Lines Matching refs:ssl
101 int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_cid() argument
106 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_set_cid()
110 ssl->negotiate_cid = enable; in mbedtls_ssl_set_cid()
118 if (own_cid_len != ssl->conf->cid_len) { in mbedtls_ssl_set_cid()
121 (unsigned) ssl->conf->cid_len)); in mbedtls_ssl_set_cid()
125 memcpy(ssl->own_cid, own_cid, own_cid_len); in mbedtls_ssl_set_cid()
128 ssl->own_cid_len = (uint8_t) own_cid_len; in mbedtls_ssl_set_cid()
133 int mbedtls_ssl_get_own_cid(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_own_cid() argument
140 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_get_own_cid()
147 if (ssl->own_cid_len == 0 || ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { in mbedtls_ssl_get_own_cid()
152 *own_cid_len = ssl->own_cid_len; in mbedtls_ssl_get_own_cid()
154 memcpy(own_cid, ssl->own_cid, ssl->own_cid_len); in mbedtls_ssl_get_own_cid()
163 int mbedtls_ssl_get_peer_cid(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_peer_cid() argument
170 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || in mbedtls_ssl_get_peer_cid()
171 mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_get_peer_cid()
179 if (ssl->transform_in->in_cid_len == 0 && in mbedtls_ssl_get_peer_cid()
180 ssl->transform_in->out_cid_len == 0) { in mbedtls_ssl_get_peer_cid()
185 *peer_cid_len = ssl->transform_in->out_cid_len; in mbedtls_ssl_get_peer_cid()
187 memcpy(peer_cid, ssl->transform_in->out_cid, in mbedtls_ssl_get_peer_cid()
188 ssl->transform_in->out_cid_len); in mbedtls_ssl_get_peer_cid()
342 static void handle_buffer_resizing(mbedtls_ssl_context *ssl, int downsizing, in handle_buffer_resizing() argument
349 if (ssl->in_buf != NULL) { in handle_buffer_resizing()
350 written_in = ssl->in_msg - ssl->in_buf; in handle_buffer_resizing()
351 iv_offset_in = ssl->in_iv - ssl->in_buf; in handle_buffer_resizing()
352 len_offset_in = ssl->in_len - ssl->in_buf; in handle_buffer_resizing()
354 ssl->in_buf_len > in_buf_new_len && ssl->in_left < in_buf_new_len : in handle_buffer_resizing()
355 ssl->in_buf_len < in_buf_new_len) { in handle_buffer_resizing()
356 if (resize_buffer(&ssl->in_buf, in_buf_new_len, &ssl->in_buf_len) != 0) { in handle_buffer_resizing()
366 if (ssl->out_buf != NULL) { in handle_buffer_resizing()
367 written_out = ssl->out_msg - ssl->out_buf; in handle_buffer_resizing()
368 iv_offset_out = ssl->out_iv - ssl->out_buf; in handle_buffer_resizing()
369 len_offset_out = ssl->out_len - ssl->out_buf; in handle_buffer_resizing()
371 ssl->out_buf_len > out_buf_new_len && ssl->out_left < out_buf_new_len : in handle_buffer_resizing()
372 ssl->out_buf_len < out_buf_new_len) { in handle_buffer_resizing()
373 if (resize_buffer(&ssl->out_buf, out_buf_new_len, &ssl->out_buf_len) != 0) { in handle_buffer_resizing()
384 mbedtls_ssl_reset_in_out_pointers(ssl); in handle_buffer_resizing()
387 ssl->out_msg = ssl->out_buf + written_out; in handle_buffer_resizing()
388 ssl->out_len = ssl->out_buf + len_offset_out; in handle_buffer_resizing()
389 ssl->out_iv = ssl->out_buf + iv_offset_out; in handle_buffer_resizing()
391 ssl->in_msg = ssl->in_buf + written_in; in handle_buffer_resizing()
392 ssl->in_len = ssl->in_buf + len_offset_in; in handle_buffer_resizing()
393 ssl->in_iv = ssl->in_buf + iv_offset_in; in handle_buffer_resizing()
426 const mbedtls_ssl_context *ssl);
704 void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl, in mbedtls_ssl_print_extension() argument
712 ssl, level, file, line, in mbedtls_ssl_print_extension()
724 ssl, level, file, line, in mbedtls_ssl_print_extension()
732 ssl, level, file, line, in mbedtls_ssl_print_extension()
737 void mbedtls_ssl_print_extensions(const mbedtls_ssl_context *ssl, in mbedtls_ssl_print_extensions() argument
747 ssl, level, file, line, hs_msg_type, extension_type_table[i], in mbedtls_ssl_print_extensions()
760 void mbedtls_ssl_print_ticket_flags(const mbedtls_ssl_context *ssl, in mbedtls_ssl_print_ticket_flags() argument
766 mbedtls_debug_print_msg(ssl, level, file, line, in mbedtls_ssl_print_ticket_flags()
773 mbedtls_debug_print_msg(ssl, level, file, line, "- %s is set.", in mbedtls_ssl_print_ticket_flags()
782 void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl, in mbedtls_ssl_optimize_checksum() argument
789 ssl->handshake->update_checksum = ssl_update_checksum_sha384; in mbedtls_ssl_optimize_checksum()
794 ssl->handshake->update_checksum = ssl_update_checksum_sha256; in mbedtls_ssl_optimize_checksum()
803 int mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl, in mbedtls_ssl_add_hs_hdr_to_checksum() argument
815 return ssl->handshake->update_checksum(ssl, hs_hdr, sizeof(hs_hdr)); in mbedtls_ssl_add_hs_hdr_to_checksum()
818 int mbedtls_ssl_add_hs_msg_to_checksum(mbedtls_ssl_context *ssl, in mbedtls_ssl_add_hs_msg_to_checksum() argument
824 ret = mbedtls_ssl_add_hs_hdr_to_checksum(ssl, hs_type, msg_len); in mbedtls_ssl_add_hs_msg_to_checksum()
828 return ssl->handshake->update_checksum(ssl, msg, msg_len); in mbedtls_ssl_add_hs_msg_to_checksum()
831 int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl) in mbedtls_ssl_reset_checksum() argument
841 ((void) ssl); in mbedtls_ssl_reset_checksum()
845 status = psa_hash_abort(&ssl->handshake->fin_sha256_psa); in mbedtls_ssl_reset_checksum()
849 status = psa_hash_setup(&ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256); in mbedtls_ssl_reset_checksum()
854 mbedtls_md_free(&ssl->handshake->fin_sha256); in mbedtls_ssl_reset_checksum()
855 mbedtls_md_init(&ssl->handshake->fin_sha256); in mbedtls_ssl_reset_checksum()
856 ret = mbedtls_md_setup(&ssl->handshake->fin_sha256, in mbedtls_ssl_reset_checksum()
862 ret = mbedtls_md_starts(&ssl->handshake->fin_sha256); in mbedtls_ssl_reset_checksum()
870 status = psa_hash_abort(&ssl->handshake->fin_sha384_psa); in mbedtls_ssl_reset_checksum()
874 status = psa_hash_setup(&ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384); in mbedtls_ssl_reset_checksum()
879 mbedtls_md_free(&ssl->handshake->fin_sha384); in mbedtls_ssl_reset_checksum()
880 mbedtls_md_init(&ssl->handshake->fin_sha384); in mbedtls_ssl_reset_checksum()
881 ret = mbedtls_md_setup(&ssl->handshake->fin_sha384, in mbedtls_ssl_reset_checksum()
886 ret = mbedtls_md_starts(&ssl->handshake->fin_sha384); in mbedtls_ssl_reset_checksum()
895 static int ssl_update_checksum_start(mbedtls_ssl_context *ssl, in ssl_update_checksum_start() argument
906 ((void) ssl); in ssl_update_checksum_start()
912 status = psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len); in ssl_update_checksum_start()
917 ret = mbedtls_md_update(&ssl->handshake->fin_sha256, buf, len); in ssl_update_checksum_start()
925 status = psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len); in ssl_update_checksum_start()
930 ret = mbedtls_md_update(&ssl->handshake->fin_sha384, buf, len); in ssl_update_checksum_start()
940 static int ssl_update_checksum_sha256(mbedtls_ssl_context *ssl, in ssl_update_checksum_sha256() argument
945 &ssl->handshake->fin_sha256_psa, buf, len)); in ssl_update_checksum_sha256()
947 return mbedtls_md_update(&ssl->handshake->fin_sha256, buf, len); in ssl_update_checksum_sha256()
953 static int ssl_update_checksum_sha384(mbedtls_ssl_context *ssl, in ssl_update_checksum_sha384() argument
958 &ssl->handshake->fin_sha384_psa, buf, len)); in ssl_update_checksum_sha384()
960 return mbedtls_md_update(&ssl->handshake->fin_sha384, buf, len); in ssl_update_checksum_sha384()
1049 static int ssl_handshake_init(mbedtls_ssl_context *ssl) in ssl_handshake_init() argument
1055 if (ssl->transform_negotiate) { in ssl_handshake_init()
1056 mbedtls_ssl_transform_free(ssl->transform_negotiate); in ssl_handshake_init()
1059 if (ssl->session_negotiate) { in ssl_handshake_init()
1060 mbedtls_ssl_session_free(ssl->session_negotiate); in ssl_handshake_init()
1062 if (ssl->handshake) { in ssl_handshake_init()
1063 mbedtls_ssl_handshake_free(ssl); in ssl_handshake_init()
1071 if (ssl->transform_negotiate == NULL) { in ssl_handshake_init()
1072 ssl->transform_negotiate = mbedtls_calloc(1, sizeof(mbedtls_ssl_transform)); in ssl_handshake_init()
1076 if (ssl->session_negotiate == NULL) { in ssl_handshake_init()
1077 ssl->session_negotiate = mbedtls_calloc(1, sizeof(mbedtls_ssl_session)); in ssl_handshake_init()
1080 if (ssl->handshake == NULL) { in ssl_handshake_init()
1081 ssl->handshake = mbedtls_calloc(1, sizeof(mbedtls_ssl_handshake_params)); in ssl_handshake_init()
1086 handle_buffer_resizing(ssl, 0, MBEDTLS_SSL_IN_BUFFER_LEN, in ssl_handshake_init()
1091 if (ssl->handshake == NULL || in ssl_handshake_init()
1093 ssl->transform_negotiate == NULL || in ssl_handshake_init()
1095 ssl->session_negotiate == NULL) { in ssl_handshake_init()
1098 mbedtls_free(ssl->handshake); in ssl_handshake_init()
1099 ssl->handshake = NULL; in ssl_handshake_init()
1102 mbedtls_free(ssl->transform_negotiate); in ssl_handshake_init()
1103 ssl->transform_negotiate = NULL; in ssl_handshake_init()
1106 mbedtls_free(ssl->session_negotiate); in ssl_handshake_init()
1107 ssl->session_negotiate = NULL; in ssl_handshake_init()
1114 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_IDLE; in ssl_handshake_init()
1117 ssl->discard_early_data_record = MBEDTLS_SSL_EARLY_DATA_NO_DISCARD; in ssl_handshake_init()
1119 ssl->total_early_data_size = 0; in ssl_handshake_init()
1123 mbedtls_ssl_session_init(ssl->session_negotiate); in ssl_handshake_init()
1124 ssl_handshake_params_init(ssl->handshake); in ssl_handshake_init()
1127 mbedtls_ssl_transform_init(ssl->transform_negotiate); in ssl_handshake_init()
1131 ret = mbedtls_ssl_reset_checksum(ssl); in ssl_handshake_init()
1140 ssl->handshake->new_session_tickets_count = in ssl_handshake_init()
1141 ssl->conf->new_session_tickets_count; in ssl_handshake_init()
1145 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_handshake_init()
1146 ssl->handshake->alt_transform_out = ssl->transform_out; in ssl_handshake_init()
1148 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_handshake_init()
1149 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; in ssl_handshake_init()
1151 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; in ssl_handshake_init()
