wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

wolfSSL_state_string_long - update for TLS 1.3 and DTLS 1.3

Browse Source
This commit is contained in:
Sean Parkinson
2022-08-19 09:41:01 +10:00
parent 969ad96dee
commit 4b8cd6c62b
1 changed files with 187 additions and 300 deletions
Download Patch File Download Diff File Expand all files Collapse all files

467
src/ssl.c
View File

@@ -22455,6 +22455,62 @@ const char* wolfSSL_alert_desc_string_long(int alertID)
return AlertTypeToString(alertID); return AlertTypeToString(alertID);
} }
#define STATE_STRINGS_PROTO(s) \
{ \
{"SSLv3 " s, \
"SSLv3 " s, \
"SSLv3 " s}, \
{"TLSv1 " s, \
"TLSv1 " s, \
"TLSv1 " s}, \
{"TLSv1_1 " s, \
"TLSv1_1 " s, \
"TLSv1_1 " s}, \
{"TLSv1_2 " s, \
"TLSv1_2 " s, \
"TLSv1_2 " s}, \
{"TLSv1_3 " s, \
"TLSv1_3 " s, \
"TLSv1_3 " s}, \
{"DTLSv1 " s, \
"DTLSv1 " s, \
"DTLSv1 " s}, \
{"DTLSv1_2 " s, \
"DTLSv1_2 " s, \
"DTLSv1_2 " s}, \
{"DTLSv1_3 " s, \
"DTLSv1_3 " s, \
"DTLSv1_3 " s}, \
}
#define STATE_STRINGS_PROTO_RW(s) \
{ \
{"SSLv3 read " s, \
"SSLv3 write " s, \
"SSLv3 " s}, \
{"TLSv1 read " s, \
"TLSv1 write " s, \
"TLSv1 " s}, \
{"TLSv1_1 read " s, \
"TLSv1_1 write " s, \
"TLSv1_1 " s}, \
{"TLSv1_2 read " s, \
"TLSv1_2 write " s, \
"TLSv1_2 " s}, \
{"TLSv1_3 read " s, \
"TLSv1_3 write " s, \
"TLSv1_3 " s}, \
{"DTLSv1 read " s, \
"DTLSv1 write " s, \
"DTLSv1 " s}, \
{"DTLSv1_2 read " s, \
"DTLSv1_2 write " s, \
"DTLSv1_2 " s}, \
{"DTLSv1_3 read " s, \
"DTLSv1_3 write " s, \
"DTLSv1_3 " s}, \
}
/* Gets the current state of the WOLFSSL structure /* Gets the current state of the WOLFSSL structure
* *
* ssl WOLFSSL structure to get state of * ssl WOLFSSL structure to get state of
@@ -22464,284 +22520,41 @@ const char* wolfSSL_alert_desc_string_long(int alertID)
const char* wolfSSL_state_string_long(const WOLFSSL* ssl) const char* wolfSSL_state_string_long(const WOLFSSL* ssl)
{ {
static const char* OUTPUT_STR[14][6][3] = { static const char* OUTPUT_STR[24][8][3] = {
{ STATE_STRINGS_PROTO("Initialization"),
{"SSLv3 Initialization","SSLv3 Initialization","SSLv3 Initialization"}, STATE_STRINGS_PROTO_RW("Server Hello Request"),
{"TLSv1 Initialization","TLSv2 Initialization","TLSv2 Initialization"}, STATE_STRINGS_PROTO_RW("Server Hello Verify Request"),
{"TLSv1_1 Initialization","TLSv1_1 Initialization","TLSv1_1 Initialization"}, STATE_STRINGS_PROTO_RW("Server Hello Retry Request"),
{"TLSv1_2 Initialization","TLSv1_2 Initialization","TLSv1_2 Initialization"}, STATE_STRINGS_PROTO_RW("Server Hello"),
{"DTLSv1 Initialization","DTLSv1 Initialization","DTLSv1 Initialization"}, STATE_STRINGS_PROTO_RW("Server Certificate Status"),
{"DTLSv1_2 Initialization","DTLSv1_2 Initialization","DTLSv1_2 Initialization"}, STATE_STRINGS_PROTO_RW("Server Encrypted Extensions"),
}, STATE_STRINGS_PROTO_RW("Server Session Ticket"),
{ STATE_STRINGS_PROTO_RW("Server Certificate Request"),
{"SSLv3 read Server Hello Verify Request", STATE_STRINGS_PROTO_RW("Server Cert"),
