Handshake message processing (TLS client and server) More...
#include "tls.h"
#include "tls_cipher_suites.h"
#include "tls_handshake.h"
#include "tls_client.h"
#include "tls_server.h"
#include "tls_common.h"
#include "tls_certificate.h"
#include "tls_sign_generate.h"
#include "tls_sign_verify.h"
#include "tls_transcript_hash.h"
#include "tls_cache.h"
#include "tls_record.h"
#include "tls_misc.h"
#include "tls13_sign_generate.h"
#include "tls13_sign_verify.h"
#include "dtls_record.h"
#include "pkix/pem_import.h"
#include "pkix/x509_common.h"
#include "pkix/x509_cert_parse.h"
#include "debug.h"
Go to the source code of this file.
Macros | |
#define | TRACE_LEVEL TLS_TRACE_LEVEL |
Detailed Description
Handshake message processing (TLS client and server)
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneSSL Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.4.4
Definition in file tls_common.c.
Macro Definition Documentation
◆ TRACE_LEVEL
#define TRACE_LEVEL TLS_TRACE_LEVEL |
Definition at line 32 of file tls_common.c.
Function Documentation
◆ tlsFormatAlert()
error_t tlsFormatAlert | ( | TlsContext * | context, |
uint8_t | level, | ||
uint8_t | description, | ||
TlsAlert * | message, | ||
size_t * | length | ||
) |
Format Alert message.
- Parameters
-
[in] context Pointer to the TLS context [in] level Severity of the message (warning or fatal) [in] description Description of the alert [out] message Buffer where to format the Alert message [out] length Length of the resulting Alert message
- Returns
- Error code
Definition at line 806 of file tls_common.c.
◆ tlsFormatCertAuthorities()
error_t tlsFormatCertAuthorities | ( | TlsContext * | context, |
uint8_t * | p, | ||
size_t * | written | ||
) |
Format the list of distinguished names of acceptable CAs.
- Parameters
-
[in] context Pointer to the TLS context [in] p Output stream where to write the list of distinguished names [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 882 of file tls_common.c.
◆ tlsFormatCertAuthoritiesExtension()
error_t tlsFormatCertAuthoritiesExtension | ( | TlsContext * | context, |
uint8_t * | p, | ||
size_t * | written | ||
) |
Format CertificateAuthorities extension.
- Parameters
-
[in] context Pointer to the TLS context [in] p Output stream where to write the CertificateAuthorities extension [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 830 of file tls_common.c.
◆ tlsFormatCertificate()
error_t tlsFormatCertificate | ( | TlsContext * | context, |
TlsCertificate * | message, | ||
size_t * | length | ||
) |
Format Certificate message.
- Parameters
-
[in] context Pointer to the TLS context [out] message Buffer where to format the Certificate message [out] length Length of the resulting Certificate message
- Returns
- Error code
Definition at line 602 of file tls_common.c.
◆ tlsFormatCertificateVerify()
error_t tlsFormatCertificateVerify | ( | TlsContext * | context, |
TlsCertificateVerify * | message, | ||
size_t * | length | ||
) |
Format CertificateVerify message.
- Parameters
-
[in] context Pointer to the TLS context [out] message Buffer where to format the CertificateVerify message [out] length Length of the resulting CertificateVerify message
- Returns
- Error code
Definition at line 691 of file tls_common.c.
◆ tlsFormatChangeCipherSpec()
error_t tlsFormatChangeCipherSpec | ( | TlsContext * | context, |
TlsChangeCipherSpec * | message, | ||
size_t * | length | ||
) |
Format ChangeCipherSpec message.
- Parameters
-
[in] context Pointer to the TLS context [out] message Buffer where to format the ChangeCipherSpec message [out] length Length of the resulting ChangeCipherSpec message
- Returns
- Error code
Definition at line 750 of file tls_common.c.
◆ tlsFormatFinished()
error_t tlsFormatFinished | ( | TlsContext * | context, |
TlsFinished * | message, | ||
size_t * | length | ||
) |
Format Finished message.
