32 #ifdef HAVE_INTTYPES_H 33 #define __STDC_FORMAT_MACROS 45 #ifndef DTLS_PEERS_NOHASH 59 # include "sha2/sha2.h" 62 #define dtls_set_version(H,V) dtls_int_to_uint16((H)->version, (V)) 63 #define dtls_set_content_type(H,V) ((H)->content_type = (V) & 0xff) 64 #define dtls_set_length(H,V) ((H)->length = (V)) 66 #define dtls_get_content_type(H) ((H)->content_type & 0xff) 67 #define dtls_get_version(H) dtls_uint16_to_int((H)->version) 68 #define dtls_get_epoch(H) dtls_uint16_to_int((H)->epoch) 69 #define dtls_get_sequence_number(H) dtls_uint48_to_ulong((H)->sequence_number) 70 #define dtls_get_fragment_length(H) dtls_uint24_to_int((H)->fragment_length) 72 #ifdef DTLS_PEERS_NOHASH 73 #define FIND_PEER(head,sess,out) \ 77 LL_FOREACH((head), tmp) { \ 78 if (dtls_session_equals(&tmp->session, (sess))) { \ 84 #define DEL_PEER(head,delptr) \ 85 if ((head) != NULL && (delptr) != NULL) { \ 86 LL_DELETE(head,delptr); \ 88 #define ADD_PEER(head,sess,add) \ 89 LL_PREPEND(ctx->peers, peer); 91 #define FIND_PEER(head,sess,out) \ 92 HASH_FIND(hh,head,sess,sizeof(session_t),out) 93 #define ADD_PEER(head,sess,add) \ 94 HASH_ADD(hh,head,sess,sizeof(session_t),add) 95 #define DEL_PEER(head,delptr) \ 96 if ((head) != NULL && (delptr) != NULL) { \ 97 HASH_DELETE(hh,head,delptr); \ 101 #define DTLS_RH_LENGTH sizeof(dtls_record_header_t) 102 #define DTLS_HS_LENGTH sizeof(dtls_handshake_header_t) 103 #define DTLS_CH_LENGTH sizeof(dtls_client_hello_t) 104 #define DTLS_COOKIE_LENGTH_MAX 32 105 #define DTLS_CH_LENGTH_MAX sizeof(dtls_client_hello_t) + DTLS_COOKIE_LENGTH_MAX + 12 + 26 106 #define DTLS_HV_LENGTH sizeof(dtls_hello_verify_t) 107 #define DTLS_SH_LENGTH (2 + DTLS_RANDOM_LENGTH + 1 + 2 + 1) 108 #define DTLS_CE_LENGTH (3 + 3 + 27 + DTLS_EC_KEY_SIZE + DTLS_EC_KEY_SIZE) 109 #define DTLS_SKEXEC_LENGTH (1 + 2 + 1 + 1 + DTLS_EC_KEY_SIZE + DTLS_EC_KEY_SIZE + 1 + 1 + 2 + 70) 110 #define DTLS_SKEXECPSK_LENGTH_MIN 2 111 #define DTLS_SKEXECPSK_LENGTH_MAX 2 + DTLS_PSK_MAX_CLIENT_IDENTITY_LEN 112 #define DTLS_CKXPSK_LENGTH_MIN 2 113 #define DTLS_CKXEC_LENGTH (1 + 1 + DTLS_EC_KEY_SIZE + DTLS_EC_KEY_SIZE) 114 #define DTLS_CV_LENGTH (1 + 1 + 2 + 1 + 1 + 1 + 1 + DTLS_EC_KEY_SIZE + 1 + 1 + DTLS_EC_KEY_SIZE) 115 #define DTLS_FIN_LENGTH 12 117 #define HS_HDR_LENGTH DTLS_RH_LENGTH + DTLS_HS_LENGTH 118 #define HV_HDR_LENGTH HS_HDR_LENGTH + DTLS_HV_LENGTH 120 #define HIGH(V) (((V) >> 8) & 0xff) 121 #define LOW(V) ((V) & 0xff) 123 #define DTLS_RECORD_HEADER(M) ((dtls_record_header_t *)(M)) 124 #define DTLS_HANDSHAKE_HEADER(M) ((dtls_handshake_header_t *)(M)) 126 #define HANDSHAKE(M) ((dtls_handshake_header_t *)((M) + DTLS_RH_LENGTH)) 127 #define CLIENTHELLO(M) ((dtls_client_hello_t *)((M) + HS_HDR_LENGTH)) 134 #define SKIP_VAR_FIELD(P,L,T) { \ 135 if (L < dtls_ ## T ## _to_int(P) + sizeof(T)) \ 137 L -= dtls_ ## T ## _to_int(P) + sizeof(T); \ 138 P += dtls_ ## T ## _to_int(P) + sizeof(T); \ 142 #define PRF_LABEL(Label) prf_label_##Label 143 #define PRF_LABEL_SIZE(Label) (sizeof(PRF_LABEL(Label)) - 1) 157 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01,
159 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07,
166 PROCESS(dtls_retransmit_process,
"DTLS retransmit process");
172 return &the_dtls_context;
205 #define CALL(Context, which, ...) \ 206 ((Context)->h && (Context)->h->which \ 207 ? (Context)->h->which((Context), ##__VA_ARGS__) \ 213 unsigned char type,
uint8 *buf_array[],
214 size_t buf_len_array[],
size_t buf_array_len);
232 uint8 *buf,
size_t buflen) {
234 type, &buf, &buflen, 1);
274 return (res >= 0) ? 0 : res;
300 if (msglen < (*msg & 0xff) +
sizeof(
uint8))
303 *cookie = msg +
sizeof(
uint8);
313 uint8 *msg,
size_t msglen,
314 uint8 *cookie,
int *clen) {
339 (
unsigned char *)&session->
addr, session->
size);
363 memset(cookie + len, 0, *clen - len);
367 memcpy(cookie, buf, *clen);
371 #ifdef DTLS_CHECK_CONTENTTYPE 373 static char const content_types[] = {
388 unsigned int rlen = 0;
391 #ifdef DTLS_CHECK_CONTENTTYPE
392 && strchr(content_types, msg[0])
415 static inline uint8 *
420 buf +=
sizeof(
uint8);
439 memset(buf, 0,
sizeof(
uint16));
440 return buf +
sizeof(
uint16);
449 static inline uint8 *
452 int frag_offset,
int frag_length,
456 buf +=
sizeof(
uint8);
468 memset(buf, 0,
sizeof(
uint16));
582 if (msg_epoch == 0) {
630 return "hello_request";
632 return "client_hello";
634 return "server_hello";
636 return "hello_verify_request";
638 return "certificate";
640 return "server_key_exchange";
642 return "certificate_request";
644 return "server_hello_done";
646 return "certificate_verify";
648 return "client_key_exchange";
665 unsigned char *pre_master_secret;
666 int pre_master_len = 0;
677 switch (handshake->
cipher) {
688 dtls_crit(
"no psk key for session available\n");
699 if (pre_master_len < 0) {
700 dtls_crit(
"the psk was too long, for the pre master secret\n");
715 if (pre_master_len < 0) {
716 dtls_crit(
"the curve was too long, for the pre master secret\n");
723 assert(!
