@@ -24503,6 +24503,77 @@ int cipherExtraData(WOLFSSL* ssl)
2450324503
2450424504#ifndef WOLFSSL_NO_TLS12
2450524505
24506+ static int BuildMsgOrHashOutput(WOLFSSL* ssl, byte* output, int* sendSz,
24507+ int inputSz, enum HandShakeType type,
24508+ const char *name)
24509+ {
24510+ int ret = 0;
24511+ if (IsEncryptionOn(ssl, 1)) {
24512+ byte* input;
24513+ int recordHeaderSz = RECORD_HEADER_SZ;
24514+
24515+ if (ssl->options.dtls)
24516+ recordHeaderSz += DTLS_RECORD_EXTRA;
24517+ inputSz -= recordHeaderSz;
24518+ if (inputSz <= 0) {
24519+ WOLFSSL_MSG("Bad inputSz");
24520+ return BUFFER_E;
24521+ }
24522+ input = (byte*)XMALLOC((size_t)inputSz, ssl->heap,
24523+ DYNAMIC_TYPE_IN_BUFFER);
24524+ if (input == NULL)
24525+ return MEMORY_E;
24526+
24527+ XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
24528+ #ifdef WOLFSSL_DTLS
24529+ if (IsDtlsNotSctpMode(ssl) &&
24530+ (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz,
24531+ type)) != 0) {
24532+ XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
24533+ return ret;
24534+ }
24535+ #else
24536+ (void)type;
24537+ #endif
24538+ *sendSz = BuildMessage(ssl, output, *sendSz, input, inputSz,
24539+ handshake, 1, 0, 0, CUR_ORDER);
24540+ XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
24541+
24542+ if (*sendSz < 0)
24543+ return *sendSz;
24544+ } else {
24545+ if (type == certificate_request)
24546+ *sendSz = inputSz;
24547+ #ifdef WOLFSSL_DTLS
24548+ if (IsDtlsNotSctpMode(ssl)) {
24549+ ret = DtlsMsgPoolSave(ssl, output, (word32)*sendSz, type);
24550+ if (ret != 0)
24551+ return ret;
24552+ }
24553+ if (ssl->options.dtls)
24554+ DtlsSEQIncrement(ssl, CUR_ORDER);
24555+ #endif
24556+ ret = HashOutput(ssl, output, *sendSz, 0);
24557+ if (ret != 0)
24558+ return ret;
24559+ }
24560+ #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
24561+ if (ssl->hsInfoOn)
24562+ AddPacketName(ssl, name);
24563+ if (ssl->toInfoOn) {
24564+ ret = AddPacketInfo(ssl, name, handshake, output,
24565+ *sendSz, WRITE_PROTO, 0, ssl->heap);
24566+ if (ret != 0)
24567+ return ret;
24568+ }
24569+ #else
24570+ (void)name;
24571+ #endif
24572+ ssl->buffers.outputBuffer.length += (word32)*sendSz;
24573+ ssl->options.buildingMsg = 0;
24574+ return 0;
24575+ }
24576+
2450624577#ifndef NO_CERTS
2450724578
2450824579#if (!defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)) && \
@@ -24821,6 +24892,7 @@ int SendCertificate(WOLFSSL* ssl)
2482124892}
2482224893#endif /* !NO_TLS && (!NO_WOLFSSL_SERVER || !WOLFSSL_NO_CLIENT_AUTH) */
2482324894
24895+
2482424896#if !defined(NO_TLS)
2482524897/* handle generation of certificate_request (13) */
2482624898int SendCertificateRequest(WOLFSSL* ssl)
@@ -24954,75 +25026,16 @@ int SendCertificateRequest(WOLFSSL* ssl)
2495425026 names = names->next;
2495525027 }
2495625028#endif
24957- (void)i;
24958-
24959- if (IsEncryptionOn(ssl, 1)) {
24960- byte* input = NULL;
24961- int inputSz = (int)i; /* build msg adds rec hdr */
24962- int recordHeaderSz = RECORD_HEADER_SZ;
24963-
24964- if (ssl->options.dtls)
24965- recordHeaderSz += DTLS_RECORD_EXTRA;
24966- inputSz -= recordHeaderSz;
24967-
24968- if (inputSz <= 0) {
24969- WOLFSSL_MSG("Send Cert Req bad inputSz");
24970- return BUFFER_E;
24971- }
24972-
24973- input = (byte*)XMALLOC((size_t)inputSz, ssl->heap,
24974- DYNAMIC_TYPE_IN_BUFFER);
24975- if (input == NULL)
24976- return MEMORY_E;
24977-
24978- XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
24979- #ifdef WOLFSSL_DTLS
24980- if (IsDtlsNotSctpMode(ssl) &&
24981- (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz,
24982- certificate_request)) != 0) {
24983- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
24984- return ret;
24985- }
24986- #endif
24987- sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
24988- handshake, 1, 0, 0, CUR_ORDER);
24989- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
24990-
24991- if (sendSz < 0)
24992- return sendSz;
24993- } else {
24994- sendSz = (int)i;
24995- #ifdef WOLFSSL_DTLS
24996- if (IsDtlsNotSctpMode(ssl)) {
24997- if ((ret = DtlsMsgPoolSave(ssl, output, (word32)sendSz,
