24 void tlsv1_server_log(struct tlsv1_server *conn, const char *fmt, ...)  in tlsv1_server_log()  argument
42 	if (conn->log_cb)  in tlsv1_server_log()
43 		conn->log_cb(conn->log_cb_ctx, buf);  in tlsv1_server_log()
49 void tlsv1_server_alert(struct tlsv1_server *conn, u8 level, u8 description)  in tlsv1_server_alert()  argument
51 	conn->alert_level = level;  in tlsv1_server_alert()
52 	conn->alert_description = description;  in tlsv1_server_alert()
56 int tlsv1_server_derive_keys(struct tlsv1_server *conn,  in tlsv1_server_derive_keys()  argument
68 		os_memcpy(seed, conn->client_random, TLS_RANDOM_LEN);  in tlsv1_server_derive_keys()
69 		os_memcpy(seed + TLS_RANDOM_LEN, conn->server_random,  in tlsv1_server_derive_keys()
71 		if (tls_prf(conn->rl.tls_version,  in tlsv1_server_derive_keys()
74 			    conn->master_secret, TLS_MASTER_SECRET_LEN)) {  in tlsv1_server_derive_keys()
80 				conn->master_secret, TLS_MASTER_SECRET_LEN);  in tlsv1_server_derive_keys()
83 	os_memcpy(seed, conn->server_random, TLS_RANDOM_LEN);  in tlsv1_server_derive_keys()
84 	os_memcpy(seed + TLS_RANDOM_LEN, conn->client_random, TLS_RANDOM_LEN);  in tlsv1_server_derive_keys()
85 	key_block_len = 2 * (conn->rl.hash_size + conn->rl.key_material_len +  in tlsv1_server_derive_keys()
86 			     conn->rl.iv_size);  in tlsv1_server_derive_keys()
87 	if (tls_prf(conn->rl.tls_version,  in tlsv1_server_derive_keys()
88 		    conn->master_secret, TLS_MASTER_SECRET_LEN,  in tlsv1_server_derive_keys()
100 	os_memcpy(conn->rl.read_mac_secret, pos, conn->rl.hash_size);  in tlsv1_server_derive_keys()
101 	pos += conn->rl.hash_size;  in tlsv1_server_derive_keys()
103 	os_memcpy(conn->rl.write_mac_secret, pos, conn->rl.hash_size);  in tlsv1_server_derive_keys()
104 	pos += conn->rl.hash_size;  in tlsv1_server_derive_keys()
107 	os_memcpy(conn->rl.read_key, pos, conn->rl.key_material_len);  in tlsv1_server_derive_keys()
108 	pos += conn->rl.key_material_len;  in tlsv1_server_derive_keys()
110 	os_memcpy(conn->rl.write_key, pos, conn->rl.key_material_len);  in tlsv1_server_derive_keys()
111 	pos += conn->rl.key_material_len;  in tlsv1_server_derive_keys()
114 	os_memcpy(conn->rl.read_iv, pos, conn->rl.iv_size);  in tlsv1_server_derive_keys()
115 	pos += conn->rl.iv_size;  in tlsv1_server_derive_keys()
117 	os_memcpy(conn->rl.write_iv, pos, conn->rl.iv_size);  in tlsv1_server_derive_keys()
118 	pos += conn->rl.iv_size;  in tlsv1_server_derive_keys()
132 u8 * tlsv1_server_handshake(struct tlsv1_server *conn,  in tlsv1_server_handshake()  argument
155 		used = tlsv1_record_receive(&conn->rl, pos, end - pos,  in tlsv1_server_handshake()
160 			tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL, alert);  in tlsv1_server_handshake()
167 			tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,  in tlsv1_server_handshake()
180 			if (tlsv1_server_process_handshake(conn, ct, in_pos,  in tlsv1_server_handshake()
192 	msg = tlsv1_server_handshake_write(conn, out_len);  in tlsv1_server_handshake()
196 	if (conn->alert_level) {  in tlsv1_server_handshake()
197 		if (conn->state == FAILED) {  in tlsv1_server_handshake()
203 		conn->state = FAILED;  in tlsv1_server_handshake()
205 		msg = tlsv1_server_send_alert(conn, conn->alert_level,  in tlsv1_server_handshake()
206 					      conn->alert_description,  in tlsv1_server_handshake()
208 		conn->write_alerts++;  in tlsv1_server_handshake()
227 int tlsv1_server_encrypt(struct tlsv1_server *conn,  in tlsv1_server_encrypt()  argument
236 	if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_APPLICATION_DATA,  in tlsv1_server_encrypt()
239 		tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,  in tlsv1_server_encrypt()
260 int tlsv1_server_decrypt(struct tlsv1_server *conn,  in tlsv1_server_decrypt()  argument
277 		used = tlsv1_record_receive(&conn->rl, pos, in_end - pos,  in tlsv1_server_decrypt()
280 			tlsv1_server_log(conn, "Record layer processing failed");  in tlsv1_server_decrypt()
