tls_server_misc.c File Reference

Helper functions for TLS server. More...

#include "tls.h"
#include "tls_cipher_suites.h"
#include "tls_server.h"
#include "tls_server_extensions.h"
#include "tls_server_misc.h"
#include "tls_common.h"
#include "tls_extensions.h"
#include "tls_certificate.h"
#include "tls_sign_generate.h"
#include "tls_sign_misc.h"
#include "tls_cache.h"
#include "tls_ffdhe.h"
#include "tls_record.h"
#include "tls_misc.h"
#include "pkix/pem_import.h"
#include "debug.h"

Go to the source code of this file.

Macros

#define TRACE_LEVEL   TLS_TRACE_LEVEL
 

Functions

error_t tlsFormatPskIdentityHint (TlsContext *context, uint8_t *p, size_t *written)
 Format PSK identity hint. More...
 
error_t tlsFormatServerKeyParams (TlsContext *context, uint8_t *p, size_t *written)
 Format server's key exchange parameters. More...
 
error_t tlsGenerateServerKeySignature (TlsContext *context, TlsDigitalSignature *signature, const uint8_t *params, size_t paramsLen, size_t *written)
 Sign server's key exchange parameters (TLS 1.0 and TLS 1.1) More...
 
error_t tls12GenerateServerKeySignature (TlsContext *context, Tls12DigitalSignature *signature, const uint8_t *params, size_t paramsLen, size_t *written)
 Sign server's key exchange parameters (TLS 1.2) More...
 
error_t tlsCheckSignalingCipherSuiteValues (TlsContext *context, const TlsCipherSuites *cipherSuites)
 Check whether the ClientHello includes any SCSV cipher suites. More...
 
error_t tlsResumeStatefulSession (TlsContext *context, const uint8_t *sessionId, size_t sessionIdLen, const TlsCipherSuites *cipherSuites, const TlsHelloExtensions *extensions)
 Resume TLS session via session ID. More...
 
error_t tlsResumeStatelessSession (TlsContext *context, const uint8_t *sessionId, size_t sessionIdLen, const TlsCipherSuites *cipherSuites, const TlsHelloExtensions *extensions)
 Resume TLS session via session ticket. More...
 
error_t tlsNegotiateVersion (TlsContext *context, uint16_t clientVersion, const TlsSupportedVersionList *supportedVersionList)
 Version negotiation. More...
 
error_t tlsNegotiateCipherSuite (TlsContext *context, const HashAlgo *hashAlgo, const TlsCipherSuites *cipherSuites, TlsHelloExtensions *extensions)
 Cipher suite negotiation. More...
 
error_t tlsSelectGroup (TlsContext *context, const TlsSupportedGroupList *groupList)
 Select the group to be used when performing (EC)DHE key exchange. More...
 
error_t tlsSelectEcdheGroup (TlsContext *context, const TlsSupportedGroupList *groupList)
 Select the named curve to be used when performing ECDHE key exchange. More...
 
error_t tlsSelectCertificate (TlsContext *context, const TlsHelloExtensions *extensions)
 Certificate selection process. More...
 
error_t tlsParseCompressMethods (TlsContext *context, const TlsCompressMethods *compressMethods)
 Parse the list of compression methods supported by the client. More...
 
error_t tlsParsePskIdentity (TlsContext *context, const uint8_t *p, size_t length, size_t *consumed)
 Parse PSK identity. More...
 
error_t tlsParseClientKeyParams (TlsContext *context, const uint8_t *p, size_t length, size_t *consumed)
 Parse client's key exchange parameters. More...
 

Detailed Description

Helper functions for TLS server.

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneSSL Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
2.4.0

Definition in file tls_server_misc.c.

Macro Definition Documentation

◆ TRACE_LEVEL

#define TRACE_LEVEL   TLS_TRACE_LEVEL

Definition at line 32 of file tls_server_misc.c.

Function Documentation

◆ tls12GenerateServerKeySignature()

error_t tls12GenerateServerKeySignature ( TlsContext context,
Tls12DigitalSignature signature,
const uint8_t *  params,
size_t  paramsLen,
size_t *  written 
)

Sign server's key exchange parameters (TLS 1.2)

Parameters
[in]contextPointer to the TLS context
[in]signatureOutput stream where to write the digital signature
[in]paramsPointer to the server's key exchange parameters
[in]paramsLenLength of the server's key exchange parameters
[out]writtenTotal number of bytes that have been written
Returns
Error code

Definition at line 532 of file tls_server_misc.c.

◆ tlsCheckSignalingCipherSuiteValues()

error_t tlsCheckSignalingCipherSuiteValues ( TlsContext context,
const TlsCipherSuites cipherSuites 
)

Check whether the ClientHello includes any SCSV cipher suites.

Parameters
[in]contextPointer to the TLS context
[in]cipherSuitesList of cipher suites offered by the client
Returns
Error code

Definition at line 749 of file tls_server_misc.c.

◆ tlsFormatPskIdentityHint()

error_t tlsFormatPskIdentityHint ( TlsContext context,
uint8_t *  p,
size_t *  written 
)

Format PSK identity hint.

Parameters
[in]contextPointer to the TLS context
[in]pOutput stream where to write the PSK identity hint
[out]writtenTotal number of bytes that have been written
Returns
Error code

Definition at line 64 of file tls_server_misc.c.

◆ tlsFormatServerKeyParams()

error_t tlsFormatServerKeyParams ( TlsContext context,
uint8_t *  p,
size_t *  written 
)

Format server's key exchange parameters.