24998- certificate_request)) != 0)
24999- return ret;
25000- }
25001- if (ssl->options.dtls)
25002- DtlsSEQIncrement(ssl, CUR_ORDER);
25003- #endif
25004- ret = HashOutput(ssl, output, sendSz, 0);
25005- if (ret != 0)
25006- return ret;
25007- }
25029+ ret = BuildMsgOrHashOutput(ssl, output, &sendSz, i, certificate_request,
25030+ "CertificateRequest");
25031+ if (ret != 0)
25032+ return ret;
2500825033
25009- #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
25010- if (ssl->hsInfoOn)
25011- AddPacketName(ssl, "CertificateRequest");
25012- if (ssl->toInfoOn) {
25013- ret = AddPacketInfo(ssl, "CertificateRequest", handshake, output,
25014- sendSz, WRITE_PROTO, 0, ssl->heap);
25015- if (ret != 0)
25016- return ret;
25017- }
25018- #endif
25019- ssl->buffers.outputBuffer.length += (word32)sendSz;
2502025034 if (ssl->options.groupMessages)
2502125035 ret = 0;
2502225036 else
2502325037 ret = SendBuffered(ssl);
2502425038
25025- ssl->options.buildingMsg = 0;
2502625039
2502725040 WOLFSSL_LEAVE("SendCertificateRequest", ret);
2502825041 WOLFSSL_END(WC_FUNC_CERTIFICATE_REQUEST_SEND);
@@ -31007,47 +31020,10 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
3100731020 }
3100831021#endif /* HAVE_TLS_EXTENSIONS */
3100931022
31010- if (IsEncryptionOn(ssl, 1)) {
31011- byte* input;
31012- int inputSz = (int)idx; /* build msg adds rec hdr */
31013- int recordHeaderSz = RECORD_HEADER_SZ;
31014-
31015- if (ssl->options.dtls)
31016- recordHeaderSz += DTLS_RECORD_EXTRA;
31017- inputSz -= recordHeaderSz;
31018- input = (byte*)XMALLOC((size_t)inputSz, ssl->heap,
31019- DYNAMIC_TYPE_IN_BUFFER);
31020- if (input == NULL)
31021- return MEMORY_E;
31022-
31023- XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
31024- #ifdef WOLFSSL_DTLS
31025- if (IsDtlsNotSctpMode(ssl) &&
31026- (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz,
31027- client_hello)) != 0) {
31028- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
31029- return ret;
31030- }
31031- #endif
31032- sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
31033- handshake, 1, 0, 0, CUR_ORDER);
31034- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
31035-
31036- if (sendSz < 0)
31037- return sendSz;
31038- } else {
31039- #ifdef WOLFSSL_DTLS
31040- if (IsDtlsNotSctpMode(ssl)) {
31041- if ((ret = DtlsMsgPoolSave(ssl, output, (word32)sendSz, client_hello)) != 0)
31042- return ret;
31043- }
31044- if (ssl->options.dtls)
31045- DtlsSEQIncrement(ssl, CUR_ORDER);
31046- #endif
31047- ret = HashOutput(ssl, output, sendSz, 0);
31048- if (ret != 0)
31049- return ret;
31050- }
31023+ ret = BuildMsgOrHashOutput(ssl, output, &sendSz, idx, client_hello,
31024+ "ClientHello");
31025+ if (ret != 0)
31026+ return ret;
3105131027
3105231028 ssl->options.clientState = CLIENT_HELLO_COMPLETE;
3105331029#ifdef OPENSSL_EXTRA
@@ -31056,20 +31032,6 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
3105631032 ssl->CBIS(ssl, WOLFSSL_CB_CONNECT_LOOP, WOLFSSL_SUCCESS);
3105731033#endif
3105831034
31059- #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
31060- if (ssl->hsInfoOn) AddPacketName(ssl, "ClientHello");
31061- if (ssl->toInfoOn) {
31062- ret = AddPacketInfo(ssl, "ClientHello", handshake, output, sendSz,
31063- WRITE_PROTO, 0, ssl->heap);
31064- if (ret != 0)
31065- return ret;
31066- }
31067- #endif
31068-
31069- ssl->options.buildingMsg = 0;
31070-
31071- ssl->buffers.outputBuffer.length += (word32)sendSz;
31072-
3107331035 ret = SendBuffered(ssl);
3107431036
3107531037 WOLFSSL_LEAVE("SendClientHello", ret);
@@ -35538,61 +35500,12 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
3553835500#endif
3553935501#endif
3554035502
35541- if (IsEncryptionOn(ssl, 1)) {
35542- byte* input;
35543- int inputSz = (int)idx; /* build msg adds rec hdr */
35544- int recordHeaderSz = RECORD_HEADER_SZ;
35545-
35546- if (ssl->options.dtls)
35547- recordHeaderSz += DTLS_RECORD_EXTRA;
35548- inputSz -= recordHeaderSz;
35549- input = (byte*)XMALLOC((size_t)inputSz, ssl->heap,
35550- DYNAMIC_TYPE_IN_BUFFER);
35551- if (input == NULL)
35552- return MEMORY_E;
35553-
