28 #if defined(POLARSSL_SSL_CLI_C)
33 #if defined(POLARSSL_PKCS11_C)
41 static int ssl_write_client_hello(
ssl_context *ssl )
77 *p++ = (
unsigned char)( t >> 24 );
78 *p++ = (
unsigned char)( t >> 16 );
79 *p++ = (
unsigned char)( t >> 8 );
80 *p++ = (
unsigned char)( t );
84 if( ( ret = ssl->
f_rng( ssl->
p_rng, p, 28 ) ) != 0 )
91 SSL_DEBUG_BUF( 3,
"client hello, random bytes", buf + 6, 32 );
103 if( n < 16 || n > 32 || ssl->
resume == 0 ||
107 *p++ = (
unsigned char) n;
109 for( i = 0; i < n; i++ )
112 SSL_DEBUG_MSG( 3, (
"client hello, session id len.: %d", n ) );
116 *p++ = (
unsigned char)( n >> 7 );
117 *p++ = (
unsigned char)( n << 1 );
119 SSL_DEBUG_MSG( 3, (
"client hello, got %d ciphersuites", n ) );
121 for( i = 0; i < n; i++ )
130 SSL_DEBUG_MSG( 3, (
"client hello, compress len.: %d", 1 ) );
131 SSL_DEBUG_MSG( 3, (
"client hello, compress alg.: %d", 0 ) );
138 SSL_DEBUG_MSG( 3, (
"client hello, server name extension: %s",
141 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 9) >> 8 ) & 0xFF );
142 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 9) ) & 0xFF );
147 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 5) >> 8 ) & 0xFF );
148 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 5) ) & 0xFF );
150 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 3) >> 8 ) & 0xFF );
151 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 3) ) & 0xFF );
154 *p++ = (
unsigned char)( ( ssl->
hostname_len >> 8 ) & 0xFF );
179 static int ssl_parse_server_hello(
ssl_context *ssl )
181 #if defined(POLARSSL_DEBUG_MSG) && defined(POLARSSL_DEBUG_C)
231 #if defined(POLARSSL_DEBUG_MSG) && defined(POLARSSL_DEBUG_C)
232 t = ( (time_t) buf[6] << 24 )
233 | ( (time_t) buf[7] << 16 )
234 | ( (time_t) buf[8] << 8 )
235 | ( (time_t) buf[9] );
238 memcpy( ssl->
randbytes + 32, buf + 6, 32 );
242 SSL_DEBUG_MSG( 3, (
"server hello, current time: %lu", t ) );
243 SSL_DEBUG_BUF( 3,
"server hello, random bytes", buf + 6, 32 );
253 if( n > 32 || ssl->
in_hslen > 42 + n )
255 ext_len = ( ( buf[42 + n] << 8 )
256 | ( buf[43 + n] ) ) + 2;
263 if( n > 32 || ssl->
in_hslen != 42 + n + ext_len )
269 i = ( buf[39 + n] << 8 ) | buf[40 + n];
271 SSL_DEBUG_MSG( 3, (
"server hello, session id len.: %d", n ) );
277 if( ssl->
resume == 0 || n == 0 ||
280 memcmp( ssl->
session->
id, buf + 39, n ) != 0 )
301 ssl->
resume ?
"a" :
"no" ) );
303 SSL_DEBUG_MSG( 3, (
"server hello, chosen ciphersuite: %d", i ) );
304 SSL_DEBUG_MSG( 3, (
"server hello, compress alg.: %d", buf[41 + n] ) );
332 static int ssl_parse_server_key_exchange(
ssl_context *ssl )
334 #if defined(POLARSSL_DHM_C)
337 unsigned char *p, *end;
338 unsigned char hash[36];
356 #if !defined(POLARSSL_DHM_C)
425 n = ssl->
in_hslen - ( end - p ) - 6;
454 static int ssl_parse_certificate_request(
ssl_context *ssl )
497 static int ssl_parse_server_hello_done(
ssl_context *ssl )
532 static int ssl_write_client_key_exchange(
ssl_context *ssl )
545 #if !defined(POLARSSL_DHM_C)
554 ssl->
out_msg[4] = (
unsigned char)( n >> 8 );
555 ssl->
out_msg[5] = (
unsigned char)( n );
602 ssl->
out_msg[4] = (
unsigned char)( n >> 8 );
603 ssl->
out_msg[5] = (
unsigned char)( n );
641 static int ssl_write_certificate_verify(
ssl_context *ssl )
645 unsigned char hash[36];
658 #if defined(POLARSSL_PKCS11_C)
659 if( ssl->pkcs11_key == NULL )
664 #if defined(POLARSSL_PKCS11_C)
676 #if defined(POLARSSL_PKCS11_C)
678 n = ssl->pkcs11_key->len;
681 ssl->
out_msg[4] = (
unsigned char)( n >> 8 );
682 ssl->
out_msg[5] = (
unsigned char)( n );
690 #if defined(POLARSSL_PKCS11_C)
745 ret = ssl_write_client_hello( ssl );
756 ret = ssl_parse_server_hello( ssl );
764 ret = ssl_parse_server_key_exchange( ssl );
768 ret = ssl_parse_certificate_request( ssl );
772 ret = ssl_parse_server_hello_done( ssl );
787 ret = ssl_write_client_key_exchange( ssl );
791 ret = ssl_write_certificate_verify( ssl );