Lines Matching refs:ssl
280 static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl);
286 void mbedtls_ssl_set_timer(mbedtls_ssl_context *ssl, uint32_t millisecs) in mbedtls_ssl_set_timer() argument
288 if (ssl->f_set_timer == NULL) { in mbedtls_ssl_set_timer()
293 ssl->f_set_timer(ssl->p_timer, millisecs / 4, millisecs); in mbedtls_ssl_set_timer()
299 int mbedtls_ssl_check_timer(mbedtls_ssl_context *ssl) in mbedtls_ssl_check_timer() argument
301 if (ssl->f_get_timer == NULL) { in mbedtls_ssl_check_timer()
305 if (ssl->f_get_timer(ssl->p_timer) == 2) { in mbedtls_ssl_check_timer()
314 static int ssl_parse_record_header(mbedtls_ssl_context const *ssl,
319 int mbedtls_ssl_check_record(mbedtls_ssl_context const *ssl, in mbedtls_ssl_check_record() argument
330 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM) { in mbedtls_ssl_check_record()
338 ret = ssl_parse_record_header(ssl, buf, buflen, &rec); in mbedtls_ssl_check_record()
344 if (ssl->transform_in != NULL) { in mbedtls_ssl_check_record()
345 ret = mbedtls_ssl_decrypt_buf(ssl, ssl->transform_in, &rec); in mbedtls_ssl_check_record()
376 static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl,
378 static void ssl_free_buffered_record(mbedtls_ssl_context *ssl);
380 static int ssl_load_buffered_message(mbedtls_ssl_context *ssl);
382 static int ssl_load_buffered_record(mbedtls_ssl_context *ssl);
384 static int ssl_buffer_message(mbedtls_ssl_context *ssl);
386 static int ssl_buffer_future_record(mbedtls_ssl_context *ssl,
389 static int ssl_next_record_is_in_datagram(mbedtls_ssl_context *ssl);
391 static size_t ssl_get_maximum_datagram_size(mbedtls_ssl_context const *ssl) in ssl_get_maximum_datagram_size() argument
393 size_t mtu = mbedtls_ssl_get_current_mtu(ssl); in ssl_get_maximum_datagram_size()
395 size_t out_buf_len = ssl->out_buf_len; in ssl_get_maximum_datagram_size()
408 static int ssl_get_remaining_space_in_datagram(mbedtls_ssl_context const *ssl) in ssl_get_remaining_space_in_datagram() argument
410 size_t const bytes_written = ssl->out_left; in ssl_get_remaining_space_in_datagram()
411 size_t const mtu = ssl_get_maximum_datagram_size(ssl); in ssl_get_remaining_space_in_datagram()
424 static int ssl_get_remaining_payload_in_datagram(mbedtls_ssl_context const *ssl) in ssl_get_remaining_payload_in_datagram() argument
431 const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl); in ssl_get_remaining_payload_in_datagram()
446 if (max_len <= ssl->out_left) { in ssl_get_remaining_payload_in_datagram()
450 max_len -= ssl->out_left; in ssl_get_remaining_payload_in_datagram()
453 ret = ssl_get_remaining_space_in_datagram(ssl); in ssl_get_remaining_payload_in_datagram()
459 ret = mbedtls_ssl_get_record_expansion(ssl); in ssl_get_remaining_payload_in_datagram()
482 static int ssl_double_retransmit_timeout(mbedtls_ssl_context *ssl) in ssl_double_retransmit_timeout() argument
486 if (ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max) { in ssl_double_retransmit_timeout()
496 if (ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min) { in ssl_double_retransmit_timeout()
497 ssl->handshake->mtu = 508; in ssl_double_retransmit_timeout()
498 MBEDTLS_SSL_DEBUG_MSG(2, ("mtu autoreduction to %d bytes", ssl->handshake->mtu)); in ssl_double_retransmit_timeout()
501 new_timeout = 2 * ssl->handshake->retransmit_timeout; in ssl_double_retransmit_timeout()
504 if (new_timeout < ssl->handshake->retransmit_timeout || in ssl_double_retransmit_timeout()
505 new_timeout > ssl->conf->hs_timeout_max) { in ssl_double_retransmit_timeout()
506 new_timeout = ssl->conf->hs_timeout_max; in ssl_double_retransmit_timeout()
509 ssl->handshake->retransmit_timeout = new_timeout; in ssl_double_retransmit_timeout()
511 (unsigned long) ssl->handshake->retransmit_timeout)); in ssl_double_retransmit_timeout()
516 static void ssl_reset_retransmit_timeout(mbedtls_ssl_context *ssl) in ssl_reset_retransmit_timeout() argument
518 ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min; in ssl_reset_retransmit_timeout()
520 (unsigned long) ssl->handshake->retransmit_timeout)); in ssl_reset_retransmit_timeout()
902 int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, in mbedtls_ssl_encrypt_buf() argument
924 ssl = NULL; /* make sure we don't use it except for debug */ in mbedtls_ssl_encrypt_buf()
925 ((void) ssl); in mbedtls_ssl_encrypt_buf()
1480 int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, in mbedtls_ssl_decrypt_buf() argument
1507 ssl = NULL; /* make sure we don't use it except for debug */ in mbedtls_ssl_decrypt_buf()
1508 ((void) ssl); in mbedtls_ssl_decrypt_buf()
2146 int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want) in mbedtls_ssl_fetch_input() argument
2151 size_t in_buf_len = ssl->in_buf_len; in mbedtls_ssl_fetch_input()
2158 if (ssl->f_recv == NULL && ssl->f_recv_timeout == NULL) { in mbedtls_ssl_fetch_input()
2163 if (nb_want > in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf)) { in mbedtls_ssl_fetch_input()
2169 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_fetch_input()
2182 if (ssl->next_record_offset != 0) { in mbedtls_ssl_fetch_input()
2183 if (ssl->in_left < ssl->next_record_offset) { in mbedtls_ssl_fetch_input()
2188 ssl->in_left -= ssl->next_record_offset; in mbedtls_ssl_fetch_input()
2190 if (ssl->in_left != 0) { in mbedtls_ssl_fetch_input()
2193 ssl->next_record_offset)); in mbedtls_ssl_fetch_input()
2194 memmove(ssl->in_hdr, in mbedtls_ssl_fetch_input()
2195 ssl->in_hdr + ssl->next_record_offset, in mbedtls_ssl_fetch_input()
2196 ssl->in_left); in mbedtls_ssl_fetch_input()
2199 ssl->next_record_offset = 0; in mbedtls_ssl_fetch_input()
2204 ssl->in_left, nb_want)); in mbedtls_ssl_fetch_input()
2209 if (nb_want <= ssl->in_left) { in mbedtls_ssl_fetch_input()
2219 if (ssl->in_left != 0) { in mbedtls_ssl_fetch_input()
2229 if (mbedtls_ssl_check_timer(ssl) != 0) { in mbedtls_ssl_fetch_input()
2233 len = in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf); in mbedtls_ssl_fetch_input()
2235 if (mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_fetch_input()
2236 timeout = ssl->handshake->retransmit_timeout; in mbedtls_ssl_fetch_input()
2238 timeout = ssl->conf->read_timeout; in mbedtls_ssl_fetch_input()
2243 if (ssl->f_recv_timeout != NULL) { in mbedtls_ssl_fetch_input()
2244 ret = ssl->f_recv_timeout(ssl->p_bio, ssl->in_hdr, len, in mbedtls_ssl_fetch_input()
2247 ret = ssl->f_recv(ssl->p_bio, ssl->in_hdr, len); in mbedtls_ssl_fetch_input()
2259 mbedtls_ssl_set_timer(ssl, 0); in mbedtls_ssl_fetch_input()
2261 if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { in mbedtls_ssl_fetch_input()
2262 if (ssl_double_retransmit_timeout(ssl) != 0) { in mbedtls_ssl_fetch_input()
2267 if ((ret = mbedtls_ssl_resend(ssl)) != 0) { in mbedtls_ssl_fetch_input()
2275 else if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in mbedtls_ssl_fetch_input()
2276 ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { in mbedtls_ssl_fetch_input()
2277 if ((ret = mbedtls_ssl_resend_hello_request(ssl)) != 0) { in mbedtls_ssl_fetch_input()
2292 ssl->in_left = ret; in mbedtls_ssl_fetch_input()
2298 ssl->in_left, nb_want)); in mbedtls_ssl_fetch_input()
2300 while (ssl->in_left < nb_want) { in mbedtls_ssl_fetch_input()
2301 len = nb_want - ssl->in_left; in mbedtls_ssl_fetch_input()
2303 if (mbedtls_ssl_check_timer(ssl) != 0) { in mbedtls_ssl_fetch_input()
