Lines Matching +full:layer +full:- +full:depth
2 * TLSv1 client - read handshake message
3 * Copyright (c) 2006-2015, Jouni Malinen <j@w1.fi>
32 return (((conn->flags & TLS_CONN_DISABLE_TLSv1_0) &&
34 ((conn->flags & TLS_CONN_DISABLE_TLSv1_1) &&
36 ((conn->flags & TLS_CONN_DISABLE_TLSv1_2) &&
51 if (end - pos < 4) {
53 return -1;
61 if (elen > end - pos) {
63 return -1;
91 return -1;
106 return -1;
113 left -= 4;
118 /* body - ServerHello */
124 if (end - pos < 2)
133 return -1;
139 conn->rl.tls_version = tls_version;
142 if (end - pos < TLS_RANDOM_LEN)
145 os_memcpy(conn->server_random, pos, TLS_RANDOM_LEN);
148 conn->server_random, TLS_RANDOM_LEN);
151 if (end - pos < 1)
153 if (end - pos < 1 + *pos || *pos > TLS_SESSION_ID_MAX_LEN)
155 if (conn->session_id_len && conn->session_id_len == *pos &&
156 os_memcmp(conn->session_id, pos + 1, conn->session_id_len) == 0) {
157 pos += 1 + conn->session_id_len;
159 conn->session_resumed = 1;
161 conn->session_id_len = *pos;
163 os_memcpy(conn->session_id, pos, conn->session_id_len);
164 pos += conn->session_id_len;
167 conn->session_id, conn->session_id_len);
170 if (end - pos < 2)
174 for (i = 0; i < conn->num_cipher_suites; i++) {
175 if (cipher_suite == conn->cipher_suites[i])
178 if (i == conn->num_cipher_suites) {
183 return -1;
186 if (conn->session_resumed && cipher_suite != conn->prev_cipher_suite) {
189 "0x%04x)", cipher_suite, conn->prev_cipher_suite);
192 return -1;
195 if (tlsv1_record_set_cipher_suite(&conn->rl, cipher_suite) < 0) {
197 "record layer");
200 return -1;
203 conn->prev_cipher_suite = cipher_suite;
206 if (end - pos < 1)
213 return -1;
217 if (end - pos >= 2) {
222 if (end - pos < ext_len) {
225 ext_len, (unsigned int) (end - pos));
236 "end of ServerHello", pos, end - pos);
240 if (conn->session_ticket_included && conn->session_ticket_cb) {
243 int res = conn->session_ticket_cb(
244 conn->session_ticket_cb_ctx, NULL, 0,
245 conn->client_random, conn->server_random,
246 conn->master_secret);
252 return -1;
254 conn->use_session_ticket = !!res;
257 if ((conn->session_resumed || conn->use_session_ticket) &&
262 return -1;
265 *in_len = end - in_data;
267 conn->state = (conn->session_resumed || conn->use_session_ticket) ?
275 return -1;
279 static void tls_peer_cert_event(struct tlsv1_client *conn, int depth,
289 if (!conn->event_cb)
293 if ((conn->cred && conn->cred->cert_probe) || conn->cert_in_cb) {
294 cert_buf = wpabuf_alloc_copy(cert->cert_start,
295 cert->cert_len);
311 ev.peer_cert.depth = depth;
312 x509_name_string(&cert->subject, subject, sizeof(subject));
315 if (cert->extensions_present & X509_EXT_CERTIFICATE_POLICY) {
316 if (cert->certificate_policy & X509_EXT_CERT_POLICY_TOD_STRICT)
318 else if (cert->certificate_policy &
323 conn->event_cb(conn->cb_ctx, TLS_PEER_CERTIFICATE, &ev);
328 static void tls_cert_chain_failure_event(struct tlsv1_client *conn, int depth,
337 if (!conn->event_cb || !cert)
341 ev.cert_fail.depth = depth;
342 x509_name_string(&cert->subject, subject, sizeof(subject));
346 cert_buf = wpabuf_alloc_copy(cert->cert_start,
347 cert->cert_len);
349 conn->event_cb(conn->cb_ctx, TLS_CERT_CHAIN_FAILURE, &ev);
368 return -1;
378 return -1;
384 left -= 4;
391 return -1;
410 return -1;
418 * opaque ASN.1Cert<2^24-1>;
421 * ASN.1Cert certificate_list<1..2^24-1>;
427 if (end - pos < 3) {
431 return -1;
437 if ((size_t) (end - pos) != list_len) {
441 (unsigned long) (end - pos));
443 return -1;
448 if (end - pos < 3) {
454 return -1;
460 if ((size_t) (end - pos) < cert_len) {
464 (unsigned long) (end - pos));
468 return -1;
475 crypto_public_key_free(conn->server_rsa_key);
477 &conn->server_rsa_key)) {
483 return -1;
494 return -1;
502 last->next = cert;
509 if (conn->cred && conn->cred->server_cert_only && chain) {
