Lines Matching full:if
14 #if defined(MBEDTLS_SSL_TLS_C)
31 #if defined(MBEDTLS_USE_PSA_CRYPTO)
38 #if defined(MBEDTLS_X509_CRT_PARSE_C)
42 #if defined(MBEDTLS_USE_PSA_CRYPTO)
54 #if defined(MBEDTLS_TEST_HOOKS)
78 #if defined(MBEDTLS_SSL_PROTO_DTLS)
80 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
87 if (len > MBEDTLS_SSL_CID_IN_LEN_MAX) { in mbedtls_ssl_conf_cid()
91 if (ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_FAIL && in mbedtls_ssl_conf_cid()
106 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_set_cid()
111 if (enable == MBEDTLS_SSL_CID_DISABLED) { in mbedtls_ssl_set_cid()
118 if (own_cid_len != ssl->conf->cid_len) { in mbedtls_ssl_set_cid()
140 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_get_own_cid()
147 if (ssl->own_cid_len == 0 || ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { in mbedtls_ssl_get_own_cid()
151 if (own_cid_len != NULL) { in mbedtls_ssl_get_own_cid()
153 if (own_cid != NULL) { in mbedtls_ssl_get_own_cid()
170 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || in mbedtls_ssl_get_peer_cid()
179 if (ssl->transform_in->in_cid_len == 0 && in mbedtls_ssl_get_peer_cid()
184 if (peer_cid_len != NULL) { in mbedtls_ssl_get_peer_cid()
186 if (peer_cid != NULL) { in mbedtls_ssl_get_peer_cid()
200 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
233 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_session_copy()
235 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ in mbedtls_ssl_session_copy()
241 #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_ALPN) && \ in mbedtls_ssl_session_copy()
246 #if defined(MBEDTLS_X509_CRT_PARSE_C) in mbedtls_ssl_session_copy()
248 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) in mbedtls_ssl_session_copy()
249 if (src->peer_cert != NULL) { in mbedtls_ssl_session_copy()
253 if (dst->peer_cert == NULL) { in mbedtls_ssl_session_copy()
259 if ((ret = mbedtls_x509_crt_parse_der(dst->peer_cert, src->peer_cert->raw.p, in mbedtls_ssl_session_copy()
267 if (src->peer_cert_digest != NULL) { in mbedtls_ssl_session_copy()
270 if (dst->peer_cert_digest == NULL) { in mbedtls_ssl_session_copy()
283 #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_ALPN) && \ in mbedtls_ssl_session_copy()
287 if (ret != 0) { in mbedtls_ssl_session_copy()
293 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_session_copy()
294 if (src->ticket != NULL) { in mbedtls_ssl_session_copy()
296 if (dst->ticket == NULL) { in mbedtls_ssl_session_copy()
303 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ in mbedtls_ssl_session_copy()
305 if (src->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_session_copy()
308 if (ret != 0) { in mbedtls_ssl_session_copy()
319 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
324 if (resized_buffer == NULL) { in resize_buffer()
349 if (ssl->in_buf != NULL) { in handle_buffer_resizing()
353 if (downsizing ? in handle_buffer_resizing()
356 if (resize_buffer(&ssl->in_buf, in_buf_new_len, &ssl->in_buf_len) != 0) { in handle_buffer_resizing()
366 if (ssl->out_buf != NULL) { in handle_buffer_resizing()
370 if (downsizing ? in handle_buffer_resizing()
373 if (resize_buffer(&ssl->out_buf, out_buf_new_len, &ssl->out_buf_len) != 0) { in handle_buffer_resizing()
382 if (modified) { in handle_buffer_resizing()
398 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
400 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
419 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM)
428 #if defined(MBEDTLS_MD_CAN_SHA256)
439 #if defined(MBEDTLS_MD_CAN_SHA384)
458 #if defined(MBEDTLS_MD_CAN_SHA256)
462 #if defined(MBEDTLS_MD_CAN_SHA384)
475 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in mbedtls_ssl_tls_prf()
476 #if defined(MBEDTLS_MD_CAN_SHA384) in mbedtls_ssl_tls_prf()
481 #if defined(MBEDTLS_MD_CAN_SHA256) in mbedtls_ssl_tls_prf()
494 #if defined(MBEDTLS_X509_CRT_PARSE_C)
497 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) in ssl_clear_peer_cert()
498 if (session->peer_cert != NULL) { in ssl_clear_peer_cert()
504 if (session->peer_cert_digest != NULL) { in ssl_clear_peer_cert()
612 #if defined(MBEDTLS_DEBUG_C)
710 if (extra_msg0 && extra_msg1) { in mbedtls_ssl_print_extension()
722 if (extra_msg) { in mbedtls_ssl_print_extension()
752 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS)
772 if ((flags & (1 << i))) { in mbedtls_ssl_print_ticket_flags()
787 #if defined(MBEDTLS_MD_CAN_SHA384) in mbedtls_ssl_optimize_checksum()
788 if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { in mbedtls_ssl_optimize_checksum()
792 #if defined(MBEDTLS_MD_CAN_SHA256) in mbedtls_ssl_optimize_checksum()
793 if (ciphersuite_info->mac != MBEDTLS_MD_SHA384) { in mbedtls_ssl_optimize_checksum()
825 if (ret != 0) { in mbedtls_ssl_add_hs_msg_to_checksum()
833 #if defined(MBEDTLS_MD_CAN_SHA256) || \ in mbedtls_ssl_reset_checksum()
835 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_reset_checksum()
843 #if defined(MBEDTLS_MD_CAN_SHA256) in mbedtls_ssl_reset_checksum()
844 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_reset_checksum()
846 if (status != PSA_SUCCESS) { in mbedtls_ssl_reset_checksum()
850 if (status != PSA_SUCCESS) { in mbedtls_ssl_reset_checksum()
859 if (ret != 0) { in mbedtls_ssl_reset_checksum()
863 if (ret != 0) { in mbedtls_ssl_reset_checksum()
868 #if defined(MBEDTLS_MD_CAN_SHA384) in mbedtls_ssl_reset_checksum()
869 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_reset_checksum()
871 if (status != PSA_SUCCESS) { in mbedtls_ssl_reset_checksum()
875 if (status != PSA_SUCCESS) { in mbedtls_ssl_reset_checksum()
883 if (ret != 0) { in mbedtls_ssl_reset_checksum()
887 if (ret != 0) { in mbedtls_ssl_reset_checksum()
898 #if defined(MBEDTLS_MD_CAN_SHA256) || \ in ssl_update_checksum_start()
900 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_update_checksum_start()
910 #if defined(MBEDTLS_MD_CAN_SHA256) in ssl_update_checksum_start()
911 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_update_checksum_start()
913 if (status != PSA_SUCCESS) { in ssl_update_checksum_start()
918 if (ret != 0) { in ssl_update_checksum_start()
923 #if defined(MBEDTLS_MD_CAN_SHA384) in ssl_update_checksum_start()
924 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_update_checksum_start()
926 if (status != PSA_SUCCESS) { in ssl_update_checksum_start()
931 if (ret != 0) { in ssl_update_checksum_start()
939 #if defined(MBEDTLS_MD_CAN_SHA256)
943 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_update_checksum_sha256()
952 #if defined(MBEDTLS_MD_CAN_SHA384)
956 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_update_checksum_sha384()
969 #if defined(MBEDTLS_MD_CAN_SHA256) in ssl_handshake_params_init()
970 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_handshake_params_init()
976 #if defined(MBEDTLS_MD_CAN_SHA384) in ssl_handshake_params_init()
977 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_handshake_params_init()
986 #if defined(MBEDTLS_DHM_C) in ssl_handshake_params_init()
989 #if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ in ssl_handshake_params_init()
993 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) in ssl_handshake_params_init()
994 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_handshake_params_init()
1000 #if defined(MBEDTLS_SSL_CLI_C) in ssl_handshake_params_init()
1006 #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) in ssl_handshake_params_init()
1010 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) in ssl_handshake_params_init()
1014 #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ in ssl_handshake_params_init()
1024 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_transform_init()
1032 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) in mbedtls_ssl_transform_init()
1033 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_transform_init()
1053 /* Clear old handshake information if present */ in ssl_handshake_init()
1054 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_handshake_init()
1055 if (ssl->transform_negotiate) { in ssl_handshake_init()
1059 if (ssl->session_negotiate) { in ssl_handshake_init()
1062 if (ssl->handshake) { in ssl_handshake_init()
1066 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_handshake_init()
1071 if (ssl->transform_negotiate == NULL) { in ssl_handshake_init()
1076 if (ssl->session_negotiate == NULL) { in ssl_handshake_init()
1080 if (ssl->handshake == NULL) { in ssl_handshake_init()
1083 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) in ssl_handshake_init()
1084 /* If the buffers are too small - reallocate */ in ssl_handshake_init()
1091 if (ssl->handshake == NULL || in ssl_handshake_init()
1092 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_handshake_init()
1101 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_handshake_init()
1112 #if defined(MBEDTLS_SSL_EARLY_DATA) in ssl_handshake_init()
1113 #if defined(MBEDTLS_SSL_CLI_C) in ssl_handshake_init()
1116 #if defined(MBEDTLS_SSL_SRV_C) in ssl_handshake_init()
1126 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_handshake_init()
1132 if (ret != 0) { in ssl_handshake_init()
1137 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ in ssl_handshake_init()
1144 #if defined(MBEDTLS_SSL_PROTO_DTLS) in ssl_handshake_init()
1145 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_handshake_init()
1148 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_handshake_init()
1163 #if defined(MBEDTLS_ECP_C) in ssl_handshake_init()
1164 #if !defined(MBEDTLS_DEPRECATED_REMOVED) in ssl_handshake_init()
1166 if (ssl->conf->curve_list != NULL) { in ssl_handshake_init()
1175 if (group_list == NULL) { in ssl_handshake_init()
1182 if (tls_id == 0) { in ssl_handshake_init()
1200 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in ssl_handshake_init()
1201 #if !defined(MBEDTLS_DEPRECATED_REMOVED) in ssl_handshake_init()
1202 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_handshake_init()
1205 if (mbedtls_ssl_conf_is_tls12_only(ssl->conf) && in ssl_handshake_init()
1217 if (mbedtls_ssl_hash_from_md_alg(*md) == MBEDTLS_SSL_HASH_NONE) { in ssl_handshake_init()
1220 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) in ssl_handshake_init()
1224 #if defined(MBEDTLS_RSA_C) in ssl_handshake_init()
1227 if (sig_algs_len > MBEDTLS_SSL_MAX_SIG_ALG_LIST_LEN) { in ssl_handshake_init()
1232 if (sig_algs_len < MBEDTLS_SSL_MIN_SIG_ALG_LIST_LEN) { in ssl_handshake_init()
1238 if (ssl->handshake->sig_algs == NULL) { in ssl_handshake_init()
1245 if (hash == MBEDTLS_SSL_HASH_NONE) { in ssl_handshake_init()
1248 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) in ssl_handshake_init()
1252 #if defined(MBEDTLS_RSA_C) in ssl_handshake_init()
1269 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
1313 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in ssl_conf_version_check()
1314 if (mbedtls_ssl_conf_is_tls13_only(conf)) { in ssl_conf_version_check()
1315 if (conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_conf_version_check()
1325 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_conf_version_check()
1326 if (mbedtls_ssl_conf_is_tls12_only(conf)) { in ssl_conf_version_check()
1332 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3) in ssl_conf_version_check()
1333 if (mbedtls_ssl_conf_is_hybrid_tls12_tls13(conf)) { in ssl_conf_version_check()
1334 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_conf_version_check()
1353 if (ret != 0) { in ssl_conf_check()
1357 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in ssl_conf_check()
1360 * If the verification fails, the receiver MUST terminate the handshake with in ssl_conf_check()
1363 * If the client is configured as TLS 1.3 only with optional verify, return in ssl_conf_check()
1367 if (mbedtls_ssl_conf_tls13_is_ephemeral_enabled( in ssl_conf_check()
1380 if (ssl->conf->f_rng == NULL) { in ssl_conf_check()
1403 if ((ret = ssl_conf_check(ssl)) != 0) { in mbedtls_ssl_setup()
1415 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) in mbedtls_ssl_setup()
1419 if (ssl->in_buf == NULL) { in mbedtls_ssl_setup()
1425 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) in mbedtls_ssl_setup()
1429 if (ssl->out_buf == NULL) { in mbedtls_ssl_setup()
1437 #if defined(MBEDTLS_SSL_DTLS_SRTP) in mbedtls_ssl_setup()
1441 if ((ret = ssl_handshake_init(ssl)) != 0) { in mbedtls_ssl_setup()
1453 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) in mbedtls_ssl_setup()
1479 * If partial is non-zero, keep data in the input buffer and client ID.