1154 mbedtls_ssl_set_timer(ssl, 0); in ssl_handshake_init()
1166 if (ssl->conf->curve_list != NULL) { in ssl_handshake_init()
1168 const mbedtls_ecp_group_id *curve_list = ssl->conf->curve_list; in ssl_handshake_init()
1191 ssl->handshake->group_list = group_list; in ssl_handshake_init()
1192 ssl->handshake->group_list_heap_allocated = 1; in ssl_handshake_init()
1194 ssl->handshake->group_list = ssl->conf->group_list; in ssl_handshake_init()
1195 ssl->handshake->group_list_heap_allocated = 0; in ssl_handshake_init()
1205 if (mbedtls_ssl_conf_is_tls12_only(ssl->conf) && in ssl_handshake_init()
1206 ssl->conf->sig_hashes != NULL) { in ssl_handshake_init()
1208 const int *sig_hashes = ssl->conf->sig_hashes; in ssl_handshake_init()
1236 ssl->handshake->sig_algs = mbedtls_calloc(1, sig_algs_len + in ssl_handshake_init()
1238 if (ssl->handshake->sig_algs == NULL) { in ssl_handshake_init()
1242 p = (uint16_t *) ssl->handshake->sig_algs; in ssl_handshake_init()
1258 ssl->handshake->sig_algs_heap_allocated = 1; in ssl_handshake_init()
1262 ssl->handshake->sig_algs_heap_allocated = 0; in ssl_handshake_init()
1303 void mbedtls_ssl_init(mbedtls_ssl_context *ssl) in mbedtls_ssl_init() argument
1305 memset(ssl, 0, sizeof(mbedtls_ssl_context)); in mbedtls_ssl_init()
1309 static int ssl_conf_version_check(const mbedtls_ssl_context *ssl) in ssl_conf_version_check() argument
1311 const mbedtls_ssl_config *conf = ssl->conf; in ssl_conf_version_check()
1334 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_conf_version_check()
1349 static int ssl_conf_check(const mbedtls_ssl_context *ssl) in ssl_conf_check() argument
1352 ret = ssl_conf_version_check(ssl); in ssl_conf_check()
1357 if (ssl->conf->f_rng == NULL) { in ssl_conf_check()
1371 int mbedtls_ssl_setup(mbedtls_ssl_context *ssl, in mbedtls_ssl_setup() argument
1378 ssl->conf = conf; in mbedtls_ssl_setup()
1380 if ((ret = ssl_conf_check(ssl)) != 0) { in mbedtls_ssl_setup()
1383 ssl->tls_version = ssl->conf->max_tls_version; in mbedtls_ssl_setup()
1390 ssl->out_buf = NULL; in mbedtls_ssl_setup()
1393 ssl->in_buf_len = in_buf_len; in mbedtls_ssl_setup()
1395 ssl->in_buf = mbedtls_calloc(1, in_buf_len); in mbedtls_ssl_setup()
1396 if (ssl->in_buf == NULL) { in mbedtls_ssl_setup()
1403 ssl->out_buf_len = out_buf_len; in mbedtls_ssl_setup()
1405 ssl->out_buf = mbedtls_calloc(1, out_buf_len); in mbedtls_ssl_setup()
1406 if (ssl->out_buf == NULL) { in mbedtls_ssl_setup()
1412 mbedtls_ssl_reset_in_out_pointers(ssl); in mbedtls_ssl_setup()
1415 memset(&ssl->dtls_srtp_info, 0, sizeof(ssl->dtls_srtp_info)); in mbedtls_ssl_setup()
1418 if ((ret = ssl_handshake_init(ssl)) != 0) { in mbedtls_ssl_setup()
1425 mbedtls_free(ssl->in_buf); in mbedtls_ssl_setup()
1426 mbedtls_free(ssl->out_buf); in mbedtls_ssl_setup()
1428 ssl->conf = NULL; in mbedtls_ssl_setup()
1431 ssl->in_buf_len = 0; in mbedtls_ssl_setup()
1432 ssl->out_buf_len = 0; in mbedtls_ssl_setup()
1434 ssl->in_buf = NULL; in mbedtls_ssl_setup()
1435 ssl->out_buf = NULL; in mbedtls_ssl_setup()
1437 ssl->in_hdr = NULL; in mbedtls_ssl_setup()
1438 ssl->in_ctr = NULL; in mbedtls_ssl_setup()
1439 ssl->in_len = NULL; in mbedtls_ssl_setup()
1440 ssl->in_iv = NULL; in mbedtls_ssl_setup()
1441 ssl->in_msg = NULL; in mbedtls_ssl_setup()
1443 ssl->out_hdr = NULL; in mbedtls_ssl_setup()
1444 ssl->out_ctr = NULL; in mbedtls_ssl_setup()
1445 ssl->out_len = NULL; in mbedtls_ssl_setup()
1446 ssl->out_iv = NULL; in mbedtls_ssl_setup()
1447 ssl->out_msg = NULL; in mbedtls_ssl_setup()
1459 void mbedtls_ssl_session_reset_msg_layer(mbedtls_ssl_context *ssl, in mbedtls_ssl_session_reset_msg_layer() argument
1463 size_t in_buf_len = ssl->in_buf_len; in mbedtls_ssl_session_reset_msg_layer()
1464 size_t out_buf_len = ssl->out_buf_len; in mbedtls_ssl_session_reset_msg_layer()
1475 mbedtls_ssl_set_timer(ssl, 0); in mbedtls_ssl_session_reset_msg_layer()
1477 mbedtls_ssl_reset_in_out_pointers(ssl); in mbedtls_ssl_session_reset_msg_layer()
1480 ssl->in_offt = NULL; in mbedtls_ssl_session_reset_msg_layer()
1481 ssl->nb_zero = 0; in mbedtls_ssl_session_reset_msg_layer()
1482 ssl->in_msgtype = 0; in mbedtls_ssl_session_reset_msg_layer()
1483 ssl->in_msglen = 0; in mbedtls_ssl_session_reset_msg_layer()
1484 ssl->in_hslen = 0; in mbedtls_ssl_session_reset_msg_layer()
1485 ssl->keep_current_message = 0; in mbedtls_ssl_session_reset_msg_layer()
1486 ssl->transform_in = NULL; in mbedtls_ssl_session_reset_msg_layer()
1489 ssl->next_record_offset = 0; in mbedtls_ssl_session_reset_msg_layer()
1490 ssl->in_epoch = 0; in mbedtls_ssl_session_reset_msg_layer()
1495 ssl->in_left = 0; in mbedtls_ssl_session_reset_msg_layer()
1496 memset(ssl->in_buf, 0, in_buf_len); in mbedtls_ssl_session_reset_msg_layer()
1499 ssl->send_alert = 0; in mbedtls_ssl_session_reset_msg_layer()
1502 ssl->out_msgtype = 0; in mbedtls_ssl_session_reset_msg_layer()
1503 ssl->out_msglen = 0; in mbedtls_ssl_session_reset_msg_layer()
1504 ssl->out_left = 0; in mbedtls_ssl_session_reset_msg_layer()
1505 memset(ssl->out_buf, 0, out_buf_len); in mbedtls_ssl_session_reset_msg_layer()
1506 memset(ssl->cur_out_ctr, 0, sizeof(ssl->cur_out_ctr)); in mbedtls_ssl_session_reset_msg_layer()
1507 ssl->transform_out = NULL; in mbedtls_ssl_session_reset_msg_layer()
1510 mbedtls_ssl_dtls_replay_reset(ssl); in mbedtls_ssl_session_reset_msg_layer()
1514 if (ssl->transform) { in mbedtls_ssl_session_reset_msg_layer()
1515 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_session_reset_msg_layer()
1516 mbedtls_free(ssl->transform); in mbedtls_ssl_session_reset_msg_layer()
1517 ssl->transform = NULL; in mbedtls_ssl_session_reset_msg_layer()
1522 mbedtls_ssl_transform_free(ssl->transform_application); in mbedtls_ssl_session_reset_msg_layer()
1523 mbedtls_free(ssl->transform_application); in mbedtls_ssl_session_reset_msg_layer()
1524 ssl->transform_application = NULL; in mbedtls_ssl_session_reset_msg_layer()
1526 if (ssl->handshake != NULL) { in mbedtls_ssl_session_reset_msg_layer()
1528 mbedtls_ssl_transform_free(ssl->handshake->transform_earlydata); in mbedtls_ssl_session_reset_msg_layer()
1529 mbedtls_free(ssl->handshake->transform_earlydata); in mbedtls_ssl_session_reset_msg_layer()
1530 ssl->handshake->transform_earlydata = NULL; in mbedtls_ssl_session_reset_msg_layer()
1533 mbedtls_ssl_transform_free(ssl->handshake->transform_handshake); in mbedtls_ssl_session_reset_msg_layer()
1534 mbedtls_free(ssl->handshake->transform_handshake); in mbedtls_ssl_session_reset_msg_layer()
1535 ssl->handshake->transform_handshake = NULL; in mbedtls_ssl_session_reset_msg_layer()
1541 int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial) in mbedtls_ssl_session_reset_int() argument
1545 ssl->state = MBEDTLS_SSL_HELLO_REQUEST; in mbedtls_ssl_session_reset_int()
1546 ssl->tls_version = ssl->conf->max_tls_version; in mbedtls_ssl_session_reset_int()
1548 mbedtls_ssl_session_reset_msg_layer(ssl, partial); in mbedtls_ssl_session_reset_int()
1552 ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE; in mbedtls_ssl_session_reset_int()
1553 ssl->renego_records_seen = 0; in mbedtls_ssl_session_reset_int()
1555 ssl->verify_data_len = 0; in mbedtls_ssl_session_reset_int()
1556 memset(ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN); in mbedtls_ssl_session_reset_int()
1557 memset(ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN); in mbedtls_ssl_session_reset_int()
1559 ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION; in mbedtls_ssl_session_reset_int()
1561 ssl->session_in = NULL; in mbedtls_ssl_session_reset_int()
1562 ssl->session_out = NULL; in mbedtls_ssl_session_reset_int()
1563 if (ssl->session) { in mbedtls_ssl_session_reset_int()
1564 mbedtls_ssl_session_free(ssl->session); in mbedtls_ssl_session_reset_int()
1565 mbedtls_free(ssl->session); in mbedtls_ssl_session_reset_int()
1566 ssl->session = NULL; in mbedtls_ssl_session_reset_int()
1570 ssl->alpn_chosen = NULL; in mbedtls_ssl_session_reset_int()
1579 mbedtls_free(ssl->cli_id); in mbedtls_ssl_session_reset_int()
1580 ssl->cli_id = NULL; in mbedtls_ssl_session_reset_int()
1581 ssl->cli_id_len = 0; in mbedtls_ssl_session_reset_int()
1585 if ((ret = ssl_handshake_init(ssl)) != 0) { in mbedtls_ssl_session_reset_int()
1596 int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl) in mbedtls_ssl_session_reset() argument
1598 return mbedtls_ssl_session_reset_int(ssl, 0); in mbedtls_ssl_session_reset()
1628 void mbedtls_ssl_set_datagram_packing(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_datagram_packing() argument
1631 ssl->disable_datagram_packing = !allow_packing; in mbedtls_ssl_set_datagram_packing()
1673 void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_bio() argument
1679 ssl->p_bio = p_bio; in mbedtls_ssl_set_bio()
1680 ssl->f_send = f_send; in mbedtls_ssl_set_bio()
1681 ssl->f_recv = f_recv; in mbedtls_ssl_set_bio()
1682 ssl->f_recv_timeout = f_recv_timeout; in mbedtls_ssl_set_bio()
1686 void mbedtls_ssl_set_mtu(mbedtls_ssl_context *ssl, uint16_t mtu) in mbedtls_ssl_set_mtu() argument
1688 ssl->mtu = mtu; in mbedtls_ssl_set_mtu()
1697 void mbedtls_ssl_set_timer_cb(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_timer_cb() argument
1702 ssl->p_timer = p_timer; in mbedtls_ssl_set_timer_cb()
1703 ssl->f_set_timer = f_set_timer; in mbedtls_ssl_set_timer_cb()
1704 ssl->f_get_timer = f_get_timer; in mbedtls_ssl_set_timer_cb()
1707 mbedtls_ssl_set_timer(ssl, 0); in mbedtls_ssl_set_timer_cb()
1723 int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session) in mbedtls_ssl_set_session() argument
1727 if (ssl == NULL || in mbedtls_ssl_set_session()
1729 ssl->session_negotiate == NULL || in mbedtls_ssl_set_session()
1730 ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_set_session()
1734 if (ssl->handshake->resume == 1) { in mbedtls_ssl_set_session()
1745 ssl, ciphersuite_info, MBEDTLS_SSL_VERSION_TLS1_3, in mbedtls_ssl_set_session()
1762 if ((ret = mbedtls_ssl_session_copy(ssl->session_negotiate, in mbedtls_ssl_set_session()
1767 ssl->handshake->resume = 1; in mbedtls_ssl_set_session()
1899 const unsigned char *mbedtls_ssl_get_hs_sni(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_hs_sni() argument