"SSLv3 write Server Hello Verify Request", STATE_STRINGS_PROTO_RW("Server Key Exchange"),
"SSLv3 Server Hello Verify Request"}, STATE_STRINGS_PROTO_RW("Server Hello Done"),
{"TLSv1 read Server Hello Verify Request", STATE_STRINGS_PROTO_RW("Server Change CipherSpec"),
"TLSv1 write Server Hello Verify Request", STATE_STRINGS_PROTO_RW("Server Finished"),
"TLSv1 Server Hello Verify Request"}, STATE_STRINGS_PROTO_RW("server Key Update"),
{"TLSv1_1 read Server Hello Verify Request", STATE_STRINGS_PROTO_RW("Client Hello"),
"TLSv1_1 write Server Hello Verify Request", STATE_STRINGS_PROTO_RW("Client Key Exchange"),
"TLSv1_1 Server Hello Verify Request"}, STATE_STRINGS_PROTO_RW("Client Cert"),
{"TLSv1_2 read Server Hello Verify Request", STATE_STRINGS_PROTO_RW("Client Change CipherSpec"),
"TLSv1_2 write Server Hello Verify Request", STATE_STRINGS_PROTO_RW("Client Certificate Verify"),
"TLSv1_2 Server Hello Verify Request"}, STATE_STRINGS_PROTO_RW("Client End Of Early Data"),
{"DTLSv1 read Server Hello Verify Request", STATE_STRINGS_PROTO_RW("Client Finished"),
"DTLSv1 write Server Hello Verify Request", STATE_STRINGS_PROTO_RW("Client Key Update"),
"DTLSv1 Server Hello Verify Request"}, STATE_STRINGS_PROTO("Handshake Done"),
{"DTLSv1_2 read Server Hello Verify Request",
"DTLSv1_2 write Server Hello Verify Request",
"DTLSv1_2 Server Hello Verify Request"},
},
{
{"SSLv3 read Server Hello",
"SSLv3 write Server Hello",
"SSLv3 Server Hello"},
{"TLSv1 read Server Hello",
"TLSv1 write Server Hello",
"TLSv1 Server Hello"},
{"TLSv1_1 read Server Hello",
"TLSv1_1 write Server Hello",
"TLSv1_1 Server Hello"},
{"TLSv1_2 read Server Hello",
"TLSv1_2 write Server Hello",
"TLSv1_2 Server Hello"},
{"DTLSv1 read Server Hello",
"DTLSv1 write Server Hello",
"DTLSv1 Server Hello"},
{"DTLSv1_2 read Server Hello"
"DTLSv1_2 write Server Hello",
"DTLSv1_2 Server Hello",
},
},
{
{"SSLv3 read Server Session Ticket",
"SSLv3 write Server Session Ticket",
"SSLv3 Server Session Ticket"},
{"TLSv1 read Server Session Ticket",
"TLSv1 write Server Session Ticket",
"TLSv1 Server Session Ticket"},
{"TLSv1_1 read Server Session Ticket",
"TLSv1_1 write Server Session Ticket",
"TLSv1_1 Server Session Ticket"},
{"TLSv1_2 read Server Session Ticket",
"TLSv1_2 write Server Session Ticket",
"TLSv1_2 Server Session Ticket"},
{"DTLSv1 read Server Session Ticket",
"DTLSv1 write Server Session Ticket",
"DTLSv1 Server Session Ticket"},
{"DTLSv1_2 read Server Session Ticket",
"DTLSv1_2 write Server Session Ticket",
"DTLSv1_2 Server Session Ticket"},
},
{
{"SSLv3 read Server Cert",
"SSLv3 write Server Cert",
"SSLv3 Server Cert"},
{"TLSv1 read Server Cert",
"TLSv1 write Server Cert",
"TLSv1 Server Cert"},
{"TLSv1_1 read Server Cert",
"TLSv1_1 write Server Cert",
"TLSv1_1 Server Cert"},
{"TLSv1_2 read Server Cert",
"TLSv1_2 write Server Cert",
"TLSv1_2 Server Cert"},
{"DTLSv1 read Server Cert",
"DTLSv1 write Server Cert",
"DTLSv1 Server Cert"},
{"DTLSv1_2 read Server Cert",
"DTLSv1_2 write Server Cert",
