LibTLS: Update HandshakeType value names to match IANA registry values

Userland/Libraries/LibTLS/Extensions.h

@@ -62,6 +62,37 @@ enum class AlertLevel : u8 {
     __ENUM_ALERT_LEVELS
 };
 
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-7
+#define __ENUM_HANDSHAKE_TYPES                        \
+    _ENUM_KEY_VALUE(HELLO_REQUEST_RESERVED, 0)        \
+    _ENUM_KEY_VALUE(CLIENT_HELLO, 1)                  \
+    _ENUM_KEY_VALUE(SERVER_HELLO, 2)                  \
+    _ENUM_KEY_VALUE(HELLO_VERIFY_REQUEST_RESERVED, 3) \
+    _ENUM_KEY_VALUE(NEW_SESSION_TICKET, 4)            \
+    _ENUM_KEY_VALUE(END_OF_EARLY_DATA, 5)             \
+    _ENUM_KEY_VALUE(HELLO_RETRY_REQUEST_RESERVED, 6)  \
+    _ENUM_KEY_VALUE(ENCRYPTED_EXTENSIONS, 8)          \
+    _ENUM_KEY_VALUE(REQUEST_CONNECTION_ID, 9)         \
+    _ENUM_KEY_VALUE(NEW_CONNECTION_ID, 10)            \
+    _ENUM_KEY_VALUE(CERTIFICATE, 11)                  \
+    _ENUM_KEY_VALUE(SERVER_KEY_EXCHANGE_RESERVED, 12) \
+    _ENUM_KEY_VALUE(CERTIFICATE_REQUEST, 13)          \
+    _ENUM_KEY_VALUE(SERVER_HELLO_DONE_RESERVED, 14)   \
+    _ENUM_KEY_VALUE(CERTIFICATE_VERIFY, 15)           \
+    _ENUM_KEY_VALUE(CLIENT_KEY_EXCHANGE_RESERVED, 16) \
+    _ENUM_KEY_VALUE(FINISHED, 20)                     \
+    _ENUM_KEY_VALUE(CERTIFICATE_URL_RESERVED, 21)     \
+    _ENUM_KEY_VALUE(CERTIFICATE_STATUS_RESERVED, 22)  \
+    _ENUM_KEY_VALUE(SUPPLEMENTAL_DATA_RESERVED, 23)   \
+    _ENUM_KEY_VALUE(KEY_UPDATE, 24)                   \
+    _ENUM_KEY_VALUE(COMPRESSED_CERTIFICATE, 25)       \
+    _ENUM_KEY_VALUE(EKT_KEY, 26)                      \
+    _ENUM_KEY_VALUE(MESSAGE_HASH, 254)
+
+enum class HandshakeType : u8 {
+    __ENUM_HANDSHAKE_TYPES
+};
+
 #undef _ENUM_KEY
 #undef _ENUM_KEY_VALUE
 

Userland/Libraries/LibTLS/Handshake.cpp

@@ -24,7 +24,7 @@ ByteBuffer TLSv12::build_hello()
     auto version = (u16)m_context.options.version;
     PacketBuilder builder { ContentType::HANDSHAKE, packet_version };
 
-    builder.append((u8)ClientHello);
+    builder.append(to_underlying(HandshakeType::CLIENT_HELLO));
 
     // hello length (for later)
     u8 dummy[3] = {};
@@ -163,7 +163,7 @@ ByteBuffer TLSv12::build_change_cipher_spec()
 ByteBuffer TLSv12::build_handshake_finished()
 {
     PacketBuilder builder { ContentType::HANDSHAKE, m_context.options.version, 12 + 64 };
-    builder.append((u8)HandshakeType::Finished);
+    builder.append((u8)HandshakeType::FINISHED);
 