2306 if (ssl->f_recv_timeout != NULL) { in mbedtls_ssl_fetch_input()
2307 ret = ssl->f_recv_timeout(ssl->p_bio, in mbedtls_ssl_fetch_input()
2308 ssl->in_hdr + ssl->in_left, len, in mbedtls_ssl_fetch_input()
2309 ssl->conf->read_timeout); in mbedtls_ssl_fetch_input()
2311 ret = ssl->f_recv(ssl->p_bio, in mbedtls_ssl_fetch_input()
2312 ssl->in_hdr + ssl->in_left, len); in mbedtls_ssl_fetch_input()
2318 ssl->in_left, nb_want)); in mbedtls_ssl_fetch_input()
2337 ssl->in_left += ret; in mbedtls_ssl_fetch_input()
2349 int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl) in mbedtls_ssl_flush_output() argument
2356 if (ssl->f_send == NULL) { in mbedtls_ssl_flush_output()
2362 if (ssl->out_left == 0) { in mbedtls_ssl_flush_output()
2367 while (ssl->out_left > 0) { in mbedtls_ssl_flush_output()
2370 mbedtls_ssl_out_hdr_len(ssl) + ssl->out_msglen, ssl->out_left)); in mbedtls_ssl_flush_output()
2372 buf = ssl->out_hdr - ssl->out_left; in mbedtls_ssl_flush_output()
2373 ret = ssl->f_send(ssl->p_bio, buf, ssl->out_left); in mbedtls_ssl_flush_output()
2381 if ((size_t) ret > ssl->out_left) { in mbedtls_ssl_flush_output()
2385 ret, ssl->out_left)); in mbedtls_ssl_flush_output()
2389 ssl->out_left -= ret; in mbedtls_ssl_flush_output()
2393 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_flush_output()
2394 ssl->out_hdr = ssl->out_buf; in mbedtls_ssl_flush_output()
2398 ssl->out_hdr = ssl->out_buf + 8; in mbedtls_ssl_flush_output()
2400 mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out); in mbedtls_ssl_flush_output()
2415 static int ssl_flight_append(mbedtls_ssl_context *ssl) in ssl_flight_append() argument
2420 ssl->out_msg, ssl->out_msglen); in ssl_flight_append()
2429 if ((msg->p = mbedtls_calloc(1, ssl->out_msglen)) == NULL) { in ssl_flight_append()
2431 ssl->out_msglen)); in ssl_flight_append()
2437 memcpy(msg->p, ssl->out_msg, ssl->out_msglen); in ssl_flight_append()
2438 msg->len = ssl->out_msglen; in ssl_flight_append()
2439 msg->type = ssl->out_msgtype; in ssl_flight_append()
2443 if (ssl->handshake->flight == NULL) { in ssl_flight_append()
2444 ssl->handshake->flight = msg; in ssl_flight_append()
2446 mbedtls_ssl_flight_item *cur = ssl->handshake->flight; in ssl_flight_append()
2479 static int ssl_swap_epochs(mbedtls_ssl_context *ssl) in ssl_swap_epochs() argument
2484 if (ssl->transform_out == ssl->handshake->alt_transform_out) { in ssl_swap_epochs()
2492 tmp_transform = ssl->transform_out; in ssl_swap_epochs()
2493 ssl->transform_out = ssl->handshake->alt_transform_out; in ssl_swap_epochs()
2494 ssl->handshake->alt_transform_out = tmp_transform; in ssl_swap_epochs()
2497 memcpy(tmp_out_ctr, ssl->cur_out_ctr, sizeof(tmp_out_ctr)); in ssl_swap_epochs()
2498 memcpy(ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, in ssl_swap_epochs()
2499 sizeof(ssl->cur_out_ctr)); in ssl_swap_epochs()
2500 memcpy(ssl->handshake->alt_out_ctr, tmp_out_ctr, in ssl_swap_epochs()
2501 sizeof(ssl->handshake->alt_out_ctr)); in ssl_swap_epochs()
2504 mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out); in ssl_swap_epochs()
2512 int mbedtls_ssl_resend(mbedtls_ssl_context *ssl) in mbedtls_ssl_resend() argument
2518 ret = mbedtls_ssl_flight_transmit(ssl); in mbedtls_ssl_resend()
2532 int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl) in mbedtls_ssl_flight_transmit() argument
2537 if (ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING) { in mbedtls_ssl_flight_transmit()
2540 ssl->handshake->cur_msg = ssl->handshake->flight; in mbedtls_ssl_flight_transmit()
2541 ssl->handshake->cur_msg_p = ssl->handshake->flight->p + 12; in mbedtls_ssl_flight_transmit()
2542 ret = ssl_swap_epochs(ssl); in mbedtls_ssl_flight_transmit()
2547 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_SENDING; in mbedtls_ssl_flight_transmit()
2550 while (ssl->handshake->cur_msg != NULL) { in mbedtls_ssl_flight_transmit()
2552 const mbedtls_ssl_flight_item * const cur = ssl->handshake->cur_msg; in mbedtls_ssl_flight_transmit()
2558 int const force_flush = ssl->disable_datagram_packing == 1 ? in mbedtls_ssl_flight_transmit()
2564 if (is_finished && ssl->handshake->cur_msg_p == (cur->p + 12)) { in mbedtls_ssl_flight_transmit()
2566 ret = ssl_swap_epochs(ssl); in mbedtls_ssl_flight_transmit()
2572 ret = ssl_get_remaining_payload_in_datagram(ssl); in mbedtls_ssl_flight_transmit()
2581 if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { in mbedtls_ssl_flight_transmit()
2588 memcpy(ssl->out_msg, cur->p, cur->len); in mbedtls_ssl_flight_transmit()
2589 ssl->out_msglen = cur->len; in mbedtls_ssl_flight_transmit()
2590 ssl->out_msgtype = cur->type; in mbedtls_ssl_flight_transmit()
2593 ssl->handshake->cur_msg_p += cur->len; in mbedtls_ssl_flight_transmit()
2595 const unsigned char * const p = ssl->handshake->cur_msg_p; in mbedtls_ssl_flight_transmit()
2603 ret = ssl_swap_epochs(ssl); in mbedtls_ssl_flight_transmit()
2609 if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { in mbedtls_ssl_flight_transmit()
2629 memcpy(ssl->out_msg, cur->p, 6); in mbedtls_ssl_flight_transmit()
2631 ssl->out_msg[6] = MBEDTLS_BYTE_2(frag_off); in mbedtls_ssl_flight_transmit()
2632 ssl->out_msg[7] = MBEDTLS_BYTE_1(frag_off); in mbedtls_ssl_flight_transmit()
2633 ssl->out_msg[8] = MBEDTLS_BYTE_0(frag_off); in mbedtls_ssl_flight_transmit()
2635 ssl->out_msg[9] = MBEDTLS_BYTE_2(cur_hs_frag_len); in mbedtls_ssl_flight_transmit()
2636 ssl->out_msg[10] = MBEDTLS_BYTE_1(cur_hs_frag_len); in mbedtls_ssl_flight_transmit()
2637 ssl->out_msg[11] = MBEDTLS_BYTE_0(cur_hs_frag_len); in mbedtls_ssl_flight_transmit()
2639 MBEDTLS_SSL_DEBUG_BUF(3, "handshake header", ssl->out_msg, 12); in mbedtls_ssl_flight_transmit()
2642 memcpy(ssl->out_msg + 12, p, cur_hs_frag_len); in mbedtls_ssl_flight_transmit()
2643 ssl->out_msglen = cur_hs_frag_len + 12; in mbedtls_ssl_flight_transmit()
2644 ssl->out_msgtype = cur->type; in mbedtls_ssl_flight_transmit()
2647 ssl->handshake->cur_msg_p += cur_hs_frag_len; in mbedtls_ssl_flight_transmit()
2651 if (ssl->handshake->cur_msg_p >= cur->p + cur->len) { in mbedtls_ssl_flight_transmit()
2653 ssl->handshake->cur_msg = cur->next; in mbedtls_ssl_flight_transmit()
2654 ssl->handshake->cur_msg_p = cur->next->p + 12; in mbedtls_ssl_flight_transmit()
2656 ssl->handshake->cur_msg = NULL; in mbedtls_ssl_flight_transmit()
2657 ssl->handshake->cur_msg_p = NULL; in mbedtls_ssl_flight_transmit()
2662 if ((ret = mbedtls_ssl_write_record(ssl, force_flush)) != 0) { in mbedtls_ssl_flight_transmit()
2668 if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { in mbedtls_ssl_flight_transmit()
2673 if (mbedtls_ssl_is_handshake_over(ssl) == 1) { in mbedtls_ssl_flight_transmit()
2674 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; in mbedtls_ssl_flight_transmit()
2676 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; in mbedtls_ssl_flight_transmit()
2677 mbedtls_ssl_set_timer(ssl, ssl->handshake->retransmit_timeout); in mbedtls_ssl_flight_transmit()
2688 void mbedtls_ssl_recv_flight_completed(mbedtls_ssl_context *ssl) in mbedtls_ssl_recv_flight_completed() argument
2691 mbedtls_ssl_flight_free(ssl->handshake->flight); in mbedtls_ssl_recv_flight_completed()
2692 ssl->handshake->flight = NULL; in mbedtls_ssl_recv_flight_completed()
2693 ssl->handshake->cur_msg = NULL; in mbedtls_ssl_recv_flight_completed()
2696 ssl->handshake->in_flight_start_seq = ssl->handshake->in_msg_seq; in mbedtls_ssl_recv_flight_completed()
