + ( (void ) ssl ); return( ret ); } @@ -3988,7 +3988,7 @@ static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ); #define SSL_CERTIFICATE_REQUEST_SEND 0 #define SSL_CERTIFICATE_REQUEST_SKIP 1 static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ); -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, @@ -4009,7 +4009,7 @@ static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ) /* Coordination step: Check if we need to send a CertificateRequest */ MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_coordinate( ssl ) ); -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) if( ret == SSL_CERTIFICATE_REQUEST_SEND ) { /* Make sure we can write a new message. */ @@ -4072,13 +4072,13 @@ static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ) ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) ) return( SSL_CERTIFICATE_REQUEST_SKIP ); -#if !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - ( (void)authmode ); +#if !defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) + ( ( void )authmode ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) authmode = ssl->handshake->sni_authmode; else @@ -4137,7 +4137,7 @@ static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, * messages. For post-authentication handshake messages * this request context would be set to a non-zero value. */ -#if defined(MBEDTLS_CTLS) +#if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -4154,8 +4154,8 @@ static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, if( ret != 0 ) return( ret ); /* length field for all extensions */ - *p++ = (unsigned char)( ( *olen >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( *olen ) & 0xFF ); + *p++ = ( unsigned char )( ( *olen >> 8 ) & 0xFF ); + *p++ = ( unsigned char )( ( *olen ) & 0xFF ); p += *olen; *olen = p - buf; @@ -4188,7 +4188,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) return( ret ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) { @@ -4202,13 +4202,13 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) case MBEDTLS_SSL_HELLO_REQUEST: ssl->handshake->hello_retry_requests_sent = 0; mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* epoch value ( 0 ) is used with unencrypted messages */ ssl->out_epoch = 0; ssl->in_epoch = 0; #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) ssl->handshake->ccs_sent = 0; #endif /* MBEDTLS_COMPATIBILITY_MODE */ @@ -4219,7 +4219,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) case MBEDTLS_SSL_CLIENT_HELLO: /* Reset pointers to buffers */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_CID) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) && defined( MBEDTLS_CID ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->out_hdr = ssl->out_buf; @@ -4241,7 +4241,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) /*ret = MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE; // for testing purposes */ switch ( ret ) { case 0: -#if defined(MBEDTLS_SSL_COOKIE_C) && defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_COOKIE_C ) && defined( MBEDTLS_SSL_PROTO_DTLS ) /* If we use DTLS 1.3 then we may need to send a HRR instead of a ClientHello * to do a return-routability check. We use the ssl->conf->rr_config * variable for determining the preference to use the RR-check. @@ -4255,7 +4255,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) else #endif /* MBEDTLS_SSL_COOKIE_C && MBEDTLS_SSL_PROTO_DTLS */ { -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_APP_DATA ); @@ -4267,7 +4267,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) } } break; -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) case MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE: /* Wrong key share --> send HRR */ mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); @@ -4288,7 +4288,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) case MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE: mbedtls_ssl_send_fatal_handshake_failure( ssl ); break; -#if defined(MBEDTLS_SSL_COOKIE_C) +#if defined( MBEDTLS_SSL_COOKIE_C ) case MBEDTLS_ERR_SSL_BAD_HS_COOKIE_EXT: /* Cookie verification failed. This case is conceptually similar * to MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE with the exception @@ -4317,7 +4317,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) case MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE: return ( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); break; -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) case MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO_CCS: mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); ret = 0; @@ -4332,7 +4332,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) break; /* ----- WRITE EARLY APP DATA ----*/ -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) case MBEDTLS_SSL_EARLY_APP_DATA: ret = ssl_read_early_data_process( ssl ); @@ -4364,7 +4364,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) } ssl->handshake->hello_retry_requests_sent++; -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CCS_AFTER_HRR ); #else mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); @@ -4373,7 +4373,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) /* ----- WRITE CHANGE CIPHER SPEC ----*/ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) case MBEDTLS_SSL_SERVER_CCS_AFTER_HRR: ret = mbedtls_ssl_write_change_cipher_spec( ssl ); @@ -4426,7 +4426,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) return ( ret ); } -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) if( ssl->handshake->ccs_sent > 1 ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO ); @@ -4443,7 +4443,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) /* ----- WRITE CHANGE CIPHER SPEC ----*/ -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) case MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO: /* Only transmit the CCS if we have not done so @@ -4453,7 +4453,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) ret = mbedtls_ssl_write_change_cipher_spec( ssl ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); -#if defined(MBEDTLS_COMPATIBILITY_MODE) +#if defined( MBEDTLS_COMPATIBILITY_MODE ) ssl->handshake->ccs_sent++; #endif /* MBEDTLS_COMPATIBILITY_MODE */ @@ -4543,7 +4543,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) break; -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) case MBEDTLS_SSL_EARLY_DATA: @@ -4559,7 +4559,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) /* ----- READ FINISHED ----*/ case MBEDTLS_SSL_CLIENT_FINISHED: -#if defined(MBEDTLS_ZERO_RTT) +#if defined( MBEDTLS_ZERO_RTT ) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { ret = mbedtls_ssl_key_derivation( ssl, &traffic_keys ); @@ -4607,7 +4607,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) return ( ret ); } -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) /* epoch value ( 3 ) is used for payloads protected * using keys derived from the initial traffic_secret_0. */ @@ -4621,7 +4621,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP ); break; -#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined( MBEDTLS_SSL_PROTO_DTLS ) case MBEDTLS_SSL_HANDSHAKE_FINISH_ACK: /* The server needs to reply with an ACK message after parsing * the Finish message from the client. @@ -4641,7 +4641,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) mbedtls_ssl_handshake_wrapup( ssl ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_OVER ); -#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) +#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) ret = ssl_write_new_session_ticket( ssl ); if( ret != 0 ) { From 0a5e1d377cca77eb3a9a0b4d80744a43c44f4e72 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:31:51 +0000 Subject: [PATCH 09/13] Fix style for explicit casts in TLS 1.3 source files `( type ) val` -> `(type) val` --- library/ssl_tls13_client.c | 146 +++++++++++++++++----------------- library/ssl_tls13_generic.c | 60 +++++++------- library/ssl_tls13_messaging.c | 40 +++++----- library/ssl_tls13_server.c | 102 ++++++++++++------------ 4 files changed, 174 insertions(+), 174 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 53db1c5adbb5..0e6dcbf8f60d 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -373,7 +373,7 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, hostname_len = strlen( ssl->hostname ); - if( end < p || ( size_t )( end - p ) < hostname_len + 9 ) + if( end < p || (size_t)( end - p ) < hostname_len + 9 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return; @@ -397,18 +397,18 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * ServerName server_name_list<1..2^16-1> * } ServerNameList; */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); - *p++ = ( unsigned char )( ( ( hostname_len + 5 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( hostname_len + 5 ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( hostname_len + 5 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( hostname_len + 5 ) ) & 0xFF ); - *p++ = ( unsigned char )( ( ( hostname_len + 3 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( hostname_len + 3 ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( hostname_len + 3 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( hostname_len + 3 ) ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); - *p++ = ( unsigned char )( ( hostname_len >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( hostname_len ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); + *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( hostname_len ) & 0xFF ); memcpy( p, ssl->hostname, hostname_len ); @@ -436,14 +436,14 @@ static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported version extension" ) ); - if( end < p || ( size_t )( end - p ) < 7 ) + if( end < p || (size_t)( end - p ) < 7 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return; } - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); /* total length */ *p++ = 0x00; @@ -488,7 +488,7 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, return( 0 ); } - if( end < p || ( size_t )( end - p ) < 5 ) + if( end < p || (size_t)( end - p ) < 5 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -496,8 +496,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding max_fragment_length extension" ) ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); *p++ = 0x00; *p++ = 1; @@ -540,9 +540,9 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, } for ( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) - alpnlen += ( unsigned char )( strlen( *cur ) & 0xFF ) + 1; + alpnlen += (unsigned char)( strlen( *cur ) & 0xFF ) + 1; - if( end < p || ( size_t )( end - p ) < 6 + alpnlen ) + if( end < p || (size_t)( end - p ) < 6 + alpnlen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -550,8 +550,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); /* * opaque ProtocolName<1..2^8-1>; @@ -566,7 +566,7 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, for ( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) { - *p = ( unsigned char )( strlen( *cur ) & 0xFF ); + *p = (unsigned char)( strlen( *cur ) & 0xFF ); memcpy( p + 1, *cur, *p ); p += 1 + *p; } @@ -574,12 +574,12 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 ( ext_type ) - 2 ( ext_len ) - 2 ( list_len ) */ - buf[4] = ( unsigned char )( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = ( unsigned char )( ( *olen - 6 ) & 0xFF ); + buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); + buf[5] = (unsigned char)( ( *olen - 6 ) & 0xFF ); /* Extension length = olen - 2 ( ext_type ) - 2 ( ext_len ) */ - buf[2] = ( unsigned char )( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = ( unsigned char )( ( *olen - 4 ) & 0xFF ); + buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); + buf[3] = (unsigned char)( ( *olen - 4 ) & 0xFF ); return( 0 ); } @@ -614,7 +614,7 @@ static int ssl_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, /*} */ /* max length of this extension is 7 bytes */ - if( ( size_t )( end - p ) < ( 7 ) ) + if( (size_t)( end - p ) < ( 7 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Not enough buffer" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -623,8 +623,8 @@ static int ssl_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding psk_key_exchange_modes extension" ) ); /* Extension Type */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES ) & 0xFF ); if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { @@ -1008,7 +1008,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, ext_length = 2 + 2 + ssl->conf->psk_identity_len + 4 + 2 + 1 + hash_len; /* ext_length + Extension Type ( 2 bytes ) + Extension Length ( 2 bytes ) */ - if( end < p || ( size_t )( end - p ) < ( ext_length + 4 ) ) + if( end < p || (size_t)( end - p ) < ( ext_length + 4 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too short" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -1021,20 +1021,20 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, else { /* Extension Type */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); /* Extension Length */ - *p++ = ( unsigned char )( ( ext_length >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ext_length & 0xFF ); + *p++ = (unsigned char)( ( ext_length >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ext_length & 0xFF ); /* 2 bytes length field for array of PskIdentity */ - *p++ = ( unsigned char )( ( ( ssl->conf->psk_identity_len + 4 + 2 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ssl->conf->psk_identity_len + 4 + 2 ) & 0xFF ); + *p++ = (unsigned char)( ( ( ssl->conf->psk_identity_len + 4 + 2 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ssl->conf->psk_identity_len + 4 + 2 ) & 0xFF ); /* 2 bytes length field for psk_identity */ - *p++ = ( unsigned char )( ( ( ssl->conf->psk_identity_len ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ssl->conf->psk_identity_len ) & 0xFF ); + *p++ = (unsigned char)( ( ( ssl->conf->psk_identity_len ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ssl->conf->psk_identity_len ) & 0xFF ); /* actual psk_identity */ memcpy( p, ssl->conf->psk_identity, ssl->conf->psk_identity_len ); @@ -1073,11 +1073,11 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, /* Add PSK binder for included identity */ /* 2 bytes length field for array of psk binders */ - *p++ = ( unsigned char )( ( ( hash_len + 1 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( hash_len + 1 ) & 0xFF ); + *p++ = (unsigned char)( ( ( hash_len + 1 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( hash_len + 1 ) & 0xFF ); /* 1 bytes length field for next psk binder */ - *p++ = ( unsigned char )( ( hash_len ) & 0xFF ); + *p++ = (unsigned char)( ( hash_len ) & 0xFF ); MBEDTLS_SSL_DEBUG_BUF( 3, "ssl_calc_binder computed over ", truncated_clienthello_start, truncated_clienthello_end - truncated_clienthello_start ); @@ -1119,7 +1119,7 @@ static int ssl_write_cookie_ext( mbedtls_ssl_context *ssl, ssl->handshake->verify_cookie_len ); if( end < p || - ( size_t )( end - p ) < ( ssl->handshake->verify_cookie_len + 4 ) ) + (size_t)( end - p ) < ( ssl->handshake->verify_cookie_len + 4 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -1128,12 +1128,12 @@ static int ssl_write_cookie_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding cookie extension" ) ); /* Extension Type */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); /* Extension Length */ - *p++ = ( unsigned char )( ( ssl->handshake->verify_cookie_len >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ssl->handshake->verify_cookie_len & 0xFF ); + *p++ = (unsigned char)( ( ssl->handshake->verify_cookie_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ssl->handshake->verify_cookie_len & 0xFF ); /* Copy Cookie */ memcpy( p, ssl->handshake->verify_cookie, ssl->handshake->verify_cookie_len ); @@ -1187,7 +1187,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - if( end < p || ( size_t )( end - p ) < 6 + elliptic_curve_len ) + if( end < p || (size_t)( end - p ) < 6 + elliptic_curve_len ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -1213,14 +1213,14 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 5, ( "Named Curve: %s ( %x )", mbedtls_ecp_curve_info_from_tls_id( info->tls_id )->name, info->tls_id ) ); } - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( elliptic_curve_len ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF ); MBEDTLS_SSL_DEBUG_BUF( 3, "Supported groups extension", buf + 4, elliptic_curve_len + 2 ); @@ -1373,8 +1373,8 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, } /* Write length of the key_exchange entry */ - *p++ = ( unsigned char )( ( ( len ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( len ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( len ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( len ) ) & 0xFF ); p += len; *olen += len + 2; @@ -1389,8 +1389,8 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, } /* Write extension header */ - *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); - *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); + *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); + *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); #if defined( MBEDTLS_CTLS ) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) @@ -1400,8 +1400,8 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_CTLS */ { /* Write total extension length */ - *header++ = ( unsigned char )( ( *olen >> 8 ) & 0xFF ); - *header++ = ( unsigned char )( *olen & 0xFF ); + *header++ = (unsigned char)( ( *olen >> 8 ) & 0xFF ); + *header++ = (unsigned char)( *olen & 0xFF ); *olen += 4; /* 4 bytes for fixed header */ } @@ -1664,7 +1664,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - *buff++ = ( unsigned char )ssl->session_negotiate->id_len; /* write session id length */ + *buff++ = (unsigned char)ssl->session_negotiate->id_len; /* write session id length */ memcpy( buf, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); /* write session id */ buf += ssl->session_negotiate->id_len; @@ -1757,8 +1757,8 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - *buf++ = ( unsigned char )( ciphersuites[i] >> 8 ); - *buf++ = ( unsigned char )( ciphersuites[i] ); + *buf++ = (unsigned char)( ciphersuites[i] >> 8 ); + *buf++ = (unsigned char)( ciphersuites[i] ); buflen -= 2; @@ -1769,8 +1769,8 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, } /* write ciphersuite length now */ - *ciphersuite_start++ = ( unsigned char )( ciphersuite_count*2 >> 8 ); - *ciphersuite_start++ = ( unsigned char )( ciphersuite_count*2 ); + *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 >> 8 ); + *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites", ciphersuite_count ) ); @@ -1834,7 +1834,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined( MBEDTLS_ZERO_RTT ) - ssl_write_early_data_ext( ssl, buf, ( size_t )( end - buf ), &cur_ext_len ); + ssl_write_early_data_ext( ssl, buf, (size_t)( end - buf ), &cur_ext_len ); total_ext_len += cur_ext_len; buf += cur_ext_len; #endif /* MBEDTLS_ZERO_RTT */ @@ -1958,8 +1958,8 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extension_start, total_ext_len ); /* Write extension length */ - *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); buflen -= 2 + total_ext_len; *olen = buf - start; @@ -2054,7 +2054,7 @@ static int ssl_parse_server_psk_identity_ext( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); } - if( len != ( size_t )2 ) + if( len != (size_t)2 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad psk_identity extension in server hello message" ) ); return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); @@ -2402,7 +2402,7 @@ static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, * 3 bytes */ - if( total_len < ( size_t )( 3 + context_len ) ) + if( total_len < (size_t)( 3 + context_len ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); @@ -2463,7 +2463,7 @@ static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, case MBEDTLS_TLS_EXT_SIG_ALG: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); - if( ( ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ( size_t )ext_size ) ) != 0 ) + if( ( ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl_parse_signature_algorithms_ext" ) ); SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); @@ -2682,7 +2682,7 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, case MBEDTLS_TLS_EXT_ALPN: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); - if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, ( size_t )ext_size ) ) != 0 ) + if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) { return( ret ); } @@ -3191,7 +3191,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, #if defined( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ) case MBEDTLS_TLS_EXT_PRE_SHARED_KEY: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) ); - if( ( ret = ssl_parse_server_psk_identity_ext( ssl, ext + 4, ( size_t )ext_size ) ) != 0 ) + if( ( ret = ssl_parse_server_psk_identity_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_server_psk_identity_ext" ), ret ); return( ret ); @@ -3203,7 +3203,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, case MBEDTLS_TLS_EXT_KEY_SHARES: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) ); - if( ( ret = ssl_parse_key_shares_ext( ssl, ext + 4, ( size_t )ext_size ) ) != 0 ) + if( ( ret = ssl_parse_key_shares_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_parse_key_shares_ext", ret ); return( ret ); @@ -3560,7 +3560,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, } memcpy( ssl->handshake->verify_cookie, ext + 4, ext_size ); - ssl->handshake->verify_cookie_len = ( unsigned char )ext_size; + ssl->handshake->verify_cookie_len = (unsigned char)ext_size; break; #endif /* MBEDTLS_SSL_COOKIE_C */ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 91fa403fd8d0..972fa0a97d15 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -421,20 +421,20 @@ void ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding cid extension" ) ); - if( end < p || ( size_t )( end - p ) < ( 3 + MBEDTLS_CID_MAX_SIZE ) ) + if( end < p || (size_t)( end - p ) < ( 3 + MBEDTLS_CID_MAX_SIZE ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return; } - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); if( ssl->conf->cid == MBEDTLS_CID_CONF_ZERO_LENGTH ) { - *p++ = ( unsigned char )( ( 1 >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( 1 & 0xFF ); + *p++ = (unsigned char)( ( 1 >> 8 ) & 0xFF ); + *p++ = (unsigned char)( 1 & 0xFF ); /* 1 byte length field set to zero */ *p++ = 0; @@ -450,8 +450,8 @@ void ssl_write_cid_ext( mbedtls_ssl_context *ssl, } ssl->in_cid_len = MBEDTLS_CID_MAX_SIZE; - *p++ = ( unsigned char )( ( ( ssl->in_cid_len + 1 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( ssl->in_cid_len + 1 ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( ssl->in_cid_len + 1 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( ssl->in_cid_len + 1 ) ) & 0xFF ); /* Length field set to MBEDTLS_CID_MAX_SIZE */ *p++ = MBEDTLS_CID_MAX_SIZE; @@ -711,7 +711,7 @@ int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, sig_alg_len += 2; } - if( end < p || ( size_t )( end - p ) < sig_alg_len + 6 ) + if( end < p || (size_t)( end - p ) < sig_alg_len + 6 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -723,8 +723,8 @@ int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, for ( md = ssl->conf->signature_schemes; *md != SIGNATURE_NONE; md++ ) { - *sig_alg_list++ = ( unsigned char )( ( *md >> 8 ) & 0xFF ); - *sig_alg_list++ = ( unsigned char )( ( *md ) & 0xFF ); + *sig_alg_list++ = (unsigned char)( ( *md >> 8 ) & 0xFF ); + *sig_alg_list++ = (unsigned char)( ( *md ) & 0xFF ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "signature scheme [%x]", *md ) ); } @@ -732,14 +732,14 @@ int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); - *p++ = ( unsigned char )( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( ( sig_alg_len + 2 ) ) & 0xFF ); + *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF ); - *p++ = ( unsigned char )( ( sig_alg_len >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( sig_alg_len ) & 0xFF ); + *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF ); *olen = 6 + sig_alg_len; @@ -1715,8 +1715,8 @@ static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); } - buf[4] = ( unsigned char )( ( ssl->handshake->signature_scheme >> 8 ) & 0xFF ); - buf[5] = ( unsigned char )( ( ssl->handshake->signature_scheme ) & 0xFF ); + buf[4] = (unsigned char)( ( ssl->handshake->signature_scheme >> 8 ) & 0xFF ); + buf[5] = (unsigned char)( ( ssl->handshake->signature_scheme ) & 0xFF ); /* Info from ssl->transform_negotiate->ciphersuite_info->mac will be used instead */ hashlen = 0; @@ -1730,8 +1730,8 @@ static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, return( ret ); } - buf[4 + offset] = ( unsigned char )( n >> 8 ); - buf[5 + offset] = ( unsigned char )( n ); + buf[4 + offset] = (unsigned char)( n >> 8 ); + buf[5 + offset] = (unsigned char)( n ); *olen = 6 + n + offset; @@ -2246,9 +2246,9 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE ); } - buf[i] = ( unsigned char )( n >> 16 ); - buf[i + 1] = ( unsigned char )( n >> 8 ); - buf[i + 2] = ( unsigned char )( n ); + buf[i] = (unsigned char)( n >> 16 ); + buf[i + 1] = (unsigned char)( n >> 8 ); + buf[i + 2] = (unsigned char)( n ); i += 3; memcpy( buf + i, crt->raw.p, n ); i += n; crt = crt->next; @@ -2261,9 +2261,9 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, i += 2; } total_len = &buf[i] - start - 3; - *start++ = ( unsigned char )( ( total_len ) >> 16 ); - *start++ = ( unsigned char )( ( total_len ) >> 8 ); - *start++ = ( unsigned char )( ( total_len ) ); + *start++ = (unsigned char)( ( total_len ) >> 16 ); + *start++ = (unsigned char)( ( total_len ) >> 8 ); + *start++ = (unsigned char)( ( total_len ) ); #if defined( MBEDTLS_SSL_CLI_C ) empty_cert: @@ -2475,7 +2475,7 @@ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { /* read certificate request context length */ - certificate_request_context_len = ( size_t ) * ( buf + mbedtls_ssl_hs_hdr_len( ssl ) ); + certificate_request_context_len = (size_t) * ( buf + mbedtls_ssl_hs_hdr_len( ssl ) ); /* verify message length */ if( buflen < 3 + certificate_request_context_len + 1 + mbedtls_ssl_hs_hdr_len( ssl ) ) @@ -4429,7 +4429,7 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_CLI_C */ - if( ( size_t )( end - p ) < 4 ) + if( (size_t)( end - p ) < 4 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return ( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -4452,8 +4452,8 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, ssl->handshake->early_data = MBEDTLS_SSL_EARLY_DATA_ON; /* Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_EARLY_DATA >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_EARLY_DATA ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EARLY_DATA >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EARLY_DATA ) & 0xFF ); /* Write total extension length */ *p++ = 0; diff --git a/library/ssl_tls13_messaging.c b/library/ssl_tls13_messaging.c index 2092fb6400c6..279e3fc9d908 100644 --- a/library/ssl_tls13_messaging.c +++ b/library/ssl_tls13_messaging.c @@ -739,7 +739,7 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - if( nb_want > MBEDTLS_SSL_BUFFER_LEN - ( size_t )( ssl->in_hdr - ssl->in_buf ) ) + if( nb_want > MBEDTLS_SSL_BUFFER_LEN - (size_t)( ssl->in_hdr - ssl->in_buf ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -1259,9 +1259,9 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) * */ /* Add handshake message length */ - ssl->out_msg[1] = ( unsigned char )( ( len - 4 ) >> 16 ); - ssl->out_msg[2] = ( unsigned char )( ( len - 4 ) >> 8 ); - ssl->out_msg[3] = ( unsigned char )( ( len - 4 ) ); + ssl->out_msg[1] = (unsigned char)( ( len - 4 ) >> 16 ); + ssl->out_msg[2] = (unsigned char)( ( len - 4 ) >> 8 ); + ssl->out_msg[3] = (unsigned char)( ( len - 4 ) ); if( ssl->transform_out != NULL ) { @@ -1465,8 +1465,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) /* TBD */ /* Write Length */ - ssl->out_len[0] = ( unsigned char )( len >> 8 ); - ssl->out_len[1] = ( unsigned char )( len ); + ssl->out_len[0] = (unsigned char)( len >> 8 ); + ssl->out_len[1] = (unsigned char)( len ); } else @@ -1519,8 +1519,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) /* Write 16 bit length */ ssl->out_hdr[0] |= MBEDTLS_SSL_UNIFIED_HDR_LEN; - ssl->out_hdr[3 + i] = ( unsigned char )( len >> 8 ); - ssl->out_hdr[4 + i] = ( unsigned char )( len ); + ssl->out_hdr[3 + i] = (unsigned char)( len >> 8 ); + ssl->out_hdr[4 + i] = (unsigned char)( len ); /* Change pointer to length field */ ssl->out_len = &ssl->out_hdr[3 + i]; @@ -1566,8 +1566,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) mbedtls_ssl_write_version( 3, 3, ssl->conf->transport, ssl->out_hdr + 1 ); /* Write Length */ - ssl->out_len[0] = ( unsigned char )( len >> 8 ); - ssl->out_len[1] = ( unsigned char )( len ); + ssl->out_len[0] = (unsigned char)( len >> 8 ); + ssl->out_len[1] = (unsigned char)( len ); } if( ssl->transform_out != NULL ) @@ -1579,8 +1579,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) } len = ssl->out_msglen; - ssl->out_len[0] = ( unsigned char )( len >> 8 ); - ssl->out_len[1] = ( unsigned char )( len ); + ssl->out_len[0] = (unsigned char)( len >> 8 ); + ssl->out_len[1] = (unsigned char)( len ); } /* Calculate the number of bytes we have to put on the wire */ @@ -1810,7 +1810,7 @@ static int ssl_reassemble_dtls_handshake( mbedtls_ssl_context *ssl ) ssl->in_left = ssl->next_record_offset + remain_len; if( ssl->in_left > MBEDTLS_SSL_BUFFER_LEN - - ( size_t )( ssl->in_hdr - ssl->in_buf ) ) + (size_t)( ssl->in_hdr - ssl->in_buf ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "reassembled message too large for buffer" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -2152,14 +2152,14 @@ static int ssl_check_dtls_clihlo_cookie( *olen = p - obuf; /* Go back and fill length fields */ - obuf[27] = ( unsigned char )( *olen - 28 ); + obuf[27] = (unsigned char)( *olen - 28 ); - obuf[14] = obuf[22] = ( unsigned char )( ( *olen - 25 ) >> 16 ); - obuf[15] = obuf[23] = ( unsigned char )( ( *olen - 25 ) >> 8 ); - obuf[16] = obuf[24] = ( unsigned char )( ( *olen - 25 ) ); + obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 ); + obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 ); + obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) ); - obuf[11] = ( unsigned char )( ( *olen - 13 ) >> 8 ); - obuf[12] = ( unsigned char )( ( *olen - 13 ) ); + obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 ); + obuf[12] = (unsigned char)( ( *olen - 13 ) ); return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); } @@ -2436,7 +2436,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) /* Check length against the size of our buffer */ if( ssl->in_msglen > MBEDTLS_SSL_BUFFER_LEN - - ( size_t )( ssl->in_msg - ssl->in_buf ) ) + - (size_t)( ssl->in_msg - ssl->in_buf ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); return( MBEDTLS_ERR_SSL_INVALID_RECORD ); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 0aba98ffe808..2867545792e9 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -79,8 +79,8 @@ static int ssl_write_sni_server_ext( } /* Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); /* Write total extension length */ *p++ = 0; @@ -192,12 +192,12 @@ static int ssl_write_key_shares_ext( MBEDTLS_SSL_DEBUG_ECP( 3, "ECDHE: Q ", &ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected].Q ); /* Write extension header */ - *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); - *header++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); + *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); + *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); /* Write total extension length */ - *header++ = ( unsigned char )( ( ( len ) >> 8 ) & 0xFF ); - *header++ = ( unsigned char )( ( ( len ) ) & 0xFF ); + *header++ = (unsigned char)( ( ( len ) >> 8 ) & 0xFF ); + *header++ = (unsigned char)( ( ( len ) ) & 0xFF ); *olen = len + 4; /* 4 bytes for fixed header + length of key share */ @@ -1116,19 +1116,19 @@ static int ssl_write_server_pre_shared_key_ext( mbedtls_ssl_context *ssl, } /* Extension Type */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_PRE_SHARED_KEY ) & 0xFF ); /* Extension Length */ - *p++ = ( unsigned char )( ( 2 >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( 2 & 0xFF ); + *p++ = (unsigned char)( ( 2 >> 8 ) & 0xFF ); + *p++ = (unsigned char)( 2 & 0xFF ); /* retrieve selected_identity */ selected_identity = 0; /* Write selected_identity */ - *p++ = ( unsigned char )( ( selected_identity >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( selected_identity & 0xFF ); + *p++ = (unsigned char)( ( selected_identity >> 8 ) & 0xFF ); + *p++ = (unsigned char)( selected_identity & 0xFF ); *olen = 6; @@ -1388,14 +1388,14 @@ static int ssl_write_supported_version_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding supported version extension" ) ); - if( end < p || ( size_t )( end - p ) < 6 ) + if( end < p || (size_t)( end - p ) < 6 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); /* length */ *p++ = 0x00; @@ -1687,8 +1687,8 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "NewSessionTicket ( nonce length ): %d", MBEDTLS_SSL_TICKET_NONCE_LENGTH ) ); /* Ticket Length */ - ssl->out_msg[13+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = ( unsigned char )( ( tlen >> 8 ) & 0xFF ); - ssl->out_msg[14+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = ( unsigned char )( ( tlen ) & 0xFF ); + ssl->out_msg[13+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); + ssl->out_msg[14+ MBEDTLS_SSL_TICKET_NONCE_LENGTH] = (unsigned char)( ( tlen ) & 0xFF ); /* no extensions for now -> set length to zero */ ssl->out_msg[15+ MBEDTLS_SSL_TICKET_NONCE_LENGTH +tlen] = ( ext_len >> 8 ) & 0xFF; @@ -3106,8 +3106,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); *p++ = 0x00; *p++ = 1; @@ -3139,18 +3139,18 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - buf[1] = ( unsigned char )( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); + buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = ( unsigned char )( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = ( unsigned char )( ( *olen - 4 ) & 0xFF ); + buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); + buf[3] = (unsigned char)( ( *olen - 4 ) & 0xFF ); - buf[4] = ( unsigned char )( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = ( unsigned char )( ( *olen - 6 ) & 0xFF ); + buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); + buf[5] = (unsigned char)( ( *olen - 6 ) & 0xFF ); - buf[6] = ( unsigned char )( ( *olen - 7 ) & 0xFF ); + buf[6] = (unsigned char)( ( *olen - 7 ) & 0xFF ); memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); } @@ -3388,7 +3388,7 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, #if defined( MBEDTLS_ZERO_RTT ) if( ssl->handshake->extensions_present & EARLY_DATA_EXTENSION ) { - ret = ssl_write_early_data_ext( ssl, p, ( size_t )( end - p ), &n ); + ret = ssl_write_early_data_ext( ssl, p, (size_t)( end - p ), &n ); if( ret != 0 ) return( ret ); @@ -3398,8 +3398,8 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, *olen = p - buf; - *( buf + 4 ) = ( unsigned char )( ( ( *olen - 4 - 2 ) >> 8 ) & 0xFF ); - *( buf + 5 ) = ( unsigned char )( ( *olen - 4 - 2 ) & 0xFF ); + *( buf + 4 ) = (unsigned char)( ( ( *olen - 4 - 2 ) >> 8 ) & 0xFF ); + *( buf + 5 ) = (unsigned char)( ( *olen - 4 - 2 ) & 0xFF ); return( 0 ); } @@ -3493,14 +3493,14 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) p += 32; /* write legacy_session_id_echo */ - *p++ = ( unsigned char ) ssl->session_negotiate->id_len; + *p++ = (unsigned char) ssl->session_negotiate->id_len; memcpy( p, &ssl->session_negotiate->id[0], ssl->session_negotiate->id_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "session id", p, ssl->session_negotiate->id_len ); p += ssl->session_negotiate->id_len; /* write ciphersuite ( 2 bytes ) */ - *p++ = ( unsigned char )( ssl->session_negotiate->ciphersuite >> 8 ); - *p++ = ( unsigned char )( ssl->session_negotiate->ciphersuite ); + *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); + *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); MBEDTLS_SSL_DEBUG_BUF( 3, "ciphersuite", p-2, 2 ); /* write legacy_compression_method ( 0 ) */ @@ -3523,8 +3523,8 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) */ /* Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_COOKIE ) & 0xFF ); /* Write total extension length * ( Skip it for now till we know the length ) @@ -3552,8 +3552,8 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "Cookie", ext_len_byte + 2, ext_length ); /* Write length */ - *ext_len_byte++ = ( unsigned char )( ( ext_length >> 8 ) & 0xFF ); - *ext_len_byte = ( unsigned char )( ext_length & 0xFF ); + *ext_len_byte++ = (unsigned char)( ( ext_length >> 8 ) & 0xFF ); + *ext_len_byte = (unsigned char)( ext_length & 0xFF ); total_ext_len += ext_length + 4 /* 2 bytes for extension_type and 2 bytes for length field */; #endif /* MBEDTLS_SSL_COOKIE_C */ @@ -3584,8 +3584,8 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) { /* Write extension header */ - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); ext_len_byte = p; @@ -3619,8 +3619,8 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) total_ext_len += ext_length + 4 /* 2 bytes for extension_type and 2 bytes for length field */; #endif /* MBEDTLS_ECDH_C */ - *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); ssl->out_msglen = p - ssl->out_msg; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; @@ -3824,15 +3824,15 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, #if defined( MBEDTLS_SSL_PROTO_DTLS ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - *buf++ = ( unsigned char ) 0xfe; - *buf++ = ( unsigned char ) 0xfd; + *buf++ = (unsigned char) 0xfe; + *buf++ = (unsigned char) 0xfd; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [0xfe:0xfd]" ) ); } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { - *buf++ = ( unsigned char )0x3; - *buf++ = ( unsigned char )0x3; + *buf++ = (unsigned char)0x3; + *buf++ = (unsigned char)0x3; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [0x3:0x3]" ) ); } buflen -= 2; @@ -3856,7 +3856,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { - *buf++ = ( unsigned char )ssl->session_negotiate->id_len; + *buf++ = (unsigned char)ssl->session_negotiate->id_len; buflen--; memcpy( buf, &ssl->session_negotiate->id[0], ssl->session_negotiate->id_len ); buf += ssl->session_negotiate->id_len; @@ -3866,8 +3866,8 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, } /* write selected ciphersuite ( 2 bytes ) */ - *buf++ = ( unsigned char )( ssl->session_negotiate->ciphersuite >> 8 ); - *buf++ = ( unsigned char )( ssl->session_negotiate->ciphersuite ); + *buf++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); + *buf++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); buflen -= 2; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s ( id=%d )", mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ), ssl->session_negotiate->ciphersuite ) ); @@ -3948,8 +3948,8 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_BUF( 4, "server hello extensions", extension_start, total_ext_len ); /* Write length information */ - *extension_start++ = ( unsigned char )( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = ( unsigned char )( ( total_ext_len ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); buflen -= 2 + total_ext_len; *olen = buf - start; @@ -4154,8 +4154,8 @@ static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, if( ret != 0 ) return( ret ); /* length field for all extensions */ - *p++ = ( unsigned char )( ( *olen >> 8 ) & 0xFF ); - *p++ = ( unsigned char )( ( *olen ) & 0xFF ); + *p++ = (unsigned char)( ( *olen >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( *olen ) & 0xFF ); p += *olen; *olen = p - buf; From ed8d296f6cf4a63ee3e5e83dd2510d63df509b70 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:32:55 +0000 Subject: [PATCH 10/13] Fix bracketing style for `#if defined(...)