181 		dtls_security_parameters_t *security , session_t *session,
390 dtls_set_record_header(uint8 type, dtls_security_parameters_t *security,  in dtls_set_record_header()  argument
399   if (security) {  in dtls_set_record_header()
400     dtls_int_to_uint16(buf, security->epoch);  in dtls_set_record_header()
403     dtls_int_to_uint48(buf, security->rseq);  in dtls_set_record_header()
407     security->rseq++;  in dtls_set_record_header()
606   dtls_security_parameters_t *security = dtls_security_params_next(peer);  in calculate_key_block()  local
609   if (!security) {  in calculate_key_block()
613   pre_master_secret = security->key_block;  in calculate_key_block()
687 	   security->key_block,  in calculate_key_block()
688 	   dtls_kb_size(security, role));  in calculate_key_block()
691   dtls_debug_keyblock(security);  in calculate_key_block()
693   security->cipher = handshake->cipher;  in calculate_key_block()
694   security->compression = handshake->compression;  in calculate_key_block()
695   security->rseq = 0;  in calculate_key_block()
906   dtls_security_parameters_t *security = dtls_security_params(peer);  in dtls_update_parameters()  local
929     if (!security || security->cipher == TLS_NULL_WITH_NULL_NULL)  in dtls_update_parameters()
932     config->cipher = security->cipher;  in dtls_update_parameters()
933     config->compression = security->compression;  in dtls_update_parameters()
961     if (security)  in dtls_update_parameters()
962       config->compression = security->compression;  in dtls_update_parameters()
1180 dtls_prepare_record(dtls_peer_t *peer, dtls_security_parameters_t *security,  in dtls_prepare_record()  argument
1194   p = dtls_set_record_header(type, security, sendbuf);  in dtls_prepare_record()
1197   if (!security || security->cipher == TLS_NULL_WITH_NULL_NULL) {  in dtls_prepare_record()
1221     if (is_tls_psk_with_aes_128_ccm_8(security->cipher)) {  in dtls_prepare_record()
1223     } else if (is_tls_ecdhe_ecdsa_with_aes_128_ccm_8(security->cipher)) {  in dtls_prepare_record()
1286     memcpy(nonce, dtls_kb_local_iv(security, peer->role),  in dtls_prepare_record()
1287 	   dtls_kb_iv_size(security, peer->role));  in dtls_prepare_record()
1288     memcpy(nonce + dtls_kb_iv_size(security, peer->role), start, 8); /* epoch + seq_num */  in dtls_prepare_record()
1291     dtls_debug_dump("key:", dtls_kb_local_write_key(security, peer->role),  in dtls_prepare_record()
1292 		    dtls_kb_key_size(security, peer->role));  in dtls_prepare_record()
1304 		       dtls_kb_local_write_key(security, peer->role),  in dtls_prepare_record()
1305 		       dtls_kb_key_size(security, peer->role),  in dtls_prepare_record()
1334   dtls_security_parameters_t *security = peer ? dtls_security_params(peer) : NULL;  in dtls_send_handshake_msg_hash()  local
1356   return dtls_send_multi(ctx, peer, security, session, DTLS_CT_HANDSHAKE,  in dtls_send_handshake_msg_hash()
1408 		dtls_security_parameters_t *security , session_t *session,  in dtls_send_multi()  argument
1424 …res = dtls_prepare_record(peer, security, type, buf_array, buf_len_array, buf_array_len, sendbuf, …  in dtls_send_multi()
1449       n->epoch = (security) ? security->epoch : 0;  in dtls_send_multi()
2881   dtls_security_parameters_t *security = dtls_security_params_epoch(peer, dtls_get_epoch(header));  in decrypt_verify()  local
2887   if (!security) {  in decrypt_verify()
2892   if (security->cipher == TLS_NULL_WITH_NULL_NULL) {  in decrypt_verify()
2908     memcpy(nonce, dtls_kb_remote_iv(security, peer->role),  in decrypt_verify()
2909 	   dtls_kb_iv_size(security, peer->role));  in decrypt_verify()
2912     memcpy(nonce + dtls_kb_iv_size(security, peer->role), *cleartext, 8);  in decrypt_verify()
2917     dtls_debug_dump("key", dtls_kb_remote_write_key(security, peer->role),  in decrypt_verify()
2918 		    dtls_kb_key_size(security, peer->role));  in decrypt_verify()
2931 		       dtls_kb_remote_write_key(security, peer->role),  in decrypt_verify()
2932 		       dtls_kb_key_size(security, peer->role),  in decrypt_verify()
3243       dtls_security_parameters_t *security;  in handle_handshake_msg()  local
3258       security = dtls_security_params(peer);  in handle_handshake_msg()
3259       security->rseq = 1;  in handle_handshake_msg()
3902       dtls_security_parameters_t *security = dtls_security_params_epoch(node->peer, node->epoch);  in dtls_retransmit()  local
3918       err = dtls_prepare_record(node->peer, security, node->type, &data, &length,  in dtls_retransmit()