1902 *name_len = ssl->handshake->sni_name_len; in mbedtls_ssl_get_hs_sni()
1903 return ssl->handshake->sni_name; in mbedtls_ssl_get_hs_sni()
1906 int mbedtls_ssl_set_hs_own_cert(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_own_cert() argument
1910 return ssl_append_key_cert(&ssl->handshake->sni_key_cert, in mbedtls_ssl_set_hs_own_cert()
1914 void mbedtls_ssl_set_hs_ca_chain(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_ca_chain() argument
1918 ssl->handshake->sni_ca_chain = ca_chain; in mbedtls_ssl_set_hs_ca_chain()
1919 ssl->handshake->sni_ca_crl = ca_crl; in mbedtls_ssl_set_hs_ca_chain()
1923 void mbedtls_ssl_set_hs_dn_hints(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_dn_hints() argument
1926 ssl->handshake->dn_hints = crt; in mbedtls_ssl_set_hs_dn_hints()
1930 void mbedtls_ssl_set_hs_authmode(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_authmode() argument
1933 ssl->handshake->sni_authmode = authmode; in mbedtls_ssl_set_hs_authmode()
1938 void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_verify() argument
1942 ssl->f_vrfy = f_vrfy; in mbedtls_ssl_set_verify()
1943 ssl->p_vrfy = p_vrfy; in mbedtls_ssl_set_verify()
1954 mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_ecjpake_password_common() argument
1970 status = psa_pake_setup(&ssl->handshake->psa_pake_ctx, &cipher_suite); in mbedtls_ssl_set_hs_ecjpake_password_common()
1975 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_set_hs_ecjpake_password_common()
1987 status = psa_pake_set_user(&ssl->handshake->psa_pake_ctx, user, user_len); in mbedtls_ssl_set_hs_ecjpake_password_common()
1992 status = psa_pake_set_peer(&ssl->handshake->psa_pake_ctx, peer, peer_len); in mbedtls_ssl_set_hs_ecjpake_password_common()
1997 status = psa_pake_set_password_key(&ssl->handshake->psa_pake_ctx, pwd); in mbedtls_ssl_set_hs_ecjpake_password_common()
2002 ssl->handshake->psa_pake_ctx_is_ok = 1; in mbedtls_ssl_set_hs_ecjpake_password_common()
2007 int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_ecjpake_password() argument
2014 if (ssl->handshake == NULL || ssl->conf == NULL) { in mbedtls_ssl_set_hs_ecjpake_password()
2028 &ssl->handshake->psa_pake_password); in mbedtls_ssl_set_hs_ecjpake_password()
2033 status = mbedtls_ssl_set_hs_ecjpake_password_common(ssl, in mbedtls_ssl_set_hs_ecjpake_password()
2034 ssl->handshake->psa_pake_password); in mbedtls_ssl_set_hs_ecjpake_password()
2036 psa_destroy_key(ssl->handshake->psa_pake_password); in mbedtls_ssl_set_hs_ecjpake_password()
2037 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in mbedtls_ssl_set_hs_ecjpake_password()
2044 int mbedtls_ssl_set_hs_ecjpake_password_opaque(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_ecjpake_password_opaque() argument
2049 if (ssl->handshake == NULL || ssl->conf == NULL) { in mbedtls_ssl_set_hs_ecjpake_password_opaque()
2057 status = mbedtls_ssl_set_hs_ecjpake_password_common(ssl, pwd); in mbedtls_ssl_set_hs_ecjpake_password_opaque()
2059 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in mbedtls_ssl_set_hs_ecjpake_password_opaque()
2066 int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_ecjpake_password() argument
2072 if (ssl->handshake == NULL || ssl->conf == NULL) { in mbedtls_ssl_set_hs_ecjpake_password()
2081 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_set_hs_ecjpake_password()
2087 return mbedtls_ecjpake_setup(&ssl->handshake->ecjpake_ctx, in mbedtls_ssl_set_hs_ecjpake_password()
2206 static void ssl_remove_psk(mbedtls_ssl_context *ssl) in ssl_remove_psk() argument
2209 if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { in ssl_remove_psk()
2212 if (ssl->handshake->psk_opaque_is_internal) { in ssl_remove_psk()
2213 psa_destroy_key(ssl->handshake->psk_opaque); in ssl_remove_psk()
2214 ssl->handshake->psk_opaque_is_internal = 0; in ssl_remove_psk()
2216 ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT; in ssl_remove_psk()
2219 if (ssl->handshake->psk != NULL) { in ssl_remove_psk()
2220 mbedtls_zeroize_and_free(ssl->handshake->psk, in ssl_remove_psk()
2221 ssl->handshake->psk_len); in ssl_remove_psk()
2222 ssl->handshake->psk_len = 0; in ssl_remove_psk()
2223 ssl->handshake->psk = NULL; in ssl_remove_psk()
2228 int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_psk() argument
2238 if (psk == NULL || ssl->handshake == NULL) { in mbedtls_ssl_set_hs_psk()
2246 ssl_remove_psk(ssl); in mbedtls_ssl_set_hs_psk()
2250 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { in mbedtls_ssl_set_hs_psk()
2251 if (ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384) { in mbedtls_ssl_set_hs_psk()
2261 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_set_hs_psk()
2277 ssl->handshake->psk_opaque_is_internal = 1; in mbedtls_ssl_set_hs_psk()
2278 return mbedtls_ssl_set_hs_psk_opaque(ssl, key); in mbedtls_ssl_set_hs_psk()
2280 if ((ssl->handshake->psk = mbedtls_calloc(1, psk_len)) == NULL) { in mbedtls_ssl_set_hs_psk()
2284 ssl->handshake->psk_len = psk_len; in mbedtls_ssl_set_hs_psk()
2285 memcpy(ssl->handshake->psk, psk, ssl->handshake->psk_len); in mbedtls_ssl_set_hs_psk()
2320 int mbedtls_ssl_set_hs_psk_opaque(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_psk_opaque() argument
2324 (ssl->handshake == NULL)) { in mbedtls_ssl_set_hs_psk_opaque()
2328 ssl_remove_psk(ssl); in mbedtls_ssl_set_hs_psk_opaque()
2329 ssl->handshake->psk_opaque = psk; in mbedtls_ssl_set_hs_psk_opaque()
2760 int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname) in mbedtls_ssl_set_hostname() argument
2778 if (ssl->hostname != NULL) { in mbedtls_ssl_set_hostname()
2779 mbedtls_zeroize_and_free(ssl->hostname, strlen(ssl->hostname)); in mbedtls_ssl_set_hostname()
2785 ssl->hostname = NULL; in mbedtls_ssl_set_hostname()
2787 ssl->hostname = mbedtls_calloc(1, hostname_len + 1); in mbedtls_ssl_set_hostname()
2788 if (ssl->hostname == NULL) { in mbedtls_ssl_set_hostname()
2792 memcpy(ssl->hostname, hostname, hostname_len); in mbedtls_ssl_set_hostname()
2794 ssl->hostname[hostname_len] = '\0'; in mbedtls_ssl_set_hostname()
2840 const char *mbedtls_ssl_get_alpn_protocol(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_alpn_protocol() argument
2842 return ssl->alpn_chosen; in mbedtls_ssl_get_alpn_protocol()
2853 int mbedtls_ssl_dtls_srtp_set_mki_value(mbedtls_ssl_context *ssl, in mbedtls_ssl_dtls_srtp_set_mki_value() argument
2861 if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED) { in mbedtls_ssl_dtls_srtp_set_mki_value()
2865 memcpy(ssl->dtls_srtp_info.mki_value, mki_value, mki_len); in mbedtls_ssl_dtls_srtp_set_mki_value()
2866 ssl->dtls_srtp_info.mki_len = mki_len; in mbedtls_ssl_dtls_srtp_set_mki_value()
2901 void mbedtls_ssl_get_dtls_srtp_negotiation_result(const mbedtls_ssl_context *ssl, in mbedtls_ssl_get_dtls_srtp_negotiation_result() argument
2904 dtls_srtp_info->chosen_dtls_srtp_profile = ssl->dtls_srtp_info.chosen_dtls_srtp_profile; in mbedtls_ssl_get_dtls_srtp_negotiation_result()
2909 dtls_srtp_info->mki_len = ssl->dtls_srtp_info.mki_len; in mbedtls_ssl_get_dtls_srtp_negotiation_result()
2910 memcpy(dtls_srtp_info->mki_value, ssl->dtls_srtp_info.mki_value, in mbedtls_ssl_get_dtls_srtp_negotiation_result()
2911 ssl->dtls_srtp_info.mki_len); in mbedtls_ssl_get_dtls_srtp_negotiation_result()
3030 void mbedtls_ssl_set_export_keys_cb(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_export_keys_cb() argument
3034 ssl->f_export_keys = f_export_keys; in mbedtls_ssl_set_export_keys_cb()
3035 ssl->p_export_keys = p_export_keys; in mbedtls_ssl_set_export_keys_cb()
3059 void *mbedtls_ssl_get_async_operation_data(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_async_operation_data() argument
3061 if (ssl->handshake == NULL) { in mbedtls_ssl_get_async_operation_data()
3064 return ssl->handshake->user_async_ctx; in mbedtls_ssl_get_async_operation_data()
3068 void mbedtls_ssl_set_async_operation_data(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_async_operation_data() argument
3071 if (ssl->handshake != NULL) { in mbedtls_ssl_set_async_operation_data()
3072 ssl->handshake->user_async_ctx = ctx; in mbedtls_ssl_set_async_operation_data()
3080 uint32_t mbedtls_ssl_get_verify_result(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_verify_result() argument
3082 if (ssl->session != NULL) { in mbedtls_ssl_get_verify_result()
3083 return ssl->session->verify_result; in mbedtls_ssl_get_verify_result()
3086 if (ssl->session_negotiate != NULL) { in mbedtls_ssl_get_verify_result()
3087 return ssl->session_negotiate->verify_result; in mbedtls_ssl_get_verify_result()
3093 int mbedtls_ssl_get_ciphersuite_id_from_ssl(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_ciphersuite_id_from_ssl() argument
3095 if (ssl == NULL || ssl->session == NULL) { in mbedtls_ssl_get_ciphersuite_id_from_ssl()
3099 return ssl->session->ciphersuite; in mbedtls_ssl_get_ciphersuite_id_from_ssl()
3102 const char *mbedtls_ssl_get_ciphersuite(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_ciphersuite() argument
3104 if (ssl == NULL || ssl->session == NULL) { in mbedtls_ssl_get_ciphersuite()
3108 return mbedtls_ssl_get_ciphersuite_name(ssl->session->ciphersuite); in mbedtls_ssl_get_ciphersuite()
3111 const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_version() argument
3114 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_get_version()
3115 switch (ssl->tls_version) { in mbedtls_ssl_get_version()
3124 switch (ssl->tls_version) { in mbedtls_ssl_get_version()
3136 size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_output_record_size_limit() argument
3141 if (ssl->session != NULL && in mbedtls_ssl_get_output_record_size_limit()
3142 ssl->session->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && in mbedtls_ssl_get_output_record_size_limit()
3143 ssl->session->record_size_limit < max_len) { in mbedtls_ssl_get_output_record_size_limit()
3144 record_size_limit = ssl->session->record_size_limit; in mbedtls_ssl_get_output_record_size_limit()
3149 if (ssl->session_negotiate != NULL && in mbedtls_ssl_get_output_record_size_limit()
3150 ssl->session_negotiate->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && in mbedtls_ssl_get_output_record_size_limit()