Parameters
[in]contextPointer to the TLS context
[in]pOutput stream where to write the server's key exchange parameters
[out]writtenTotal number of bytes that have been written
Returns
Error code

Definition at line 109 of file tls_server_misc.c.

◆ tlsGenerateServerKeySignature()

error_t tlsGenerateServerKeySignature ( TlsContext context,
TlsDigitalSignature signature,
const uint8_t *  params,
size_t  paramsLen,
size_t *  written 
)

Sign server's key exchange parameters (TLS 1.0 and TLS 1.1)

Parameters
[in]contextPointer to the TLS context
[in]signatureOutput stream where to write the digital signature
[in]paramsPointer to the server's key exchange parameters
[in]paramsLenLength of the server's key exchange parameters
[out]writtenTotal number of bytes that have been written
Returns
Error code

Definition at line 325 of file tls_server_misc.c.

◆ tlsNegotiateCipherSuite()

error_t tlsNegotiateCipherSuite ( TlsContext context,
const HashAlgo hashAlgo,
const TlsCipherSuites cipherSuites,
TlsHelloExtensions extensions 
)

Cipher suite negotiation.

Parameters
[in]contextPointer to the TLS context
[in]hashAlgoDesired KDF hash algorithm
[in]cipherSuitesList of cipher suites offered by the client
[in]extensionsClientHello extensions offered by the client
Returns
Error code

Definition at line 1320 of file tls_server_misc.c.

◆ tlsNegotiateVersion()

error_t tlsNegotiateVersion ( TlsContext context,
uint16_t  clientVersion,
const TlsSupportedVersionList supportedVersionList 
)

Version negotiation.

Parameters
[in]contextPointer to the TLS context
[in]clientVersionHighest version number supported by the client (legacy version)
[in]supportedVersionListPointer to the SupportedVersions extensions
Returns
Error code

Definition at line 1221 of file tls_server_misc.c.

◆ tlsParseClientKeyParams()

error_t tlsParseClientKeyParams ( TlsContext context,
const uint8_t *  p,
size_t  length,
size_t *  consumed 
)

Parse client's key exchange parameters.

Parameters
[in]contextPointer to the TLS context
[in]pInput stream where to read the client's key exchange parameters
[in]lengthNumber of bytes available in the input stream
[out]consumedTotal number of bytes that have been consumed
Returns
Error code

Definition at line 1901 of file tls_server_misc.c.

◆ tlsParseCompressMethods()

error_t tlsParseCompressMethods ( TlsContext context,
const TlsCompressMethods compressMethods 
)

Parse the list of compression methods supported by the client.

Parameters
[in]contextPointer to the TLS context
[in]compressMethodsList of compression methods
Returns
Error code

Definition at line 1797 of file tls_server_misc.c.

◆ tlsParsePskIdentity()

error_t tlsParsePskIdentity ( TlsContext context,
const uint8_t *  p,
size_t  length,
size_t *  consumed 
)

Parse PSK identity.

Parameters
[in]contextPointer to the TLS context
[in]pInput stream where to read the PSK identity hint
[in]lengthNumber of bytes available in the input stream
[out]consumedTotal number of bytes that have been consumed
Returns
Error code

Definition at line 1850 of file tls_server_misc.c.

◆ tlsResumeStatefulSession()

error_t tlsResumeStatefulSession ( TlsContext context,
const uint8_t *  sessionId,
size_t  sessionIdLen,
const TlsCipherSuites cipherSuites,
const TlsHelloExtensions extensions 
)

Resume TLS session via session ID.

Parameters
[in]contextPointer to the TLS context
[in]sessionIdPointer to the session ID offered by the client
[in]sessionIdLenLength of the session ID, in bytes
[in]cipherSuitesList of cipher suites offered by the client
[in]extensionsClientHello extensions offered by the client
Returns
Error code

Definition at line 854 of file tls_server_misc.c.

◆ tlsResumeStatelessSession()

error_t tlsResumeStatelessSession ( TlsContext context,
const uint8_t *  sessionId,
size_t  sessionIdLen,
const TlsCipherSuites cipherSuites,
const TlsHelloExtensions extensions 
)

Resume TLS session via session ticket.

Parameters
[in]contextPointer to the TLS context
[in]sessionIdPointer to the session ID offered by the client
[in]sessionIdLenLength of the session ID, in bytes
[in]cipherSuitesList of cipher suites offered by the client
[in]extensionsClientHello extensions offered by the client
Returns
Error code

Definition at line 1017 of file tls_server_misc.c.

◆ tlsSelectCertificate()

error_t tlsSelectCertificate ( TlsContext context,
const TlsHelloExtensions extensions 
)

Certificate selection process.

Parameters
[in]contextPointer to the TLS context
[in]extensionsClientHello extensions offered by the client
Returns
Error code

Definition at line 1620 of file tls_server_misc.c.

◆ tlsSelectEcdheGroup()

error_t tlsSelectEcdheGroup ( TlsContext context,
const TlsSupportedGroupList groupList 
)

Select the named curve to be used when performing ECDHE key exchange.

Parameters
[in]contextPointer to the TLS context
[in]groupListList of named groups supported by the peer
Returns
Error code

Definition at line 1509 of file tls_server_misc.c.

◆ tlsSelectGroup()

error_t tlsSelectGroup ( TlsContext context,
const TlsSupportedGroupList groupList 
)

Select the group to be used when performing (EC)DHE key exchange.

Parameters
[in]contextPointer to the TLS context
[in]groupListList of named groups supported by the client
Returns
Error code

Definition at line 1455 of file tls_server_misc.c.