- Parameters
-
[in] context Pointer to the TLS context [out] message Buffer where to format the Finished message [out] length Length of the resulting Finished message
- Returns
- Error code
Definition at line 772 of file tls_common.c.
◆ tlsParseAlert()
error_t tlsParseAlert | ( | TlsContext * | context, |
const TlsAlert * | message, | ||
size_t | length | ||
) |
Parse Alert message.
- Parameters
-
[in] context Pointer to the TLS context [in] message Incoming Alert message to parse [in] length Message length
- Returns
- Error code
Definition at line 1601 of file tls_common.c.
◆ tlsParseCertificate()
error_t tlsParseCertificate | ( | TlsContext * | context, |
const TlsCertificate * | message, | ||
size_t | length | ||
) |
Parse Certificate message.
- Parameters
-
[in] context Pointer to the TLS context [in] message Incoming Certificate message to parse [in] length Message length
- Returns
- Error code
Definition at line 1018 of file tls_common.c.
◆ tlsParseCertificateVerify()
error_t tlsParseCertificateVerify | ( | TlsContext * | context, |
const TlsCertificateVerify * | message, | ||
size_t | length | ||
) |
Parse CertificateVerify message.
The CertificateVerify message is used to provide explicit verification of a client certificate. This message is only sent following a client certificate that has signing capability
- Parameters
-
[in] context Pointer to the TLS context [in] message Incoming CertificateVerify message to parse [in] length Message length
- Returns
- Error code
Definition at line 1227 of file tls_common.c.
◆ tlsParseChangeCipherSpec()
error_t tlsParseChangeCipherSpec | ( | TlsContext * | context, |
const TlsChangeCipherSpec * | message, | ||
size_t | length | ||
) |
Parse ChangeCipherSpec message.
- Parameters
-
[in] context Pointer to the TLS context [in] message Incoming ChangeCipherSpec message to parse [in] length Message length
- Returns
- Error code
Definition at line 1324 of file tls_common.c.
◆ tlsParseFinished()
error_t tlsParseFinished | ( | TlsContext * | context, |
const TlsFinished * | message, | ||
size_t | length | ||
) |
Parse Finished message.
- Parameters
-
[in] context Pointer to the TLS context [in] message Incoming Finished message to parse [in] length Message length
- Returns
- Error code
Definition at line 1455 of file tls_common.c.
◆ tlsSendAlert()
error_t tlsSendAlert | ( | TlsContext * | context, |
uint8_t | level, | ||
uint8_t | description | ||
) |
Send Alert message.
- Parameters
-
[in] context Pointer to the TLS context [in] level Severity of the message (warning or fatal) [in] description Description of the alert
- Returns
- Error code
Definition at line 516 of file tls_common.c.
◆ tlsSendCertificate()
error_t tlsSendCertificate | ( | TlsContext * | context | ) |
Send Certificate message.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 66 of file tls_common.c.
◆ tlsSendCertificateVerify()
error_t tlsSendCertificateVerify | ( | TlsContext * | context | ) |
Send CertificateVerify message.
The CertificateVerify message is used to provide explicit verification of a client certificate. This message is only sent following a client certificate that has signing capability
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 192 of file tls_common.c.
◆ tlsSendChangeCipherSpec()
error_t tlsSendChangeCipherSpec | ( | TlsContext * | context | ) |
Send ChangeCipherSpec message.
The change cipher spec message is sent by both the client and the server to notify the receiving party that subsequent records will be protected under the newly negotiated CipherSpec and keys
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 273 of file tls_common.c.
◆ tlsSendFinished()
error_t tlsSendFinished | ( | TlsContext * | context | ) |
Send Finished message.
A Finished message is always sent immediately after a change cipher spec message to verify that the key exchange and authentication processes were successful. It is essential that a change cipher spec message be received between the other handshake messages and the Finished message
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 394 of file tls_common.c.