` in TLS 1.3 source files No spaces before/after brackets in this instance. --- library/ssl_tls13_client.c | 274 ++++++++++++++++---------------- library/ssl_tls13_generic.c | 286 +++++++++++++++++----------------- library/ssl_tls13_messaging.c | 142 ++++++++--------- library/ssl_tls13_server.c | 274 ++++++++++++++++---------------- 4 files changed, 488 insertions(+), 488 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 0e6dcbf8f60d..23cc7fc070e2 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -19,19 +19,19 @@ * This file is part of mbed TLS ( https://tls.mbed.org ) */ -#if !defined( MBEDTLS_CONFIG_FILE ) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#if defined( MBEDTLS_SSL_PROTO_TLS1_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) #include "mbedtls/hkdf-tls.h" #include "mbedtls/hkdf.h" -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) #include "mbedtls/debug.h" #include "mbedtls/ssl.h" @@ -39,7 +39,7 @@ #include -#if defined( MBEDTLS_PLATFORM_C ) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include @@ -49,12 +49,12 @@ #include -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) #include #endif -#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) @@ -70,7 +70,7 @@ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); -#if defined( MBEDTLS_ECP_C ) +#if defined(MBEDTLS_ECP_C) if( mbedtls_ssl_check_curve( ssl, ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected].grp.id ) != 0 ) #else if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || @@ -95,7 +95,7 @@ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) * Overview */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) /* Main state-handling entry point; orchestrates the other functions. */ int ssl_write_early_data_process( mbedtls_ssl_context* ssl ); @@ -160,7 +160,7 @@ static int ssl_write_early_data_prepare( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) traffic_keys.epoch = 1; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -171,7 +171,7 @@ static int ssl_write_early_data_prepare( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* epoch value( 1 ) is used for messages protected using keys derived * from early_traffic_secret. */ @@ -210,7 +210,7 @@ static int ssl_write_early_data_write( mbedtls_ssl_context* ssl, static int ssl_write_early_data_postprocess( mbedtls_ssl_context* ssl ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_send_flight_completed( ssl ); #endif @@ -232,7 +232,7 @@ static int ssl_write_early_data_postprocess( mbedtls_ssl_context* ssl ) * Overview */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) /* Main state-handling entry point; orchestrates the other functions. */ int ssl_write_end_of_early_data_process( mbedtls_ssl_context* ssl ); @@ -298,7 +298,7 @@ static int ssl_write_end_of_early_data_prepare( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) traffic_keys.epoch = 1; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -309,7 +309,7 @@ static int ssl_write_end_of_early_data_prepare( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* epoch value ( 1 ) is used for messages protected using keys derived * from early_traffic_secret. */ @@ -329,7 +329,7 @@ static int ssl_write_end_of_early_data_write( mbedtls_ssl_context* ssl, ( (void ) buf ); ( (void ) buflen ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_send_flight_completed( ssl ); #endif @@ -354,7 +354,7 @@ static int ssl_write_end_of_early_data_postprocess( mbedtls_ssl_context* ssl ) #endif /* MBEDTLS_ZERO_RTT */ -#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, unsigned char* buf, unsigned char* end, @@ -463,7 +463,7 @@ static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, *olen = 7; } -#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) /* * ssl_write_max_fragment_length_ext( ): @@ -511,7 +511,7 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined( MBEDTLS_SSL_ALPN ) +#if defined(MBEDTLS_SSL_ALPN) /* * ssl_write_alpn_ext( ) structure: * @@ -585,7 +585,7 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_ALPN */ -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* * ssl_write_psk_key_exchange_modes_ext( ) structure: @@ -688,7 +688,7 @@ static int ssl_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, * dummy_run == 1 --> second run */ -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* ssl_create_binder( ): @@ -721,11 +721,11 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ unsigned char binder_key[MBEDTLS_MD_MAX_SIZE]; unsigned char finished_key[MBEDTLS_MD_MAX_SIZE]; -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_context sha256; #endif -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_context sha512; #endif @@ -774,7 +774,7 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ if( suite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256( ( const unsigned char * )"", 0, hash, 0 ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); @@ -783,7 +783,7 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ } else if( suite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512( ( const unsigned char * )"", 0, hash, 1 /* for SHA384 */ ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); @@ -816,7 +816,7 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ if( suite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_init( &sha256 ); mbedtls_sha256_starts( &sha256, 0 /* = use SHA256 */ ); @@ -834,7 +834,7 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ } else if( suite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -893,14 +893,14 @@ int ssl_create_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t psk_ MBEDTLS_SSL_DEBUG_BUF( 3, "Key", finished_key, hash_length ); MBEDTLS_SSL_DEBUG_BUF( 3, "Output", result, hash_length ); -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) if( suite_info->mac == MBEDTLS_MD_SHA256 ) { mbedtls_sha256_free( &sha256 ); } else #endif -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) if( suite_info->mac == MBEDTLS_MD_SHA384 ) { mbedtls_sha512_free( &sha512 ); @@ -927,7 +927,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, const mbedtls_ssl_ciphersuite_t *suite_info; int hash_len=-1, ret; const int *ciphersuites; -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) time_t now; #endif @@ -973,7 +973,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, /* In this implementation we only add one pre-shared-key extension. */ ssl->session_negotiate->ciphersuite = ciphersuites[i]; ssl->transform_negotiate->ciphersuite_info = suite_info; -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) /* Even if we include a key_share extension in the ClientHello * message it will not be used at this stage for the key derivation. */ @@ -1045,7 +1045,7 @@ int ssl_write_pre_shared_key_ext( mbedtls_ssl_context *ssl, /* ( but not for externally configured PSKs ) */ if( ssl->conf->ticket_age_add > 0 ) { -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) now = time( NULL ); if( !( ssl->conf->ticket_received <= now && now - ssl->conf->ticket_received < 7 * 86400 * 1000 ) ) @@ -1143,7 +1143,7 @@ static int ssl_write_cookie_ext( mbedtls_ssl_context *ssl, return( 0 ); } -#if defined( MBEDTLS_ECDH_C ) +#if defined(MBEDTLS_ECDH_C) /* Supported Groups Extension @@ -1161,7 +1161,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, unsigned char *elliptic_curve_list = p + 6; size_t elliptic_curve_len = 0; const mbedtls_ecp_curve_info *info; -#if defined( MBEDTLS_ECP_C ) +#if defined(MBEDTLS_ECP_C) const mbedtls_ecp_group_id *grp_id; #else ( ( void )ssl ); @@ -1169,7 +1169,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, *olen = 0; -#if defined( MBEDTLS_ECP_C ) +#if defined(MBEDTLS_ECP_C) for ( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { /* info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); */ @@ -1197,7 +1197,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, elliptic_curve_len = 0; -#if defined( MBEDTLS_ECP_C ) +#if defined(MBEDTLS_ECP_C) for ( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); @@ -1227,7 +1227,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, *olen = 6 + elliptic_curve_len; return( 0 ); } -#endif /* defined( MBEDTLS_ECDH_C ) */ +#endif /* defined(MBEDTLS_ECDH_C) */ /* @@ -1263,7 +1263,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, } KeyShare; */ -#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, unsigned char* buf, @@ -1280,7 +1280,7 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, /* TODO: Add bounds checks! Only then remove the next line. */ ( (void ) end ); -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { p = buf + 2; @@ -1392,7 +1392,7 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES >> 8 ) & 0xFF ); *header++ = (unsigned char)( ( MBEDTLS_TLS_EXT_KEY_SHARES ) & 0xFF ); -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { *olen += 2; /* 2 bytes for fixed header */ @@ -1447,7 +1447,7 @@ static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "ClientHello", ssl->out_msg, ssl->out_msglen ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_send_flight_completed( ssl ); #endif @@ -1485,7 +1485,7 @@ static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) return( MBEDTLS_ERR_SSL_NO_RNG ); } -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; @@ -1502,7 +1502,7 @@ static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) return( ret ); } -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) /* Determine whether session id has not been created already */ if( ssl->session_negotiate->id_len == 0 ) { @@ -1560,7 +1560,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, /* Keeping track of the included extensions */ ssl->handshake->extensions_present = NO_EXTENSION; -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; @@ -1579,7 +1579,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, * For cTLS the length, and the version field * are elided. The random bytes are shorter. */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) /* With cTLS the version field is elided. */ if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { @@ -1618,11 +1618,11 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, * * In cTLS the version number is elided. */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { *buf++ = 0xfe; /* 254 */ @@ -1657,7 +1657,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, * ossification ). Otherwise, it MUST be set as a zero-length vector * ( i.e., a zero-valued single byte length field ). */ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) if( buflen < ( ssl->session_negotiate->id_len + 1 ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); @@ -1674,7 +1674,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "session id len.: %d", ssl->session_negotiate->id_len ) ); MBEDTLS_SSL_DEBUG_BUF( 3, "session id", ssl->session_negotiate->id, ssl->session_negotiate->id_len ); #else -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) /* For cTLS we are not using a session id */ if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ @@ -1690,7 +1690,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_COMPATIBILITY_MODE */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* * DTLS cookie */ @@ -1762,7 +1762,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, buflen -= 2; -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) /* For ZeroRTT we only add a single ciphersuite. */ break; #endif /* MBEDTLS_ZERO_RTT */ @@ -1780,7 +1780,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, * * For cTLS this field is elided. */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -1806,7 +1806,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, * For cTLS we only need to provide it if there is more than one version * and currently there is only one. */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -1821,25 +1821,25 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, total_ext_len += cur_ext_len; buf += cur_ext_len; -#if defined( MBEDTLS_SSL_ALPN ) +#if defined(MBEDTLS_SSL_ALPN) ssl_write_alpn_ext( ssl, buf, end, &cur_ext_len ); total_ext_len += cur_ext_len; buf += cur_ext_len; #endif /* MBEDTLS_SSL_ALPN */ -#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) ssl_write_max_fragment_length_ext( ssl, buf, end, &cur_ext_len ); total_ext_len += cur_ext_len; buf += cur_ext_len; #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) ssl_write_early_data_ext( ssl, buf, (size_t)( end - buf ), &cur_ext_len ); total_ext_len += cur_ext_len; buf += cur_ext_len; #endif /* MBEDTLS_ZERO_RTT */ -#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) /* For PSK-based ciphersuites we don't really need the SNI extension */ if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ALL ) { @@ -1849,13 +1849,13 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined( MBEDTLS_CID ) +#if defined(MBEDTLS_CID) ssl_write_cid_ext( ssl, buf, end, &cur_ext_len ); total_ext_len += cur_ext_len; buf += cur_ext_len; #endif -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* For PSK-based ciphersuites we need the pre-shared-key extension * and the psk_key_exchange_modes extension. * @@ -1876,7 +1876,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) /* The supported_groups and the key_share extensions are * REQUIRED for ECDHE ciphersuites. */ @@ -1932,7 +1932,7 @@ static int ssl_client_hello_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_ALL || ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_PSK_KE || @@ -1971,7 +1971,7 @@ static int ssl_parse_supported_version_ext( mbedtls_ssl_context* ssl, size_t len ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { if( len != 2 && buf[0] != 254 && buf[1] != 253 ) @@ -1995,7 +1995,7 @@ static int ssl_parse_supported_version_ext( mbedtls_ssl_context* ssl, } -#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -2016,7 +2016,7 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* * struct { @@ -2083,7 +2083,7 @@ static int ssl_parse_server_psk_identity_ext( mbedtls_ssl_context *ssl, #endif -#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ /* @@ -2181,7 +2181,7 @@ static int ssl_parse_key_shares_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined( MBEDTLS_SSL_ALPN ) +#if defined(MBEDTLS_SSL_ALPN) static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -2252,7 +2252,7 @@ static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ); #define SSL_CERTIFICATE_REQUEST_EXPECT_REQUEST 0 #define SSL_CERTIFICATE_REQUEST_SKIP 1 static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ); -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, unsigned char const* buf, size_t buflen ); @@ -2276,7 +2276,7 @@ static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ) */ MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_coordinate( ssl ) ); -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) if( ret == SSL_CERTIFICATE_REQUEST_EXPECT_REQUEST ) { /* Parsing step */ @@ -2321,7 +2321,7 @@ static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ) return( SSL_CERTIFICATE_REQUEST_SKIP ); } -#if !defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ( ( void )ret ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -2352,7 +2352,7 @@ static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ) #endif /* ( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ } -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, const unsigned char* buf, size_t buflen ) @@ -2383,7 +2383,7 @@ static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, p += mbedtls_ssl_hs_hdr_len( ssl ); -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -2495,7 +2495,7 @@ static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, static int ssl_certificate_request_postprocess( mbedtls_ssl_context* ssl ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2581,7 +2581,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) { return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) traffic_keys.epoch = 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2593,7 +2593,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) { } } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* epoch value ( 2 ) is used for messages * protected using keys derived from the handshake_traffic_secret */ @@ -2664,7 +2664,7 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, switch ( ext_id ) { -#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max_fragment_length extension" ) ); @@ -2678,7 +2678,7 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined( MBEDTLS_SSL_ALPN ) +#if defined(MBEDTLS_SSL_ALPN) case MBEDTLS_TLS_EXT_ALPN: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); @@ -2690,7 +2690,7 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_SSL_ALPN */ -#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) case MBEDTLS_TLS_EXT_SERVERNAME: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found server_name extension" ) ); @@ -2720,12 +2720,12 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl, static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSION, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED ); @@ -2733,7 +2733,7 @@ static int ssl_encrypted_extensions_postprocess( mbedtls_ssl_context* ssl ) { else #endif /* MBEDTLS_ZERO_RTT */ { -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_CERTIFICATE_REQUEST ); #else mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST ); @@ -2915,7 +2915,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, /* Check for minimal length */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { /* TBD: Add message header figure here. */ @@ -2956,7 +2956,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, /* skip header */ buf += mbedtls_ssl_hs_hdr_len( ssl ); -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -2982,7 +2982,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, ssl->minor_ver = 0x04; /* store server-provided random values */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { memcpy( ssl->handshake->randbytes + 16, buf, 16 ); @@ -3001,11 +3001,11 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, buf += 32; } -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) /* legacy_session_id_echo */ if( ssl->session_negotiate->id_len != buf[0] ) { @@ -3042,7 +3042,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, #endif /* MBEDTLS_COMPATIBILITY_MODE */ } -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { /* read server-selected ciphersuite, which follows random bytes */ @@ -3089,7 +3089,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: ( %04x ) - %s", i, suite_info->name ) ); -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ @@ -3111,7 +3111,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, } -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -3168,7 +3168,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, switch ( ext_id ) { -#if defined( MBEDTLS_CID ) +#if defined(MBEDTLS_CID) case MBEDTLS_TLS_EXT_CID: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); if( ssl->conf->cid == MBEDTLS_CID_CONF_DISABLED ) @@ -3188,7 +3188,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, return( ret ); break; -#if defined( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) case MBEDTLS_TLS_EXT_PRE_SHARED_KEY: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) ); if( ( ret = ssl_parse_server_psk_identity_ext( ssl, ext + 4, (size_t)ext_size ) ) != 0 ) @@ -3199,7 +3199,7 @@ static int ssl_server_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ -#if defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) case MBEDTLS_TLS_EXT_KEY_SHARES: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) ); @@ -3258,7 +3258,7 @@ static int ssl_server_hello_postprocess( mbedtls_ssl_context* ssl ) return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } -#if defined( MBEDTLS_CID ) +#if defined(MBEDTLS_CID) /* Server does not want to use CID -> recover resources */ if( ssl->session_negotiate->cid == MBEDTLS_CID_DISABLED && ssl->in_cid_len > 0 ) { @@ -3286,7 +3286,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, const mbedtls_ssl_ciphersuite_t* suite_info; /* pointer to ciphersuite */ -#if defined( MBEDTLS_ECDH_C ) +#if defined(MBEDTLS_ECDH_C) /* Variables for parsing the key_share */ const mbedtls_ecp_group_id* grp_id; const mbedtls_ecp_curve_info* info, * curve = NULL; @@ -3294,7 +3294,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, #endif /* MBEDTLS_ECDH_C */ /* Check for minimal length */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { /* TBD: Add message header figure here. */ @@ -3336,7 +3336,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, /* skip header */ buf += mbedtls_ssl_hs_hdr_len( ssl ); -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -3362,7 +3362,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, ssl->minor_ver = 0x04; /* store server-provided random values */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { memcpy( ssl->handshake->randbytes + 16, buf, 16 ); @@ -3381,11 +3381,11 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, buf += 32; } -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) /* legacy_session_id_echo */ if( ssl->session_negotiate->id_len != buf[0] ) { @@ -3422,7 +3422,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, #endif /* MBEDTLS_COMPATIBILITY_MODE */ } -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { /* read server-selected ciphersuite, which follows random bytes */ @@ -3469,7 +3469,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "hello retry request, chosen ciphersuite: ( %04x ) - %s", i, suite_info->name ) ); -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ @@ -3490,7 +3490,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, } } -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -3545,7 +3545,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, switch ( ext_id ) { -#if defined( MBEDTLS_SSL_COOKIE_C ) +#if defined(MBEDTLS_SSL_COOKIE_C) case MBEDTLS_TLS_EXT_COOKIE: MBEDTLS_SSL_DEBUG_BUF( 3, "cookie extension", ext + 4, ext_size ); @@ -3573,7 +3573,7 @@ static int ssl_hrr_parse( mbedtls_ssl_context* ssl, return( ret ); break; -#if defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) case MBEDTLS_TLS_EXT_KEY_SHARES: MBEDTLS_SSL_DEBUG_BUF( 3, "key_share extension", ext + 4, ext_size ); @@ -3730,17 +3730,17 @@ static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, transcript[3] = ( uint8_t )hash_length; - /* #if defined( MBEDTLS_SHA256_C ) + /* #if defined(MBEDTLS_SHA256_C) mbedtls_sha256_context sha256; #endif - #if defined( MBEDTLS_SHA512_C ) + #if defined(MBEDTLS_SHA512_C) mbedtls_sha512_context sha512; #endif */ if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_finish( &ssl->handshake->fin_sha256, &transcript[4] ); MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 32 + 4 ); @@ -3755,7 +3755,7 @@ static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, } else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_finish( &ssl->handshake->fin_sha512, &transcript[4] ); MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 48 + 4 ); @@ -3770,7 +3770,7 @@ static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, } else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA512 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_finish( &ssl->handshake->fin_sha512, &transcript[4] ); MBEDTLS_SSL_DEBUG_BUF( 5, "Transcript-Hash( ClientHello1, HelloRetryRequest, ... MN )", &transcript[0], 64 + 4 ); @@ -3792,7 +3792,7 @@ static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, /* Add transcript for HRR */ ssl->handshake->update_checksum( ssl, orig_buf, orig_msg_len ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) mbedtls_ssl_recv_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ return( 0 ); @@ -3802,7 +3802,7 @@ static int ssl_hrr_postprocess( mbedtls_ssl_context* ssl, -#if !defined( foobar ) +#if !defined(foobar) static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) { ( ( void )ssl ); @@ -3816,8 +3816,8 @@ static void mbedtls_patch_pointers( mbedtls_ssl_context* ssl ) * us not to add a CID value to the record header then the * out_cid_len or in_cid_len will be zero. */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) -#if defined( MBEDTLS_CID ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined(MBEDTLS_CID) size_t out_cid_len = ssl->out_cid_len; size_t in_cid_len = ssl->in_cid_len; #else @@ -3873,7 +3873,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) return( ret ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) { @@ -3889,13 +3889,13 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) /* Reset hello_retry_requests_receive since we have not seen an HRR msg yet. */ ssl->handshake->hello_retry_requests_received = 0; -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) /* Reset session id */ memset( ssl->session_negotiate->id, 0, 32 ); ssl->session_negotiate->id_len = 0; #endif /* MBEDTLS_COMPATIBILITY_MODE */ -#if defined( MBEDTLS_ECP_C ) +#if defined(MBEDTLS_ECP_C) /* We need to initialize the handshake->key_shares_curve_list. */ if( ssl->handshake->key_shares_curve_list == NULL ) { @@ -3913,7 +3913,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_ECP_C */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* nothing sent or received so far */ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { @@ -3927,7 +3927,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) case MBEDTLS_SSL_CLIENT_HELLO: /* Reset pointers to buffers */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->out_hdr = ssl->out_buf; @@ -3944,7 +3944,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* epoch value ( 0 ) is used with unencrypted messages */ ssl->in_epoch = 0; ssl->out_epoch = 0; @@ -3956,15 +3956,15 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_client_hello", ret ); return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO ); #else mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_APP_DATA ); @@ -3976,17 +3976,17 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_send_flight_completed( ssl ); #endif break; -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) /* ----- WRITE CHANGE CIPHER SPEC ----*/ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) case MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO: ret = mbedtls_ssl_write_change_cipher_spec( ssl ); @@ -4027,7 +4027,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -4035,11 +4035,11 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) if( ssl->handshake->hello_retry_requests_received > 0 ) { /* If we received the HRR msg then we send another ClientHello */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_HELLO_RETRY_REQUEST, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) /* If not offering early data, the client sends a dummy * change_cipher_spec record immediately before its * second flight. This may either be before its second @@ -4053,7 +4053,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) else { /* Otherwise we continue with the handshake */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_SERVER_HELLO, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -4065,7 +4065,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) /* ----- WRITE CHANGE_CIPHER_SPEC ----*/ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) case MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO: ret = mbedtls_ssl_write_change_cipher_spec( ssl ); @@ -4084,12 +4084,12 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) } mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SECOND_SERVER_HELLO ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_send_flight_completed( ssl ); #endif @@ -4111,7 +4111,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -4142,7 +4142,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) /* ----- WRITE CHANGE CIPHER SPEC ----*/ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) case MBEDTLS_SSL_CLIENT_CCS_BEFORE_CERTIFICATE_REQUEST: ret = mbedtls_ssl_write_change_cipher_spec( ssl ); @@ -4197,12 +4197,12 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_RET( 1, "ssl_finished_in_process", ret ); return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_FINISHED, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_DATA ); @@ -4214,7 +4214,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) } break; -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) /* ----- WRITE END-OF-EARLY-DATA ----*/ @@ -4255,7 +4255,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) /* ----- WRITE CHANGE CIPHER SPEC ----*/ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) case MBEDTLS_SSL_CLIENT_CCS_BEFORE_FINISHED: if( ssl->transform_out == NULL ) @@ -4276,7 +4276,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) } break; -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* ----- READ ACK ----*/ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 972fa0a97d15..e6f6d1576ac5 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -21,19 +21,19 @@ */ -#if !defined( MBEDTLS_CONFIG_FILE ) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#if defined( MBEDTLS_SSL_TLS_C ) +#if defined(MBEDTLS_SSL_TLS_C) -#if defined( MBEDTLS_SSL_PROTO_TLS1_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) #include "mbedtls/aes.h" #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -45,12 +45,12 @@ #include "mbedtls/hkdf.h" #include -#if defined( MBEDTLS_X509_CRT_PARSE_C ) && \ - defined( MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE ) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) #include "mbedtls/oid.h" #endif -#if defined( MBEDTLS_PLATFORM_C ) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include @@ -58,17 +58,17 @@ #define mbedtls_free free #endif /* MBEDTLS_PLATFORM_C */ -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) static int ssl_calc_verify_tls_sha256( mbedtls_ssl_context*, unsigned char*, int ); static int ssl_calc_finished_tls_sha256( mbedtls_ssl_context*, unsigned char*, int ); #endif /* MBEDTLS_SHA256_C */ -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) static int ssl_calc_verify_tls_sha384( mbedtls_ssl_context*, unsigned char*, int ); static int ssl_calc_finished_tls_sha384( mbedtls_ssl_context*, unsigned char*, int ); #endif /* MBEDTLS_SHA512_C */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) static enum varint_length_enum set_varint_length( uint32_t input, uint32_t* output ) { if( input <= 127 ) @@ -152,7 +152,7 @@ static uint32_t get_varint_value( const uint32_t input ) } #endif /* MBEDTLS_CTLS */ -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) static int ssl_calc_finished_tls_sha256( mbedtls_ssl_context* ssl, unsigned char* buf, int from ) { @@ -177,7 +177,7 @@ static int ssl_calc_finished_tls_sha256( mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); /* - #if !defined( MBEDTLS_SHA256_ALT ) + #if !defined(MBEDTLS_SHA256_ALT) MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha2 state", ( unsigned char * ) sha256.state, sizeof( sha256.state ) ); #endif @@ -275,7 +275,7 @@ static int ssl_calc_finished_tls_sha256( } #endif /* MBEDTLS_SHA256_C */ -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) static int ssl_calc_finished_tls_sha384( mbedtls_ssl_context* ssl, unsigned char* buf, int from ) { @@ -318,7 +318,7 @@ static int ssl_calc_finished_tls_sha384( * * Only included if present. */ - /*#if !defined( MBEDTLS_SHA512_ALT ) + /*#if !defined(MBEDTLS_SHA512_ALT) MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", ( unsigned char * ) sha512.state, sizeof( sha512.state ) ); #endif @@ -394,7 +394,7 @@ static int ssl_calc_finished_tls_sha384( #endif /* MBEDTLS_SHA512_C */ -#if defined( MBEDTLS_CID ) +#if defined(MBEDTLS_CID) void ssl_write_cid_ext( mbedtls_ssl_context *ssl, unsigned char* buf, unsigned char* end, @@ -502,12 +502,12 @@ int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Incorrect CID extension length" ) ); -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); #endif /* MBEDTLS_SSL_CLI_C */ -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); #endif /* MBEDTLS_SSL_SRV_C */ @@ -533,7 +533,7 @@ int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_CID */ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) { int ret; @@ -565,7 +565,7 @@ int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_COMPATIBILITY_MODE */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /*********************** * @@ -688,7 +688,7 @@ int mbedtls_ssl_write_ack( mbedtls_ssl_context *ssl ) * Only if we handle at least one key exchange that needs signatures. */ -#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, unsigned char* buf, unsigned char* end, @@ -802,10 +802,10 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k const mbedtls_ssl_ciphersuite_t *suite_info; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_context sha256; #endif -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_context sha512; #endif @@ -836,7 +836,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 32 ) { -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) handshake->calc_verify = ssl_calc_verify_tls_sha256; handshake->calc_finished = ssl_calc_finished_tls_sha256; #else @@ -847,7 +847,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 48 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) handshake->calc_verify = ssl_calc_verify_tls_sha384; handshake->calc_finished = ssl_calc_finished_tls_sha384; #else @@ -863,7 +863,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k } -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 32 ) { mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); @@ -871,7 +871,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k } else #endif /* MBEDTLS_SHA256_C */ -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 48 ) { mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -1035,7 +1035,7 @@ int incrementSequenceNumber( unsigned char *sequenceNumber, unsigned char *nonce return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); } -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) static int ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char hash[32], int from ) { mbedtls_sha256_context sha256; @@ -1116,7 +1116,7 @@ static int ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char h } #endif /* MBEDTLS_SHA256_C */ -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) static int ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char hash[48], int from ) { mbedtls_sha512_context sha384; @@ -1223,7 +1223,7 @@ static int ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char h */ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { -#if defined( MBEDTLS_SHA256_C ) && !defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA512_C) unsigned char salt[32]; unsigned char ECDHE[32]; unsigned char null_ikm[32]; @@ -1235,13 +1235,13 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { unsigned char intermediary_secret[64]; #endif -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) /* SHA256 hash of "" string of length 0. */ static const unsigned char NULL_HASH_SHA256[32] = { 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 }; #endif /* MBEDTLS_SHA256_C */ -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) /* SHA384 hash of "" string of length 0. */ static const unsigned char NULL_HASH_SHA384[48] = { 0x38, 0xb0, 0x60, 0xa7, 0x51, 0xac, 0x96, 0x38, 0x4c, 0xd9, 0x32, 0x7e, 0xb1, 0xb1, 0xe3, 0x6a, 0x21, 0xfd, 0xb7, 0x11, 0x14, 0xbe, 0x07, 0x43, 0x4c, 0x0c, 0xc7, 0xbf, 0x63, 0xf6, 0xe1, 0xda, 0x27, 0x4e, 0xde, 0xbf, 0xe7, 0x6f, 0x65, 0xfb, 0xd5, 0x1a, 0xd2, 0xf1, 0x48, 0x98, 0xb9, 0x5b }; @@ -1257,7 +1257,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { unsigned int psk_allocated = 0; int hash_size; -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) psk = ssl->conf->psk; psk_len = ssl->conf->psk_len; #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ @@ -1296,7 +1296,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* If the psk callback was called, use its result */ if( ( ssl->handshake->psk != NULL ) && ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || @@ -1306,7 +1306,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { psk_len = ssl->handshake->psk_len; } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) if( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) { @@ -1329,7 +1329,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { /* We point the padbuf variable to the appropriate constant */ if( hash_size == 32 ) { -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) padbuf = ( unsigned char* ) NULL_HASH_SHA256; #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA256_C not set but ciphersuite with SHA256 negotiated" ) ); @@ -1339,7 +1339,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { } else if( hash_size == 48 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) padbuf = ( unsigned char* ) NULL_HASH_SHA384; #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA512_C not set but ciphersuite with SHA384 negotiated" ) ); @@ -1378,7 +1378,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { */ /* if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 32 ) { - #if defined( MBEDTLS_SHA256_C ) + #if defined(MBEDTLS_SHA256_C) mbedtls_sha256( ( const unsigned char* ) "", 0, padbuf, 0 ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA256_C not set but ciphersuite with SHA256 negotiated" ) ); @@ -1387,7 +1387,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { } if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 48 ) { - #if defined( MBEDTLS_SHA512_C ) + #if defined(MBEDTLS_SHA512_C) mbedtls_sha512( ( const unsigned char* ) "", 0, padbuf, 1 ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA512_C not set but ciphersuite with SHA384 negotiated" ) ); @@ -1413,7 +1413,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { * Compute Handshake Secret with HKDF-Extract( Intermediary Secret, ECDHE ) */ -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) if( ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) || ( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) ){ @@ -1432,7 +1432,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { } else #endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED */ -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) if( ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) { memset( ECDHE, 0x0, hash_size ); @@ -1527,7 +1527,7 @@ int ssl_certificate_verify_process( mbedtls_ssl_context* ssl ); #define SSL_CERTIFICATE_VERIFY_SKIP 0 #define SSL_CERTIFICATE_VERIFY_SEND 1 static int ssl_certificate_verify_coordinate( mbedtls_ssl_context* ssl ); -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, @@ -1547,7 +1547,7 @@ int ssl_certificate_verify_process( mbedtls_ssl_context* ssl ) /* Coordination step: Check if we need to send a CertificateVerify */ MBEDTLS_SSL_PROC_CHK( ssl_certificate_verify_coordinate( ssl ) ); -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) if( ret == SSL_CERTIFICATE_VERIFY_SEND ) { /* Make sure we can write a new message. */ @@ -1611,7 +1611,7 @@ static int ssl_certificate_verify_coordinate( mbedtls_ssl_context* ssl ) return( SSL_CERTIFICATE_VERIFY_SKIP ); } -#if !defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else @@ -1664,7 +1664,7 @@ static int ssl_certificate_verify_coordinate( mbedtls_ssl_context* ssl ) } -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) static int ssl_certificate_verify_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, @@ -1744,12 +1744,12 @@ static int ssl_certificate_verify_postprocess( mbedtls_ssl_context* ssl ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_FINISHED ); #else mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); @@ -1785,7 +1785,7 @@ int ssl_read_certificate_verify_process( mbedtls_ssl_context* ssl ); #define SSL_CERTIFICATE_VERIFY_READ 1 static int ssl_read_certificate_verify_coordinate( mbedtls_ssl_context* ssl ); -#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) /* Parse and validate CertificateVerify message * * Note: The size of the hash buffer is assumed to be large enough to @@ -1816,7 +1816,7 @@ int ssl_read_certificate_verify_process( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_PROC_CHK( ssl_read_certificate_verify_coordinate( ssl ) ); -#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) if( ret == SSL_CERTIFICATE_VERIFY_READ ) { /* Need to calculate the hash of the transcript first @@ -1881,7 +1881,7 @@ static int ssl_read_certificate_verify_coordinate( mbedtls_ssl_context* ssl ) return( SSL_CERTIFICATE_VERIFY_SKIP ); } -#if !defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) +#if !defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else @@ -1893,7 +1893,7 @@ static int ssl_read_certificate_verify_coordinate( mbedtls_ssl_context* ssl ) } -#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) static int ssl_read_certificate_verify_parse( mbedtls_ssl_context* ssl, unsigned char const* buf, size_t buflen, @@ -2003,7 +2003,7 @@ static int ssl_read_certificate_verify_parse( mbedtls_ssl_context* ssl, static int ssl_read_certificate_verify_postprocess( mbedtls_ssl_context* ssl ) { -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); @@ -2012,7 +2012,7 @@ static int ssl_read_certificate_verify_postprocess( mbedtls_ssl_context* ssl ) #endif /* MBEDTLS_SSL_SRV_C */ { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); @@ -2053,7 +2053,7 @@ int ssl_write_certificate_process( mbedtls_ssl_context* ssl ); #define SSL_WRITE_CERTIFICATE_AVAILABLE 0 #define SSL_WRITE_CERTIFICATE_SKIP 1 static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ); -#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) /* Write certificate message based on the configured certificate */ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, unsigned char* buf, @@ -2075,7 +2075,7 @@ int ssl_write_certificate_process( mbedtls_ssl_context* ssl ) /* Coordination: Check if we need to send a certificate. */ MBEDTLS_SSL_PROC_CHK( ssl_write_certificate_coordinate( ssl ) ); -#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) if( ret == SSL_WRITE_CERTIFICATE_AVAILABLE ) { /* Make sure we can write a new message. */ @@ -2122,7 +2122,7 @@ static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ) { int have_own_cert = 1; -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { /* Pre-configuration */ @@ -2140,12 +2140,12 @@ static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ) return( SSL_WRITE_CERTIFICATE_SKIP ); } -#if !defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) +#if !defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { /* The client MUST send a Certificate message if and only @@ -2162,7 +2162,7 @@ static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ) } } #endif /* MBEDTLS_SSL_CLI_C */ -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { if( have_own_cert == 0 ) @@ -2179,7 +2179,7 @@ static int ssl_write_certificate_coordinate( mbedtls_ssl_context* ssl ) -#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, @@ -2210,7 +2210,7 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, */ i += 1; -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) /* If the server requests client authentication but no suitable * certificate is available, the client MUST send a * Certificate message containing no certificates @@ -2265,7 +2265,7 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, *start++ = (unsigned char)( ( total_len ) >> 8 ); *start++ = (unsigned char)( ( total_len ) ); -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) empty_cert: #endif /* MBEDTLS_SSL_CLI_C */ * olen = i; @@ -2279,16 +2279,16 @@ static int ssl_write_certificate_write( mbedtls_ssl_context* ssl, /* Update the state after handling the outgoing certificate message. */ static int ssl_write_certificate_postprocess( mbedtls_ssl_context* ssl ) { -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_clear_all( ssl, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2300,7 +2300,7 @@ static int ssl_write_certificate_postprocess( mbedtls_ssl_context* ssl ) else #endif /* MBEDTLS_SSL_CLI_C */ -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_VERIFY ); @@ -2336,7 +2336,7 @@ int ssl_read_certificate_process( mbedtls_ssl_context* ssl ); #define SSL_CERTIFICATE_SKIP 1 static int ssl_read_certificate_coordinate( mbedtls_ssl_context* ssl ); -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) /* Parse certificate chain send by the peer. */ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, unsigned char const* buf, @@ -2362,7 +2362,7 @@ int ssl_read_certificate_process( mbedtls_ssl_context* ssl ) * Check if we expect a certificate, and if yes, * check if a non-empty certificate has been sent. */ MBEDTLS_SSL_PROC_CHK( ssl_read_certificate_coordinate( ssl ) ); -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) if( ret == SSL_CERTIFICATE_EXPECTED ) { /* Reading step */ @@ -2430,18 +2430,18 @@ static int ssl_read_certificate_coordinate( mbedtls_ssl_context* ssl ) return( SSL_CERTIFICATE_SKIP ); } -#if !defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ( ( void )authmode ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { /* If SNI was used, overwrite authentication mode * from the configuration. */ -#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) authmode = ssl->handshake->sni_authmode; #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ @@ -2461,7 +2461,7 @@ static int ssl_read_certificate_coordinate( mbedtls_ssl_context* ssl ) #endif /* !MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ } -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) /* Write certificate message based on the configured certificate */ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, unsigned char const* buf, @@ -2471,7 +2471,7 @@ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, size_t i, n, certificate_request_context_len; int authmode = ssl->conf->authmode; -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { /* read certificate request context length */ @@ -2606,7 +2606,7 @@ static int ssl_read_certificate_parse( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) { int ret = 0; @@ -2616,7 +2616,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) /* If SNI was used, overwrite authentication mode * from the configuration. */ -#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) authmode = ssl->handshake->sni_authmode; #endif @@ -2628,7 +2628,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) * Check for that and handle it depending on the * server's authentication mode. */ -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && ssl->session_negotiate->peer_cert == NULL ) { @@ -2660,7 +2660,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) return( 0 ); } -#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) if( ssl->handshake->sni_ca_chain != NULL ) { ca_chain = ssl->handshake->sni_ca_chain; @@ -2693,7 +2693,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) * Secondary checks: always done, but change 'ret' only if it was 0 */ -#if defined( MBEDTLS_ECP_C ) +#if defined(MBEDTLS_ECP_C) { const mbedtls_pk_context* pk = &ssl->session_negotiate->peer_cert->pk; @@ -2768,7 +2768,7 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN ); } -#if defined( MBEDTLS_DEBUG_C ) +#if defined(MBEDTLS_DEBUG_C) if( ssl->session_negotiate->verify_result != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %x", @@ -2787,13 +2787,13 @@ static int ssl_read_certificate_validate( mbedtls_ssl_context* ssl ) static int ssl_read_certificate_postprocess( mbedtls_ssl_context* ssl ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_CERTIFICATE, MBEDTLS_SSL_ACK_RECORDS_RECEIVED ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY ); @@ -2834,17 +2834,17 @@ static int ssl_read_certificate_postprocess( mbedtls_ssl_context* ssl ) int mbedtls_ssl_generate_resumption_master_secret( mbedtls_ssl_context *ssl ) { int ret = 0; -#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) +#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) const mbedtls_md_info_t *md_info; const mbedtls_ssl_ciphersuite_t *suite_info; mbedtls_ssl_transform *transform = ssl->transform_negotiate; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_context sha256; #endif -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_context sha512; #endif @@ -2863,7 +2863,7 @@ int mbedtls_ssl_generate_resumption_master_secret( mbedtls_ssl_context *ssl ) { return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 32 ) { mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); @@ -2871,7 +2871,7 @@ int mbedtls_ssl_generate_resumption_master_secret( mbedtls_ssl_context *ssl ) { } else #endif /* MBEDTLS_SHA256_C */ -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 48 ) { mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -2920,11 +2920,11 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key unsigned char padbuf[MBEDTLS_MD_MAX_SIZE]; -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_context sha256; #endif -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_context sha512; #endif @@ -2978,7 +2978,7 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 32 ) { -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_init( &sha256 ); mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); mbedtls_sha256_finish( &sha256, padbuf ); @@ -2990,7 +2990,7 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 48 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -3088,7 +3088,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe unsigned char *key2; size_t out_cid_len; size_t in_cid_len; -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) unsigned char *temp; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3137,7 +3137,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe /* Copy current traffic_key structure to previous */ transform->traffic_keys_previous.clientWriteIV = transform->traffic_keys.clientWriteIV; transform->traffic_keys_previous.clientWriteKey = transform->traffic_keys.clientWriteKey; -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) transform->traffic_keys_previous.epoch = transform->traffic_keys.epoch; #endif /* MBEDTLS_SSL_PROTO_DTLS */ transform->traffic_keys_previous.ivLen = transform->traffic_keys.ivLen; @@ -3145,7 +3145,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe transform->traffic_keys_previous.serverWriteIV = transform->traffic_keys.serverWriteIV; transform->traffic_keys_previous.serverWriteKey = transform->traffic_keys.serverWriteKey; memcpy( transform->traffic_keys_previous.iv, transform->traffic_keys.iv, transform->ivlen ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) transform->traffic_keys_previous.client_sn_key = transform->traffic_keys.client_sn_key; transform->traffic_keys_previous.server_sn_key = transform->traffic_keys.server_sn_key; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3153,19 +3153,19 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe /* Store current traffic_key structure */ transform->traffic_keys.clientWriteIV = traffic_keys->clientWriteIV; transform->traffic_keys.clientWriteKey = traffic_keys->clientWriteKey; -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) transform->traffic_keys.epoch = traffic_keys->epoch; #endif /* MBEDTLS_SSL_PROTO_DTLS */ transform->traffic_keys.ivLen = traffic_keys->ivLen; transform->traffic_keys.keyLen = traffic_keys->keyLen; transform->traffic_keys.serverWriteIV = traffic_keys->serverWriteIV; transform->traffic_keys.serverWriteKey = traffic_keys->serverWriteKey; -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) transform->traffic_keys.client_sn_key = traffic_keys->client_sn_key; transform->traffic_keys.server_sn_key = traffic_keys->server_sn_key; #endif /* MBEDTLS_SSL_PROTO_DTLS */ } -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { @@ -3180,7 +3180,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe memcpy( transform->iv_dec, transform->traffic_keys_previous.clientWriteIV, transform->ivlen ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* Reverse the keys for server */ temp = transform->traffic_keys.client_sn_key; transform->traffic_keys.client_sn_key = transform->traffic_keys.server_sn_key; @@ -3190,7 +3190,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe } #endif /* MBEDTLS_SSL_SRV_C */ -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { key1 = traffic_keys->clientWriteKey; /* encryption key for the client */ @@ -3235,7 +3235,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe * out_cid_len or in_cid_len will be zero. */ -#if defined( MBEDTLS_CID ) && defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_CID) && defined(MBEDTLS_SSL_PROTO_DTLS) out_cid_len = ssl->out_cid_len; #else out_cid_len = 0; @@ -3252,7 +3252,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe ssl->out_msg = ssl->out_iv; } -#if defined( MBEDTLS_CID ) && defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_CID) && defined(MBEDTLS_SSL_PROTO_DTLS) in_cid_len = ssl->in_cid_len; #else in_cid_len = 0; @@ -3272,7 +3272,7 @@ int mbedtls_set_traffic_key( mbedtls_ssl_context *ssl, KeySet *traffic_keys, mbe return ( 0 ); } -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) /* Early Data Key Derivation for TLS 1.3 * * Three tasks: @@ -3290,11 +3290,11 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra unsigned char padbuf[MBEDTLS_MD_MAX_SIZE]; mbedtls_ssl_transform *transform; -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_context sha256; #endif -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_context sha512; #endif @@ -3319,7 +3319,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) ); @@ -3328,7 +3328,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra transform = ssl->transform_negotiate; } #endif -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); @@ -3368,20 +3368,20 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { memset( transform->sequence_number_dec, 0x0, 12 ); /* Set sequence number to zero */ } #endif -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { memset( transform->sequence_number_enc, 0x0, 12 ); /* Set sequence number to zero */ } #endif -#if defined( MBEDTLS_SSL_PROTO_DTLS ) && defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl_dtls_replay_reset( ssl ); @@ -3390,7 +3390,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra if( ciphersuite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_init( &sha256 ); mbedtls_sha256_starts( &sha256, 0 /* = use SHA256 */ ); mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); @@ -3404,7 +3404,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra } else if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -3418,7 +3418,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra } else if( ciphersuite_info->mac == MBEDTLS_MD_SHA512 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 0 /* = use SHA512 */ ); mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); @@ -3518,7 +3518,7 @@ int mbedtls_ssl_key_derivation( mbedtls_ssl_context *ssl, KeySet *traffic_keys ) memset( ssl->transform_in->sequence_number_dec, 0x0, 12 ); /* Set sequence number to zero */ memset( ssl->in_ctr, 0, 8 ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) && defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ssl_dtls_replay_reset( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -3543,7 +3543,7 @@ int mbedtls_ssl_key_derivation( mbedtls_ssl_context *ssl, KeySet *traffic_keys ) */ ssl->in_msg = ssl->in_iv; -#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_activate != NULL ) { if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_INBOUND ) ) != 0 ) @@ -3581,7 +3581,7 @@ void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) /* With DTLS 1.3 we keep the handshake and transform structures alive. */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip freeing handshake and transform" ) ); @@ -3658,10 +3658,10 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) int ret; KeySet* traffic_keys=ssl->handshake->state_local.finished_out.traffic_keys; -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { ssl->transform_out = ssl->transform_negotiate; @@ -3675,7 +3675,7 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) traffic_keys.epoch = 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3685,7 +3685,7 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_set_traffic_key", ret ); return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* epoch value ( 2 ) is used for messages protected using keys derived * from the handshake_traffic_secret. */ @@ -3709,7 +3709,7 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) /* * Set the out_msg pointer to the correct location based on IV length */ -#if !defined( MBEDTLS_SSL_PROTO_DTLS ) +#if !defined(MBEDTLS_SSL_PROTO_DTLS) ssl->out_msg = ssl->out_iv; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3721,7 +3721,7 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) ssl->handshake->state_local.finished_out.digest, ssl->conf->endpoint ); -#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_activate != NULL ) { if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) @@ -3732,7 +3732,7 @@ static int ssl_finished_out_prepare( mbedtls_ssl_context* ssl ) } #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_send_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3745,11 +3745,11 @@ static int ssl_finished_out_postprocess( mbedtls_ssl_context* ssl ) int ret; KeySet* traffic_keys = ssl->handshake->state_local.finished_out.traffic_keys; -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ack_add_record( ssl, MBEDTLS_SSL_HS_FINISHED, MBEDTLS_SSL_ACK_RECORDS_SENT ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3763,7 +3763,7 @@ static int ssl_finished_out_postprocess( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) traffic_keys.epoch = 3; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3774,7 +3774,7 @@ static int ssl_finished_out_postprocess( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* epoch value ( 3 ) is used for payloads protected using keys * derived from the initial traffic_secret_0. */ @@ -3790,10 +3790,10 @@ static int ssl_finished_out_postprocess( mbedtls_ssl_context* ssl ) } #endif /* MBEDTLS_SSL_CLI_C */ -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_DATA ); @@ -3890,7 +3890,7 @@ int ssl_finished_in_process( mbedtls_ssl_context* ssl ) ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), ssl->in_hslen - mbedtls_ssl_hs_hdr_len( ssl ) ) ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_recv_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -3972,13 +3972,13 @@ static int ssl_finished_in_parse( mbedtls_ssl_context* ssl, static int ssl_finished_in_postprocess( mbedtls_ssl_context* ssl ) { /* Update logic state machine */ -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { } #endif /* MBEDTLS_SSL_CLI_C */ -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { @@ -3990,7 +3990,7 @@ static int ssl_finished_in_postprocess( mbedtls_ssl_context* ssl ) -#if defined( MBEDTLS_CID ) +#if defined(MBEDTLS_CID) void mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, unsigned int cid ) { if( cid == MBEDTLS_CID_CONF_DISABLED || cid == MBEDTLS_CID_CONF_ENABLED || @@ -4000,7 +4000,7 @@ void mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, unsigned int cid ) #endif -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, int early_data, char *buffer, unsigned int len, int( *early_data_callback )( mbedtls_ssl_context *, unsigned char *, size_t ) ) { @@ -4018,7 +4018,7 @@ void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, int early_data, char #endif /* MBEDTLS_ZERO_RTT */ -#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) +#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) /* The ssl_parse_new_session_ticket( ) function is used by the * client to parse the NewSessionTicket message, which contains @@ -4181,7 +4181,7 @@ int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "Key_len: %d", mbedtls_hash_size_for_ciphersuite( suite_info ) ) ); -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) /* Store ticket creation time */ ssl->session->ticket_received = time( NULL ); #endif @@ -4197,7 +4197,7 @@ int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) * received will be set. */ -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) int mbedtls_ssl_conf_ticket_meta( mbedtls_ssl_config *conf, const uint32_t ticket_age_add, const time_t ticket_received ) @@ -4207,7 +4207,7 @@ int mbedtls_ssl_conf_ticket_meta( mbedtls_ssl_config *conf, #endif /* MBEDTLS_HAVE_TIME */ { conf->ticket_age_add = ticket_age_add; -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) conf->ticket_received = ticket_received; #endif /* MBEDTLS_HAVE_TIME */ return( 0 ); @@ -4218,7 +4218,7 @@ int mbedtls_ssl_conf_ticket_meta( mbedtls_ssl_config *conf, -#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) +#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) /* * Init ticket structure @@ -4284,7 +4284,7 @@ int mbedtls_ssl_conf_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_ if( ret != 0 ) return( -1 ); /* We set the ticket_age_add and the time we received the ticket */ -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) ret = mbedtls_ssl_conf_ticket_meta( conf, ticket->ticket_age_add, ticket->start ); #else ret = mbedtls_ssl_conf_ticket_meta( conf, ticket->ticket_age_add ); @@ -4341,7 +4341,7 @@ int mbedtls_ssl_get_client_ticket( const mbedtls_ssl_context *ssl, mbedtls_ssl_t /* store ticket_age_add */ ticket->ticket_age_add = ssl->session->ticket_age_add; -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) /* store time we received the ticket */ ticket->start = ssl->session->ticket_received; #endif /* MBEDTLS_HAVE_TIME */ @@ -4392,7 +4392,7 @@ void mbedtls_ssl_conf_client_ticket_disable( mbedtls_ssl_context *ssl ) * }; * } EarlyDataIndication; */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t buflen, @@ -4401,7 +4401,7 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, unsigned char *p = buf; const unsigned char* end = buf + buflen; -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { if( ssl->conf->key_exchange_modes != KEY_EXCHANGE_MODE_PSK_KE || @@ -4415,7 +4415,7 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_SRV_C */ -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { if( ssl->conf->key_exchange_modes == KEY_EXCHANGE_MODE_ECDHE_ECDSA || @@ -4435,14 +4435,14 @@ int ssl_write_early_data_ext( mbedtls_ssl_context *ssl, return ( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding early_data extension" ) ); } #endif /* MBEDTLS_SSL_CLI_C */ -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding early_data extension" ) ); diff --git a/library/ssl_tls13_messaging.c b/library/ssl_tls13_messaging.c index 279e3fc9d908..edba336171ee 100644 --- a/library/ssl_tls13_messaging.c +++ b/library/ssl_tls13_messaging.c @@ -23,19 +23,19 @@ * https://github.com/hanno-arm/mbedtls/tree/mps_implementation/ */ -#if !defined( MBEDTLS_CONFIG_FILE ) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#if defined( MBEDTLS_SSL_TLS_C ) +#if defined(MBEDTLS_SSL_TLS_C) -#if defined( MBEDTLS_SSL_PROTO_TLS1_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) #include "mbedtls/aes.h" #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -46,12 +46,12 @@ #include "mbedtls/hkdf.h" #include -#if defined( MBEDTLS_X509_CRT_PARSE_C ) && \ - defined( MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE ) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) #include "mbedtls/oid.h" #endif -#if defined( MBEDTLS_PLATFORM_C ) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include @@ -71,11 +71,11 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context* ssl, mbedtls_ssl_transform* transform ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->out_ctr = ssl->out_hdr + 3; -#if defined( MBEDTLS_SSL_DTLS_CONNECTION_ID ) +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ssl->out_cid = ssl->out_ctr + 8; ssl->out_len = ssl->out_cid; if( transform != NULL ) @@ -90,7 +90,7 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context* ssl, { ssl->out_ctr = ssl->out_hdr - 8; ssl->out_len = ssl->out_hdr + 3; -#if defined( MBEDTLS_SSL_DTLS_CONNECTION_ID ) +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ssl->out_cid = ssl->out_len; #endif ssl->out_iv = ssl->out_hdr + 5; @@ -126,7 +126,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context* ssl ) * record plaintext. */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* This sets the header pointers to match records @@ -134,7 +134,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context* ssl ) * a CID, the fields are shifted accordingly in * ssl_parse_record_header( ). */ ssl->in_ctr = ssl->in_hdr + 3; -#if defined( MBEDTLS_SSL_DTLS_CONNECTION_ID ) +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ssl->in_cid = ssl->in_ctr + 8; ssl->in_len = ssl->in_cid; /* Default: no CID */ #else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -147,7 +147,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context* ssl ) { ssl->in_ctr = ssl->in_hdr - 8; ssl->in_len = ssl->in_hdr + 3; -#if defined( MBEDTLS_SSL_DTLS_CONNECTION_ID ) +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ssl->in_cid = ssl->in_len; #endif ssl->in_iv = ssl->in_hdr + 5; @@ -166,7 +166,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context* ssl ) void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context* ssl ) { /* Set the incoming and outgoing record pointers. */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->out_hdr = ssl->out_buf; @@ -216,7 +216,7 @@ static int ssl_check_timer( mbedtls_ssl_context *ssl ) /* Length of the "epoch" field in the record header */ static inline size_t ssl_ep_len( const mbedtls_ssl_context* ssl ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) return( 2 ); #else @@ -225,7 +225,7 @@ static inline size_t ssl_ep_len( const mbedtls_ssl_context* ssl ) return( 0 ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* @@ -289,7 +289,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) /* * Encrypt */ -#if defined( MBEDTLS_GCM_C ) || defined( MBEDTLS_CCM_C ) +#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) if( mode == MBEDTLS_MODE_GCM || mode == MBEDTLS_MODE_CCM || mode == MBEDTLS_MODE_CCM_8 ) { @@ -305,7 +305,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) taglen = 8; else taglen = 16; -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* TBD: We need to adjust the additional data calculation for CID use */ @@ -387,7 +387,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) * ( encrypted seqnr ) */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* For DTLS 1.3 and encrypted payloads only */ if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && ( ssl->transform_out != NULL ) ) @@ -480,7 +480,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) } -#if defined( MBEDTLS_GCM_C ) || defined( MBEDTLS_CCM_C ) +#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) if( mode == MBEDTLS_MODE_GCM || mode == MBEDTLS_MODE_CCM || mode == MBEDTLS_MODE_CCM_8 ) @@ -498,7 +498,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) taglen = 8; else