Lines Matching refs:conf
65 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_ep_len()
112 if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max ) in ssl_double_retransmit_timeout()
119 new_timeout > ssl->conf->hs_timeout_max ) in ssl_double_retransmit_timeout()
121 new_timeout = ssl->conf->hs_timeout_max; in ssl_double_retransmit_timeout()
133 ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min; in ssl_reset_retransmit_timeout()
773 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) in mbedtls_ssl_derive_keys()
793 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) in mbedtls_ssl_derive_keys()
865 if( ssl->conf->f_export_keys != NULL ) in mbedtls_ssl_derive_keys()
867 ssl->conf->f_export_keys( ssl->conf->p_export_keys, in mbedtls_ssl_derive_keys()
1087 const unsigned char *psk = ssl->conf->psk; in mbedtls_ssl_psk_derive_premaster()
1088 size_t psk_len = ssl->conf->psk_len; in mbedtls_ssl_psk_derive_premaster()
1143 ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) in mbedtls_ssl_psk_derive_premaster()
1164 ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) in mbedtls_ssl_psk_derive_premaster()
1366 ssl->conf->transport, add_data + 9 ); in ssl_encrypt_buf()
1461 ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->transform_out->iv_enc, in ssl_encrypt_buf()
1649 ssl->conf->transport, add_data + 9 ); in ssl_decrypt_buf()
2032 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_decrypt_buf()
2165 if( ssl->conf->renego_max_records < 0 ) in ssl_resend_hello_request()
2167 uint32_t ratio = ssl->conf->hs_timeout_max / ssl->conf->hs_timeout_min + 1; in ssl_resend_hello_request()
2224 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_fetch_input()
2305 timeout = ssl->conf->read_timeout; in mbedtls_ssl_fetch_input()
2343 else if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in mbedtls_ssl_fetch_input()
2380 ssl->conf->read_timeout ); in mbedtls_ssl_fetch_input()
2704 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_write_record()
2735 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_write_record()
2767 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_write_record()
2815 ssl->conf->transport, ssl->out_hdr + 1 ); in mbedtls_ssl_write_record()
3092 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_prepare_handshake_record()
3169 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_update_handshake_status()
3212 if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) in mbedtls_ssl_dtls_replay_check()
3236 if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) in mbedtls_ssl_dtls_replay_update()
3420 ssl->conf->f_cookie_write, in ssl_handle_possible_reconnect()
3421 ssl->conf->f_cookie_check, in ssl_handle_possible_reconnect()
3422 ssl->conf->p_cookie, in ssl_handle_possible_reconnect()
3483 mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, ssl->in_hdr + 1 ); in ssl_parse_record_header()
3515 if( minor_ver > ssl->conf->max_minor_ver ) in ssl_parse_record_header()
3577 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_record_header()
3618 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in ssl_parse_record_header()
3706 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_prepare_record_content()
3796 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_read_record_layer()
3837 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_read_record_layer()
3846 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_read_record_layer()
3870 if( ssl->conf->badmac_limit != 0 && in mbedtls_ssl_read_record_layer()
3871 ++ssl->badmac_seen >= ssl->conf->badmac_limit ) in mbedtls_ssl_read_record_layer()
3916 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_read_record_layer()
3992 ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in mbedtls_ssl_handle_message_type()
4029 if( ssl == NULL || ssl->conf == NULL ) in mbedtls_ssl_send_alert_message()
4120 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) in mbedtls_ssl_write_certificate()
4149 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) in mbedtls_ssl_write_certificate()