"calculate_key_block: tried to use NULL cipher\n");
741 dtls_crit(
"calculate_key_block: unknown cipher %x04 \n", handshake->
cipher);
747 dtls_debug_dump(
"pre_master_secret", pre_master_secret, pre_master_len);
749 dtls_prf(pre_master_secret, pre_master_len,
787 if (i +
sizeof(
uint16) != data_length) {
788 dtls_warn(
"the list of the supported elliptic curves should be tls extension length - 2\n");
792 for (i = data_length -
sizeof(
uint16); i > 0; i -=
sizeof(
uint16)) {
801 dtls_warn(
"no supported elliptic curve found\n");
810 data +=
sizeof(
uint8);
811 if (i +
sizeof(
uint8) != data_length) {
812 dtls_warn(
"the list of the supported certificate types should be tls extension length - 1\n");
816 for (i = data_length -
sizeof(
uint8); i > 0; i -=
sizeof(
uint8)) {
819 data +=
sizeof(
uint8);
825 dtls_warn(
"no supported certificate type found\n");
834 data +=
sizeof(
uint8);
835 if (i +
sizeof(
uint8) != data_length) {
836 dtls_warn(
"the list of the supported ec_point_formats should be tls extension length - 1\n");
840 for (i = data_length -
sizeof(
uint8); i > 0; i -=
sizeof(
uint8)) {
843 data +=
sizeof(
uint8);
849 dtls_warn(
"no supported ec_point_format found\n");
858 uint8 *data,
size_t data_length,
int client_hello)
861 int ext_elliptic_curve = 0;
862 int ext_client_cert_type = 0;
863 int ext_server_cert_type = 0;
864 int ext_ec_point_formats = 0;
867 if (data_length <
sizeof(
uint16)) {
878 data_length -=
sizeof(
uint16);
884 while (data_length) {
885 if (data_length <
sizeof(
uint16) * 2)
891 data_length -=
sizeof(
uint16);
896 data_length -=
sizeof(
uint16);
903 ext_elliptic_curve = 1;
908 ext_client_cert_type = 1;
918 ext_server_cert_type = 1;
928 ext_ec_point_formats = 1;
936 dtls_info(
"skipped encrypt-then-mac extension\n");
939 dtls_warn(
"unsupported tls extension: %i\n", i);
946 if (!ext_elliptic_curve || !ext_client_cert_type || !ext_server_cert_type
947 || !ext_ec_point_formats) {
948 dtls_warn(
"not all required tls extensions found in client hello\n");
952 if (!ext_client_cert_type || !ext_server_cert_type) {
953 dtls_warn(
"not all required tls extensions found in server hello\n");
982 uint8 *data,
size_t data_length) {
1006 if (data_length < i +
sizeof(
uint16)) {
1020 data_length -=
sizeof(
uint16) + i;
1036 dtls_warn(
"No matching cipher found\n");
1040 if (data_length <
sizeof(
uint8)) {
1050 if (data_length < i +
sizeof(
uint8))
1053 data +=
sizeof(
uint8);
1054 data_length -=
sizeof(
uint8) + i;
1064 data +=
sizeof(
uint8);
1088 uint8 *data,
size_t length) {
1094 dtls_debug(
"The client key exchange is too short\n");
1100 dtls_alert(
"expected 65 bytes long public point\n");
1103 data +=
sizeof(
uint8);
1106 dtls_alert(
"expected uncompressed public point\n");
1109 data +=
sizeof(
uint8);
1125 dtls_debug(
"The client key exchange is too short\n");
1134 dtls_debug(
"The identity has a wrong length\n");
1139 dtls_warn(
"please use a smaller client identity\n");
1162 static inline size_t 1186 uint8 *data,
size_t data_length) {
1187 size_t digest_length, label_size;
1188 const unsigned char *label;
1226 b.verify_data,
sizeof(b.verify_data));
1264 uint8 *data_array[],
size_t data_len_array[],
1265 size_t data_array_len,
1266 uint8 *sendbuf,
size_t *rlen) {
1272 dtls_alert(
"The sendbuf (%zu bytes) is too small\n", *rlen);
1283 for (i = 0; i < data_array_len; i++) {
1286 dtls_debug(
"dtls_prepare_record: send buffer too small\n");
1290 memcpy(p, data_array[i], data_len_array[i]);
1291 p += data_len_array[i];
1292 res += data_len_array[i];
1299 #define A_DATA_LEN 13 1304 dtls_debug(
"dtls_prepare_record(): encrypt using TLS_PSK_WITH_AES_128_CCM_8\n");
1306 dtls_debug(
"dtls_prepare_record(): encrypt using TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8\n");
1308 dtls_debug(
"dtls_prepare_record(): encrypt using unknown cipher\n");
1355 for (i = 0; i < data_array_len; i++) {
1358 dtls_debug(
"dtls_prepare_record: send buffer too small\n");
1362 memcpy(p, data_array[i], data_len_array[i]);
1363 p += data_len_array[i];
1364 res += data_len_array[i];
1385 res =
dtls_encrypt(start + 8, res - 8, start + 8, nonce,
1409 uint8 *data,
size_t data_length,
1413 uint8 *data_array[2];
1414 size_t data_len_array[2];
1424 data_array[i] = buf;
1425 data_len_array[i] =
sizeof(buf);
1432 data_array[i] = data;
1433 data_len_array[i] = data_length;
1436 dtls_debug(
"send handshake packet of type: %s (%i)\n",
1439 data_array, data_len_array, i);
1446 uint8 *data,
size_t data_length)
1449 header_type, data, data_length, 1);