taglen = 16; -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* Adding the content type to additional data */ @@ -565,7 +565,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 4, "Encrypted message ( without tag ):", dec_msg, dec_msglen ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) && defined( MBEDTLS_CID ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_CID) /* For DTLS 1.3 and encrypted payloads we need to decrypt the sequence number */ if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && ( ssl->transform_out != NULL ) ) @@ -632,7 +632,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 4, "Sequence Number ( after ):", ssl->transform_in->sequence_number_dec, 12 ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* Always copy the most recent IV used for incoming data. */ memcpy( ssl->transform_in->traffic_keys_previous.iv, ssl->transform_in->iv_dec, ssl->transform_in->ivlen ); @@ -684,7 +684,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) else ssl->nb_zero = 0; -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ; /* in_ctr read from peer, not maintained internally */ @@ -745,7 +745,7 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { uint32_t timeout; @@ -984,7 +984,7 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) /* * Functions to handle the DTLS retransmission state machine */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* * Append current handshake message to current outgoing flight */ @@ -1046,7 +1046,7 @@ static void ssl_flight_free( mbedtls_ssl_flight_item *flight ) } } -#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ); #endif @@ -1086,7 +1086,7 @@ static void ssl_swap_epochs( mbedtls_ssl_context *ssl ) else ssl->out_msg = ssl->out_iv; -#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_activate != NULL ) { if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) @@ -1214,7 +1214,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 5, ( "=> write record" ) ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake != NULL && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) @@ -1272,7 +1272,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) ssl->out_msglen += 1; } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* * DTLS has additional fields in the Handshake layer, * between the length field and the actual payload: @@ -1285,7 +1285,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) /* Make room for the additional DTLS fields */ memmove( ssl->out_msg + mbedtls_ssl_hs_hdr_len( ssl ), ssl->out_msg + 4, len - 4 ); ssl->out_msglen += 8; -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* Advancing also the pointer to the pre_shared_key extension ( if used ) */ if( ( ssl->handshake != NULL ) && ( ssl->handshake->pre_shared_key_pointer != NULL ) ) { @@ -1322,7 +1322,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* We need to patch the psk binder by * re-running the function to get the correct length information for the extension. * But: we only do that when in ClientHello state and when using a PSK mode @@ -1364,7 +1364,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) } /* Save handshake and CCS messages for resending */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake != NULL && ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING && @@ -1379,7 +1379,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_write != NULL ) { MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_write( )" ) ); @@ -1398,7 +1398,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) if( !done ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) size_t i=0; /* @@ -1476,7 +1476,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) /* Set flags in unified header */ ssl->out_hdr[0] = MBEDTLS_SSL_UNIFIED_HDR_PREAMBLE_3; -#if defined( MBEDTLS_CID ) +#if defined(MBEDTLS_CID) if( ssl->out_cid_len > 0 ) { @@ -1613,7 +1613,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) return( 0 ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* * Mark bits in bitmask ( used for DTLS HS reassembly ) */ @@ -1851,7 +1851,7 @@ static int ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) " %d, type = %d, hslen = %d", ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { int ret; @@ -1935,7 +1935,7 @@ static int ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) } /* Handshake message is complete, increment counter */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake != NULL ) { @@ -1956,7 +1956,7 @@ static int ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) * in_window is set. The only exception is the initial state ( record number 0 * not seen yet ). */ -#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ) { ssl->in_window_top = 0; @@ -2034,7 +2034,7 @@ void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ -#if defined( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE ) && defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) /* Forward declaration */ static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ); @@ -2235,7 +2235,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) { int ret; int major_ver, minor_ver; -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) int ptr_to_len; if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && @@ -2263,7 +2263,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) /* Check record type */ if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && ssl->in_msgtype != MBEDTLS_SSL_MSG_ALERT && -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && #endif /* MBEDTLS_COMPATIBILITY_MODE */ ssl->in_msgtype != MBEDTLS_SSL_MSG_ACK && @@ -2284,7 +2284,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->transform_in != NULL ) { @@ -2304,7 +2304,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) /* ssl->in_msgtype = MBEDTLS_SSL_MSG_TLS_CID; ( in DTLS 1.3 we shouldn't be using this message type ) */ ssl->in_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; -#if defined( MBEDTLS_CID ) +#if defined(MBEDTLS_CID) if( ssl->in_hdr[0] & MBEDTLS_SSL_UNIFIED_HDR_CID ) { /* Datagram contains a CID */ @@ -2368,7 +2368,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) } } /* Check epoch with DTLS */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { unsigned int rec_epoch = 0; @@ -2392,7 +2392,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) "expected %d, received %d", ssl->in_epoch, rec_epoch ) ); -#if defined( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE ) && defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) /* * Check for an epoch 0 ClientHello. We can't use in_msg here to * access the first byte of record content ( handshake type ), as we @@ -2418,7 +2418,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) } } -#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) /* Replay detection only works for the current epoch */ if( rec_epoch == ssl->in_epoch && mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) @@ -2454,7 +2454,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) } else { -#if !defined( MBEDTLS_COMPATIBILITY_MODE ) +#if !defined(MBEDTLS_COMPATIBILITY_MODE) /* In compatibility mode we will receive * Change Cipher Spec messages, which are * ssl->in_msglen = 1 in length. */ @@ -2469,7 +2469,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context* ssl ) * TLS encrypted messages can have up to 256 bytes of padding */ if( -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && #endif /* MBEDTLS_COMPATIBILITY_MODE */ ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 && @@ -2494,7 +2494,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 4, "RECEIVED FROM NETWORK", ssl->in_hdr, mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_in ) + ssl->in_msglen ); -#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_read != NULL ) { MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_read( )" ) ); @@ -2512,7 +2512,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ if( !done && ssl->transform_in != NULL ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* If we received an old record ( based on the epoch value ) * then we need to change the keys. */ @@ -2530,7 +2530,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) return( 0 ); #endif /* MBEDTLS_COMPATIBILITY_MODE */ @@ -2550,7 +2550,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_INVALID_RECORD ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* We re-set the key. */ if( ( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) && @@ -2568,7 +2568,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) } -#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { mbedtls_ssl_dtls_replay_update( ssl ); @@ -2630,7 +2630,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) if( ( ret = ssl_parse_record_header( ssl ) ) != 0 ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ret != MBEDTLS_ERR_SSL_CLIENT_RECONNECT ) { @@ -2658,7 +2658,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) /* Done reading this record, get ready for the next one */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ssl->next_record_offset = ssl->in_msglen + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_in ); else @@ -2671,7 +2671,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) if( ( ret = ssl_prepare_record_content( ssl ) ) != 0 ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* Silently discard invalid records */ @@ -2684,7 +2684,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) if( ssl->state == MBEDTLS_SSL_CLIENT_FINISHED || ssl->state == MBEDTLS_SSL_SERVER_FINISHED ) { -#if defined( MBEDTLS_SSL_ALL_ALERT_MESSAGES ) +#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) { mbedtls_ssl_send_alert_message( ssl, @@ -2695,7 +2695,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) return( ret ); } -#if defined( MBEDTLS_SSL_DTLS_BADMAC_LIMIT ) +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) if( ssl->conf->badmac_limit != 0 && ++ssl->badmac_seen >= ssl->conf->badmac_limit ) { @@ -2714,7 +2714,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ { /* Error out ( and send alert ) on invalid records */ -#if defined( MBEDTLS_SSL_ALL_ALERT_MESSAGES ) +#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) { mbedtls_ssl_send_alert_message( ssl, @@ -2796,7 +2796,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) /* Skip the ContentType and padding */ ssl->in_msglen = i - 1; break; -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) case MBEDTLS_SSL_MSG_ACK: /* We received an ACK */ ssl->in_msgtype = MBEDTLS_SSL_MSG_ACK; @@ -2852,7 +2852,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) goto read_record_header; } -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) /* We ignore incoming ChangeCipherSpec messages */ if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) { @@ -2880,7 +2880,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "Ignoring CCS." ) ); /* Done reading this record, get ready for the next one */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->next_record_offset = mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN ) + ssl->in_msglen; @@ -3021,7 +3021,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read" ) ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) @@ -3085,14 +3085,14 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) return( MBEDTLS_ERR_SSL_WANT_READ ); } -#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) +#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) /* Post-Handshake messages, like the NewSessionTicket message, appear after the finished * message was sent */ if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "received post-handshake message" ) ); -#if defined( MBEDTLS_SSL_CLI_C ) +#if defined(MBEDTLS_SSL_CLI_C) if( ( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) && ( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) && ( ssl->in_msg[0] == MBEDTLS_SSL_HS_NEW_SESSION_TICKET ) ) { @@ -3107,7 +3107,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) #endif /* MBEDTLS_SSL_CLI_C */ } else #endif /* MBEDTLS_SSL_NEW_SESSION_TICKET */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ACK ) { /* We will not pass the Ack msg to the application. */ @@ -3174,13 +3174,13 @@ static int ssl_write_real( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { int ret; -#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) size_t max_len = mbedtls_ssl_get_max_frag_len( ssl ); if( len > max_len ) { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment larger than the ( negotiated ) " @@ -3237,7 +3237,7 @@ int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) if( ( ssl->handshake!= NULL ) && ( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_OFF ) ) #endif/* MBEDTLS_ZERO_RTT */ { diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 2867545792e9..cb94c1ccedd0 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -20,16 +20,16 @@ */ -#if !defined( MBEDTLS_CONFIG_FILE ) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#if defined( MBEDTLS_SSL_PROTO_TLS1_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) -#if defined( MBEDTLS_SSL_SRV_C ) +#if defined(MBEDTLS_SSL_SRV_C) #include "mbedtls/debug.h" #include "mbedtls/ssl.h" @@ -37,18 +37,18 @@ #include -#if defined( MBEDTLS_ECP_C ) +#if defined(MBEDTLS_ECP_C) #include "mbedtls/ecp.h" #endif /* MBEDTLS_ECP_C */ #include "mbedtls/hkdf-tls.h" #include "mbedtls/hkdf.h" -#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) +#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) #include "mbedtls/ssl_ticket.h" #endif /* MBEDTLS_SSL_NEW_SESSION_TICKET */ -#if defined( MBEDTLS_PLATFORM_C ) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include @@ -56,12 +56,12 @@ #define mbedtls_free free #endif /* MBEDTLS_PLATFORM_C */ -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) #include #endif /* MBEDTLS_HAVE_TIME */ -#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) static int ssl_write_sni_server_ext( mbedtls_ssl_context *ssl, unsigned char *buf, @@ -127,7 +127,7 @@ static int ssl_write_sni_server_ext( } KeyShare; */ -#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, unsigned char* buf, @@ -206,7 +206,7 @@ static int ssl_write_key_shares_ext( #endif /* MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C */ -#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) @@ -222,7 +222,7 @@ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); -#if defined( MBEDTLS_ECP_C ) +#if defined(MBEDTLS_ECP_C) if( mbedtls_ssl_check_curve( ssl, ssl->handshake->ecdh_ctx[ssl->handshake->ecdh_ctx_selected].grp.id ) != 0 ) #else if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || @@ -236,7 +236,7 @@ static int check_ecdh_params( const mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_ECDH_C || ( MBEDTLS_ECDSA_C */ -#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* @@ -314,7 +314,7 @@ int ssl_parse_supported_groups_ext( } #endif /* MBEDTLS_ECDH_C || ( MBEDTLS_ECDSA_C */ -#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* TODO: Code for MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED missing */ /* @@ -343,7 +343,7 @@ static int ssl_parse_key_shares_ext( unsigned char *end = ( unsigned char* )buf + len; unsigned char *start = ( unsigned char* )buf; unsigned char *old; -#if !defined( MBEDTLS_CTLS ) +#if !defined(MBEDTLS_CTLS) size_t n; unsigned int ks_entry_size; #endif /* MBEDTLS_CTLS */ @@ -365,7 +365,7 @@ static int ssl_parse_key_shares_ext( */ /* With CTLS there is only one key share */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -444,7 +444,7 @@ static int ssl_parse_key_shares_ext( goto finish_key_share_parsing; } skip_parsing_key_share_entry: -#if !defined( MBEDTLS_CTLS ) +#if !defined(MBEDTLS_CTLS) /* we jump to the next key share entry, if there is one */ ks_entry_size = ( ( old[2] << 8 ) | ( old[3] ) ); /* skip named group id + length field + key share entry length */ @@ -475,7 +475,7 @@ static int ssl_parse_key_shares_ext( } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) +#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) int mbedtls_ssl_parse_new_session_ticket_server( mbedtls_ssl_context *ssl, unsigned char *buf, @@ -570,11 +570,11 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t unsigned char binder_key[MBEDTLS_MD_MAX_SIZE]; unsigned char finished_key[MBEDTLS_MD_MAX_SIZE]; -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_context sha256; #endif /* MBEDTLS_SHA256_C */ -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_context sha512; #endif /* MBEDTLS_SHA512_C */ @@ -623,7 +623,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t if( suite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256( ( const unsigned char* )"", 0, hash, 0 ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); @@ -632,7 +632,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t } else if( suite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512( ( const unsigned char* )"", 0, hash, 1 /* for SHA384 */ ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); @@ -640,7 +640,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t #endif /* MBEDTLS_SHA512_C */ } -#if defined( MBEDTLS_SSL_PROTO_TLS1_3 ) && defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_NEW_SESSION_TICKET) if( ( ssl->handshake->resume == 1 ) || ( ssl->conf->resumption_mode == 1 ) ) { ret = Derive_Secret( ssl, mbedtls_md_get_type( md ), @@ -669,7 +669,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t if( suite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_init( &sha256 ); mbedtls_sha256_starts( &sha256, 0 /* = use SHA256 */ ); /*mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); */ @@ -685,7 +685,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t } else if( suite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); /*mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); */ @@ -731,14 +731,14 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t MBEDTLS_SSL_DEBUG_BUF( 3, "Key", finished_key, hash_length ); MBEDTLS_SSL_DEBUG_BUF( 3, "Output", computed_binder, hash_length ); -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) if( suite_info->mac == MBEDTLS_MD_SHA256 ) { mbedtls_sha256_free( &sha256 ); } else #endif /* MBEDTLS_SHA256_C */ -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) if( suite_info->mac == MBEDTLS_MD_SHA384 ) { mbedtls_sha512_free( &sha512 ); @@ -755,7 +755,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t return( ret ); } -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -766,7 +766,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, unsigned char server_computed_binder[MBEDTLS_MD_MAX_SIZE]; uint32_t obfuscated_ticket_age; mbedtls_ssl_ticket ticket; -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) time_t now; int64_t diff; #endif /* MBEDTLS_HAVE_TIME */ @@ -835,7 +835,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, goto psk_parsing_successful; } -#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) +#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) /* Check the ticket cache if previous lookup was unsuccessful */ if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ) { @@ -876,7 +876,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, * is within a small tolerance of the time since the ticket was issued. */ -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) now = time( NULL ); /* Check #1: @@ -912,7 +912,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; } -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) if( ssl->conf->early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED ) { if( diff <= MBEDTLS_SSL_EARLY_DATA_MAX_DELAY ) @@ -939,7 +939,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, /* Disable 0-RTT */ if( ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED ) { -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) if( ssl->conf->early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED ) { ssl->session_negotiate->process_early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED; @@ -1069,7 +1069,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED*/ -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* * struct { @@ -1139,7 +1139,7 @@ static int ssl_write_server_pre_shared_key_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined( MBEDTLS_SSL_COOKIE_C ) +#if defined(MBEDTLS_SSL_COOKIE_C) int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, const unsigned char *info, size_t ilen ) @@ -1159,7 +1159,7 @@ int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined( MBEDTLS_SSL_COOKIE_C ) +#if defined(MBEDTLS_SSL_COOKIE_C) void mbedtls_ssl_conf_cookies( mbedtls_ssl_config *conf, mbedtls_ssl_cookie_write_t *f_cookie_write, mbedtls_ssl_cookie_check_t *f_cookie_check, @@ -1173,7 +1173,7 @@ void mbedtls_ssl_conf_cookies( mbedtls_ssl_config *conf, } #endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined( MBEDTLS_SSL_COOKIE_C ) && defined( MBEDTLS_SSL_PROTO_TLS1_3 ) +#if defined(MBEDTLS_SSL_COOKIE_C) && defined(MBEDTLS_SSL_PROTO_TLS1_3) static int ssl_parse_cookie_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -1212,7 +1212,7 @@ static int ssl_parse_cookie_ext( mbedtls_ssl_context *ssl, -#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -1276,7 +1276,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) /* static int ssl_parse_early_data_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, @@ -1289,7 +1289,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, */ #endif /* MBEDTLS_ZERO_RTT */ -#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -1307,7 +1307,7 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* * ssl_parse_key_exchange_modes_ext( ) structure: @@ -1477,7 +1477,7 @@ static int ssl_parse_supported_versions_ext( mbedtls_ssl_context *ssl, return( 0 ); } -#if defined( MBEDTLS_SSL_ALPN ) +#if defined(MBEDTLS_SSL_ALPN) static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -1541,7 +1541,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_ALPN */ -#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) +#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) /* This function creates a NewSessionTicket message in the following format. * The ticket inside the NewSessionTicket is an encrypted container carrying * the necessary information so that the server is later able to restore the @@ -1611,7 +1611,7 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) /* Store time when ticket was created. */ ticket.start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ @@ -1622,7 +1622,7 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) ticket.key_len = hash_length; ticket.ciphersuite = ssl->transform_negotiate->ciphersuite_info->id; -#if defined( MBEDTLS_X509_CRT_PARSE_C ) +#if defined(MBEDTLS_X509_CRT_PARSE_C) /* Check whether the client provided a certificate during the exchange */ if( ssl->session->peer_cert != NULL ) ticket.peer_cert = ssl->session->peer_cert; @@ -1723,7 +1723,7 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) * Overview */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) /* Main state-handling entry point; orchestrates the other functions. */ int ssl_read_end_of_early_data_process( mbedtls_ssl_context* ssl ); @@ -1811,7 +1811,7 @@ static int ssl_read_end_of_early_data_postprocess( mbedtls_ssl_context* ssl ) * Overview */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) /* Main state-handling entry point; orchestrates the other functions. */ int ssl_read_early_data_process( mbedtls_ssl_context* ssl ); @@ -1890,7 +1890,7 @@ static int ssl_read_early_data_preprocess( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* epoch value( 1 ) is used for messages protected using keys derived * from early_traffic_secret. */ @@ -2011,7 +2011,7 @@ static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_PROC_CHK( ssl_client_hello_postprocess( ssl, ret ) ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_recv_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2030,7 +2030,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, unsigned char* buf; size_t msg_len; -#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) read_record_header: #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -2058,7 +2058,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, if( buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE ) { -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) if( buf[0] == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) { @@ -2084,7 +2084,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "Change Cipher Spec message received and ignoring it." ) ); /* Done reading this record, get ready for the next one */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->next_record_offset = msg_len + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN ); @@ -2122,7 +2122,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, /* For DTLS if this is the initial handshake, remember the client sequence * number to use it in our next message ( RFC 6347 4.2.1 ) */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* Epoch should be 0 for initial handshakes */ @@ -2134,7 +2134,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, memcpy( ssl->out_ctr + 2, ssl->in_ctr + 2, 6 ); -#if defined( MBEDTLS_SSL_DTLS_ANTI_REPLAY ) +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record, discarding" ) ); @@ -2164,7 +2164,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, } /* Done reading this record, get ready for the next one */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->next_record_offset = msg_len + mbedtls_ssl_hdr_len( ssl, MBEDTLS_SSL_DIRECTION_IN, ssl->transform_in ); @@ -2211,7 +2211,7 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* @@ -2254,15 +2254,15 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, size_t orig_msg_len, ciph_len, ext_len, ext_len_psk_ext = 0; unsigned char *orig_buf, *end = buf + buflen; unsigned char *ciph_offset; -#if defined( MBEDTLS_SSL_COOKIE_C ) && defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_COOKIE_C) && defined(MBEDTLS_SSL_PROTO_DTLS) size_t cookie_offset, cookie_len; #endif /* MBEDTLS_SSL_COOKIE_C && MBEDTLS_SSL_PROTO_DTLS */ unsigned char* p, * ext, * ext_psk_ptr = NULL; -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_context sha256; #endif /* MBEDTLS_SHA256_C */ -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_context sha512; #endif /* MBEDTLS_SHA512_C */ @@ -2310,7 +2310,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, * We ignore the version field in the ClientHello. * We use the version field in the extension. */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { buf += 1; /* skip version */ @@ -2325,7 +2325,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, /* * Save client random */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf, 16 ); @@ -2343,7 +2343,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, } -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -2378,7 +2378,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, /* * Check the cookie length and content */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { cookie_len = buf[0]; @@ -2395,7 +2395,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", buf, cookie_len ); -#if defined( MBEDTLS_SSL_DTLS_HELLO_VERIFY ) +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) if( ssl->conf->f_cookie_check != NULL ) { @@ -2451,7 +2451,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, /* skip ciphersuites for now */ buf += ciph_len; -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -2518,7 +2518,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, } switch ( ext_id ) { -#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) case MBEDTLS_TLS_EXT_SERVERNAME: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) ); ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); @@ -2531,7 +2531,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined( MBEDTLS_CID ) +#if defined(MBEDTLS_CID) case MBEDTLS_TLS_EXT_CID: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); if( ssl->conf->cid == MBEDTLS_CID_CONF_DISABLED ) @@ -2549,7 +2549,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_CID */ -#if defined( MBEDTLS_SSL_COOKIE_C ) +#if defined(MBEDTLS_SSL_COOKIE_C) case MBEDTLS_TLS_EXT_COOKIE: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found cookie extension" ) ); @@ -2567,7 +2567,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) case MBEDTLS_TLS_EXT_PRE_SHARED_KEY: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) ); /* Delay processing of the PSK identity once we have @@ -2581,7 +2581,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) case MBEDTLS_TLS_EXT_EARLY_DATA: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found early_data extension" ) ); @@ -2597,7 +2597,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_ZERO_RTT */ -#if defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) case MBEDTLS_TLS_EXT_SUPPORTED_GROUPS: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported group extension" ) ); @@ -2618,7 +2618,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) case MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found psk key exchange modes extension" ) ); @@ -2633,7 +2633,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) case MBEDTLS_TLS_EXT_KEY_SHARES: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key share extension" ) ); @@ -2667,7 +2667,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) ); @@ -2693,7 +2693,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, ssl->handshake->extensions_present += SUPPORTED_VERSION_EXTENSION; break; -#if defined( MBEDTLS_SSL_ALPN ) +#if defined(MBEDTLS_SSL_ALPN) case MBEDTLS_TLS_EXT_ALPN: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); @@ -2707,7 +2707,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, break; #endif /* MBEDTLS_SSL_ALPN */ -#if defined( MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) case MBEDTLS_TLS_EXT_SIG_ALG: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); @@ -2741,7 +2741,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, got_common_suite = 0; ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; ciphersuite_info = NULL; -#if defined( MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE ) +#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) for ( j = 0, p = ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) { for ( i = 0; ciphersuites[i] != 0; i++ ) @@ -2806,7 +2806,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SIGNATURE_ALGORITHM_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SIGNATURE_ALGORITHM_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SUPPORTED_GROUPS_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SUPPORTED_GROUPS_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "- SUPPORTED_VERSION_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & SUPPORTED_VERSION_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); -#if defined( MBEDTLS_CID ) +#if defined(MBEDTLS_CID) MBEDTLS_SSL_DEBUG_MSG( 3, ( "- CID_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & CID_EXTENSION ) > 0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_CID */ #if defined ( MBEDTLS_SSL_SERVER_NAME_INDICATION ) @@ -2821,7 +2821,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, #if defined ( MBEDTLS_SSL_COOKIE_C ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "- COOKIE_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & COOKIE_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) MBEDTLS_SSL_DEBUG_MSG( 3, ( "- EARLY_DATA_EXTENSION ( %s )", ( ( ssl->handshake->extensions_present & EARLY_DATA_EXTENSION ) >0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_ZERO_RTT*/ @@ -2830,7 +2830,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, * Additionally, we need to consider the ZeroRTT exchange as well. */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) /* * 0 ) Zero-RTT Exchange / Early Data * It requires early_data extension, at least key_exchange_modes and the pre_shared_key extension @@ -2980,12 +2980,12 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, end_client_hello: -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) mbedtls_ssl_recv_flight_completed( ssl ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_SSL_COOKIE_C ) +#if defined(MBEDTLS_SSL_COOKIE_C) /* If we failed to see a cookie extension, and we required it through the * configuration settings ( rr_config ), then we need to send a HRR msg. * Conceptually, this is similiar to having received a cookie that failed @@ -3032,7 +3032,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA256 ) { -#if defined( MBEDTLS_SHA256_C ) +#if defined(MBEDTLS_SHA256_C) mbedtls_sha256_init( &sha256 ); mbedtls_sha256_starts( &sha256, 0 /* = use SHA256 */ ); mbedtls_sha256_update( &sha256, orig_buf, orig_msg_len ); /* hash ClientHello message */ @@ -3045,7 +3045,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, } else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 1 /* = use SHA384 */ ); mbedtls_sha512_update( &sha512, orig_buf, orig_msg_len ); /* hash ClientHello message */ @@ -3058,7 +3058,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl, } else if( ssl->transform_negotiate->ciphersuite_info->mac == MBEDTLS_MD_SHA512 ) { -#if defined( MBEDTLS_SHA512_C ) +#if defined(MBEDTLS_SHA512_C) mbedtls_sha512_init( &sha512 ); mbedtls_sha512_starts( &sha512, 0 /* = use SHA512 */ ); mbedtls_sha512_update( &sha512, orig_buf, orig_msg_len ); /* hash ClientHello message */ @@ -3091,7 +3091,7 @@ static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl, int ret ) { } -#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) @@ -3120,7 +3120,7 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, -#if defined( MBEDTLS_SSL_ALPN ) +#if defined(MBEDTLS_SSL_ALPN) static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { @@ -3237,7 +3237,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* Remember current sequence number / epoch settings for resending */ @@ -3268,7 +3268,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) */ MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { /* Remember current sequence number / epoch settings for resending */ @@ -3301,7 +3301,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) /* Set sequence number used at the handshake header to zero */ memset( ssl->transform_out->sequence_number_enc, 0x0, 12 ); -#if defined( MBEDTLS_SSL_HW_RECORD_ACCEL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_activate != NULL ) { if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) @@ -3311,7 +3311,7 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) } } #endif -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* epoch value ( 2 ) is used for messages protected * using keys derived from the handshake_traffic_secret. */ @@ -3355,7 +3355,7 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, /* Skip extension length; first write extensions, then update length */ p += 2; -#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) if( ssl->handshake->extensions_present & SERVERNAME_EXTENSION ) { ret=ssl_write_sni_server_ext( ssl, p, end - p, &n ); @@ -3366,7 +3366,7 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined( MBEDTLS_SSL_ALPN ) +#if defined(MBEDTLS_SSL_ALPN) if( ssl->handshake->extensions_present & ALPN_EXTENSION ) { ret = ssl_write_alpn_ext( ssl, p, end - p, &n ); @@ -3374,7 +3374,7 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_SSL_ALPN */ -#if defined( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) if( ssl->handshake->extensions_present & MAX_FRAGMENT_LENGTH_EXTENSION ) { ret=ssl_write_max_fragment_length_ext( ssl, p, end - p, &n ); @@ -3385,7 +3385,7 @@ static int ssl_encrypted_extensions_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) if( ssl->handshake->extensions_present & EARLY_DATA_EXTENSION ) { ret = ssl_write_early_data_ext( ssl, p, (size_t)( end - p ), &n ); @@ -3430,7 +3430,7 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) unsigned char *extension_start; const char magic_hrr_string[32] = { 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33 ,0x9C }; -#if defined( MBEDTLS_ECDH_C ) +#if defined(MBEDTLS_ECDH_C) const mbedtls_ecp_group_id *gid; const mbedtls_ecp_curve_info **curve = NULL; #endif /* MBEDTLS_ECDH_C */ @@ -3458,11 +3458,11 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) * * In cTLS the version number is elided. */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { *p++ = 0xfe; /* 254 */ @@ -3512,7 +3512,7 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) /* Extension starts with a 2 byte length field; we skip it and write it later */ p += 2; -#if defined( MBEDTLS_SSL_COOKIE_C ) +#if defined(MBEDTLS_SSL_COOKIE_C) /* Cookie Extension * @@ -3558,7 +3558,7 @@ static int ssl_write_hello_retry_request( mbedtls_ssl_context *ssl ) total_ext_len += ext_length + 4 /* 2 bytes for extension_type and 2 bytes for length field */; #endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined( MBEDTLS_ECDH_C ) +#if defined(MBEDTLS_ECDH_C) /* key_share Extension * @@ -3721,7 +3721,7 @@ static int ssl_server_hello_prepare( mbedtls_ssl_context* ssl ) { int ret; -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { @@ -3739,7 +3739,7 @@ static int ssl_server_hello_prepare( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", ssl->handshake->randbytes + 32, 32 ); } -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ @@ -3774,7 +3774,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, unsigned char* start = buf; unsigned char* end = buf + buflen; -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { rand_bytes_len = MBEDTLS_CTLS_RANDOM_MAX_LENGTH; @@ -3803,7 +3803,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, * The header is set by ssl_write_record. * For DTLS 1.3 the other fields are adjusted. */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_USE ) { buf++; /* skip handshake type */ @@ -3817,11 +3817,11 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, /* Version */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) { #endif /* MBEDTLS_CTLS */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { *buf++ = (unsigned char) 0xfe; @@ -3836,7 +3836,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [0x3:0x3]" ) ); } buflen -= 2; -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) } #endif /* MBEDTLS_CTLS */ @@ -3847,12 +3847,12 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, buf += rand_bytes_len; buflen -= rand_bytes_len; -#if defined( MBEDTLS_HAVE_TIME ) +#if defined(MBEDTLS_HAVE_TIME) ssl->session_negotiate->start = time( NULL ); #endif /* MBEDTLS_HAVE_TIME */ /* Write legacy session id */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -3871,7 +3871,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, buflen -= 2; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s ( id=%d )", mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ), ssl->session_negotiate->ciphersuite ) ); -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -3885,7 +3885,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, total_ext_len = 0; buf += 2; -#if defined( MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* Only add the pre_shared_key extension if the client provided it in the ClientHello * and if the key exchange supports PSK */ @@ -3899,7 +3899,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) /* Only add the key_share extension if the client provided it in the ClientHello * and if the appropriate key exchange mechanism was selected */ @@ -3931,7 +3931,7 @@ static int ssl_server_hello_write( mbedtls_ssl_context* ssl, buf += cur_ext_len; } -#if defined( MBEDTLS_CID ) +#if defined(MBEDTLS_CID) if( ssl->handshake->extensions_present & CID_EXTENSION ) { if( ( ret = ssl_write_cid_ext( ssl, buf, end, &cur_ext_len ) ) != 0 ) @@ -3988,7 +3988,7 @@ static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ); #define SSL_CERTIFICATE_REQUEST_SEND 0 #define SSL_CERTIFICATE_REQUEST_SKIP 1 static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ); -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, @@ -4009,7 +4009,7 @@ static int ssl_certificate_request_process( mbedtls_ssl_context* ssl ) /* Coordination step: Check if we need to send a CertificateRequest */ MBEDTLS_SSL_PROC_CHK( ssl_certificate_request_coordinate( ssl ) ); -#if defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) if( ret == SSL_CERTIFICATE_REQUEST_SEND ) { /* Make sure we can write a new message. */ @@ -4072,13 +4072,13 @@ static int ssl_certificate_request_coordinate( mbedtls_ssl_context* ssl ) ssl->session_negotiate->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) ) return( SSL_CERTIFICATE_REQUEST_SKIP ); -#if !defined( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) +#if !