TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / e1e344213a241bfab90af7bec151d48100b3c475^! / . / library / ssl_misc.h
commite1e344213a241bfab90af7bec151d48100b3c475[log] [tgz]
authorXiaofei Bai <xiaofei.bai@arm.com>Thu Dec 23 12:09:05 2021 +0000
committerXiaofei Bai <xiaofei.bai@arm.com>Wed Jan 26 09:31:52 2022 +0000
treeeab0e5e8aaf53d2687487740c33b5273f05cba62
parentf51b79c2977c4dfb1264d390e6d3634c2f1e2a5e [diff] [blame]
Add TLS1.3 process certificate request

Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 788fafd..1db6202 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h

@@ -556,6 +556,13 @@
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
     unsigned char retransmit_state;     /*!<  Retransmission state           */
 #endif
+    /*
+     * Handshake specific crypto variables
+     */
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    int recv_sig_schemes_list[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
+                                    /*!<  Received signature algorithms */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
     unsigned char group_list_heap_allocated;
@@ -802,6 +809,12 @@
                                              represents an extension and defined
                                              as \c MBEDTLS_SSL_EXT_XXX */
 
+#if defined(MBEDTLS_ECDSA_C)
+    unsigned char cert_req_ctx_len;     /*!< certificate request context
+                                             length */
+    unsigned char* cert_req_ctx;        /*!< certificate request context */
+#endif
+
     union
     {
         unsigned char early    [MBEDTLS_TLS1_3_MD_MAX_SIZE];
@@ -1688,6 +1701,11 @@
                                            size_t *buf_len );
 
 /*
+ * Handler of TLS 1.3 server certificate request message
+ */
+int mbedtls_ssl_tls13_process_certificate_request( mbedtls_ssl_context *ssl );
+
+/*
  * Handler of TLS 1.3 server certificate message
  */
 int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl );