@@ -24557,6 +24557,77 @@ int cipherExtraData(WOLFSSL* ssl)
2455724557
2455824558#ifndef WOLFSSL_NO_TLS12
2455924559
24560+ static int BuildMsgOrHashOutput(WOLFSSL* ssl, byte* output, int* sendSz,
24561+ int inputSz, enum HandShakeType type,
24562+ const char *name)
24563+ {
24564+ int ret = 0;
24565+ if (IsEncryptionOn(ssl, 1)) {
24566+ byte* input;
24567+ int recordHeaderSz = RECORD_HEADER_SZ;
24568+
24569+ if (ssl->options.dtls)
24570+ recordHeaderSz += DTLS_RECORD_EXTRA;
24571+ inputSz -= recordHeaderSz;
24572+ if (inputSz <= 0) {
24573+ WOLFSSL_MSG("Bad inputSz");
24574+ return BUFFER_E;
24575+ }
24576+ input = (byte*)XMALLOC((size_t)inputSz, ssl->heap,
24577+ DYNAMIC_TYPE_IN_BUFFER);
24578+ if (input == NULL)
24579+ return MEMORY_E;
24580+
24581+ XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
24582+ #ifdef WOLFSSL_DTLS
24583+ if (IsDtlsNotSctpMode(ssl) &&
24584+ (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz,
24585+ type)) != 0) {
24586+ XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
24587+ return ret;
24588+ }
24589+ #else
24590+ (void)type;
24591+ #endif
24592+ *sendSz = BuildMessage(ssl, output, *sendSz, input, inputSz,
24593+ handshake, 1, 0, 0, CUR_ORDER);
24594+ XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
24595+
24596+ if (*sendSz < 0)
24597+ return *sendSz;
24598+ } else {
24599+ if (type == certificate_request)
24600+ *sendSz = inputSz;
24601+ #ifdef WOLFSSL_DTLS
24602+ if (IsDtlsNotSctpMode(ssl)) {
24603+ ret = DtlsMsgPoolSave(ssl, output, (word32)*sendSz, type);
24604+ if (ret != 0)
24605+ return ret;
24606+ }
24607+ if (ssl->options.dtls)
24608+ DtlsSEQIncrement(ssl, CUR_ORDER);
24609+ #endif
24610+ ret = HashOutput(ssl, output, *sendSz, 0);
24611+ if (ret != 0)
24612+ return ret;
24613+ }
24614+ #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
24615+ if (ssl->hsInfoOn)
24616+ AddPacketName(ssl, name);
24617+ if (ssl->toInfoOn) {
24618+ ret = AddPacketInfo(ssl, name, handshake, output,
24619+ *sendSz, WRITE_PROTO, 0, ssl->heap);
24620+ if (ret != 0)
24621+ return ret;
24622+ }
24623+ #else
24624+ (void)name;
24625+ #endif
24626+ ssl->buffers.outputBuffer.length += (word32)*sendSz;
24627+ ssl->options.buildingMsg = 0;
24628+ return 0;
24629+ }
24630+
2456024631#ifndef NO_CERTS
2456124632
2456224633#if (!defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)) && \
@@ -24875,6 +24946,7 @@ int SendCertificate(WOLFSSL* ssl)
2487524946}
2487624947#endif /* !NO_TLS && (!NO_WOLFSSL_SERVER || !WOLFSSL_NO_CLIENT_AUTH) */
2487724948
24949+
2487824950#if !defined(NO_TLS)
2487924951/* handle generation of certificate_request (13) */
2488024952int SendCertificateRequest(WOLFSSL* ssl)
@@ -25008,75 +25080,16 @@ int SendCertificateRequest(WOLFSSL* ssl)
2500825080 names = names->next;
2500925081 }
2501025082#endif
25011- (void)i;
25012-
25013- if (IsEncryptionOn(ssl, 1)) {
25014- byte* input = NULL;
25015- int inputSz = (int)i; /* build msg adds rec hdr */
25016- int recordHeaderSz = RECORD_HEADER_SZ;
25017-
25018- if (ssl->options.dtls)
25019- recordHeaderSz += DTLS_RECORD_EXTRA;
25020- inputSz -= recordHeaderSz;
25021-
25022- if (inputSz <= 0) {
25023- WOLFSSL_MSG("Send Cert Req bad inputSz");
25024- return BUFFER_E;
25025- }
25026-
25027- input = (byte*)XMALLOC((size_t)inputSz, ssl->heap,
25028- DYNAMIC_TYPE_IN_BUFFER);
25029- if (input == NULL)
25030- return MEMORY_E;
25031-
25032- XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
25033- #ifdef WOLFSSL_DTLS
25034- if (IsDtlsNotSctpMode(ssl) &&
25035- (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz,
25036- certificate_request)) != 0) {
25037- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
25038- return ret;
25039- }
25040- #endif
25041- sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
25042- handshake, 1, 0, 0, CUR_ORDER);
25043- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
25044-
25045- if (sendSz < 0)
25046- return sendSz;
25047- } else {
25048- sendSz = (int)i;
25049- #ifdef WOLFSSL_DTLS
25050- if (IsDtlsNotSctpMode(ssl)) {
25051- if ((ret = DtlsMsgPoolSave(ssl, output, (word32)sendSz,