4221 int authmode = ssl->conf->authmode; in mbedtls_ssl_parse_certificate()
4236 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in mbedtls_ssl_parse_certificate()
4249 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in mbedtls_ssl_parse_certificate()
4272 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in mbedtls_ssl_parse_certificate()
4293 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in mbedtls_ssl_parse_certificate()
4396 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && in mbedtls_ssl_parse_certificate()
4431 ca_chain = ssl->conf->ca_chain; in mbedtls_ssl_parse_certificate()
4432 ca_crl = ssl->conf->ca_crl; in mbedtls_ssl_parse_certificate()
4447 ssl->conf->cert_profile, in mbedtls_ssl_parse_certificate()
4450 ssl->conf->f_vrfy, ssl->conf->p_vrfy ); in mbedtls_ssl_parse_certificate()
4478 ! ssl->conf->endpoint, in mbedtls_ssl_parse_certificate()
4558 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_parse_change_cipher_spec()
4999 if( ssl->conf->f_set_cache != NULL && in mbedtls_ssl_handshake_wrapup()
5003 if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 ) in mbedtls_ssl_handshake_wrapup()
5008 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_handshake_wrapup()
5044 ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint ); in mbedtls_ssl_write_finished()
5070 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) in mbedtls_ssl_write_finished()
5074 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) in mbedtls_ssl_write_finished()
5088 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_write_finished()
5130 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_write_finished()
5159 ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 ); in mbedtls_ssl_parse_finished()
5203 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) in mbedtls_ssl_parse_finished()
5207 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) in mbedtls_ssl_parse_finished()
5215 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_parse_finished()
5337 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_handshake_init()
5341 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) in ssl_handshake_init()
5394 const mbedtls_ssl_config *conf ) in mbedtls_ssl_setup() argument
5399 ssl->conf = conf; in mbedtls_ssl_setup()
5414 if( conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_setup()
5568 void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ) in mbedtls_ssl_conf_endpoint() argument
5570 conf->endpoint = endpoint; in mbedtls_ssl_conf_endpoint()
5573 void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ) in mbedtls_ssl_conf_transport() argument
5575 conf->transport = transport; in mbedtls_ssl_conf_transport()
5579 void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ) in mbedtls_ssl_conf_dtls_anti_replay() argument
5581 conf->anti_replay = mode; in mbedtls_ssl_conf_dtls_anti_replay()
5586 void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ) in mbedtls_ssl_conf_dtls_badmac_limit() argument
5588 conf->badmac_limit = limit; in mbedtls_ssl_conf_dtls_badmac_limit()
5593 void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max ) in mbedtls_ssl_conf_handshake_timeout() argument
5595 conf->hs_timeout_min = min; in mbedtls_ssl_conf_handshake_timeout()
5596 conf->hs_timeout_max = max; in mbedtls_ssl_conf_handshake_timeout()
5600 void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ) in mbedtls_ssl_conf_authmode() argument
5602 conf->authmode = authmode; in mbedtls_ssl_conf_authmode()
5606 void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_verify() argument
5610 conf->f_vrfy = f_vrfy; in mbedtls_ssl_conf_verify()
5611 conf->p_vrfy = p_vrfy; in mbedtls_ssl_conf_verify()
5615 void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_rng() argument
5619 conf->f_rng = f_rng; in mbedtls_ssl_conf_rng()
5620 conf->p_rng = p_rng; in mbedtls_ssl_conf_rng()
5623 void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_dbg() argument
5627 conf->f_dbg = f_dbg; in mbedtls_ssl_conf_dbg()
5628 conf->p_dbg = p_dbg; in mbedtls_ssl_conf_dbg()
