COBJECTS += system/keys-dummy.c
endif
+COBJECTS += tls13/encrypted_extensions.c tls13/encrypted_extensions.h
if ENABLE_PKCS11
COBJECTS += pkcs11.c pkcs11x.c pkcs11_privkey.c pkcs11_write.c pkcs11_secret.c \
#include <random.h>
#include <dtls.h>
#include "secrets.h"
+#include "tls13/encrypted_extensions.h"
+
+static int generate_hs_traffic_keys(gnutls_session_t session);
/*
* _gnutls13_handshake_client
switch (STATE) {
case STATE100:
- abort();
+ ret =
+ generate_hs_traffic_keys(session);
STATE = STATE100;
- IMED_RET("recv encrypted extensions", ret, 0);
+ IMED_RET("generate session keys", ret, 0);
/* fall through */
case STATE101:
- abort();
+ ret = _gnutls13_recv_encrypted_extensions(session);
STATE = STATE101;
- IMED_RET("recv certificate request", ret, 0);
+ IMED_RET("recv encrypted extensions", ret, 0);
/* fall through */
case STATE102:
abort();
STATE = STATE102;
- IMED_RET("recv certificate", ret, 0);
+ IMED_RET("recv certificate request", ret, 0);
/* fall through */
case STATE103:
abort();
STATE = STATE103;
- IMED_RET("recv server certificate verify", ret, 0);
+ IMED_RET("recv certificate", ret, 0);
/* fall through */
case STATE104:
+ abort();
+ STATE = STATE104;
+ IMED_RET("recv server certificate verify", ret, 0);
+ /* fall through */
+ case STATE105:
ret = _gnutls_run_verify_callback(session, GNUTLS_CLIENT);
- STATE = STATE102;
+ STATE = STATE105;
if (ret < 0)
return gnutls_assert_val(ret);
FALLTHROUGH;
- case STATE105:
- abort();
- STATE = STATE105;
- IMED_RET("recv finished", ret, 0);
- /* fall through */
case STATE106:
abort();
STATE = STATE106;
- IMED_RET("send certificate", ret, 0);
+ IMED_RET("recv finished", ret, 0);
/* fall through */
case STATE107:
abort();
STATE = STATE107;
- IMED_RET("send certificate verify", ret, 0);
+ IMED_RET("send certificate", ret, 0);
/* fall through */
case STATE108:
abort();
STATE = STATE108;
+ IMED_RET("send certificate verify", ret, 0);
+ /* fall through */
+ case STATE109:
+ abort();
+ STATE = STATE109;
IMED_RET("send finished", ret, 0);
STATE = STATE0;
--- /dev/null
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "hello_ext.h"
+#include "handshake.h"
+#include "tls13/encrypted_extensions.h"
+
+int _gnutls13_recv_encrypted_extensions(gnutls_session_t session)
+{
+ int ret;
+ gnutls_buffer_st buf;
+
+ ret = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_ENCRYPTED_EXTENSIONS, 0, &buf);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
+ _gnutls_handshake_log("HSK[%p]: parsing encrypted extensions\n", session);
+ ret = _gnutls_parse_hello_extensions(session, GNUTLS_EXT_FLAG_EE, GNUTLS_EXT_ANY,
+ buf.data, buf.length);
+ _gnutls_buffer_clear(&buf);
+
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
+ return 0;
+}
--- /dev/null
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+int _gnutls13_recv_encrypted_extensions(gnutls_session_t session);
projects / thirdparty / gnutls.git / commitdiff