1485 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) in mbedtls_ssl_session_reset_msg_layer()
1493 #if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) || !defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_session_reset_msg_layer()
1511 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_session_reset_msg_layer()
1516 /* Keep current datagram if partial == 1 */ in mbedtls_ssl_session_reset_msg_layer()
1517 if (partial == 0) { in mbedtls_ssl_session_reset_msg_layer()
1532 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) in mbedtls_ssl_session_reset_msg_layer()
1536 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in mbedtls_ssl_session_reset_msg_layer()
1537 if (ssl->transform) { in mbedtls_ssl_session_reset_msg_layer()
1544 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_session_reset_msg_layer()
1549 if (ssl->handshake != NULL) { in mbedtls_ssl_session_reset_msg_layer()
1550 #if defined(MBEDTLS_SSL_EARLY_DATA) in mbedtls_ssl_session_reset_msg_layer()
1574 #if defined(MBEDTLS_SSL_RENEGOTIATION) in mbedtls_ssl_session_reset_int()
1586 if (ssl->session) { in mbedtls_ssl_session_reset_int()
1592 #if defined(MBEDTLS_SSL_ALPN) in mbedtls_ssl_session_reset_int()
1596 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_session_reset_int()
1598 #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) in mbedtls_ssl_session_reset_int()
1601 if (free_cli_id) { in mbedtls_ssl_session_reset_int()
1608 if ((ret = ssl_handshake_init(ssl)) != 0) { in mbedtls_ssl_session_reset_int()
1637 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
1649 #if defined(MBEDTLS_SSL_PROTO_DTLS)
1670 #if defined(MBEDTLS_X509_CRT_PARSE_C)
1708 #if defined(MBEDTLS_SSL_PROTO_DTLS)
1733 #if defined(MBEDTLS_SSL_SRV_C)
1745 #if defined(MBEDTLS_SSL_CLI_C)
1750 if (ssl == NULL || in mbedtls_ssl_set_session()
1757 if (ssl->handshake->resume == 1) { in mbedtls_ssl_set_session()
1761 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_set_session()
1762 if (session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_set_session()
1766 if (mbedtls_ssl_validate_ciphersuite( in mbedtls_ssl_set_session()
1776 if ((ret = mbedtls_ssl_session_copy(ssl->session_negotiate, in mbedtls_ssl_set_session()
1793 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
1800 #if defined(MBEDTLS_SSL_EARLY_DATA)
1807 #if defined(MBEDTLS_SSL_SRV_C)
1818 #if defined(MBEDTLS_X509_CRT_PARSE_C)
1844 if (cert == NULL) { in ssl_append_key_cert()
1845 /* Free list if cert is null */ in ssl_append_key_cert()
1852 if (new_cert == NULL) { in ssl_append_key_cert()
1860 /* Update head if the list was null, else add to the end */ in ssl_append_key_cert()
1861 if (*head == NULL) { in ssl_append_key_cert()
1888 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) in mbedtls_ssl_conf_ca_chain()
1896 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
1912 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
1936 #if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
1951 #if defined(MBEDTLS_X509_CRT_PARSE_C)
1961 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1963 #if defined(MBEDTLS_USE_PSA_CRYPTO)
1985 if (status != PSA_SUCCESS) { in mbedtls_ssl_set_hs_ecjpake_password_common()
1989 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_set_hs_ecjpake_password_common()
2002 if (status != PSA_SUCCESS) { in mbedtls_ssl_set_hs_ecjpake_password_common()
2007 if (status != PSA_SUCCESS) { in mbedtls_ssl_set_hs_ecjpake_password_common()
2012 if (status != PSA_SUCCESS) { in mbedtls_ssl_set_hs_ecjpake_password_common()
2028 if (ssl->handshake == NULL || ssl->conf == NULL) { in mbedtls_ssl_set_hs_ecjpake_password()
2033 if ((pw == NULL) || (pw_len == 0)) { in mbedtls_ssl_set_hs_ecjpake_password()
2043 if (status != PSA_SUCCESS) { in mbedtls_ssl_set_hs_ecjpake_password()
2049 if (status != PSA_SUCCESS) { in mbedtls_ssl_set_hs_ecjpake_password()
2063 if (ssl->handshake == NULL || ssl->conf == NULL) { in mbedtls_ssl_set_hs_ecjpake_password_opaque()
2067 if (mbedtls_svc_key_id_is_null(pwd)) { in mbedtls_ssl_set_hs_ecjpake_password_opaque()
2072 if (status != PSA_SUCCESS) { in mbedtls_ssl_set_hs_ecjpake_password_opaque()
2086 if (ssl->handshake == NULL || ssl->conf == NULL) { in mbedtls_ssl_set_hs_ecjpake_password()
2091 if ((pw == NULL) || (pw_len == 0)) { in mbedtls_ssl_set_hs_ecjpake_password()
2095 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_set_hs_ecjpake_password()
2110 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
2113 if (conf->psk_identity == NULL || in mbedtls_ssl_conf_has_static_psk()
2118 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_conf_has_static_psk()
2119 if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) { in mbedtls_ssl_conf_has_static_psk()
2124 if (conf->psk != NULL && conf->psk_len != 0) { in mbedtls_ssl_conf_has_static_psk()
2133 /* Remove reference to existing PSK, if any. */ in ssl_conf_remove_psk()
2134 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_conf_remove_psk()
2135 if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) { in ssl_conf_remove_psk()
2141 if (conf->psk != NULL) { in ssl_conf_remove_psk()
2147 /* Remove reference to PSK identity, if any. */ in ssl_conf_remove_psk()
2148 if (conf->psk_identity != NULL) { in ssl_conf_remove_psk()
2165 if (psk_identity == NULL || in ssl_conf_set_psk_identity()
2173 if (conf->psk_identity == NULL) { in ssl_conf_set_psk_identity()
2190 if (mbedtls_ssl_conf_has_static_psk(conf)) { in mbedtls_ssl_conf_psk()
2195 if (psk == NULL) { in mbedtls_ssl_conf_psk()
2198 if (psk_len == 0) { in mbedtls_ssl_conf_psk()
2201 if (psk_len > MBEDTLS_PSK_MAX_LEN) { in mbedtls_ssl_conf_psk()
2205 if ((conf->psk = mbedtls_calloc(1, psk_len)) == NULL) { in mbedtls_ssl_conf_psk()
2213 if (ret != 0) { in mbedtls_ssl_conf_psk()
2222 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_remove_psk()
2223 if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { in ssl_remove_psk()
2226 if (ssl->handshake->psk_opaque_is_internal) { in ssl_remove_psk()
2233 if (ssl->handshake->psk != NULL) { in ssl_remove_psk()
2244 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_set_hs_psk()
2251 if (psk == NULL || ssl->handshake == NULL) { in mbedtls_ssl_set_hs_psk()
2255 if (psk_len > MBEDTLS_PSK_MAX_LEN) { in mbedtls_ssl_set_hs_psk()
2261 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_set_hs_psk()
2262 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in mbedtls_ssl_set_hs_psk()
2263 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { in mbedtls_ssl_set_hs_psk()
2264 if (ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384) { in mbedtls_ssl_set_hs_psk()
2273 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_set_hs_psk()
2274 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_set_hs_psk()
2285 if (status != PSA_SUCCESS) { in mbedtls_ssl_set_hs_psk()
2293 if ((ssl->handshake->psk = mbedtls_calloc(1, psk_len)) == NULL) { in mbedtls_ssl_set_hs_psk()
2304 #if defined(MBEDTLS_USE_PSA_CRYPTO)
2313 if (mbedtls_ssl_conf_has_static_psk(conf)) { in mbedtls_ssl_conf_psk_opaque()
2318 if (mbedtls_svc_key_id_is_null(psk)) { in mbedtls_ssl_conf_psk_opaque()
2326 if (ret != 0) { in mbedtls_ssl_conf_psk_opaque()
2336 if ((mbedtls_svc_key_id_is_null(psk)) || in mbedtls_ssl_set_hs_psk_opaque()
2347 #if defined(MBEDTLS_SSL_SRV_C)
2360 #if defined(MBEDTLS_USE_PSA_CRYPTO)
2364 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) in mbedtls_ssl_get_base_mode()
2365 if (alg == PSA_ALG_CBC_NO_PADDING) { in mbedtls_ssl_get_base_mode()
2369 if (PSA_ALG_IS_AEAD(alg)) { in mbedtls_ssl_get_base_mode()
2380 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) in mbedtls_ssl_get_base_mode()
2381 if (mode == MBEDTLS_MODE_CBC) { in mbedtls_ssl_get_base_mode()
2386 #if defined(MBEDTLS_GCM_C) || \ in mbedtls_ssl_get_base_mode()
2389 if (mode == MBEDTLS_MODE_GCM || in mbedtls_ssl_get_base_mode()
2404 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) in mbedtls_ssl_get_actual_mode()
2405 if (encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED && in mbedtls_ssl_get_actual_mode()
2419 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_get_mode_from_transform()
2427 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) in mbedtls_ssl_get_mode_from_transform()
2434 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) in mbedtls_ssl_get_mode_from_ciphersuite()
2441 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_get_mode_from_ciphersuite()
2448 if (status == PSA_SUCCESS) { in mbedtls_ssl_get_mode_from_ciphersuite()
2454 if (cipher != NULL) { in mbedtls_ssl_get_mode_from_ciphersuite()
2461 #if !defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) in mbedtls_ssl_get_mode_from_ciphersuite()
2467 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
2475 #if !defined(MBEDTLS_SSL_HAVE_CCM) in mbedtls_ssl_cipher_to_psa()
2479 #if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CBC) in mbedtls_ssl_cipher_to_psa()
2486 #if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CCM) in mbedtls_ssl_cipher_to_psa()
2493 #if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_GCM) in mbedtls_ssl_cipher_to_psa()
2500 #if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CCM) in mbedtls_ssl_cipher_to_psa()
2507 #if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_GCM) in mbedtls_ssl_cipher_to_psa()
2514 #if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CBC) in mbedtls_ssl_cipher_to_psa()
2521 #if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CCM) in mbedtls_ssl_cipher_to_psa()
2528 #if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_GCM) in mbedtls_ssl_cipher_to_psa()
2535 #if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CBC) in mbedtls_ssl_cipher_to_psa()
2542 #if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CCM) in mbedtls_ssl_cipher_to_psa()
2549 #if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_GCM) in mbedtls_ssl_cipher_to_psa()
2556 #if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CCM) in mbedtls_ssl_cipher_to_psa()
2563 #if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_GCM) in mbedtls_ssl_cipher_to_psa()
2570 #if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CBC) in mbedtls_ssl_cipher_to_psa()
2577 #if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CCM) in mbedtls_ssl_cipher_to_psa()
2584 #if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_GCM) in mbedtls_ssl_cipher_to_psa()
2591 #if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CBC) in mbedtls_ssl_cipher_to_psa()
2598 #if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CCM) in mbedtls_ssl_cipher_to_psa()
2605 #if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_GCM) in mbedtls_ssl_cipher_to_psa()
2612 #if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CCM) in mbedtls_ssl_cipher_to_psa()
2619 #if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_GCM) in mbedtls_ssl_cipher_to_psa()
2626 #if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CBC) in mbedtls_ssl_cipher_to_psa()
2633 #if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CCM) in mbedtls_ssl_cipher_to_psa()
2640 #if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_GCM) in mbedtls_ssl_cipher_to_psa()
2647 #if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) in mbedtls_ssl_cipher_to_psa()
2667 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
2677 if ((ret = mbedtls_mpi_read_binary(&conf->dhm_P, dhm_P, P_len)) != 0 || in mbedtls_ssl_conf_dh_param_bin()
2694 if ((ret = mbedtls_dhm_get_value(dhm_ctx, MBEDTLS_DHM_PARAM_P, in mbedtls_ssl_conf_dh_param_ctx()
2707 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
2718 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
2719 #if !defined(MBEDTLS_DEPRECATED_REMOVED) && defined(MBEDTLS_SSL_PROTO_TLS1_2)
2734 #if !defined(MBEDTLS_DEPRECATED_REMOVED) in mbedtls_ssl_conf_sig_algs()
2741 #if defined(MBEDTLS_ECP_C)
2742 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
2766 #if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED) in mbedtls_ssl_conf_groups()
2772 #if defined(MBEDTLS_X509_CRT_PARSE_C)
2778 /* Check if new hostname is valid before in mbedtls_ssl_set_hostname()
2780 if (hostname != NULL) { in mbedtls_ssl_set_hostname()
2783 if (hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN) { in mbedtls_ssl_set_hostname()
2791 if (ssl->hostname != NULL) { in mbedtls_ssl_set_hostname()
2797 if (hostname == NULL) { in mbedtls_ssl_set_hostname()
