mirror of
https://github.com/espressif/mbedtls.git
synced 2025-05-10 12:02:28 +08:00
Handle errors from functions that now return int
A few functions were changed from returning void to returning int three commits ago. Make sure their callers check the return values. This commits was basically a matter of declaring newly-int-returning functions MBEDTLS_CHECK_RETURN_CRITICAL and then fixing the resulting warnings. A few functions had to be made int in the process; they were applied the same process as well. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
parent
d7a7a23308
commit
b8b07aa24a
@ -945,16 +945,29 @@ int mbedtls_ssl_write_client_hello(mbedtls_ssl_context *ssl)
|
|||||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_DTLS */
|
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_DTLS */
|
||||||
{
|
{
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_hdr_to_checksum(ssl, MBEDTLS_SSL_HS_CLIENT_HELLO,
|
ret = mbedtls_ssl_add_hs_hdr_to_checksum(ssl,
|
||||||
msg_len);
|
MBEDTLS_SSL_HS_CLIENT_HELLO,
|
||||||
ssl->handshake->update_checksum(ssl, buf, msg_len - binders_len);
|
msg_len);
|
||||||
|
if (ret != 0) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_add_hs_hdr_to_checksum", ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
ret = ssl->handshake->update_checksum(ssl, buf, msg_len - binders_len);
|
||||||
|
if (ret != 0) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
||||||
if (binders_len > 0) {
|
if (binders_len > 0) {
|
||||||
MBEDTLS_SSL_PROC_CHK(
|
MBEDTLS_SSL_PROC_CHK(
|
||||||
mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext(
|
mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext(
|
||||||
ssl, buf + msg_len - binders_len, buf + msg_len));
|
ssl, buf + msg_len - binders_len, buf + msg_len));
|
||||||
ssl->handshake->update_checksum(ssl, buf + msg_len - binders_len,
|
ret = ssl->handshake->update_checksum(ssl, buf + msg_len - binders_len,
|
||||||
binders_len);
|
binders_len);
|
||||||
|
if (ret != 0) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
|
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
|
||||||
|
|
||||||
|
|||||||
@ -705,8 +705,11 @@ struct mbedtls_ssl_handshake_params {
|
|||||||
|
|
||||||
mbedtls_ssl_ciphersuite_t const *ciphersuite_info;
|
mbedtls_ssl_ciphersuite_t const *ciphersuite_info;
|
||||||
|
|
||||||
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
int (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
|
int (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
|
||||||
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
int (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *);
|
int (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *);
|
||||||
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
int (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int);
|
int (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int);
|
||||||
mbedtls_ssl_tls_prf_cb *tls_prf;
|
mbedtls_ssl_tls_prf_cb *tls_prf;
|
||||||
|
|
||||||
@ -1317,6 +1320,7 @@ static inline void mbedtls_ssl_handshake_set_state(mbedtls_ssl_context *ssl,
|
|||||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl);
|
int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl);
|
||||||
|
|
||||||
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl);
|
int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl);
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
@ -1328,7 +1332,8 @@ MBEDTLS_CHECK_RETURN_CRITICAL
|
|||||||
int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl);
|
int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl);
|
||||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl);
|
int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl);
|
||||||
void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl);
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
|
int mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Update record layer
|
* \brief Update record layer
|
||||||
@ -1461,12 +1466,14 @@ void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl,
|
|||||||
/*
|
/*
|
||||||
* Update checksum of handshake messages.
|
* Update checksum of handshake messages.
