1/*
2 * TLSv1 client - write handshake message
3 * Copyright (c) 2006-2014, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9#include "includes.h"
10
11#include "common.h"
--- 30 unchanged lines hidden (view full) ---
42}
43
44
45u8 * tls_send_client_hello(struct tlsv1_client *conn, size_t *out_len)
46{
47 u8 *hello, *end, *pos, *hs_length, *hs_start, *rhdr;
48 struct os_time now;
49 size_t len, i;
50
51 wpa_printf(MSG_DEBUG, "TLSv1: Send ClientHello");
52 *out_len = 0;
53
54 os_get_time(&now);
55 WPA_PUT_BE32(conn->client_random, now.sec);
56 if (random_get_bytes(conn->client_random + 4, TLS_RANDOM_LEN - 4)) {
57 wpa_printf(MSG_ERROR, "TLSv1: Could not generate "
58 "client_random");
59 return NULL;
60 }
61 wpa_hexdump(MSG_MSGDUMP, "TLSv1: client_random",
62 conn->client_random, TLS_RANDOM_LEN);
63
64 len = 100 + conn->num_cipher_suites * 2 + conn->client_hello_ext_len;
65 hello = os_malloc(len);
66 if (hello == NULL)
67 return NULL;
68 end = hello + len;
69
70 rhdr = hello;
71 pos = rhdr + TLS_RECORD_HEADER_LEN;
72
73 /* opaque fragment[TLSPlaintext.length] */
74
75 /* Handshake */
76 hs_start = pos;
77 /* HandshakeType msg_type */
78 *pos++ = TLS_HANDSHAKE_TYPE_CLIENT_HELLO;
79 /* uint24 length (to be filled) */
80 hs_length = pos;
81 pos += 3;
82 /* body - ClientHello */
83 /* ProtocolVersion client_version */
84 WPA_PUT_BE16(pos, TLS_VERSION);
85 pos += 2;
86 /* Random random: uint32 gmt_unix_time, opaque random_bytes */
87 os_memcpy(pos, conn->client_random, TLS_RANDOM_LEN);
88 pos += TLS_RANDOM_LEN;
89 /* SessionID session_id */
90 *pos++ = conn->session_id_len;
91 os_memcpy(pos, conn->session_id, conn->session_id_len);
92 pos += conn->session_id_len;
93 /* CipherSuite cipher_suites<2..2^16-1> */
94 WPA_PUT_BE16(pos, 2 * conn->num_cipher_suites);
95 pos += 2;
96 for (i = 0; i < conn->num_cipher_suites; i++) {
97 WPA_PUT_BE16(pos, conn->cipher_suites[i]);
98 pos += 2;
99 }
100 /* CompressionMethod compression_methods<1..2^8-1> */
101 *pos++ = 1;
102 *pos++ = TLS_COMPRESSION_NULL;
103
104 if (conn->client_hello_ext) {
105 os_memcpy(pos, conn->client_hello_ext,
106 conn->client_hello_ext_len);
107 pos += conn->client_hello_ext_len;
108 }
109
110 WPA_PUT_BE24(hs_length, pos - hs_length - 3);
111 tls_verify_hash_add(&conn->verify, hs_start, pos - hs_start);
112
113 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE,
114 rhdr, end - rhdr, hs_start, pos - hs_start,
115 out_len) < 0) {
116 wpa_printf(MSG_DEBUG, "TLSv1: Failed to create TLS record");
117 tls_alert(conn, TLS_ALERT_LEVEL_FATAL,
--- 11 unchanged lines hidden (view full) ---
129static int tls_write_client_certificate(struct tlsv1_client *conn,
130 u8 **msgpos, u8 *end)
131{
132 u8 *pos, *rhdr, *hs_start, *hs_length, *cert_start;
133 size_t rlen;
134 struct x509_certificate *cert;
135
136 pos = *msgpos;
137
138 wpa_printf(MSG_DEBUG, "TLSv1: Send Certificate");
139 rhdr = pos;
140 pos += TLS_RECORD_HEADER_LEN;
141
142 /* opaque fragment[TLSPlaintext.length] */
143
144 /* Handshake */
