TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / e885b7698062920884a4e6b85b08129d2ab8c334 / . / library / ssl_tls13_client.c
blob: d293629857ab67ca1c1d8ae4fe1fde86d3785af1 [file] [log] [blame]
Jerry Yu3cc4c2a2021-08-06 16:29:08 +0800[diff] [blame]1/*
2 * TLS 1.3 client-side functions
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 * This file is part of mbed TLS ( https://tls.mbed.org )
20 */
21
22#include "common.h"
23
24#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
25
26#if defined(MBEDTLS_SSL_CLI_C)
27
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]28#include <string.h>
29
Jerry Yu3cc4c2a2021-08-06 16:29:08 +0800[diff] [blame]30#include "ssl_misc.h"
Jerry Yua13c7e72021-08-17 10:44:40 +0800[diff] [blame]31#include <mbedtls/debug.h>
32
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]33#define CLIENT_HELLO_RAND_BYTES_LEN 32
34#define CLIENT_HELLO_VERSION_LEN 2
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]35/* Main entry point; orchestrates the other functions */
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]36static int ssl_client_hello_process( mbedtls_ssl_context *ssl );
Jerry Yu3cc4c2a2021-08-06 16:29:08 +0800[diff] [blame]37
Jerry Yub9930e72021-08-06 17:11:51 +0800[diff] [blame]38int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl )
39{
Jerry Yua13c7e72021-08-17 10:44:40 +0800[diff] [blame]40 int ret = 0;
41
42 if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL )
43 {
44 MBEDTLS_SSL_DEBUG_MSG( 2, ( "Handshake completed but ssl->handshake is NULL.\n" ) );
45 return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
46 }
47
48 MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) );
49
50 switch( ssl->state )
51 {
52 case MBEDTLS_SSL_HELLO_REQUEST:
53 mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO );
54 break;
55
56 case MBEDTLS_SSL_CLIENT_HELLO:
57 ret = ssl_client_hello_process( ssl );
58 break;
59
60 case MBEDTLS_SSL_SERVER_HELLO:
61 // Stop here : we haven't finished whole flow
Jerry Yue885b762021-08-26 17:32:34 +0800[diff] [blame^]62 ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
Jerry Yua13c7e72021-08-17 10:44:40 +0800[diff] [blame]63 mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS );
64 break;
65
66 default:
67 MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) );
68 return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
69 }
70
71 return( ret );
72}
73
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]74
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]75static int ssl_client_hello_prepare( mbedtls_ssl_context *ssl );
76static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl,
77 unsigned char *buf, size_t buflen,
Jerry Yuc7ddeec2021-08-26 16:23:47 +0800[diff] [blame]78 size_t *len_with_binders );
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]79static int ssl_client_hello_postprocess( mbedtls_ssl_context *ssl );
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]80
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]81static int ssl_client_hello_process( mbedtls_ssl_context *ssl )
Jerry Yua13c7e72021-08-17 10:44:40 +0800[diff] [blame]82{
83 int ret = 0;
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]84 unsigned char *buf;
85 size_t buf_len, msg_len;
Jerry Yua13c7e72021-08-17 10:44:40 +0800[diff] [blame]86
87 MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) );
88
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]89 MBEDTLS_SSL_PROC_CHK( ssl_client_hello_prepare, ( ssl ) );
90
Jerry Yue885b762021-08-26 17:32:34 +0800[diff] [blame^]91 MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_start_handshake_msg,
92 ( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO,
93 &buf, &buf_len ) );
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]94
Jerry Yue885b762021-08-26 17:32:34 +0800[diff] [blame^]95 MBEDTLS_SSL_PROC_CHK( ssl_client_hello_write_partial,
96 ( ssl, buf, buf_len, &msg_len ) );
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]97
98 mbedtls_ssl_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO,
99 msg_len );
Jerry Yuc7ddeec2021-08-26 16:23:47 +0800[diff] [blame]100 ssl->handshake->update_checksum( ssl, buf, 0 );
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]101
102 MBEDTLS_SSL_PROC_CHK( ssl_client_hello_postprocess, ( ssl ) );
Jerry Yue885b762021-08-26 17:32:34 +0800[diff] [blame^]103 MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg,
104 ( ssl, buf_len, msg_len ) );
Jerry Yua13c7e72021-08-17 10:44:40 +0800[diff] [blame]105
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]106cleanup:
107
Jerry Yua13c7e72021-08-17 10:44:40 +0800[diff] [blame]108 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) );
109 /* client_hello_process haven't finished */