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ( ( void )authmode ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); #else -#if defined( MBEDTLS_SSL_SERVER_NAME_INDICATION ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) authmode = ssl->handshake->sni_authmode; else @@ -4137,7 +4137,7 @@ static int ssl_certificate_request_write( mbedtls_ssl_context* ssl, * messages. For post-authentication handshake messages * this request context would be set to a non-zero value. */ -#if defined( MBEDTLS_CTLS ) +#if defined(MBEDTLS_CTLS) if( ssl->handshake->ctls == MBEDTLS_CTLS_DO_NOT_USE ) #endif /* MBEDTLS_CTLS */ { @@ -4188,7 +4188,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) return( ret ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) { @@ -4202,13 +4202,13 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) case MBEDTLS_SSL_HELLO_REQUEST: ssl->handshake->hello_retry_requests_sent = 0; mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* epoch value ( 0 ) is used with unencrypted messages */ ssl->out_epoch = 0; ssl->in_epoch = 0; #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) ssl->handshake->ccs_sent = 0; #endif /* MBEDTLS_COMPATIBILITY_MODE */ @@ -4219,7 +4219,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) case MBEDTLS_SSL_CLIENT_HELLO: /* Reset pointers to buffers */ -#if defined( MBEDTLS_SSL_PROTO_DTLS ) && defined( MBEDTLS_CID ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_CID) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { ssl->out_hdr = ssl->out_buf; @@ -4241,7 +4241,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) /*ret = MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE; // for testing purposes */ switch ( ret ) { case 0: -#if defined( MBEDTLS_SSL_COOKIE_C ) && defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_COOKIE_C) && defined(MBEDTLS_SSL_PROTO_DTLS) /* If we use DTLS 1.3 then we may need to send a HRR instead of a ClientHello * to do a return-routability check. We use the ssl->conf->rr_config * variable for determining the preference to use the RR-check. @@ -4255,7 +4255,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) else #endif /* MBEDTLS_SSL_COOKIE_C && MBEDTLS_SSL_PROTO_DTLS */ { -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_EARLY_APP_DATA ); @@ -4267,7 +4267,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) } } break; -#if ( defined( MBEDTLS_ECDH_C ) || defined( MBEDTLS_ECDSA_C ) ) +#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) case MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE: /* Wrong key share --> send HRR */ mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST ); @@ -4288,7 +4288,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) case MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE: mbedtls_ssl_send_fatal_handshake_failure( ssl ); break; -#if defined( MBEDTLS_SSL_COOKIE_C ) +#if defined(MBEDTLS_SSL_COOKIE_C) case MBEDTLS_ERR_SSL_BAD_HS_COOKIE_EXT: /* Cookie verification failed. This case is conceptually similar * to MBEDTLS_ERR_SSL_BAD_HS_WRONG_KEY_SHARE with the exception @@ -4317,7 +4317,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) case MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE: return ( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); break; -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) case MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO_CCS: mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); ret = 0; @@ -4332,7 +4332,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) break; /* ----- WRITE EARLY APP DATA ----*/ -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) case MBEDTLS_SSL_EARLY_APP_DATA: ret = ssl_read_early_data_process( ssl ); @@ -4364,7 +4364,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) } ssl->handshake->hello_retry_requests_sent++; -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CCS_AFTER_HRR ); #else mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); @@ -4373,7 +4373,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) /* ----- WRITE CHANGE CIPHER SPEC ----*/ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) case MBEDTLS_SSL_SERVER_CCS_AFTER_HRR: ret = mbedtls_ssl_write_change_cipher_spec( ssl ); @@ -4426,7 +4426,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) return ( ret ); } -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) if( ssl->handshake->ccs_sent > 1 ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO ); @@ -4443,7 +4443,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) /* ----- WRITE CHANGE CIPHER SPEC ----*/ -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) case MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO: /* Only transmit the CCS if we have not done so @@ -4453,7 +4453,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) ret = mbedtls_ssl_write_change_cipher_spec( ssl ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); -#if defined( MBEDTLS_COMPATIBILITY_MODE ) +#if defined(MBEDTLS_COMPATIBILITY_MODE) ssl->handshake->ccs_sent++; #endif /* MBEDTLS_COMPATIBILITY_MODE */ @@ -4543,7 +4543,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) break; -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) case MBEDTLS_SSL_EARLY_DATA: @@ -4559,7 +4559,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) /* ----- READ FINISHED ----*/ case MBEDTLS_SSL_CLIENT_FINISHED: -#if defined( MBEDTLS_ZERO_RTT ) +#if defined(MBEDTLS_ZERO_RTT) if( ssl->handshake->early_data == MBEDTLS_SSL_EARLY_DATA_ON ) { ret = mbedtls_ssl_key_derivation( ssl, &traffic_keys ); @@ -4607,7 +4607,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) return ( ret ); } -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) /* epoch value ( 3 ) is used for payloads protected * using keys derived from the initial traffic_secret_0. */ @@ -4621,7 +4621,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP ); break; -#if defined( MBEDTLS_SSL_PROTO_DTLS ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) case MBEDTLS_SSL_HANDSHAKE_FINISH_ACK: /* The server needs to reply with an ACK message after parsing * the Finish message from the client. @@ -4641,7 +4641,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) mbedtls_ssl_handshake_wrapup( ssl ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_OVER ); -#if defined( MBEDTLS_SSL_NEW_SESSION_TICKET ) +#if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) ret = ssl_write_new_session_ticket( ssl ); if( ret != 0 ) { From 8e37da8a60af12f3fa0d7178439173246023aa2c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:35:05 +0000 Subject: [PATCH 11/13] Replace `( C )` -> `(C)` copyright indicator in TLS 1.3 source files --- library/ssl_tls13_client.c | 2 +- library/ssl_tls13_generic.c | 2 +- library/ssl_tls13_messaging.c | 2 +- library/ssl_tls13_server.c | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 23cc7fc070e2..0921004d0b59 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1,7 +1,7 @@ /* * TLS 1.3 client-side functions * - * Copyright ( C ) 2006-2015, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 ( the "License" ); you may diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index e6f6d1576ac5..8618dd56a523 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -2,7 +2,7 @@ * Handshake-related functions shared between the TLS/DTLS client * and server ( ssl_tls13_client.c and ssl_tls13_server.c ). * - * Copyright ( C ) 2006-2015, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 ( the "License" ); you may diff --git a/library/ssl_tls13_messaging.c b/library/ssl_tls13_messaging.c index edba336171ee..d82937ef5e3e 100644 --- a/library/ssl_tls13_messaging.c +++ b/library/ssl_tls13_messaging.c @@ -1,7 +1,7 @@ /* * Messaging layer for use with TLS/DTLS 1.3 * - * Copyright ( C ) 2006-2015, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 ( the "License" ); you may diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index cb94c1ccedd0..58a9432ac901 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1,7 +1,7 @@ /* * TLSv1.3 server-side functions * -* Copyright ( C ) 2006-2015, ARM Limited, All Rights Reserved +* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 ( the "License" ); you may From 2537a388ba182812b2729b9d0fc1b1a2edca8774 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:40:02 +0000 Subject: [PATCH 12/13] Fix bracketing style in remaining explicit casts in TLS 1.3 sources --- library/ssl_tls13_client.c | 6 +++--- library/ssl_tls13_generic.c | 38 ++++++++++++++++++------------------- library/ssl_tls13_server.c | 22 ++++++++++----------- 3 files changed, 33 insertions(+), 33 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 0921004d0b59..aa2ace65e7e9 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2104,8 +2104,8 @@ static int ssl_parse_key_shares_ext( mbedtls_ssl_context *ssl, size_t len ) { int ret = 0; - unsigned char *end = ( unsigned char* )buf + len; - unsigned char *start = ( unsigned char* )buf; + unsigned char *end = (unsigned char*)buf + len; + unsigned char *start = (unsigned char*)buf; int named_group; int i; const mbedtls_ecp_curve_info *curve_info; @@ -2443,7 +2443,7 @@ static int ssl_certificate_request_parse( mbedtls_ssl_context* ssl, /* skip total extension length */ p += 2; - ext = ( unsigned char* )p; /* jump to extensions */ + ext = (unsigned char*)p; /* jump to extensions */ while ( ext_len ) { diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 8618dd56a523..cc81ae219608 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -213,7 +213,7 @@ static int ssl_calc_finished_tls_sha256( */ /* create client finished_key */ - ret = hkdfExpandLabel( MBEDTLS_MD_SHA256, ssl->handshake->client_handshake_traffic_secret, 32, ( const unsigned char* )"finished", strlen( "finished" ), ( const unsigned char* )"", 0, 32, ssl->handshake->client_finished_key, 32 ); + ret = hkdfExpandLabel( MBEDTLS_MD_SHA256, ssl->handshake->client_handshake_traffic_secret, 32, (const unsigned char*)"finished", strlen( "finished" ), (const unsigned char*)"", 0, 32, ssl->handshake->client_finished_key, 32 ); if( ret != 0 ) { @@ -224,7 +224,7 @@ static int ssl_calc_finished_tls_sha256( MBEDTLS_SSL_DEBUG_BUF( 3, "client_finished_key", ssl->handshake->client_finished_key, 32 ); /* create server finished_key */ - ret = hkdfExpandLabel( MBEDTLS_MD_SHA256, ssl->handshake->server_handshake_traffic_secret, 32, ( const unsigned char* )"finished", strlen( "finished" ), ( const unsigned char* )"", 0, 32, ssl->handshake->server_finished_key, 32 ); + ret = hkdfExpandLabel( MBEDTLS_MD_SHA256, ssl->handshake->server_handshake_traffic_secret, 32, (const unsigned char*)"finished", strlen( "finished" ), (const unsigned char*)"", 0, 32, ssl->handshake->server_finished_key, 32 ); if( ret != 0 ) { @@ -329,7 +329,7 @@ static int ssl_calc_finished_tls_sha384( MBEDTLS_SSL_DEBUG_BUF( 5, "handshake hash", padbuf, 48 ); /* create client finished_key */ - ret = hkdfExpandLabel( MBEDTLS_MD_SHA384, ssl->handshake->client_handshake_traffic_secret, 48, ( const unsigned char* )"finished", strlen( "finished" ), ( const unsigned char* )"", 0, 48, ssl->handshake->client_finished_key, 48 ); + ret = hkdfExpandLabel( MBEDTLS_MD_SHA384, ssl->handshake->client_handshake_traffic_secret, 48, (const unsigned char*)"finished", strlen( "finished" ), (const unsigned char*)"", 0, 48, ssl->handshake->client_finished_key, 48 ); if( ret != 0 ) { @@ -340,7 +340,7 @@ static int ssl_calc_finished_tls_sha384( MBEDTLS_SSL_DEBUG_BUF( 3, "client_finished_key", ssl->handshake->client_finished_key, 48 ); /* create server finished_key */ - ret = hkdfExpandLabel( MBEDTLS_MD_SHA384, ssl->handshake->server_handshake_traffic_secret, 48, ( const unsigned char* )"finished", strlen( "finished" ), ( const unsigned char* )"", 0, 48, ssl->handshake->server_finished_key, 48 ); + ret = hkdfExpandLabel( MBEDTLS_MD_SHA384, ssl->handshake->server_handshake_traffic_secret, 48, (const unsigned char*)"finished", strlen( "finished" ), (const unsigned char*)"", 0, 48, ssl->handshake->server_finished_key, 48 ); if( ret != 0 ) { @@ -907,8 +907,8 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k */ ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), - ( const unsigned char* ) ssl->handshake->handshake_secret, ( int ) mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* ) "c hs traffic", strlen( "c hs traffic" ), + (const unsigned char*) ssl->handshake->handshake_secret, ( int ) mbedtls_hash_size_for_ciphersuite( suite_info ), + (const unsigned char*) "c hs traffic", strlen( "c hs traffic" ), ( const unsigned char * ) hash, ( int ) mbedtls_hash_size_for_ciphersuite( suite_info ), ( unsigned char * ) ssl->handshake->client_handshake_traffic_secret, ( int ) mbedtls_hash_size_for_ciphersuite( suite_info ) ); @@ -930,7 +930,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), ssl->handshake->handshake_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* ) "s hs traffic", strlen( "s hs traffic" ), + (const unsigned char*) "s hs traffic", strlen( "s hs traffic" ), hash, mbedtls_hash_size_for_ciphersuite( suite_info ), ssl->handshake->server_handshake_traffic_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); @@ -952,7 +952,7 @@ int mbedtls_ssl_derive_traffic_keys( mbedtls_ssl_context *ssl, KeySet *traffic_k ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* )"exp master", strlen( "exp master" ), + (const unsigned char*)"exp master", strlen( "exp master" ), hash, mbedtls_hash_size_for_ciphersuite( suite_info ), ssl->handshake->exporter_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); @@ -1330,7 +1330,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { if( hash_size == 32 ) { #if defined(MBEDTLS_SHA256_C) - padbuf = ( unsigned char* ) NULL_HASH_SHA256; + padbuf = (unsigned char*) NULL_HASH_SHA256; #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA256_C not set but ciphersuite with SHA256 negotiated" ) ); if( psk_allocated == 1 ) mbedtls_free( psk ); @@ -1340,7 +1340,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { if( hash_size == 48 ) { #if defined(MBEDTLS_SHA512_C) - padbuf = ( unsigned char* ) NULL_HASH_SHA384; + padbuf = (unsigned char*) NULL_HASH_SHA384; #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA512_C not set but ciphersuite with SHA384 negotiated" ) ); if( psk_allocated == 1 ) mbedtls_free( psk ); @@ -1379,7 +1379,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { /* if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 32 ) { #if defined(MBEDTLS_SHA256_C) - mbedtls_sha256( ( const unsigned char* ) "", 0, padbuf, 0 ); + mbedtls_sha256( (const unsigned char*) "", 0, padbuf, 0 ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA256_C not set but ciphersuite with SHA256 negotiated" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -1388,7 +1388,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { if( mbedtls_hash_size_for_ciphersuite( suite_info ) == 48 ) { #if defined(MBEDTLS_SHA512_C) - mbedtls_sha512( ( const unsigned char* ) "", 0, padbuf, 1 ); + mbedtls_sha512( (const unsigned char*) "", 0, padbuf, 1 ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "MBEDTLS_SHA512_C not set but ciphersuite with SHA384 negotiated" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -1398,7 +1398,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { ret = Derive_Secret( ssl, ssl->transform_in->ciphersuite_info->mac, ssl->handshake->early_secret, hash_size, - ( const unsigned char* )"derived", strlen( "derived" ), + (const unsigned char*)"derived", strlen( "derived" ), padbuf, hash_size, intermediary_secret, hash_size ); @@ -1467,7 +1467,7 @@ int mbedtls_ssl_derive_master_secret( mbedtls_ssl_context *ssl ) { ret = Derive_Secret( ssl, ssl->transform_in->ciphersuite_info->mac, ssl->handshake->handshake_secret, hash_size, - ( const unsigned char* )"derived", strlen( "derived" ), + (const unsigned char*)"derived", strlen( "derived" ), padbuf, hash_size, intermediary_secret, hash_size ); @@ -2891,7 +2891,7 @@ int mbedtls_ssl_generate_resumption_master_secret( mbedtls_ssl_context *ssl ) { ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* )"res master", strlen( "res master" ), + (const unsigned char*)"res master", strlen( "res master" ), hash, mbedtls_hash_size_for_ciphersuite( suite_info ), ssl->session_negotiate->resumption_master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); @@ -3012,7 +3012,7 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* )"c ap traffic", strlen( "c ap traffic" ), + (const unsigned char*)"c ap traffic", strlen( "c ap traffic" ), padbuf, mbedtls_hash_size_for_ciphersuite( suite_info ), ssl->handshake->client_traffic_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); @@ -3033,7 +3033,7 @@ int mbedtls_ssl_generate_application_traffic_keys( mbedtls_ssl_context *ssl, Key ret = Derive_Secret( ssl, mbedtls_md_get_type( md_info ), ssl->handshake->master_secret, mbedtls_hash_size_for_ciphersuite( suite_info ), - ( const unsigned char* )"s ap traffic", strlen( "s ap traffic" ), + (const unsigned char*)"s ap traffic", strlen( "s ap traffic" ), padbuf, mbedtls_hash_size_for_ciphersuite( suite_info ), ssl->handshake->server_traffic_secret, mbedtls_hash_size_for_ciphersuite( suite_info ) ); @@ -3437,7 +3437,7 @@ int mbedtls_ssl_early_data_key_derivation( mbedtls_ssl_context *ssl, KeySet *tra /* Create client_early_traffic_secret */ ret = Derive_Secret( ssl, mbedtls_md_get_type( md ), ssl->handshake->early_secret, hash_length, - ( const unsigned char* )"c e traffic", strlen( "c e traffic" ), + (const unsigned char*)"c e traffic", strlen( "c e traffic" ), padbuf, hash_length, ssl->handshake->client_early_traffic_secret, hash_length ); MBEDTLS_SSL_DEBUG_BUF( 5, "early_secret", ssl->handshake->early_secret, hash_length ); @@ -4069,7 +4069,7 @@ int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) ticket_nonce_len = msg[8]; MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket->nonce_length: %d", ticket_nonce_len ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "ticket->nonce:", ( unsigned char* )&msg[9], ticket_nonce_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "ticket->nonce:", (unsigned char*)&msg[9], ticket_nonce_len ); /* Check if we previously received a ticket already. If we did, then we should * re-use already allocated nonce-space. diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 58a9432ac901..bf5e29ef3297 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -340,8 +340,8 @@ static int ssl_parse_key_shares_ext( size_t len ) { int ret = 0, final_ret = 0, extensions_available = 1; - unsigned char *end = ( unsigned char* )buf + len; - unsigned char *start = ( unsigned char* )buf; + unsigned char *end = (unsigned char*)buf + len; + unsigned char *start = (unsigned char*)buf; unsigned char *old; #if !defined(MBEDTLS_CTLS) size_t n; @@ -624,7 +624,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t if( suite_info->mac == MBEDTLS_MD_SHA256 ) { #if defined(MBEDTLS_SHA256_C) - mbedtls_sha256( ( const unsigned char* )"", 0, hash, 0 ); + mbedtls_sha256( (const unsigned char*)"", 0, hash, 0 ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -633,7 +633,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t else if( suite_info->mac == MBEDTLS_MD_SHA384 ) { #if defined(MBEDTLS_SHA512_C) - mbedtls_sha512( ( const unsigned char* )"", 0, hash, 1 /* for SHA384 */ ); + mbedtls_sha512( (const unsigned char*)"", 0, hash, 1 /* for SHA384 */ ); #else MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_ssl_derive_master_secret: Unknow hash function." ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -645,7 +645,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t { ret = Derive_Secret( ssl, mbedtls_md_get_type( md ), ssl->handshake->early_secret, hash_length, - ( const unsigned char* )"res binder", strlen( "res binder" ), + (const unsigned char*)"res binder", strlen( "res binder" ), hash, hash_length, binder_key, hash_length ); MBEDTLS_SSL_DEBUG_MSG( 5, ( "Derive Early Secret with 'res binder'" ) ); } @@ -654,7 +654,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t { ret = Derive_Secret( ssl, mbedtls_md_get_type( md ), ssl->handshake->early_secret, hash_length, - ( const unsigned char* )"ext binder", strlen( "ext binder" ), + (const unsigned char*)"ext binder", strlen( "ext binder" ), hash, hash_length, binder_key, hash_length ); MBEDTLS_SSL_DEBUG_MSG( 5, ( "Derive Early Secret with 'ext binder'" ) ); } @@ -707,7 +707,7 @@ static int ssl_calc_binder( mbedtls_ssl_context *ssl, unsigned char *psk, size_t * but with the BaseKey being the binder_key. */ - ret = hkdfExpandLabel( suite_info->mac, binder_key, hash_length, ( const unsigned char* )"finished", strlen( "finished" ), ( const unsigned char* )"", 0, hash_length, finished_key, hash_length ); + ret = hkdfExpandLabel( suite_info->mac, binder_key, hash_length, (const unsigned char*)"finished", strlen( "finished" ), (const unsigned char*)"", 0, hash_length, finished_key, hash_length ); if( ret != 0 ) { @@ -996,7 +996,7 @@ int ssl_parse_client_psk_identity_ext( mbedtls_ssl_context *ssl, /* Store this pointer since we need it to compute * the psk binder. */ - truncated_clienthello_end = ( unsigned char* ) buf; + truncated_clienthello_end = (unsigned char*) buf; /* read length of psk binder array */ item_array_length = ( buf[0] << 8 ) | buf[1]; @@ -1088,7 +1088,7 @@ static int ssl_write_server_pre_shared_key_ext( mbedtls_ssl_context *ssl, unsigned char* end, size_t* olen ) { - unsigned char *p = ( unsigned char* )buf; + unsigned char *p = (unsigned char*)buf; size_t selected_identity; int ret=0; @@ -1596,7 +1596,7 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_NEW_SESSION_TICKET; - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ( unsigned char* ) &ticket.ticket_age_add, 4 ) ) != 0 ) + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, (unsigned char*) &ticket.ticket_age_add, 4 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "Generating the ticket_age_add failed", ret ); return( ret ); @@ -1911,7 +1911,7 @@ static int ssl_read_early_data_parse( mbedtls_ssl_context* ssl, /* copy data to staging area */ memcpy( ssl->conf->early_data_buf, buf, buflen ); /* execute callback to process application data */ - ssl->conf->early_data_callback( ssl, ( unsigned char* )ssl->conf->early_data_buf, buflen ); + ssl->conf->early_data_callback( ssl, (unsigned char*)ssl->conf->early_data_buf, buflen ); } else { From 574876ece519693ac98aaa9cfdb5b26d64ab7f6d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 23 Mar 2020 09:45:02 +0000 Subject: [PATCH 13/13] Fix comment-in-comment warning in ssl_tls13_server.c --- library/ssl_tls13_server.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index bf5e29ef3297..9c96c0090919 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3278,25 +3278,26 @@ static int ssl_encrypted_extensions_prepare( mbedtls_ssl_context* ssl ) /* Set sequence_number of record layer to zero */ memset( ssl->out_ctr + 2, 0, 6 ); + /* TODO: Why is this commented out? Check! */ /* unsigned char i; - /* Increment epoch */ - for ( i = 2; i > 0; i-- ) - if( ++ssl->out_ctr[i - 1] != 0 ) - break; + for ( i = 2; i > 0; i-- ) + if( ++ssl->out_ctr[i - 1] != 0 ) + break; - /* The loop goes to its end iff the counter is wrapping */ - if( i == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); - } + if( i == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); + return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + } */ - } + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ + { memset( ssl->out_ctr, 0, 8 ); + } /* Set sequence number used at the handshake header to zero */ memset( ssl->transform_out->sequence_number_enc, 0x0, 12 );