2801 if (ssl->hostname == NULL) { in mbedtls_ssl_set_hostname()
2814 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
2825 #if defined(MBEDTLS_SSL_ALPN)
2841 if ((cur_len == 0) || in mbedtls_ssl_conf_alpn_protocols()
2859 #if defined(MBEDTLS_SSL_DTLS_SRTP)
2870 if (mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH) { in mbedtls_ssl_dtls_srtp_set_mki_value()
2874 if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED) { in mbedtls_ssl_dtls_srtp_set_mki_value()
2894 if (mbedtls_ssl_check_srtp_profile_value(*p) != MBEDTLS_TLS_SRTP_UNSET) { in mbedtls_ssl_conf_dtls_srtp_protection_profiles()
2902 if (list_size > MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH) { in mbedtls_ssl_conf_dtls_srtp_protection_profiles()
2918 /* do not copy the mki value if there is no chosen profile */ in mbedtls_ssl_get_dtls_srtp_negotiation_result()
2919 if (dtls_srtp_info->chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET) { in mbedtls_ssl_get_dtls_srtp_negotiation_result()
2929 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
2941 #if defined(MBEDTLS_SSL_SRV_C)
2949 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
2956 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
2963 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
2966 if (mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID || in mbedtls_ssl_conf_max_frag_len()
2982 #if defined(MBEDTLS_SSL_RENEGOTIATION)
3000 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
3001 #if defined(MBEDTLS_SSL_CLI_C)
3008 #if defined(MBEDTLS_SSL_SRV_C)
3010 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS)
3038 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
3061 if (ssl->handshake == NULL) { in mbedtls_ssl_get_async_operation_data()
3071 if (ssl->handshake != NULL) { in mbedtls_ssl_set_async_operation_data()
3082 if (ssl->session != NULL) { in mbedtls_ssl_get_verify_result()
3086 if (ssl->session_negotiate != NULL) { in mbedtls_ssl_get_verify_result()
3095 if (ssl == NULL || ssl->session == NULL) { in mbedtls_ssl_get_ciphersuite_id_from_ssl()
3104 if (ssl == NULL || ssl->session == NULL) { in mbedtls_ssl_get_ciphersuite()
3113 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_get_version()
3114 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_get_version()
3134 #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
3141 if (ssl->session != NULL && in mbedtls_ssl_get_output_record_size_limit()
3149 if (ssl->session_negotiate != NULL && in mbedtls_ssl_get_output_record_size_limit()
3159 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
3165 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in mbedtls_ssl_get_input_max_frag_len()
3166 /* Use the configured MFL for the client if we're past SERVER_HELLO_DONE */ in mbedtls_ssl_get_input_max_frag_len()
3167 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && in mbedtls_ssl_get_input_max_frag_len()
3173 /* Check if a smaller max length was negotiated */ in mbedtls_ssl_get_input_max_frag_len()
3174 if (ssl->session_out != NULL) { in mbedtls_ssl_get_input_max_frag_len()
3176 if (read_mfl < max_len) { in mbedtls_ssl_get_input_max_frag_len()
3182 if (ssl->session_negotiate != NULL) { in mbedtls_ssl_get_input_max_frag_len()
3184 if (read_mfl < max_len) { in mbedtls_ssl_get_input_max_frag_len()
3201 /* Check if a smaller max length was negotiated */ in mbedtls_ssl_get_output_max_frag_len()
3202 if (ssl->session_out != NULL && in mbedtls_ssl_get_output_max_frag_len()
3208 if (ssl->session_negotiate != NULL && in mbedtls_ssl_get_output_max_frag_len()
3217 #if defined(MBEDTLS_SSL_PROTO_DTLS)
3221 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && in mbedtls_ssl_get_current_mtu()
3227 if (ssl->handshake == NULL || ssl->handshake->mtu == 0) { in mbedtls_ssl_get_current_mtu()
3231 if (ssl->mtu == 0) { in mbedtls_ssl_get_current_mtu()
3244 #if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ in mbedtls_ssl_get_max_out_record_payload()
3250 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) in mbedtls_ssl_get_max_out_record_payload()
3253 if (max_len > mfl) { in mbedtls_ssl_get_max_out_record_payload()
3258 #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) in mbedtls_ssl_get_max_out_record_payload()
3261 if (max_len > record_size_limit) { in mbedtls_ssl_get_max_out_record_payload()
3266 if (ssl->transform_out != NULL && in mbedtls_ssl_get_max_out_record_payload()
3282 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_get_max_out_record_payload()
3283 if (mbedtls_ssl_get_current_mtu(ssl) != 0) { in mbedtls_ssl_get_max_out_record_payload()
3288 if (ret < 0) { in mbedtls_ssl_get_max_out_record_payload()
3292 if (mtu <= overhead) { in mbedtls_ssl_get_max_out_record_payload()
3297 if (max_len > mtu - overhead) { in mbedtls_ssl_get_max_out_record_payload()
3303 #if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ in mbedtls_ssl_get_max_out_record_payload()
3316 #if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) in mbedtls_ssl_get_max_in_record_payload()
3320 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) in mbedtls_ssl_get_max_in_record_payload()
3323 if (max_len > mfl) { in mbedtls_ssl_get_max_in_record_payload()
3331 #if defined(MBEDTLS_X509_CRT_PARSE_C)
3334 if (ssl == NULL || ssl->session == NULL) { in mbedtls_ssl_get_peer_cert()
3338 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) in mbedtls_ssl_get_peer_cert()
3346 #if defined(MBEDTLS_SSL_CLI_C)
3352 if (ssl == NULL || in mbedtls_ssl_get_session()
3368 * and fail if so. in mbedtls_ssl_get_session()
3370 if (ssl->session->exported == 1) { in mbedtls_ssl_get_session()
3375 if (ret != 0) { in mbedtls_ssl_get_session()
3385 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
3398 #if defined(MBEDTLS_HAVE_TIME) in ssl_tls12_session_save()
3401 #if defined(MBEDTLS_X509_CRT_PARSE_C) in ssl_tls12_session_save()
3402 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) in ssl_tls12_session_save()
3410 #if defined(MBEDTLS_HAVE_TIME) in ssl_tls12_session_save()
3413 if (used <= buf_len) { in ssl_tls12_session_save()
3429 if (used <= buf_len) { in ssl_tls12_session_save()
3444 #if defined(MBEDTLS_X509_CRT_PARSE_C) in ssl_tls12_session_save()
3445 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) in ssl_tls12_session_save()
3446 if (session->peer_cert == NULL) { in ssl_tls12_session_save()
3454 if (used <= buf_len) { in ssl_tls12_session_save()
3459 if (session->peer_cert != NULL) { in ssl_tls12_session_save()
3465 if (session->peer_cert_digest != NULL) { in ssl_tls12_session_save()
3467 if (used <= buf_len) { in ssl_tls12_session_save()
3476 if (used <= buf_len) { in ssl_tls12_session_save()
3485 * Session ticket if any, plus associated data in ssl_tls12_session_save()
3487 #if defined(MBEDTLS_SSL_SESSION_TICKETS) in ssl_tls12_session_save()
3488 #if defined(MBEDTLS_SSL_CLI_C) in ssl_tls12_session_save()
3489 if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_tls12_session_save()
3492 if (used <= buf_len) { in ssl_tls12_session_save()
3497 if (session->ticket != NULL) { in ssl_tls12_session_save()
3507 #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) in ssl_tls12_session_save()
3508 if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { in ssl_tls12_session_save()
3511 if (used <= buf_len) { in ssl_tls12_session_save()
3522 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) in ssl_tls12_session_save()
3525 if (used <= buf_len) { in ssl_tls12_session_save()
3530 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) in ssl_tls12_session_save()
3533 if (used <= buf_len) { in ssl_tls12_session_save()
3546 #if defined(MBEDTLS_HAVE_TIME) in ssl_tls12_session_load()
3549 #if defined(MBEDTLS_X509_CRT_PARSE_C) in ssl_tls12_session_load()
3550 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) in ssl_tls12_session_load()
3561 #if defined(MBEDTLS_HAVE_TIME) in ssl_tls12_session_load()
3562 if (8 > (size_t) (end - p)) { in ssl_tls12_session_load()
3575 if (1 + 32 + 48 + 4 > (size_t) (end - p)) { in ssl_tls12_session_load()
3591 #if defined(MBEDTLS_X509_CRT_PARSE_C) in ssl_tls12_session_load()
3592 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) in ssl_tls12_session_load()
3598 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) in ssl_tls12_session_load()
3605 #if defined(MBEDTLS_X509_CRT_PARSE_C) in ssl_tls12_session_load()
3606 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) in ssl_tls12_session_load()
3608 if (3 > (size_t) (end - p)) { in ssl_tls12_session_load()
3615 if (cert_len != 0) { in ssl_tls12_session_load()
3618 if (cert_len > (size_t) (end - p)) { in ssl_tls12_session_load()
3624 if (session->peer_cert == NULL) { in ssl_tls12_session_load()
3630 if ((ret = mbedtls_x509_crt_parse_der(session->peer_cert, in ssl_tls12_session_load()
3642 if (2 > (size_t) (end - p)) { in ssl_tls12_session_load()
3649 if (session->peer_cert_digest_len != 0) { in ssl_tls12_session_load()
3652 if (md_info == NULL) { in ssl_tls12_session_load()
3655 if (session->peer_cert_digest_len != mbedtls_md_get_size(md_info)) { in ssl_tls12_session_load()
3659 if (session->peer_cert_digest_len > (size_t) (end - p)) { in ssl_tls12_session_load()
3665 if (session->peer_cert_digest == NULL) { in ssl_tls12_session_load()
3679 #if defined(MBEDTLS_SSL_SESSION_TICKETS) in ssl_tls12_session_load()
3680 #if defined(MBEDTLS_SSL_CLI_C) in ssl_tls12_session_load()
3681 if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_tls12_session_load()
3682 if (3 > (size_t) (end - p)) { in ssl_tls12_session_load()
3689 if (session->ticket_len != 0) { in ssl_tls12_session_load()
3690 if (session->ticket_len > (size_t) (end - p)) { in ssl_tls12_session_load()
3695 if (session->ticket == NULL) { in ssl_tls12_session_load()
3703 if (4 > (size_t) (end - p)) { in ssl_tls12_session_load()
3711 #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) in ssl_tls12_session_load()
3712 if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { in ssl_tls12_session_load()
3713 if (8 > (size_t) (end - p)) { in ssl_tls12_session_load()
3725 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) in ssl_tls12_session_load()
3726 if (1 > (size_t) (end - p)) { in ssl_tls12_session_load()
3733 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) in ssl_tls12_session_load()
3734 if (1 > (size_t) (end - p)) { in ssl_tls12_session_load()
3742 if (p != end) { in ssl_tls12_session_load()
3751 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
3756 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
3764 #if defined(MBEDTLS_SSL_CLI_C) && \ in ssl_tls13_session_save()
3770 #if defined(MBEDTLS_SSL_SRV_C) && \ in ssl_tls13_session_save()
3781 if (session->resumption_key_len > MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN) { in ssl_tls13_session_save()
3786 #if defined(MBEDTLS_SSL_EARLY_DATA) in ssl_tls13_session_save()
3789 #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) in ssl_tls13_session_save()
3793 #if defined(MBEDTLS_HAVE_TIME) in ssl_tls13_session_save()
3797 #if defined(MBEDTLS_SSL_SRV_C) in ssl_tls13_session_save()
3798 if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { in ssl_tls13_session_save()
3799 #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_ALPN) in ssl_tls13_session_save()
3806 #if defined(MBEDTLS_SSL_CLI_C) in ssl_tls13_session_save()
3807 if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_tls13_session_save()
3808 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) in ssl_tls13_session_save()
3817 if (session->ticket_len > SIZE_MAX - needed) { in ssl_tls13_session_save()
3826 if (needed > buf_len) { in ssl_tls13_session_save()
3839 #if defined(MBEDTLS_SSL_EARLY_DATA) in ssl_tls13_session_save()
3843 #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) in ssl_tls13_session_save()
3848 #if defined(MBEDTLS_SSL_SRV_C) in ssl_tls13_session_save()
3849 if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { in ssl_tls13_session_save()
3850 #if defined(MBEDTLS_HAVE_TIME) in ssl_tls13_session_save()
3855 #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_ALPN) in ssl_tls13_session_save()
3859 if (alpn_len > 0) { in ssl_tls13_session_save()
3868 #if defined(MBEDTLS_SSL_CLI_C) in ssl_tls13_session_save()
3869 if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_tls13_session_save()
3870 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) in ssl_tls13_session_save()
3873 if (hostname_len > 0) { in ssl_tls13_session_save()