2699 ssl->handshake->buffering.seen_ccs = 0; in mbedtls_ssl_recv_flight_completed()
2702 mbedtls_ssl_buffering_free(ssl); in mbedtls_ssl_recv_flight_completed()
2705 mbedtls_ssl_set_timer(ssl, 0); in mbedtls_ssl_recv_flight_completed()
2707 if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && in mbedtls_ssl_recv_flight_completed()
2708 ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED) { in mbedtls_ssl_recv_flight_completed()
2709 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; in mbedtls_ssl_recv_flight_completed()
2711 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; in mbedtls_ssl_recv_flight_completed()
2718 void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl) in mbedtls_ssl_send_flight_completed() argument
2720 ssl_reset_retransmit_timeout(ssl); in mbedtls_ssl_send_flight_completed()
2721 mbedtls_ssl_set_timer(ssl, ssl->handshake->retransmit_timeout); in mbedtls_ssl_send_flight_completed()
2723 if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && in mbedtls_ssl_send_flight_completed()
2724 ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED) { in mbedtls_ssl_send_flight_completed()
2725 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; in mbedtls_ssl_send_flight_completed()
2727 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; in mbedtls_ssl_send_flight_completed()
2735 int mbedtls_ssl_start_handshake_msg(mbedtls_ssl_context *ssl, unsigned char hs_type, in mbedtls_ssl_start_handshake_msg() argument
2745 *buf = ssl->out_msg + 4; in mbedtls_ssl_start_handshake_msg()
2748 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in mbedtls_ssl_start_handshake_msg()
2749 ssl->out_msg[0] = hs_type; in mbedtls_ssl_start_handshake_msg()
2776 int mbedtls_ssl_write_handshake_msg_ext(mbedtls_ssl_context *ssl, in mbedtls_ssl_write_handshake_msg_ext() argument
2781 const size_t hs_len = ssl->out_msglen - 4; in mbedtls_ssl_write_handshake_msg_ext()
2782 const unsigned char hs_type = ssl->out_msg[0]; in mbedtls_ssl_write_handshake_msg_ext()
2789 if (ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && in mbedtls_ssl_write_handshake_msg_ext()
2790 ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) { in mbedtls_ssl_write_handshake_msg_ext()
2797 if (!(ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && in mbedtls_ssl_write_handshake_msg_ext()
2799 ssl->handshake == NULL) { in mbedtls_ssl_write_handshake_msg_ext()
2805 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_write_handshake_msg_ext()
2806 ssl->handshake != NULL && in mbedtls_ssl_write_handshake_msg_ext()
2807 ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { in mbedtls_ssl_write_handshake_msg_ext()
2821 if (ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN) { in mbedtls_ssl_write_handshake_msg_ext()
2825 ssl->out_msglen, in mbedtls_ssl_write_handshake_msg_ext()
2833 if (ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) { in mbedtls_ssl_write_handshake_msg_ext()
2834 ssl->out_msg[1] = MBEDTLS_BYTE_2(hs_len); in mbedtls_ssl_write_handshake_msg_ext()
2835 ssl->out_msg[2] = MBEDTLS_BYTE_1(hs_len); in mbedtls_ssl_write_handshake_msg_ext()
2836 ssl->out_msg[3] = MBEDTLS_BYTE_0(hs_len); in mbedtls_ssl_write_handshake_msg_ext()
2846 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_write_handshake_msg_ext()
2848 if (MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen < 8) { in mbedtls_ssl_write_handshake_msg_ext()
2857 memmove(ssl->out_msg + 12, ssl->out_msg + 4, hs_len); in mbedtls_ssl_write_handshake_msg_ext()
2858 ssl->out_msglen += 8; in mbedtls_ssl_write_handshake_msg_ext()
2862 MBEDTLS_PUT_UINT16_BE(ssl->handshake->out_msg_seq, ssl->out_msg, 4); in mbedtls_ssl_write_handshake_msg_ext()
2863 ++(ssl->handshake->out_msg_seq); in mbedtls_ssl_write_handshake_msg_ext()
2865 ssl->out_msg[4] = 0; in mbedtls_ssl_write_handshake_msg_ext()
2866 ssl->out_msg[5] = 0; in mbedtls_ssl_write_handshake_msg_ext()
2871 memset(ssl->out_msg + 6, 0x00, 3); in mbedtls_ssl_write_handshake_msg_ext()
2872 memcpy(ssl->out_msg + 9, ssl->out_msg + 1, 3); in mbedtls_ssl_write_handshake_msg_ext()
2878 ret = ssl->handshake->update_checksum(ssl, ssl->out_msg, in mbedtls_ssl_write_handshake_msg_ext()
2879 ssl->out_msglen); in mbedtls_ssl_write_handshake_msg_ext()
2889 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_write_handshake_msg_ext()
2890 !(ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && in mbedtls_ssl_write_handshake_msg_ext()
2892 if ((ret = ssl_flight_append(ssl)) != 0) { in mbedtls_ssl_write_handshake_msg_ext()
2899 if ((ret = mbedtls_ssl_write_record(ssl, force_flush)) != 0) { in mbedtls_ssl_write_handshake_msg_ext()
2910 int mbedtls_ssl_finish_handshake_msg(mbedtls_ssl_context *ssl, in mbedtls_ssl_finish_handshake_msg() argument
2919 ssl->out_msglen = msg_with_header_len; in mbedtls_ssl_finish_handshake_msg()
2920 MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_write_handshake_msg_ext(ssl, 0, 0)); in mbedtls_ssl_finish_handshake_msg()
2938 int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl, int force_flush) in mbedtls_ssl_write_record() argument
2941 size_t len = ssl->out_msglen; in mbedtls_ssl_write_record()
2950 size_t out_buf_len = ssl->out_buf_len; in mbedtls_ssl_write_record()
2956 mbedtls_ssl_protocol_version tls_ver = ssl->tls_version; in mbedtls_ssl_write_record()
2964 mbedtls_ssl_write_version(ssl->out_hdr + 1, ssl->conf->transport, in mbedtls_ssl_write_record()
2967 memcpy(ssl->out_ctr, ssl->cur_out_ctr, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN); in mbedtls_ssl_write_record()
2968 MBEDTLS_PUT_UINT16_BE(len, ssl->out_len, 0); in mbedtls_ssl_write_record()
2970 if (ssl->transform_out != NULL) { in mbedtls_ssl_write_record()
2973 rec.buf = ssl->out_iv; in mbedtls_ssl_write_record()
2974 rec.buf_len = out_buf_len - (size_t) (ssl->out_iv - ssl->out_buf); in mbedtls_ssl_write_record()
2975 rec.data_len = ssl->out_msglen; in mbedtls_ssl_write_record()
2976 rec.data_offset = (size_t) (ssl->out_msg - rec.buf); in mbedtls_ssl_write_record()
2978 memcpy(&rec.ctr[0], ssl->out_ctr, sizeof(rec.ctr)); in mbedtls_ssl_write_record()
2979 mbedtls_ssl_write_version(rec.ver, ssl->conf->transport, tls_ver); in mbedtls_ssl_write_record()
2980 rec.type = ssl->out_msgtype; in mbedtls_ssl_write_record()
2987 if ((ret = mbedtls_ssl_encrypt_buf(ssl, ssl->transform_out, &rec, in mbedtls_ssl_write_record()
2988 ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { in mbedtls_ssl_write_record()
2999 ssl->out_msgtype = rec.type; in mbedtls_ssl_write_record()
3001 memcpy(ssl->out_cid, rec.cid, rec.cid_len); in mbedtls_ssl_write_record()
3003 ssl->out_msglen = len = rec.data_len; in mbedtls_ssl_write_record()
3004 MBEDTLS_PUT_UINT16_BE(rec.data_len, ssl->out_len, 0); in mbedtls_ssl_write_record()
3007 protected_record_size = len + mbedtls_ssl_out_hdr_len(ssl); in mbedtls_ssl_write_record()
3012 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_write_record()
3013 ret = ssl_get_remaining_space_in_datagram(ssl); in mbedtls_ssl_write_record()
3026 ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype; in mbedtls_ssl_write_record()
3030 ssl->out_hdr[0], ssl->out_hdr[1], in mbedtls_ssl_write_record()
3031 ssl->out_hdr[2], len)); in mbedtls_ssl_write_record()
3034 ssl->out_hdr, protected_record_size); in mbedtls_ssl_write_record()