5643 void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) in mbedtls_ssl_conf_read_timeout() argument
5645 conf->read_timeout = timeout; in mbedtls_ssl_conf_read_timeout()
5662 void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_session_cache() argument
5667 conf->p_cache = p_cache; in mbedtls_ssl_conf_session_cache()
5668 conf->f_get_cache = f_get_cache; in mbedtls_ssl_conf_session_cache()
5669 conf->f_set_cache = f_set_cache; in mbedtls_ssl_conf_session_cache()
5681 ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) in mbedtls_ssl_set_session()
5695 void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_ciphersuites() argument
5698 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites; in mbedtls_ssl_conf_ciphersuites()
5699 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = ciphersuites; in mbedtls_ssl_conf_ciphersuites()
5700 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = ciphersuites; in mbedtls_ssl_conf_ciphersuites()
5701 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites; in mbedtls_ssl_conf_ciphersuites()
5704 void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_ciphersuites_for_version() argument
5714 conf->ciphersuite_list[minor] = ciphersuites; in mbedtls_ssl_conf_ciphersuites_for_version()
5718 void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_cert_profile() argument
5721 conf->cert_profile = profile; in mbedtls_ssl_conf_cert_profile()
5755 int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_own_cert() argument
5759 return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) ); in mbedtls_ssl_conf_own_cert()
5762 void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_ca_chain() argument
5766 conf->ca_chain = ca_chain; in mbedtls_ssl_conf_ca_chain()
5767 conf->ca_crl = ca_crl; in mbedtls_ssl_conf_ca_chain()
5805 if( ssl->handshake == NULL || ssl->conf == NULL ) in mbedtls_ssl_set_hs_ecjpake_password()
5808 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) in mbedtls_ssl_set_hs_ecjpake_password()
5822 int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_psk() argument
5839 if( conf->psk != NULL || conf->psk_identity != NULL ) in mbedtls_ssl_conf_psk()
5841 mbedtls_free( conf->psk ); in mbedtls_ssl_conf_psk()
5842 mbedtls_free( conf->psk_identity ); in mbedtls_ssl_conf_psk()
5843 conf->psk = NULL; in mbedtls_ssl_conf_psk()
5844 conf->psk_identity = NULL; in mbedtls_ssl_conf_psk()
5847 if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL || in mbedtls_ssl_conf_psk()
5848 ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL ) in mbedtls_ssl_conf_psk()
5850 mbedtls_free( conf->psk ); in mbedtls_ssl_conf_psk()
5851 mbedtls_free( conf->psk_identity ); in mbedtls_ssl_conf_psk()
5852 conf->psk = NULL; in mbedtls_ssl_conf_psk()
5853 conf->psk_identity = NULL; in mbedtls_ssl_conf_psk()
5857 conf->psk_len = psk_len; in mbedtls_ssl_conf_psk()
5858 conf->psk_identity_len = psk_identity_len; in mbedtls_ssl_conf_psk()
5860 memcpy( conf->psk, psk, conf->psk_len ); in mbedtls_ssl_conf_psk()
5861 memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len ); in mbedtls_ssl_conf_psk()
5887 void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_psk_cb() argument
5892 conf->f_psk = f_psk; in mbedtls_ssl_conf_psk_cb()
5893 conf->p_psk = p_psk; in mbedtls_ssl_conf_psk_cb()
5898 int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G ) in mbedtls_ssl_conf_dh_param() argument
5902 if( ( ret = mbedtls_mpi_read_string( &conf->dhm_P, 16, dhm_P ) ) != 0 || in mbedtls_ssl_conf_dh_param()
5903 ( ret = mbedtls_mpi_read_string( &conf->dhm_G, 16, dhm_G ) ) != 0 ) in mbedtls_ssl_conf_dh_param()
5905 mbedtls_mpi_free( &conf->dhm_P ); in mbedtls_ssl_conf_dh_param()
5906 mbedtls_mpi_free( &conf->dhm_G ); in mbedtls_ssl_conf_dh_param()
5913 int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ) in mbedtls_ssl_conf_dh_param_ctx() argument
5917 if( ( ret = mbedtls_mpi_copy( &conf->dhm_P, &dhm_ctx->P ) ) != 0 || in mbedtls_ssl_conf_dh_param_ctx()
5918 ( ret = mbedtls_mpi_copy( &conf->dhm_G, &dhm_ctx->G ) ) != 0 ) in mbedtls_ssl_conf_dh_param_ctx()