"DTLSv1_2 Server Cert"},
},
{
{"SSLv3 read Server Key Exchange",
"SSLv3 write Server Key Exchange",
"SSLv3 Server Key Exchange"},
{"TLSv1 read Server Key Exchange",
"TLSv1 write Server Key Exchange",
"TLSv1 Server Key Exchange"},
{"TLSv1_1 read Server Key Exchange",
"TLSv1_1 write Server Key Exchange",
"TLSv1_1 Server Key Exchange"},
{"TLSv1_2 read Server Key Exchange",
"TLSv1_2 write Server Key Exchange",
"TLSv1_2 Server Key Exchange"},
{"DTLSv1 read Server Key Exchange",
"DTLSv1 write Server Key Exchange",
"DTLSv1 Server Key Exchange"},
{"DTLSv1_2 read Server Key Exchange",
"DTLSv1_2 write Server Key Exchange",
"DTLSv1_2 Server Key Exchange"},
},
{
{"SSLv3 read Server Hello Done",
"SSLv3 write Server Hello Done",
"SSLv3 Server Hello Done"},
{"TLSv1 read Server Hello Done",
"TLSv1 write Server Hello Done",
"TLSv1 Server Hello Done"},
{"TLSv1_1 read Server Hello Done",
"TLSv1_1 write Server Hello Done",
"TLSv1_1 Server Hello Done"},
{"TLSv1_2 read Server Hello Done",
"TLSv1_2 write Server Hello Done",
"TLSv1_2 Server Hello Done"},
{"DTLSv1 read Server Hello Done",
"DTLSv1 write Server Hello Done",
"DTLSv1 Server Hello Done"},
{"DTLSv1_2 read Server Hello Done",
"DTLSv1_2 write Server Hello Done",
"DTLSv1_2 Server Hello Done"},
},
{
{"SSLv3 read Server Change CipherSpec",
"SSLv3 write Server Change CipherSpec",
"SSLv3 Server Change CipherSpec"},
{"TLSv1 read Server Change CipherSpec",
"TLSv1 write Server Change CipherSpec",
"TLSv1 Server Change CipherSpec"},
{"TLSv1_1 read Server Change CipherSpec",
"TLSv1_1 write Server Change CipherSpec",
"TLSv1_1 Server Change CipherSpec"},
{"TLSv1_2 read Server Change CipherSpec",
"TLSv1_2 write Server Change CipherSpec",
"TLSv1_2 Server Change CipherSpec"},
{"DTLSv1 read Server Change CipherSpec",
"DTLSv1 write Server Change CipherSpec",
"DTLSv1 Server Change CipherSpec"},
{"DTLSv1_2 read Server Change CipherSpec",
"DTLSv1_2 write Server Change CipherSpec",
"DTLSv1_2 Server Change CipherSpec"},
},
{
{"SSLv3 read Server Finished",
"SSLv3 write Server Finished",
"SSLv3 Server Finished"},
{"TLSv1 read Server Finished",
"TLSv1 write Server Finished",
"TLSv1 Server Finished"},
{"TLSv1_1 read Server Finished",
"TLSv1_1 write Server Finished",
"TLSv1_1 Server Finished"},
{"TLSv1_2 read Server Finished",
"TLSv1_2 write Server Finished",
"TLSv1_2 Server Finished"},
{"DTLSv1 read Server Finished",
"DTLSv1 write Server Finished",
"DTLSv1 Server Finished"},
{"DTLSv1_2 read Server Finished",
"DTLSv1_2 write Server Finished",
"DTLSv1_2 Server Finished"},
},
{
{"SSLv3 read Client Hello",
"SSLv3 write Client Hello",
"SSLv3 Client Hello"},
{"TLSv1 read Client Hello",
"TLSv1 write Client Hello",
"TLSv1 Client Hello"},
{"TLSv1_1 read Client Hello",
"TLSv1_1 write Client Hello",
"TLSv1_1 Client Hello"},
{"TLSv1_2 read Client Hello",
"TLSv1_2 write Client Hello",
"TLSv1_2 Client Hello"},
{"DTLSv1 read Client Hello",
"DTLSv1 write Client Hello",
"DTLSv1 Client Hello"},
{"DTLSv1_2 read Client Hello",
"DTLSv1_2 write Client Hello",