110 ret=MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
111 return ret;
Jerry Yub9930e72021-08-06 17:11:51 +0800[diff] [blame]112}
Jerry Yu3cc4c2a2021-08-06 16:29:08 +0800[diff] [blame]113
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]114static int ssl_client_hello_prepare( mbedtls_ssl_context *ssl )
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]115{
Jerry Yuc8a392c2021-08-18 16:46:28 +0800[diff] [blame]116 int ret;
Jerry Yuc8a392c2021-08-18 16:46:28 +0800[diff] [blame]117
Jerry Yue885b762021-08-26 17:32:34 +0800[diff] [blame^]118 if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng,
119 ssl->handshake->randbytes,
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]120 CLIENT_HELLO_RAND_BYTES_LEN ) ) != 0 )
Jerry Yuc8a392c2021-08-18 16:46:28 +0800[diff] [blame]121 {
122 MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret );
123 return( ret );
124 }
125
126 return( 0 );
127}
128
129static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl )
130{
131 mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO );
132
133 return( 0 );
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]134}
135
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]136/* Write extensions */
137
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]138static int ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl,
139 unsigned char *buf,
140 unsigned char *end,
141 size_t *olen );
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]142
143#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
144
145static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl,
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]146 unsigned char *buf,
147 unsigned char *end,
148 size_t *olen );
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]149
150static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl,
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]151 unsigned char *buf,
152 unsigned char *end,
153 size_t *olen );
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]154
155#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
156
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]157static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl,
158 unsigned char *buf, size_t buflen,
Jerry Yuc7ddeec2021-08-26 16:23:47 +0800[diff] [blame]159 size_t *len_with_binders )
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]160{
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]161 /* Extensions */
162
163 /* extension_start
164 * Used during extension writing where the
165 * buffer pointer to the beginning of the
166 * extension list must be kept to write
167 * the total extension list size in the end.
168 */
Jerry Yu32cd5b12021-08-24 18:07:13 +0800[diff] [blame]169#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]170 int ret;
Jerry Yu32cd5b12021-08-24 18:07:13 +0800[diff] [blame]171#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]172 unsigned char* extension_start;
173 size_t cur_ext_len; /* Size of the current extension */
174 size_t total_ext_len; /* Size of list of extensions */
175
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]176 /* Buffer management */
177 unsigned char* start = buf;
178 unsigned char* end = buf + buflen;
179
180 /* Ciphersuite-related variables */
181 const int* ciphersuites;
182 const mbedtls_ssl_ciphersuite_t* ciphersuite_info;
Jerry Yue885b762021-08-26 17:32:34 +0800[diff] [blame^]183 /* ciphersuite_start points to the start of
184 the ciphersuite list, i.e. to the length field*/
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]185 unsigned char* ciphersuite_start;
186 size_t ciphersuite_count;
187
188 /* Keeping track of the included extensions */
189 ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE;
190
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]191 /* NOTE:
192 * Even for DTLS 1.3, we are writing a TLS handshake header here.
193 * The actual DTLS 1.3 handshake header is inserted in
194 * the record writing routine mbedtls_ssl_write_record().
195 *
196 * For cTLS the length, and the version field
197 * are elided. The random bytes are shorter.
198 */
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]199
200 if( ssl->conf->max_major_ver == 0 )
201 {
202 MBEDTLS_SSL_DEBUG_MSG( 1, ( "configured max major version is invalid, "
203 "consider using mbedtls_ssl_config_defaults()" ) );
204 return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
205 }
206
207 ssl->major_ver = ssl->conf->min_major_ver;
208 ssl->minor_ver = ssl->conf->min_minor_ver;
209
210 /* For TLS 1.3 we use the legacy version number {0x03, 0x03}
211 * instead of the true version number.
212 *
213 * For DTLS 1.3 we use the legacy version number
214 * {254,253}.
215 *
216 * In cTLS the version number is elided.