3151 ssl->session_negotiate->record_size_limit < max_len) { in mbedtls_ssl_get_output_record_size_limit()
3152 record_size_limit = ssl->session_negotiate->record_size_limit; in mbedtls_ssl_get_output_record_size_limit()
3160 size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_input_max_frag_len() argument
3167 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && in mbedtls_ssl_get_input_max_frag_len()
3168 ssl->state >= MBEDTLS_SSL_SERVER_HELLO_DONE) { in mbedtls_ssl_get_input_max_frag_len()
3169 return ssl_mfl_code_to_length(ssl->conf->mfl_code); in mbedtls_ssl_get_input_max_frag_len()
3174 if (ssl->session_out != NULL) { in mbedtls_ssl_get_input_max_frag_len()
3175 read_mfl = ssl_mfl_code_to_length(ssl->session_out->mfl_code); in mbedtls_ssl_get_input_max_frag_len()
3182 if (ssl->session_negotiate != NULL) { in mbedtls_ssl_get_input_max_frag_len()
3183 read_mfl = ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code); in mbedtls_ssl_get_input_max_frag_len()
3192 size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_output_max_frag_len() argument
3199 max_len = ssl_mfl_code_to_length(ssl->conf->mfl_code); in mbedtls_ssl_get_output_max_frag_len()
3202 if (ssl->session_out != NULL && in mbedtls_ssl_get_output_max_frag_len()
3203 ssl_mfl_code_to_length(ssl->session_out->mfl_code) < max_len) { in mbedtls_ssl_get_output_max_frag_len()
3204 max_len = ssl_mfl_code_to_length(ssl->session_out->mfl_code); in mbedtls_ssl_get_output_max_frag_len()
3208 if (ssl->session_negotiate != NULL && in mbedtls_ssl_get_output_max_frag_len()
3209 ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code) < max_len) { in mbedtls_ssl_get_output_max_frag_len()
3210 max_len = ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code); in mbedtls_ssl_get_output_max_frag_len()
3218 size_t mbedtls_ssl_get_current_mtu(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_current_mtu() argument
3221 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && in mbedtls_ssl_get_current_mtu()
3222 (ssl->state == MBEDTLS_SSL_CLIENT_HELLO || in mbedtls_ssl_get_current_mtu()
3223 ssl->state == MBEDTLS_SSL_SERVER_HELLO)) { in mbedtls_ssl_get_current_mtu()
3227 if (ssl->handshake == NULL || ssl->handshake->mtu == 0) { in mbedtls_ssl_get_current_mtu()
3228 return ssl->mtu; in mbedtls_ssl_get_current_mtu()
3231 if (ssl->mtu == 0) { in mbedtls_ssl_get_current_mtu()
3232 return ssl->handshake->mtu; in mbedtls_ssl_get_current_mtu()
3235 return ssl->mtu < ssl->handshake->mtu ? in mbedtls_ssl_get_current_mtu()
3236 ssl->mtu : ssl->handshake->mtu; in mbedtls_ssl_get_current_mtu()
3240 int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_max_out_record_payload() argument
3247 (void) ssl; in mbedtls_ssl_get_max_out_record_payload()
3251 const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl); in mbedtls_ssl_get_max_out_record_payload()
3259 const size_t record_size_limit = mbedtls_ssl_get_output_record_size_limit(ssl); in mbedtls_ssl_get_max_out_record_payload()
3266 if (ssl->transform_out != NULL && in mbedtls_ssl_get_max_out_record_payload()
3267 ssl->transform_out->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_get_max_out_record_payload()
3283 if (mbedtls_ssl_get_current_mtu(ssl) != 0) { in mbedtls_ssl_get_max_out_record_payload()
3284 const size_t mtu = mbedtls_ssl_get_current_mtu(ssl); in mbedtls_ssl_get_max_out_record_payload()
3285 const int ret = mbedtls_ssl_get_record_expansion(ssl); in mbedtls_ssl_get_max_out_record_payload()
3306 ((void) ssl); in mbedtls_ssl_get_max_out_record_payload()
3312 int mbedtls_ssl_get_max_in_record_payload(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_max_in_record_payload() argument
3317 (void) ssl; in mbedtls_ssl_get_max_in_record_payload()
3321 const size_t mfl = mbedtls_ssl_get_input_max_frag_len(ssl); in mbedtls_ssl_get_max_in_record_payload()
3332 const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_peer_cert() argument
3334 if (ssl == NULL || ssl->session == NULL) { in mbedtls_ssl_get_peer_cert()
3339 return ssl->session->peer_cert; in mbedtls_ssl_get_peer_cert()
3347 int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, in mbedtls_ssl_get_session() argument
3352 if (ssl == NULL || in mbedtls_ssl_get_session()
3354 ssl->session == NULL || in mbedtls_ssl_get_session()
3355 ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_get_session()
3370 if (ssl->session->exported == 1) { in mbedtls_ssl_get_session()
3374 ret = mbedtls_ssl_session_copy(dst, ssl->session); in mbedtls_ssl_get_session()
3380 ssl->session->exported = 1; in mbedtls_ssl_get_session()
4463 static int ssl_prepare_handshake_step(mbedtls_ssl_context *ssl) in ssl_prepare_handshake_step() argument
4482 if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { in ssl_prepare_handshake_step()
4487 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_prepare_handshake_step()
4488 ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { in ssl_prepare_handshake_step()
4489 if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { in ssl_prepare_handshake_step()
4498 int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl) in mbedtls_ssl_handshake_step() argument
4502 if (ssl == NULL || in mbedtls_ssl_handshake_step()
4503 ssl->conf == NULL || in mbedtls_ssl_handshake_step()
4504 ssl->handshake == NULL || in mbedtls_ssl_handshake_step()
4505 ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { in mbedtls_ssl_handshake_step()
4509 ret = ssl_prepare_handshake_step(ssl); in mbedtls_ssl_handshake_step()
4514 ret = mbedtls_ssl_handle_pending_alert(ssl); in mbedtls_ssl_handshake_step()
4524 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_handshake_step()
4526 mbedtls_ssl_states_str((mbedtls_ssl_states) ssl->state))); in mbedtls_ssl_handshake_step()
4528 switch (ssl->state) { in mbedtls_ssl_handshake_step()
4530 ssl->state = MBEDTLS_SSL_CLIENT_HELLO; in mbedtls_ssl_handshake_step()
4535 ret = mbedtls_ssl_write_client_hello(ssl); in mbedtls_ssl_handshake_step()
4540 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_handshake_step()
4541 ret = mbedtls_ssl_tls13_handshake_client_step(ssl); in mbedtls_ssl_handshake_step()
4543 ret = mbedtls_ssl_handshake_client_step(ssl); in mbedtls_ssl_handshake_step()
4546 ret = mbedtls_ssl_handshake_client_step(ssl); in mbedtls_ssl_handshake_step()
4548 ret = mbedtls_ssl_tls13_handshake_client_step(ssl); in mbedtls_ssl_handshake_step()
4555 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_handshake_step()
4557 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_handshake_step()
4558 ret = mbedtls_ssl_tls13_handshake_server_step(ssl); in mbedtls_ssl_handshake_step()
4560 ret = mbedtls_ssl_handshake_server_step(ssl); in mbedtls_ssl_handshake_step()
4563 ret = mbedtls_ssl_handshake_server_step(ssl); in mbedtls_ssl_handshake_step()
4565 ret = mbedtls_ssl_tls13_handshake_server_step(ssl); in mbedtls_ssl_handshake_step()
4574 if (ssl->send_alert) { in mbedtls_ssl_handshake_step()
4575 ret = mbedtls_ssl_handle_pending_alert(ssl); in mbedtls_ssl_handshake_step()
4587 int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl) in mbedtls_ssl_handshake() argument
4593 if (ssl == NULL || ssl->conf == NULL) { in mbedtls_ssl_handshake()
4598 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_handshake()
4599 (ssl->f_set_timer == NULL || ssl->f_get_timer == NULL)) { in mbedtls_ssl_handshake()
4609 while (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { in mbedtls_ssl_handshake()
4610 ret = mbedtls_ssl_handshake_step(ssl); in mbedtls_ssl_handshake()
4628 static int ssl_write_hello_request(mbedtls_ssl_context *ssl) in ssl_write_hello_request() argument
4634 ssl->out_msglen = 4; in ssl_write_hello_request()
4635 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_hello_request()
4636 ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_REQUEST; in ssl_write_hello_request()
4638 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in ssl_write_hello_request()
4658 int mbedtls_ssl_start_renegotiation(mbedtls_ssl_context *ssl) in mbedtls_ssl_start_renegotiation() argument
4664 if ((ret = ssl_handshake_init(ssl)) != 0) { in mbedtls_ssl_start_renegotiation()
4671 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_start_renegotiation()
4672 ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { in mbedtls_ssl_start_renegotiation()
4673 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_start_renegotiation()
4674 ssl->handshake->out_msg_seq = 1; in mbedtls_ssl_start_renegotiation()
4676 ssl->handshake->in_msg_seq = 1; in mbedtls_ssl_start_renegotiation()
4681 ssl->state = MBEDTLS_SSL_HELLO_REQUEST; in mbedtls_ssl_start_renegotiation()
4682 ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS; in mbedtls_ssl_start_renegotiation()
4684 if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { in mbedtls_ssl_start_renegotiation()
4698 int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl) in mbedtls_ssl_renegotiate() argument
4702 if (ssl == NULL || ssl->conf == NULL) { in mbedtls_ssl_renegotiate()
4708 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_renegotiate()
4709 if (mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_renegotiate()
4713 ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; in mbedtls_ssl_renegotiate()
4716 if (ssl->out_left != 0) { in mbedtls_ssl_renegotiate()
4717 return mbedtls_ssl_flush_output(ssl); in mbedtls_ssl_renegotiate()
4720 return ssl_write_hello_request(ssl); in mbedtls_ssl_renegotiate()
4729 if (ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { in mbedtls_ssl_renegotiate()
4730 if (mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_renegotiate()
4734 if ((ret = mbedtls_ssl_start_renegotiation(ssl)) != 0) { in mbedtls_ssl_renegotiate()
4739 if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { in mbedtls_ssl_renegotiate()
4750 void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl) in mbedtls_ssl_handshake_free() argument
4752 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in mbedtls_ssl_handshake_free()
4760 if (ssl->handshake->group_list_heap_allocated) { in mbedtls_ssl_handshake_free()
4769 if (ssl->handshake->sig_algs_heap_allocated) { in mbedtls_ssl_handshake_free()
4775 if (ssl->handshake->certificate_request_context) { in mbedtls_ssl_handshake_free()