3880 #if defined(MBEDTLS_HAVE_TIME) in ssl_tls13_session_save()
3890 if (session->ticket != NULL && session->ticket_len > 0) { in ssl_tls13_session_save()
3907 if (end - p < 6) { in ssl_tls13_session_load()
3917 if (end - p < session->resumption_key_len) { in ssl_tls13_session_load()
3921 if (sizeof(session->resumption_key) < session->resumption_key_len) { in ssl_tls13_session_load()
3927 #if defined(MBEDTLS_SSL_EARLY_DATA) in ssl_tls13_session_load()
3928 if (end - p < 4) { in ssl_tls13_session_load()
3934 #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) in ssl_tls13_session_load()
3935 if (end - p < 2) { in ssl_tls13_session_load()
3942 #if defined(MBEDTLS_SSL_SRV_C) in ssl_tls13_session_load()
3943 if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { in ssl_tls13_session_load()
3944 #if defined(MBEDTLS_HAVE_TIME) in ssl_tls13_session_load()
3945 if (end - p < 8) { in ssl_tls13_session_load()
3952 #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_ALPN) in ssl_tls13_session_load()
3955 if (end - p < 2) { in ssl_tls13_session_load()
3962 if (end - p < (long int) alpn_len) { in ssl_tls13_session_load()
3966 if (alpn_len > 0) { in ssl_tls13_session_load()
3968 if (ret != 0) { in ssl_tls13_session_load()
3977 #if defined(MBEDTLS_SSL_CLI_C) in ssl_tls13_session_load()
3978 if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_tls13_session_load()
3979 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) in ssl_tls13_session_load()
3982 if (end - p < 2) { in ssl_tls13_session_load()
3988 if (end - p < (long int) hostname_len) { in ssl_tls13_session_load()
3991 if (hostname_len > 0) { in ssl_tls13_session_load()
3993 if (session->hostname == NULL) { in ssl_tls13_session_load()
4001 #if defined(MBEDTLS_HAVE_TIME) in ssl_tls13_session_load()
4002 if (end - p < 8) { in ssl_tls13_session_load()
4008 if (end - p < 4) { in ssl_tls13_session_load()
4014 if (end - p < 2) { in ssl_tls13_session_load()
4020 if (end - p < (long int) session->ticket_len) { in ssl_tls13_session_load()
4023 if (session->ticket_len > 0) { in ssl_tls13_session_load()
4025 if (session->ticket == NULL) { in ssl_tls13_session_load()
4073 #if defined(MBEDTLS_HAVE_TIME)
4079 #if defined(MBEDTLS_X509_CRT_PARSE_C)
4085 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
4091 #if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SESSION_TICKETS)
4097 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
4103 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
4109 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
4115 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
4121 #if defined(MBEDTLS_SSL_EARLY_DATA)
4127 #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
4133 #if defined(MBEDTLS_SSL_ALPN) && defined(MBEDTLS_SSL_SRV_C) && \
4186 * #if defined(MBEDTLS_SSL_SESSION_TICKETS)
4193 * #if defined(MBEDTLS_HAVE_TIME)
4200 * #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
4210 * #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
4213 * #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
4222 * #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
4225 * #if defined(MBEDTLS_HAVE_TIME)
4236 * #if defined(MBEDTLS_SSL_EARLY_DATA)
4239 * #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
4245 * #if defined(MBEDTLS_HAVE_TIME)
4248 * #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_ALPN)
4301 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in ssl_session_save()
4305 if (session == NULL) { in ssl_session_save()
4309 if (!omit_header) { in ssl_session_save()
4315 if (used <= buf_len) { in ssl_session_save()
4328 if (used <= buf_len) { in ssl_session_save()
4338 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_session_save()
4344 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in ssl_session_save()
4347 if (ret != 0 && ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { in ssl_session_save()
4359 if (used > buf_len) { in ssl_session_save()
4394 if (session == NULL) { in ssl_session_load()
4398 if (!omit_header) { in ssl_session_load()
4403 if ((size_t) (end - p) < sizeof(ssl_serialized_session_header)) { in ssl_session_load()
4407 if (memcmp(p, ssl_serialized_session_header, in ssl_session_load()
4417 if (4 > (size_t) (end - p)) { in ssl_session_load()
4428 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_session_load()
4433 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in ssl_session_load()
4452 if (ret != 0) { in mbedtls_ssl_session_load()
4470 * if the write to the network callback returned with the in ssl_prepare_handshake_step()
4482 if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { in ssl_prepare_handshake_step()
4486 #if defined(MBEDTLS_SSL_PROTO_DTLS) in ssl_prepare_handshake_step()
4487 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_prepare_handshake_step()
4489 if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { in ssl_prepare_handshake_step()
4502 if (ssl == NULL || in mbedtls_ssl_handshake_step()
4510 if (ret != 0) { in mbedtls_ssl_handshake_step()
4515 if (ret != 0) { in mbedtls_ssl_handshake_step()
4519 /* If ssl->conf->endpoint is not one of MBEDTLS_SSL_IS_CLIENT or in mbedtls_ssl_handshake_step()
4523 #if defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_handshake_step()
4524 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_handshake_step()
4539 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_handshake_step()
4540 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_handshake_step()
4554 #if defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_handshake_step()
4555 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_handshake_step()
4556 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_handshake_step()
4557 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_handshake_step()
4570 if (ret != 0) { in mbedtls_ssl_handshake_step()
4574 if (ssl->send_alert) { in mbedtls_ssl_handshake_step()
4593 if (ssl == NULL || ssl->conf == NULL) { in mbedtls_ssl_handshake()
4597 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_handshake()
4598 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_handshake()
4612 if (ret != 0) { in mbedtls_ssl_handshake()
4622 #if defined(MBEDTLS_SSL_RENEGOTIATION)
4623 #if defined(MBEDTLS_SSL_SRV_C)
4638 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in ssl_write_hello_request()
4655 * If the handshake doesn't complete due to waiting for I/O, it will continue
4664 if ((ret = ssl_handshake_init(ssl)) != 0) { in mbedtls_ssl_start_renegotiation()
4670 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_start_renegotiation()
4671 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_start_renegotiation()
4673 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_start_renegotiation()
4684 if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { in mbedtls_ssl_start_renegotiation()
4702 if (ssl == NULL || ssl->conf == NULL) { in mbedtls_ssl_renegotiate()
4706 #if defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_renegotiate()
4708 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_renegotiate()
4709 if (mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_renegotiate()
4716 if (ssl->out_left != 0) { in mbedtls_ssl_renegotiate()
4724 #if defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_renegotiate()
4727 * if already in progress, continue the handshake in mbedtls_ssl_renegotiate()
4729 if (ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { in mbedtls_ssl_renegotiate()
4730 if (mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_renegotiate()
4734 if ((ret = mbedtls_ssl_start_renegotiation(ssl)) != 0) { in mbedtls_ssl_renegotiate()
4739 if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { in mbedtls_ssl_renegotiate()
4754 if (handshake == NULL) { in mbedtls_ssl_handshake_free()
4758 #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) in mbedtls_ssl_handshake_free()
4759 #if !defined(MBEDTLS_DEPRECATED_REMOVED) in mbedtls_ssl_handshake_free()
4760 if (ssl->handshake->group_list_heap_allocated) { in mbedtls_ssl_handshake_free()
4767 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in mbedtls_ssl_handshake_free()
4768 #if !defined(MBEDTLS_DEPRECATED_REMOVED) in mbedtls_ssl_handshake_free()
4769 if (ssl->handshake->sig_algs_heap_allocated) { in mbedtls_ssl_handshake_free()
4774 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_handshake_free()
4775 if (ssl->handshake->certificate_request_context) { in mbedtls_ssl_handshake_free()
4781 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) in mbedtls_ssl_handshake_free()
4782 if (ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0) { in mbedtls_ssl_handshake_free()
4788 #if defined(MBEDTLS_MD_CAN_SHA256) in mbedtls_ssl_handshake_free()
4789 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_handshake_free()
4795 #if defined(MBEDTLS_MD_CAN_SHA384) in mbedtls_ssl_handshake_free()
4796 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_handshake_free()
4803 #if defined(MBEDTLS_DHM_C) in mbedtls_ssl_handshake_free()
4806 #if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ in mbedtls_ssl_handshake_free()
4811 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) in mbedtls_ssl_handshake_free()
4812 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_handshake_free()
4819 if (!mbedtls_svc_key_id_is_null(handshake->psa_pake_password)) { in mbedtls_ssl_handshake_free()
4826 #if defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_handshake_free()
4833 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) || \ in mbedtls_ssl_handshake_free()
4840 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in mbedtls_ssl_handshake_free()
4841 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_handshake_free()
4842 if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { in mbedtls_ssl_handshake_free()
4845 if (ssl->handshake->psk_opaque_is_internal) { in mbedtls_ssl_handshake_free()
4852 if (handshake->psk != NULL) { in mbedtls_ssl_handshake_free()
4858 #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ in mbedtls_ssl_handshake_free()
4867 #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) in mbedtls_ssl_handshake_free()
4869 if (handshake->ecrs_peer_cert != NULL) { in mbedtls_ssl_handshake_free()
4875 #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ in mbedtls_ssl_handshake_free()
4880 #if defined(MBEDTLS_SSL_CLI_C) && \ in mbedtls_ssl_handshake_free()
4886 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_handshake_free()
4891 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_ANY_ENABLED) in mbedtls_ssl_handshake_free()
4892 if (handshake->xxdh_psa_privkey_is_external == 0) { in mbedtls_ssl_handshake_free()
4897 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_handshake_free()
4900 #if defined(MBEDTLS_SSL_EARLY_DATA) in mbedtls_ssl_handshake_free()
4907 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) in mbedtls_ssl_handshake_free()
4908 /* If the buffers are too big - reallocate. Because of the way Mbed TLS in mbedtls_ssl_handshake_free()
4923 if (session == NULL) { in mbedtls_ssl_session_free()
4927 #if defined(MBEDTLS_X509_CRT_PARSE_C) in mbedtls_ssl_session_free()
4931 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_session_free()
4932 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ in mbedtls_ssl_session_free()
4939 #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_ALPN) && \ in mbedtls_ssl_session_free()
4947 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
4949 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
4957 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
4963 #if defined(MBEDTLS_SSL_ALPN)
5053 if (mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_context_save()
5057 if (ssl->handshake != NULL) { in mbedtls_ssl_context_save()
5062 if (ssl->transform == NULL || ssl->session == NULL) { in mbedtls_ssl_context_save()
5067 if (mbedtls_ssl_check_pending(ssl) != 0) { in mbedtls_ssl_context_save()
5071 if (ssl->out_left != 0) { in mbedtls_ssl_context_save()
5076 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_context_save()
5081 if (ssl->tls_version != MBEDTLS_SSL_VERSION_TLS1_2) { in mbedtls_ssl_context_save()
5086 if (mbedtls_ssl_transform_uses_aead(ssl->transform) != 1) { in mbedtls_ssl_context_save()
5091 #if defined(MBEDTLS_SSL_RENEGOTIATION) in mbedtls_ssl_context_save()
5092 if (ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED) { in mbedtls_ssl_context_save()