|
||||||
*/
|
*/
|
||||||
void mbedtls_ssl_add_hs_msg_to_checksum(mbedtls_ssl_context *ssl,
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
|
int mbedtls_ssl_add_hs_msg_to_checksum(mbedtls_ssl_context *ssl,
|
||||||
unsigned hs_type,
|
unsigned hs_type,
|
||||||
unsigned char const *msg,
|
unsigned char const *msg,
|
||||||
size_t msg_len);
|
size_t msg_len);
|
||||||
|
|
||||||
void mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl,
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
|
int mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl,
|
||||||
unsigned hs_type,
|
unsigned hs_type,
|
||||||
size_t total_hs_len);
|
size_t total_hs_len);
|
||||||
|
|
||||||
|
|||||||
@ -2639,7 +2639,12 @@ int mbedtls_ssl_write_handshake_msg_ext(mbedtls_ssl_context *ssl,
|
|||||||
|
|
||||||
/* Update running hashes of handshake messages seen */
|
/* Update running hashes of handshake messages seen */
|
||||||
if (hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST && update_checksum != 0) {
|
if (hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST && update_checksum != 0) {
|
||||||
ssl->handshake->update_checksum(ssl, ssl->out_msg, ssl->out_msglen);
|
ret = ssl->handshake->update_checksum(ssl, ssl->out_msg,
|
||||||
|
ssl->out_msglen);
|
||||||
|
if (ret != 0) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -3067,12 +3072,17 @@ int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl)
|
int mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl)
|
||||||
{
|
{
|
||||||
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
mbedtls_ssl_handshake_params * const hs = ssl->handshake;
|
mbedtls_ssl_handshake_params * const hs = ssl->handshake;
|
||||||
|
|
||||||
if (mbedtls_ssl_is_handshake_over(ssl) == 0 && hs != NULL) {
|
if (mbedtls_ssl_is_handshake_over(ssl) == 0 && hs != NULL) {
|
||||||
ssl->handshake->update_checksum(ssl, ssl->in_msg, ssl->in_hslen);
|
ret = ssl->handshake->update_checksum(ssl, ssl->in_msg, ssl->in_hslen);
|
||||||
|
if (ret != 0) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Handshake message is complete, increment counter */
|
/* Handshake message is complete, increment counter */
|
||||||
@ -3103,6 +3113,7 @@ void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl)
|
|||||||
memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer));
|
memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer));
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -3928,7 +3939,11 @@ int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl,
|
|||||||
|
|
||||||
if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
|
if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
|
||||||
update_hs_digest == 1) {
|
update_hs_digest == 1) {
|
||||||
mbedtls_ssl_update_handshake_status(ssl);
|
ret = mbedtls_ssl_update_handshake_status(ssl);
|
||||||
|
if (0 != ret) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_update_handshake_status"), ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
MBEDTLS_SSL_DEBUG_MSG(2, ("reuse previously read message"));
|
MBEDTLS_SSL_DEBUG_MSG(2, ("reuse previously read message"));
|
||||||
|
|||||||
@ -788,7 +788,7 @@ void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl,
|
int mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl,
|
||||||
unsigned hs_type,
|
unsigned hs_type,
|
||||||
size_t total_hs_len)
|
size_t total_hs_len)
|
||||||
{
|
{
|
||||||
@ -800,16 +800,19 @@ void mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl,
|
|||||||
hs_hdr[2] = MBEDTLS_BYTE_1(total_hs_len);
|
hs_hdr[2] = MBEDTLS_BYTE_1(total_hs_len);
|
||||||
hs_hdr[3] = MBEDTLS_BYTE_0(total_hs_len);
|
hs_hdr[3] = MBEDTLS_BYTE_0(total_hs_len);
|
||||||
|
|
||||||
ssl->handshake->update_checksum(ssl, hs_hdr, sizeof(hs_hdr));
|
return ssl->handshake->update_checksum(ssl, hs_hdr, sizeof(hs_hdr));
|
||||||
}
|
}
|
||||||
|
|
||||||
void mbedtls_ssl_add_hs_msg_to_checksum(mbedtls_ssl_context *ssl,
|
int mbedtls_ssl_add_hs_msg_to_checksum(mbedtls_ssl_context *ssl,
|
||||||
unsigned hs_type,
|
unsigned hs_type,
|
||||||
unsigned char const *msg,
|
unsigned char const *msg,
|
||||||
size_t msg_len)
|
size_t msg_len)
|
||||||
{
|
{
|
||||||
mbedtls_ssl_add_hs_hdr_to_checksum(ssl, hs_type, msg_len);
|
int ret;
|
||||||
ssl->handshake->update_checksum(ssl, msg, msg_len);
|
ret = mbedtls_ssl_add_hs_hdr_to_checksum(ssl, hs_type, msg_len);
|
||||||
|
if (ret != 0)
|
||||||
|
return ret;
|
||||||
|
return ssl->handshake->update_checksum(ssl, msg, msg_len);
|
||||||
}
|
}
|
||||||
|
|
||||||
int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl)
|
int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl)
|
||||||
@ -971,6 +974,8 @@ void mbedtls_ssl_session_init(mbedtls_ssl_session *session)
|
|||||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
static int ssl_handshake_init(mbedtls_ssl_context *ssl)
|
static int ssl_handshake_init(mbedtls_ssl_context *ssl)
|
||||||
{
|
{
|
||||||
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
/* Clear old handshake information if present */
|
/* Clear old handshake information if present */
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
if (ssl->transform_negotiate) {
|
if (ssl->transform_negotiate) {
|
||||||
@ -1039,7 +1044,11 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Setup handshake checksums */
|
/* Setup handshake checksums */
|
||||||
mbedtls_ssl_reset_checksum(ssl);
|
ret = mbedtls_ssl_reset_checksum(ssl);
|
||||||
|
if (ret != 0) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_reset_checksum", ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
|
||||||
defined(MBEDTLS_SSL_SRV_C) && \
|
defined(MBEDTLS_SSL_SRV_C) && \
|
||||||
@ -6288,7 +6297,10 @@ static int ssl_compute_master(mbedtls_ssl_handshake_params *handshake,
|
|||||||
if (handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED) {
|
if (handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED) {
|
||||||
lbl = "extended master secret";
|
lbl = "extended master secret";
|
||||||
seed = session_hash;
|
seed = session_hash;
|
||||||
handshake->calc_verify(ssl, session_hash, &seed_len);
|
ret = handshake->calc_verify(ssl, session_hash, &seed_len);
|
||||||
|
if (ret != 0) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, "calc_verify", ret);
|
||||||
|
}
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_BUF(3, "session hash for extended master secret",
|
MBEDTLS_SSL_DEBUG_BUF(3, "session hash for extended master secret",
|
||||||
session_hash, seed_len);
|
session_hash, seed_len);
|
||||||
@ -7792,7 +7804,10 @@ int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl)
|
|||||||
|
|
||||||
mbedtls_ssl_update_out_pointers(ssl, ssl->transform_negotiate);
|
mbedtls_ssl_update_out_pointers(ssl, ssl->transform_negotiate);
|
||||||
|
|
||||||
ssl->handshake->calc_finished(ssl, ssl->out_msg + 4, ssl->conf->endpoint);
|
ret = ssl->handshake->calc_finished(ssl, ssl->out_msg + 4, ssl->conf->endpoint);
|
||||||
|
if (ret != 0) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, "calc_finished", ret);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* RFC 5246 7.4.9 (Page 63) says 12 is the default length and ciphersuites
|
* RFC 5246 7.4.9 (Page 63) says 12 is the default length and ciphersuites
|
||||||
@ -7902,7 +7917,10 @@ int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl)
|
|||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse finished"));
|
MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse finished"));
|
||||||
|
|
||||||
ssl->handshake->calc_finished(ssl, buf, ssl->conf->endpoint ^ 1);
|
ret = ssl->handshake->calc_finished(ssl, buf, ssl->conf->endpoint ^ 1);
|
||||||
|
if (ret != 0) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, "calc_finished", ret);
|
||||||
|
}
|
||||||
|
|
||||||
if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
|
if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
|
||||||
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
|
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
|
||||||
|
|||||||
@ -1090,6 +1090,7 @@ static int ssl_parse_use_srtp_ext(mbedtls_ssl_context *ssl,
|
|||||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
static int ssl_parse_hello_verify_request(mbedtls_ssl_context *ssl)
|
static int ssl_parse_hello_verify_request(mbedtls_ssl_context *ssl)
|
||||||
{
|
{
|
||||||
|
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||||
const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
|
const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
|
||||||
uint16_t dtls_legacy_version;
|
uint16_t dtls_legacy_version;
|
