diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-09-14 10:22:36 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-02-19 15:29:34 +0100 |
commit | 2f4cd8b95661ad5ad761bb03fcb7a4fba6d2289c (patch) | |
tree | d8ca5576919a4606f2d227d6a990e1a5e2c548f2 /lib/handshake-tls13.c | |
parent | 5a8eb0c3fe660c1db8497c58fb5cae22829bc5dd (diff) | |
download | gnutls-2f4cd8b95661ad5ad761bb03fcb7a4fba6d2289c.tar.gz |
handshake: added basic support for TLS 1.3 handshake in client side
That does not include support for client certificates as it
requires extension handling improvements in order for extensions
to be context sensitive (now they cannot distinguish whether the
parsing routine is called during client hello or certificate request
reading)
This does not include proper parsing of extensions present in
the certificate message.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/handshake-tls13.c')
-rw-r--r-- | lib/handshake-tls13.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/lib/handshake-tls13.c b/lib/handshake-tls13.c index 5950c06d96..9502f1d69d 100644 --- a/lib/handshake-tls13.c +++ b/lib/handshake-tls13.c @@ -48,6 +48,10 @@ #include <dtls.h> #include "secrets.h" #include "tls13/encrypted_extensions.h" +#include "tls13/certificate_request.h" +#include "tls13/certificate_verify.h" +#include "tls13/certificate.h" +#include "tls13/finished.h" static int generate_hs_traffic_keys(gnutls_session_t session); @@ -72,17 +76,17 @@ int _gnutls13_handshake_client(gnutls_session_t session) IMED_RET("recv encrypted extensions", ret, 0); /* fall through */ case STATE102: - abort(); + ret = _gnutls13_recv_certificate_request(session); STATE = STATE102; IMED_RET("recv certificate request", ret, 0); /* fall through */ case STATE103: - abort(); + ret = _gnutls13_recv_certificate(session); STATE = STATE103; IMED_RET("recv certificate", ret, 0); /* fall through */ case STATE104: - abort(); + ret = _gnutls13_recv_certificate_verify(session); STATE = STATE104; IMED_RET("recv server certificate verify", ret, 0); /* fall through */ @@ -93,22 +97,22 @@ int _gnutls13_handshake_client(gnutls_session_t session) return gnutls_assert_val(ret); FALLTHROUGH; case STATE106: - abort(); + ret = _gnutls13_recv_finished(session); STATE = STATE106; IMED_RET("recv finished", ret, 0); /* fall through */ case STATE107: - abort(); + ret = _gnutls13_send_certificate(session); STATE = STATE107; IMED_RET("send certificate", ret, 0); /* fall through */ case STATE108: - abort(); + ret = _gnutls13_send_certificate_verify(session); STATE = STATE108; IMED_RET("send certificate verify", ret, 0); /* fall through */ case STATE109: - abort(); + ret = _gnutls13_send_finished(session, AGAIN(STATE109)); STATE = STATE109; IMED_RET("send finished", ret, 0); |