5103 if (used <= buf_len) { in mbedtls_ssl_context_save()
5113 if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { in mbedtls_ssl_context_save()
5118 if (used <= buf_len) { in mbedtls_ssl_context_save()
5124 if (ret != 0) { in mbedtls_ssl_context_save()
5135 if (used <= buf_len) { in mbedtls_ssl_context_save()
5141 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in mbedtls_ssl_context_save()
5143 if (used <= buf_len) { in mbedtls_ssl_context_save()
5158 if (used <= buf_len) { in mbedtls_ssl_context_save()
5163 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) in mbedtls_ssl_context_save()
5165 if (used <= buf_len) { in mbedtls_ssl_context_save()
5174 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_context_save()
5176 if (used <= buf_len) { in mbedtls_ssl_context_save()
5182 if (used <= buf_len) { in mbedtls_ssl_context_save()
5187 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_context_save()
5189 if (used <= buf_len) { in mbedtls_ssl_context_save()
5195 #if defined(MBEDTLS_SSL_ALPN) in mbedtls_ssl_context_save()
5202 if (used <= buf_len) { in mbedtls_ssl_context_save()
5205 if (ssl->alpn_chosen != NULL) { in mbedtls_ssl_context_save()
5218 if (used > buf_len) { in mbedtls_ssl_context_save()
5242 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_context_load()
5249 * (Checking session is useful because it won't be NULL if we're in ssl_context_load()
5250 * renegotiating, or if the user mistakenly loaded a session first.) in ssl_context_load()
5252 if (ssl->state != MBEDTLS_SSL_HELLO_REQUEST || in ssl_context_load()
5261 if ( in ssl_context_load()
5262 #if defined(MBEDTLS_SSL_RENEGOTIATION) in ssl_context_load()
5277 if ((size_t) (end - p) < sizeof(ssl_serialized_context_header)) { in ssl_context_load()
5281 if (memcmp(p, ssl_serialized_context_header, in ssl_context_load()
5290 if ((size_t) (end - p) < 4) { in ssl_context_load()
5304 if ((size_t) (end - p) < session_len) { in ssl_context_load()
5309 if (ret != 0) { in ssl_context_load()
5322 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_context_load()
5329 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in ssl_context_load()
5331 if (prf_func == NULL) { in ssl_context_load()
5336 if ((size_t) (end - p) < sizeof(ssl->transform->randbytes)) { in ssl_context_load()
5343 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) in ssl_context_load()
5351 if (ret != 0) { in ssl_context_load()
5357 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in ssl_context_load()
5359 if ((size_t) (end - p) < 1) { in ssl_context_load()
5365 if ((size_t) (end - p) < ssl->transform->in_cid_len + 1u) { in ssl_context_load()
5374 if ((size_t) (end - p) < ssl->transform->out_cid_len) { in ssl_context_load()
5385 if ((size_t) (end - p) < 4) { in ssl_context_load()
5392 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) in ssl_context_load()
5393 if ((size_t) (end - p) < 16) { in ssl_context_load()
5404 #if defined(MBEDTLS_SSL_PROTO_DTLS) in ssl_context_load()
5405 if ((size_t) (end - p) < 1) { in ssl_context_load()
5412 if ((size_t) (end - p) < sizeof(ssl->cur_out_ctr)) { in ssl_context_load()
5418 #if defined(MBEDTLS_SSL_PROTO_DTLS) in ssl_context_load()
5419 if ((size_t) (end - p) < 2) { in ssl_context_load()
5427 #if defined(MBEDTLS_SSL_ALPN) in ssl_context_load()
5432 if ((size_t) (end - p) < 1) { in ssl_context_load()
5438 if (alpn_len != 0 && ssl->conf->alpn_list != NULL) { in ssl_context_load()
5441 if (strlen(*cur) == alpn_len && in ssl_context_load()
5450 if (alpn_len != 0 && ssl->alpn_chosen == NULL) { in ssl_context_load()
5471 #if defined(MBEDTLS_SSL_PROTO_DTLS) in ssl_context_load()
5479 if (ssl->handshake != NULL) { in ssl_context_load()
5488 if (p != end) { in ssl_context_load()
5504 if (ret != 0) { in mbedtls_ssl_context_load()
5517 if (ssl == NULL) { in mbedtls_ssl_free()
5523 if (ssl->out_buf != NULL) { in mbedtls_ssl_free()
5524 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) in mbedtls_ssl_free()
5534 if (ssl->in_buf != NULL) { in mbedtls_ssl_free()
5535 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) in mbedtls_ssl_free()
5545 if (ssl->transform) { in mbedtls_ssl_free()
5550 if (ssl->handshake) { in mbedtls_ssl_free()
5554 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in mbedtls_ssl_free()
5563 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_free()
5568 if (ssl->session) { in mbedtls_ssl_free()
5573 #if defined(MBEDTLS_X509_CRT_PARSE_C) in mbedtls_ssl_free()
5574 if (ssl->hostname != NULL) { in mbedtls_ssl_free()
5579 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_free()
5604 #if defined(MBEDTLS_ECP_HAVE_CURVE25519)
5607 #if defined(MBEDTLS_ECP_HAVE_SECP256R1)
5610 #if defined(MBEDTLS_ECP_HAVE_SECP384R1)
5613 #if defined(MBEDTLS_ECP_HAVE_CURVE448)
5616 #if defined(MBEDTLS_ECP_HAVE_SECP521R1)
5619 #if defined(MBEDTLS_ECP_HAVE_BP256R1)
5622 #if defined(MBEDTLS_ECP_HAVE_BP384R1)
5625 #if defined(MBEDTLS_ECP_HAVE_BP512R1)
5628 #if defined(PSA_WANT_ALG_FFDH)
5644 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
5650 * - But if there is a good reason, do not change the order of the algorithms.
5656 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \
5663 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \
5670 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \
5677 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && defined(MBEDTLS_MD_CAN_SHA512)
5681 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && defined(MBEDTLS_MD_CAN_SHA384)
5685 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && defined(MBEDTLS_MD_CAN_SHA256)
5689 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA512)
5693 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA384)
5697 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
5705 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
5708 #if defined(MBEDTLS_MD_CAN_SHA512)
5709 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED)
5712 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
5715 #if defined(MBEDTLS_RSA_C)
5720 #if defined(MBEDTLS_MD_CAN_SHA384)
5721 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED)
5724 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
5727 #if defined(MBEDTLS_RSA_C)
5732 #if defined(MBEDTLS_MD_CAN_SHA256)
5733 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED)
5736 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
5739 #if defined(MBEDTLS_RSA_C)
5751 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \
5758 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \
5769 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
5772 #if defined(MBEDTLS_MD_CAN_SHA256)
5773 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED)
5778 #if defined(MBEDTLS_MD_CAN_SHA384)
5779 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED)
5791 #if defined(MBEDTLS_ECP_HAVE_SECP256R1)
5794 #if defined(MBEDTLS_ECP_HAVE_SECP384R1)
5800 #if defined(MBEDTLS_DEBUG_C) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
5811 if (sig_algs[i] != sig_algs[j]) { in ssl_check_no_sig_alg_duplication()
5831 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_config_defaults()
5835 #if defined(MBEDTLS_DEBUG_C) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in mbedtls_ssl_config_defaults()
5836 if (ssl_check_no_sig_alg_duplication(ssl_preset_suiteb_sig_algs)) { in mbedtls_ssl_config_defaults()
5841 if (ssl_check_no_sig_alg_duplication(ssl_preset_default_sig_algs)) { in mbedtls_ssl_config_defaults()
5846 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in mbedtls_ssl_config_defaults()
5847 if (ssl_check_no_sig_alg_duplication(ssl_tls12_preset_suiteb_sig_algs)) { in mbedtls_ssl_config_defaults()
5852 if (ssl_check_no_sig_alg_duplication(ssl_tls12_preset_default_sig_algs)) { in mbedtls_ssl_config_defaults()
5867 #if defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_config_defaults()
5868 if (endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_config_defaults()
5870 #if defined(MBEDTLS_SSL_SESSION_TICKETS) in mbedtls_ssl_config_defaults()
5876 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) in mbedtls_ssl_config_defaults()
5880 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) in mbedtls_ssl_config_defaults()
5884 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_config_defaults()
5889 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) in mbedtls_ssl_config_defaults()
5893 #if defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_config_defaults()
5898 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_config_defaults()
5903 #if defined(MBEDTLS_SSL_RENEGOTIATION) in mbedtls_ssl_config_defaults()
5909 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_config_defaults()
5910 if (endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_config_defaults()
5916 if ((ret = mbedtls_ssl_conf_dh_param_bin(conf, in mbedtls_ssl_config_defaults()
5924 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_config_defaults()
5926 #if defined(MBEDTLS_SSL_EARLY_DATA) in mbedtls_ssl_config_defaults()
5928 #if defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_config_defaults()
5933 #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SESSION_TICKETS) in mbedtls_ssl_config_defaults()
5943 if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_config_defaults()
5944 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in mbedtls_ssl_config_defaults()
5951 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_config_defaults()
5976 #if defined(MBEDTLS_X509_CRT_PARSE_C) in mbedtls_ssl_config_defaults()
5980 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in mbedtls_ssl_config_defaults()
5981 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in mbedtls_ssl_config_defaults()
5982 if (mbedtls_ssl_conf_is_tls12_only(conf)) { in mbedtls_ssl_config_defaults()
5989 #if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED) in mbedtls_ssl_config_defaults()
6002 #if defined(MBEDTLS_X509_CRT_PARSE_C) in mbedtls_ssl_config_defaults()
6006 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in mbedtls_ssl_config_defaults()
6007 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in mbedtls_ssl_config_defaults()
6008 if (mbedtls_ssl_conf_is_tls12_only(conf)) { in mbedtls_ssl_config_defaults()
6015 #if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED) in mbedtls_ssl_config_defaults()
6020 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_config_defaults()
6033 #if defined(MBEDTLS_DHM_C) in mbedtls_ssl_config_free()
6038 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in mbedtls_ssl_config_free()
6039 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_config_free()
6040 if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) { in mbedtls_ssl_config_free()
6044 if (conf->psk != NULL) { in mbedtls_ssl_config_free()
6050 if (conf->psk_identity != NULL) { in mbedtls_ssl_config_free()
6057 #if defined(MBEDTLS_X509_CRT_PARSE_C) in mbedtls_ssl_config_free()
6064 #if defined(MBEDTLS_PK_C) && \
6071 #if defined(MBEDTLS_RSA_C) in mbedtls_ssl_sig_from_pk()
6072 if (mbedtls_pk_can_do(pk, MBEDTLS_PK_RSA)) { in mbedtls_ssl_sig_from_pk()
6076 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) in mbedtls_ssl_sig_from_pk()
6077 if (mbedtls_pk_can_do(pk, MBEDTLS_PK_ECDSA)) { in mbedtls_ssl_sig_from_pk()
6100 #if defined(MBEDTLS_RSA_C) in mbedtls_ssl_pk_alg_from_sig()
6104 #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) in mbedtls_ssl_pk_alg_from_sig()
6121 #if defined(MBEDTLS_MD_CAN_MD5) in mbedtls_ssl_md_alg_from_hash()
6125 #if defined(MBEDTLS_MD_CAN_SHA1) in mbedtls_ssl_md_alg_from_hash()
6129 #if defined(MBEDTLS_MD_CAN_SHA224) in mbedtls_ssl_md_alg_from_hash()
6133 #if defined(MBEDTLS_MD_CAN_SHA256) in mbedtls_ssl_md_alg_from_hash()
6137 #if defined(MBEDTLS_MD_CAN_SHA384) in mbedtls_ssl_md_alg_from_hash()
6141 #if defined(MBEDTLS_MD_CAN_SHA512) in mbedtls_ssl_md_alg_from_hash()
6156 #if defined(MBEDTLS_MD_CAN_MD5) in mbedtls_ssl_hash_from_md_alg()
6160 #if defined(MBEDTLS_MD_CAN_SHA1) in mbedtls_ssl_hash_from_md_alg()
6164 #if defined(MBEDTLS_MD_CAN_SHA224) in mbedtls_ssl_hash_from_md_alg()
6168 #if defined(MBEDTLS_MD_CAN_SHA256) in mbedtls_ssl_hash_from_md_alg()
6172 #if defined(MBEDTLS_MD_CAN_SHA384) in mbedtls_ssl_hash_from_md_alg()
6176 #if defined(MBEDTLS_MD_CAN_SHA512) in mbedtls_ssl_hash_from_md_alg()
6186 * Check if a curve proposed by the peer is in our list.