5920 mbedtls_mpi_free( &conf->dhm_P ); in mbedtls_ssl_conf_dh_param_ctx()
5921 mbedtls_mpi_free( &conf->dhm_G ); in mbedtls_ssl_conf_dh_param_ctx()
5933 void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_dhm_min_bitlen() argument
5936 conf->dhm_min_bitlen = bitlen; in mbedtls_ssl_conf_dhm_min_bitlen()
5944 void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_sig_hashes() argument
5947 conf->sig_hashes = hashes; in mbedtls_ssl_conf_sig_hashes()
5955 void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_curves() argument
5958 conf->curve_list = curve_list; in mbedtls_ssl_conf_curves()
5992 void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_sni() argument
5997 conf->f_sni = f_sni; in mbedtls_ssl_conf_sni()
5998 conf->p_sni = p_sni; in mbedtls_ssl_conf_sni()
6003 int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ) in mbedtls_ssl_conf_alpn_protocols() argument
6022 conf->alpn_list = protos; in mbedtls_ssl_conf_alpn_protocols()
6033 void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ) in mbedtls_ssl_conf_max_version() argument
6035 conf->max_major_ver = major; in mbedtls_ssl_conf_max_version()
6036 conf->max_minor_ver = minor; in mbedtls_ssl_conf_max_version()
6039 void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ) in mbedtls_ssl_conf_min_version() argument
6041 conf->min_major_ver = major; in mbedtls_ssl_conf_min_version()
6042 conf->min_minor_ver = minor; in mbedtls_ssl_conf_min_version()
6046 void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ) in mbedtls_ssl_conf_fallback() argument
6048 conf->fallback = fallback; in mbedtls_ssl_conf_fallback()
6053 void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ) in mbedtls_ssl_conf_encrypt_then_mac() argument
6055 conf->encrypt_then_mac = etm; in mbedtls_ssl_conf_encrypt_then_mac()
6060 void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ) in mbedtls_ssl_conf_extended_master_secret() argument
6062 conf->extended_ms = ems; in mbedtls_ssl_conf_extended_master_secret()
6067 void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ) in mbedtls_ssl_conf_arc4_support() argument
6069 conf->arc4_disabled = arc4; in mbedtls_ssl_conf_arc4_support()
6074 int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ) in mbedtls_ssl_conf_max_frag_len() argument
6082 conf->mfl_code = mfl_code; in mbedtls_ssl_conf_max_frag_len()
6089 void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ) in mbedtls_ssl_conf_truncated_hmac() argument
6091 conf->trunc_hmac = truncate; in mbedtls_ssl_conf_truncated_hmac()
6096 void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ) in mbedtls_ssl_conf_cbc_record_splitting() argument
6098 conf->cbc_record_splitting = split; in mbedtls_ssl_conf_cbc_record_splitting()
6102 void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ) in mbedtls_ssl_conf_legacy_renegotiation() argument
6104 conf->allow_legacy_renegotiation = allow_legacy; in mbedtls_ssl_conf_legacy_renegotiation()
6108 void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ) in mbedtls_ssl_conf_renegotiation() argument
6110 conf->disable_renegotiation = renegotiation; in mbedtls_ssl_conf_renegotiation()
6113 void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ) in mbedtls_ssl_conf_renegotiation_enforced() argument
6115 conf->renego_max_records = max_records; in mbedtls_ssl_conf_renegotiation_enforced()
6118 void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_renegotiation_period() argument
6121 memcpy( conf->renego_period, period, 8 ); in mbedtls_ssl_conf_renegotiation_period()
6127 void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ) in mbedtls_ssl_conf_session_tickets() argument
6129 conf->session_tickets = use_tickets; in mbedtls_ssl_conf_session_tickets()
6134 void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_session_tickets_cb() argument
6139 conf->f_ticket_write = f_ticket_write; in mbedtls_ssl_conf_session_tickets_cb()
6140 conf->f_ticket_parse = f_ticket_parse; in mbedtls_ssl_conf_session_tickets_cb()
6141 conf->p_ticket = p_ticket; in mbedtls_ssl_conf_session_tickets_cb()