1466 #define MUST_HASH(Type, Data, Length) \ 1467 ((Type) == DTLS_CT_HANDSHAKE && \ 1468 ((Data) != NULL) && ((Length) > 0) && \ 1469 ((Data)[0] != DTLS_HT_HELLO_VERIFY_REQUEST) && \ 1470 ((Data)[0] != DTLS_HT_CLIENT_HELLO || \ 1471 ((Length) >= HS_HDR_LENGTH && \ 1472 (dtls_uint16_to_int(DTLS_RECORD_HEADER(Data)->epoch > 0) || \ 1473 (dtls_uint16_to_int(HANDSHAKE(Data)->message_seq) > 0))))) 1491 unsigned char type,
uint8 *buf_array[],
1492 size_t buf_len_array[],
size_t buf_array_len)
1501 size_t len =
sizeof(sendbuf);
1504 size_t overall_len = 0;
1506 res =
dtls_prepare_record(peer, security, type, buf_array, buf_len_array, buf_array_len, sendbuf, &len);
1515 for (i = 0; i < buf_array_len; i++) {
1517 overall_len += buf_len_array[i];
1534 for (i = 0; i < buf_array_len; i++) {
1535 memcpy(n->
data + n->
length, buf_array[i], buf_len_array[i]);
1536 n->
length += buf_len_array[i];
1540 dtls_warn(
"cannot add packet to retransmit buffer\n");
1545 PROCESS_CONTEXT_BEGIN(&dtls_retransmit_process);
1546 etimer_set(&ctx->retransmit_timer, n->
timeout);
1547 PROCESS_CONTEXT_END(&dtls_retransmit_process);
1558 res =
CALL(ctx, write, session, sendbuf, len);
1563 return res <= 0 ? res : (int)(overall_len - (len - (
unsigned int)res));
1569 uint8_t msg[] = { level, description };
1622 uint8 *data,
size_t data_length)
1627 uint8 *cookie = NULL;
1630 #define mycookie (buf + DTLS_HV_LENGTH) 1644 dtls_warn(
"error while fetching the cookie, err: %i\n", err);
1683 dtls_warn(
"cannot send HelloVerify request\n");
1693 unsigned char **result_r,
1694 unsigned char **result_s)
1697 uint8 *data_orig = data;
1700 dtls_alert(
"only sha256 is supported in certificate verify\n");
1703 data +=
sizeof(
uint8);
1704 data_length -=
sizeof(
uint8);
1707 dtls_alert(
"only ecdsa signature is supported in client verify\n");
1710 data +=
sizeof(
uint8);
1711 data_length -=
sizeof(
uint8);
1718 data_length -=
sizeof(
uint16);
1721 dtls_alert(
"wrong ASN.1 struct, expected SEQUENCE\n");
1724 data +=
sizeof(
uint8);
1725 data_length -=
sizeof(
uint8);
1731 data +=
sizeof(
uint8);
1732 data_length -=
sizeof(
uint8);
1735 dtls_alert(
"wrong ASN.1 struct, expected Integer\n");
1738 data +=
sizeof(
uint8);
1739 data_length -=
sizeof(
uint8);
1742 data +=
sizeof(
uint8);
1743 data_length -=
sizeof(
uint8);
1752 dtls_alert(
"wrong ASN.1 struct, expected Integer\n");
1755 data +=
sizeof(
uint8);
1756 data_length -=
sizeof(
uint8);
1759 data +=
sizeof(
uint8);
1760 data_length -=
sizeof(
uint8);
1768 return data - data_orig;
1774 uint8 *data,
size_t data_length)
1778 unsigned char *result_r;
1779 unsigned char *result_s;
1788 dtls_alert(
"the packet length does not match the expected\n");
1805 sha256hash,
sizeof(sha256hash),
1806 result_r, result_s);
1809 dtls_alert(
"wrong signature err: %i\n", ret);
1825 uint8 extension_size;
1831 extension_size = (ecdsa) ? 2 + 5 + 5 + 6 : 0;
1860 if (extension_size) {
1905 assert((buf <= p) && ((
unsigned int)(p - buf) <=
sizeof(buf)));
1914 #define DTLS_EC_SUBJECTPUBLICKEY_SIZE (2 * DTLS_EC_KEY_SIZE + sizeof(cert_asn1_header)) 1941 assert(p - buf <=
sizeof(buf));
1953 #define R_KEY_OFFSET (1 + 1 + 2 + 1 + 1 + 1 + 1) 1954 #define S_KEY_OFFSET(len_s) (R_KEY_OFFSET + (len_s) + 1 + 1) 2013 uint8 *ephemeral_pub_x;
2014 uint8 *ephemeral_pub_y;
2041 ephemeral_pub_x = p;
2045 ephemeral_pub_y = p;
2049 ephemeral_pub_x, ephemeral_pub_y,
2056 key_params, p - key_params,
2061 assert(p - buf <=
sizeof(buf));
2071 const unsigned char *psk_hint,
size_t len)
2081 dtls_warn(
"psk identity hint is too long\n");
2088 memcpy(p, psk_hint, len);
2091 assert((buf <= p) && ((
unsigned int)(p - buf) <=
sizeof(buf)));
2134 assert(p - buf <=
sizeof(buf));
2161 dtls_debug(
"dtls_server_hello: cannot prepare ServerHello record\n");
2169 res =
CALL(ctx, get_ecdsa_key, &peer->
session, &ecdsa_key);
2171 dtls_crit(
"no ecdsa certificate to send in certificate\n");
2178 dtls_debug(
"dtls_server_hello: cannot prepare Certificate record\n");
2185 dtls_debug(
"dtls_server_hello: cannot prepare Server Key Exchange record\n");
2194 dtls_debug(
"dtls_server_hello: cannot prepare certificate Request record\n");
2212 dtls_debug(
"dtls_server_hello: cannot create ServerKeyExchange\n");
2220 dtls_debug(
"dtls_server_key_exchange_psk: cannot send server key exchange record\n");
2230 dtls_debug(
"dtls_server_hello: cannot prepare ServerHelloDone record\n");
2253 switch (handshake->
cipher) {
2264 dtls_crit(
"no psk identity set in kx\n");
2270 dtls_warn(
"the psk identity is too long\n");
2287 uint8 *ephemeral_pub_x;
2288 uint8 *ephemeral_pub_y;
2297 ephemeral_pub_x = p;
2299 ephemeral_pub_y = p;
2303 ephemeral_pub_x, ephemeral_pub_y,
2311 assert(!