     // RFC 5246 section 7.4.9: "In previous versions of TLS, the verify_data was always 12 octets
     //                          long.  In the current version of TLS, it depends on the cipher
@@ -250,7 +250,7 @@ ssize_t TLSv12::handle_handshake_payload(ReadonlyBytes vbuffer)
         ssize_t payload_res = 0;
         if (buffer_length < 1)
             return (i8)Error::NeedMoreData;
-        auto type = buffer[0];
+        auto type = static_cast<HandshakeType>(buffer[0]);
         auto write_packets { WritePacketStage::Initial };
         size_t payload_size = buffer[1] * 0x10000 + buffer[2] * 0x100 + buffer[3] + 3;
         dbgln_if(TLS_DEBUG, "payload size: {} buffer length: {}", payload_size, buffer_length);
@@ -258,7 +258,7 @@ ssize_t TLSv12::handle_handshake_payload(ReadonlyBytes vbuffer)
             return (i8)Error::NeedMoreData;
 
         switch (type) {
-        case HelloRequest:
+        case HandshakeType::HELLO_REQUEST_RESERVED:
             if (m_context.handshake_messages[0] >= 1) {
                 dbgln("unexpected hello request message");
                 payload_res = (i8)Error::UnexpectedMessage;
@@ -274,14 +274,14 @@ ssize_t TLSv12::handle_handshake_payload(ReadonlyBytes vbuffer)
                 payload_res = (i8)Error::UnexpectedMessage;
             }
             break;
-        case ClientHello:
+        case HandshakeType::CLIENT_HELLO:
             // FIXME: We only support client mode right now
             if (m_context.is_server) {
                 VERIFY_NOT_REACHED();
             }
             payload_res = (i8)Error::UnexpectedMessage;
             break;
-        case ServerHello:
+        case HandshakeType::SERVER_HELLO:
             if (m_context.handshake_messages[2] >= 1) {
                 dbgln("unexpected server hello message");
                 payload_res = (i8)Error::UnexpectedMessage;
@@ -295,11 +295,11 @@ ssize_t TLSv12::handle_handshake_payload(ReadonlyBytes vbuffer)
             }
             payload_res = handle_server_hello(buffer.slice(1, payload_size), write_packets);
             break;
-        case HelloVerifyRequest:
+        case HandshakeType::HELLO_VERIFY_REQUEST_RESERVED:
             dbgln("unsupported: DTLS");
             payload_res = (i8)Error::UnexpectedMessage;
             break;
-        case CertificateMessage:
+        case HandshakeType::CERTIFICATE:
             if (m_context.handshake_messages[4] >= 1) {
                 dbgln("unexpected certificate message");
                 payload_res = (i8)Error::UnexpectedMessage;
@@ -317,7 +317,7 @@ ssize_t TLSv12::handle_handshake_payload(ReadonlyBytes vbuffer)
                 payload_res = (i8)Error::UnexpectedMessage;
             }
             break;
-        case ServerKeyExchange:
+        case HandshakeType::SERVER_KEY_EXCHANGE_RESERVED:
             if (m_context.handshake_messages[5] >= 1) {
                 dbgln("unexpected server key exchange message");
                 payload_res = (i8)Error::UnexpectedMessage;
@@ -332,7 +332,7 @@ ssize_t TLSv12::handle_handshake_payload(ReadonlyBytes vbuffer)
                 payload_res = handle_server_key_exchange(buffer.slice(1, payload_size));
             }
             break;
-        case CertificateRequest:
+        case HandshakeType::CERTIFICATE_REQUEST:
             if (m_context.handshake_messages[6] >= 1) {
                 dbgln("unexpected certificate request message");
                 payload_res = (i8)Error::UnexpectedMessage;
@@ -351,7 +351,7 @@ ssize_t TLSv12::handle_handshake_payload(ReadonlyBytes vbuffer)
                 m_context.client_verified = VerificationNeeded;
             }
             break;
-        case ServerHelloDone:
+        case HandshakeType::SERVER_HELLO_DONE_RESERVED:
             if (m_context.handshake_messages[7] >= 1) {
                 dbgln("unexpected server hello done message");
                 payload_res = (i8)Error::UnexpectedMessage;
@@ -368,7 +368,7 @@ ssize_t TLSv12::handle_handshake_payload(ReadonlyBytes vbuffer)
                     write_packets = WritePacketStage::ClientHandshake;
             }
             break;
-        case CertificateVerify:
+        case HandshakeType::CERTIFICATE_VERIFY:
             if (m_context.handshake_messages[8] >= 1) {
                 dbgln("unexpected certificate verify message");
                 payload_res = (i8)Error::UnexpectedMessage;
@@ -382,7 +382,7 @@ ssize_t TLSv12::handle_handshake_payload(ReadonlyBytes vbuffer)
                 payload_res = (i8)Error::UnexpectedMessage;
             }
             break;
-        case ClientKeyExchange:
+        case HandshakeType::CLIENT_KEY_EXCHANGE_RESERVED:
             if (m_context.handshake_messages[9] >= 1) {
                 dbgln("unexpected client key exchange message");
                 payload_res = (i8)Error::UnexpectedMessage;
@@ -397,7 +397,7 @@ ssize_t TLSv12::handle_handshake_payload(ReadonlyBytes vbuffer)
                 payload_res = (i8)Error::UnexpectedMessage;
             }
             break;
-        case Finished:
+        case HandshakeType::FINISHED:
             m_context.cached_handshake.clear();
             if (m_context.handshake_messages[10] >= 1) {
                 dbgln("unexpected finished message");
@@ -412,11 +412,11 @@ ssize_t TLSv12::handle_handshake_payload(ReadonlyBytes vbuffer)
             }
             break;
         default:
-            dbgln("message type not understood: {}", type);
+            dbgln("message type not understood: {}", to_underlying(type));
             return (i8)Error::NotUnderstood;
         }
 