||||||
|
|
||||||
@ -1160,7 +1161,11 @@ static int ssl_parse_hello_verify_request(mbedtls_ssl_context *ssl)
|
|||||||
|
|
||||||
/* Start over at ClientHello */
|
/* Start over at ClientHello */
|
||||||
ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
|
ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
|
||||||
mbedtls_ssl_reset_checksum(ssl);
|
ret = mbedtls_ssl_reset_checksum(ssl);
|
||||||
|
if (0 != ret) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_reset_checksum"), ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
mbedtls_ssl_recv_flight_completed(ssl);
|
mbedtls_ssl_recv_flight_completed(ssl);
|
||||||
|
|
||||||
@ -3283,7 +3288,11 @@ static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl)
|
|||||||
sign:
|
sign:
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
ssl->handshake->calc_verify(ssl, hash, &hashlen);
|
ret = ssl->handshake->calc_verify(ssl, hash, &hashlen);
|
||||||
|
if (0 != ret) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, ("calc_verify"), ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* digitally-signed struct {
|
* digitally-signed struct {
|
||||||
|
|||||||
@ -1020,7 +1020,11 @@ read_record_header:
|
|||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_BUF(4, "record contents", buf, msg_len);
|
MBEDTLS_SSL_DEBUG_BUF(4, "record contents", buf, msg_len);
|
||||||
|
|
||||||
ssl->handshake->update_checksum(ssl, buf, msg_len);
|
ret = ssl->handshake->update_checksum(ssl, buf, msg_len);
|
||||||
|
if (0 != ret) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, ("update_checksum"), ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Handshake layer:
|
* Handshake layer:
|
||||||
@ -4129,7 +4133,11 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl)
|
|||||||
/* Calculate hash and verify signature */
|
/* Calculate hash and verify signature */
|
||||||
{
|
{
|
||||||
size_t dummy_hlen;
|
size_t dummy_hlen;
|
||||||
ssl->handshake->calc_verify(ssl, hash, &dummy_hlen);
|
ret = ssl->handshake->calc_verify(ssl, hash, &dummy_hlen);
|
||||||
|
if (0 != ret) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, ("calc_verify"), ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((ret = mbedtls_pk_verify(peer_pk,
|
if ((ret = mbedtls_pk_verify(peer_pk,
|
||||||
@ -4139,7 +4147,11 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl)
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
mbedtls_ssl_update_handshake_status(ssl);
|
ret = mbedtls_ssl_update_handshake_status(ssl);
|
||||||
|
if (0 != ret) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_update_handshake_status"), ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate verify"));
|
MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate verify"));
|
||||||
|
|
||||||
|
|||||||
@ -1489,8 +1489,9 @@ static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl,
|
|||||||
|
|
||||||
ssl->keep_current_message = 1;
|
ssl->keep_current_message = 1;
|
||||||
ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
|
ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_SERVER_HELLO,
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||||
buf, (size_t) (end - buf));
|
MBEDTLS_SSL_HS_SERVER_HELLO,
|
||||||
|
buf, (size_t) (end - buf)));
|
||||||
|
|
||||||
if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) {
|
if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) {
|
||||||
ret = ssl_tls13_reset_key_share(ssl);
|
ret = ssl_tls13_reset_key_share(ssl);
|
||||||
@ -2056,8 +2057,8 @@ static int ssl_tls13_process_server_hello(mbedtls_ssl_context *ssl)
|
|||||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_reset_transcript_for_hrr(ssl));
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_reset_transcript_for_hrr(ssl));
|
||||||
}
|
}
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_SERVER_HELLO,
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||||
buf, buf_len);
|
MBEDTLS_SSL_HS_SERVER_HELLO, buf, buf_len));
|
||||||
|
|
||||||
if (is_hrr) {
|
if (is_hrr) {
|
||||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_hrr(ssl));
|
MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_hrr(ssl));
|
||||||
@ -2214,8 +2215,8 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl)
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||||
buf, buf_len);
|
MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, buf, buf_len));
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
|
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
|
||||||
if (mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) {
|
if (mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) {
|
||||||
@ -2458,8 +2459,8 @@ static int ssl_tls13_process_certificate_request(mbedtls_ssl_context *ssl)
|
|||||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_request(ssl,
|
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_request(ssl,
|
||||||
buf, buf + buf_len));
|
buf, buf + buf_len));
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||||
buf, buf_len);
|
MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, buf, buf_len));
|
||||||
} else if (ret == SSL_CERTIFICATE_REQUEST_SKIP) {
|
} else if (ret == SSL_CERTIFICATE_REQUEST_SKIP) {
|
||||||
ret = 0;
|
ret = 0;
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@ -322,8 +322,9 @@ int mbedtls_ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl)
|
|||||||
buf + buf_len, verify_buffer,
|
buf + buf_len, verify_buffer,
|
||||||
verify_buffer_len));
|
verify_buffer_len));
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||||
buf, buf_len);
|
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
|
||||||
|
buf, buf_len));
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
|
|
||||||
@ -752,8 +753,8 @@ int mbedtls_ssl_tls13_process_certificate(mbedtls_ssl_context *ssl)
|
|||||||
/* Validate the certificate chain and set the verification results. */
|
/* Validate the certificate chain and set the verification results. */
|
||||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_validate_certificate(ssl));
|
MBEDTLS_SSL_PROC_CHK(ssl_tls13_validate_certificate(ssl));
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_CERTIFICATE,
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||||
buf, buf_len);
|
MBEDTLS_SSL_HS_CERTIFICATE, buf, buf_len));
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
|
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
|
||||||
@ -868,8 +869,8 @@ int mbedtls_ssl_tls13_write_certificate(mbedtls_ssl_context *ssl)
|
|||||||
buf + buf_len,
|
buf + buf_len,
|
||||||
&msg_len));
|
&msg_len));
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_CERTIFICATE,
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||||
buf, msg_len);
|
MBEDTLS_SSL_HS_CERTIFICATE, buf, msg_len));
|
||||||
|
|
||||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
||||||
ssl, buf_len, msg_len));
|
ssl, buf_len, msg_len));
|
||||||
@ -1070,8 +1071,8 @@ int mbedtls_ssl_tls13_write_certificate_verify(mbedtls_ssl_context *ssl)
|
|||||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_verify_body(
|
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_verify_body(
|
||||||
ssl, buf, buf + buf_len, &msg_len));
|
ssl, buf, buf + buf_len, &msg_len));
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||||
buf, msg_len);
|
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, buf, msg_len));
|
||||||
|
|
||||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
||||||
ssl, buf_len, msg_len));
|
ssl, buf_len, msg_len));
|
||||||
@ -1171,8 +1172,8 @@ int mbedtls_ssl_tls13_process_finished_message(mbedtls_ssl_context *ssl)
|
|||||||
|
|
||||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_finished_message(ssl, buf, buf + buf_len));
|
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_finished_message(ssl, buf, buf + buf_len));
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_FINISHED,
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||||
buf, buf_len);
|
MBEDTLS_SSL_HS_FINISHED, buf, buf_len));
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
|
|
||||||
@ -1248,8 +1249,8 @@ int mbedtls_ssl_tls13_write_finished_message(mbedtls_ssl_context *ssl)
|
|||||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_finished_message_body(
|
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_finished_message_body(
|
||||||
ssl, buf, buf + buf_len, &msg_len));
|
ssl, buf, buf + buf_len, &msg_len));
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_FINISHED,
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||||
buf, msg_len);
|
MBEDTLS_SSL_HS_FINISHED, buf, msg_len));
|
||||||
|
|
