TLS 1.3 helper functions. More...
Go to the source code of this file.
Macros | |
| #define | TLS13_DHE_KE_SUPPORT ENABLED |
| #define | TLS13_ECDHE_KE_SUPPORT ENABLED |
| #define | TLS13_HYBRID_KE_SUPPORT DISABLED |
| #define | TLS13_PSK_KE_SUPPORT DISABLED |
| #define | TLS13_PSK_DHE_KE_SUPPORT ENABLED |
| #define | TLS13_PSK_ECDHE_KE_SUPPORT ENABLED |
| #define | TLS13_PSK_HYBRID_KE_SUPPORT DISABLED |
| #define | TLS13_EARLY_DATA_SUPPORT DISABLED |
| #define | TLS13_MIDDLEBOX_COMPAT_SUPPORT ENABLED |
| #define | TLS13_MAX_COOKIE_SIZE 256 |
| #define | TLS13_MAX_TICKET_SIZE 1024 |
| #define | TLS13_MAX_TICKET_LIFETIME 604800 |
| #define | TLS13_TICKET_AGE_TOLERANCE 5000 |
| #define | TLS13_NEW_SESSION_TICKET_COUNT 2 |
| #define | TLS13_MAX_HKDF_DIGEST_SIZE 48 |
Typedefs | |
| typedef void * | Tls13EndOfEarlyData |
| EndOfEarlyData message. More... | |
Enumerations | |
| enum | Tls13PskKeyExchMode { TLS_PSK_KEY_EXCH_MODE_PSK_KE = 0, TLS_PSK_KEY_EXCH_MODE_PSK_DHE_KE = 1 } |
| PSK key exchange modes. More... | |
| enum | Tls13KeyUpdateRequest { TLS_KEY_UPDATE_NOT_REQUESTED = 0, TLS_KEY_UPDATE_REQUESTED = 1 } |
| Key update requests. More... | |
Functions | |
| error_t | tls13ComputePskBinder (TlsContext *context, const void *clientHello, size_t clientHelloLen, size_t truncatedClientHelloLen, const Tls13PskIdentity *identity, uint8_t *binder, size_t binderLen) |
| Compute PSK binder value. More... | |
| error_t | tls13GenerateKeyShare (TlsContext *context, uint16_t namedGroup) |
| Key share generation. More... | |
| error_t | tls13GenerateSharedSecret (TlsContext *context, const uint8_t *keyShare, size_t length) |
| (EC)DHE shared secret generation More... | |
| error_t | tls13Encapsulate (TlsContext *context, uint16_t namedGroup, const uint8_t *keyShare, size_t length) |
| Encapsulation algorithm. More... | |
| error_t | tls13Decapsulate (TlsContext *context, const uint8_t *keyShare, size_t length) |
| Decapsulation algorithm. More... | |
| error_t | tls13ComputeMac (TlsContext *context, TlsEncryptionEngine *encryptionEngine, void *record, const uint8_t *data, size_t dataLen, uint8_t *mac) |
| Compute message authentication code. More... | |
| error_t | tls13DigestClientHello1 (TlsContext *context) |
| Hash ClientHello1 in the transcript when HelloRetryRequest is used. More... | |
| bool_t | tls13IsPskValid (TlsContext *context) |
| Check whether an externally established PSK is valid. More... | |
| bool_t | tls13IsGroupSupported (TlsContext *context, uint16_t namedGroup) |
| Check whether a given named group is supported. More... | |
| bool_t | tls13IsFfdheGroupSupported (TlsContext *context, uint16_t namedGroup) |
| Check whether a given FFDHE group is supported. More... | |
| bool_t | tls13IsEcdheGroupSupported (TlsContext *context, uint16_t namedGroup) |
| Check whether a given ECDHE group is supported. More... | |
| bool_t | tls13IsHybridKeMethodSupported (TlsContext *context, uint16_t namedGroup) |
| Check whether a given hybrid key exchange method is supported. More... | |
| const EcCurveInfo * | tls13GetTraditionalAlgo (TlsContext *context, uint16_t namedGroup) |
| Get the traditional algorithm used by the hybrid key exchange method. More... | |
| const KemAlgo * | tls13GetNextGenAlgo (TlsContext *context, uint16_t namedGroup) |
| Get the next-gen algorithm used by the hybrid key exchange method. More... | |
| error_t | tls13CheckDuplicateKeyShare (uint16_t namedGroup, const uint8_t *p, size_t length) |
| Check whether the specified key share group is a duplicate. More... | |
| error_t | tls13FormatCertExtensions (uint8_t *p, size_t *written) |
| Format certificate extensions. More... | |
| error_t | tls13ParseCertExtensions (const uint8_t *p, size_t length, size_t *consumed) |
| Parse certificate extensions. More... | |
Detailed Description
TLS 1.3 helper functions.