"DTLSv1_2 Client Hello"},
},
{
{"SSLv3 read Client Key Exchange",
"SSLv3 write Client Key Exchange",
"SSLv3 Client Key Exchange"},
{"TLSv1 read Client Key Exchange",
"TLSv1 write Client Key Exchange",
"TLSv1 Client Key Exchange"},
{"TLSv1_1 read Client Key Exchange",
"TLSv1_1 write Client Key Exchange",
"TLSv1_1 Client Key Exchange"},
{"TLSv1_2 read Client Key Exchange",
"TLSv1_2 write Client Key Exchange",
"TLSv1_2 Client Key Exchange"},
{"DTLSv1 read Client Key Exchange",
"DTLSv1 write Client Key Exchange",
"DTLSv1 Client Key Exchange"},
{"DTLSv1_2 read Client Key Exchange",
"DTLSv1_2 write Client Key Exchange",
"DTLSv1_2 Client Key Exchange"},
},
{
{"SSLv3 read Client Change CipherSpec",
"SSLv3 write Client Change CipherSpec",
"SSLv3 Client Change CipherSpec"},
{"TLSv1 read Client Change CipherSpec",
"TLSv1 write Client Change CipherSpec",
"TLSv1 Client Change CipherSpec"},
{"TLSv1_1 read Client Change CipherSpec",
"TLSv1_1 write Client Change CipherSpec",
"TLSv1_1 Client Change CipherSpec"},
{"TLSv1_2 read Client Change CipherSpec",
"TLSv1_2 write Client Change CipherSpec",
"TLSv1_2 Client Change CipherSpec"},
{"DTLSv1 read Client Change CipherSpec",
"DTLSv1 write Client Change CipherSpec",
"DTLSv1 Client Change CipherSpec"},
{"DTLSv1_2 read Client Change CipherSpec",
"DTLSv1_2 write Client Change CipherSpec",
"DTLSv1_2 Client Change CipherSpec"},
},
{
{"SSLv3 read Client Finished",
"SSLv3 write Client Finished",
"SSLv3 Client Finished"},
{"TLSv1 read Client Finished",
"TLSv1 write Client Finished",
"TLSv1 Client Finished"},
{"TLSv1_1 read Client Finished",
"TLSv1_1 write Client Finished",
"TLSv1_1 Client Finished"},
{"TLSv1_2 read Client Finished",
"TLSv1_2 write Client Finished",
"TLSv1_2 Client Finished"},
{"DTLSv1 read Client Finished",
"DTLSv1 write Client Finished",
"DTLSv1 Client Finished"},
{"DTLSv1_2 read Client Finished",
"DTLSv1_2 write Client Finished",
"DTLSv1_2 Client Finished"},
},
{
{"SSLv3 Handshake Done",
"SSLv3 Handshake Done",
"SSLv3 Handshake Done"},
{"TLSv1 Handshake Done",
"TLSv1 Handshake Done",
"TLSv1 Handshake Done"},
{"TLSv1_1 Handshake Done",
"TLSv1_1 Handshake Done",
"TLSv1_1 Handshake Done"},
{"TLSv1_2 Handshake Done",
"TLSv1_2 Handshake Done",
"TLSv1_2 Handshake Done"},
{"DTLSv1 Handshake Done",
"DTLSv1 Handshake Done",
"DTLSv1 Handshake Done"},
{"DTLSv1_2 Handshake Done"
"DTLSv1_2 Handshake Done"
"DTLSv1_2 Handshake Done"}
}
}; };
enum ProtocolVer { enum ProtocolVer {
SSL_V3 = 0, SSL_V3 = 0,
TLS_V1, TLS_V1,
TLS_V1_1, TLS_V1_1,
TLS_V1_2, TLS_V1_2,
TLS_V1_3,
DTLS_V1, DTLS_V1,
DTLS_V1_2, DTLS_V1_2,
DTLS_V1_3,
UNKNOWN = 100 UNKNOWN = 100
}; };
@@ -22753,18 +22566,28 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl)
enum SslState { enum SslState {
ss_null_state = 0, ss_null_state = 0,
ss_server_hellorequest,
ss_server_helloverify, ss_server_helloverify,
ss_server_helloretryrequest,
ss_server_hello, ss_server_hello,
ss_sessionticket, ss_server_certificatestatus,
ss_server_encryptedextensions,
