• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * This file is part of the openHiTLS project.
3  *
4  * openHiTLS is licensed under the Mulan PSL v2.
5  * You can use this software according to the terms and conditions of the Mulan PSL v2.
6  * You may obtain a copy of Mulan PSL v2 at:
7  *
8  *     http://license.coscl.org.cn/MulanPSL2
9  *
10  * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11  * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12  * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13  * See the Mulan PSL v2 for more details.
14  */
15 #include "hitls_build.h"
16 #if defined(HITLS_TLS_HOST_SERVER) && defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_UDP)
17 
18 #include "tls_binlog_id.h"
19 #include "bsl_log_internal.h"
20 #include "bsl_log.h"
21 #include "bsl_err_internal.h"
22 #include "hitls_error.h"
23 #include "tls.h"
24 #include "hs_ctx.h"
25 #include "hs_verify.h"
26 #include "hs_common.h"
27 #include "pack.h"
28 #include "send_process.h"
29 
DtlsServerSendHelloVerifyRequestProcess(TLS_Ctx * ctx)30 int32_t DtlsServerSendHelloVerifyRequestProcess(TLS_Ctx *ctx)
31 {
32     int32_t ret;
33     /** get the server infomation */
34     HS_Ctx *hsCtx = (HS_Ctx *)ctx->hsCtx;
35 
36     /** determine whether to assemble a message */
37     if (hsCtx->msgLen == 0) {
38         /* assemble message */
39         ret = HS_PackMsg(ctx, HELLO_VERIFY_REQUEST, hsCtx->msgBuf, hsCtx->bufferLen, &hsCtx->msgLen);
40         if (ret != HITLS_SUCCESS) {
41             BSL_LOG_BINLOG_FIXLEN(BINLOG_ID17333, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
42                 "server pack hello verify request msg fail.", 0, 0, 0, 0);
43             return ret;
44         }
45     }
46 
47     /** writing handshake message */
48     ret = HS_SendMsg(ctx);
49     if (ret != HITLS_SUCCESS) {
50         return ret;
51     }
52 
53     /* If HelloVerifyRequest is used, the initial ClientHello and
54        HelloVerifyRequest are not included in the calculation of the
55        handshake_messages (for the CertificateVerify message) and
56        verify_data (for the Finished message). */
57     ret = VERIFY_Init(hsCtx);
58     if (ret != HITLS_SUCCESS) {
59         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID17152, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
60             "VERIFY_Init fail", 0, 0, 0, 0);
61         return ret;
62     }
63 
64     BSL_LOG_BINLOG_FIXLEN(BINLOG_ID17334, BSL_LOG_LEVEL_INFO, BSL_LOG_BINLOG_TYPE_RUN,
65         "server send hello verify request msg success.", 0, 0, 0, 0);
66     /* The reason for clearing the retransmission queue is that
67        the HelloVerifyRequest message does not need to be retransmitted. */
68     REC_RetransmitListClean(ctx->recCtx);
69     return HS_ChangeState(ctx, TRY_RECV_CLIENT_HELLO);
70 }
71 #endif /* defined(HITLS_TLS_HOST_SERVER) && defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_UDP) */