1 /**************************************************************************/
2 /* */
3 /* Copyright (c) Microsoft Corporation. All rights reserved. */
4 /* */
5 /* This software is licensed under the Microsoft Software License */
6 /* Terms for Microsoft Azure RTOS. Full text of the license can be */
7 /* found in the LICENSE file at https://aka.ms/AzureRTOS_EULA */
8 /* and in the root directory of this software. */
9 /* */
10 /**************************************************************************/
11
12
13 /**************************************************************************/
14 /**************************************************************************/
15 /** */
16 /** NetX Secure Component */
17 /** */
18 /** Transport Layer Security (TLS) */
19 /** */
20 /**************************************************************************/
21 /**************************************************************************/
22
23 #define NX_SECURE_SOURCE_CODE
24
25 #include "nx_secure_tls.h"
26
27 /**************************************************************************/
28 /* */
29 /* FUNCTION RELEASE */
30 /* */
31 /* _nx_secure_tls_session_receive PORTABLE C */
32 /* 6.2.0 */
33 /* AUTHOR */
34 /* */
35 /* Timothy Stapko, Microsoft Corporation */
36 /* */
37 /* DESCRIPTION */
38 /* */
39 /* This function receives data from an active TLS session, handling */
40 /* all decryption and verification before returning the data to the */
41 /* caller in the supplied NX_PACKET structure. */
42 /* */
43 /* INPUT */
44 /* */
45 /* tls_session TLS control block */
46 /* packet_ptr_ptr Pointer to return packet */
47 /* wait_option Indicates how long the caller */
48 /* should wait for the response */
49 /* */
50 /* OUTPUT */
51 /* */
52 /* status Completion status */
53 /* */
54 /* CALLS */
55 /* */
56 /* _nx_secure_tls_handshake_process Process TLS handshake */
57 /* _nx_secure_tls_session_receive_records */
58 /* Receive TLS records */
59 /* */
60 /* CALLED BY */
61 /* */
62 /* Application Code */
63 /* */
64 /* RELEASE HISTORY */
65 /* */
66 /* DATE NAME DESCRIPTION */
67 /* */
68 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
69 /* 09-30-2020 Timothy Stapko Modified comment(s), */
70 /* supported chained packet, */
71 /* fixed renegotiation bug, */
72 /* resulting in version 6.1 */
73 /* 04-25-2022 Yuxin Zhou Modified comment(s), added */
74 /* conditional TLS 1.3 build, */
75 /* resulting in version 6.1.11 */
76 /* 10-31-2022 Yanwu Cai Modified comment(s), and */
77 /* fixed renegotiation when */
78 /* receiving in non-block mode,*/
79 /* resulting in version 6.2.0 */
80 /* */
81 /**************************************************************************/
_nx_secure_tls_session_receive(NX_SECURE_TLS_SESSION * tls_session,NX_PACKET ** packet_ptr_ptr,ULONG wait_option)82 UINT _nx_secure_tls_session_receive(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET **packet_ptr_ptr,
83 ULONG wait_option)
84 {
85 UINT status;
86
87 /* Session receive logic:
88 * 1. Receive incoming packets
89 * 2. Process records and receive while full record is not yet received.
90 * 3. If renegotiation initiated, process the renegotiation handshake.
91 * 3a. Process entire handshake (receive TCP packets, process records)
92 * 3b. Once handshake processed, receive any new packets, but only if
93 * the remote host initiated the renegotiation.
94 */
95
96
97 /* Try receiving records from the remote host. */
98 status = _nx_secure_tls_session_receive_records(tls_session, packet_ptr_ptr, wait_option);
99
100 #ifndef NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION
101 /* See if we have a renegotiation handshake. Continue processing following the
102 hello message that was received. */
103 if (status == NX_SUCCESS && tls_session -> nx_secure_tls_renegotiation_handshake)
104 {
105
106 /* Process the handshake. */
107 status = _nx_secure_tls_handshake_process(tls_session, wait_option);
108
109 if (status != NX_SUCCESS)
110 {
111 return(status);
112 }
113
114 /* Clear flag to prevent infinite recursion. */
115 tls_session -> nx_secure_tls_renegotiation_handshake = NX_FALSE;
116
117 /* If this renegotiation was initiated by us, don't receive additional data as
118 that will be up to the application. */
119 if (!tls_session -> nx_secure_tls_local_initiated_renegotiation)
120 {
121 /* Handle any data that followed the re-negotiation handshake. */
122 status = _nx_secure_tls_session_receive_records(tls_session, packet_ptr_ptr, wait_option);
123 }
124 tls_session -> nx_secure_tls_local_initiated_renegotiation = NX_FALSE;
125 }
126 else
127 #endif /* NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION */
128 {
129 #if (NX_SECURE_TLS_TLS_1_3_ENABLED)
130 /* Continue processing while we are receiving post-handshake messages. */
131 while (status == NX_SECURE_TLS_POST_HANDSHAKE_RECEIVED)
132 {
133 status = _nx_secure_tls_session_receive_records(tls_session, packet_ptr_ptr, wait_option);
134 }
135 #endif /* NX_SECURE_TLS_TLS_1_3_ENABLED */
136 }
137
138
139 return(status);
140 }
141
142