217 */
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]218 MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_VERSION_LEN);
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]219 *buf++ = 0x03;
220 *buf++ = 0x03;
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]221 buflen -= CLIENT_HELLO_VERSION_LEN;
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]222
223 /* Write random bytes */
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]224 MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RAND_BYTES_LEN);
225 memcpy( buf, ssl->handshake->randbytes, CLIENT_HELLO_RAND_BYTES_LEN );
Jerry Yue885b762021-08-26 17:32:34 +0800[diff] [blame^]226 MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes",
227 buf, CLIENT_HELLO_RAND_BYTES_LEN );
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]228
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]229 buf += CLIENT_HELLO_RAND_BYTES_LEN;
230 buflen -= CLIENT_HELLO_RAND_BYTES_LEN;
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]231
232 /* Versions of TLS before TLS 1.3 supported a
233 * "session resumption" feature which has been merged with pre-shared
234 * keys in this version. A client which has a
235 * cached session ID set by a pre-TLS 1.3 server SHOULD set this
236 * field to that value. In compatibility mode,
237 * this field MUST be non-empty, so a client not offering a
238 * pre-TLS 1.3 session MUST generate a new 32-byte value. This value
239 * need not be random but SHOULD be unpredictable to avoid
240 * implementations fixating on a specific value ( also known as
241 * ossification ). Otherwise, it MUST be set as a zero-length vector
242 * ( i.e., a zero-valued single byte length field ).
243 */
244 if( buflen < 1 )
245 {
246 MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) );
247 return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
248 }
249
250 *buf++ = 0; /* session id length set to zero */
251 buflen -= 1;
252
253 /*
254 * Ciphersuite list
255 *
256 * This is a list of the symmetric cipher options supported by
257 * the client, specifically the record protection algorithm
258 * ( including secret key length ) and a hash to be used with
259 * HKDF, in descending order of client preference.
260 */
261 ciphersuites = ssl->conf->ciphersuite_list;
262
263 if( buflen < 2 /* for ciphersuite list length */ )
264 {
265 MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) );
266 return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
267 }
268
269 /* Skip writing ciphersuite length for now */
270 ciphersuite_count = 0;
271 ciphersuite_start = buf;
272 buf += 2;
273 buflen -= 2;
274
Jerry Yue885b762021-08-26 17:32:34 +0800[diff] [blame^]275 for ( size_t i = 0; ciphersuites[i] != 0; i++ )
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]276 {
277 ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] );
278
279 if( ciphersuite_info == NULL )
280 continue;
281
282 if( ciphersuite_info->min_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ||
283 ciphersuite_info->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 )
284 continue;
285
286 MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s",
Jerry Yue885b762021-08-26 17:32:34 +0800[diff] [blame^]287 (unsigned int) ciphersuites[i],
288 ciphersuite_info->name ) );
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]289
290 ciphersuite_count++;
291
292 if( buflen < 2 /* for ciphersuite list length */ )
293 {
294 MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) );
295 return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
296 }
297
298 *buf++ = (unsigned char)( ciphersuites[i] >> 8 );
299 *buf++ = (unsigned char)( ciphersuites[i] );
300
301 buflen -= 2;
302
303 }
304
305 /* write ciphersuite length now */
306 *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 >> 8 );
307 *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 );
308
Jerry Yue885b762021-08-26 17:32:34 +0800[diff] [blame^]309 MBEDTLS_SSL_DEBUG_MSG( 3,
310 ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites",
311 ciphersuite_count ) );
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]312
313 /* For every TLS 1.3 ClientHello, this vector MUST contain exactly
314 * one byte set to zero, which corresponds to the 'null' compression
315 * method in prior versions of TLS.
316 *
317 * For cTLS this field is elided.
318 */
319 if( buflen < 2 /* for ciphersuite list length */ )
320 {
321 MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) );
322 return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
323 }
324
325 *buf++ = 1;
326 *buf++ = MBEDTLS_SSL_COMPRESS_NULL;
327
328 buflen -= 2;
329
330 /* First write extensions, then the total length */
331 extension_start = buf;
332 total_ext_len = 0;
333 buf += 2;
334
335 /* Supported Versions Extension is mandatory with TLS 1.3.
336 *
337 * For cTLS we only need to provide it if there is more than one version
338 * and currently there is only one.