6147 void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, in mbedtls_ssl_conf_export_keys_cb() argument
6151 conf->f_export_keys = f_export_keys; in mbedtls_ssl_conf_export_keys_cb()
6152 conf->p_export_keys = p_export_keys; in mbedtls_ssl_conf_export_keys_cb()
6186 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_get_version()
6263 max_len = mfl_code_to_length[ssl->conf->mfl_code]; in mbedtls_ssl_get_max_frag_len()
6294 ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) in mbedtls_ssl_get_session()
6310 if( ssl == NULL || ssl->conf == NULL ) in mbedtls_ssl_handshake_step()
6314 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) in mbedtls_ssl_handshake_step()
6318 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) in mbedtls_ssl_handshake_step()
6332 if( ssl == NULL || ssl->conf == NULL ) in mbedtls_ssl_handshake()
6398 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_start_renegotiation()
6401 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) in ssl_start_renegotiation()
6430 if( ssl == NULL || ssl->conf == NULL ) in mbedtls_ssl_renegotiate()
6435 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) in mbedtls_ssl_renegotiate()
6486 ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED ) in ssl_check_ctr_renegotiate()
6491 if( memcmp( ssl->in_ctr, ssl->conf->renego_period, 8 ) <= 0 && in ssl_check_ctr_renegotiate()
6492 memcmp( ssl->out_ctr, ssl->conf->renego_period, 8 ) <= 0 ) in ssl_check_ctr_renegotiate()
6510 if( ssl == NULL || ssl->conf == NULL ) in mbedtls_ssl_read()
6516 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_read()
6558 ssl_set_timer( ssl, ssl->conf->read_timeout ); in mbedtls_ssl_read()
6595 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && in mbedtls_ssl_read()
6603 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_read()
6609 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in mbedtls_ssl_read()
6616 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in mbedtls_ssl_read()
6623 if( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || in mbedtls_ssl_read()
6625 ssl->conf->allow_legacy_renegotiation == in mbedtls_ssl_read()
6664 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_read()
6665 ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) in mbedtls_ssl_read()
6690 if( ssl->conf->renego_max_records >= 0 ) in mbedtls_ssl_read()
6692 if( ++ssl->renego_records_seen > ssl->conf->renego_max_records ) in mbedtls_ssl_read()
6727 if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in mbedtls_ssl_read()
6772 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_write_real()
6822 if( ssl->conf->cbc_record_splitting == in ssl_write_split()
6856 if( ssl == NULL || ssl->conf == NULL ) in mbedtls_ssl_write()
6894 if( ssl == NULL || ssl->conf == NULL ) in mbedtls_ssl_close_notify()
7129 void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ) in mbedtls_ssl_config_init() argument
7131 memset( conf, 0, sizeof( mbedtls_ssl_config ) ); in mbedtls_ssl_config_init()
7176 int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, in mbedtls_ssl_config_defaults() argument
7185 mbedtls_ssl_conf_endpoint( conf, endpoint ); in mbedtls_ssl_config_defaults()
7186 mbedtls_ssl_conf_transport( conf, transport ); in mbedtls_ssl_config_defaults()
7194 conf->authmode = MBEDTLS_SSL_VERIFY_REQUIRED; in mbedtls_ssl_config_defaults()
7196 conf->session_tickets = MBEDTLS_SSL_SESSION_TICKETS_ENABLED; in mbedtls_ssl_config_defaults()
7202 conf->arc4_disabled = MBEDTLS_SSL_ARC4_DISABLED; in mbedtls_ssl_config_defaults()
7206 conf->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; in mbedtls_ssl_config_defaults()
7210 conf->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; in mbedtls_ssl_config_defaults()
7214 conf->cbc_record_splitting = MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED; in mbedtls_ssl_config_defaults()
7218 conf->f_cookie_write = ssl_cookie_write_dummy; in mbedtls_ssl_config_defaults()
7219 conf->f_cookie_check = ssl_cookie_check_dummy; in mbedtls_ssl_config_defaults()