3036 ssl->out_left += protected_record_size; in mbedtls_ssl_write_record()
3037 ssl->out_hdr += protected_record_size; in mbedtls_ssl_write_record()
3038 mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out); in mbedtls_ssl_write_record()
3040 for (i = 8; i > mbedtls_ssl_ep_len(ssl); i--) { in mbedtls_ssl_write_record()
3041 if (++ssl->cur_out_ctr[i - 1] != 0) { in mbedtls_ssl_write_record()
3047 if (i == mbedtls_ssl_ep_len(ssl)) { in mbedtls_ssl_write_record()
3054 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_write_record()
3057 ret = ssl_get_remaining_payload_in_datagram(ssl); in mbedtls_ssl_write_record()
3076 (ret = mbedtls_ssl_flush_output(ssl)) != 0) { in mbedtls_ssl_write_record()
3089 static int ssl_hs_is_proper_fragment(mbedtls_ssl_context *ssl) in ssl_hs_is_proper_fragment() argument
3091 if (ssl->in_msglen < ssl->in_hslen || in ssl_hs_is_proper_fragment()
3092 memcmp(ssl->in_msg + 6, "\0\0\0", 3) != 0 || in ssl_hs_is_proper_fragment()
3093 memcmp(ssl->in_msg + 9, ssl->in_msg + 1, 3) != 0) { in ssl_hs_is_proper_fragment()
3099 static uint32_t ssl_get_hs_frag_len(mbedtls_ssl_context const *ssl) in ssl_get_hs_frag_len() argument
3101 return MBEDTLS_GET_UINT24_BE(ssl->in_msg, 9); in ssl_get_hs_frag_len()
3104 static uint32_t ssl_get_hs_frag_off(mbedtls_ssl_context const *ssl) in ssl_get_hs_frag_off() argument
3106 return MBEDTLS_GET_UINT24_BE(ssl->in_msg, 6); in ssl_get_hs_frag_off()
3110 static int ssl_check_hs_header(mbedtls_ssl_context const *ssl) in ssl_check_hs_header() argument
3114 msg_len = ssl_get_hs_total_len(ssl); in ssl_check_hs_header()
3115 frag_off = ssl_get_hs_frag_off(ssl); in ssl_check_hs_header()
3116 frag_len = ssl_get_hs_frag_len(ssl); in ssl_check_hs_header()
3126 if (frag_len + 12 > ssl->in_msglen) { in ssl_check_hs_header()
3217 static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl) in ssl_get_hs_total_len() argument
3219 return MBEDTLS_GET_UINT24_BE(ssl->in_msg, 1); in ssl_get_hs_total_len()
3222 int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl) in mbedtls_ssl_prepare_handshake_record() argument
3224 if (ssl->badmac_seen_or_in_hsfraglen == 0) { in mbedtls_ssl_prepare_handshake_record()
3230 if (ssl->in_msglen < mbedtls_ssl_hs_hdr_len(ssl)) { in mbedtls_ssl_prepare_handshake_record()
3232 ssl->in_msglen)); in mbedtls_ssl_prepare_handshake_record()
3236 ssl->in_hslen = mbedtls_ssl_hs_hdr_len(ssl) + ssl_get_hs_total_len(ssl); in mbedtls_ssl_prepare_handshake_record()
3242 ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen)); in mbedtls_ssl_prepare_handshake_record()
3244 if (ssl->transform_in != NULL) { in mbedtls_ssl_prepare_handshake_record()
3247 (int) (ssl->in_iv - ssl->in_buf), in mbedtls_ssl_prepare_handshake_record()
3248 (int) (ssl->in_hdr - ssl->in_buf), in mbedtls_ssl_prepare_handshake_record()
3249 (int) (ssl->in_msg - ssl->in_buf))); in mbedtls_ssl_prepare_handshake_record()
3253 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_prepare_handshake_record()
3255 unsigned int recv_msg_seq = MBEDTLS_GET_UINT16_BE(ssl->in_msg, 4); in mbedtls_ssl_prepare_handshake_record()
3257 if (ssl_check_hs_header(ssl) != 0) { in mbedtls_ssl_prepare_handshake_record()
3262 if (ssl->handshake != NULL && in mbedtls_ssl_prepare_handshake_record()
3263 ((mbedtls_ssl_is_handshake_over(ssl) == 0 && in mbedtls_ssl_prepare_handshake_record()
3264 recv_msg_seq != ssl->handshake->in_msg_seq) || in mbedtls_ssl_prepare_handshake_record()
3265 (mbedtls_ssl_is_handshake_over(ssl) == 1 && in mbedtls_ssl_prepare_handshake_record()
3266 ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO))) { in mbedtls_ssl_prepare_handshake_record()
3267 if (recv_msg_seq > ssl->handshake->in_msg_seq) { in mbedtls_ssl_prepare_handshake_record()
3272 ssl->handshake->in_msg_seq)); in mbedtls_ssl_prepare_handshake_record()
3279 if (recv_msg_seq == ssl->handshake->in_flight_start_seq - 1 && in mbedtls_ssl_prepare_handshake_record()
3280 ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST) { in mbedtls_ssl_prepare_handshake_record()
3284 ssl->handshake->in_flight_start_seq)); in mbedtls_ssl_prepare_handshake_record()
3286 if ((ret = mbedtls_ssl_resend(ssl)) != 0) { in mbedtls_ssl_prepare_handshake_record()
3294 ssl->handshake->in_msg_seq)); in mbedtls_ssl_prepare_handshake_record()
3305 if (ssl_hs_is_proper_fragment(ssl) == 1) { in mbedtls_ssl_prepare_handshake_record()
3313 ssl->in_buf + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN; in mbedtls_ssl_prepare_handshake_record()
3315 reassembled_record_start + mbedtls_ssl_in_hdr_len(ssl); in mbedtls_ssl_prepare_handshake_record()
3316 unsigned char *payload_end = payload_start + ssl->badmac_seen_or_in_hsfraglen; in mbedtls_ssl_prepare_handshake_record()
3318 const size_t hs_remain = ssl->in_hslen - ssl->badmac_seen_or_in_hsfraglen; in mbedtls_ssl_prepare_handshake_record()
3325 ssl->in_msglen > hs_remain ? hs_remain : ssl->in_msglen; in mbedtls_ssl_prepare_handshake_record()
3331 (ssl->badmac_seen_or_in_hsfraglen != 0 ? in mbedtls_ssl_prepare_handshake_record()
3333 hs_this_fragment_len == ssl->in_hslen ? in mbedtls_ssl_prepare_handshake_record()
3336 ssl->in_msglen, in mbedtls_ssl_prepare_handshake_record()
3337 ssl->badmac_seen_or_in_hsfraglen, in mbedtls_ssl_prepare_handshake_record()
3338 ssl->badmac_seen_or_in_hsfraglen + in mbedtls_ssl_prepare_handshake_record()
3340 ssl->in_hslen)); in mbedtls_ssl_prepare_handshake_record()
3353 size_t const in_buf_len = ssl->in_buf_len; in mbedtls_ssl_prepare_handshake_record()
3357 if (payload_end + ssl->in_msglen > ssl->in_buf + in_buf_len) { in mbedtls_ssl_prepare_handshake_record()
3362 ssl->in_msglen, in mbedtls_ssl_prepare_handshake_record()
3363 (void *) ssl->in_msg, (void *) payload_end, in mbedtls_ssl_prepare_handshake_record()
3364 (void *) ssl->in_buf, in_buf_len)); in mbedtls_ssl_prepare_handshake_record()
3367 memmove(payload_end, ssl->in_msg, ssl->in_msglen); in mbedtls_ssl_prepare_handshake_record()
3369 ssl->badmac_seen_or_in_hsfraglen += (unsigned) ssl->in_msglen; in mbedtls_ssl_prepare_handshake_record()
3370 payload_end += ssl->in_msglen; in mbedtls_ssl_prepare_handshake_record()
3372 if (ssl->badmac_seen_or_in_hsfraglen < ssl->in_hslen) { in mbedtls_ssl_prepare_handshake_record()
3375 ssl->badmac_seen_or_in_hsfraglen, ssl->in_hslen)); in mbedtls_ssl_prepare_handshake_record()
3376 ssl->in_hdr = payload_end; in mbedtls_ssl_prepare_handshake_record()
3377 ssl->in_msglen = 0; in mbedtls_ssl_prepare_handshake_record()
3378 mbedtls_ssl_update_in_pointers(ssl); in mbedtls_ssl_prepare_handshake_record()
3381 ssl->in_msglen = ssl->badmac_seen_or_in_hsfraglen; in mbedtls_ssl_prepare_handshake_record()
3382 ssl->badmac_seen_or_in_hsfraglen = 0; in mbedtls_ssl_prepare_handshake_record()
3383 ssl->in_hdr = reassembled_record_start; in mbedtls_ssl_prepare_handshake_record()
3384 mbedtls_ssl_update_in_pointers(ssl); in mbedtls_ssl_prepare_handshake_record()
3387 if (ssl->in_msglen > 0xffff) { in mbedtls_ssl_prepare_handshake_record()
3391 ssl->in_msglen)); in mbedtls_ssl_prepare_handshake_record()
3394 MBEDTLS_PUT_UINT16_BE(ssl->in_msglen, ssl->in_len, 0); in mbedtls_ssl_prepare_handshake_record()
3396 size_t record_len = mbedtls_ssl_in_hdr_len(ssl) + ssl->in_msglen; in mbedtls_ssl_prepare_handshake_record()
3399 ssl->in_hdr, record_len); in mbedtls_ssl_prepare_handshake_record()
3400 if (ssl->in_hslen < ssl->in_msglen) { in mbedtls_ssl_prepare_handshake_record()
3404 ssl->in_hslen, in mbedtls_ssl_prepare_handshake_record()
3405 ssl->in_msglen - ssl->in_hslen)); in mbedtls_ssl_prepare_handshake_record()
3413 int mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl) in mbedtls_ssl_update_handshake_status() argument
3416 mbedtls_ssl_handshake_params * const hs = ssl->handshake; in mbedtls_ssl_update_handshake_status()
3418 if (mbedtls_ssl_is_handshake_over(ssl) == 0 && hs != NULL) { in mbedtls_ssl_update_handshake_status()
3419 ret = ssl->handshake->update_checksum(ssl, ssl->in_msg, ssl->in_hslen); in mbedtls_ssl_update_handshake_status()
3428 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_update_handshake_status()
3429 ssl->handshake != NULL) { in mbedtls_ssl_update_handshake_status()
3441 ssl_buffering_free_slot(ssl, 0); in mbedtls_ssl_update_handshake_status()
3468 void mbedtls_ssl_dtls_replay_reset(mbedtls_ssl_context *ssl) in mbedtls_ssl_dtls_replay_reset() argument
3470 ssl->in_window_top = 0; in mbedtls_ssl_dtls_replay_reset()
3471 ssl->in_window = 0; in mbedtls_ssl_dtls_replay_reset()
3485 static int mbedtls_ssl_dtls_record_replay_check(mbedtls_ssl_context *ssl, uint8_t *record_in_ctr) in mbedtls_ssl_dtls_record_replay_check() argument
3491 original_in_ctr = ssl->in_ctr; in mbedtls_ssl_dtls_record_replay_check()
3494 ssl->in_ctr = record_in_ctr; in mbedtls_ssl_dtls_record_replay_check()
3496 ret = mbedtls_ssl_dtls_replay_check((mbedtls_ssl_context const *) ssl); in mbedtls_ssl_dtls_record_replay_check()
3499 ssl->in_ctr = original_in_ctr; in mbedtls_ssl_dtls_record_replay_check()
3507 int mbedtls_ssl_dtls_replay_check(mbedtls_ssl_context const *ssl) in mbedtls_ssl_dtls_replay_check() argument
3509 uint64_t rec_seqnum = ssl_load_six_bytes(ssl->in_ctr + 2); in mbedtls_ssl_dtls_replay_check()
3512 if (ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED) { in mbedtls_ssl_dtls_replay_check()
3516 if (rec_seqnum > ssl->in_window_top) { in mbedtls_ssl_dtls_replay_check()
3520 bit = ssl->in_window_top - rec_seqnum; in mbedtls_ssl_dtls_replay_check()
3526 if ((ssl->in_window & ((uint64_t) 1 << bit)) != 0) { in mbedtls_ssl_dtls_replay_check()
3536 void mbedtls_ssl_dtls_replay_update(mbedtls_ssl_context *ssl) in mbedtls_ssl_dtls_replay_update() argument
3538 uint64_t rec_seqnum = ssl_load_six_bytes(ssl->in_ctr + 2); in mbedtls_ssl_dtls_replay_update()
3540 if (ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED) { in mbedtls_ssl_dtls_replay_update()
3544 if (rec_seqnum > ssl->in_window_top) { in mbedtls_ssl_dtls_replay_update()
3546 uint64_t shift = rec_seqnum - ssl->in_window_top; in mbedtls_ssl_dtls_replay_update()
3549 ssl->in_window = 1; in mbedtls_ssl_dtls_replay_update()
3551 ssl->in_window <<= shift; in mbedtls_ssl_dtls_replay_update()
3552 ssl->in_window |= 1; in mbedtls_ssl_dtls_replay_update()
3555 ssl->in_window_top = rec_seqnum; in mbedtls_ssl_dtls_replay_update()
3558 uint64_t bit = ssl->in_window_top - rec_seqnum; in mbedtls_ssl_dtls_replay_update()
3561 ssl->in_window |= (uint64_t) 1 << bit; in mbedtls_ssl_dtls_replay_update()
3582 mbedtls_ssl_context *ssl, in mbedtls_ssl_check_dtls_clihlo_cookie() argument
3656 if (ssl->conf->f_cookie_check(ssl->conf->p_cookie, in mbedtls_ssl_check_dtls_clihlo_cookie()
3695 if (ssl->conf->f_cookie_write(ssl->conf->p_cookie, in mbedtls_ssl_check_dtls_clihlo_cookie()
3736 static int ssl_handle_possible_reconnect(mbedtls_ssl_context *ssl) in ssl_handle_possible_reconnect() argument
3741 if (ssl->conf->f_cookie_write == NULL || in ssl_handle_possible_reconnect()
3742 ssl->conf->f_cookie_check == NULL) { in ssl_handle_possible_reconnect()
3751 ssl, in ssl_handle_possible_reconnect()
3752 ssl->cli_id, ssl->cli_id_len, in ssl_handle_possible_reconnect()
3753 ssl->in_buf, ssl->in_left, in ssl_handle_possible_reconnect()
3754 ssl->out_buf, MBEDTLS_SSL_OUT_CONTENT_LEN, &len); in ssl_handle_possible_reconnect()
3762 ssl->out_buf, len); in ssl_handle_possible_reconnect()
3766 send_ret = ssl->f_send(ssl->p_bio, ssl->out_buf, len); in ssl_handle_possible_reconnect()
3775 if ((ret = mbedtls_ssl_session_reset_int(ssl, 1)) != 0) { in ssl_handle_possible_reconnect()
3820 static int ssl_parse_record_header(mbedtls_ssl_context const *ssl, in ssl_parse_record_header() argument
3855 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_parse_record_header()
3882 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_parse_record_header()
3883 ssl->conf->cid_len != 0 && in ssl_parse_record_header()
3900 rec_hdr_cid_len = ssl->conf->cid_len; in ssl_parse_record_header()
3933 ssl->conf->transport); in ssl_parse_record_header()
3935 if (tls_version > ssl->conf->max_tls_version) { in ssl_parse_record_header()
3938 (unsigned) ssl->conf->max_tls_version)); in ssl_parse_record_header()
3947 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_parse_record_header()
3955 memcpy(&rec->ctr[0], ssl->in_ctr, rec_hdr_ctr_len); in ssl_parse_record_header()
3991 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_parse_record_header()
4008 if (rec_epoch != ssl->in_epoch) { in ssl_parse_record_header()
4011 ssl->in_epoch, (unsigned long) rec_epoch)); in ssl_parse_record_header()
4015 if (rec_epoch == (unsigned) ssl->in_epoch + 1) { in ssl_parse_record_header()
4025 else if (mbedtls_ssl_dtls_record_replay_check((mbedtls_ssl_context *) ssl, in ssl_parse_record_header()
4040 static int ssl_check_client_reconnect(mbedtls_ssl_context *ssl) in ssl_check_client_reconnect() argument
4042 unsigned int rec_epoch = MBEDTLS_GET_UINT16_BE(ssl->in_ctr, 0); in ssl_check_client_reconnect()
4051 ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in ssl_check_client_reconnect()
4052 mbedtls_ssl_is_handshake_over(ssl) == 1 && in ssl_check_client_reconnect()
4053 ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && in ssl_check_client_reconnect()
4054 ssl->in_left > 13 && in ssl_check_client_reconnect()
4055 ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO) { in ssl_check_client_reconnect()
4058 return ssl_handle_possible_reconnect(ssl); in ssl_check_client_reconnect()
4069 static int ssl_prepare_record_content(mbedtls_ssl_context *ssl, in ssl_prepare_record_content() argument
4083 if (ssl->transform_in != NULL && in ssl_prepare_record_content()
4084 ssl->transform_in->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in ssl_prepare_record_content()
4091 if (!done && ssl->transform_in != NULL) { in ssl_prepare_record_content()
4094 if ((ret = mbedtls_ssl_decrypt_buf(ssl, ssl->transform_in, in ssl_prepare_record_content()
4114 (ssl->discard_early_data_record == in ssl_prepare_record_content()
4119 ret = mbedtls_ssl_tls13_check_early_data_len(ssl, rec->data_len); in ssl_prepare_record_content()
4129 ssl->conf->ignore_unexpected_cid in ssl_prepare_record_content()
4151 if (ssl->discard_early_data_record == in ssl_prepare_record_content()
4153 ssl->discard_early_data_record = MBEDTLS_SSL_EARLY_DATA_NO_DISCARD; in ssl_prepare_record_content()
4181 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2 in ssl_prepare_record_content()
4184 MBEDTLS_SSL_DEBUG_MSG(1, ("invalid zero-length message type: %d", ssl->in_msgtype)); in ssl_prepare_record_content()
4189 ssl->nb_zero++; in ssl_prepare_record_content()
4195 if (ssl->nb_zero > 3) { in ssl_prepare_record_content()
4204 ssl->nb_zero = 0; in ssl_prepare_record_content()
4208 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_prepare_record_content()
4215 i > mbedtls_ssl_ep_len(ssl); i--) { in ssl_prepare_record_content()
4216 if (++ssl->in_ctr[i - 1] != 0) { in ssl_prepare_record_content()
4222 if (i == mbedtls_ssl_ep_len(ssl)) { in ssl_prepare_record_content()
4244 if (ssl->discard_early_data_record == MBEDTLS_SSL_EARLY_DATA_DISCARD) { in ssl_prepare_record_content()
4247 ret = mbedtls_ssl_tls13_check_early_data_len(ssl, rec->data_len); in ssl_prepare_record_content()
4257 ssl->discard_early_data_record = MBEDTLS_SSL_EARLY_DATA_NO_DISCARD; in ssl_prepare_record_content()
4263 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_prepare_record_content()
4264 mbedtls_ssl_dtls_replay_update(ssl); in ssl_prepare_record_content()
4288 static int ssl_consume_current_message(mbedtls_ssl_context *ssl);
4290 static int ssl_get_next_record(mbedtls_ssl_context *ssl);
4292 static int ssl_record_is_in_progress(mbedtls_ssl_context *ssl);
4294 int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl, in mbedtls_ssl_read_record() argument
4301 if (ssl->keep_current_message == 0) { in mbedtls_ssl_read_record()
4304 ret = ssl_consume_current_message(ssl); in mbedtls_ssl_read_record()
4309 if (ssl_record_is_in_progress(ssl) == 0) { in mbedtls_ssl_read_record()
4315 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_read_record()
4316 ssl_next_record_is_in_datagram(ssl) == 0) { in mbedtls_ssl_read_record()
4317 if (ssl_load_buffered_message(ssl) == 0) { in mbedtls_ssl_read_record()
4324 ret = ssl_get_next_record(ssl); in mbedtls_ssl_read_record()
4336 ret = mbedtls_ssl_handle_message_type(ssl); in mbedtls_ssl_read_record()
4341 ret = ssl_buffer_message(ssl); in mbedtls_ssl_read_record()
4358 if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && in mbedtls_ssl_read_record()
4360 ret = mbedtls_ssl_update_handshake_status(ssl); in mbedtls_ssl_read_record()
4368 ssl->keep_current_message = 0; in mbedtls_ssl_read_record()
4378 static int ssl_next_record_is_in_datagram(mbedtls_ssl_context *ssl) in ssl_next_record_is_in_datagram() argument
4380 if (ssl->in_left > ssl->next_record_offset) { in ssl_next_record_is_in_datagram()
4388 static int ssl_load_buffered_message(mbedtls_ssl_context *ssl) in ssl_load_buffered_message() argument
4390 mbedtls_ssl_handshake_params * const hs = ssl->handshake; in ssl_load_buffered_message()
4400 if (ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC || in ssl_load_buffered_message()
4401 ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC) { in ssl_load_buffered_message()
4411 ssl->in_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; in ssl_load_buffered_message()
4412 ssl->in_msglen = 1; in ssl_load_buffered_message()
4413 ssl->in_msg[0] = 1; in ssl_load_buffered_message()
4416 ssl->in_left = 0; in ssl_load_buffered_message()
4417 ssl->next_record_offset = 0; in ssl_load_buffered_message()
4456 ssl->in_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_load_buffered_message()
4457 ssl->in_hslen = msg_len + 12; in ssl_load_buffered_message()
4458 ssl->in_msglen = msg_len + 12; in ssl_load_buffered_message()
4459 memcpy(ssl->in_msg, hs_buf->data, ssl->in_hslen); in ssl_load_buffered_message()
4477 static int ssl_buffer_make_space(mbedtls_ssl_context *ssl, in ssl_buffer_make_space() argument
4481 mbedtls_ssl_handshake_params * const hs = ssl->handshake; in ssl_buffer_make_space()
4486 ssl_free_buffered_record(ssl); in ssl_buffer_make_space()
4505 ssl_buffering_free_slot(ssl, (uint8_t) offset); in ssl_buffer_make_space()
4519 static int ssl_buffer_message(mbedtls_ssl_context *ssl) in ssl_buffer_message() argument
4522 mbedtls_ssl_handshake_params * const hs = ssl->handshake; in ssl_buffer_message()
4530 switch (ssl->in_msgtype) { in ssl_buffer_message()
4540 unsigned recv_msg_seq = MBEDTLS_GET_UINT16_BE(ssl->in_msg, 4); in ssl_buffer_message()
4542 size_t msg_len = ssl->in_hslen - 12; in ssl_buffer_message()
4546 if (recv_msg_seq < ssl->handshake->in_msg_seq) { in ssl_buffer_message()
4551 recv_msg_seq_offset = recv_msg_seq - ssl->handshake->in_msg_seq; in ssl_buffer_message()
4557 recv_msg_seq, ssl->handshake->in_msg_seq, in ssl_buffer_message()
4558 ssl->handshake->in_msg_seq + MBEDTLS_SSL_MAX_BUFFERED_HS - in ssl_buffer_message()
4574 (ssl_hs_is_proper_fragment(ssl) == 1); in ssl_buffer_message()
4623 if (ssl_buffer_make_space(ssl, reassembly_buf_sz) != 0) { in ssl_buffer_message()
4656 memcpy(hs_buf->data, ssl->in_msg, 6); in ssl_buffer_message()
4665 if (memcmp(hs_buf->data, ssl->in_msg, 4) != 0) { in ssl_buffer_message()
4682 frag_off = ssl_get_hs_frag_off(ssl); in ssl_buffer_message()
4683 frag_len = ssl_get_hs_frag_len(ssl); in ssl_buffer_message()
4688 memcpy(msg + frag_off, ssl->in_msg + 12, frag_len); in ssl_buffer_message()
4719 static int ssl_consume_current_message(mbedtls_ssl_context *ssl) in ssl_consume_current_message() argument
4744 if (ssl->in_hslen != 0) { in ssl_consume_current_message()
4748 if (ssl->in_offt != NULL) { in ssl_consume_current_message()
4753 if (ssl->badmac_seen_or_in_hsfraglen != 0) { in ssl_consume_current_message()
4757 ssl->badmac_seen_or_in_hsfraglen, ssl->in_hslen)); in ssl_consume_current_message()
4782 if (ssl->in_hslen < ssl->in_msglen) { in ssl_consume_current_message()
4783 ssl->in_msglen -= ssl->in_hslen; in ssl_consume_current_message()
4784 memmove(ssl->in_msg, ssl->in_msg + ssl->in_hslen, in ssl_consume_current_message()
4785 ssl->in_msglen); in ssl_consume_current_message()
4786 MBEDTLS_PUT_UINT16_BE(ssl->in_msglen, ssl->in_len, 0); in ssl_consume_current_message()
4789 ssl->in_msg, ssl->in_msglen); in ssl_consume_current_message()
4791 ssl->in_msglen = 0; in ssl_consume_current_message()
4794 ssl->in_hslen = 0; in ssl_consume_current_message()
4797 else if (ssl->in_offt != NULL) { in ssl_consume_current_message()
4802 ssl->in_msglen = 0; in ssl_consume_current_message()
4809 static int ssl_record_is_in_progress(mbedtls_ssl_context *ssl) in ssl_record_is_in_progress() argument
4811 if (ssl->in_msglen > 0) { in ssl_record_is_in_progress()
4820 static void ssl_free_buffered_record(mbedtls_ssl_context *ssl) in ssl_free_buffered_record() argument
4822 mbedtls_ssl_handshake_params * const hs = ssl->handshake; in ssl_free_buffered_record()
4837 static int ssl_load_buffered_record(mbedtls_ssl_context *ssl) in ssl_load_buffered_record() argument
4839 mbedtls_ssl_handshake_params * const hs = ssl->handshake; in ssl_load_buffered_record()
4844 size_t in_buf_len = ssl->in_buf_len; in ssl_load_buffered_record()
4848 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_load_buffered_record()
4866 if (ssl_next_record_is_in_datagram(ssl) == 1) { in ssl_load_buffered_record()
4872 if (rec_epoch != ssl->in_epoch) { in ssl_load_buffered_record()
4880 if (rec_len > in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf)) { in ssl_load_buffered_record()
4885 memcpy(ssl->in_hdr, rec, rec_len); in ssl_load_buffered_record()
4886 ssl->in_left = rec_len; in ssl_load_buffered_record()
4887 ssl->next_record_offset = 0; in ssl_load_buffered_record()
4889 ssl_free_buffered_record(ssl); in ssl_load_buffered_record()
4897 static int ssl_buffer_future_record(mbedtls_ssl_context *ssl, in ssl_buffer_future_record() argument
4900 mbedtls_ssl_handshake_params * const hs = ssl->handshake; in ssl_buffer_future_record()
4932 ssl->in_epoch + 1U)); in ssl_buffer_future_record()