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneSSL Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.4.4
Definition in file tls13_misc.h.
Macro Definition Documentation
◆ TLS13_DHE_KE_SUPPORT
| #define TLS13_DHE_KE_SUPPORT ENABLED |
Definition at line 36 of file tls13_misc.h.
◆ TLS13_EARLY_DATA_SUPPORT
| #define TLS13_EARLY_DATA_SUPPORT DISABLED |
Definition at line 85 of file tls13_misc.h.
◆ TLS13_ECDHE_KE_SUPPORT
| #define TLS13_ECDHE_KE_SUPPORT ENABLED |
Definition at line 43 of file tls13_misc.h.
◆ TLS13_HYBRID_KE_SUPPORT
| #define TLS13_HYBRID_KE_SUPPORT DISABLED |
Definition at line 50 of file tls13_misc.h.
◆ TLS13_MAX_COOKIE_SIZE
| #define TLS13_MAX_COOKIE_SIZE 256 |
Definition at line 99 of file tls13_misc.h.
◆ TLS13_MAX_HKDF_DIGEST_SIZE
| #define TLS13_MAX_HKDF_DIGEST_SIZE 48 |
Definition at line 134 of file tls13_misc.h.
◆ TLS13_MAX_TICKET_LIFETIME
| #define TLS13_MAX_TICKET_LIFETIME 604800 |
Definition at line 113 of file tls13_misc.h.
◆ TLS13_MAX_TICKET_SIZE
| #define TLS13_MAX_TICKET_SIZE 1024 |
Definition at line 106 of file tls13_misc.h.
◆ TLS13_MIDDLEBOX_COMPAT_SUPPORT
| #define TLS13_MIDDLEBOX_COMPAT_SUPPORT ENABLED |
Definition at line 92 of file tls13_misc.h.
◆ TLS13_NEW_SESSION_TICKET_COUNT
| #define TLS13_NEW_SESSION_TICKET_COUNT 2 |
Definition at line 127 of file tls13_misc.h.
◆ TLS13_PSK_DHE_KE_SUPPORT
| #define TLS13_PSK_DHE_KE_SUPPORT ENABLED |
Definition at line 64 of file tls13_misc.h.
◆ TLS13_PSK_ECDHE_KE_SUPPORT
| #define TLS13_PSK_ECDHE_KE_SUPPORT ENABLED |
Definition at line 71 of file tls13_misc.h.
◆ TLS13_PSK_HYBRID_KE_SUPPORT
| #define TLS13_PSK_HYBRID_KE_SUPPORT DISABLED |
Definition at line 78 of file tls13_misc.h.
◆ TLS13_PSK_KE_SUPPORT
| #define TLS13_PSK_KE_SUPPORT DISABLED |
Definition at line 57 of file tls13_misc.h.
◆ TLS13_TICKET_AGE_TOLERANCE
| #define TLS13_TICKET_AGE_TOLERANCE 5000 |
Definition at line 120 of file tls13_misc.h.
Typedef Documentation
◆ Tls13EndOfEarlyData
| typedef void* Tls13EndOfEarlyData |
EndOfEarlyData message.
Definition at line 304 of file tls13_misc.h.
Enumeration Type Documentation
◆ Tls13KeyUpdateRequest
Key update requests.
| Enumerator | |
|---|---|
| TLS_KEY_UPDATE_NOT_REQUESTED | |
| TLS_KEY_UPDATE_REQUESTED | |
Definition at line 160 of file tls13_misc.h.