-        if (type != HelloRequest) {
+        if (type != HandshakeType::HELLO_REQUEST_RESERVED) {
             update_hash(buffer.slice(0, payload_size + 1), 0);
         }
 

Userland/Libraries/LibTLS/HandshakeClient.cpp

@@ -338,7 +338,7 @@ ByteBuffer TLSv12::build_certificate()
         }
     }
 
-    builder.append((u8)HandshakeType::CertificateMessage);
+    builder.append((u8)HandshakeType::CERTIFICATE);
 
     if (!total_certificate_size) {
         dbgln_if(TLS_DEBUG, "No certificates, sending empty certificate message");
@@ -370,7 +370,7 @@ ByteBuffer TLSv12::build_client_key_exchange()
     }
 
     PacketBuilder builder { ContentType::HANDSHAKE, m_context.options.version };
-    builder.append((u8)HandshakeType::ClientKeyExchange);
+    builder.append((u8)HandshakeType::CLIENT_KEY_EXCHANGE_RESERVED);
 
     switch (get_key_exchange_algorithm(m_context.cipher)) {
     case KeyExchangeAlgorithm::RSA:

Userland/Libraries/LibTLS/Record.cpp

@@ -71,8 +71,8 @@ void TLSv12::update_packet(ByteBuffer& packet)
 
     if (packet[0] != (u8)ContentType::CHANGE_CIPHER_SPEC) {
         if (packet[0] == (u8)ContentType::HANDSHAKE && packet.size() > header_size) {
-            u8 handshake_type = packet[header_size];
-            if (handshake_type != HandshakeType::HelloRequest && handshake_type != HandshakeType::HelloVerifyRequest) {
+            auto handshake_type = static_cast<HandshakeType>(packet[header_size]);
+            if (handshake_type != HandshakeType::HELLO_REQUEST_RESERVED && handshake_type != HandshakeType::HELLO_VERIFY_REQUEST_RESERVED) {
                 update_hash(packet.bytes(), header_size);
             }
         }

Userland/Libraries/LibTLS/TLSv12.h

@@ -113,20 +113,6 @@ enum class Error : i8 {
     OutOfMemory = -23,
 };
 
-enum HandshakeType {
-    HelloRequest = 0x00,
-    ClientHello = 0x01,
-    ServerHello = 0x02,
-    HelloVerifyRequest = 0x03,
-    CertificateMessage = 0x0b,
-    ServerKeyExchange = 0x0c,
-    CertificateRequest = 0x0d,
-    ServerHelloDone = 0x0e,
-    CertificateVerify = 0x0f,
-    ClientKeyExchange = 0x10,
-    Finished = 0x14
-};
-
 enum class HandshakeExtension : u16 {
     ServerName = 0x00,
     EllipticCurves = 0x0a,