"NULL cipher requested");
2333 assert((buf <= p) && ((
unsigned int)(p - buf) <=
sizeof(buf)));
2364 sha256hash,
sizeof(sha256hash),
2369 assert(p - buf <=
sizeof(buf));
2378 const unsigned char *label,
size_t labellen)
2401 assert((buf <= p) && ((
unsigned int)(p - buf) <=
sizeof(buf)));
2409 uint8 cookie[],
size_t cookie_length) {
2422 cipher_size = 2 + ((ecdsa) ? 2 : 0) + ((psk) ? 2 : 0);
2423 extension_size = (ecdsa) ? 2 + 6 + 6 + 8 + 6: 0;
2425 if (cipher_size == 0) {
2426 dtls_crit(
"no cipher callbacks implemented\n");
2437 if (cookie_length == 0) {
2456 if (cookie_length != 0) {
2457 memcpy(p, cookie, cookie_length);
2481 if (extension_size) {
2549 assert((buf <= p) && ((
unsigned int)(p - buf) <=
sizeof(buf)));
2551 if (cookie_length != 0)
2556 buf, p - buf, cookie_length != 0);
2562 uint8 *data,
size_t data_length)
2593 data_length -=
sizeof(
uint16);
2608 dtls_alert(
"unsupported cipher 0x%02x 0x%02x\n",
2613 data_length -=
sizeof(
uint16);
2617 dtls_alert(
"unsupported compression method 0x%02x\n", data[0]);
2620 data +=
sizeof(
uint8);
2621 data_length -=
sizeof(
uint8);
2632 uint8 *data,
size_t data_length)
2654 uint8 *data,
size_t data_length)
2666 dtls_alert(
"expect length of %zu bytes for certificate\n",
2673 dtls_alert(
"got an unexpected Subject public key format\n");
2691 dtls_warn(
"The certificate was not accepted\n");
2701 uint8 *data,
size_t data_length)
2705 unsigned char *result_r;
2706 unsigned char *result_s;
2707 unsigned char *key_params;
2716 dtls_alert(
"the packet length does not match the expected\n");
2725 data +=
sizeof(
uint8);
2726 data_length -=
sizeof(
uint8);
2733 data_length -=
sizeof(
uint16);
2736 dtls_alert(
"expected 65 bytes long public point\n");
2739 data +=
sizeof(
uint8);
2740 data_length -=
sizeof(
uint8);
2743 dtls_alert(
"expected uncompressed public point\n");
2746 data +=
sizeof(
uint8);
2747 data_length -=
sizeof(
uint8);
2770 result_r, result_s);
2784 uint8 *data,
size_t data_length)
2797 dtls_alert(
"the packet length does not match the expected\n");
2805 dtls_warn(
"the length of the server identity hint is worng\n");
2810 dtls_warn(
"please use a smaller server identity hint\n");
2824 uint8 *data,
size_t data_length)
2839 dtls_alert(
"the packet length does not match the expected\n");
2844 data +=
sizeof(
uint8);
2845 if (i + 1 > data_length) {
2846 dtls_alert(
"the cerfificate types are too long\n");
2851 for (; i > 0 ; i -=
sizeof(
uint8)) {
2855 data +=
sizeof(
uint8);
2859 dtls_alert(
"the request authentication algorithm is not supproted\n");
2865 if (i + 1 > data_length) {
2866 dtls_alert(
"the signature and hash algorithm list is too long\n");
2872 for (; i > 0 ; i -=
sizeof(
uint16)) {
2873 int current_hash_alg;
2874 int current_sig_alg;
2877 data +=
sizeof(
uint8);
2879 data +=
sizeof(
uint8);
2883 hash_alg = current_hash_alg;
2884 sig_alg = current_sig_alg;
2890 dtls_alert(
"no supported hash and signature algorithem\n");
2903 uint8 *data,
size_t data_length)
2919 res =
CALL(ctx, get_ecdsa_key, &peer->
session, &ecdsa_key);
2921 dtls_crit(
"no ecdsa certificate to send in certificate\n");
2928 dtls_debug(
"dtls_server_hello: cannot prepare Certificate record\n");
2938 dtls_debug(
"cannot send KeyExchange message\n");
2948 dtls_debug(
"dtls_server_hello: cannot prepare Certificate record\n");
2997 #define A_DATA_LEN 13 3027 clen =
dtls_decrypt(*cleartext, clen, *cleartext, nonce,
3035 printf(
"decrypt_verify(): found %i bytes cleartext\n", clen);
3091 uint8 *data,
size_t data_length) {
3108 dtls_debug(
"handle handshake packet of type: %s (%i)\n",
3123 dtls_warn(
"error in check_server_hello_verify_request err: %i\n", err);
3136 dtls_warn(
"error in check_server_hello err: %i\n", err);
3156 dtls_warn(
"error in check_server_certificate err: %i\n", err);
3189 dtls_warn(
"error in check_server_key_exchange err: %i\n", err);
3205 dtls_warn(
"error in check_server_hellodone err: %i\n", err);
3221 dtls_warn(
"error in check_certificate_request err: %i\n", err);
3236 dtls_warn(
"error in check_finished err: %i\n", err);
3254 dtls_warn(
"sending server Finished failed\n");
3280 dtls_warn(
"error in check_client_keyexchange err: %i\n", err);
3301 dtls_warn(
"error in check_client_certificate_verify err: %i\n", err);
3328 dtls_warn(
"error in dtls_verify_peer err: %i\n", err);
3333 dtls_debug(
"server hello verify was sent\n");
3397 dtls_warn(
"error updating security parameters\n");