6187 * Return 0 if we're willing to use it, -1 otherwise.
6193 if (group_list == NULL) { in mbedtls_ssl_check_curve_tls_id()
6198 if (*group_list == tls_id) { in mbedtls_ssl_check_curve_tls_id()
6206 #if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
6214 if (tls_id == 0) { in mbedtls_ssl_check_curve()
6229 #if defined(MBEDTLS_ECP_HAVE_SECP521R1)
6232 #if defined(MBEDTLS_ECP_HAVE_BP512R1)
6235 #if defined(MBEDTLS_ECP_HAVE_SECP384R1)
6238 #if defined(MBEDTLS_ECP_HAVE_BP384R1)
6241 #if defined(MBEDTLS_ECP_HAVE_SECP256R1)
6244 #if defined(MBEDTLS_ECP_HAVE_SECP256K1)
6247 #if defined(MBEDTLS_ECP_HAVE_BP256R1)
6250 #if defined(MBEDTLS_ECP_HAVE_SECP224R1)
6253 #if defined(MBEDTLS_ECP_HAVE_SECP224K1)
6256 #if defined(MBEDTLS_ECP_HAVE_SECP192R1)
6259 #if defined(MBEDTLS_ECP_HAVE_SECP192K1)
6262 #if defined(MBEDTLS_ECP_HAVE_CURVE25519)
6265 #if defined(MBEDTLS_ECP_HAVE_CURVE448)
6276 if (tls_id_match_table[i].tls_id == tls_id) { in mbedtls_ssl_get_psa_curve_info_from_tls_id()
6277 if (type != NULL) { in mbedtls_ssl_get_psa_curve_info_from_tls_id()
6280 if (bits != NULL) { in mbedtls_ssl_get_psa_curve_info_from_tls_id()
6293 if (tls_id_match_table[i].tls_id == tls_id) { in mbedtls_ssl_get_ecp_group_id_from_tls_id()
6305 if (tls_id_match_table[i].ecp_group_id == grp_id) { in mbedtls_ssl_get_tls_id_from_ecp_group_id()
6313 #if defined(MBEDTLS_DEBUG_C)
6338 if (tls_id_curve_name_table[i].tls_id == tls_id) { in mbedtls_ssl_get_curve_name_from_tls_id()
6347 #if defined(MBEDTLS_X509_CRT_PARSE_C)
6358 if (cert_endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_check_cert_usage()
6390 if (mbedtls_x509_crt_check_key_usage(cert, usage) != 0) { in mbedtls_ssl_check_cert_usage()
6395 if (cert_endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_check_cert_usage()
6403 if (mbedtls_x509_crt_check_extended_key_usage(cert, ext_oid, ext_len) != 0) { in mbedtls_ssl_check_cert_usage()
6412 #if defined(MBEDTLS_USE_PSA_CRYPTO)
6426 #if defined(MBEDTLS_MD_CAN_SHA384) in mbedtls_ssl_get_handshake_transcript()
6432 #if defined(MBEDTLS_MD_CAN_SHA256) in mbedtls_ssl_get_handshake_transcript()
6443 if (status != PSA_SUCCESS) { in mbedtls_ssl_get_handshake_transcript()
6448 if (status != PSA_SUCCESS) { in mbedtls_ssl_get_handshake_transcript()
6453 #if !defined(MBEDTLS_MD_CAN_SHA384) && \ in mbedtls_ssl_get_handshake_transcript()
6461 #if defined(MBEDTLS_MD_CAN_SHA384)
6471 if (dst_len < 48) { in ssl_get_handshake_transcript_sha384()
6477 if (ret != 0) { in ssl_get_handshake_transcript_sha384()
6481 if (ret != 0) { in ssl_get_handshake_transcript_sha384()
6485 if ((ret = mbedtls_md_finish(&sha384, dst)) != 0) { in ssl_get_handshake_transcript_sha384()
6499 #if defined(MBEDTLS_MD_CAN_SHA256)
6509 if (dst_len < 32) { in ssl_get_handshake_transcript_sha256()
6515 if (ret != 0) { in ssl_get_handshake_transcript_sha256()
6519 if (ret != 0) { in ssl_get_handshake_transcript_sha256()
6523 if ((ret = mbedtls_md_finish(&sha256, dst)) != 0) { in ssl_get_handshake_transcript_sha256()
6545 #if defined(MBEDTLS_MD_CAN_SHA384) in mbedtls_ssl_get_handshake_transcript()
6550 #if defined(MBEDTLS_MD_CAN_SHA256) in mbedtls_ssl_get_handshake_transcript()
6556 #if !defined(MBEDTLS_MD_CAN_SHA384) && \ in mbedtls_ssl_get_handshake_transcript()
6570 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
6637 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) in mbedtls_ssl_parse_sig_alg_ext()
6638 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2 && in mbedtls_ssl_parse_sig_alg_ext()
6648 if (common_idx + 1 < MBEDTLS_RECEIVED_SIG_ALGS_SIZE) { in mbedtls_ssl_parse_sig_alg_ext()
6654 if (p != end) { in mbedtls_ssl_parse_sig_alg_ext()
6662 if (common_idx == 0) { in mbedtls_ssl_parse_sig_alg_ext()
6675 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
6677 #if defined(MBEDTLS_USE_PSA_CRYPTO)
6692 if (status != PSA_SUCCESS) { in setup_psa_key_derivation()
6696 if (PSA_ALG_IS_TLS12_PRF(alg) || PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) { in setup_psa_key_derivation()
6700 if (status != PSA_SUCCESS) { in setup_psa_key_derivation()
6704 if (other_secret != NULL) { in setup_psa_key_derivation()
6708 if (status != PSA_SUCCESS) { in setup_psa_key_derivation()
6713 if (mbedtls_svc_key_id_is_null(key)) { in setup_psa_key_derivation()
6721 if (status != PSA_SUCCESS) { in setup_psa_key_derivation()
6728 if (status != PSA_SUCCESS) { in setup_psa_key_derivation()
6736 if (status != PSA_SUCCESS) { in setup_psa_key_derivation()
6743 #if defined(PSA_WANT_ALG_SHA_384) || \
6758 if (md_type == MBEDTLS_MD_SHA384) { in tls_prf_generic()
6771 if (slen != 0) { in tls_prf_generic()
6778 if (status != PSA_SUCCESS) { in tls_prf_generic()
6791 if (status != PSA_SUCCESS) { in tls_prf_generic()
6798 if (status != PSA_SUCCESS) { in tls_prf_generic()
6805 if (status != PSA_SUCCESS) { in tls_prf_generic()
6810 if (!mbedtls_svc_key_id_is_null(master_key)) { in tls_prf_generic()
6813 if (status != PSA_SUCCESS) { in tls_prf_generic()
6822 #if defined(MBEDTLS_MD_C) && \
6843 if ((md_info = mbedtls_md_info_from_type(md_type)) == NULL) { in tls_prf_generic()
6851 if (tmp == NULL) { in tls_prf_generic()
6864 if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) { in tls_prf_generic()
6869 if (ret != 0) { in tls_prf_generic()
6873 if (ret != 0) { in tls_prf_generic()
6877 if (ret != 0) { in tls_prf_generic()
6883 if (ret != 0) { in tls_prf_generic()
6887 if (ret != 0) { in tls_prf_generic()
6891 if (ret != 0) { in tls_prf_generic()
6896 if (ret != 0) { in tls_prf_generic()
6900 if (ret != 0) { in tls_prf_generic()
6904 if (ret != 0) { in tls_prf_generic()
6918 if (tmp != NULL) { in tls_prf_generic()
6931 #if defined(MBEDTLS_MD_CAN_SHA256)
6943 #if defined(MBEDTLS_MD_CAN_SHA384)
6968 #if defined(MBEDTLS_MD_CAN_SHA384) in ssl_set_handshake_prfs()
6969 if (hash == MBEDTLS_MD_SHA384) { in ssl_set_handshake_prfs()
6975 #if defined(MBEDTLS_MD_CAN_SHA256) in ssl_set_handshake_prfs()
6994 * Compute master secret if needed
7018 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) in ssl_compute_master()
7029 * - If the Extended Master Secret extension is not used, in ssl_compute_master()
7032 * - If the Extended Master Secret extension is used, in ssl_compute_master()
7038 #if !defined(MBEDTLS_DEBUG_C) && \ in ssl_compute_master()
7046 if (handshake->resume != 0) { in ssl_compute_master()
7051 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) in ssl_compute_master()
7052 if (handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED) { in ssl_compute_master()
7056 if (ret != 0) { in ssl_compute_master()
7065 #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ in ssl_compute_master()
7067 if (mbedtls_ssl_ciphersuite_uses_psk(handshake->ciphersuite_info) == 1) { in ssl_compute_master()
7080 if (hash_alg == MBEDTLS_MD_SHA384) { in ssl_compute_master()
7115 if (status != PSA_SUCCESS) { in ssl_compute_master()
7123 if (status != PSA_SUCCESS) { in ssl_compute_master()
7129 if (status != PSA_SUCCESS) { in ssl_compute_master()
7135 #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ in ssl_compute_master()
7137 if (handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) { in ssl_compute_master()
7148 if (status != PSA_SUCCESS) { in ssl_compute_master()
7154 if (status != PSA_SUCCESS) { in ssl_compute_master()
7161 if (status != PSA_SUCCESS) { in ssl_compute_master()
7169 if (status != PSA_SUCCESS) { in ssl_compute_master()
7175 if (status != PSA_SUCCESS) { in ssl_compute_master()
7184 if (ret != 0) { in ssl_compute_master()
7211 if (ret != 0) { in mbedtls_ssl_derive_keys()
7216 /* Compute master secret if needed */ in mbedtls_ssl_derive_keys()
7220 if (ret != 0) { in mbedtls_ssl_derive_keys()
7240 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) in mbedtls_ssl_derive_keys()
7248 if (ret != 0) { in mbedtls_ssl_derive_keys()
7265 #if defined(MBEDTLS_MD_CAN_SHA384) in mbedtls_ssl_set_calc_verify_md()
7270 #if defined(MBEDTLS_MD_CAN_SHA256) in mbedtls_ssl_set_calc_verify_md()
7278 #if !defined(MBEDTLS_MD_CAN_SHA384) && \ in mbedtls_ssl_set_calc_verify_md()
7285 #if defined(MBEDTLS_USE_PSA_CRYPTO)
7295 #if !defined(MBEDTLS_DEBUG_C) in ssl_calc_verify_tls_psa()
7300 if (status != PSA_SUCCESS) { in ssl_calc_verify_tls_psa()
7305 if (status != PSA_SUCCESS) { in ssl_calc_verify_tls_psa()
7327 #if !defined(MBEDTLS_DEBUG_C) in ssl_calc_verify_tls_legacy()
7333 if (ret != 0) { in ssl_calc_verify_tls_legacy()
7337 if (ret != 0) { in ssl_calc_verify_tls_legacy()
7342 if (ret != 0) { in ssl_calc_verify_tls_legacy()
7357 #if defined(MBEDTLS_MD_CAN_SHA256)
7362 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_calc_verify_tls_sha256()
7372 #if defined(MBEDTLS_MD_CAN_SHA384)
7377 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_calc_verify_tls_sha384()
7387 #if !defined(MBEDTLS_USE_PSA_CRYPTO) && \
7397 if (psk_ret == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED) { in mbedtls_ssl_psk_derive_premaster()
7405 if (key_ex != MBEDTLS_KEY_EXCHANGE_DHE_PSK) { in mbedtls_ssl_psk_derive_premaster()
7418 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) in mbedtls_ssl_psk_derive_premaster()
7419 if (key_ex == MBEDTLS_KEY_EXCHANGE_PSK) { in mbedtls_ssl_psk_derive_premaster()
7420 if (end - p < 2) { in mbedtls_ssl_psk_derive_premaster()
7427 if (end < p || (size_t) (end - p) < psk_len) { in mbedtls_ssl_psk_derive_premaster()
7435 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) in mbedtls_ssl_psk_derive_premaster()
7436 if (key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { in mbedtls_ssl_psk_derive_premaster()
7441 if (end - p < 2) { in mbedtls_ssl_psk_derive_premaster()
7450 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) in mbedtls_ssl_psk_derive_premaster()
7451 if (key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK) { in mbedtls_ssl_psk_derive_premaster()
7456 if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, in mbedtls_ssl_psk_derive_premaster()
7468 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) in mbedtls_ssl_psk_derive_premaster()
7469 if (key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) { in mbedtls_ssl_psk_derive_premaster()
7473 if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, &zlen, in mbedtls_ssl_psk_derive_premaster()
7493 if (end - p < 2) { in mbedtls_ssl_psk_derive_premaster()
7500 if (end < p || (size_t) (end - p) < psk_len) { in mbedtls_ssl_psk_derive_premaster()
7513 #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION)
7517 #if defined(MBEDTLS_SSL_PROTO_DTLS)
7520 /* If renegotiation is not enforced, retransmit until we would reach max in mbedtls_ssl_resend_hello_request()
7521 * timeout if we were using the usual handshake doubling scheme */ in mbedtls_ssl_resend_hello_request()
7522 if (ssl->conf->renego_max_records < 0) { in mbedtls_ssl_resend_hello_request()
7531 if (++ssl->renego_records_seen > doublings) { in mbedtls_ssl_resend_hello_request()
7545 #if !defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
7554 if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { in mbedtls_ssl_write_certificate()
7571 if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { in mbedtls_ssl_parse_certificate()
7594 if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { in mbedtls_ssl_write_certificate()
7600 #if defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_write_certificate()
7601 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_write_certificate()
7602 if (ssl->handshake->client_auth == 0) { in mbedtls_ssl_write_certificate()
7609 #if defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_write_certificate()
7610 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_write_certificate()
