PolarSSL is now part of ARM Official announcement and rebranded as mbed TLS.

Questions about renego_status


Nov 15, 2017 09:54
tomson

Recently, i have been reading the source code about mbed TLS , in the part of how ssl_client1 conmunicates with ssl_server, i may encounter some problems , i can't really understand what's the meaning of "renego_status"。Renego_status have foure states: 1)MBEDTLS_SSL_INITIAL_HANDSHAKE
2)MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS
3)MBEDTLS_SSL_RENEGOTIATION_DONE
4)MBEDTLS_SSL_RENEGOTIATION_PENDING
who can explain it for me? thanks very much !!!

 
Nov 15, 2017 12:16
Ron Eldor

Hi tomson,
As shown in the documentation:

#define     MBEDTLS_SSL_INITIAL_HANDSHAKE   0 
#define     MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS   1 /* In progress */ 
#define     MBEDTLS_SSL_RENEGOTIATION_DONE   2 /* Done or aborted */ 
#define     MBEDTLS_SSL_RENEGOTIATION_PENDING   3 /* Requested (server only) */

These definitions are used internally by the TLS state machine, and define the current status of renegotiation.
MBEDTLS_SSL_INITIAL_HANDSHAKE - initialized status, and negotiation is not done
MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS - we are currently doing renegotiation
MBEDTLS_SSL_RENEGOTIATION_DONE - renegotiation has finished
MBEDTLS_SSL_RENEGOTIATION_PENDING - we are a TLS server, and we asked the client to renegotiate
Regards,
Mbed TLS Team member
Ron

 
Nov 16, 2017 00:39
tomson

Hi Ron, Thanks for your reply. But i'm still confused about something: Your answer means that MBEDTLS_SSL_INITIAL_HANDSHAKE happens in the first handshake between client and server, at that stage(1) they don't have any history session data that can be resumed. MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS and MBEDTLS_SSL_RENEGOTIATION_DONE happen in the second handshake between client and server,at that stage(2) they will resume history session data which they got from last handshake. My understanding is right or not ??? Can you help me mark the renego_status in the follow sketch1)2) ? Thanks very much!!!

1) Client Server

  ClientHello            -------->
                                                  ServerHello
                                                 Certificate*
                                           ServerKeyExchange*
                                          CertificateRequest*
                               <--------      ServerHelloDone
  Certificate*
  ClientKeyExchange
  CertificateVerify*
  [ChangeCipherSpec]
  Finished                -------->
                                           [ChangeCipherSpec]
                               <--------             Finished
  Application Data   <------->     Application Data

2) Client Server

  ClientHello             -------->
                                <--------             ServerHello

  [ChangeCipherSpec]
  Finished                -------->
                                           [ChangeCipherSpec]
                               <--------             Finished
  Application Data   <------->     Application Data
 
Nov 23, 2017 03:52
tomson

who can answer my question???Ron??

 
Nov 23, 2017 10:14
Ron Eldor

Hi tomson,
I think your are confusing between session renegotiation and session resumption.
Session renegotiation happens after a first negotiation, and can be used to allow the Client and Server to change the Cipher negotiated during the first handshake which provided the flexibility to change the Authentication Method as well as Cipher for Data Transfer. It is triggered, as mentioned in the code:

/*
 * Actually renegotiate current connection, triggered by either:
 * - any side: calling mbedtls_ssl_renegotiate(),
 * - client: receiving a HelloRequest during mbedtls_ssl_read(),
 * - server: receiving any handshake message on server during mbedtls_ssl_read() after
 *   the initial handshake is completed.
 * If the handshake doesn't complete due to waiting for I/O, it will continue
 * during the next calls to mbedtls_ssl_renegotiate() or mbedtls_ssl_read() respectively.
 */

AS mentioned, renegotiation allows changing the negotiated cipher, on a secure connection.
Session resumption is what you are describing in (2). This allows the client to resume a previously established connection, by sending a session ID to the server, as part of the ClientHello message.
Regards,
Mbed TLS Team member
Ron