ss_server_sessionticket,
ss_server_certrequest,
ss_server_cert, ss_server_cert,
ss_server_keyexchange, ss_server_keyexchange,
ss_server_hellodone, ss_server_hellodone,
ss_server_changecipherspec, ss_server_changecipherspec,
ss_server_finished, ss_server_finished,
ss_server_keyupdate,
ss_client_hello, ss_client_hello,
ss_client_keyexchange, ss_client_keyexchange,
ss_client_cert,
ss_client_changecipherspec, ss_client_changecipherspec,
ss_client_certverify,
ss_client_endofearlydata,
ss_client_finished, ss_client_finished,
ss_client_keyupdate,
ss_handshake_done ss_handshake_done
}; };
@@ -22779,18 +22602,23 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl)
} }
/* Get state of callback */ /* Get state of callback */
if (ssl->cbmode == SSL_CB_MODE_WRITE){ if (ssl->cbmode == SSL_CB_MODE_WRITE) {
cbmode = SS_WRITE; cbmode = SS_WRITE;
} else if (ssl->cbmode == SSL_CB_MODE_READ){ }
else if (ssl->cbmode == SSL_CB_MODE_READ) {
cbmode = SS_READ; cbmode = SS_READ;
} else { }
else {
cbmode = SS_NEITHER; cbmode = SS_NEITHER;
} }
/* Get protocol version */ /* Get protocol version */
switch (ssl->version.major){ switch (ssl->version.major) {
case SSLv3_MAJOR: case SSLv3_MAJOR:
switch (ssl->version.minor){ switch (ssl->version.minor) {
case SSLv3_MINOR:
protocol = SSL_V3;
break;
case TLSv1_MINOR: case TLSv1_MINOR:
protocol = TLS_V1; protocol = TLS_V1;
break; break;
@@ -22800,21 +22628,24 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl)
case TLSv1_2_MINOR: case TLSv1_2_MINOR:
protocol = TLS_V1_2; protocol = TLS_V1_2;
break; break;
case SSLv3_MINOR: case TLSv1_3_MINOR:
protocol = SSL_V3; protocol = TLS_V1_3;
break; break;
default: default:
protocol = UNKNOWN; protocol = UNKNOWN;
} }
break; break;
case DTLS_MAJOR: case DTLS_MAJOR:
switch (ssl->version.minor){ switch (ssl->version.minor) {
case DTLS_MINOR: case DTLS_MINOR:
protocol = DTLS_V1; protocol = DTLS_V1;
break; break;
case DTLSv1_2_MINOR: case DTLSv1_2_MINOR:
protocol = DTLS_V1_2; protocol = DTLS_V1_2;
break; break;
case DTLSv1_3_MINOR:
protocol = DTLS_V1_3;
break;
default: default:
protocol = UNKNOWN; protocol = UNKNOWN;
} }
@@ -22824,29 +22655,54 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl)
} }
/* accept process */ /* accept process */
if (ssl->cbmode == SSL_CB_MODE_READ){ if (ssl->cbmode == SSL_CB_MODE_READ) {
state = ssl->cbtype; state = ssl->cbtype;
switch (state) { switch (state) {
case hello_verify_request: case hello_request:
state = ss_server_helloverify; state = ss_server_hellorequest;
break; break;
case session_ticket: case client_hello:
state = ss_sessionticket; state = ss_client_hello;
break; break;
case server_hello: case server_hello:
state = ss_server_hello; state = ss_server_hello;
break; break;
case server_hello_done: case hello_verify_request:
state = ss_server_hellodone; state = ss_server_helloverify;
break;
case session_ticket:
state = ss_server_sessionticket;
break;
case end_of_early_data:
state = ss_client_endofearlydata;
break;
