2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/objects.h>
14 /* Add the server's renegotiation binding */
15 int ssl_add_serverhello_renegotiate_ext(SSL *s, WPACKET *pkt)
17 if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_renegotiate)
18 || !WPACKET_start_sub_packet_u16(pkt)
19 || !WPACKET_start_sub_packet_u8(pkt)
20 || !WPACKET_memcpy(pkt, s->s3->previous_client_finished,
21 s->s3->previous_client_finished_len)
22 || !WPACKET_memcpy(pkt, s->s3->previous_server_finished,
23 s->s3->previous_server_finished_len)
24 || !WPACKET_close(pkt)
25 || !WPACKET_close(pkt))
32 * Parse the server's renegotiation binding and abort if it's not right
34 int ssl_parse_serverhello_renegotiate_ext(SSL *s, PACKET *pkt, int *al)
36 size_t expected_len = s->s3->previous_client_finished_len
37 + s->s3->previous_server_finished_len;
39 const unsigned char *data;
41 /* Check for logic errors */
42 OPENSSL_assert(!expected_len || s->s3->previous_client_finished_len);
43 OPENSSL_assert(!expected_len || s->s3->previous_server_finished_len);
45 /* Parse the length byte */
46 if (!PACKET_get_1_len(pkt, &ilen)) {
47 SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
48 SSL_R_RENEGOTIATION_ENCODING_ERR);
49 *al = SSL_AD_ILLEGAL_PARAMETER;
53 /* Consistency check */
54 if (PACKET_remaining(pkt) != ilen) {
55 SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
56 SSL_R_RENEGOTIATION_ENCODING_ERR);
57 *al = SSL_AD_ILLEGAL_PARAMETER;
61 /* Check that the extension matches */
62 if (ilen != expected_len) {
63 SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
64 SSL_R_RENEGOTIATION_MISMATCH);
65 *al = SSL_AD_HANDSHAKE_FAILURE;
69 if (!PACKET_get_bytes(pkt, &data, s->s3->previous_client_finished_len)
70 || memcmp(data, s->s3->previous_client_finished,
71 s->s3->previous_client_finished_len) != 0) {
72 SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
73 SSL_R_RENEGOTIATION_MISMATCH);
74 *al = SSL_AD_HANDSHAKE_FAILURE;
78 if (!PACKET_get_bytes(pkt, &data, s->s3->previous_server_finished_len)
79 || memcmp(data, s->s3->previous_server_finished,
80 s->s3->previous_server_finished_len) != 0) {
81 SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
82 SSL_R_RENEGOTIATION_MISMATCH);
83 *al = SSL_AD_ILLEGAL_PARAMETER;
86 s->s3->send_connection_binding = 1;