281 			tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL, alert);  in tlsv1_server_decrypt()
288 			tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL, alert);  in tlsv1_server_decrypt()
294 				tlsv1_server_log(conn, "Alert underflow");  in tlsv1_server_decrypt()
295 				tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,  in tlsv1_server_decrypt()
299 			tlsv1_server_log(conn, "Received alert %d:%d",  in tlsv1_server_decrypt()
301 			conn->read_alerts++;  in tlsv1_server_decrypt()
308 			tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,  in tlsv1_server_decrypt()
314 			tlsv1_server_log(conn, "Unexpected content type 0x%x",  in tlsv1_server_decrypt()
316 			tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,  in tlsv1_server_decrypt()
322 		if ((conn->test_flags &  in tlsv1_server_decrypt()
325 		    !conn->test_failure_reported) {  in tlsv1_server_decrypt()
326 			tlsv1_server_log(conn, "TEST-FAILURE: Client ApplData received after invalid handshake");  in tlsv1_server_decrypt()
327 			conn->test_failure_reported = 1;  in tlsv1_server_decrypt()
335 			tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,  in tlsv1_server_decrypt()
379 	struct tlsv1_server *conn;  in tlsv1_server_init()  local
383 	conn = os_zalloc(sizeof(*conn));  in tlsv1_server_init()
384 	if (conn == NULL)  in tlsv1_server_init()
387 	conn->cred = cred;  in tlsv1_server_init()
389 	conn->state = CLIENT_HELLO;  in tlsv1_server_init()
391 	if (tls_verify_hash_init(&conn->verify) < 0) {  in tlsv1_server_init()
394 		os_free(conn);  in tlsv1_server_init()
399 	suites = conn->cipher_suites;  in tlsv1_server_init()
412 	conn->num_cipher_suites = count;  in tlsv1_server_init()
414 	return conn;  in tlsv1_server_init()
418 static void tlsv1_server_clear_data(struct tlsv1_server *conn)  in tlsv1_server_clear_data()  argument
420 	tlsv1_record_set_cipher_suite(&conn->rl, TLS_NULL_WITH_NULL_NULL);  in tlsv1_server_clear_data()
421 	tlsv1_record_change_write_cipher(&conn->rl);  in tlsv1_server_clear_data()
422 	tlsv1_record_change_read_cipher(&conn->rl);  in tlsv1_server_clear_data()
423 	tls_verify_hash_free(&conn->verify);  in tlsv1_server_clear_data()
425 	crypto_public_key_free(conn->client_rsa_key);  in tlsv1_server_clear_data()
426 	conn->client_rsa_key = NULL;  in tlsv1_server_clear_data()
428 	os_free(conn->session_ticket);  in tlsv1_server_clear_data()
429 	conn->session_ticket = NULL;  in tlsv1_server_clear_data()
430 	conn->session_ticket_len = 0;  in tlsv1_server_clear_data()
431 	conn->use_session_ticket = 0;  in tlsv1_server_clear_data()
433 	os_free(conn->dh_secret);  in tlsv1_server_clear_data()
434 	conn->dh_secret = NULL;  in tlsv1_server_clear_data()
435 	conn->dh_secret_len = 0;  in tlsv1_server_clear_data()
443 void tlsv1_server_deinit(struct tlsv1_server *conn)  in tlsv1_server_deinit()  argument
445 	tlsv1_server_clear_data(conn);  in tlsv1_server_deinit()
446 	os_free(conn);  in tlsv1_server_deinit()
455 int tlsv1_server_established(struct tlsv1_server *conn)  in tlsv1_server_established()  argument
457 	return conn->state == ESTABLISHED;  in tlsv1_server_established()
473 int tlsv1_server_prf(struct tlsv1_server *conn, const char *label,  in tlsv1_server_prf()  argument
481 	if (conn->state != ESTABLISHED)  in tlsv1_server_prf()
495 		os_memcpy(seed, conn->server_random, TLS_RANDOM_LEN);  in tlsv1_server_prf()
496 		os_memcpy(seed + TLS_RANDOM_LEN, conn->client_random,  in tlsv1_server_prf()
499 		os_memcpy(seed, conn->client_random, TLS_RANDOM_LEN);  in tlsv1_server_prf()
500 		os_memcpy(seed + TLS_RANDOM_LEN, conn->server_random,  in tlsv1_server_prf()
511 	res = tls_prf(conn->rl.tls_version,  in tlsv1_server_prf()
512 		      conn->master_secret, TLS_MASTER_SECRET_LEN,  in tlsv1_server_prf()
528 int tlsv1_server_get_cipher(struct tlsv1_server *conn, char *buf,  in tlsv1_server_get_cipher()  argument
533 	switch (conn->rl.cipher_suite) {  in tlsv1_server_get_cipher()
612 int tlsv1_server_shutdown(struct tlsv1_server *conn)  in tlsv1_server_shutdown()  argument