4782 if (ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0) { in mbedtls_ssl_handshake_free()
4783 ssl->conf->f_async_cancel(ssl); in mbedtls_ssl_handshake_free()
4842 if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { in mbedtls_ssl_handshake_free()
4845 if (ssl->handshake->psk_opaque_is_internal) { in mbedtls_ssl_handshake_free()
4846 psa_destroy_key(ssl->handshake->psk_opaque); in mbedtls_ssl_handshake_free()
4847 ssl->handshake->psk_opaque_is_internal = 0; in mbedtls_ssl_handshake_free()
4849 ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT; in mbedtls_ssl_handshake_free()
4888 mbedtls_ssl_buffering_free(ssl); in mbedtls_ssl_handshake_free()
4912 handle_buffer_resizing(ssl, 1, mbedtls_ssl_get_input_buflen(ssl), in mbedtls_ssl_handshake_free()
4913 mbedtls_ssl_get_output_buflen(ssl)); in mbedtls_ssl_handshake_free()
5034 int mbedtls_ssl_context_save(mbedtls_ssl_context *ssl, in mbedtls_ssl_context_save() argument
5053 if (mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_context_save()
5057 if (ssl->handshake != NULL) { in mbedtls_ssl_context_save()
5062 if (ssl->transform == NULL || ssl->session == NULL) { in mbedtls_ssl_context_save()
5067 if (mbedtls_ssl_check_pending(ssl) != 0) { in mbedtls_ssl_context_save()
5071 if (ssl->out_left != 0) { in mbedtls_ssl_context_save()
5076 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_context_save()
5081 if (ssl->tls_version != MBEDTLS_SSL_VERSION_TLS1_2) { in mbedtls_ssl_context_save()
5086 if (mbedtls_ssl_transform_uses_aead(ssl->transform) != 1) { in mbedtls_ssl_context_save()
5092 if (ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED) { in mbedtls_ssl_context_save()
5112 ret = ssl_session_save(ssl->session, 1, NULL, 0, &session_len); in mbedtls_ssl_context_save()
5122 ret = ssl_session_save(ssl->session, 1, in mbedtls_ssl_context_save()
5134 used += sizeof(ssl->transform->randbytes); in mbedtls_ssl_context_save()
5136 memcpy(p, ssl->transform->randbytes, in mbedtls_ssl_context_save()
5137 sizeof(ssl->transform->randbytes)); in mbedtls_ssl_context_save()
5138 p += sizeof(ssl->transform->randbytes); in mbedtls_ssl_context_save()
5142 used += 2U + ssl->transform->in_cid_len + ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5144 *p++ = ssl->transform->in_cid_len; in mbedtls_ssl_context_save()
5145 memcpy(p, ssl->transform->in_cid, ssl->transform->in_cid_len); in mbedtls_ssl_context_save()
5146 p += ssl->transform->in_cid_len; in mbedtls_ssl_context_save()
5148 *p++ = ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5149 memcpy(p, ssl->transform->out_cid, ssl->transform->out_cid_len); in mbedtls_ssl_context_save()
5150 p += ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5159 MBEDTLS_PUT_UINT32_BE(ssl->badmac_seen, p, 0); in mbedtls_ssl_context_save()
5166 MBEDTLS_PUT_UINT64_BE(ssl->in_window_top, p, 0); in mbedtls_ssl_context_save()
5169 MBEDTLS_PUT_UINT64_BE(ssl->in_window, p, 0); in mbedtls_ssl_context_save()
5177 *p++ = ssl->disable_datagram_packing; in mbedtls_ssl_context_save()
5183 memcpy(p, ssl->cur_out_ctr, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN); in mbedtls_ssl_context_save()
5190 MBEDTLS_PUT_UINT16_BE(ssl->mtu, p, 0); in mbedtls_ssl_context_save()
5197 const uint8_t alpn_len = ssl->alpn_chosen in mbedtls_ssl_context_save()
5198 ? (uint8_t) strlen(ssl->alpn_chosen) in mbedtls_ssl_context_save()
5205 if (ssl->alpn_chosen != NULL) { in mbedtls_ssl_context_save()
5206 memcpy(p, ssl->alpn_chosen, alpn_len); in mbedtls_ssl_context_save()
5224 return mbedtls_ssl_session_reset_int(ssl, 0); in mbedtls_ssl_context_save()
5234 static int ssl_context_load(mbedtls_ssl_context *ssl, in ssl_context_load() argument
5252 if (ssl->state != MBEDTLS_SSL_HELLO_REQUEST || in ssl_context_load()
5253 ssl->session != NULL) { in ssl_context_load()
5263 ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED || in ssl_context_load()
5265 ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || in ssl_context_load()
5266 ssl->conf->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2 || in ssl_context_load()
5267 ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2 in ssl_context_load()
5299 ssl->session = ssl->session_negotiate; in ssl_context_load()
5300 ssl->session_in = ssl->session; in ssl_context_load()
5301 ssl->session_out = ssl->session; in ssl_context_load()
5302 ssl->session_negotiate = NULL; in ssl_context_load()
5308 ret = ssl_session_load(ssl->session, 1, p, session_len); in ssl_context_load()
5310 mbedtls_ssl_session_free(ssl->session); in ssl_context_load()
5323 ssl->transform = ssl->transform_negotiate; in ssl_context_load()
5324 ssl->transform_in = ssl->transform; in ssl_context_load()
5325 ssl->transform_out = ssl->transform; in ssl_context_load()
5326 ssl->transform_negotiate = NULL; in ssl_context_load()
5330 prf_func = ssl_tls12prf_from_cs(ssl->session->ciphersuite); in ssl_context_load()
5336 if ((size_t) (end - p) < sizeof(ssl->transform->randbytes)) { in ssl_context_load()
5340 ret = ssl_tls12_populate_transform(ssl->transform, in ssl_context_load()
5341 ssl->session->ciphersuite, in ssl_context_load()
5342 ssl->session->master, in ssl_context_load()
5344 ssl->session->encrypt_then_mac, in ssl_context_load()
5349 ssl->conf->endpoint, in ssl_context_load()
5350 ssl); in ssl_context_load()
5355 p += sizeof(ssl->transform->randbytes); in ssl_context_load()
5363 ssl->transform->in_cid_len = *p++; in ssl_context_load()
5365 if ((size_t) (end - p) < ssl->transform->in_cid_len + 1u) { in ssl_context_load()
5369 memcpy(ssl->transform->in_cid, p, ssl->transform->in_cid_len); in ssl_context_load()
5370 p += ssl->transform->in_cid_len; in ssl_context_load()
5372 ssl->transform->out_cid_len = *p++; in ssl_context_load()
5374 if ((size_t) (end - p) < ssl->transform->out_cid_len) { in ssl_context_load()
5378 memcpy(ssl->transform->out_cid, p, ssl->transform->out_cid_len); in ssl_context_load()
5379 p += ssl->transform->out_cid_len; in ssl_context_load()
5389 ssl->badmac_seen = MBEDTLS_GET_UINT32_BE(p, 0); in ssl_context_load()
5397 ssl->in_window_top = MBEDTLS_GET_UINT64_BE(p, 0); in ssl_context_load()
5400 ssl->in_window = MBEDTLS_GET_UINT64_BE(p, 0); in ssl_context_load()
5409 ssl->disable_datagram_packing = *p++; in ssl_context_load()
5412 if ((size_t) (end - p) < sizeof(ssl->cur_out_ctr)) { in ssl_context_load()
5415 memcpy(ssl->cur_out_ctr, p, sizeof(ssl->cur_out_ctr)); in ssl_context_load()
5416 p += sizeof(ssl->cur_out_ctr); in ssl_context_load()
5423 ssl->mtu = MBEDTLS_GET_UINT16_BE(p, 0); in ssl_context_load()
5438 if (alpn_len != 0 && ssl->conf->alpn_list != NULL) { in ssl_context_load()
5440 for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) { in ssl_context_load()
5443 ssl->alpn_chosen = *cur; in ssl_context_load()
5450 if (alpn_len != 0 && ssl->alpn_chosen == NULL) { in ssl_context_load()
5464 ssl->state = MBEDTLS_SSL_HANDSHAKE_OVER; in ssl_context_load()
5465 ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; in ssl_context_load()
5469 mbedtls_ssl_update_out_pointers(ssl, ssl->transform); in ssl_context_load()
5472 ssl->in_epoch = 1; in ssl_context_load()
5479 if (ssl->handshake != NULL) { in ssl_context_load()
5480 mbedtls_ssl_handshake_free(ssl); in ssl_context_load()
5481 mbedtls_free(ssl->handshake); in ssl_context_load()
5482 ssl->handshake = NULL; in ssl_context_load()
5515 void mbedtls_ssl_free(mbedtls_ssl_context *ssl) in mbedtls_ssl_free() argument
5517 if (ssl == NULL) { in mbedtls_ssl_free()
5523 if (ssl->out_buf != NULL) { in mbedtls_ssl_free()
5525 size_t out_buf_len = ssl->out_buf_len; in mbedtls_ssl_free()
5530 mbedtls_zeroize_and_free(ssl->out_buf, out_buf_len); in mbedtls_ssl_free()
5531 ssl->out_buf = NULL; in mbedtls_ssl_free()
5534 if (ssl->in_buf != NULL) { in mbedtls_ssl_free()
5536 size_t in_buf_len = ssl->in_buf_len; in mbedtls_ssl_free()
5541 mbedtls_zeroize_and_free(ssl->in_buf, in_buf_len); in mbedtls_ssl_free()
5542 ssl->in_buf = NULL; in mbedtls_ssl_free()
5545 if (ssl->transform) { in mbedtls_ssl_free()
5546 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_free()
5547 mbedtls_free(ssl->transform); in mbedtls_ssl_free()
5550 if (ssl->handshake) { in mbedtls_ssl_free()
5551 mbedtls_ssl_handshake_free(ssl); in mbedtls_ssl_free()
5552 mbedtls_free(ssl->handshake); in mbedtls_ssl_free()
5555 mbedtls_ssl_transform_free(ssl->transform_negotiate); in mbedtls_ssl_free()
5556 mbedtls_free(ssl->transform_negotiate); in mbedtls_ssl_free()
5559 mbedtls_ssl_session_free(ssl->session_negotiate); in mbedtls_ssl_free()
5560 mbedtls_free(ssl->session_negotiate); in mbedtls_ssl_free()
5564 mbedtls_ssl_transform_free(ssl->transform_application); in mbedtls_ssl_free()
5565 mbedtls_free(ssl->transform_application); in mbedtls_ssl_free()
5568 if (ssl->session) { in mbedtls_ssl_free()
5569 mbedtls_ssl_session_free(ssl->session); in mbedtls_ssl_free()
5570 mbedtls_free(ssl->session); in mbedtls_ssl_free()
5574 if (ssl->hostname != NULL) { in mbedtls_ssl_free()
5575 mbedtls_zeroize_and_free(ssl->hostname, strlen(ssl->hostname)); in mbedtls_ssl_free()
5580 mbedtls_free(ssl->cli_id); in mbedtls_ssl_free()
5586 mbedtls_platform_zeroize(ssl, sizeof(mbedtls_ssl_context)); in mbedtls_ssl_free()
6219 int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id) in mbedtls_ssl_check_curve_tls_id() argument
6221 const uint16_t *group_list = mbedtls_ssl_get_groups(ssl); in mbedtls_ssl_check_curve_tls_id()
6240 int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id) in mbedtls_ssl_check_curve() argument
6248 return mbedtls_ssl_check_curve_tls_id(ssl, tls_id); in mbedtls_ssl_check_curve()
6378 int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_handshake_transcript() argument
6393 hash_operation_to_clone = &ssl->handshake->fin_sha384_psa; in mbedtls_ssl_get_handshake_transcript()
6399 hash_operation_to_clone = &ssl->handshake->fin_sha256_psa; in mbedtls_ssl_get_handshake_transcript()
6420 (void) ssl; in mbedtls_ssl_get_handshake_transcript()
6428 static int ssl_get_handshake_transcript_sha384(mbedtls_ssl_context *ssl, in ssl_get_handshake_transcript_sha384() argument
6445 ret = mbedtls_md_clone(&sha384, &ssl->handshake->fin_sha384); in ssl_get_handshake_transcript_sha384()
