1 /***************************************************************************
2 * Copyright (c) 2024 Microsoft Corporation
3 *
4 * This program and the accompanying materials are made available under the
5 * terms of the MIT License which is available at
6 * https://opensource.org/licenses/MIT.
7 *
8 * SPDX-License-Identifier: MIT
9 **************************************************************************/
10
11
12 /**************************************************************************/
13 /**************************************************************************/
14 /** */
15 /** NetX Secure Component */
16 /** */
17 /** Transport Layer Security (TLS) */
18 /** */
19 /**************************************************************************/
20 /**************************************************************************/
21
22 #define NX_SECURE_SOURCE_CODE
23
24 #include "nx_secure_tls.h"
25
26 /**************************************************************************/
27 /* */
28 /* FUNCTION RELEASE */
29 /* */
30 /* _nx_secure_tls_session_receive PORTABLE C */
31 /* 6.2.0 */
32 /* AUTHOR */
33 /* */
34 /* Timothy Stapko, Microsoft Corporation */
35 /* */
36 /* DESCRIPTION */
37 /* */
38 /* This function receives data from an active TLS session, handling */
39 /* all decryption and verification before returning the data to the */
40 /* caller in the supplied NX_PACKET structure. */
41 /* */
42 /* INPUT */
43 /* */
44 /* tls_session TLS control block */
45 /* packet_ptr_ptr Pointer to return packet */
46 /* wait_option Indicates how long the caller */
47 /* should wait for the response */
48 /* */
49 /* OUTPUT */
50 /* */
51 /* status Completion status */
52 /* */
53 /* CALLS */
54 /* */
55 /* _nx_secure_tls_handshake_process Process TLS handshake */
56 /* _nx_secure_tls_session_receive_records */
57 /* Receive TLS records */
58 /* */
59 /* CALLED BY */
60 /* */
61 /* Application Code */
62 /* */
63 /* RELEASE HISTORY */
64 /* */
65 /* DATE NAME DESCRIPTION */
66 /* */
67 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
68 /* 09-30-2020 Timothy Stapko Modified comment(s), */
69 /* supported chained packet, */
70 /* fixed renegotiation bug, */
71 /* resulting in version 6.1 */
72 /* 04-25-2022 Yuxin Zhou Modified comment(s), added */
73 /* conditional TLS 1.3 build, */
74 /* resulting in version 6.1.11 */
75 /* 10-31-2022 Yanwu Cai Modified comment(s), and */
76 /* fixed renegotiation when */
77 /* receiving in non-block mode,*/
78 /* resulting in version 6.2.0 */
79 /* */
80 /**************************************************************************/
_nx_secure_tls_session_receive(NX_SECURE_TLS_SESSION * tls_session,NX_PACKET ** packet_ptr_ptr,ULONG wait_option)81 UINT _nx_secure_tls_session_receive(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET **packet_ptr_ptr,
82 ULONG wait_option)
83 {
84 UINT status;
85
86 /* Session receive logic:
87 * 1. Receive incoming packets
88 * 2. Process records and receive while full record is not yet received.
89 * 3. If renegotiation initiated, process the renegotiation handshake.
90 * 3a. Process entire handshake (receive TCP packets, process records)
91 * 3b. Once handshake processed, receive any new packets, but only if
92 * the remote host initiated the renegotiation.
93 */
94
95
96 /* Try receiving records from the remote host. */
97 status = _nx_secure_tls_session_receive_records(tls_session, packet_ptr_ptr, wait_option);
98
99 #ifndef NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION
100 /* See if we have a renegotiation handshake. Continue processing following the
101 hello message that was received. */
102 if (status == NX_SUCCESS && tls_session -> nx_secure_tls_renegotiation_handshake)
103 {
104
105 /* Process the handshake. */
106 status = _nx_secure_tls_handshake_process(tls_session, wait_option);
107
108 if (status != NX_SUCCESS)
109 {
110 return(status);
111 }
112
113 /* Clear flag to prevent infinite recursion. */
114 tls_session -> nx_secure_tls_renegotiation_handshake = NX_FALSE;
115
116 /* If this renegotiation was initiated by us, don't receive additional data as
117 that will be up to the application. */
118 if (!tls_session -> nx_secure_tls_local_initiated_renegotiation)
119 {
120 /* Handle any data that followed the re-negotiation handshake. */
121 status = _nx_secure_tls_session_receive_records(tls_session, packet_ptr_ptr, wait_option);
122 }
123 tls_session -> nx_secure_tls_local_initiated_renegotiation = NX_FALSE;
124 }
125 else
126 #endif /* NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION */
127 {
128 #if (NX_SECURE_TLS_TLS_1_3_ENABLED)
129 /* Continue processing while we are receiving post-handshake messages. */
130 while (status == NX_SECURE_TLS_POST_HANDSHAKE_RECEIVED)
131 {
132 status = _nx_secure_tls_session_receive_records(tls_session, packet_ptr_ptr, wait_option);
133 }
134 #endif /* NX_SECURE_TLS_TLS_1_3_ENABLED */
135 }
136
137
138 return(status);
139 }
140
141