35554- XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
35555- #ifdef WOLFSSL_DTLS
35556- if (IsDtlsNotSctpMode(ssl) &&
35557- (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, server_hello)) != 0) {
35558- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
35559- return ret;
35560- }
35561- #endif
35562- sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
35563- handshake, 1, 0, 0, CUR_ORDER);
35564- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
35565-
35566- if (sendSz < 0)
35567- return sendSz;
35568- } else {
35569- #ifdef WOLFSSL_DTLS
35570- if (IsDtlsNotSctpMode(ssl)) {
35571- if ((ret = DtlsMsgPoolSave(ssl, output, (word32)sendSz, server_hello)) != 0)
35572- return ret;
35573- }
35574- if (ssl->options.dtls)
35575- DtlsSEQIncrement(ssl, CUR_ORDER);
35576- #endif
35577- ret = HashOutput(ssl, output, sendSz, 0);
35578- if (ret != 0)
35579- return ret;
35580- }
35581-
35582- #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
35583- if (ssl->hsInfoOn)
35584- AddPacketName(ssl, "ServerHello");
35585- if (ssl->toInfoOn) {
35586- ret = AddPacketInfo(ssl, "ServerHello", handshake, output, sendSz,
35587- WRITE_PROTO, 0, ssl->heap);
35588- if (ret != 0)
35589- return ret;
35590- }
35591- #endif
35503+ ret = BuildMsgOrHashOutput(ssl, output, &sendSz, idx, server_hello,
35504+ "ServerHello");
35505+ if (ret != 0)
35506+ return ret;
3559235507
3559335508 ssl->options.serverState = SERVER_HELLO_COMPLETE;
35594- ssl->options.buildingMsg = 0;
35595- ssl->buffers.outputBuffer.length += (word32)sendSz;
3559635509
3559735510 if (ssl->options.groupMessages)
3559835511 ret = 0;
@@ -39081,64 +38994,15 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
3908138994 /* get output buffer */
3908238995 output = GetOutputBuffer(ssl);
3908338996 AddHeaders(output, 0, server_hello_done, ssl);
38997+ ret = BuildMsgOrHashOutput(ssl, output, &sendSz,
38998+ HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ +
38999+ (ssl->options.dtls ?
39000+ DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA : 0),
39001+ server_hello_done, "ServerHelloDone");
39002+ if (ret != 0)
39003+ return ret;
3908439004
39085- if (IsEncryptionOn(ssl, 1)) {
39086- byte* input;
39087- int inputSz = HANDSHAKE_HEADER_SZ; /* build msg adds rec hdr */
39088- int recordHeaderSz = RECORD_HEADER_SZ;
39089-
39090- if (ssl->options.dtls) {
39091- recordHeaderSz += DTLS_RECORD_EXTRA;
39092- inputSz += DTLS_HANDSHAKE_EXTRA;
39093- }
39094-
39095- input = (byte*)XMALLOC((size_t)inputSz, ssl->heap,
39096- DYNAMIC_TYPE_IN_BUFFER);
39097- if (input == NULL)
39098- return MEMORY_E;
39099-
39100- XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
39101- #ifdef WOLFSSL_DTLS
39102- if (IsDtlsNotSctpMode(ssl) &&
39103- (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, server_hello_done)) != 0) {
39104- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
39105- return ret;
39106- }
39107- #endif
39108- sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
39109- handshake, 1, 0, 0, CUR_ORDER);
39110- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
39111-
39112- if (sendSz < 0)
39113- return sendSz;
39114- } else {
39115- #ifdef WOLFSSL_DTLS
39116- if (IsDtlsNotSctpMode(ssl)) {
39117- if ((ret = DtlsMsgPoolSave(ssl, output, (word32)sendSz, server_hello_done)) != 0)
39118- return ret;
39119- }
39120- if (ssl->options.dtls)
39121- DtlsSEQIncrement(ssl, CUR_ORDER);
39122- #endif
39123- ret = HashOutput(ssl, output, sendSz, 0);
39124- if (ret != 0)
39125- return ret;
39126- }
39127-
39128- #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
39129- if (ssl->hsInfoOn)
39130- AddPacketName(ssl, "ServerHelloDone");
39131- if (ssl->toInfoOn) {
39132- ret = AddPacketInfo(ssl, "ServerHelloDone", handshake, output,
39133- sendSz, WRITE_PROTO, 0, ssl->heap);
39134- if (ret != 0)
39135- return ret;
39136- }
39137- #endif
3913839005 ssl->options.serverState = SERVER_HELLODONE_COMPLETE;
39139- ssl->options.buildingMsg = 0;
39140-
39141- ssl->buffers.outputBuffer.length += (word32)sendSz;
3914239006
3914339007 ret = SendBuffered(ssl);
3914439008
0 commit comments