• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * This file is part of the openHiTLS project.
3  *
4  * openHiTLS is licensed under the Mulan PSL v2.
5  * You can use this software according to the terms and conditions of the Mulan PSL v2.
6  * You may obtain a copy of Mulan PSL v2 at:
7  *
8  *     http://license.coscl.org.cn/MulanPSL2
9  *
10  * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11  * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12  * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13  * See the Mulan PSL v2 for more details.
14  */
15 #include "hitls_build.h"
16 #ifdef HITLS_TLS_HOST_CLIENT
17 #if defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12)
18 #include <stdint.h>
19 #include "tls_binlog_id.h"
20 #include "bsl_log_internal.h"
21 #include "bsl_log.h"
22 #include "bsl_err_internal.h"
23 #include "hitls_error.h"
24 #include "tls.h"
25 #include "hs_ctx.h"
26 #include "hs_common.h"
27 #include "hs_msg.h"
28 #include "hs_kx.h"
29 
ClientRecvServerKxProcess(TLS_Ctx * ctx,HS_Msg * msg)30 int32_t ClientRecvServerKxProcess(TLS_Ctx *ctx, HS_Msg *msg)
31 {
32     int32_t ret;
33     /** get the client infomation */
34     HS_Ctx *hsCtx = (HS_Ctx *)ctx->hsCtx;
35     ServerKeyExchangeMsg *serverKxMsg = &msg->body.serverKeyExchange;
36     (void)serverKxMsg;
37 #ifdef HITLS_TLS_FEATURE_PSK
38     if (IsPskNegotiation(ctx)) {
39         ret = HS_ProcessServerKxMsgIdentityHint(ctx, serverKxMsg);
40         if (ret != HITLS_SUCCESS) {
41             // log here
42             return ret;
43         }
44     }
45 #endif /* HITLS_TLS_FEATURE_PSK */
46     /* process key exchange message from the server */
47     switch (hsCtx->kxCtx->keyExchAlgo) {
48 #ifdef HITLS_TLS_SUITE_KX_ECDHE
49         case HITLS_KEY_EXCH_ECDHE: // include TLCP
50         case HITLS_KEY_EXCH_ECDHE_PSK:
51             ret = HS_ProcessServerKxMsgEcdhe(ctx, serverKxMsg);
52             break;
53 #endif /* HITLS_TLS_SUITE_KX_ECDHE */
54 #ifdef HITLS_TLS_SUITE_KX_DHE
55         case HITLS_KEY_EXCH_DHE:
56         case HITLS_KEY_EXCH_DHE_PSK:
57             ret = HS_ProcessServerKxMsgDhe(ctx, serverKxMsg);
58             break;
59 #endif /* HITLS_TLS_SUITE_KX_DHE */
60         case HITLS_KEY_EXCH_PSK:
61         case HITLS_KEY_EXCH_RSA_PSK:
62 #ifdef HITLS_TLS_PROTO_TLCP11
63         case HITLS_KEY_EXCH_ECC: // signature is verified at parse time
64 #endif
65             ret = HITLS_SUCCESS;
66             break;
67         default:
68             ret = HITLS_MSG_HANDLE_UNSUPPORT_KX_ALG;
69             ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_INTERNAL_ERROR);
70             break;
71     }
72     if (ret != HITLS_SUCCESS) {
73         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15857, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
74             "client process server key exchange msg fail.", 0, 0, 0, 0);
75         return ret;
76     }
77 
78     /* update the state machine */
79     return HS_ChangeState(ctx, TRY_RECV_CERTIFICATE_REQUEST);
80 }
81 #endif /* HITLS_TLS_PROTO_TLS_BASIC || HITLS_TLS_PROTO_DTLS12 */
82 #endif /* HITLS_TLS_HOST_CLIENT */