--- 4 unchanged lines hidden (view full) ---
149 hs_length = pos;
150 pos += 3;
151 /* body - Certificate */
152 /* uint24 length (to be filled) */
153 cert_start = pos;
154 pos += 3;
155 cert = conn->cred ? conn->cred->cert : NULL;
156 while (cert) {
157 if (pos + 3 + cert->cert_len > end) {
158 wpa_printf(MSG_DEBUG, "TLSv1: Not enough buffer space "
159 "for Certificate (cert_len=%lu left=%lu)",
160 (unsigned long) cert->cert_len,
161 (unsigned long) (end - pos));
162 tls_alert(conn, TLS_ALERT_LEVEL_FATAL,
163 TLS_ALERT_INTERNAL_ERROR);
164 return -1;
165 }
--- 94 unchanged lines hidden (view full) ---
260 os_free(csecret);
261 os_free(dh_yc);
262 return -1;
263 }
264
265 wpa_hexdump(MSG_DEBUG, "TLSv1: DH Yc (client's public value)",
266 dh_yc, dh_yc_len);
267
268 WPA_PUT_BE16(*pos, dh_yc_len);
269 *pos += 2;
270 if (*pos + dh_yc_len > end) {
271 wpa_printf(MSG_DEBUG, "TLSv1: Not enough room in the "
272 "message buffer for Yc");
273 tls_alert(conn, TLS_ALERT_LEVEL_FATAL,
274 TLS_ALERT_INTERNAL_ERROR);
275 os_free(csecret);
276 os_free(dh_yc);
277 return -1;
278 }
--- 505 unchanged lines hidden (view full) ---
784 os_free(msg);
785 return NULL;
786 }
787
788 *out_len = pos - msg;
789
790 wpa_printf(MSG_DEBUG, "TLSv1: Session resumption completed "
791 "successfully");
792 conn->state = ESTABLISHED;
793
794 return msg;
795}
796
797
798u8 * tlsv1_client_handshake_write(struct tlsv1_client *conn, size_t *out_len,
799 int no_appl_data)
--- 61 unchanged lines hidden ---
2 * TLSv1 client - write handshake message
3 * Copyright (c) 2006-2014, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9#include "includes.h"
10
11#include "common.h"
--- 30 unchanged lines hidden (view full) ---
42}
43
44
45u8 * tls_send_client_hello(struct tlsv1_client *conn, size_t *out_len)
46{
47 u8 *hello, *end, *pos, *hs_length, *hs_start, *rhdr;
48 struct os_time now;
49 size_t len, i;
50
51 wpa_printf(MSG_DEBUG, "TLSv1: Send ClientHello");
52 *out_len = 0;
53
54 os_get_time(&now);
55 WPA_PUT_BE32(conn->client_random, now.sec);
56 if (random_get_bytes(conn->client_random + 4, TLS_RANDOM_LEN - 4)) {
57 wpa_printf(MSG_ERROR, "TLSv1: Could not generate "
58 "client_random");
59 return NULL;
60 }
61 wpa_hexdump(MSG_MSGDUMP, "TLSv1: client_random",
62 conn->client_random, TLS_RANDOM_LEN);
63
64 len = 100 + conn->num_cipher_suites * 2 + conn->client_hello_ext_len;
65 hello = os_malloc(len);
66 if (hello == NULL)
67 return NULL;
68 end = hello + len;
69
70 rhdr = hello;
71 pos = rhdr + TLS_RECORD_HEADER_LEN;
72
73 /* opaque fragment[TLSPlaintext.length] */
74
75 /* Handshake */
76 hs_start = pos;
77 /* HandshakeType msg_type */
78 *pos++ = TLS_HANDSHAKE_TYPE_CLIENT_HELLO;
79 /* uint24 length (to be filled) */
80 hs_length = pos;
81 pos += 3;
82 /* body - ClientHello */
83 /* ProtocolVersion client_version */
84 WPA_PUT_BE16(pos, TLS_VERSION);
85 pos += 2;
86 /* Random random: uint32 gmt_unix_time, opaque random_bytes */
87 os_memcpy(pos, conn->client_random, TLS_RANDOM_LEN);