3447 dtls_crit(
"unhandled message %d\n", data[0]);
3461 uint8 *data,
size_t data_length)
3467 dtls_warn(
"handshake message too short\n");
3472 dtls_debug(
"received handshake packet of type: %s (%i)\n",
3478 dtls_warn(
"If there is no peer only ClientHello is allowed\n");
3488 dtls_warn(
"ignore unexpected handshake message\n");
3494 dtls_warn(
"The message sequence number is too small, expected %i, got: %i\n",
3503 dtls_warn(
"the packet is too big to buffer for reoder\n");
3511 dtls_warn(
"a packet with this sequence number is already stored\n");
3519 dtls_warn(
"no space in reoder buffer\n");
3525 memcpy(n->
data, data, data_length);
3528 dtls_warn(
"cannot add packet to reoder buffer\n");
3531 dtls_info(
"Added packet for reordering\n");
3570 uint8 *record_header,
uint8 *data,
size_t data_length)
3574 (void)record_header;
3583 dtls_warn(
"expected ChangeCipherSpec during handshake\n");
3587 if (data_length < 1 || data[0] != 1)
3610 uint8 *record_header,
uint8 *data,
size_t data_length) {
3612 (void)record_header;
3614 if (data_length < 2)
3617 dtls_info(
"** Alert: level %d, description %d\n", data[0], data[1]);
3620 dtls_warn(
"got an alert for an unknown peer, we probably already removed it, ignore it\n");
3637 PRINTF(
"removed peer [");
3677 if (err < -(1 << 8) && err > -(3 << 8)) {
3678 level = ((-err) & 0xff00) >> 8;
3679 desc = (-err) & 0xff;
3687 }
else if (err == -1) {
3705 uint8 *msg,
int msglen) {
3717 dtls_debug(
"dtls_handle_message: PEER NOT FOUND\n");
3720 dtls_debug(
"dtls_handle_message: FOUND PEER\n");
3723 while ((rlen =
is_record(msg,msglen))) {
3727 dtls_debug(
"got packet %d (%d bytes)\n", msg[0], rlen);
3737 if(pkt_seq_nr == 0 && security->
cseq.
cseq == 0) {
3743 }
else if (pkt_seq_nr == security->
cseq.
cseq) {
3744 dtls_info(
"Duplicate packet arrived (cseq=%" PRIu64
")\n", security->
cseq.
cseq);
3746 }
else if ((int64_t)(security->
cseq.
cseq-pkt_seq_nr) > 0) {
3747 if (((security->
cseq.
cseq-1)-pkt_seq_nr) < 64) {
3749 dtls_info(
"Duplicate packet arrived (bitfield)\n");
3753 dtls_info(
"Packet arrived out of order\n");
3755 if(data_length > 0) {
3760 dtls_info(
"Packet from before the bitfield arrived\n");
3765 if(data_length > 0) {
3769 dtls_debug(
"new packet arrived with seq_nr: %" PRIu64
"\n", pkt_seq_nr);
3774 if (data_length < 0) {
3793 state = peer->
state;
3817 err =
handle_ccs(ctx, peer, msg, data, data_length);
3819 dtls_warn(
"error while handling ChangeCipherSpec message\n");
3835 if (err < 0 || err == 1) {
3836 dtls_warn(
"received alert, peer has been invalidated\n");
3839 return err < 0 ?err:-1;
3849 uint16_t msg_epoch =
3861 if (expected_epoch != msg_epoch) {
3866 dtls_warn(
"Wrong epoch, expected %i, got: %i\n",
3867 expected_epoch, msg_epoch);
3873 err =
handle_handshake(ctx, peer, session, role, state, data, data_length);
3875 dtls_warn(
"error while handling handshake packet\n");
3889 dtls_warn(
"no peer available, send an alert\n");
3894 CALL(ctx, read, &peer->
session, data, data_length);
3897 dtls_info(
"dropped unknown message of type %d\n",msg[0]);
3912 #ifndef WITH_CONTIKI 3913 FILE *urandom = fopen(
"/dev/urandom",
"r");
3914 unsigned char buf[
sizeof(
unsigned long)];
3927 if (fread(buf, 1,
sizeof(buf), urandom) !=
sizeof(buf)) {
3944 process_start(&dtls_retransmit_process, (
char *)c);
3945 PROCESS_CONTEXT_BEGIN(&dtls_retransmit_process);
3947 etimer_set(&c->retransmit_timer, 0xFFFF);
3948 PROCESS_CONTEXT_END(&coap_retransmit_process);
3980 #ifdef DTLS_PEERS_NOHASH 4002 dtls_debug(
"found peer, try to re-connect\n");
4051 }
else if (res == 0) {
4060 if (!context || !node)
4066 size_t len =
sizeof(sendbuf);
4068 unsigned char *data = node->
data;
4069 size_t length = node->
length;
4081 dtls_debug(
"** retransmit handshake packet of type: %s (%i)\n",
4090 dtls_warn(
"can not retransmit packet, err: %i\n", err);
4131 while (node && node->
t <= now) {
4138 *next = node ? node->
t : 0;
4146 PROCESS_THREAD(dtls_retransmit_process, ev, data)
4153 dtls_debug(
"Started DTLS retransmit process\r\n");
4157 if (ev == PROCESS_EVENT_TIMER) {
4158 if (etimer_expired(&the_dtls_context.retransmit_timer)) {
4163 if (node && node->
t <= now) {
4171 etimer_set(&the_dtls_context.retransmit_timer,
4172 node->
t <= now ? 1 : node->
t - now);
4174 etimer_set(&the_dtls_context.retransmit_timer, 0xFFFF);
int netq_insert_node(netq_t **queue, netq_t *node)
#define CALL(Context, which,...)