◆ Tls13PskKeyExchMode
| enum Tls13PskKeyExchMode |
PSK key exchange modes.
| Enumerator | |
|---|---|
| TLS_PSK_KEY_EXCH_MODE_PSK_KE | |
| TLS_PSK_KEY_EXCH_MODE_PSK_DHE_KE | |
Definition at line 149 of file tls13_misc.h.
Function Documentation
◆ tls13CheckDuplicateKeyShare()
| error_t tls13CheckDuplicateKeyShare | ( | uint16_t | namedGroup, |
| const uint8_t * | p, | ||
| size_t | length | ||
| ) |
Check whether the specified key share group is a duplicate.
- Parameters
-
[in] namedGroup Named group [in] p List of key share entries [in] length Length of the list, in bytes
- Returns
- Error code
Definition at line 1106 of file tls13_misc.c.
◆ tls13ComputeMac()
| error_t tls13ComputeMac | ( | TlsContext * | context, |
| TlsEncryptionEngine * | encryptionEngine, | ||
| void * | record, | ||
| const uint8_t * | data, | ||
| size_t | dataLen, | ||
| uint8_t * | mac | ||
| ) |
Compute message authentication code.
- Parameters
-
[in] context Pointer to the TLS context [in] encryptionEngine Pointer to the encryption/decryption engine [in] record Pointer to the TLS record [in] data Pointer to the record data [in] dataLen Length of the data [out] mac The computed MAC value
- Returns
- Error code
Definition at line 683 of file tls13_misc.c.
◆ tls13ComputePskBinder()
| error_t tls13ComputePskBinder | ( | TlsContext * | context, |
| const void * | clientHello, | ||
| size_t | clientHelloLen, | ||
| size_t | truncatedClientHelloLen, | ||
| const Tls13PskIdentity * | identity, | ||
| uint8_t * | binder, | ||
| size_t | binderLen | ||
| ) |
Compute PSK binder value.
- Parameters
-
[in] context Pointer to the TLS context [in] clientHello Pointer to the ClientHello message [in] clientHelloLen Length of the ClientHello message [in] truncatedClientHelloLen Length of the partial ClientHello message [in] identity Pointer to the PSK identity [out] binder Buffer where to store the resulting PSK binder [in] binderLen Expected length of the PSK binder
- Returns
- Error code
Definition at line 86 of file tls13_misc.c.
◆ tls13Decapsulate()
| error_t tls13Decapsulate | ( | TlsContext * | context, |
| const uint8_t * | keyShare, | ||
| size_t | length | ||
| ) |
Decapsulation algorithm.
- Parameters
-
[in] context Pointer to the TLS context [in] keyShare Pointer to the server's key share [in] length Length of the client's key share, in bytes
- Returns
- Error code
Definition at line 603 of file tls13_misc.c.
◆ tls13DigestClientHello1()
| error_t tls13DigestClientHello1 | ( | TlsContext * | context | ) |
Hash ClientHello1 in the transcript when HelloRetryRequest is used.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 725 of file tls13_misc.c.
◆ tls13Encapsulate()
| error_t tls13Encapsulate | ( | TlsContext * | context, |
| uint16_t | namedGroup, | ||
| const uint8_t * | keyShare, | ||
| size_t | length | ||
| ) |
Encapsulation algorithm.
- Parameters
-
[in] context Pointer to the TLS context [in] keyShare Pointer to the client's key share [in] length Length of the client's key share, in bytes
- Returns
- Error code
Definition at line 498 of file tls13_misc.c.
◆ tls13FormatCertExtensions()
| error_t tls13FormatCertExtensions | ( | uint8_t * | p, |
| size_t * | written | ||
| ) |
Format certificate extensions.
- Parameters
-
[in] p Output stream where to write the list of extensions [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 1152 of file tls13_misc.c.
◆ tls13GenerateKeyShare()
| error_t tls13GenerateKeyShare | ( | TlsContext * | context, |
| uint16_t | namedGroup | ||
| ) |
Key share generation.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- Error code
Definition at line 260 of file tls13_misc.c.
◆ tls13GenerateSharedSecret()
| error_t tls13GenerateSharedSecret | ( | TlsContext * | context, |
| const uint8_t * | keyShare, | ||
| size_t | length | ||
| ) |
(EC)DHE shared secret generation
- Parameters
-
[in] context Pointer to the TLS context [in] keyShare Pointer to the peer's (EC)DHE parameters [in] length Length of the (EC)DHE parameters, in bytes
- Returns
- Error code
Definition at line 402 of file tls13_misc.c.
◆ tls13GetNextGenAlgo()
| const KemAlgo* tls13GetNextGenAlgo | ( | TlsContext * | context, |
| uint16_t | namedGroup | ||
| ) |
Get the next-gen algorithm used by the hybrid key exchange method.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Hybrid key exchange method
- Returns
- Next-gen algorithm
Definition at line 1047 of file tls13_misc.c.
◆ tls13GetTraditionalAlgo()
| const EcCurveInfo* tls13GetTraditionalAlgo | ( | TlsContext * | context, |
| uint16_t | namedGroup | ||
| ) |
Get the traditional algorithm used by the hybrid key exchange method.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Hybrid key exchange method
- Returns
- Traditional algorithm
Definition at line 984 of file tls13_misc.c.
◆ tls13IsEcdheGroupSupported()
| bool_t tls13IsEcdheGroupSupported | ( | TlsContext * | context, |
| uint16_t | namedGroup | ||
| ) |
Check whether a given ECDHE group is supported.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- TRUE is the ECDHE group is supported, else FALSE
Definition at line 885 of file tls13_misc.c.
◆ tls13IsFfdheGroupSupported()
| bool_t tls13IsFfdheGroupSupported | ( | TlsContext * | context, |
| uint16_t | namedGroup | ||
| ) |
Check whether a given FFDHE group is supported.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- TRUE is the FFDHE group is supported, else FALSE
Definition at line 845 of file tls13_misc.c.
◆ tls13IsGroupSupported()
| bool_t tls13IsGroupSupported | ( | TlsContext * | context, |
| uint16_t | namedGroup | ||
| ) |
Check whether a given named group is supported.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- TRUE is the named group is supported, else FALSE
Definition at line 808 of file tls13_misc.c.
◆ tls13IsHybridKeMethodSupported()
| bool_t tls13IsHybridKeMethodSupported | ( | TlsContext * | context, |
| uint16_t | namedGroup | ||
| ) |
Check whether a given hybrid key exchange method is supported.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- TRUE is the hybrid key exchange is supported, else FALSE
Definition at line 943 of file tls13_misc.c.
◆ tls13IsPskValid()
| bool_t tls13IsPskValid | ( | TlsContext * | context | ) |
Check whether an externally established PSK is valid.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- TRUE is the PSK is valid, else FALSE
Definition at line 770 of file tls13_misc.c.
◆ tls13ParseCertExtensions()
| error_t tls13ParseCertExtensions | ( | const uint8_t * | p, |
| size_t | length, | ||
| size_t * | consumed | ||
| ) |
Parse certificate extensions.
- Parameters
-
[in] p Input stream where to read the list of extensions [in] length Number of bytes available in the input stream [out] consumed Total number of bytes that have been consumed
- Returns
- Error code
Definition at line 1181 of file tls13_misc.c.
Variable Documentation
◆ __packed_struct
| typedef __packed_struct |
Cookie.
Session state information.
Session ticket.
KeyUpdate message.
NewSessionTicket message (TLS 1.3)
EncryptedExtensions message.
HelloRetryRequest message.
Digitally-signed element (TLS 1.3)
Certificate request context.
List of PSK binders.
PSK binder.
List of PSK identities.
PSK identity.
List of PSK key exchange modes.
List of key shares.
Key share entry.
Protocol version
Definition at line 179 of file tls13_misc.h.
◆ cipherSuite
| uint16_t cipherSuite |
Cipher suite identifier.
Definition at line 359 of file tls13_misc.h.
◆ data
| uint8_t data[] |
Definition at line 348 of file tls13_misc.h.