25052- certificate_request)) != 0)
25053- return ret;
25054- }
25055- if (ssl->options.dtls)
25056- DtlsSEQIncrement(ssl, CUR_ORDER);
25057- #endif
25058- ret = HashOutput(ssl, output, sendSz, 0);
25059- if (ret != 0)
25060- return ret;
25061- }
25083+ ret = BuildMsgOrHashOutput(ssl, output, &sendSz, i, certificate_request,
25084+ "CertificateRequest");
25085+ if (ret != 0)
25086+ return ret;
2506225087
25063- #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
25064- if (ssl->hsInfoOn)
25065- AddPacketName(ssl, "CertificateRequest");
25066- if (ssl->toInfoOn) {
25067- ret = AddPacketInfo(ssl, "CertificateRequest", handshake, output,
25068- sendSz, WRITE_PROTO, 0, ssl->heap);
25069- if (ret != 0)
25070- return ret;
25071- }
25072- #endif
25073- ssl->buffers.outputBuffer.length += (word32)sendSz;
2507425088 if (ssl->options.groupMessages)
2507525089 ret = 0;
2507625090 else
2507725091 ret = SendBuffered(ssl);
2507825092
25079- ssl->options.buildingMsg = 0;
2508025093
2508125094 WOLFSSL_LEAVE("SendCertificateRequest", ret);
2508225095 WOLFSSL_END(WC_FUNC_CERTIFICATE_REQUEST_SEND);
@@ -31063,47 +31076,10 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
3106331076 }
3106431077#endif /* HAVE_TLS_EXTENSIONS */
3106531078
31066- if (IsEncryptionOn(ssl, 1)) {
31067- byte* input;
31068- int inputSz = (int)idx; /* build msg adds rec hdr */
31069- int recordHeaderSz = RECORD_HEADER_SZ;
31070-
31071- if (ssl->options.dtls)
31072- recordHeaderSz += DTLS_RECORD_EXTRA;
31073- inputSz -= recordHeaderSz;
31074- input = (byte*)XMALLOC((size_t)inputSz, ssl->heap,
31075- DYNAMIC_TYPE_IN_BUFFER);
31076- if (input == NULL)
31077- return MEMORY_E;
31078-
31079- XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
31080- #ifdef WOLFSSL_DTLS
31081- if (IsDtlsNotSctpMode(ssl) &&
31082- (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz,
31083- client_hello)) != 0) {
31084- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
31085- return ret;
31086- }
31087- #endif
31088- sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
31089- handshake, 1, 0, 0, CUR_ORDER);
31090- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
31091-
31092- if (sendSz < 0)
31093- return sendSz;
31094- } else {
31095- #ifdef WOLFSSL_DTLS
31096- if (IsDtlsNotSctpMode(ssl)) {
31097- if ((ret = DtlsMsgPoolSave(ssl, output, (word32)sendSz, client_hello)) != 0)
31098- return ret;
31099- }
31100- if (ssl->options.dtls)
31101- DtlsSEQIncrement(ssl, CUR_ORDER);
31102- #endif
31103- ret = HashOutput(ssl, output, sendSz, 0);
31104- if (ret != 0)
31105- return ret;
31106- }
31079+ ret = BuildMsgOrHashOutput(ssl, output, &sendSz, idx, client_hello,
31080+ "ClientHello");
31081+ if (ret != 0)
31082+ return ret;
3110731083
3110831084 ssl->options.clientState = CLIENT_HELLO_COMPLETE;
3110931085#ifdef OPENSSL_EXTRA
@@ -31112,20 +31088,6 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
3111231088 ssl->CBIS(ssl, WOLFSSL_CB_CONNECT_LOOP, WOLFSSL_SUCCESS);
3111331089#endif
3111431090
31115- #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
31116- if (ssl->hsInfoOn) AddPacketName(ssl, "ClientHello");
31117- if (ssl->toInfoOn) {
31118- ret = AddPacketInfo(ssl, "ClientHello", handshake, output, sendSz,
31119- WRITE_PROTO, 0, ssl->heap);
31120- if (ret != 0)
31121- return ret;
31122- }
31123- #endif
31124-
31125- ssl->options.buildingMsg = 0;
31126-
31127- ssl->buffers.outputBuffer.length += (word32)sendSz;
31128-
3112931091 ret = SendBuffered(ssl);
3113031092
3113131093 WOLFSSL_LEAVE("SendClientHello", ret);
@@ -35599,61 +35561,12 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
3559935561#endif
3560035562#endif
3560135563
35602- if (IsEncryptionOn(ssl, 1)) {
35603- byte* input;
35604- int inputSz = (int)idx; /* build msg adds rec hdr */
35605- int recordHeaderSz = RECORD_HEADER_SZ;
35606-
35607- if (ssl->options.dtls)
35608- recordHeaderSz += DTLS_RECORD_EXTRA;
35609- inputSz -= recordHeaderSz;
35610- input = (byte*)XMALLOC((size_t)inputSz, ssl->heap,
35611- DYNAMIC_TYPE_IN_BUFFER);
35612- if (input == NULL)
35613- return MEMORY_E;
35614-