unsigned char identity[DTLS_PSK_MAX_CLIENT_IDENTITY_LEN]
static void copy_hs_hash(dtls_peer_t *peer, dtls_hash_ctx *hs_hash)
static int is_psk_supported(dtls_context_t *ctx)
unsigned char retransmit_cnt
struct netq_t * sendqueue
int dtls_connect(dtls_context_t *ctx, const session_t *dst)
netq_t * netq_pop_first(netq_t **queue)
void dtls_handshake_free(dtls_handshake_parameters_t *handshake)
static int check_server_hello(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t data_length)
int dtls_session_equals(const session_t *a, const session_t *b)
int dtls_handle_message(dtls_context_t *ctx, session_t *session, uint8 *msg, int msglen)
#define DTLS_HT_SERVER_HELLO
unsigned char cookie_secret[DTLS_COOKIE_SECRET_LENGTH]
static void clear_hs_hash(dtls_peer_t *peer)
#define DTLS_CT_HANDSHAKE
static int dtls_check_ecdsa_signature_elem(uint8 *data, size_t data_length, unsigned char **result_r, unsigned char **result_s)
static int dtls_update_parameters(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t data_length)
int(* get_ecdsa_key)(struct dtls_context_t *ctx, const session_t *session, const dtls_ecdsa_key_t **result)
#define dtls_kb_remote_iv(Param, Role)
static int check_server_hellodone(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t data_length)
#define dtls_kb_local_iv(Param, Role)
void dtls_hmac_update(dtls_hmac_context_t *ctx, const unsigned char *input, size_t ilen)
int dtls_ecdh_pre_master_secret(unsigned char *priv_key, unsigned char *pub_key_x, unsigned char *pub_key_y, size_t key_size, unsigned char *result, size_t result_len)
static int dtls_alert_fatal_create(dtls_alert_t desc)
static int dtls_send(dtls_context_t *ctx, dtls_peer_t *peer, unsigned char type, uint8 *buf, size_t buflen)
const unsigned char * priv_key
int dtls_psk_pre_master_secret(unsigned char *key, size_t keylen, unsigned char *result, size_t result_len)
#define dtls_kb_server_mac_secret(Param, Role)
static int hs_attempt_with_existing_peer(uint8_t *msg, size_t msglen, dtls_peer_t *peer)
int dtls_encrypt(const unsigned char *src, size_t length, unsigned char *buf, unsigned char *nounce, unsigned char *key, size_t keylen, const unsigned char *aad, size_t la)
static int dtls_send_finished(dtls_context_t *ctx, dtls_peer_t *peer, const unsigned char *label, size_t labellen)
static dtls_context_t * malloc_context(void)
#define TLS_EXT_EC_POINT_FORMATS_UNCOMPRESSED
#define TLS_EXT_SERVER_CERTIFICATE_TYPE
#define DTLS_COOKIE_LENGTH
#define DTLS_CT_APPLICATION_DATA
static uint8 * dtls_add_ecdsa_signature_elem(uint8 *p, uint32_t *point_r, uint32_t *point_s)
static int check_certificate_request(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t data_length)
#define HASH_ITER(hh, head, el, tmp)
netq_t * netq_next(netq_t *p)
static void check_stack(void)
struct dtls_handshake_parameters_t::@0::random_t random
static const unsigned char prf_label_client[]
dtls_peer_t * dtls_get_peer(const dtls_context_t *ctx, const session_t *session)
static int dtls_int_to_uint48(unsigned char *field, uint64_t value)
#define DTLS_SKEXECPSK_LENGTH_MAX
#define dtls_kb_size(Param, Role)
#define DTLS_HT_SERVER_KEY_EXCHANGE
static int dtls_send_server_key_exchange_psk(dtls_context_t *ctx, dtls_peer_t *peer, const unsigned char *psk_hint, size_t len)
void dtls_clock_init(void)
void dtls_ecdsa_create_sig_hash(const unsigned char *priv_key, size_t key_size, const unsigned char *sign_hash, size_t sign_hash_size, uint32_t point_r[9], uint32_t point_s[9])
#define DEL_PEER(head, delptr)
static int verify_ext_ec_point_formats(uint8 *data, size_t data_length)
static int is_ecdsa_supported(dtls_context_t *ctx, int is_client)
#define dtls_get_fragment_length(H)
static int dtls_int_to_uint24(unsigned char *field, uint32_t value)
static int dtls_send_handshake_msg_hash(dtls_context_t *ctx, dtls_peer_t *peer, session_t *session, uint8 header_type, uint8 *data, size_t data_length, int add_hash)
int(* get_psk_info)(struct dtls_context_t *ctx, const session_t *session, dtls_credentials_type_t type, const unsigned char *desc, size_t desc_len, unsigned char *result, size_t result_length)
#define dtls_debug_hexdump(name, buf, length)
static int handle_alert(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *record_header, uint8 *data, size_t data_length)
#define DTLS_CKXPSK_LENGTH_MIN
netq_t * netq_node_new(size_t size)
static int dtls_verify_peer(dtls_context_t *ctx, dtls_peer_t *peer, session_t *session, const dtls_state_t state, uint8 *data, size_t data_length)
static uint8 * dtls_set_handshake_header(uint8 type, dtls_peer_t *peer, int length, int frag_offset, int frag_length, uint8 *buf)
#define TLS_EXT_ELLIPTIC_CURVES_SECP256R1
static void netq_init(void)
static int is_tls_ecdhe_ecdsa_with_aes_128_ccm_8(dtls_cipher_t cipher)
dtls_sha256_ctx dtls_hash_ctx
clock_time_t cookie_secret_age
netq_t * netq_head(netq_t **queue)
#define DTLS_EVENT_CONNECT
static void dtls_stop_retransmission(dtls_context_t *context, dtls_peer_t *peer)