614 	conn->state = CLIENT_HELLO;  in tlsv1_server_shutdown()
616 	if (tls_verify_hash_init(&conn->verify) < 0) {  in tlsv1_server_shutdown()
622 	tlsv1_server_clear_data(conn);  in tlsv1_server_shutdown()
633 int tlsv1_server_resumed(struct tlsv1_server *conn)  in tlsv1_server_resumed()  argument
645 int tlsv1_server_get_random(struct tlsv1_server *conn, struct tls_random *keys)  in tlsv1_server_get_random()  argument
648 	if (conn->state == CLIENT_HELLO)  in tlsv1_server_get_random()
651 	keys->client_random = conn->client_random;  in tlsv1_server_get_random()
654 	if (conn->state != SERVER_HELLO) {  in tlsv1_server_get_random()
655 		keys->server_random = conn->server_random;  in tlsv1_server_get_random()
669 int tlsv1_server_get_keyblock_size(struct tlsv1_server *conn)  in tlsv1_server_get_keyblock_size()  argument
671 	if (conn->state == CLIENT_HELLO || conn->state == SERVER_HELLO)  in tlsv1_server_get_keyblock_size()
674 	return 2 * (conn->rl.hash_size + conn->rl.key_material_len +  in tlsv1_server_get_keyblock_size()
675 		    conn->rl.iv_size);  in tlsv1_server_get_keyblock_size()
686 int tlsv1_server_set_cipher_list(struct tlsv1_server *conn, u8 *ciphers)  in tlsv1_server_set_cipher_list()  argument
694 		suites = conn->cipher_suites;  in tlsv1_server_set_cipher_list()
705 		conn->num_cipher_suites = count;  in tlsv1_server_set_cipher_list()
712 int tlsv1_server_set_verify(struct tlsv1_server *conn, int verify_peer)  in tlsv1_server_set_verify()  argument
714 	conn->verify_peer = verify_peer;  in tlsv1_server_set_verify()
719 void tlsv1_server_set_session_ticket_cb(struct tlsv1_server *conn,  in tlsv1_server_set_session_ticket_cb()  argument
725 	conn->session_ticket_cb = cb;  in tlsv1_server_set_session_ticket_cb()
726 	conn->session_ticket_cb_ctx = ctx;  in tlsv1_server_set_session_ticket_cb()
730 void tlsv1_server_set_log_cb(struct tlsv1_server *conn,  in tlsv1_server_set_log_cb()  argument
733 	conn->log_cb = cb;  in tlsv1_server_set_log_cb()
734 	conn->log_cb_ctx = ctx;  in tlsv1_server_set_log_cb()
738 int tlsv1_server_get_failed(struct tlsv1_server *conn)  in tlsv1_server_get_failed()  argument
740 	return conn->state == FAILED;  in tlsv1_server_get_failed()
744 int tlsv1_server_get_read_alerts(struct tlsv1_server *conn)  in tlsv1_server_get_read_alerts()  argument
746 	return conn->read_alerts;  in tlsv1_server_get_read_alerts()
750 int tlsv1_server_get_write_alerts(struct tlsv1_server *conn)  in tlsv1_server_get_write_alerts()  argument
752 	return conn->write_alerts;  in tlsv1_server_get_write_alerts()
757 void tlsv1_server_set_test_flags(struct tlsv1_server *conn, u32 flags)  in tlsv1_server_set_test_flags()  argument
759 	conn->test_flags = flags;  in tlsv1_server_set_test_flags()
838 void tlsv1_server_get_dh_p(struct tlsv1_server *conn, const u8 **dh_p,  in tlsv1_server_get_dh_p()  argument
841 	*dh_p = conn->cred->dh_p;  in tlsv1_server_get_dh_p()
842 	*dh_p_len = conn->cred->dh_p_len;  in tlsv1_server_get_dh_p()
845 	if (conn->test_flags & TLS_DHE_PRIME_511B) {  in tlsv1_server_get_dh_p()
846 		tlsv1_server_log(conn, "TESTING: Use short 511-bit prime with DHE");  in tlsv1_server_get_dh_p()
849 	} else if (conn->test_flags & TLS_DHE_PRIME_767B) {  in tlsv1_server_get_dh_p()
850 		tlsv1_server_log(conn, "TESTING: Use short 767-bit prime with DHE");  in tlsv1_server_get_dh_p()
853 	} else if (conn->test_flags & TLS_DHE_PRIME_15) {  in tlsv1_server_get_dh_p()
854 		tlsv1_server_log(conn, "TESTING: Use bogus 15 \"prime\" with DHE");  in tlsv1_server_get_dh_p()
857 	} else if (conn->test_flags & TLS_DHE_PRIME_58B) {  in tlsv1_server_get_dh_p()
858 		tlsv1_server_log(conn, "TESTING: Use short 58-bit prime in long container with DHE");  in tlsv1_server_get_dh_p()
861 	} else if (conn->test_flags & TLS_DHE_NON_PRIME) {  in tlsv1_server_get_dh_p()
862 		tlsv1_server_log(conn, "TESTING: Use claim non-prime as the DHE prime");  in tlsv1_server_get_dh_p()