35615- XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
35616- #ifdef WOLFSSL_DTLS
35617- if (IsDtlsNotSctpMode(ssl) &&
35618- (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, server_hello)) != 0) {
35619- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
35620- return ret;
35621- }
35622- #endif
35623- sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
35624- handshake, 1, 0, 0, CUR_ORDER);
35625- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
35626-
35627- if (sendSz < 0)
35628- return sendSz;
35629- } else {
35630- #ifdef WOLFSSL_DTLS
35631- if (IsDtlsNotSctpMode(ssl)) {
35632- if ((ret = DtlsMsgPoolSave(ssl, output, (word32)sendSz, server_hello)) != 0)
35633- return ret;
35634- }
35635- if (ssl->options.dtls)
35636- DtlsSEQIncrement(ssl, CUR_ORDER);
35637- #endif
35638- ret = HashOutput(ssl, output, sendSz, 0);
35639- if (ret != 0)
35640- return ret;
35641- }
35642-
35643- #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
35644- if (ssl->hsInfoOn)
35645- AddPacketName(ssl, "ServerHello");
35646- if (ssl->toInfoOn) {
35647- ret = AddPacketInfo(ssl, "ServerHello", handshake, output, sendSz,
35648- WRITE_PROTO, 0, ssl->heap);
35649- if (ret != 0)
35650- return ret;
35651- }
35652- #endif
35564+ ret = BuildMsgOrHashOutput(ssl, output, &sendSz, idx, server_hello,
35565+ "ServerHello");
35566+ if (ret != 0)
35567+ return ret;
3565335568
3565435569 ssl->options.serverState = SERVER_HELLO_COMPLETE;
35655- ssl->options.buildingMsg = 0;
35656- ssl->buffers.outputBuffer.length += (word32)sendSz;
3565735570
3565835571 if (ssl->options.groupMessages)
3565935572 ret = 0;
@@ -39142,64 +39055,15 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
3914239055 /* get output buffer */
3914339056 output = GetOutputBuffer(ssl);
3914439057 AddHeaders(output, 0, server_hello_done, ssl);
39058+ ret = BuildMsgOrHashOutput(ssl, output, &sendSz,
39059+ HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ +
39060+ (ssl->options.dtls ?
39061+ DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA : 0),
39062+ server_hello_done, "ServerHelloDone");
39063+ if (ret != 0)
39064+ return ret;
3914539065
39146- if (IsEncryptionOn(ssl, 1)) {
39147- byte* input;
39148- int inputSz = HANDSHAKE_HEADER_SZ; /* build msg adds rec hdr */
39149- int recordHeaderSz = RECORD_HEADER_SZ;
39150-
39151- if (ssl->options.dtls) {
39152- recordHeaderSz += DTLS_RECORD_EXTRA;
39153- inputSz += DTLS_HANDSHAKE_EXTRA;
39154- }
39155-
39156- input = (byte*)XMALLOC((size_t)inputSz, ssl->heap,
39157- DYNAMIC_TYPE_IN_BUFFER);
39158- if (input == NULL)
39159- return MEMORY_E;
39160-
39161- XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
39162- #ifdef WOLFSSL_DTLS
39163- if (IsDtlsNotSctpMode(ssl) &&
39164- (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, server_hello_done)) != 0) {
39165- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
39166- return ret;
39167- }
39168- #endif
39169- sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
39170- handshake, 1, 0, 0, CUR_ORDER);
39171- XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
39172-
39173- if (sendSz < 0)
39174- return sendSz;
39175- } else {
39176- #ifdef WOLFSSL_DTLS
39177- if (IsDtlsNotSctpMode(ssl)) {
39178- if ((ret = DtlsMsgPoolSave(ssl, output, (word32)sendSz, server_hello_done)) != 0)
39179- return ret;
39180- }
39181- if (ssl->options.dtls)
39182- DtlsSEQIncrement(ssl, CUR_ORDER);
39183- #endif
39184- ret = HashOutput(ssl, output, sendSz, 0);
39185- if (ret != 0)
39186- return ret;
39187- }
39188-
39189- #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
39190- if (ssl->hsInfoOn)
39191- AddPacketName(ssl, "ServerHelloDone");
39192- if (ssl->toInfoOn) {
39193- ret = AddPacketInfo(ssl, "ServerHelloDone", handshake, output,
39194- sendSz, WRITE_PROTO, 0, ssl->heap);
39195- if (ret != 0)
39196- return ret;
39197- }
39198- #endif
3919939066 ssl->options.serverState = SERVER_HELLODONE_COMPLETE;
39200- ssl->options.buildingMsg = 0;
39201-
39202- ssl->buffers.outputBuffer.length += (word32)sendSz;
3920339067
3920439068 ret = SendBuffered(ssl);
3920539069
0 commit comments