||||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
||||||
ssl, buf_len, msg_len));
|
ssl, buf_len, msg_len));
|
||||||
@ -1400,8 +1401,16 @@ int mbedtls_ssl_reset_transcript_for_hrr(mbedtls_ssl_context *ssl)
|
|||||||
hash_len += 4;
|
hash_len += 4;
|
||||||
|
|
||||||
/* Reset running hash and replace it with a hash of the transcript */
|
/* Reset running hash and replace it with a hash of the transcript */
|
||||||
mbedtls_ssl_reset_checksum(ssl);
|
ret = mbedtls_ssl_reset_checksum(ssl);
|
||||||
ssl->handshake->update_checksum(ssl, hash_transcript, hash_len);
|
if (ret != 0) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_reset_checksum", ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
ret = ssl->handshake->update_checksum(ssl, hash_transcript, hash_len);
|
||||||
|
if (ret != 0) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -486,6 +486,7 @@ static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl,
|
|||||||
const unsigned char *ciphersuites,
|
const unsigned char *ciphersuites,
|
||||||
const unsigned char *ciphersuites_end)
|
const unsigned char *ciphersuites_end)
|
||||||
{
|
{
|
||||||
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
const unsigned char *identities = pre_shared_key_ext;
|
const unsigned char *identities = pre_shared_key_ext;
|
||||||
const unsigned char *p_identity_len;
|
const unsigned char *p_identity_len;
|
||||||
size_t identities_len;
|
size_t identities_len;
|
||||||
@ -521,8 +522,12 @@ static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl,
|
|||||||
MBEDTLS_SSL_CHK_BUF_READ_PTR(p_binder_len, pre_shared_key_ext_end, binders_len);
|
MBEDTLS_SSL_CHK_BUF_READ_PTR(p_binder_len, pre_shared_key_ext_end, binders_len);
|
||||||
binders_end = p_binder_len + binders_len;
|
binders_end = p_binder_len + binders_len;
|
||||||
|
|
||||||
ssl->handshake->update_checksum(ssl, pre_shared_key_ext,
|
ret = ssl->handshake->update_checksum(ssl, pre_shared_key_ext,
|
||||||
identities_end - pre_shared_key_ext);
|
identities_end - pre_shared_key_ext);
|
||||||
|
if (0 != ret) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, ("update_checksum"), ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
while (p_identity_len < identities_end && p_binder_len < binders_end) {
|
while (p_identity_len < identities_end && p_binder_len < binders_end) {
|
||||||
const unsigned char *identity;
|
const unsigned char *identity;
|
||||||
@ -530,7 +535,6 @@ static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl,
|
|||||||
uint32_t obfuscated_ticket_age;
|
uint32_t obfuscated_ticket_age;
|
||||||
const unsigned char *binder;
|
const unsigned char *binder;
|
||||||
size_t binder_len;
|
size_t binder_len;
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
|
||||||
int psk_type;
|
int psk_type;
|
||||||
uint16_t cipher_suite;
|
uint16_t cipher_suite;
|
||||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
|
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
|
||||||
@ -642,9 +646,13 @@ static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Update the handshake transcript with the binder list. */
|
/* Update the handshake transcript with the binder list. */
|
||||||
ssl->handshake->update_checksum(ssl,
|
ret = ssl->handshake->update_checksum(ssl,
|
||||||
identities_end,
|
identities_end,
|
||||||
(size_t) (binders_end - identities_end));
|
(size_t) (binders_end - identities_end));
|
||||||
|
if (0 != ret) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, ("update_checksum"), ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
if (matched_identity == -1) {
|
if (matched_identity == -1) {
|
||||||
MBEDTLS_SSL_DEBUG_MSG(3, ("No matched PSK or ticket."));
|
MBEDTLS_SSL_DEBUG_MSG(3, ("No matched PSK or ticket."));
|
||||||
return MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
|
return MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
|
||||||
@ -1590,9 +1598,13 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
|
|||||||
MBEDTLS_SSL_PRINT_EXTS(3, MBEDTLS_SSL_HS_CLIENT_HELLO,
|
MBEDTLS_SSL_PRINT_EXTS(3, MBEDTLS_SSL_HS_CLIENT_HELLO,
|
||||||
handshake->received_extensions);
|
handshake->received_extensions);
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_hdr_to_checksum(ssl,
|
ret = mbedtls_ssl_add_hs_hdr_to_checksum(ssl,
|
||||||