7223 conf->anti_replay = MBEDTLS_SSL_ANTI_REPLAY_ENABLED; in mbedtls_ssl_config_defaults()
7227 conf->hs_timeout_min = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN; in mbedtls_ssl_config_defaults()
7228 conf->hs_timeout_max = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX; in mbedtls_ssl_config_defaults()
7232 conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT; in mbedtls_ssl_config_defaults()
7233 memset( conf->renego_period, 0xFF, 7 ); in mbedtls_ssl_config_defaults()
7234 conf->renego_period[7] = 0x00; in mbedtls_ssl_config_defaults()
7240 if( ( ret = mbedtls_ssl_conf_dh_param( conf, in mbedtls_ssl_config_defaults()
7258 conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; in mbedtls_ssl_config_defaults()
7259 conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; /* TLS 1.2 */ in mbedtls_ssl_config_defaults()
7260 conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; in mbedtls_ssl_config_defaults()
7261 conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; in mbedtls_ssl_config_defaults()
7263 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = in mbedtls_ssl_config_defaults()
7264 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = in mbedtls_ssl_config_defaults()
7265 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = in mbedtls_ssl_config_defaults()
7266 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = in mbedtls_ssl_config_defaults()
7270 conf->cert_profile = &mbedtls_x509_crt_profile_suiteb; in mbedtls_ssl_config_defaults()
7274 conf->sig_hashes = ssl_preset_suiteb_hashes; in mbedtls_ssl_config_defaults()
7278 conf->curve_list = ssl_preset_suiteb_curves; in mbedtls_ssl_config_defaults()
7286 conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; in mbedtls_ssl_config_defaults()
7287 conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_1; /* TLS 1.0 */ in mbedtls_ssl_config_defaults()
7288 conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; in mbedtls_ssl_config_defaults()
7289 conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; in mbedtls_ssl_config_defaults()
7293 conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2; in mbedtls_ssl_config_defaults()
7296 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = in mbedtls_ssl_config_defaults()
7297 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = in mbedtls_ssl_config_defaults()
7298 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = in mbedtls_ssl_config_defaults()
7299 conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = in mbedtls_ssl_config_defaults()
7303 conf->cert_profile = &mbedtls_x509_crt_profile_default; in mbedtls_ssl_config_defaults()
7307 conf->sig_hashes = ssl_preset_default_hashes; in mbedtls_ssl_config_defaults()
7311 conf->curve_list = mbedtls_ecp_grp_id_list(); in mbedtls_ssl_config_defaults()
7315 conf->dhm_min_bitlen = 1024; in mbedtls_ssl_config_defaults()
7325 void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ) in mbedtls_ssl_config_free() argument
7328 mbedtls_mpi_free( &conf->dhm_P ); in mbedtls_ssl_config_free()
7329 mbedtls_mpi_free( &conf->dhm_G ); in mbedtls_ssl_config_free()
7333 if( conf->psk != NULL ) in mbedtls_ssl_config_free()
7335 mbedtls_zeroize( conf->psk, conf->psk_len ); in mbedtls_ssl_config_free()
7336 mbedtls_zeroize( conf->psk_identity, conf->psk_identity_len ); in mbedtls_ssl_config_free()
7337 mbedtls_free( conf->psk ); in mbedtls_ssl_config_free()
7338 mbedtls_free( conf->psk_identity ); in mbedtls_ssl_config_free()
7339 conf->psk_len = 0; in mbedtls_ssl_config_free()
7340 conf->psk_identity_len = 0; in mbedtls_ssl_config_free()
7345 ssl_key_cert_free( conf->key_cert ); in mbedtls_ssl_config_free()
7348 mbedtls_zeroize( conf, sizeof( mbedtls_ssl_config ) ); in mbedtls_ssl_config_free()
7460 if( ssl->conf->curve_list == NULL ) in mbedtls_ssl_check_curve()
7463 for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) in mbedtls_ssl_check_curve()
7481 if( ssl->conf->sig_hashes == NULL ) in mbedtls_ssl_check_sig_hash()
7484 for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) in mbedtls_ssl_check_sig_hash()