1 /***************************************************************************
2 * Copyright (c) 2024 Microsoft Corporation
3 *
4 * This program and the accompanying materials are made available under the
5 * terms of the MIT License which is available at
6 * https://opensource.org/licenses/MIT.
7 *
8 * SPDX-License-Identifier: MIT
9 **************************************************************************/
10
11
12 /**************************************************************************/
13 /**************************************************************************/
14 /** */
15 /** NetX Secure Component */
16 /** */
17 /** Transport Layer Security (TLS) */
18 /** */
19 /**************************************************************************/
20 /**************************************************************************/
21
22 #define NX_SECURE_SOURCE_CODE
23
24 #include "nx_secure_tls.h"
25
26 /**************************************************************************/
27 /* */
28 /* FUNCTION RELEASE */
29 /* */
30 /* _nx_secure_tls_handshake_process PORTABLE C */
31 /* 6.1 */
32 /* AUTHOR */
33 /* */
34 /* Timothy Stapko, Microsoft Corporation */
35 /* */
36 /* DESCRIPTION */
37 /* */
38 /* This function processes a TLS handshake, whether at the beginning */
39 /* of a new TLS connection or during a session re-negotiation. The */
40 /* handshake state machine is implemented for each of TLS Client and */
41 /* Server in their own functions, this function is simply the entry */
42 /* point for handling the handshake messages. */
43 /* */
44 /* INPUT */
45 /* */
46 /* tls_session TLS control block */
47 /* wait_option Suspension option */
48 /* */
49 /* OUTPUT */
50 /* */
51 /* status Completion status */
52 /* */
53 /* CALLS */
54 /* */
55 /* _nx_secure_tls_session_receive_records */
56 /* Receive TLS records */
57 /* nx_secure_tls_packet_release Release packet */
58 /* */
59 /* CALLED BY */
60 /* */
61 /* _nx_secure_tls_session_start Start TLS session */
62 /* _nx_secure_tls_session_receive Receive TCP data */
63 /* */
64 /* RELEASE HISTORY */
65 /* */
66 /* DATE NAME DESCRIPTION */
67 /* */
68 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
69 /* 09-30-2020 Timothy Stapko Modified comment(s), */
70 /* released packet securely, */
71 /* fixed compiler warnings, */
72 /* resulting in version 6.1 */
73 /* */
74 /**************************************************************************/
_nx_secure_tls_handshake_process(NX_SECURE_TLS_SESSION * tls_session,UINT wait_option)75 UINT _nx_secure_tls_handshake_process(NX_SECURE_TLS_SESSION *tls_session, UINT wait_option)
76 {
77 UINT status = NX_NOT_SUCCESSFUL;
78 NX_PACKET *incoming_packet = NX_NULL;
79
80 /* Process the handshake depending on the TLS session type. */
81 #ifndef NX_SECURE_TLS_CLIENT_DISABLED
82 if (tls_session -> nx_secure_tls_socket_type == NX_SECURE_TLS_SESSION_TYPE_CLIENT)
83 {
84
85 /* Handle our incoming handshake messages. Continue processing until the handshake is complete
86 * or an error/timeout occurs. */
87 while (tls_session -> nx_secure_tls_client_state != NX_SECURE_TLS_CLIENT_STATE_HANDSHAKE_FINISHED)
88 {
89 status = _nx_secure_tls_session_receive_records(tls_session, &incoming_packet, wait_option);
90
91 /* Make sure we didn't have an error during the receive. */
92 if (status != NX_SUCCESS)
93 {
94 break;
95 }
96 }
97
98 if (tls_session -> nx_secure_tls_client_state == NX_SECURE_TLS_CLIENT_STATE_HANDSHAKE_FINISHED)
99 {
100
101 /* Release the incoming packet if we do receive it. */
102 nx_secure_tls_packet_release(incoming_packet);
103 }
104 }
105 #endif
106
107 #ifndef NX_SECURE_TLS_SERVER_DISABLED
108 if (tls_session -> nx_secure_tls_socket_type == NX_SECURE_TLS_SESSION_TYPE_SERVER)
109 {
110 /* Session is a TLS Server type. */
111 /* The client socket connection has already been accepted at this point, process the handshake. */
112
113 /* Now handle our incoming handshake messages. Continue processing until the handshake is complete
114 * or an error/timeout occurs. */
115 while (tls_session -> nx_secure_tls_server_state != NX_SECURE_TLS_SERVER_STATE_HANDSHAKE_FINISHED)
116 {
117 status = _nx_secure_tls_session_receive_records(tls_session, &incoming_packet, wait_option);
118
119 /* Make sure we didn't have an error during the receive. */
120 if (status != NX_SUCCESS)
121 {
122 break;
123 }
124 }
125
126 if (tls_session -> nx_secure_tls_server_state == NX_SECURE_TLS_SERVER_STATE_HANDSHAKE_FINISHED)
127 {
128
129 /* Release the incoming packet if we do receive it. */
130 nx_secure_tls_packet_release(incoming_packet);
131 }
132 }
133 #endif
134
135 if ((status == NX_NO_PACKET) && (wait_option == 0))
136 {
137
138 /* It is non blocking mode. */
139 status = NX_CONTINUE;
140 }
141
142 return(status);
143 }
144
145
