Lines Matching refs:transform
416 static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform,
1020 void mbedtls_ssl_transform_init(mbedtls_ssl_transform *transform) in mbedtls_ssl_transform_init() argument
1022 memset(transform, 0, sizeof(mbedtls_ssl_transform)); in mbedtls_ssl_transform_init()
1025 transform->psa_key_enc = MBEDTLS_SVC_KEY_ID_INIT; in mbedtls_ssl_transform_init()
1026 transform->psa_key_dec = MBEDTLS_SVC_KEY_ID_INIT; in mbedtls_ssl_transform_init()
1028 mbedtls_cipher_init(&transform->cipher_ctx_enc); in mbedtls_ssl_transform_init()
1029 mbedtls_cipher_init(&transform->cipher_ctx_dec); in mbedtls_ssl_transform_init()
1034 transform->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; in mbedtls_ssl_transform_init()
1035 transform->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; in mbedtls_ssl_transform_init()
1037 mbedtls_md_init(&transform->md_ctx_enc); in mbedtls_ssl_transform_init()
1038 mbedtls_md_init(&transform->md_ctx_dec); in mbedtls_ssl_transform_init()
1514 if (ssl->transform) { in mbedtls_ssl_session_reset_msg_layer()
1515 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_session_reset_msg_layer()
1516 mbedtls_free(ssl->transform); in mbedtls_ssl_session_reset_msg_layer()
1517 ssl->transform = NULL; in mbedtls_ssl_session_reset_msg_layer()
2403 const mbedtls_ssl_transform *transform) in mbedtls_ssl_get_mode_from_transform() argument
2407 transform->psa_alg in mbedtls_ssl_get_mode_from_transform()
2409 mbedtls_cipher_get_cipher_mode(&transform->cipher_ctx_enc) in mbedtls_ssl_get_mode_from_transform()
2415 encrypt_then_mac = transform->encrypt_then_mac; in mbedtls_ssl_get_mode_from_transform()
5062 if (ssl->transform == NULL || ssl->session == NULL) { in mbedtls_ssl_context_save()
5086 if (mbedtls_ssl_transform_uses_aead(ssl->transform) != 1) { in mbedtls_ssl_context_save()
5134 used += sizeof(ssl->transform->randbytes); in mbedtls_ssl_context_save()
5136 memcpy(p, ssl->transform->randbytes, in mbedtls_ssl_context_save()
5137 sizeof(ssl->transform->randbytes)); in mbedtls_ssl_context_save()
5138 p += sizeof(ssl->transform->randbytes); in mbedtls_ssl_context_save()
5142 used += 2U + ssl->transform->in_cid_len + ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5144 *p++ = ssl->transform->in_cid_len; in mbedtls_ssl_context_save()
5145 memcpy(p, ssl->transform->in_cid, ssl->transform->in_cid_len); in mbedtls_ssl_context_save()
5146 p += ssl->transform->in_cid_len; in mbedtls_ssl_context_save()
5148 *p++ = ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5149 memcpy(p, ssl->transform->out_cid, ssl->transform->out_cid_len); in mbedtls_ssl_context_save()
5150 p += ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5323 ssl->transform = ssl->transform_negotiate; in ssl_context_load()
5324 ssl->transform_in = ssl->transform; in ssl_context_load()
5325 ssl->transform_out = ssl->transform; in ssl_context_load()
5336 if ((size_t) (end - p) < sizeof(ssl->transform->randbytes)) { in ssl_context_load()
5340 ret = ssl_tls12_populate_transform(ssl->transform, in ssl_context_load()
5355 p += sizeof(ssl->transform->randbytes); in ssl_context_load()
5363 ssl->transform->in_cid_len = *p++; in ssl_context_load()
5365 if ((size_t) (end - p) < ssl->transform->in_cid_len + 1u) { in ssl_context_load()
5369 memcpy(ssl->transform->in_cid, p, ssl->transform->in_cid_len); in ssl_context_load()
5370 p += ssl->transform->in_cid_len; in ssl_context_load()
5372 ssl->transform->out_cid_len = *p++; in ssl_context_load()
5374 if ((size_t) (end - p) < ssl->transform->out_cid_len) { in ssl_context_load()
5378 memcpy(ssl->transform->out_cid, p, ssl->transform->out_cid_len); in ssl_context_load()
5379 p += ssl->transform->out_cid_len; in ssl_context_load()
5469 mbedtls_ssl_update_out_pointers(ssl, ssl->transform); in ssl_context_load()
5545 if (ssl->transform) { in mbedtls_ssl_free()
5546 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_free()
5547 mbedtls_free(ssl->transform); in mbedtls_ssl_free()
8231 if (ssl->transform) { in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8232 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8233 mbedtls_free(ssl->transform); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8235 ssl->transform = ssl->transform_negotiate; in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8566 static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, in ssl_tls12_populate_transform() argument
8607 transform->encrypt_then_mac = encrypt_then_mac; in ssl_tls12_populate_transform()
8609 transform->tls_version = tls_version; in ssl_tls12_populate_transform()
8612 memcpy(transform->randbytes, randbytes, sizeof(transform->randbytes)); in ssl_tls12_populate_transform()
8640 transform->taglen = in ssl_tls12_populate_transform()
8646 transform->taglen, in ssl_tls12_populate_transform()
8685 transform->in_cid_len = ssl->own_cid_len; in ssl_tls12_populate_transform()
8686 memcpy(transform->in_cid, ssl->own_cid, ssl->own_cid_len); in ssl_tls12_populate_transform()
8687 MBEDTLS_SSL_DEBUG_BUF(3, "Incoming CID", transform->in_cid, in ssl_tls12_populate_transform()
8688 transform->in_cid_len); in ssl_tls12_populate_transform()
8690 transform->out_cid_len = ssl->handshake->peer_cid_len; in ssl_tls12_populate_transform()
8691 memcpy(transform->out_cid, ssl->handshake->peer_cid, in ssl_tls12_populate_transform()
8693 MBEDTLS_SSL_DEBUG_BUF(3, "Outgoing CID", transform->out_cid, in ssl_tls12_populate_transform()
8694 transform->out_cid_len); in ssl_tls12_populate_transform()
8727 transform->maclen = 0; in ssl_tls12_populate_transform()
8738 transform->ivlen = 12; in ssl_tls12_populate_transform()
8749 transform->fixed_ivlen = 12; in ssl_tls12_populate_transform()
8751 transform->fixed_ivlen = 4; in ssl_tls12_populate_transform()
8755 explicit_ivlen = transform->ivlen - transform->fixed_ivlen; in ssl_tls12_populate_transform()
8756 transform->minlen = explicit_ivlen + transform->taglen; in ssl_tls12_populate_transform()
8774 if ((ret = mbedtls_md_setup(&transform->md_ctx_enc, md_info, 1)) != 0 || in ssl_tls12_populate_transform()
8775 (ret = mbedtls_md_setup(&transform->md_ctx_dec, md_info, 1)) != 0) { in ssl_tls12_populate_transform()
8783 transform->maclen = mac_key_len; in ssl_tls12_populate_transform()
8787 transform->ivlen = PSA_CIPHER_IV_LENGTH(key_type, alg); in ssl_tls12_populate_transform()
8789 transform->ivlen = mbedtls_cipher_info_get_iv_size(cipher_info); in ssl_tls12_populate_transform()
8794 transform->minlen = transform->maclen; in ssl_tls12_populate_transform()
8804 transform->minlen = transform->maclen in ssl_tls12_populate_transform()
8809 transform->minlen = transform->maclen in ssl_tls12_populate_transform()
8811 - transform->maclen % block_size; in ssl_tls12_populate_transform()
8815 transform->minlen += transform->ivlen; in ssl_tls12_populate_transform()
8831 (unsigned) transform->minlen, in ssl_tls12_populate_transform()
8832 (unsigned) transform->ivlen, in ssl_tls12_populate_transform()
8833 (unsigned) transform->maclen)); in ssl_tls12_populate_transform()
8846 iv_copy_len = (transform->fixed_ivlen) ? in ssl_tls12_populate_transform()
8847 transform->fixed_ivlen : transform->ivlen; in ssl_tls12_populate_transform()
8848 memcpy(transform->iv_enc, key2 + keylen, iv_copy_len); in ssl_tls12_populate_transform()
8849 memcpy(transform->iv_dec, key2 + keylen + iv_copy_len, in ssl_tls12_populate_transform()
8861 iv_copy_len = (transform->fixed_ivlen) ? in ssl_tls12_populate_transform()
8862 transform->fixed_ivlen : transform->ivlen; in ssl_tls12_populate_transform()
8863 memcpy(transform->iv_dec, key1 + keylen, iv_copy_len); in ssl_tls12_populate_transform()
8864 memcpy(transform->iv_enc, key1 + keylen + iv_copy_len, in ssl_tls12_populate_transform()
8884 transform->psa_alg = alg; in ssl_tls12_populate_transform()
8894 &transform->psa_key_enc)) != PSA_SUCCESS) { in ssl_tls12_populate_transform()
8906 &transform->psa_key_dec)) != PSA_SUCCESS) { in ssl_tls12_populate_transform()
8913 if ((ret = mbedtls_cipher_setup(&transform->cipher_ctx_enc, in ssl_tls12_populate_transform()
8919 if ((ret = mbedtls_cipher_setup(&transform->cipher_ctx_dec, in ssl_tls12_populate_transform()
8925 if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc, key1, in ssl_tls12_populate_transform()
8932 if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec, key2, in ssl_tls12_populate_transform()
8941 if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_enc, in ssl_tls12_populate_transform()
8947 if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_dec, in ssl_tls12_populate_transform()
8961 transform->psa_mac_alg = PSA_ALG_HMAC(mac_alg); in ssl_tls12_populate_transform()
8969 &transform->psa_mac_enc)) != PSA_SUCCESS) { in ssl_tls12_populate_transform()
8975 if ((transform->psa_alg == MBEDTLS_SSL_NULL_CIPHER) || in ssl_tls12_populate_transform()
8976 ((transform->psa_alg == PSA_ALG_CBC_NO_PADDING) in ssl_tls12_populate_transform()
8978 && (transform->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED) in ssl_tls12_populate_transform()
8990 &transform->psa_mac_dec)) != PSA_SUCCESS) { in ssl_tls12_populate_transform()
8996 ret = mbedtls_md_hmac_starts(&transform->md_ctx_enc, mac_enc, mac_key_len); in ssl_tls12_populate_transform()
9000 ret = mbedtls_md_hmac_starts(&transform->md_ctx_dec, mac_dec, mac_key_len); in ssl_tls12_populate_transform()