4937 hs->buffering.future_record.epoch = ssl->in_epoch + 1; in ssl_buffer_future_record()
4957 static int ssl_get_next_record(mbedtls_ssl_context *ssl) in ssl_get_next_record() argument
4969 ret = ssl_load_buffered_record(ssl); in ssl_get_next_record()
4978 ret = mbedtls_ssl_fetch_input(ssl, mbedtls_ssl_in_hdr_len(ssl)); in ssl_get_next_record()
4984 ret = ssl_parse_record_header(ssl, ssl->in_hdr, ssl->in_left, &rec); in ssl_get_next_record()
4987 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_get_next_record()
4989 ret = ssl_buffer_future_record(ssl, &rec); in ssl_get_next_record()
5003 mbedtls_ssl_update_in_pointers(ssl); in ssl_get_next_record()
5006 ssl->in_msgtype = rec.type; in ssl_get_next_record()
5008 ssl->in_len = ssl->in_cid + rec.cid_len; in ssl_get_next_record()
5010 ssl->in_iv = ssl->in_msg = ssl->in_len + 2; in ssl_get_next_record()
5011 ssl->in_msglen = rec.data_len; in ssl_get_next_record()
5013 ret = ssl_check_client_reconnect(ssl); in ssl_get_next_record()
5021 ssl->next_record_offset = rec.buf_len; in ssl_get_next_record()
5027 ssl->next_record_offset = 0; in ssl_get_next_record()
5028 ssl->in_left = 0; in ssl_get_next_record()
5044 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_get_next_record()
5046 ssl->next_record_offset = rec.buf_len; in ssl_get_next_record()
5047 if (ssl->next_record_offset < ssl->in_left) { in ssl_get_next_record()
5056 ret = mbedtls_ssl_fetch_input(ssl, rec.buf_len); in ssl_get_next_record()
5062 ssl->in_left = 0; in ssl_get_next_record()
5069 if ((ret = ssl_prepare_record_content(ssl, &rec)) != 0) { in ssl_get_next_record()
5071 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_get_next_record()
5077 if (ssl->state == MBEDTLS_SSL_CLIENT_FINISHED || in ssl_get_next_record()
5078 ssl->state == MBEDTLS_SSL_SERVER_FINISHED) { in ssl_get_next_record()
5081 mbedtls_ssl_send_alert_message(ssl, in ssl_get_next_record()
5089 if (ssl->conf->badmac_limit != 0) { in ssl_get_next_record()
5090 ++ssl->badmac_seen_or_in_hsfraglen; in ssl_get_next_record()
5091 if (ssl->badmac_seen_or_in_hsfraglen >= ssl->conf->badmac_limit) { in ssl_get_next_record()
5100 ssl->next_record_offset = 0; in ssl_get_next_record()
5101 ssl->in_left = 0; in ssl_get_next_record()
5114 mbedtls_ssl_send_alert_message(ssl, in ssl_get_next_record()
5127 mbedtls_ssl_update_in_pointers(ssl); in ssl_get_next_record()
5129 ssl->in_len = ssl->in_cid + rec.cid_len; in ssl_get_next_record()
5131 ssl->in_iv = ssl->in_len + 2; in ssl_get_next_record()
5135 ssl->in_msgtype = rec.type; in ssl_get_next_record()
5140 ssl->in_hdr[0] = rec.type; in ssl_get_next_record()
5141 ssl->in_msg = rec.buf + rec.data_offset; in ssl_get_next_record()
5142 ssl->in_msglen = rec.data_len; in ssl_get_next_record()
5143 MBEDTLS_PUT_UINT16_BE(rec.data_len, ssl->in_len, 0); in ssl_get_next_record()
5148 int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl) in mbedtls_ssl_handle_message_type() argument
5156 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM && in mbedtls_ssl_handle_message_type()
5157 ssl->badmac_seen_or_in_hsfraglen != 0 && in mbedtls_ssl_handle_message_type()
5158 ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in mbedtls_ssl_handle_message_type()
5167 if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) { in mbedtls_ssl_handle_message_type()
5168 if ((ret = mbedtls_ssl_prepare_handshake_record(ssl)) != 0) { in mbedtls_ssl_handle_message_type()
5173 if (ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) { in mbedtls_ssl_handle_message_type()
5174 if (ssl->in_msglen != 1) { in mbedtls_ssl_handle_message_type()
5176 ssl->in_msglen)); in mbedtls_ssl_handle_message_type()
5180 if (ssl->in_msg[0] != 1) { in mbedtls_ssl_handle_message_type()
5182 ssl->in_msg[0])); in mbedtls_ssl_handle_message_type()
5187 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_handle_message_type()
5188 ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC && in mbedtls_ssl_handle_message_type()
5189 ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC) { in mbedtls_ssl_handle_message_type()
5190 if (ssl->handshake == NULL) { in mbedtls_ssl_handle_message_type()
5201 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_handle_message_type()
5209 if (ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT) { in mbedtls_ssl_handle_message_type()
5210 if (ssl->in_msglen != 2) { in mbedtls_ssl_handle_message_type()
5215 ssl->in_msglen)); in mbedtls_ssl_handle_message_type()
5220 ssl->in_msg[0], ssl->in_msg[1])); in mbedtls_ssl_handle_message_type()
5225 if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_FATAL) { in mbedtls_ssl_handle_message_type()
5227 ssl->in_msg[1])); in mbedtls_ssl_handle_message_type()
5231 if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && in mbedtls_ssl_handle_message_type()
5232 ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY) { in mbedtls_ssl_handle_message_type()
5238 if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && in mbedtls_ssl_handle_message_type()
5239 ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION) { in mbedtls_ssl_handle_message_type()
5250 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_handle_message_type()
5253 if (ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA && in mbedtls_ssl_handle_message_type()
5254 mbedtls_ssl_is_handshake_over(ssl) == 0 in mbedtls_ssl_handle_message_type()
5256 && !(ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && in mbedtls_ssl_handle_message_type()
5257 ssl->state == MBEDTLS_SSL_SERVER_HELLO) in mbedtls_ssl_handle_message_type()
5264 if (ssl->handshake != NULL && in mbedtls_ssl_handle_message_type()
5265 mbedtls_ssl_is_handshake_over(ssl) == 1) { in mbedtls_ssl_handle_message_type()
5266 mbedtls_ssl_handshake_wrapup_free_hs_transform(ssl); in mbedtls_ssl_handle_message_type()
5274 int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl) in mbedtls_ssl_send_fatal_handshake_failure() argument
5276 return mbedtls_ssl_send_alert_message(ssl, in mbedtls_ssl_send_fatal_handshake_failure()
5281 int mbedtls_ssl_send_alert_message(mbedtls_ssl_context *ssl, in mbedtls_ssl_send_alert_message() argument
5287 if (ssl == NULL || ssl->conf == NULL) { in mbedtls_ssl_send_alert_message()
5291 if (ssl->out_left != 0) { in mbedtls_ssl_send_alert_message()
5292 return mbedtls_ssl_flush_output(ssl); in mbedtls_ssl_send_alert_message()
5298 ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT; in mbedtls_ssl_send_alert_message()
5299 ssl->out_msglen = 2; in mbedtls_ssl_send_alert_message()
5300 ssl->out_msg[0] = level; in mbedtls_ssl_send_alert_message()
5301 ssl->out_msg[1] = message; in mbedtls_ssl_send_alert_message()
5303 if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) { in mbedtls_ssl_send_alert_message()
5312 int mbedtls_ssl_write_change_cipher_spec(mbedtls_ssl_context *ssl) in mbedtls_ssl_write_change_cipher_spec() argument
5318 ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; in mbedtls_ssl_write_change_cipher_spec()
5319 ssl->out_msglen = 1; in mbedtls_ssl_write_change_cipher_spec()
5320 ssl->out_msg[0] = 1; in mbedtls_ssl_write_change_cipher_spec()
5322 mbedtls_ssl_handshake_increment_state(ssl); in mbedtls_ssl_write_change_cipher_spec()
5324 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in mbedtls_ssl_write_change_cipher_spec()
5334 int mbedtls_ssl_parse_change_cipher_spec(mbedtls_ssl_context *ssl) in mbedtls_ssl_parse_change_cipher_spec() argument
