Handshake message processing (TLS server) More...
#include "tls.h"#include "tls_cipher_suites.h"#include "tls_handshake.h"#include "tls_server.h"#include "tls_server_extensions.h"#include "tls_server_misc.h"#include "tls_common.h"#include "tls_extensions.h"#include "tls_sign_misc.h"#include "tls_key_material.h"#include "tls_transcript_hash.h"#include "tls_cache.h"#include "tls_ffdhe.h"#include "tls_record.h"#include "tls_misc.h"#include "tls13_server.h"#include "tls13_server_extensions.h"#include "tls13_server_misc.h"#include "dtls_record.h"#include "dtls_misc.h"#include "pkix/pem_import.h"#include "pkix/x509_cert_parse.h"#include "date_time.h"#include "debug.h"Go to the source code of this file.
Macros | |
| #define | TRACE_LEVEL TLS_TRACE_LEVEL |
Detailed Description
Handshake message processing (TLS server)
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneSSL Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Description
The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery
- Version
- 2.4.4
Definition in file tls_server.c.
Macro Definition Documentation
◆ TRACE_LEVEL
| #define TRACE_LEVEL TLS_TRACE_LEVEL |
Definition at line 38 of file tls_server.c.
Function Documentation
◆ tlsFormatCertificateRequest()
| error_t tlsFormatCertificateRequest | ( | TlsContext * | context, |
| TlsCertificateRequest * | message, | ||
| size_t * | length | ||
| ) |
Format CertificateRequest message.
- Parameters
-
[in] context Pointer to the TLS context [out] message Buffer where to format the CertificateRequest message [out] length Length of the resulting CertificateRequest message
- Returns
- Error code
Definition at line 897 of file tls_server.c.
◆ tlsFormatNewSessionTicket()
| error_t tlsFormatNewSessionTicket | ( | TlsContext * | context, |
| TlsNewSessionTicket * | message, | ||
| size_t * | length | ||
| ) |
Format NewSessionTicket message.
- Parameters
-
[in] context Pointer to the TLS context [out] message Buffer where to format the NewSessionTicket message [out] length Length of the resulting NewSessionTicket message
- Returns
- Error code
Definition at line 1088 of file tls_server.c.
◆ tlsFormatServerHello()
| error_t tlsFormatServerHello | ( | TlsContext * | context, |
| TlsServerHello * | message, | ||
| size_t * | length | ||
| ) |
Format ServerHello message.
- Parameters
-
[in] context Pointer to the TLS context [out] message Buffer where to format the ServerHello message [out] length Length of the resulting ServerHello message
- Returns
- Error code
Definition at line 451 of file tls_server.c.
◆ tlsFormatServerHelloDone()
| error_t tlsFormatServerHelloDone | ( | TlsContext * | context, |
| TlsServerHelloDone * | message, | ||
| size_t * | length | ||
| ) |
Format ServerHelloDone message.
- Parameters
-
[in] context Pointer to the TLS context [out] message Buffer where to format the ServerHelloDone message [out] length Length of the resulting ServerHelloDone message
- Returns
- Error code
Definition at line 1069 of file tls_server.c.
◆ tlsFormatServerKeyExchange()
| error_t tlsFormatServerKeyExchange | ( | TlsContext * | context, |
| TlsServerKeyExchange * | message, | ||
| size_t * | length | ||
| ) |
Format ServerKeyExchange message.
- Parameters
-
[in] context Pointer to the TLS context [out] message Buffer where to format the ServerKeyExchange message [out] length Length of the resulting ServerKeyExchange message
- Returns
- Error code
Definition at line 775 of file tls_server.c.
◆ tlsParseClientHello()
| error_t tlsParseClientHello | ( | TlsContext * | context, |
| const TlsClientHello * | message, | ||
| size_t | length | ||
| ) |
Parse ClientHello message.
When a client first connects to a server, it is required to send the ClientHello as its first message. The client can also send a ClientHello in response to a HelloRequest or on its own initiative in order to renegotiate the security parameters in an existing connection
- Parameters
-
[in] context Pointer to the TLS context [in] message Incoming ClientHello message to parse [in] length Message length
- Returns
- Error code
Definition at line 1164 of file tls_server.c.
◆ tlsParseClientKeyExchange()
| error_t tlsParseClientKeyExchange | ( | TlsContext * | context, |
| const TlsClientKeyExchange * | message, | ||
| size_t | length | ||
| ) |
Parse ClientKeyExchange message.
This message is always sent by the client. It must immediately follow the client Certificate message, if it is sent. Otherwise, it must be the first message sent by the client after it receives the ServerHelloDone message
- Parameters
-
[in] context Pointer to the TLS context [in] message Incoming ClientKeyExchange message to parse [in] length Message length
- Returns
- Error code
Definition at line 1650 of file tls_server.c.
◆ tlsSendCertificateRequest()
| error_t tlsSendCertificateRequest | ( | TlsContext * | context | ) |
Send CertificateRequest message.
A server can optionally request a certificate from the client, if appropriate for the selected cipher suite. This message will immediately follow the ServerKeyExchange message
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 275 of file tls_server.c.
◆ tlsSendNewSessionTicket()
| error_t tlsSendNewSessionTicket | ( | TlsContext * | context | ) |
Send NewSessionTicket message.
This NewSessionTicket message is sent by the server during the TLS handshake before the ChangeCipherSpec message
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 406 of file tls_server.c.
◆ tlsSendServerHello()
| error_t tlsSendServerHello | ( | TlsContext * | context | ) |
Send ServerHello message.
The server will send this message in response to a ClientHello message when it was able to find an acceptable set of algorithms. If it cannot find such a match, it will respond with a handshake failure alert
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 82 of file tls_server.c.
◆ tlsSendServerHelloDone()
| error_t tlsSendServerHelloDone | ( | TlsContext * | context | ) |
Send ServerHelloDone message.
The ServerHelloDone message is sent by the server to indicate the end of the ServerHello and associated messages. After sending this message, the server will wait for a client response
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 353 of file tls_server.c.
◆ tlsSendServerKeyExchange()
| error_t tlsSendServerKeyExchange | ( | TlsContext * | context | ) |
Send ServerKeyExchange message.
The ServerKeyExchange message is sent by the server only when the server Certificate message does not contain enough data to allow the client to exchange a premaster secret
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 192 of file tls_server.c.