static dtls_security_parameters_t * dtls_security_params_epoch(dtls_peer_t *peer, uint16_t epoch)
#define DTLS_HANDSHAKE_HEADER(M)
static int dtls_send_alert(dtls_context_t *ctx, dtls_peer_t *peer, dtls_alert_level_t level, dtls_alert_t description)
#define TLS_EC_CURVE_TYPE_NAMED_CURVE
static int dtls_send_certificate_verify_ecdh(dtls_context_t *ctx, dtls_peer_t *peer, const dtls_ecdsa_key_t *key)
static int check_client_certificate_verify(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t data_length)
#define dtls_kb_client_write_key(Param, Role)
void dtls_ecdsa_generate_key(unsigned char *priv_key, unsigned char *pub_key_x, unsigned char *pub_key_y, size_t key_size)
int dtls_ec_key_from_uint32_asn1(const uint32_t *key, size_t key_size, unsigned char *buf)
union dtls_handshake_parameters_t::@1 keyx
#define FIND_PEER(head, sess, out)
int dtls_ecdsa_verify_sig(const unsigned char *pub_key_x, const unsigned char *pub_key_y, size_t key_size, const unsigned char *client_random, size_t client_random_size, const unsigned char *server_random, size_t server_random_size, const unsigned char *keyx_params, size_t keyx_params_size, unsigned char *result_r, unsigned char *result_s)
#define TLS_EXT_SIG_HASH_ALGO_SHA256
unsigned int do_client_auth
union dtls_handshake_parameters_t::@0 tmp
#define dtls_kb_iv_size(Param, Role)
static int known_cipher(dtls_context_t *ctx, dtls_cipher_t code, int is_client)
#define DTLS_HMAC_DIGEST_SIZE
static int dtls_send_server_key_exchange_ecdh(dtls_context_t *ctx, dtls_peer_t *peer, const dtls_ecdsa_key_t *key)
static uint8_t dtls_uint8_to_int(const unsigned char *field)
#define TLS_EXT_SIG_HASH_ALGO_ECDSA
#define dtls_kb_remote_write_key(Param, Role)
static void dtls_security_params_free_other(dtls_peer_t *peer)
#define TLS_CLIENT_CERTIFICATE_TYPE_ECDSA_SIGN
static int dtls_alert_create(dtls_alert_level_t level, dtls_alert_t desc)
static int dtls_send_server_hello_done(dtls_context_t *ctx, dtls_peer_t *peer)
#define DTLS_HT_SERVER_HELLO_DONE
static int dtls_send_server_hello(dtls_context_t *ctx, dtls_peer_t *peer)
#define DTLS_PSK_MAX_CLIENT_IDENTITY_LEN
#define TLS_EXT_ELLIPTIC_CURVES
#define DTLS_CH_LENGTH_MAX
#define DTLS_SKEXECPSK_LENGTH_MIN
#define DTLS_COOKIE_LENGTH_MAX
static int check_server_key_exchange_psk(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t data_length)
#define MAX_KEYBLOCK_LENGTH
static const unsigned char prf_label_finished[]
static int dtls_send_client_key_exchange(dtls_context_t *ctx, dtls_peer_t *peer)
int(* verify_ecdsa_key)(struct dtls_context_t *ctx, const session_t *session, const unsigned char *other_pub_x, const unsigned char *other_pub_y, size_t key_size)
#define TLS_EXT_ENCRYPT_THEN_MAC
static int dtls_check_tls_extension(dtls_peer_t *peer, uint8 *data, size_t data_length, int client_hello)
dtls_handshake_parameters_psk_t psk
static int check_server_key_exchange_ecdsa(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t data_length)
struct netq_t * reorder_queue
#define DTLS_RANDOM_LENGTH
void dtls_hmac_init(dtls_hmac_context_t *ctx, const unsigned char *key, size_t klen)
#define TLS_EXT_EC_POINT_FORMATS
static int dtls_send_hello_request(dtls_context_t *ctx, dtls_peer_t *peer)
dtls_handshake_parameters_t * handshake_params
static void dtls_hash_init(dtls_hash_t ctx)
#define dtls_debug_dump(name, buf, length)
const unsigned char * pub_key_y
#define dtls_kb_mac_secret_size(Param, Role)
static int check_client_keyexchange(dtls_context_t *ctx, dtls_handshake_parameters_t *handshake, uint8 *data, size_t length)
int dtls_close(dtls_context_t *ctx, const session_t *remote)
static int check_finished(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t data_length)
static int verify_ext_eliptic_curves(uint8 *data, size_t data_length)
#define SKIP_VAR_FIELD(P, L, T)
static int calculate_key_block(dtls_context_t *ctx, dtls_handshake_parameters_t *handshake, dtls_peer_t *peer, session_t *session, dtls_peer_type role)
#define DTLS_DEFAULT_MAX_RETRANSMIT
#define PRF_LABEL_SIZE(Label)
static int handle_handshake(dtls_context_t *ctx, dtls_peer_t *peer, session_t *session, const dtls_peer_type role, const dtls_state_t state, uint8 *data, size_t data_length)
#define DTLS_HT_CLIENT_HELLO
dtls_compression_t compression
static uint8 * dtls_set_record_header(uint8 type, dtls_security_parameters_t *security, uint8 *buf)
static void dtls_retransmit(dtls_context_t *context, netq_t *node)
static const unsigned char prf_label_key[]
void dtls_dsrv_log_addr(log_t level, const char *name, const session_t *addr)
int dtls_connect_peer(dtls_context_t *ctx, dtls_peer_t *peer)
static int dtls_send_server_hello_msgs(dtls_context_t *ctx, dtls_peer_t *peer)
#define DTLS_HT_CERTIFICATE_VERIFY
static int dtls_int_to_uint16(unsigned char *field, uint16_t value)
static void dtls_hash_update(dtls_hash_t ctx, const unsigned char *input, size_t len)
#define DTLS_HASH_CTX_SIZE
High level DTLS API and visible structures.