88 pos += TLS_RANDOM_LEN;
89 /* SessionID session_id */
90 *pos++ = conn->session_id_len;
91 os_memcpy(pos, conn->session_id, conn->session_id_len);
92 pos += conn->session_id_len;
93 /* CipherSuite cipher_suites<2..2^16-1> */
94 WPA_PUT_BE16(pos, 2 * conn->num_cipher_suites);
95 pos += 2;
96 for (i = 0; i < conn->num_cipher_suites; i++) {
97 WPA_PUT_BE16(pos, conn->cipher_suites[i]);
98 pos += 2;
99 }
100 /* CompressionMethod compression_methods<1..2^8-1> */
101 *pos++ = 1;
102 *pos++ = TLS_COMPRESSION_NULL;
103
104 if (conn->client_hello_ext) {
105 os_memcpy(pos, conn->client_hello_ext,
106 conn->client_hello_ext_len);
107 pos += conn->client_hello_ext_len;
108 }
109
110 WPA_PUT_BE24(hs_length, pos - hs_length - 3);
111 tls_verify_hash_add(&conn->verify, hs_start, pos - hs_start);
112
113 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE,
114 rhdr, end - rhdr, hs_start, pos - hs_start,
115 out_len) < 0) {
116 wpa_printf(MSG_DEBUG, "TLSv1: Failed to create TLS record");
117 tls_alert(conn, TLS_ALERT_LEVEL_FATAL,
--- 11 unchanged lines hidden (view full) ---
129static int tls_write_client_certificate(struct tlsv1_client *conn,
130 u8 **msgpos, u8 *end)
131{
132 u8 *pos, *rhdr, *hs_start, *hs_length, *cert_start;
133 size_t rlen;
134 struct x509_certificate *cert;
135
136 pos = *msgpos;
137
138 wpa_printf(MSG_DEBUG, "TLSv1: Send Certificate");
139 rhdr = pos;
140 pos += TLS_RECORD_HEADER_LEN;
141
142 /* opaque fragment[TLSPlaintext.length] */
143
144 /* Handshake */
--- 4 unchanged lines hidden (view full) ---
149 hs_length = pos;
150 pos += 3;
151 /* body - Certificate */
152 /* uint24 length (to be filled) */
153 cert_start = pos;
154 pos += 3;
155 cert = conn->cred ? conn->cred->cert : NULL;
156 while (cert) {
157 if (pos + 3 + cert->cert_len > end) {
158 wpa_printf(MSG_DEBUG, "TLSv1: Not enough buffer space "
159 "for Certificate (cert_len=%lu left=%lu)",
160 (unsigned long) cert->cert_len,
161 (unsigned long) (end - pos));
162 tls_alert(conn, TLS_ALERT_LEVEL_FATAL,
163 TLS_ALERT_INTERNAL_ERROR);
164 return -1;
165 }
--- 94 unchanged lines hidden (view full) ---
260 os_free(csecret);
261 os_free(dh_yc);
262 return -1;
263 }
264
265 wpa_hexdump(MSG_DEBUG, "TLSv1: DH Yc (client's public value)",
266 dh_yc, dh_yc_len);
267
268 WPA_PUT_BE16(*pos, dh_yc_len);
269 *pos += 2;
270 if (*pos + dh_yc_len > end) {
271 wpa_printf(MSG_DEBUG, "TLSv1: Not enough room in the "
272 "message buffer for Yc");
273 tls_alert(conn, TLS_ALERT_LEVEL_FATAL,
274 TLS_ALERT_INTERNAL_ERROR);
275 os_free(csecret);
276 os_free(dh_yc);
277 return -1;
278 }
--- 505 unchanged lines hidden (view full) ---
784 os_free(msg);
785 return NULL;
786 }
787
788 *out_len = pos - msg;
789
790 wpa_printf(MSG_DEBUG, "TLSv1: Session resumption completed "
791 "successfully");
792 conn->state = ESTABLISHED;
793
794 return msg;
795}
796
797
798u8 * tlsv1_client_handshake_write(struct tlsv1_client *conn, size_t *out_len,
799 int no_appl_data)
--- 61 unchanged lines hidden ---