6466 static int ssl_get_handshake_transcript_sha256(mbedtls_ssl_context *ssl, in ssl_get_handshake_transcript_sha256() argument
6483 ret = mbedtls_md_clone(&sha256, &ssl->handshake->fin_sha256); in ssl_get_handshake_transcript_sha256()
6502 int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_handshake_transcript() argument
6512 return ssl_get_handshake_transcript_sha384(ssl, dst, dst_len, olen); in mbedtls_ssl_get_handshake_transcript()
6517 return ssl_get_handshake_transcript_sha256(ssl, dst, dst_len, olen); in mbedtls_ssl_get_handshake_transcript()
6523 (void) ssl; in mbedtls_ssl_get_handshake_transcript()
6576 int mbedtls_ssl_parse_sig_alg_ext(mbedtls_ssl_context *ssl, in mbedtls_ssl_parse_sig_alg_ext() argument
6590 memset(ssl->handshake->received_sig_algs, 0, in mbedtls_ssl_parse_sig_alg_ext()
6591 sizeof(ssl->handshake->received_sig_algs)); in mbedtls_ssl_parse_sig_alg_ext()
6603 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2 && in mbedtls_ssl_parse_sig_alg_ext()
6604 (!(mbedtls_ssl_sig_alg_is_supported(ssl, sig_alg) && in mbedtls_ssl_parse_sig_alg_ext()
6605 mbedtls_ssl_sig_alg_is_offered(ssl, sig_alg)))) { in mbedtls_ssl_parse_sig_alg_ext()
6614 ssl->handshake->received_sig_algs[common_idx] = sig_alg; in mbedtls_ssl_parse_sig_alg_ext()
6634 ssl->handshake->received_sig_algs[common_idx] = MBEDTLS_TLS_SIG_NONE; in mbedtls_ssl_parse_sig_alg_ext()
6975 const mbedtls_ssl_context *ssl) in ssl_compute_master() argument
7007 ssl = NULL; /* make sure we don't use it except for those cases */ in ssl_compute_master()
7008 (void) ssl; in ssl_compute_master()
7020 ret = handshake->calc_verify(ssl, session_hash, &seed_len); in ssl_compute_master()
7043 psk = mbedtls_ssl_get_opaque_psk(ssl); in ssl_compute_master()
7074 ssl->conf->psk, ssl->conf->psk_len, in ssl_compute_master()
7165 int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl) in mbedtls_ssl_derive_keys() argument
7169 ssl->handshake->ciphersuite_info; in mbedtls_ssl_derive_keys()
7174 ret = ssl_set_handshake_prfs(ssl->handshake, in mbedtls_ssl_derive_keys()
7182 ret = ssl_compute_master(ssl->handshake, in mbedtls_ssl_derive_keys()
7183 ssl->session_negotiate->master, in mbedtls_ssl_derive_keys()
7184 ssl); in mbedtls_ssl_derive_keys()
7195 memcpy(tmp, ssl->handshake->randbytes, 64); in mbedtls_ssl_derive_keys()
7196 memcpy(ssl->handshake->randbytes, tmp + 32, 32); in mbedtls_ssl_derive_keys()
7197 memcpy(ssl->handshake->randbytes + 32, tmp, 32); in mbedtls_ssl_derive_keys()
7202 ret = ssl_tls12_populate_transform(ssl->transform_negotiate, in mbedtls_ssl_derive_keys()
7203 ssl->session_negotiate->ciphersuite, in mbedtls_ssl_derive_keys()
7204 ssl->session_negotiate->master, in mbedtls_ssl_derive_keys()
7206 ssl->session_negotiate->encrypt_then_mac, in mbedtls_ssl_derive_keys()
7208 ssl->handshake->tls_prf, in mbedtls_ssl_derive_keys()
7209 ssl->handshake->randbytes, in mbedtls_ssl_derive_keys()
7210 ssl->tls_version, in mbedtls_ssl_derive_keys()
7211 ssl->conf->endpoint, in mbedtls_ssl_derive_keys()
7212 ssl); in mbedtls_ssl_derive_keys()
7219 mbedtls_platform_zeroize(ssl->handshake->randbytes, in mbedtls_ssl_derive_keys()
7220 sizeof(ssl->handshake->randbytes)); in mbedtls_ssl_derive_keys()
7227 int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md) in mbedtls_ssl_set_calc_verify_md() argument
7232 ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384; in mbedtls_ssl_set_calc_verify_md()
7237 ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256; in mbedtls_ssl_set_calc_verify_md()
7245 (void) ssl; in mbedtls_ssl_set_calc_verify_md()
7251 static int ssl_calc_verify_tls_psa(const mbedtls_ssl_context *ssl, in ssl_calc_verify_tls_psa() argument
7261 (void) ssl; in ssl_calc_verify_tls_psa()
7282 static int ssl_calc_verify_tls_legacy(const mbedtls_ssl_context *ssl, in ssl_calc_verify_tls_legacy() argument
7293 (void) ssl; in ssl_calc_verify_tls_legacy()
7323 int ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *ssl, in ssl_calc_verify_tls_sha256() argument
7328 return ssl_calc_verify_tls_psa(ssl, &ssl->handshake->fin_sha256_psa, 32, in ssl_calc_verify_tls_sha256()
7331 return ssl_calc_verify_tls_legacy(ssl, &ssl->handshake->fin_sha256, in ssl_calc_verify_tls_sha256()
7338 int ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *ssl, in ssl_calc_verify_tls_sha384() argument
7343 return ssl_calc_verify_tls_psa(ssl, &ssl->handshake->fin_sha384_psa, 48, in ssl_calc_verify_tls_sha384()
7346 return ssl_calc_verify_tls_legacy(ssl, &ssl->handshake->fin_sha384, in ssl_calc_verify_tls_sha384()
7354 int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex) in mbedtls_ssl_psk_derive_premaster() argument
7356 unsigned char *p = ssl->handshake->premaster; in mbedtls_ssl_psk_derive_premaster()
7357 unsigned char *end = p + sizeof(ssl->handshake->premaster); in mbedtls_ssl_psk_derive_premaster()
7360 int psk_ret = mbedtls_ssl_get_psk(ssl, &psk, &psk_len); in mbedtls_ssl_psk_derive_premaster()
7421 if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, in mbedtls_ssl_psk_derive_premaster()
7423 ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { in mbedtls_ssl_psk_derive_premaster()
7430 MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K); in mbedtls_ssl_psk_derive_premaster()
7438 if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, &zlen, in mbedtls_ssl_psk_derive_premaster()
7440 ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { in mbedtls_ssl_psk_derive_premaster()
7448 MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, in mbedtls_ssl_psk_derive_premaster()
7472 ssl->handshake->pmslen = (size_t) (p - ssl->handshake->premaster); in mbedtls_ssl_psk_derive_premaster()
7480 static int ssl_write_hello_request(mbedtls_ssl_context *ssl);
7483 int mbedtls_ssl_resend_hello_request(mbedtls_ssl_context *ssl) in mbedtls_ssl_resend_hello_request() argument
7487 if (ssl->conf->renego_max_records < 0) { in mbedtls_ssl_resend_hello_request()
7488 uint32_t ratio = ssl->conf->hs_timeout_max / ssl->conf->hs_timeout_min + 1; in mbedtls_ssl_resend_hello_request()
7496 if (++ssl->renego_records_seen > doublings) { in mbedtls_ssl_resend_hello_request()
7502 return ssl_write_hello_request(ssl); in mbedtls_ssl_resend_hello_request()
7512 int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) in mbedtls_ssl_write_certificate() argument
7515 ssl->handshake->ciphersuite_info; in mbedtls_ssl_write_certificate()
7521 ssl->state++; in mbedtls_ssl_write_certificate()
7529 int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl) in mbedtls_ssl_parse_certificate() argument
7532 ssl->handshake->ciphersuite_info; in mbedtls_ssl_parse_certificate()
7538 ssl->state++; in mbedtls_ssl_parse_certificate()
7549 int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) in mbedtls_ssl_write_certificate() argument
7555 ssl->handshake->ciphersuite_info; in mbedtls_ssl_write_certificate()
7561 ssl->state++; in mbedtls_ssl_write_certificate()
7566 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_write_certificate()
7567 if (ssl->handshake->client_auth == 0) { in mbedtls_ssl_write_certificate()
7569 ssl->state++; in mbedtls_ssl_write_certificate()
7575 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_write_certificate()
7576 if (mbedtls_ssl_own_cert(ssl) == NULL) { in mbedtls_ssl_write_certificate()
7584 MBEDTLS_SSL_DEBUG_CRT(3, "own certificate", mbedtls_ssl_own_cert(ssl)); in mbedtls_ssl_write_certificate()
7596 crt = mbedtls_ssl_own_cert(ssl); in mbedtls_ssl_write_certificate()
7607 ssl->out_msg[i] = MBEDTLS_BYTE_2(n); in mbedtls_ssl_write_certificate()
7608 ssl->out_msg[i + 1] = MBEDTLS_BYTE_1(n); in mbedtls_ssl_write_certificate()
7609 ssl->out_msg[i + 2] = MBEDTLS_BYTE_0(n); in mbedtls_ssl_write_certificate()
7611 i += 3; memcpy(ssl->out_msg + i, crt->raw.p, n); in mbedtls_ssl_write_certificate()
7615 ssl->out_msg[4] = MBEDTLS_BYTE_2(i - 7); in mbedtls_ssl_write_certificate()
7616 ssl->out_msg[5] = MBEDTLS_BYTE_1(i - 7); in mbedtls_ssl_write_certificate()
7617 ssl->out_msg[6] = MBEDTLS_BYTE_0(i - 7); in mbedtls_ssl_write_certificate()
7619 ssl->out_msglen = i; in mbedtls_ssl_write_certificate()
7620 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in mbedtls_ssl_write_certificate()
7621 ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE; in mbedtls_ssl_write_certificate()
7623 ssl->state++; in mbedtls_ssl_write_certificate()
7625 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in mbedtls_ssl_write_certificate()
7639 static int ssl_check_peer_crt_unchanged(mbedtls_ssl_context *ssl, in ssl_check_peer_crt_unchanged() argument
7643 mbedtls_x509_crt const * const peer_crt = ssl->session->peer_cert; in ssl_check_peer_crt_unchanged()
7657 static int ssl_check_peer_crt_unchanged(mbedtls_ssl_context *ssl, in ssl_check_peer_crt_unchanged() argument
7663 ssl->session->peer_cert_digest; in ssl_check_peer_crt_unchanged()
7665 ssl->session->peer_cert_digest_type; in ssl_check_peer_crt_unchanged()
7695 static int ssl_parse_certificate_chain(mbedtls_ssl_context *ssl, in ssl_parse_certificate_chain() argument
7705 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in ssl_parse_certificate_chain()
7707 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_certificate_chain()
7712 if (ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE) { in ssl_parse_certificate_chain()
7713 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_certificate_chain()
7718 if (ssl->in_hslen < mbedtls_ssl_hs_hdr_len(ssl) + 3 + 3) { in ssl_parse_certificate_chain()
7720 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_certificate_chain()
7725 i = mbedtls_ssl_hs_hdr_len(ssl); in ssl_parse_certificate_chain()
7730 n = MBEDTLS_GET_UINT16_BE(ssl->in_msg, i + 1); in ssl_parse_certificate_chain()
7732 if (ssl->in_msg[i] != 0 || in ssl_parse_certificate_chain()
7733 ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len(ssl)) { in ssl_parse_certificate_chain()
7735 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_certificate_chain()
7744 while (i < ssl->in_hslen) { in ssl_parse_certificate_chain()
7746 if (i + 3 > ssl->in_hslen) { in ssl_parse_certificate_chain()
7748 mbedtls_ssl_send_alert_message(ssl, in ssl_parse_certificate_chain()
7755 if (ssl->in_msg[i] != 0) { in ssl_parse_certificate_chain()
7757 mbedtls_ssl_send_alert_message(ssl, in ssl_parse_certificate_chain()
7764 n = MBEDTLS_GET_UINT16_BE(ssl->in_msg, i + 1); in ssl_parse_certificate_chain()
7767 if (n < 128 || i + n > ssl->in_hslen) { in ssl_parse_certificate_chain()
7769 mbedtls_ssl_send_alert_message(ssl, in ssl_parse_certificate_chain()
7778 ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && in ssl_parse_certificate_chain()
7779 ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { in ssl_parse_certificate_chain()
7785 if (ssl_check_peer_crt_unchanged(ssl, in ssl_parse_certificate_chain()
7786 &ssl->in_msg[i], in ssl_parse_certificate_chain()
7789 mbedtls_ssl_send_alert_message(ssl, in ssl_parse_certificate_chain()
7796 ssl_clear_peer_cert(ssl->session); in ssl_parse_certificate_chain()
7802 ret = mbedtls_x509_crt_parse_der(chain, ssl->in_msg + i, n); in ssl_parse_certificate_chain()
7806 ret = mbedtls_x509_crt_parse_der_nocopy(chain, ssl->in_msg + i, n); in ssl_parse_certificate_chain()
7826 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert); in ssl_parse_certificate_chain()
7840 static int ssl_srv_check_client_no_crt_notification(mbedtls_ssl_context *ssl) in ssl_srv_check_client_no_crt_notification() argument
7842 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_srv_check_client_no_crt_notification()
7846 if (ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len(ssl) && in ssl_srv_check_client_no_crt_notification()
7847 ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && in ssl_srv_check_client_no_crt_notification()
7848 ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE && in ssl_srv_check_client_no_crt_notification()
7849 memcmp(ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl), "\0\0\0", 3) == 0) { in ssl_srv_check_client_no_crt_notification()
7866 static int ssl_parse_certificate_coordinate(mbedtls_ssl_context *ssl, in ssl_parse_certificate_coordinate() argument
7870 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_coordinate()
7877 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in ssl_parse_certificate_coordinate()
7883 ssl->session_negotiate->verify_result = in ssl_parse_certificate_coordinate()
7897 static int ssl_remember_peer_crt_digest(mbedtls_ssl_context *ssl, in ssl_remember_peer_crt_digest() argument
7902 ssl->session_negotiate->peer_cert_digest = in ssl_remember_peer_crt_digest()
7904 if (ssl->session_negotiate->peer_cert_digest == NULL) { in ssl_remember_peer_crt_digest()
7907 mbedtls_ssl_send_alert_message(ssl, in ssl_remember_peer_crt_digest()
7917 ssl->session_negotiate->peer_cert_digest); in ssl_remember_peer_crt_digest()
7919 ssl->session_negotiate->peer_cert_digest_type = in ssl_remember_peer_crt_digest()
7921 ssl->session_negotiate->peer_cert_digest_len = in ssl_remember_peer_crt_digest()
7928 static int ssl_remember_peer_pubkey(mbedtls_ssl_context *ssl, in ssl_remember_peer_pubkey() argument
7935 mbedtls_pk_init(&ssl->handshake->peer_pubkey); in ssl_remember_peer_pubkey()
7937 &ssl->handshake->peer_pubkey); in ssl_remember_peer_pubkey()
7947 int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl) in mbedtls_ssl_parse_certificate() argument
7953 const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET in mbedtls_ssl_parse_certificate()
7954 ? ssl->handshake->sni_authmode in mbedtls_ssl_parse_certificate()
7955 : ssl->conf->authmode; in mbedtls_ssl_parse_certificate()
7957 const int authmode = ssl->conf->authmode; in mbedtls_ssl_parse_certificate()
7964 crt_expected = ssl_parse_certificate_coordinate(ssl, authmode); in mbedtls_ssl_parse_certificate()
7971 if (ssl->handshake->ecrs_enabled && in mbedtls_ssl_parse_certificate()
7972 ssl->handshake->ecrs_state == ssl_ecrs_crt_verify) { in mbedtls_ssl_parse_certificate()
7973 chain = ssl->handshake->ecrs_peer_cert; in mbedtls_ssl_parse_certificate()
7974 ssl->handshake->ecrs_peer_cert = NULL; in mbedtls_ssl_parse_certificate()
7979 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in mbedtls_ssl_parse_certificate()
7987 if (ssl_srv_check_client_no_crt_notification(ssl) == 0) { in mbedtls_ssl_parse_certificate()
7988 ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING; in mbedtls_ssl_parse_certificate()
8000 ssl_clear_peer_cert(ssl->session_negotiate); in mbedtls_ssl_parse_certificate()
8006 mbedtls_ssl_send_alert_message(ssl, in mbedtls_ssl_parse_certificate()
8015 ret = ssl_parse_certificate_chain(ssl, chain); in mbedtls_ssl_parse_certificate()
8021 if (ssl->handshake->ecrs_enabled) { in mbedtls_ssl_parse_certificate()
8022 ssl->handshake->ecrs_state = ssl_ecrs_crt_verify; in mbedtls_ssl_parse_certificate()
8026 if (ssl->handshake->ecrs_enabled) { in mbedtls_ssl_parse_certificate()
8027 rs_ctx = &ssl->handshake->ecrs_ctx; in mbedtls_ssl_parse_certificate()
8031 ret = mbedtls_ssl_verify_certificate(ssl, authmode, chain, in mbedtls_ssl_parse_certificate()
8032 ssl->handshake->ciphersuite_info, in mbedtls_ssl_parse_certificate()
8060 ret = ssl_remember_peer_crt_digest(ssl, crt_start, crt_len); in mbedtls_ssl_parse_certificate()
8065 ret = ssl_remember_peer_pubkey(ssl, pk_start, pk_len); in mbedtls_ssl_parse_certificate()
8072 ssl->session_negotiate->peer_cert = chain; in mbedtls_ssl_parse_certificate()
8081 ssl->state++; in mbedtls_ssl_parse_certificate()
8086 ssl->handshake->ecrs_peer_cert = chain; in mbedtls_ssl_parse_certificate()
8100 static int ssl_calc_finished_tls_generic(mbedtls_ssl_context *ssl, void *ctx, in ssl_calc_finished_tls_generic() argument
8118 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_calc_finished_tls_generic()
8120 session = ssl->session; in ssl_calc_finished_tls_generic()
8165 ssl->handshake->tls_prf(session->master, 48, sender, in ssl_calc_finished_tls_generic()
8186 mbedtls_ssl_context *ssl, unsigned char *buf, int from) in ssl_calc_finished_tls_sha256() argument
8189 return ssl_calc_finished_tls_generic(ssl, in ssl_calc_finished_tls_sha256()
8191 &ssl->handshake->fin_sha256_psa, in ssl_calc_finished_tls_sha256()
8193 &ssl->handshake->fin_sha256, in ssl_calc_finished_tls_sha256()
8203 mbedtls_ssl_context *ssl, unsigned char *buf, int from) in ssl_calc_finished_tls_sha384() argument
8206 return ssl_calc_finished_tls_generic(ssl, in ssl_calc_finished_tls_sha384()
8208 &ssl->handshake->fin_sha384_psa, in ssl_calc_finished_tls_sha384()
8210 &ssl->handshake->fin_sha384, in ssl_calc_finished_tls_sha384()
8217 void mbedtls_ssl_handshake_wrapup_free_hs_transform(mbedtls_ssl_context *ssl) in mbedtls_ssl_handshake_wrapup_free_hs_transform() argument
8224 mbedtls_ssl_handshake_free(ssl); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8225 mbedtls_free(ssl->handshake); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8226 ssl->handshake = NULL; in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8231 if (ssl->transform) { in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8232 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8233 mbedtls_free(ssl->transform); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8235 ssl->transform = ssl->transform_negotiate; in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8236 ssl->transform_negotiate = NULL; in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8241 void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl) in mbedtls_ssl_handshake_wrapup() argument
8243 int resume = ssl->handshake->resume; in mbedtls_ssl_handshake_wrapup()
8248 if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { in mbedtls_ssl_handshake_wrapup()
8249 ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_DONE; in mbedtls_ssl_handshake_wrapup()
8250 ssl->renego_records_seen = 0; in mbedtls_ssl_handshake_wrapup()
8257 if (ssl->session) { in mbedtls_ssl_handshake_wrapup()
8260 ssl->session_negotiate->encrypt_then_mac = in mbedtls_ssl_handshake_wrapup()
8261 ssl->session->encrypt_then_mac; in mbedtls_ssl_handshake_wrapup()
8264 mbedtls_ssl_session_free(ssl->session); in mbedtls_ssl_handshake_wrapup()
8265 mbedtls_free(ssl->session); in mbedtls_ssl_handshake_wrapup()
8267 ssl->session = ssl->session_negotiate; in mbedtls_ssl_handshake_wrapup()
8268 ssl->session_negotiate = NULL; in mbedtls_ssl_handshake_wrapup()
8273 if (ssl->conf->f_set_cache != NULL && in mbedtls_ssl_handshake_wrapup()
8274 ssl->session->id_len != 0 && in mbedtls_ssl_handshake_wrapup()
8276 if (ssl->conf->f_set_cache(ssl->conf->p_cache, in mbedtls_ssl_handshake_wrapup()
8277 ssl->session->id, in mbedtls_ssl_handshake_wrapup()
8278 ssl->session->id_len, in mbedtls_ssl_handshake_wrapup()
8279 ssl->session) != 0) { in mbedtls_ssl_handshake_wrapup()
8285 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_handshake_wrapup()
8286 ssl->handshake->flight != NULL) { in mbedtls_ssl_handshake_wrapup()
8288 mbedtls_ssl_set_timer(ssl, 0); in mbedtls_ssl_handshake_wrapup()
8295 mbedtls_ssl_handshake_wrapup_free_hs_transform(ssl); in mbedtls_ssl_handshake_wrapup()
8297 ssl->state = MBEDTLS_SSL_HANDSHAKE_OVER; in mbedtls_ssl_handshake_wrapup()
8302 int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl) in mbedtls_ssl_write_finished() argument
8309 mbedtls_ssl_update_out_pointers(ssl, ssl->transform_negotiate); in mbedtls_ssl_write_finished()
8311 ret = ssl->handshake->calc_finished(ssl, ssl->out_msg + 4, ssl->conf->endpoint); in mbedtls_ssl_write_finished()
8325 ssl->verify_data_len = hash_len; in mbedtls_ssl_write_finished()
8326 memcpy(ssl->own_verify_data, ssl->out_msg + 4, hash_len); in mbedtls_ssl_write_finished()
8329 ssl->out_msglen = 4 + hash_len; in mbedtls_ssl_write_finished()
8330 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in mbedtls_ssl_write_finished()
8331 ssl->out_msg[0] = MBEDTLS_SSL_HS_FINISHED; in mbedtls_ssl_write_finished()
8337 if (ssl->handshake->resume != 0) { in mbedtls_ssl_write_finished()
8339 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_write_finished()
8340 ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; in mbedtls_ssl_write_finished()
8344 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_write_finished()
8345 ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; in mbedtls_ssl_write_finished()
8349 ssl->state++; in mbedtls_ssl_write_finished()
8359 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_write_finished()
8363 ssl->handshake->alt_transform_out = ssl->transform_out; in mbedtls_ssl_write_finished()
8364 memcpy(ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, in mbedtls_ssl_write_finished()
8365 sizeof(ssl->handshake->alt_out_ctr)); in mbedtls_ssl_write_finished()
8368 memset(&ssl->cur_out_ctr[2], 0, sizeof(ssl->cur_out_ctr) - 2); in mbedtls_ssl_write_finished()
8373 if (++ssl->cur_out_ctr[i - 1] != 0) { in mbedtls_ssl_write_finished()
8385 memset(ssl->cur_out_ctr, 0, sizeof(ssl->cur_out_ctr)); in mbedtls_ssl_write_finished()
8387 ssl->transform_out = ssl->transform_negotiate; in mbedtls_ssl_write_finished()
8388 ssl->session_out = ssl->session_negotiate; in mbedtls_ssl_write_finished()
8391 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_write_finished()
8392 mbedtls_ssl_send_flight_completed(ssl); in mbedtls_ssl_write_finished()
8396 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in mbedtls_ssl_write_finished()
8402 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_write_finished()
8403 (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { in mbedtls_ssl_write_finished()
8416 int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl) in mbedtls_ssl_parse_finished() argument
8424 ret = ssl->handshake->calc_finished(ssl, buf, ssl->conf->endpoint ^ 1); in mbedtls_ssl_parse_finished()
8429 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in mbedtls_ssl_parse_finished()
8434 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in mbedtls_ssl_parse_finished()
8436 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_parse_finished()
8442 if (ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED) { in mbedtls_ssl_parse_finished()
8443 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_parse_finished()
8449 if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + hash_len) { in mbedtls_ssl_parse_finished()
8451 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_parse_finished()
8457 if (mbedtls_ct_memcmp(ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl), in mbedtls_ssl_parse_finished()
8460 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_parse_finished()
8467 ssl->verify_data_len = hash_len; in mbedtls_ssl_parse_finished()
8468 memcpy(ssl->peer_verify_data, buf, hash_len); in mbedtls_ssl_parse_finished()
8471 if (ssl->handshake->resume != 0) { in mbedtls_ssl_parse_finished()
8473 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_parse_finished()
8474 ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; in mbedtls_ssl_parse_finished()
8478 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_parse_finished()
8479 ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; in mbedtls_ssl_parse_finished()
8483 ssl->state++; in mbedtls_ssl_parse_finished()
8487 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_parse_finished()
8488 mbedtls_ssl_recv_flight_completed(ssl); in mbedtls_ssl_parse_finished()
8576 const mbedtls_ssl_context *ssl) in ssl_tls12_populate_transform() argument
8682 if (ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED) { in ssl_tls12_populate_transform()
8685 transform->in_cid_len = ssl->own_cid_len; in ssl_tls12_populate_transform()
8686 memcpy(transform->in_cid, ssl->own_cid, ssl->own_cid_len); in ssl_tls12_populate_transform()
8690 transform->out_cid_len = ssl->handshake->peer_cid_len; in ssl_tls12_populate_transform()
8691 memcpy(transform->out_cid, ssl->handshake->peer_cid, in ssl_tls12_populate_transform()
8692 ssl->handshake->peer_cid_len); in ssl_tls12_populate_transform()
8874 if (ssl->f_export_keys != NULL) { in ssl_tls12_populate_transform()
8875 ssl->f_export_keys(ssl->p_export_keys, in ssl_tls12_populate_transform()
9104 int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_key_exchange_md_tls1_2() argument
9121 if ((status = psa_hash_update(&hash_operation, ssl->handshake->randbytes, in mbedtls_ssl_get_key_exchange_md_tls1_2()
9141 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_get_key_exchange_md_tls1_2()
9160 int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_key_exchange_md_tls1_2() argument
9189 if ((ret = mbedtls_md_update(&ctx, ssl->handshake->randbytes, 64)) != 0) { in mbedtls_ssl_get_key_exchange_md_tls1_2()
9206 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_get_key_exchange_md_tls1_2()
9218 mbedtls_ssl_context *ssl, in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg() argument
9222 uint16_t *received_sig_algs = ssl->handshake->received_sig_algs; in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9244 if (ssl->handshake->key_cert && ssl->handshake->key_cert->key) { in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9249 !mbedtls_pk_can_do_ext(ssl->handshake->key_cert->key, in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9256 !mbedtls_pk_can_do_ext(ssl->handshake->key_cert->key, in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9277 const mbedtls_ssl_context *ssl, in mbedtls_ssl_validate_ciphersuite() argument
9282 (void) ssl; in mbedtls_ssl_validate_ciphersuite()
9297 ssl->handshake->psa_pake_ctx_is_ok != 1) in mbedtls_ssl_validate_ciphersuite()
9300 mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) in mbedtls_ssl_validate_ciphersuite()
9310 mbedtls_ssl_conf_has_static_psk(ssl->conf) == 0) { in mbedtls_ssl_validate_ciphersuite()
9361 int mbedtls_ssl_write_sig_alg_ext(mbedtls_ssl_context *ssl, unsigned char *buf, in mbedtls_ssl_write_sig_alg_ext() argument
9384 const uint16_t *sig_alg = mbedtls_ssl_get_sig_algs(ssl); in mbedtls_ssl_write_sig_alg_ext()
9393 if (!mbedtls_ssl_sig_alg_is_supported(ssl, *sig_alg)) { in mbedtls_ssl_write_sig_alg_ext()
9418 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_SIG_ALG); in mbedtls_ssl_write_sig_alg_ext()
9447 int mbedtls_ssl_parse_server_name_ext(mbedtls_ssl_context *ssl, in mbedtls_ssl_parse_server_name_ext() argument
9476 ssl->handshake->sni_name = p + 3; in mbedtls_ssl_parse_server_name_ext()
9477 ssl->handshake->sni_name_len = hostname_len; in mbedtls_ssl_parse_server_name_ext()
9478 if (ssl->conf->f_sni == NULL) { in mbedtls_ssl_parse_server_name_ext()
9481 ret = ssl->conf->f_sni(ssl->conf->p_sni, in mbedtls_ssl_parse_server_name_ext()
9482 ssl, p + 3, hostname_len); in mbedtls_ssl_parse_server_name_ext()
9501 int mbedtls_ssl_parse_alpn_ext(mbedtls_ssl_context *ssl, in mbedtls_ssl_parse_alpn_ext() argument
9512 if (ssl->conf->alpn_list == NULL) { in mbedtls_ssl_parse_alpn_ext()
9554 for (const char **alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++) { in mbedtls_ssl_parse_alpn_ext()
9561 ssl->alpn_chosen = *alpn; in mbedtls_ssl_parse_alpn_ext()
9576 int mbedtls_ssl_write_alpn_ext(mbedtls_ssl_context *ssl, in mbedtls_ssl_write_alpn_ext() argument
9585 if (ssl->alpn_chosen == NULL) { in mbedtls_ssl_write_alpn_ext()
9589 protocol_name_len = strlen(ssl->alpn_chosen); in mbedtls_ssl_write_alpn_ext()
9611 memcpy(p + 7, ssl->alpn_chosen, protocol_name_len); in mbedtls_ssl_write_alpn_ext()
9614 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_ALPN); in mbedtls_ssl_write_alpn_ext()
9787 int mbedtls_ssl_verify_certificate(mbedtls_ssl_context *ssl, in mbedtls_ssl_verify_certificate() argument
9802 if (ssl->f_vrfy != NULL) { in mbedtls_ssl_verify_certificate()
9804 f_vrfy = ssl->f_vrfy; in mbedtls_ssl_verify_certificate()
9805 p_vrfy = ssl->p_vrfy; in mbedtls_ssl_verify_certificate()
9808 f_vrfy = ssl->conf->f_vrfy; in mbedtls_ssl_verify_certificate()
9809 p_vrfy = ssl->conf->p_vrfy; in mbedtls_ssl_verify_certificate()
9815 if (ssl->conf->f_ca_cb != NULL) { in mbedtls_ssl_verify_certificate()
9822 ssl->conf->f_ca_cb, in mbedtls_ssl_verify_certificate()
9823 ssl->conf->p_ca_cb, in mbedtls_ssl_verify_certificate()
9824 ssl->conf->cert_profile, in mbedtls_ssl_verify_certificate()
9825 ssl->hostname, in mbedtls_ssl_verify_certificate()
9826 &ssl->session_negotiate->verify_result, in mbedtls_ssl_verify_certificate()
9834 if (ssl->handshake->sni_ca_chain != NULL) { in mbedtls_ssl_verify_certificate()
9835 ca_chain = ssl->handshake->sni_ca_chain; in mbedtls_ssl_verify_certificate()
9836 ca_crl = ssl->handshake->sni_ca_crl; in mbedtls_ssl_verify_certificate()
9840 ca_chain = ssl->conf->ca_chain; in mbedtls_ssl_verify_certificate()
9841 ca_crl = ssl->conf->ca_crl; in mbedtls_ssl_verify_certificate()
9851 ssl->conf->cert_profile, in mbedtls_ssl_verify_certificate()
9852 ssl->hostname, in mbedtls_ssl_verify_certificate()
9853 &ssl->session_negotiate->verify_result, in mbedtls_ssl_verify_certificate()
9880 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2 && in mbedtls_ssl_verify_certificate()
9882 if (mbedtls_ssl_check_curve(ssl, mbedtls_pk_get_ec_group_id(&chain->pk)) != 0) { in mbedtls_ssl_verify_certificate()
9884 ssl->session_negotiate->verify_result |= MBEDTLS_X509_BADCERT_BAD_KEY; in mbedtls_ssl_verify_certificate()
9895 ssl->conf->endpoint, in mbedtls_ssl_verify_certificate()
9896 ssl->tls_version, in mbedtls_ssl_verify_certificate()
9897 &ssl->session_negotiate->verify_result) != 0) { in mbedtls_ssl_verify_certificate()
9931 if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER) { in mbedtls_ssl_verify_certificate()
9933 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH) { in mbedtls_ssl_verify_certificate()
9935 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE) { in mbedtls_ssl_verify_certificate()
9937 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE) { in mbedtls_ssl_verify_certificate()
9939 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK) { in mbedtls_ssl_verify_certificate()
9941 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY) { in mbedtls_ssl_verify_certificate()
9943 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED) { in mbedtls_ssl_verify_certificate()
9945 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED) { in mbedtls_ssl_verify_certificate()
9947 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED) { in mbedtls_ssl_verify_certificate()
9952 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_verify_certificate()
9957 if (ssl->session_negotiate->verify_result != 0) { in mbedtls_ssl_verify_certificate()
9959 (unsigned int) ssl->session_negotiate->verify_result)); in mbedtls_ssl_verify_certificate()