MBEDTLS_SSL_HS_CLIENT_HELLO,
|
MBEDTLS_SSL_HS_CLIENT_HELLO,
|
||||||
p - buf);
|
p - buf);
|
||||||
|
if (0 != ret) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_add_hs_hdr_to_checksum"), ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
||||||
/* Update checksum with either
|
/* Update checksum with either
|
||||||
@ -1603,8 +1615,12 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
|
|||||||
if (mbedtls_ssl_tls13_some_psk_enabled(ssl) &&
|
if (mbedtls_ssl_tls13_some_psk_enabled(ssl) &&
|
||||||
mbedtls_ssl_conf_tls13_some_psk_enabled(ssl) &&
|
mbedtls_ssl_conf_tls13_some_psk_enabled(ssl) &&
|
||||||
(handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY))) {
|
(handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY))) {
|
||||||
handshake->update_checksum(ssl, buf,
|
ret = handshake->update_checksum(ssl, buf,
|
||||||
pre_shared_key_ext - buf);
|
pre_shared_key_ext - buf);
|
||||||
|
if (0 != ret) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, ("update_checksum"), ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
ret = ssl_tls13_parse_pre_shared_key_ext(ssl,
|
ret = ssl_tls13_parse_pre_shared_key_ext(ssl,
|
||||||
pre_shared_key_ext,
|
pre_shared_key_ext,
|
||||||
pre_shared_key_ext_end,
|
pre_shared_key_ext_end,
|
||||||
@ -1620,7 +1636,11 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
|
|||||||
} else
|
} else
|
||||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
|
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
|
||||||
{
|
{
|
||||||
handshake->update_checksum(ssl, buf, p - buf);
|
ret = handshake->update_checksum(ssl, buf, p - buf);
|
||||||
|
if (0 != ret) {
|
||||||
|
MBEDTLS_SSL_DEBUG_RET(1, ("update_checksum"), ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = ssl_tls13_determine_key_exchange_mode(ssl);
|
ret = ssl_tls13_determine_key_exchange_mode(ssl);
|
||||||
@ -2134,8 +2154,8 @@ static int ssl_tls13_write_server_hello(mbedtls_ssl_context *ssl)
|
|||||||
&msg_len,
|
&msg_len,
|
||||||
0));
|
0));
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||||
ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, msg_len);
|
ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, msg_len));
|
||||||
|
|
||||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
||||||
ssl, buf_len, msg_len));
|
ssl, buf_len, msg_len));
|
||||||
@ -2207,8 +2227,8 @@ static int ssl_tls13_write_hello_retry_request(mbedtls_ssl_context *ssl)
|
|||||||
buf + buf_len,
|
buf + buf_len,
|
||||||
&msg_len,
|
&msg_len,
|
||||||
1));
|
1));
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||||
ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, msg_len);
|
ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, msg_len));
|
||||||
|
|
||||||
|
|
||||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(ssl, buf_len,
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(ssl, buf_len,
|
||||||
@ -2306,8 +2326,8 @@ static int ssl_tls13_write_encrypted_extensions(mbedtls_ssl_context *ssl)
|
|||||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_encrypted_extensions_body(
|
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_encrypted_extensions_body(
|
||||||
ssl, buf, buf + buf_len, &msg_len));
|
ssl, buf, buf + buf_len, &msg_len));
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||||
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, buf, msg_len);
|
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, buf, msg_len));
|
||||||
|
|
||||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
||||||
ssl, buf_len, msg_len));
|
ssl, buf_len, msg_len));
|
||||||
@ -2439,8 +2459,8 @@ static int ssl_tls13_write_certificate_request(mbedtls_ssl_context *ssl)
|
|||||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_request_body(
|
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_request_body(
|
||||||
ssl, buf, buf + buf_len, &msg_len));
|
ssl, buf, buf + buf_len, &msg_len));
|
||||||
|
|
||||||
mbedtls_ssl_add_hs_msg_to_checksum(
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, buf, msg_len);
|
ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, buf, msg_len));
|
||||||
|
|
||||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
||||||
ssl, buf_len, msg_len));
|
ssl, buf_len, msg_len));
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user