7611 if (mbedtls_ssl_own_cert(ssl) == NULL) { in mbedtls_ssl_write_certificate()
7613 * ciphersuite if we don't have a certificate. */ in mbedtls_ssl_write_certificate()
7635 if (n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i) { in mbedtls_ssl_write_certificate()
7660 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in mbedtls_ssl_write_certificate()
7670 #if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
7672 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
7680 if (peer_crt == NULL) { in ssl_check_peer_crt_unchanged()
7684 if (peer_crt->raw.len != crt_buf_len) { in ssl_check_peer_crt_unchanged()
7706 if (peer_cert_digest == NULL || digest_info == NULL) { in ssl_check_peer_crt_unchanged()
7711 if (digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN) { in ssl_check_peer_crt_unchanged()
7716 if (ret != 0) { in ssl_check_peer_crt_unchanged()
7734 #if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) in ssl_parse_certificate_chain()
7740 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in ssl_parse_certificate_chain()
7747 if (ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE) { in ssl_parse_certificate_chain()
7753 if (ssl->in_hslen < mbedtls_ssl_hs_hdr_len(ssl) + 3 + 3) { in ssl_parse_certificate_chain()
7767 if (ssl->in_msg[i] != 0 || in ssl_parse_certificate_chain()
7781 if (i + 3 > ssl->in_hslen) { in ssl_parse_certificate_chain()
7790 if (ssl->in_msg[i] != 0) { in ssl_parse_certificate_chain()
7802 if (n < 128 || i + n > ssl->in_hslen) { in ssl_parse_certificate_chain()
7810 /* Check if we're handling the first CRT in the chain. */ in ssl_parse_certificate_chain()
7811 #if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) in ssl_parse_certificate_chain()
7812 if (crt_cnt++ == 0 && in ssl_parse_certificate_chain()
7820 if (ssl_check_peer_crt_unchanged(ssl, in ssl_parse_certificate_chain()
7836 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) in ssl_parse_certificate_chain()
7839 /* If we don't need to store the CRT chain permanently, parse in ssl_parse_certificate_chain()
7873 #if defined(MBEDTLS_SSL_SRV_C)
7877 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_srv_check_client_no_crt_notification()
7881 if (ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len(ssl) && in ssl_srv_check_client_no_crt_notification()
7892 /* Check if a certificate message is expected.
7907 if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { in ssl_parse_certificate_coordinate()
7911 #if defined(MBEDTLS_SSL_SRV_C) in ssl_parse_certificate_coordinate()
7912 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in ssl_parse_certificate_coordinate()
7913 if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { in ssl_parse_certificate_coordinate()
7917 if (authmode == MBEDTLS_SSL_VERIFY_NONE) { in ssl_parse_certificate_coordinate()
7944 if (authmode == MBEDTLS_SSL_VERIFY_NONE) { in ssl_parse_certificate_verify()
7948 if (ssl->f_vrfy != NULL) { in ssl_parse_certificate_verify()
7961 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) in ssl_parse_certificate_verify()
7962 if (ssl->conf->f_ca_cb != NULL) { in ssl_parse_certificate_verify()
7981 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) in ssl_parse_certificate_verify()
7982 if (ssl->handshake->sni_ca_chain != NULL) { in ssl_parse_certificate_verify()
7992 if (ca_chain != NULL) { in ssl_parse_certificate_verify()
8005 if (ret != 0) { in ssl_parse_certificate_verify()
8009 #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) in ssl_parse_certificate_verify()
8010 if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { in ssl_parse_certificate_verify()
8016 * Secondary checks: always done, but change 'ret' only if it was 0 in ssl_parse_certificate_verify()
8019 #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) in ssl_parse_certificate_verify()
8023 /* If certificate uses an EC key, make sure the curve is OK. in ssl_parse_certificate_verify()
8026 if (mbedtls_pk_can_do(pk, MBEDTLS_PK_ECKEY)) { in ssl_parse_certificate_verify()
8031 if (grp_id == MBEDTLS_ECP_DP_NONE) { in ssl_parse_certificate_verify()
8035 if (mbedtls_ssl_check_curve(ssl, grp_id) != 0) { in ssl_parse_certificate_verify()
8040 if (ret == 0) { in ssl_parse_certificate_verify()
8048 if (mbedtls_ssl_check_cert_usage(chain, in ssl_parse_certificate_verify()
8053 if (ret == 0) { in ssl_parse_certificate_verify()
8063 * ssl_parse_certificate even if verification was optional. */ in ssl_parse_certificate_verify()
8064 if (authmode == MBEDTLS_SSL_VERIFY_OPTIONAL && in ssl_parse_certificate_verify()
8070 if (have_ca_chain == 0 && authmode == MBEDTLS_SSL_VERIFY_REQUIRED) { in ssl_parse_certificate_verify()
8075 if (ret != 0) { in ssl_parse_certificate_verify()
8081 if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER) { in ssl_parse_certificate_verify()
8083 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH) { in ssl_parse_certificate_verify()
8085 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE) { in ssl_parse_certificate_verify()
8087 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE) { in ssl_parse_certificate_verify()
8089 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NS_CERT_TYPE) { in ssl_parse_certificate_verify()
8091 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK) { in ssl_parse_certificate_verify()
8093 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY) { in ssl_parse_certificate_verify()
8095 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED) { in ssl_parse_certificate_verify()
8097 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED) { in ssl_parse_certificate_verify()
8099 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED) { in ssl_parse_certificate_verify()
8108 #if defined(MBEDTLS_DEBUG_C) in ssl_parse_certificate_verify()
8109 if (ssl->session_negotiate->verify_result != 0) { in ssl_parse_certificate_verify()
8120 #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
8129 if (ssl->session_negotiate->peer_cert_digest == NULL) { in ssl_remember_peer_crt_digest()
8163 if (ret != 0) { in ssl_remember_peer_pubkey()
8176 #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) in mbedtls_ssl_parse_certificate()
8189 if (crt_expected == SSL_CERTIFICATE_SKIP) { in mbedtls_ssl_parse_certificate()
8194 #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) in mbedtls_ssl_parse_certificate()
8195 if (ssl->handshake->ecrs_enabled && in mbedtls_ssl_parse_certificate()
8203 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in mbedtls_ssl_parse_certificate()
8210 #if defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_parse_certificate()
8211 if (ssl_srv_check_client_no_crt_notification(ssl) == 0) { in mbedtls_ssl_parse_certificate()
8214 if (authmode != MBEDTLS_SSL_VERIFY_OPTIONAL) { in mbedtls_ssl_parse_certificate()
8227 if (chain == NULL) { in mbedtls_ssl_parse_certificate()
8240 if (ret != 0) { in mbedtls_ssl_parse_certificate()
8244 #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) in mbedtls_ssl_parse_certificate()
8245 if (ssl->handshake->ecrs_enabled) { in mbedtls_ssl_parse_certificate()
8250 if (ssl->handshake->ecrs_enabled) { in mbedtls_ssl_parse_certificate()
8257 if (ret != 0) { in mbedtls_ssl_parse_certificate()
8261 #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) in mbedtls_ssl_parse_certificate()
8284 if (ret != 0) { in mbedtls_ssl_parse_certificate()
8289 if (ret != 0) { in mbedtls_ssl_parse_certificate()
8303 if (ret == 0) { in mbedtls_ssl_parse_certificate()
8307 #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) in mbedtls_ssl_parse_certificate()
8308 if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { in mbedtls_ssl_parse_certificate()
8314 if (chain != NULL) { in mbedtls_ssl_parse_certificate()
8329 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_calc_finished_tls_generic()
8342 if (!session) { in ssl_calc_finished_tls_generic()
8350 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_calc_finished_tls_generic()
8354 if (status != PSA_SUCCESS) { in ssl_calc_finished_tls_generic()
8359 if (status != PSA_SUCCESS) { in ssl_calc_finished_tls_generic()
8367 if (ret != 0) { in ssl_calc_finished_tls_generic()
8371 if (ret != 0) { in ssl_calc_finished_tls_generic()
8376 if (ret != 0) { in ssl_calc_finished_tls_generic()
8398 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_calc_finished_tls_generic()
8407 #if defined(MBEDTLS_MD_CAN_SHA256)
8413 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_calc_finished_tls_sha256()
8424 #if defined(MBEDTLS_MD_CAN_SHA384)
8430 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_calc_finished_tls_sha384()
8454 if (ssl->transform) { in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8470 #if defined(MBEDTLS_SSL_RENEGOTIATION) in mbedtls_ssl_handshake_wrapup()
8471 if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { in mbedtls_ssl_handshake_wrapup()
8480 if (ssl->session) { in mbedtls_ssl_handshake_wrapup()
8481 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) in mbedtls_ssl_handshake_wrapup()
8496 if (ssl->conf->f_set_cache != NULL && in mbedtls_ssl_handshake_wrapup()
8499 if (ssl->conf->f_set_cache(ssl->conf->p_cache, in mbedtls_ssl_handshake_wrapup()
8507 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_handshake_wrapup()
8508 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_handshake_wrapup()
8535 if (ret != 0) { in mbedtls_ssl_write_finished()
8547 #if defined(MBEDTLS_SSL_RENEGOTIATION) in mbedtls_ssl_write_finished()
8560 if (ssl->handshake->resume != 0) { in mbedtls_ssl_write_finished()
8561 #if defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_write_finished()
8562 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_write_finished()
8566 #if defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_write_finished()
8567 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_write_finished()
8581 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_write_finished()
8582 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_write_finished()
8596 if (++ssl->cur_out_ctr[i - 1] != 0) { in mbedtls_ssl_write_finished()
8602 if (i == 0) { in mbedtls_ssl_write_finished()
8613 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_write_finished()
8614 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_write_finished()
8619 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in mbedtls_ssl_write_finished()
8624 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_write_finished()
8625 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_write_finished()
8648 if (ret != 0) { in mbedtls_ssl_parse_finished()
8652 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in mbedtls_ssl_parse_finished()
8657 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in mbedtls_ssl_parse_finished()
8665 if (ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED) { in mbedtls_ssl_parse_finished()
8672 if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + hash_len) { in mbedtls_ssl_parse_finished()
8680 if (mbedtls_ct_memcmp(ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl), in mbedtls_ssl_parse_finished()
8689 #if defined(MBEDTLS_SSL_RENEGOTIATION) in mbedtls_ssl_parse_finished()
8694 if (ssl->handshake->resume != 0) { in mbedtls_ssl_parse_finished()
8695 #if defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_parse_finished()
8696 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_parse_finished()
8700 #if defined(MBEDTLS_SSL_SRV_C) in mbedtls_ssl_parse_finished()
8701 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_parse_finished()
8709 #if defined(MBEDTLS_SSL_PROTO_DTLS) in mbedtls_ssl_parse_finished()