339 */
340 ssl_write_supported_versions_ext( ssl, buf, end, &cur_ext_len );
341 total_ext_len += cur_ext_len;
342 buf += cur_ext_len;
343
344#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
345 /* The supported_groups and the key_share extensions are
346 * REQUIRED for ECDHE ciphersuites.
347 */
348 ret = ssl_write_supported_groups_ext( ssl, buf, end, &cur_ext_len );
349 if( ret != 0 )
350 return( ret );
351
352 total_ext_len += cur_ext_len;
353 buf += cur_ext_len;
354
355 /* The supported_signature_algorithms extension is REQUIRED for
356 * certificate authenticated ciphersuites. */
357 ret = mbedtls_ssl_write_signature_algorithms_ext( ssl, buf, end, &cur_ext_len );
358 if( ret != 0 )
359 return( ret );
360
361 total_ext_len += cur_ext_len;
362 buf += cur_ext_len;
363
364 /* We need to send the key shares under three conditions:
365 * 1 ) A certificate-based ciphersuite is being offered. In this case
366 * supported_groups and supported_signature extensions have been successfully added.
367 * 2 ) A PSK-based ciphersuite with ECDHE is offered. In this case the
368 * psk_key_exchange_modes has been added as the last extension.
369 * 3 ) Or, in case all ciphers are supported ( which includes #1 and #2 from above )
370 */
371
372 ret = ssl_write_key_shares_ext( ssl, buf, end, &cur_ext_len );
373 if( ret != 0 )
374 return( ret );
375
376 total_ext_len += cur_ext_len;
377 buf += cur_ext_len;
378#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
379
380 /* Add more extensions here */
381
382 MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET ,
383 total_ext_len ) );
384
385 MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extension_start, total_ext_len );
386
387 /* Write extension length */
388 *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF );
389 *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF );
390
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]391 *len_with_binders = ( extension_start + total_ext_len ) - start;
392 return( 0 );
393}
394
Jerry Yuef6b36b2021-08-24 16:29:02 +0800[diff] [blame]395/*
396 * ssl_write_supported_versions_ext():
397 *
398 * struct {
399 * ProtocolVersion versions<2..254>;
400 * } SupportedVersions;
401 */
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]402static int ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl,
403 unsigned char *buf,
404 unsigned char *end,
405 size_t *olen )
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]406{
Jerry Yuef6b36b2021-08-24 16:29:02 +0800[diff] [blame]407 unsigned char *p = buf;
408
409 *olen = 0;
410
411 MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported version extension" ) );
412
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]413 MBEDTLS_SSL_CHK_BUF_PTR( p, end, 7 );
Jerry Yuef6b36b2021-08-24 16:29:02 +0800[diff] [blame]414
415 *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF );
416 *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF );
417
418 /* total length */
419 *p++ = 0x00;
420 *p++ = 3;
421
422 /* length of next field */
423 *p++ = 0x2;
424
425 /* This implementation only supports a single TLS version, and only
426 * advertises a single value.
427 */
428 mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver,
429 ssl->conf->transport, p );
430
Jerry Yue885b762021-08-26 17:32:34 +0800[diff] [blame^]431 MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [%d:%d]",
432 ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) );
Jerry Yuef6b36b2021-08-24 16:29:02 +0800[diff] [blame]433
434 *olen = 7;
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]435
436 return( 0 );
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]437}
438
439#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
440
441static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl,
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]442 unsigned char *buf,
443 unsigned char *end,
444 size_t *olen )
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]445{
446 ((void) ssl);
447 ((void) buf);
448 ((void) end);
449 ((void) olen);
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]450 return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
451}
452
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]453static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl,
Jerry Yu6f13f642021-08-26 17:18:15 +0800[diff] [blame]454 unsigned char *buf,
455 unsigned char *end,
456 size_t *olen )
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]457{
458 ((void) ssl);
459 ((void) buf);
460 ((void) end);
461 ((void) olen);
462 return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
463}
Jerry Yuc8a392c2021-08-18 16:46:28 +0800[diff] [blame]464
Jerry Yubc20bdd2021-08-24 15:59:48 +0800[diff] [blame]465#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
Jerry Yu65dd2cc2021-08-18 16:38:40 +0800[diff] [blame]466
Jerry Yu3cc4c2a2021-08-06 16:29:08 +0800[diff] [blame]467#endif /* MBEDTLS_SSL_CLI_C */
468
469#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */