Lines Matching refs:ssl
46 static int ssl_tls13_write_supported_versions_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_supported_versions_ext() argument
52 unsigned char versions_len = (ssl->handshake->min_tls_version <= in ssl_tls13_write_supported_versions_ext()
83 if (ssl->handshake->min_tls_version <= MBEDTLS_SSL_VERSION_TLS1_2) { in ssl_tls13_write_supported_versions_ext()
92 ssl, MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS); in ssl_tls13_write_supported_versions_ext()
98 static int ssl_tls13_parse_supported_versions_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_supported_versions_ext() argument
102 ((void) ssl); in ssl_tls13_parse_supported_versions_ext()
105 if (mbedtls_ssl_read_version(buf, ssl->conf->transport) != in ssl_tls13_parse_supported_versions_ext()
127 static int ssl_tls13_parse_alpn_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_alpn_ext() argument
136 if (ssl->conf->alpn_list == NULL) { in ssl_tls13_parse_alpn_ext()
162 for (const char **alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++) { in ssl_tls13_parse_alpn_ext()
165 ssl->alpn_chosen = *alpn; in ssl_tls13_parse_alpn_ext()
175 static int ssl_tls13_reset_key_share(mbedtls_ssl_context *ssl) in ssl_tls13_reset_key_share() argument
177 uint16_t group_id = ssl->handshake->offered_group_id; in ssl_tls13_reset_key_share()
190 status = psa_destroy_key(ssl->handshake->xxdh_psa_privkey); in ssl_tls13_reset_key_share()
197 ssl->handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_tls13_reset_key_share()
213 static int ssl_tls13_get_default_group_id(mbedtls_ssl_context *ssl, in ssl_tls13_get_default_group_id() argument
220 const uint16_t *group_list = mbedtls_ssl_get_groups(ssl); in ssl_tls13_get_default_group_id()
243 ((void) ssl); in ssl_tls13_get_default_group_id()
264 static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_key_share_ext() argument
288 group_id = ssl->handshake->offered_group_id; in ssl_tls13_write_key_share_ext()
291 MBEDTLS_SSL_PROC_CHK(ssl_tls13_get_default_group_id(ssl, in ssl_tls13_write_key_share_ext()
319 ssl, group_id, p, end, &key_exchange_len); in ssl_tls13_write_key_share_ext()
351 ssl->handshake->offered_group_id = group_id; in ssl_tls13_write_key_share_ext()
359 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_KEY_SHARE); in ssl_tls13_write_key_share_ext()
376 static int ssl_tls13_parse_hrr_key_share_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_hrr_key_share_ext() argument
385 const uint16_t *group_list = mbedtls_ssl_get_groups(ssl); in ssl_tls13_parse_hrr_key_share_ext()
432 if (found == 0 || selected_group == ssl->handshake->offered_group_id) { in ssl_tls13_parse_hrr_key_share_ext()
441 ssl->handshake->offered_group_id = selected_group; in ssl_tls13_parse_hrr_key_share_ext()
445 (void) ssl; in ssl_tls13_parse_hrr_key_share_ext()
465 static int ssl_tls13_parse_key_share_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_key_share_ext() argument
482 offered_group = ssl->handshake->offered_group_id; in ssl_tls13_parse_key_share_ext()
497 ret = mbedtls_ssl_tls13_read_public_xxdhe_share(ssl, p, end - p); in ssl_tls13_parse_key_share_ext()
529 static int ssl_tls13_parse_cookie_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_cookie_ext() argument
535 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_cookie_ext()
562 static int ssl_tls13_write_cookie_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_cookie_ext() argument
569 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_write_cookie_ext()
594 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_COOKIE); in ssl_tls13_write_cookie_ext()
610 static int ssl_tls13_write_psk_key_exchange_modes_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_psk_key_exchange_modes_ext() argument
624 if (!mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl)) { in ssl_tls13_write_psk_key_exchange_modes_ext()
643 if (mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl)) { in ssl_tls13_write_psk_key_exchange_modes_ext()
650 if (mbedtls_ssl_conf_tls13_is_psk_enabled(ssl)) { in ssl_tls13_write_psk_key_exchange_modes_ext()
664 ssl, MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES); in ssl_tls13_write_psk_key_exchange_modes_ext()
682 static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl) in ssl_tls13_has_configured_ticket() argument
684 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_has_configured_ticket()
685 return ssl->handshake->resume && in ssl_tls13_has_configured_ticket()
688 ssl, mbedtls_ssl_tls13_session_get_ticket_flags( in ssl_tls13_has_configured_ticket()
693 static int ssl_tls13_early_data_has_valid_ticket(mbedtls_ssl_context *ssl) in ssl_tls13_early_data_has_valid_ticket() argument
695 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_early_data_has_valid_ticket()
696 return ssl->handshake->resume && in ssl_tls13_early_data_has_valid_ticket()
699 mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, session->ciphersuite); in ssl_tls13_early_data_has_valid_ticket()
704 static int ssl_tls13_ticket_get_identity(mbedtls_ssl_context *ssl, in ssl_tls13_ticket_get_identity() argument
709 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_ticket_get_identity()
711 if (!ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_ticket_get_identity()
722 static int ssl_tls13_ticket_get_psk(mbedtls_ssl_context *ssl, in ssl_tls13_ticket_get_psk() argument
728 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_ticket_get_psk()
730 if (!ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_ticket_get_psk()
743 static int ssl_tls13_psk_get_identity(mbedtls_ssl_context *ssl, in ssl_tls13_psk_get_identity() argument
749 if (!mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_psk_get_identity()
754 *identity = ssl->conf->psk_identity; in ssl_tls13_psk_get_identity()
755 *identity_len = ssl->conf->psk_identity_len; in ssl_tls13_psk_get_identity()
760 static int ssl_tls13_psk_get_psk(mbedtls_ssl_context *ssl, in ssl_tls13_psk_get_psk() argument
766 if (!mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_psk_get_psk()
771 *psk = ssl->conf->psk; in ssl_tls13_psk_get_psk()
772 *psk_len = ssl->conf->psk_len; in ssl_tls13_psk_get_psk()
776 static int ssl_tls13_get_configured_psk_count(mbedtls_ssl_context *ssl) in ssl_tls13_get_configured_psk_count() argument
780 if (ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_get_configured_psk_count()
785 if (mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_get_configured_psk_count()
793 static int ssl_tls13_write_identity(mbedtls_ssl_context *ssl, in ssl_tls13_write_identity() argument
801 ((void) ssl); in ssl_tls13_write_identity()
823 static int ssl_tls13_write_binder(mbedtls_ssl_context *ssl, in ssl_tls13_write_binder() argument
851 ssl, mbedtls_md_type_from_psa_alg(hash_alg), in ssl_tls13_write_binder()
857 ret = mbedtls_ssl_tls13_create_psk_binder(ssl, hash_alg, in ssl_tls13_write_binder()
895 mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext() argument
911 configured_psk_count = ssl_tls13_get_configured_psk_count(ssl); in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
930 ssl, &hash_alg, &identity, &identity_len) == 0) { in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
933 mbedtls_ssl_session *session = ssl->session_negotiate; in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
942 ret = ssl_tls13_write_identity(ssl, p, end, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
947 ret = ssl_tls13_write_identity(ssl, p, end, identity, identity_len, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
960 ssl, &hash_alg, &identity, &identity_len) == 0) { in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
962 ret = ssl_tls13_write_identity(ssl, p, end, identity, identity_len, 0, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
999 mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end) in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext() argument
1015 if (ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len) == 0) { in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1017 ret = ssl_tls13_write_binder(ssl, p, end, in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1028 if (ssl_tls13_psk_get_psk(ssl, &hash_alg, &psk, &psk_len) == 0) { in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1030 ret = ssl_tls13_write_binder(ssl, p, end, in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1050 ssl, MBEDTLS_TLS_EXT_PRE_SHARED_KEY); in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1074 static int ssl_tls13_parse_server_pre_shared_key_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_server_pre_shared_key_ext() argument
1086 ssl->handshake->selected_identity = (uint16_t) selected_identity; in ssl_tls13_parse_server_pre_shared_key_ext()
1090 if (selected_identity >= ssl_tls13_get_configured_psk_count(ssl)) { in ssl_tls13_parse_server_pre_shared_key_ext()
1099 if (selected_identity == 0 && ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_parse_server_pre_shared_key_ext()
1100 ret = ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len); in ssl_tls13_parse_server_pre_shared_key_ext()
1103 if (mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_parse_server_pre_shared_key_ext()
1104 ret = ssl_tls13_psk_get_psk(ssl, &hash_alg, &psk, &psk_len); in ssl_tls13_parse_server_pre_shared_key_ext()
1113 if (mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac) in ssl_tls13_parse_server_pre_shared_key_ext()
1123 ret = mbedtls_ssl_set_hs_psk(ssl, psk, psk_len); in ssl_tls13_parse_server_pre_shared_key_ext()
1133 int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, in mbedtls_ssl_tls13_write_client_hello_exts() argument
1144 ret = mbedtls_ssl_tls13_crypto_init(ssl); in mbedtls_ssl_tls13_write_client_hello_exts()
1153 ret = ssl_tls13_write_supported_versions_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1162 ret = ssl_tls13_write_cookie_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1170 ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1178 if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in mbedtls_ssl_tls13_write_client_hello_exts()
1179 ret = ssl_tls13_write_key_share_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1196 if (!ssl->handshake->hello_retry_request_flag) { in mbedtls_ssl_tls13_write_client_hello_exts()
1197 if (mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl) && in mbedtls_ssl_tls13_write_client_hello_exts()
1198 ssl_tls13_early_data_has_valid_ticket(ssl) && in mbedtls_ssl_tls13_write_client_hello_exts()
1199 ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { in mbedtls_ssl_tls13_write_client_hello_exts()
1201 ssl, 0, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1207 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_IND_SENT; in mbedtls_ssl_tls13_write_client_hello_exts()
1209 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT; in mbedtls_ssl_tls13_write_client_hello_exts()
1224 ret = ssl_tls13_write_psk_key_exchange_modes_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1236 int mbedtls_ssl_tls13_finalize_client_hello(mbedtls_ssl_context *ssl) in mbedtls_ssl_tls13_finalize_client_hello() argument
1238 ((void) ssl); in mbedtls_ssl_tls13_finalize_client_hello()
1247 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_IND_SENT) { in mbedtls_ssl_tls13_finalize_client_hello()
1251 ret = ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len); in mbedtls_ssl_tls13_finalize_client_hello()
1258 ret = mbedtls_ssl_set_hs_psk(ssl, psk, psk_len); in mbedtls_ssl_tls13_finalize_client_hello()
1277 ssl->session_negotiate->ciphersuite); in mbedtls_ssl_tls13_finalize_client_hello()
1278 ssl->handshake->ciphersuite_info = ciphersuite_info; in mbedtls_ssl_tls13_finalize_client_hello()
1281 ssl->handshake->key_exchange_mode = in mbedtls_ssl_tls13_finalize_client_hello()
1287 ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl); in mbedtls_ssl_tls13_finalize_client_hello()
1295 ret = mbedtls_ssl_tls13_compute_early_transform(ssl); in mbedtls_ssl_tls13_finalize_client_hello()
1304 ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO); in mbedtls_ssl_tls13_finalize_client_hello()
1309 ssl, ssl->handshake->transform_earlydata); in mbedtls_ssl_tls13_finalize_client_hello()
1310 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_CAN_WRITE; in mbedtls_ssl_tls13_finalize_client_hello()
1334 mbedtls_ssl_context *ssl, in ssl_tls13_is_supported_versions_ext_present() argument
1364 ssl, p, end, in ssl_tls13_is_supported_versions_ext_present()
1374 static int ssl_tls13_is_downgrade_negotiation(mbedtls_ssl_context *ssl, in ssl_tls13_is_downgrade_negotiation() argument
1406 static int ssl_server_hello_is_hrr(mbedtls_ssl_context *ssl, in ssl_server_hello_is_hrr() argument
1445 static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl, in ssl_tls13_preprocess_server_hello() argument
1450 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_preprocess_server_hello()
1453 ssl, buf, end)); in ssl_tls13_preprocess_server_hello()
1457 ssl_tls13_is_downgrade_negotiation(ssl, buf, end)); in ssl_tls13_preprocess_server_hello()
1478 ssl->keep_current_message = 1; in ssl_tls13_preprocess_server_hello()
1479 ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; in ssl_tls13_preprocess_server_hello()
1481 ssl, MBEDTLS_SSL_HS_SERVER_HELLO, in ssl_tls13_preprocess_server_hello()
1484 if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in ssl_tls13_preprocess_server_hello()
1485 ret = ssl_tls13_reset_key_share(ssl); in ssl_tls13_preprocess_server_hello()
1494 ssl->session_negotiate->tls_version = ssl->tls_version; in ssl_tls13_preprocess_server_hello()
1495 ssl->session_negotiate->endpoint = ssl->conf->endpoint; in ssl_tls13_preprocess_server_hello()
1499 ret = ssl_server_hello_is_hrr(ssl, buf, end); in ssl_tls13_preprocess_server_hello()
1524 if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in ssl_tls13_preprocess_server_hello()
1544 static int ssl_tls13_check_server_hello_session_id_echo(mbedtls_ssl_context *ssl, in ssl_tls13_check_server_hello_session_id_echo() argument
1557 if (ssl->session_negotiate->id_len != legacy_session_id_echo_len || in ssl_tls13_check_server_hello_session_id_echo()
1558 memcmp(ssl->session_negotiate->id, p, legacy_session_id_echo_len) != 0) { in ssl_tls13_check_server_hello_session_id_echo()
1560 ssl->session_negotiate->id, in ssl_tls13_check_server_hello_session_id_echo()
1561 ssl->session_negotiate->id_len); in ssl_tls13_check_server_hello_session_id_echo()
1574 MBEDTLS_SSL_DEBUG_BUF(3, "Session ID", ssl->session_negotiate->id, in ssl_tls13_check_server_hello_session_id_echo()
1575 ssl->session_negotiate->id_len); in ssl_tls13_check_server_hello_session_id_echo()
1591 static int ssl_tls13_parse_server_hello(mbedtls_ssl_context *ssl, in ssl_tls13_parse_server_hello() argument
1598 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_server_hello()
1628 if (mbedtls_ssl_read_version(p, ssl->conf->transport) != in ssl_tls13_parse_server_hello()
1656 if (ssl_tls13_check_server_hello_session_id_echo(ssl, &p, end) != 0) { in ssl_tls13_parse_server_hello()
1676 if ((mbedtls_ssl_validate_ciphersuite(ssl, ciphersuite_info, in ssl_tls13_parse_server_hello()
1677 ssl->tls_version, in ssl_tls13_parse_server_hello()
1678 ssl->tls_version) != 0) || in ssl_tls13_parse_server_hello()
1679 !mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, cipher_suite)) { in ssl_tls13_parse_server_hello()
1689 (cipher_suite != ssl->session_negotiate->ciphersuite)) { in ssl_tls13_parse_server_hello()
1700 mbedtls_ssl_optimize_checksum(ssl, ciphersuite_info); in ssl_tls13_parse_server_hello()
1707 ssl->session_negotiate->start = mbedtls_time(NULL); in ssl_tls13_parse_server_hello()
1759 ssl, hs_msg_type, extension_type, allowed_extensions_mask); in ssl_tls13_parse_server_hello()
1767 ret = ssl_tls13_parse_cookie_ext(ssl, in ssl_tls13_parse_server_hello()
1778 ret = ssl_tls13_parse_supported_versions_ext(ssl, in ssl_tls13_parse_server_hello()
1791 ssl, p, extension_data_end)) != 0) { in ssl_tls13_parse_server_hello()
1801 if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in ssl_tls13_parse_server_hello()
1807 ret = ssl_tls13_parse_hrr_key_share_ext(ssl, in ssl_tls13_parse_server_hello()
1810 ret = ssl_tls13_parse_key_share_ext(ssl, in ssl_tls13_parse_server_hello()
1862 static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) in ssl_tls13_postprocess_server_hello() argument
1865 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_postprocess_server_hello()
1905 ssl, handshake->key_exchange_mode)) { in ssl_tls13_postprocess_server_hello()
1927 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT || in ssl_tls13_postprocess_server_hello()
1932 ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl); in ssl_tls13_postprocess_server_hello()
1940 ret = mbedtls_ssl_tls13_compute_handshake_transform(ssl); in ssl_tls13_postprocess_server_hello()
1948 mbedtls_ssl_set_inbound_transform(ssl, handshake->transform_handshake); in ssl_tls13_postprocess_server_hello()
1950 ssl->session_in = ssl->session_negotiate; in ssl_tls13_postprocess_server_hello()
1963 static int ssl_tls13_postprocess_hrr(mbedtls_ssl_context *ssl) in ssl_tls13_postprocess_hrr() argument
1967 mbedtls_ssl_session_reset_msg_layer(ssl, 0); in ssl_tls13_postprocess_hrr()
1975 ret = ssl_tls13_reset_key_share(ssl); in ssl_tls13_postprocess_hrr()
1980 ssl->session_negotiate->ciphersuite = ssl->handshake->ciphersuite_info->id; in ssl_tls13_postprocess_hrr()
1983 if (ssl->early_data_state != MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT) { in ssl_tls13_postprocess_hrr()
1984 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_REJECTED; in ssl_tls13_postprocess_hrr()
1996 static int ssl_tls13_process_server_hello(mbedtls_ssl_context *ssl) in ssl_tls13_process_server_hello() argument
2006 ssl, MBEDTLS_SSL_HS_SERVER_HELLO, &buf, &buf_len)); in ssl_tls13_process_server_hello()
2008 ret = ssl_tls13_preprocess_server_hello(ssl, buf, buf + buf_len); in ssl_tls13_process_server_hello()
2020 MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_server_hello(ssl, buf, in ssl_tls13_process_server_hello()
2024 MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_reset_transcript_for_hrr(ssl)); in ssl_tls13_process_server_hello()
2028 ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, buf_len)); in ssl_tls13_process_server_hello()
2031 MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_hrr(ssl)); in ssl_tls13_process_server_hello()
2038 ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO); in ssl_tls13_process_server_hello()
2040 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in ssl_tls13_process_server_hello()
2043 MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_server_hello(ssl)); in ssl_tls13_process_server_hello()
2044 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS); in ssl_tls13_process_server_hello()
2068 static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl, in ssl_tls13_parse_encrypted_extensions() argument
2076 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_encrypted_extensions()
2107 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, extension_type, in ssl_tls13_parse_encrypted_extensions()
2119 ssl, p, (size_t) extension_data_len)) != 0) { in ssl_tls13_parse_encrypted_extensions()
2144 ssl, p, p + extension_data_len); in ssl_tls13_parse_encrypted_extensions()
2189 static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) in ssl_tls13_process_encrypted_extensions() argument
2194 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_process_encrypted_extensions()
2199 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, in ssl_tls13_process_encrypted_extensions()
2204 ssl_tls13_parse_encrypted_extensions(ssl, buf, buf + buf_len)); in ssl_tls13_process_encrypted_extensions()
2235 if ((!mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) || in ssl_tls13_process_encrypted_extensions()
2238 ssl->session_negotiate->ciphersuite) { in ssl_tls13_process_encrypted_extensions()
2246 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_ACCEPTED; in ssl_tls13_process_encrypted_extensions()
2247 } else if (ssl->early_data_state != in ssl_tls13_process_encrypted_extensions()
2249 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_REJECTED; in ssl_tls13_process_encrypted_extensions()
2263 ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id; in ssl_tls13_process_encrypted_extensions()
2266 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, in ssl_tls13_process_encrypted_extensions()
2270 if (mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) { in ssl_tls13_process_encrypted_extensions()
2271 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED); in ssl_tls13_process_encrypted_extensions()
2273 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST); in ssl_tls13_process_encrypted_extensions()
2276 ((void) ssl); in ssl_tls13_process_encrypted_extensions()
2277 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED); in ssl_tls13_process_encrypted_extensions()
2301 static int ssl_tls13_write_end_of_early_data(mbedtls_ssl_context *ssl) in ssl_tls13_write_end_of_early_data() argument
2309 ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, in ssl_tls13_write_end_of_early_data()
2313 ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, 0)); in ssl_tls13_write_end_of_early_data()
2316 mbedtls_ssl_finish_handshake_msg(ssl, buf_len, 0)); in ssl_tls13_write_end_of_early_data()
2318 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); in ssl_tls13_write_end_of_early_data()
2326 int mbedtls_ssl_get_early_data_status(mbedtls_ssl_context *ssl) in mbedtls_ssl_get_early_data_status() argument
2328 if ((ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) || in mbedtls_ssl_get_early_data_status()
2329 (!mbedtls_ssl_is_handshake_over(ssl))) { in mbedtls_ssl_get_early_data_status()
2333 switch (ssl->early_data_state) { in mbedtls_ssl_get_early_data_status()
2367 static int ssl_tls13_certificate_request_coordinate(mbedtls_ssl_context *ssl) in ssl_tls13_certificate_request_coordinate() argument
2371 if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) { in ssl_tls13_certificate_request_coordinate()
2375 ssl->keep_current_message = 1; in ssl_tls13_certificate_request_coordinate()
2377 if ((ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) && in ssl_tls13_certificate_request_coordinate()
2378 (ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST)) { in ssl_tls13_certificate_request_coordinate()
2397 static int ssl_tls13_parse_certificate_request(mbedtls_ssl_context *ssl, in ssl_tls13_parse_certificate_request() argument
2406 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_certificate_request()
2457 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, extension_type, in ssl_tls13_parse_certificate_request()
2467 ret = mbedtls_ssl_parse_sig_alg_ext(ssl, p, in ssl_tls13_parse_certificate_request()
2505 ssl->handshake->client_auth = 1; in ssl_tls13_parse_certificate_request()
2518 static int ssl_tls13_process_certificate_request(mbedtls_ssl_context *ssl) in ssl_tls13_process_certificate_request() argument
2524 MBEDTLS_SSL_PROC_CHK_NEG(ssl_tls13_certificate_request_coordinate(ssl)); in ssl_tls13_process_certificate_request()
2531 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, in ssl_tls13_process_certificate_request()
2535 ssl, buf, buf + buf_len)); in ssl_tls13_process_certificate_request()
2538 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, in ssl_tls13_process_certificate_request()
2548 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_CERTIFICATE); in ssl_tls13_process_certificate_request()
2560 static int ssl_tls13_process_server_certificate(mbedtls_ssl_context *ssl) in ssl_tls13_process_server_certificate() argument
2564 ret = mbedtls_ssl_tls13_process_certificate(ssl); in ssl_tls13_process_server_certificate()
2569 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CERTIFICATE_VERIFY); in ssl_tls13_process_server_certificate()
2577 static int ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl) in ssl_tls13_process_certificate_verify() argument
2581 ret = mbedtls_ssl_tls13_process_certificate_verify(ssl); in ssl_tls13_process_certificate_verify()
2586 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED); in ssl_tls13_process_certificate_verify()
2595 static int ssl_tls13_process_server_finished(mbedtls_ssl_context *ssl) in ssl_tls13_process_server_finished() argument
2599 ret = mbedtls_ssl_tls13_process_finished_message(ssl); in ssl_tls13_process_server_finished()
2604 ret = mbedtls_ssl_tls13_compute_application_transform(ssl); in ssl_tls13_process_server_finished()
2613 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_ACCEPTED) { in ssl_tls13_process_server_finished()
2614 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_SERVER_FINISHED_RECEIVED; in ssl_tls13_process_server_finished()
2615 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_END_OF_EARLY_DATA); in ssl_tls13_process_server_finished()
2621 ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED); in ssl_tls13_process_server_finished()
2623 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); in ssl_tls13_process_server_finished()
2634 static int ssl_tls13_write_client_certificate(mbedtls_ssl_context *ssl) in ssl_tls13_write_client_certificate() argument
2640 mbedtls_ssl_set_outbound_transform(ssl, ssl->handshake->transform_handshake); in ssl_tls13_write_client_certificate()
2643 if (ssl->handshake->client_auth) { in ssl_tls13_write_client_certificate()
2644 int ret = mbedtls_ssl_tls13_write_certificate(ssl); in ssl_tls13_write_client_certificate()
2649 if (mbedtls_ssl_own_cert(ssl) != NULL) { in ssl_tls13_write_client_certificate()
2658 mbedtls_ssl_handshake_set_state(ssl, in ssl_tls13_write_client_certificate()
2662 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); in ssl_tls13_write_client_certificate()
2673 static int ssl_tls13_write_client_certificate_verify(mbedtls_ssl_context *ssl) in ssl_tls13_write_client_certificate_verify() argument
2675 int ret = mbedtls_ssl_tls13_write_certificate_verify(ssl); in ssl_tls13_write_client_certificate_verify()
2678 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); in ssl_tls13_write_client_certificate_verify()
2689 static int ssl_tls13_write_client_finished(mbedtls_ssl_context *ssl) in ssl_tls13_write_client_finished() argument
2693 ret = mbedtls_ssl_tls13_write_finished_message(ssl); in ssl_tls13_write_client_finished()
2698 ret = mbedtls_ssl_tls13_compute_resumption_master_secret(ssl); in ssl_tls13_write_client_finished()
2705 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_FLUSH_BUFFERS); in ssl_tls13_write_client_finished()
2713 static int ssl_tls13_flush_buffers(mbedtls_ssl_context *ssl) in ssl_tls13_flush_buffers() argument
2716 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP); in ssl_tls13_flush_buffers()
2724 static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) in ssl_tls13_handshake_wrapup() argument
2727 mbedtls_ssl_tls13_handshake_wrapup(ssl); in ssl_tls13_handshake_wrapup()
2729 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER); in ssl_tls13_handshake_wrapup()
2747 mbedtls_ssl_context *ssl, in ssl_tls13_parse_new_session_ticket_early_data_ext() argument
2751 mbedtls_ssl_session *session = ssl->session; in ssl_tls13_parse_new_session_ticket_early_data_ext()
2767 static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, in ssl_tls13_parse_new_session_ticket_exts() argument
2771 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_new_session_ticket_exts()
2790 ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, extension_type, in ssl_tls13_parse_new_session_ticket_exts()
2800 ssl, p, p + extension_data_len); in ssl_tls13_parse_new_session_ticket_exts()
2838 static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl, in ssl_tls13_parse_new_session_ticket() argument
2846 mbedtls_ssl_session *session = ssl->session; in ssl_tls13_parse_new_session_ticket()
2917 ret = ssl_tls13_parse_new_session_ticket_exts(ssl, p, p + extensions_len); in ssl_tls13_parse_new_session_ticket()
2937 static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl, in ssl_tls13_postprocess_new_session_ticket() argument
2942 mbedtls_ssl_session *session = ssl->session; in ssl_tls13_postprocess_new_session_ticket()
3004 session, ssl->conf->tls13_kex_modes); in ssl_tls13_postprocess_new_session_ticket()
3014 static int ssl_tls13_process_new_session_ticket(mbedtls_ssl_context *ssl) in ssl_tls13_process_new_session_ticket() argument
3025 ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, in ssl_tls13_process_new_session_ticket()
3032 ssl->session->exported = 1; in ssl_tls13_process_new_session_ticket()
3035 ssl, buf, buf + buf_len, in ssl_tls13_process_new_session_ticket()
3039 ssl, ticket_nonce, ticket_nonce_len)); in ssl_tls13_process_new_session_ticket()
3047 ssl->session->exported = 0; in ssl_tls13_process_new_session_ticket()
3060 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER); in ssl_tls13_process_new_session_ticket()
3069 int mbedtls_ssl_tls13_handshake_client_step(mbedtls_ssl_context *ssl) in mbedtls_ssl_tls13_handshake_client_step() argument
3073 switch (ssl->state) { in mbedtls_ssl_tls13_handshake_client_step()
3075 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in mbedtls_ssl_tls13_handshake_client_step()
3079 ret = mbedtls_ssl_write_client_hello(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3083 ret = ssl_tls13_process_server_hello(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3087 ret = ssl_tls13_process_encrypted_extensions(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3092 ret = ssl_tls13_process_certificate_request(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3096 ret = ssl_tls13_process_server_certificate(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3100 ret = ssl_tls13_process_certificate_verify(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3105 ret = ssl_tls13_process_server_finished(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3110 ret = ssl_tls13_write_end_of_early_data(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3115 ret = ssl_tls13_write_client_certificate(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3120 ret = ssl_tls13_write_client_certificate_verify(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3125 ret = ssl_tls13_write_client_finished(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3129 ret = ssl_tls13_flush_buffers(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3133 ret = ssl_tls13_handshake_wrapup(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3141 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3145 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in mbedtls_ssl_tls13_handshake_client_step()
3149 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3153 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); in mbedtls_ssl_tls13_handshake_client_step()
3158 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3160 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO); in mbedtls_ssl_tls13_handshake_client_step()
3165 ssl, ssl->handshake->transform_earlydata); in mbedtls_ssl_tls13_handshake_client_step()
3166 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_CAN_WRITE; in mbedtls_ssl_tls13_handshake_client_step()
3174 ret = ssl_tls13_process_new_session_ticket(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3179 MBEDTLS_SSL_DEBUG_MSG(1, ("invalid state %d", ssl->state)); in mbedtls_ssl_tls13_handshake_client_step()