◆ extensions
| uint8_t extensions[] |
Definition at line 314 of file tls13_misc.h.
◆ keyExchange
| uint8_t keyExchange[] |
Definition at line 194 of file tls13_misc.h.
◆ length
| uint16_t length |
Definition at line 193 of file tls13_misc.h.
◆ random
| uint8_t random[32] |
Definition at line 294 of file tls13_misc.h.
◆ sessionId
| uint8_t sessionId[] |
Definition at line 296 of file tls13_misc.h.
◆ sessionIdLen
| uint8_t sessionIdLen |
Definition at line 295 of file tls13_misc.h.
◆ ticketAgeAdd
| uint32_t ticketAgeAdd |
Random value used to obscure the age of the ticket.
Definition at line 325 of file tls13_misc.h.
◆ ticketLifetime
| uint32_t ticketLifetime |
Lifetime of the ticket.
Definition at line 361 of file tls13_misc.h.
◆ ticketNonce
| uint8_t ticketNonce |
A per-ticket value that is unique across all tickets issued.
Definition at line 327 of file tls13_misc.h.
◆ ticketNonceLen
| uint8_t ticketNonceLen |
Definition at line 326 of file tls13_misc.h.
◆ ticketPsk
| uint8_t ticketPsk[TLS13_MAX_HKDF_DIGEST_SIZE] |
PSK associated with the ticket.
Definition at line 365 of file tls13_misc.h.
◆ ticketPskLen
| size_t ticketPskLen |
Length of the PSK associated with the ticket.
Definition at line 364 of file tls13_misc.h.
◆ ticketTimestamp
| systime_t ticketTimestamp |
Timestamp to manage ticket lifetime.
Definition at line 360 of file tls13_misc.h.
◆ tls11DowngradeRandom
|
extern |
Definition at line 53 of file tls13_misc.c.
◆ tls12DowngradeRandom
|
extern |
Definition at line 59 of file tls13_misc.c.
◆ Tls13CertRequestContext
| Tls13CertRequestContext |
Definition at line 272 of file tls13_misc.h.
◆ Tls13Cookie
| Tls13Cookie |
Definition at line 183 of file tls13_misc.h.
◆ Tls13DigitalSignature
| Tls13DigitalSignature |
Definition at line 284 of file tls13_misc.h.
◆ Tls13EncryptedExtensions
| Tls13EncryptedExtensions |
Definition at line 315 of file tls13_misc.h.
◆ Tls13HelloRetryRequest
| Tls13HelloRetryRequest |
Definition at line 297 of file tls13_misc.h.
◆ tls13HelloRetryRequestRandom
|
extern |
Definition at line 65 of file tls13_misc.c.
◆ Tls13KeyShareEntry
| Tls13KeyShareEntry |
Definition at line 195 of file tls13_misc.h.
◆ Tls13KeyShareList
| Tls13KeyShareList |
Definition at line 206 of file tls13_misc.h.
◆ Tls13KeyUpdate
| Tls13KeyUpdate |
Definition at line 338 of file tls13_misc.h.
◆ Tls13NewSessionTicket
| Tls13NewSessionTicket |
Definition at line 328 of file tls13_misc.h.
◆ Tls13PlaintextSessionState
| Tls13PlaintextSessionState |
Definition at line 366 of file tls13_misc.h.
◆ Tls13PskBinder
| Tls13PskBinder |
Definition at line 250 of file tls13_misc.h.
◆ Tls13PskBinderList
| Tls13PskBinderList |
Definition at line 261 of file tls13_misc.h.
◆ Tls13PskIdentity
| Tls13PskIdentity |
Definition at line 228 of file tls13_misc.h.
◆ Tls13PskIdentityList
| Tls13PskIdentityList |
Definition at line 239 of file tls13_misc.h.
◆ Tls13PskKeModeList
| Tls13PskKeModeList |
Definition at line 217 of file tls13_misc.h.
◆ Tls13Ticket
| Tls13Ticket |
Definition at line 349 of file tls13_misc.h.
◆ value
| uint8_t value[] |
Definition at line 182 of file tls13_misc.h.