8710 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_parse_finished()
8722 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
8731 #if defined(MBEDTLS_MD_CAN_SHA384) in ssl_tls12prf_from_cs()
8732 if (ciphersuite_info != NULL && ciphersuite_info->mac == MBEDTLS_MD_SHA384) { in ssl_tls12prf_from_cs()
8736 #if defined(MBEDTLS_MD_CAN_SHA256) in ssl_tls12prf_from_cs()
8738 if (ciphersuite_info != NULL && ciphersuite_info->mac == MBEDTLS_MD_SHA256) { in ssl_tls12prf_from_cs()
8743 #if !defined(MBEDTLS_MD_CAN_SHA384) && \ in ssl_tls12prf_from_cs()
8755 #if defined(MBEDTLS_MD_CAN_SHA384) in tls_prf_get_type()
8756 if (tls_prf == tls_prf_sha384) { in tls_prf_get_type()
8760 #if defined(MBEDTLS_MD_CAN_SHA256) in tls_prf_get_type()
8761 if (tls_prf == tls_prf_sha256) { in tls_prf_get_type()
8792 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) in ssl_tls12_populate_transform()
8812 #if !defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_tls12_populate_transform()
8817 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_tls12_populate_transform()
8829 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) in ssl_tls12_populate_transform()
8834 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) in ssl_tls12_populate_transform()
8838 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in ssl_tls12_populate_transform()
8839 if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in ssl_tls12_populate_transform()
8850 if (ciphersuite_info == NULL) { in ssl_tls12_populate_transform()
8857 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) in ssl_tls12_populate_transform()
8862 if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { in ssl_tls12_populate_transform()
8867 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_tls12_populate_transform()
8868 if ((status = mbedtls_ssl_cipher_to_psa((mbedtls_cipher_type_t) ciphersuite_info->cipher, in ssl_tls12_populate_transform()
8879 if (cipher_info == NULL) { in ssl_tls12_populate_transform()
8886 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_tls12_populate_transform()
8888 if (mac_alg == 0) { in ssl_tls12_populate_transform()
8895 if (md_info == NULL) { in ssl_tls12_populate_transform()
8902 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in ssl_tls12_populate_transform()
8903 /* Copy own and peer's CID if the use of the CID in ssl_tls12_populate_transform()
8905 if (ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED) { in ssl_tls12_populate_transform()
8925 if (ret != 0) { in ssl_tls12_populate_transform()
8940 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_tls12_populate_transform()
8946 #if defined(MBEDTLS_SSL_HAVE_AEAD) in ssl_tls12_populate_transform()
8947 if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { in ssl_tls12_populate_transform()
8964 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_tls12_populate_transform()
8971 if (is_chachapoly) { in ssl_tls12_populate_transform()
8982 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) in ssl_tls12_populate_transform()
8983 if (ssl_mode == MBEDTLS_SSL_MODE_STREAM || in ssl_tls12_populate_transform()
8986 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_tls12_populate_transform()
8992 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_tls12_populate_transform()
8997 if ((ret = mbedtls_md_setup(&transform->md_ctx_enc, md_info, 1)) != 0 || in ssl_tls12_populate_transform()
9009 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_tls12_populate_transform()
9016 if (ssl_mode == MBEDTLS_SSL_MODE_STREAM) { in ssl_tls12_populate_transform()
9021 * 1. if EtM is in use: one block plus MAC in ssl_tls12_populate_transform()
9025 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) in ssl_tls12_populate_transform()
9026 if (ssl_mode == MBEDTLS_SSL_MODE_CBC_ETM) { in ssl_tls12_populate_transform()
9037 if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { in ssl_tls12_populate_transform()
9061 #if defined(MBEDTLS_SSL_CLI_C) in ssl_tls12_populate_transform()
9062 if (endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_tls12_populate_transform()
9076 #if defined(MBEDTLS_SSL_SRV_C) in ssl_tls12_populate_transform()
9077 if (endpoint == MBEDTLS_SSL_IS_SERVER) { in ssl_tls12_populate_transform()
9097 if (ssl->f_export_keys != NULL) { in ssl_tls12_populate_transform()
9106 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_tls12_populate_transform()
9109 if (alg != MBEDTLS_SSL_NULL_CIPHER) { in ssl_tls12_populate_transform()
9114 if ((status = psa_import_key(&attributes, in ssl_tls12_populate_transform()
9126 if ((status = psa_import_key(&attributes, in ssl_tls12_populate_transform()
9136 if ((ret = mbedtls_cipher_setup(&transform->cipher_ctx_enc, in ssl_tls12_populate_transform()
9142 if ((ret = mbedtls_cipher_setup(&transform->cipher_ctx_dec, in ssl_tls12_populate_transform()
9148 if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc, key1, in ssl_tls12_populate_transform()
9155 if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec, key2, in ssl_tls12_populate_transform()
9162 #if defined(MBEDTLS_CIPHER_MODE_CBC) in ssl_tls12_populate_transform()
9163 if (mbedtls_cipher_info_get_mode(cipher_info) == MBEDTLS_MODE_CBC) { in ssl_tls12_populate_transform()
9164 if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_enc, in ssl_tls12_populate_transform()
9170 if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_dec, in ssl_tls12_populate_transform()
9179 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) in ssl_tls12_populate_transform()
9182 if (mac_key_len != 0) { in ssl_tls12_populate_transform()
9183 #if defined(MBEDTLS_USE_PSA_CRYPTO) in ssl_tls12_populate_transform()
9190 if ((status = psa_import_key(&attributes, in ssl_tls12_populate_transform()
9198 if ((transform->psa_alg == MBEDTLS_SSL_NULL_CIPHER) || in ssl_tls12_populate_transform()
9200 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) in ssl_tls12_populate_transform()
9211 if ((status = psa_import_key(&attributes, in ssl_tls12_populate_transform()
9220 if (ret != 0) { in ssl_tls12_populate_transform()
9224 if (ret != 0) { in ssl_tls12_populate_transform()
9239 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \
9262 if (input_offset + length > len) { in mbedtls_psa_ecjpake_read_round()
9268 if (status != PSA_SUCCESS) { in mbedtls_psa_ecjpake_read_round()
9276 if (input_offset != len) { in mbedtls_psa_ecjpake_read_round()
9310 if (status != PSA_SUCCESS) { in mbedtls_psa_ecjpake_write_round()
9326 #if defined(MBEDTLS_USE_PSA_CRYPTO)
9338 if ((status = psa_hash_setup(&hash_operation, in mbedtls_ssl_get_key_exchange_md_tls1_2()
9344 if ((status = psa_hash_update(&hash_operation, ssl->handshake->randbytes, in mbedtls_ssl_get_key_exchange_md_tls1_2()
9350 if ((status = psa_hash_update(&hash_operation, in mbedtls_ssl_get_key_exchange_md_tls1_2()
9356 if ((status = psa_hash_finish(&hash_operation, hash, PSA_HASH_MAX_SIZE, in mbedtls_ssl_get_key_exchange_md_tls1_2()
9363 if (status != PSA_SUCCESS) { in mbedtls_ssl_get_key_exchange_md_tls1_2()
9404 if ((ret = mbedtls_md_setup(&ctx, md_info, 0)) != 0) { in mbedtls_ssl_get_key_exchange_md_tls1_2()
9408 if ((ret = mbedtls_md_starts(&ctx)) != 0) { in mbedtls_ssl_get_key_exchange_md_tls1_2()
9412 if ((ret = mbedtls_md_update(&ctx, ssl->handshake->randbytes, 64)) != 0) { in mbedtls_ssl_get_key_exchange_md_tls1_2()
9416 if ((ret = mbedtls_md_update(&ctx, data, data_len)) != 0) { in mbedtls_ssl_get_key_exchange_md_tls1_2()
9420 if ((ret = mbedtls_md_finish(&ctx, hash)) != 0) { in mbedtls_ssl_get_key_exchange_md_tls1_2()
9428 if (ret != 0) { in mbedtls_ssl_get_key_exchange_md_tls1_2()
9437 #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
9447 if (sig_alg == MBEDTLS_SSL_SIG_ANON) { in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9461 if (md_alg == MBEDTLS_MD_NONE) { in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9465 if (sig_alg == sig_alg_received) { in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9466 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9467 if (ssl->handshake->key_cert && ssl->handshake->key_cert->key) { in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9471 if (sig_alg_received == MBEDTLS_SSL_SIG_ECDSA && in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9478 if (sig_alg_received == MBEDTLS_SSL_SIG_RSA && in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9507 if (suite_info == NULL) { in mbedtls_ssl_validate_ciphersuite()
9511 if ((suite_info->min_tls_version > max_tls_version) || in mbedtls_ssl_validate_ciphersuite()
9516 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_CLI_C) in mbedtls_ssl_validate_ciphersuite()
9517 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) in mbedtls_ssl_validate_ciphersuite()
9518 #if defined(MBEDTLS_USE_PSA_CRYPTO) in mbedtls_ssl_validate_ciphersuite()
9519 if (suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && in mbedtls_ssl_validate_ciphersuite()
9522 if (suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && in mbedtls_ssl_validate_ciphersuite()
9530 /* Don't suggest PSK-based ciphersuite if no PSK is available. */ in mbedtls_ssl_validate_ciphersuite()
9531 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) in mbedtls_ssl_validate_ciphersuite()
9532 if (mbedtls_ssl_ciphersuite_uses_psk(suite_info) && in mbedtls_ssl_validate_ciphersuite()
9542 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
9595 /* Check if we have space for header and length field: in mbedtls_ssl_write_sig_alg_ext()
9608 if (sig_alg == NULL) { in mbedtls_ssl_write_sig_alg_ext()
9616 if (!mbedtls_ssl_sig_alg_is_supported(ssl, *sig_alg)) { in mbedtls_ssl_write_sig_alg_ext()
9629 if (supported_sig_alg_len == 0) { in mbedtls_ssl_write_sig_alg_ext()
9640 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_write_sig_alg_ext()
9648 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
9693 if (p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME) { in mbedtls_ssl_parse_server_name_ext()
9701 if (ssl->conf->f_sni == NULL) { in mbedtls_ssl_parse_server_name_ext()
9706 if (ret != 0) { in mbedtls_ssl_parse_server_name_ext()
9722 #if defined(MBEDTLS_SSL_ALPN)
9734 /* If ALPN not configured, just ignore the extension */ in mbedtls_ssl_parse_alpn_ext()
9735 if (ssl->conf->alpn_list == NULL) { in mbedtls_ssl_parse_alpn_ext()
9766 if (protocol_name_len == 0) { in mbedtls_ssl_parse_alpn_ext()
9782 if (protocol_name_len == alpn_len && in mbedtls_ssl_parse_alpn_ext()
9792 /* If we get here, no match was found */ in mbedtls_ssl_parse_alpn_ext()
9808 if (ssl->alpn_chosen == NULL) { in mbedtls_ssl_write_alpn_ext()
9836 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in mbedtls_ssl_write_alpn_ext()
9844 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
9854 /* Check if new hostname is valid before in mbedtls_ssl_session_set_hostname()
9856 if (hostname != NULL) { in mbedtls_ssl_session_set_hostname()
9859 if (hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN) { in mbedtls_ssl_session_set_hostname()
9866 if (session->hostname != NULL) { in mbedtls_ssl_session_set_hostname()
9872 if (hostname == NULL) { in mbedtls_ssl_session_set_hostname()
9876 if (session->hostname == NULL) { in mbedtls_ssl_session_set_hostname()
9890 #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_EARLY_DATA) && \
9897 if (alpn != NULL) { in mbedtls_ssl_session_set_ticket_alpn()
9900 if (alpn_len > MBEDTLS_SSL_MAX_ALPN_NAME_LEN) { in mbedtls_ssl_session_set_ticket_alpn()
9905 if (session->ticket_alpn != NULL) { in mbedtls_ssl_session_set_ticket_alpn()
9911 if (alpn != NULL) { in mbedtls_ssl_session_set_ticket_alpn()
9913 if (session->ticket_alpn == NULL) { in mbedtls_ssl_session_set_ticket_alpn()