1
10
13
14
20
21
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
95
96
97
98
99
103
107
108
114
115
117
118
119
120
123
124
125
126
127
128
129
130
131
132
133
137
138
139
140
141
142
143
...
...
...
#define NX_SECURE_SOURCE_CODE
#include "nx_secure_tls.h"
...
...
UINT _nx_secure_tls_send_finished(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet)
{
UCHAR *finished_label;
UINT hash_size = 0;
UINT status;
UINT is_server;
is_server = (tls_session -> nx_secure_tls_socket_type == NX_SECURE_TLS_SESSION_TYPE_SERVER);
#if (NX_SECURE_TLS_TLS_1_3_ENABLED)
if(tls_session->nx_secure_tls_1_3)
{
status = _nx_secure_tls_1_3_finished_hash_generate(tls_session, is_server, &hash_size,
send_packet -> nx_packet_append_ptr,
((ULONG)(send_packet -> nx_packet_data_end) -
(ULONG)(send_packet -> nx_packet_append_ptr)));
}if (tls_session->nx_secure_tls_1_3) { ... }
else
#endif
{
if (is_server)
{
finished_label = (UCHAR *)"server finished";
}if (is_server) { ... }
else
{
finished_label = (UCHAR *)"client finished";
}else { ... }
if (NX_SECURE_TLS_FINISHED_HASH_SIZE > ((ULONG)(send_packet -> nx_packet_data_end) - (ULONG)(send_packet -> nx_packet_append_ptr)))
{
return(NX_SECURE_TLS_PACKET_BUFFER_TOO_SMALL);
}if (NX_SECURE_TLS_FINISHED_HASH_SIZE > ((ULONG)(send_packet -> nx_packet_data_end) - (ULONG)(send_packet -> nx_packet_append_ptr))) { ... }
/* ... */
status = _nx_secure_tls_finished_hash_generate(tls_session, finished_label, send_packet -> nx_packet_append_ptr);
#ifndef NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION
/* ... */
NX_SECURE_MEMCPY(tls_session -> nx_secure_tls_local_verify_data, send_packet -> nx_packet_append_ptr, NX_SECURE_TLS_FINISHED_HASH_SIZE); /* ... */
#endif
hash_size = NX_SECURE_TLS_FINISHED_HASH_SIZE;
}else { ... }
send_packet -> nx_packet_append_ptr = send_packet -> nx_packet_append_ptr + hash_size;
send_packet -> nx_packet_length = send_packet -> nx_packet_length + hash_size;
if (status != NX_SUCCESS)
{
return(status);
}if (status != NX_SUCCESS) { ... }
status = _nx_secure_tls_remote_certificate_free_all(tls_session);
return(status);
}{ ... }