515 x509_name_string(&chain->subject, buf, sizeof(buf));
517 if (sha256_vector(1, &chain->cert_start, &chain->cert_len,
519 os_memcmp(conn->cred->srv_cert_hash, hash,
525 if (conn->event_cb) {
533 conn->event_cb(conn->cb_ctx,
539 return -1;
541 } else if (conn->cred && conn->cred->cert_probe) {
543 "TLSv1: Reject server certificate on probe-only run");
544 if (conn->event_cb) {
553 x509_name_string(&chain->subject, buf,
557 conn->event_cb(conn->cb_ctx, TLS_CERT_CHAIN_FAILURE,
563 return -1;
564 } else if (conn->cred && conn->cred->ca_cert_verify &&
566 conn->cred->trusted_certs, chain, &reason,
567 !!(conn->flags & TLS_CONN_DISABLE_TIME_CHECKS))
609 return -1;
612 if (conn->cred && !conn->cred->server_cert_only && chain &&
613 (chain->extensions_present & X509_EXT_EXT_KEY_USAGE) &&
614 !(chain->ext_key_usage &
622 return -1;
625 if (conn->flags & TLS_CONN_REQUEST_OCSP) {
626 x509_certificate_chain_free(conn->server_cert);
627 conn->server_cert = chain;
632 *in_len = end - in_data;
634 conn->state = SERVER_KEY_EXCHANGE;
653 bits = (len - i - 1) * 8;
678 if (end - pos < 3)
683 if (val == 0 || val > (size_t) (end - pos)) {
687 conn->dh_p_len = val;
688 bits = count_bits(pos, conn->dh_p_len);
690 wpa_printf(MSG_INFO, "TLSv1: Reject under 768-bit DH prime (insecure; only %u bits)",
693 pos, conn->dh_p_len);
696 conn->dh_p = os_memdup(pos, conn->dh_p_len);
697 if (conn->dh_p == NULL)
699 pos += conn->dh_p_len;
701 conn->dh_p, conn->dh_p_len);
703 if (end - pos < 3)
707 if (val == 0 || val > (size_t) (end - pos))
709 conn->dh_g_len = val;
710 conn->dh_g = os_memdup(pos, conn->dh_g_len);
711 if (conn->dh_g == NULL)
713 pos += conn->dh_g_len;
715 conn->dh_g, conn->dh_g_len);
716 if (conn->dh_g_len == 1 && conn->dh_g[0] < 2)
719 if (end - pos < 3)
723 if (val == 0 || val > (size_t) (end - pos))
725 conn->dh_ys_len = val;
726 conn->dh_ys = os_memdup(pos, conn->dh_ys_len);
727 if (conn->dh_ys == NULL)
729 pos += conn->dh_ys_len;
731 conn->dh_ys, conn->dh_ys_len);
738 if (conn->rl.tls_version == TLS_VERSION_1_2) {
750 if (end - pos < 2)
762 conn->rl.tls_version, pos[0],
763 conn->client_random,
764 conn->server_random, server_params,
765 server_params_end - server_params, hash);
772 conn->rl.tls_version, conn->client_random,
773 conn->server_random, server_params,
774 server_params_end - server_params, hash,
783 if (tls_verify_signature(conn->rl.tls_version,
784 conn->server_rsa_key,
785 hash, hlen, pos, end - pos,
795 return -1;
806 /* opaque OCSPResponse<1..2^24-1>; */
807 if (end - pos < 3) {
814 if (end - pos < ocsp_resp_len) {
832 int depth;
840 return -1;
851 return -1;
857 left -= 4;
864 return -1;
875 return -1;
889 if (end - pos < 1) {
892 return -1;
900 conn, pos, end - pos);
908 * opaque OCSPResponse<0..2^24-1>;
911 * OCSPResponse ocsp_response_list<1..2^24-1>;
914 if (end - pos < 3) {
922 if (end - pos < resp_len) {
931 while (end - pos >= 3) {
934 if (resp_len > end - pos) {
937 resp_len, (int) (end - pos));
944 conn, pos - 3, resp_len + 3);
966 for (cert = conn->server_cert, depth = 0; cert;
967 cert = cert->next, depth++) {
968 if (cert->ocsp_revoked) {
970 conn, depth, cert, TLS_FAIL_REVOKED,
974 return -1;
977 if (conn->flags & TLS_CONN_REQUIRE_OCSP_ALL) {
983 for (cert = conn->server_cert, depth = 0; cert;
984 cert = cert->next, depth++) {
985 if (!cert->ocsp_good) {
989 conn, depth, cert,
992 return -1;
994 if (cert->issuer_trusted)
999 if ((conn->flags & TLS_CONN_REQUIRE_OCSP) && res != TLS_OCSP_GOOD) {
1003 if (conn->server_cert)
1005 conn, 0, conn->server_cert,
1008 return -1;
1011 conn->ocsp_resp_received = 1;
1014 *in_len = end - in_data;
1016 conn->state = SERVER_KEY_EXCHANGE;
1035 return -1;
1045 return -1;
1051 left -= 4;
1058 return -1;
1063 if ((conn->flags & TLS_CONN_REQUEST_OCSP) &&
1077 (conn->flags & TLS_CONN_REQUEST_OCSP) ?