#define DTLS_HT_CERTIFICATE_REQUEST
int dtls_hmac_finalize(dtls_hmac_context_t *ctx, unsigned char *result)
const unsigned char * pub_key_x
static uint16_t dtls_uint16_to_int(const unsigned char *field)
static const unsigned char prf_label_master[]
#define dtls_get_epoch(H)
static dtls_security_parameters_t * dtls_security_params(dtls_peer_t *peer)
void dtls_ecdsa_create_sig(const unsigned char *priv_key, size_t key_size, const unsigned char *client_random, size_t client_random_size, const unsigned char *server_random, size_t server_random_size, const unsigned char *keyx_params, size_t keyx_params_size, uint32_t point_r[9], uint32_t point_s[9])
#define dtls_kb_server_write_key(Param, Role)
int dtls_ecdsa_verify_sig_hash(const unsigned char *pub_key_x, const unsigned char *pub_key_y, size_t key_size, const unsigned char *sign_hash, size_t sign_hash_size, unsigned char *result_r, unsigned char *result_s)
#define dtls_kb_client_mac_secret(Param, Role)
static const unsigned char prf_label_server[]
int dtls_renegotiate(dtls_context_t *ctx, const session_t *dst)
dtls_compression_t compression
#define DTLS_MASTER_SECRET_LENGTH
void dtls_free_peer(dtls_peer_t *peer)
uint8 key_block[MAX_KEYBLOCK_LENGTH]
static void dtls_security_params_switch(dtls_peer_t *peer)
void dtls_free_context(dtls_context_t *ctx)
static int dtls_int_to_uint32(unsigned char *field, uint32_t value)
static void update_hs_hash(dtls_peer_t *peer, uint8 *data, size_t length)
#define DTLS_CKXEC_LENGTH
static const unsigned char cert_asn1_header[]
uint8 other_eph_pub_y[32]
dtls_context_t * dtls_new_context(void *app_data)
void dtls_hmac_storage_init(void)
#define LL_FOREACH_SAFE(head, el, tmp)
uint8 master_secret[DTLS_MASTER_SECRET_LENGTH]
static unsigned int is_record(uint8 *msg, size_t msglen)
#define DTLS_EVENT_CONNECTED
void netq_remove(netq_t **queue, netq_t *p)
static int dtls_send_handshake_msg(dtls_context_t *ctx, dtls_peer_t *peer, uint8 header_type, uint8 *data, size_t data_length)
static int dtls_create_cookie(dtls_context_t *ctx, session_t *session, uint8 *msg, size_t msglen, uint8 *cookie, int *clen)
#define DTLS_RECORD_HEADER(M)
#define DTLS_HT_HELLO_REQUEST
#define DTLS_HT_HELLO_VERIFY_REQUEST
static void dtls_prng_init(unsigned short seed)
static int is_ecdsa_client_auth_supported(dtls_context_t *ctx)
#define DTLS_PSK_MAX_KEY_LEN
#define DTLS_CCM_BLOCKSIZE
static int check_server_hello_verify_request(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t data_length)
dtls_handshake_parameters_ecdsa_t ecdsa
static int check_server_certificate(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t data_length)
static int dtls_send_certificate_ecdsa(dtls_context_t *ctx, dtls_peer_t *peer, const dtls_ecdsa_key_t *key)
static int is_tls_psk_with_aes_128_ccm_8(dtls_cipher_t cipher)
void dtls_reset_peer(dtls_context_t *ctx, dtls_peer_t *peer)
#define dtls_kb_client_iv(Param, Role)
static uint64_t dtls_uint48_to_int(const unsigned char *field)
#define DTLS_EC_SUBJECTPUBLICKEY_SIZE
static int dtls_prng(unsigned char *buf, size_t len)
void netq_node_free(netq_t *node)
static int equals(unsigned char *a, unsigned char *b, size_t len)
#define dtls_kb_key_size(Param, Role)
static size_t dtls_hash_finalize(unsigned char *buf, dtls_hash_t ctx)
static int verify_ext_cert_type(uint8 *data, size_t data_length)
#define DTLS_SKEXEC_LENGTH
static dtls_security_parameters_t * dtls_security_params_next(dtls_peer_t *peer)
static int dtls_int_to_uint8(unsigned char *field, uint8_t value)
static int dtls_send_multi(dtls_context_t *ctx, dtls_peer_t *peer, dtls_security_parameters_t *security, session_t *session, unsigned char type, uint8 *buf_array[], size_t buf_len_array[], size_t buf_array_len)
static int dtls_send_client_hello(dtls_context_t *ctx, dtls_peer_t *peer, uint8 cookie[], size_t cookie_length)
static void dtls_destroy_peer(dtls_context_t *ctx, dtls_peer_t *peer, int unlink)
static int dtls_send_server_certificate_request(dtls_context_t *ctx, dtls_peer_t *peer)
#define S_KEY_OFFSET(len_s)
static void dtls_debug_keyblock(dtls_security_parameters_t *config)
uint8 other_eph_pub_x[32]
dtls_peer_t * dtls_new_peer(const session_t *session)
#define DTLS_EVENT_RENEGOTIATE
#define DTLS_HT_CERTIFICATE
int dtls_write(struct dtls_context_t *ctx, session_t *dst, uint8 *buf, size_t len)
#define ADD_PEER(head, sess, add)
#define TLS_CERT_TYPE_RAW_PUBLIC_KEY
static int dtls_get_cookie(uint8 *msg, size_t msglen, uint8 **cookie)
static int dtls_prepare_record(dtls_peer_t *peer, dtls_security_parameters_t *security, unsigned char type, uint8 *data_array[], size_t data_len_array[], size_t data_array_len, uint8 *sendbuf, size_t *rlen)
#define DTLS_HT_CLIENT_KEY_EXCHANGE
void dtls_check_retransmit(dtls_context_t *context, clock_time_t *next)
static int handle_handshake_msg(dtls_context_t *ctx, dtls_peer_t *peer, session_t *session, const dtls_peer_type role, const dtls_state_t state, uint8 *data, size_t data_length)
#define DTLS_COOKIE_SECRET_LENGTH
#define dtls_kb_server_iv(Param, Role)
static size_t finalize_hs_hash(dtls_peer_t *peer, uint8 *buf)
static int dtls_add_peer(dtls_context_t *ctx, dtls_peer_t *peer)
#define dtls_kb_local_write_key(Param, Role)
static char * dtls_handshake_type_to_name(int type)
dtls_handshake_parameters_t * dtls_handshake_new(void)
size_t dtls_prf(const unsigned char *key, size_t keylen, const unsigned char *label, size_t labellen, const unsigned char *random1, size_t random1len, const unsigned char *random2, size_t random2len, unsigned char *buf, size_t buflen)
#define DTLS_CT_CHANGE_CIPHER_SPEC
static uint32_t dtls_uint24_to_int(const unsigned char *field)
void dtls_ticks(dtls_tick_t *t)
static void free_context(dtls_context_t *context)
static uint8 compression_methods[]
static int dtls_send_ccs(dtls_context_t *ctx, dtls_peer_t *peer)
static int handle_ccs(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *record_header, uint8 *data, size_t data_length)
static int dtls_alert_send_from_err(dtls_context_t *ctx, dtls_peer_t *peer, session_t *session, int err)
int dtls_decrypt(const unsigned char *src, size_t length, unsigned char *buf, unsigned char *nounce, unsigned char *key, size_t keylen, const unsigned char *aad, size_t la)
static int decrypt_verify(dtls_peer_t *peer, uint8 *packet, size_t length, uint8 **cleartext)
#define TLS_EXT_CLIENT_CERTIFICATE_TYPE