case hello_retry_request:
state = ss_server_helloretryrequest;
break;
case encrypted_extensions:
state = ss_server_encryptedextensions;
break; break;
case certificate: case certificate:
if (ssl->options.side == WOLFSSL_SERVER_END)
state = ss_client_cert;
else if (ssl->options.side == WOLFSSL_CLIENT_END)
state = ss_server_cert; state = ss_server_cert;
else {
WOLFSSL_MSG("Unknown State");
state = ss_null_state;
}
break; break;
case server_key_exchange: case server_key_exchange:
state = ss_server_keyexchange; state = ss_server_keyexchange;
break; break;
case client_hello: case certificate_request:
state = ss_client_hello; state = ss_server_certrequest;
break;
case server_hello_done:
state = ss_server_hellodone;
break;
case certificate_verify:
state = ss_client_certverify;
break; break;
case client_key_exchange: case client_key_exchange:
state = ss_client_keyexchange; state = ss_client_keyexchange;
@@ -22861,24 +22717,54 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl)
state = ss_null_state; state = ss_null_state;
} }
break; break;
case certificate_status:
state = ss_server_certificatestatus;
break;
case key_update:
if (ssl->options.side == WOLFSSL_SERVER_END)
state = ss_client_keyupdate;
else if (ssl->options.side == WOLFSSL_CLIENT_END)
state = ss_server_keyupdate;
else {
WOLFSSL_MSG("Unknown State");
state = ss_null_state;
}
break;
case change_cipher_hs:
if (ssl->options.side == WOLFSSL_SERVER_END)
state = ss_client_changecipherspec;
else if (ssl->options.side == WOLFSSL_CLIENT_END)
state = ss_server_changecipherspec;
else {
WOLFSSL_MSG("Unknown State");
state = ss_null_state;
}
break;
default: default:
WOLFSSL_MSG("Unknown State"); WOLFSSL_MSG("Unknown State");
state = ss_null_state; state = ss_null_state;
} }
} else { }
else {
/* Send process */ /* Send process */
if (ssl->options.side == WOLFSSL_SERVER_END) if (ssl->options.side == WOLFSSL_SERVER_END)
state = ssl->options.serverState; state = ssl->options.serverState;
else else
state = ssl->options.clientState; state = ssl->options.clientState;
switch(state){ switch (state) {
case SERVER_HELLOVERIFYREQUEST_COMPLETE: case SERVER_HELLOVERIFYREQUEST_COMPLETE:
state = ss_server_helloverify; state = ss_server_helloverify;
break; break;
case SERVER_HELLO_RETRY_REQUEST_COMPLETE:
state = ss_server_helloretryrequest;
break;
case SERVER_HELLO_COMPLETE: case SERVER_HELLO_COMPLETE:
state = ss_server_hello; state = ss_server_hello;
break; break;
case SERVER_ENCRYPTED_EXTENSIONS_COMPLETE:
state = ss_server_encryptedextensions;
break;
case SERVER_CERT_COMPLETE: case SERVER_CERT_COMPLETE:
state = ss_server_cert; state = ss_server_cert;
break; break;
@@ -22894,6 +22780,7 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl)
case SERVER_FINISHED_COMPLETE: case SERVER_FINISHED_COMPLETE:
state = ss_server_finished; state = ss_server_finished;
break; break;
case CLIENT_HELLO_RETRY:
case CLIENT_HELLO_COMPLETE: case CLIENT_HELLO_COMPLETE:
state = ss_client_hello; state = ss_client_hello;
break; break;