1081 return -1;
1086 if (!tls_server_key_exchange_allowed(conn->rl.cipher_suite)) {
1091 return -1;
1095 suite = tls_get_cipher_suite(conn->rl.cipher_suite);
1096 if (suite && (suite->key_exchange == TLS_KEY_X_DH_anon ||
1097 suite->key_exchange == TLS_KEY_X_DHE_RSA)) {
1099 suite->key_exchange) < 0) {
1102 return -1;
1108 return -1;
1111 *in_len = end - in_data;
1113 conn->state = SERVER_CERTIFICATE_REQUEST;
1131 return -1;
1141 return -1;
1147 left -= 4;
1154 return -1;
1168 return -1;
1173 conn->certificate_requested = 1;
1175 *in_len = end - in_data;
1177 conn->state = SERVER_HELLO_DONE;
1195 return -1;
1205 return -1;
1211 left -= 4;
1218 return -1;
1227 return -1;
1232 if ((conn->flags & TLS_CONN_REQUIRE_OCSP) &&
1233 !conn->ocsp_resp_received) {
1235 "TLSv1: No OCSP response received - reject handshake");
1238 return -1;
1241 *in_len = end - in_data;
1243 conn->state = CLIENT_KEY_EXCHANGE;
1259 if (conn->use_session_ticket) {
1263 conn->use_session_ticket = 0;
1266 res = conn->session_ticket_cb(
1267 conn->session_ticket_cb_ctx, NULL, 0, NULL,
1274 return -1;
1277 conn->state = SERVER_CERTIFICATE;
1283 return -1;
1292 return -1;
1300 return -1;
1304 if (tlsv1_record_change_read_cipher(&conn->rl) < 0) {
1306 "for record layer");
1309 return -1;
1312 *in_len = pos + 1 - in_data;
1314 conn->state = SERVER_FINISHED;
1333 return -1;
1345 return -1;
1353 return -1;
1359 left -= 4;
1367 return -1;
1376 return -1;
1382 if (conn->rl.tls_version >= TLS_VERSION_1_2) {
1384 if (conn->verify.sha256_server == NULL ||
1385 crypto_hash_finish(conn->verify.sha256_server, hash, &hlen)
1389 conn->verify.sha256_server = NULL;
1390 return -1;
1392 conn->verify.sha256_server = NULL;
1397 if (conn->verify.md5_server == NULL ||
1398 crypto_hash_finish(conn->verify.md5_server, hash, &hlen) < 0) {
1401 conn->verify.md5_server = NULL;
1402 crypto_hash_finish(conn->verify.sha1_server, NULL, NULL);
1403 conn->verify.sha1_server = NULL;
1404 return -1;
1406 conn->verify.md5_server = NULL;
1408 if (conn->verify.sha1_server == NULL ||
1409 crypto_hash_finish(conn->verify.sha1_server, hash + MD5_MAC_LEN,
1411 conn->verify.sha1_server = NULL;
1414 return -1;
1416 conn->verify.sha1_server = NULL;
1423 if (tls_prf(conn->rl.tls_version,
1424 conn->master_secret, TLS_MASTER_SECRET_LEN,
1430 return -1;
1439 return -1;
1444 *in_len = end - in_data;
1446 conn->state = (conn->session_resumed || conn->use_session_ticket) ?
1465 return -1;
1493 return -1;
1498 conn->state = FAILED;
1499 return -1;
1505 if (hr_len > *len - 4) {
1509 return -1;
1516 switch (conn->state) {
1519 return -1;
1523 return -1;
1527 return -1;
1531 return -1;
1535 return -1;
1539 return -1;
1543 return -1;
1549 return -1;
1554 conn->state);
1555 return -1;
1559 tls_verify_hash_add(&conn->verify, buf, *len);