5340 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in mbedtls_ssl_parse_change_cipher_spec()
5345 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) { in mbedtls_ssl_parse_change_cipher_spec()
5347 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_parse_change_cipher_spec()
5361 ssl->transform_in = ssl->transform_negotiate; in mbedtls_ssl_parse_change_cipher_spec()
5363 ssl->session_in = ssl->session_negotiate; in mbedtls_ssl_parse_change_cipher_spec()
5366 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_parse_change_cipher_spec()
5368 mbedtls_ssl_dtls_replay_reset(ssl); in mbedtls_ssl_parse_change_cipher_spec()
5372 if (++ssl->in_epoch == 0) { in mbedtls_ssl_parse_change_cipher_spec()
5380 memset(ssl->in_ctr, 0, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN); in mbedtls_ssl_parse_change_cipher_spec()
5382 mbedtls_ssl_update_in_pointers(ssl); in mbedtls_ssl_parse_change_cipher_spec()
5384 mbedtls_ssl_handshake_increment_state(ssl); in mbedtls_ssl_parse_change_cipher_spec()
5405 void mbedtls_ssl_update_out_pointers(mbedtls_ssl_context *ssl, in mbedtls_ssl_update_out_pointers() argument
5409 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_update_out_pointers()
5410 ssl->out_ctr = ssl->out_hdr + 3; in mbedtls_ssl_update_out_pointers()
5412 ssl->out_cid = ssl->out_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN; in mbedtls_ssl_update_out_pointers()
5413 ssl->out_len = ssl->out_cid; in mbedtls_ssl_update_out_pointers()
5415 ssl->out_len += transform->out_cid_len; in mbedtls_ssl_update_out_pointers()
5418 ssl->out_len = ssl->out_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN; in mbedtls_ssl_update_out_pointers()
5420 ssl->out_iv = ssl->out_len + 2; in mbedtls_ssl_update_out_pointers()
5424 ssl->out_len = ssl->out_hdr + 3; in mbedtls_ssl_update_out_pointers()
5426 ssl->out_cid = ssl->out_len; in mbedtls_ssl_update_out_pointers()
5428 ssl->out_iv = ssl->out_hdr + 5; in mbedtls_ssl_update_out_pointers()
5431 ssl->out_msg = ssl->out_iv; in mbedtls_ssl_update_out_pointers()
5434 ssl->out_msg += ssl_transform_get_explicit_iv_len(transform); in mbedtls_ssl_update_out_pointers()
5446 void mbedtls_ssl_update_in_pointers(mbedtls_ssl_context *ssl) in mbedtls_ssl_update_in_pointers() argument
5459 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_update_in_pointers()
5464 ssl->in_ctr = ssl->in_hdr + 3; in mbedtls_ssl_update_in_pointers()
5466 ssl->in_cid = ssl->in_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN; in mbedtls_ssl_update_in_pointers()
5467 ssl->in_len = ssl->in_cid; /* Default: no CID */ in mbedtls_ssl_update_in_pointers()
5469 ssl->in_len = ssl->in_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN; in mbedtls_ssl_update_in_pointers()
5471 ssl->in_iv = ssl->in_len + 2; in mbedtls_ssl_update_in_pointers()
5475 ssl->in_ctr = ssl->in_buf; in mbedtls_ssl_update_in_pointers()
5476 ssl->in_len = ssl->in_hdr + 3; in mbedtls_ssl_update_in_pointers()
5478 ssl->in_cid = ssl->in_len; in mbedtls_ssl_update_in_pointers()
5480 ssl->in_iv = ssl->in_hdr + 5; in mbedtls_ssl_update_in_pointers()
5484 ssl->in_msg = ssl->in_iv; in mbedtls_ssl_update_in_pointers()
5491 void mbedtls_ssl_reset_in_pointers(mbedtls_ssl_context *ssl) in mbedtls_ssl_reset_in_pointers() argument
5494 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_reset_in_pointers()
5495 ssl->in_hdr = ssl->in_buf; in mbedtls_ssl_reset_in_pointers()
5499 ssl->in_hdr = ssl->in_buf + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN; in mbedtls_ssl_reset_in_pointers()
5503 mbedtls_ssl_update_in_pointers(ssl); in mbedtls_ssl_reset_in_pointers()
5506 void mbedtls_ssl_reset_out_pointers(mbedtls_ssl_context *ssl) in mbedtls_ssl_reset_out_pointers() argument
5510 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_reset_out_pointers()
5511 ssl->out_hdr = ssl->out_buf; in mbedtls_ssl_reset_out_pointers()
5515 ssl->out_ctr = ssl->out_buf; in mbedtls_ssl_reset_out_pointers()
5516 ssl->out_hdr = ssl->out_buf + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN; in mbedtls_ssl_reset_out_pointers()
5519 mbedtls_ssl_update_out_pointers(ssl, NULL /* no transform enabled */); in mbedtls_ssl_reset_out_pointers()
5525 size_t mbedtls_ssl_get_bytes_avail(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_bytes_avail() argument
5527 return ssl->in_offt == NULL ? 0 : ssl->in_msglen; in mbedtls_ssl_get_bytes_avail()
5530 int mbedtls_ssl_check_pending(const mbedtls_ssl_context *ssl) in mbedtls_ssl_check_pending() argument
5537 if (ssl->keep_current_message == 1) { in mbedtls_ssl_check_pending()
5547 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_check_pending()
5548 ssl->in_left > ssl->next_record_offset) { in mbedtls_ssl_check_pending()
5558 if (ssl->in_hslen > 0 && ssl->in_hslen < ssl->in_msglen) { in mbedtls_ssl_check_pending()
5567 if (ssl->in_offt != NULL) { in mbedtls_ssl_check_pending()
5583 int mbedtls_ssl_get_record_expansion(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_record_expansion() argument
5586 const mbedtls_ssl_transform *transform = ssl->transform_out; in mbedtls_ssl_get_record_expansion()
5593 size_t out_hdr_len = mbedtls_ssl_out_hdr_len(ssl); in mbedtls_ssl_get_record_expansion()
5681 static int ssl_check_ctr_renegotiate(mbedtls_ssl_context *ssl) in ssl_check_ctr_renegotiate() argument
5683 size_t ep_len = mbedtls_ssl_ep_len(ssl); in ssl_check_ctr_renegotiate()
5687 if (mbedtls_ssl_is_handshake_over(ssl) == 0 || in ssl_check_ctr_renegotiate()
5688 ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING || in ssl_check_ctr_renegotiate()
5689 ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED) { in ssl_check_ctr_renegotiate()
5693 in_ctr_cmp = memcmp(ssl->in_ctr + ep_len, in ssl_check_ctr_renegotiate()
5694 &ssl->conf->renego_period[ep_len], in ssl_check_ctr_renegotiate()
5696 out_ctr_cmp = memcmp(&ssl->cur_out_ctr[ep_len], in ssl_check_ctr_renegotiate()
5697 &ssl->conf->renego_period[ep_len], in ssl_check_ctr_renegotiate()
5698 sizeof(ssl->cur_out_ctr) - ep_len); in ssl_check_ctr_renegotiate()
5705 return mbedtls_ssl_renegotiate(ssl); in ssl_check_ctr_renegotiate()
5713 static int ssl_tls13_is_new_session_ticket(mbedtls_ssl_context *ssl) in ssl_tls13_is_new_session_ticket() argument
5716 if ((ssl->in_hslen == mbedtls_ssl_hs_hdr_len(ssl)) || in ssl_tls13_is_new_session_ticket()
5717 (ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET)) { in ssl_tls13_is_new_session_ticket()
5726 static int ssl_tls13_handle_hs_message_post_handshake(mbedtls_ssl_context *ssl) in ssl_tls13_handle_hs_message_post_handshake() argument
5732 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_tls13_handle_hs_message_post_handshake()
5733 if (ssl_tls13_is_new_session_ticket(ssl)) { in ssl_tls13_handle_hs_message_post_handshake()
5736 if (mbedtls_ssl_conf_is_signal_new_session_tickets_enabled(ssl->conf) == in ssl_tls13_handle_hs_message_post_handshake()
5738 ssl->keep_current_message = 1; in ssl_tls13_handle_hs_message_post_handshake()
5740 mbedtls_ssl_handshake_set_state(ssl, in ssl_tls13_handle_hs_message_post_handshake()
5771 static int ssl_tls12_handle_hs_message_post_handshake(mbedtls_ssl_context *ssl) in ssl_tls12_handle_hs_message_post_handshake() argument
5782 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && in ssl_tls12_handle_hs_message_post_handshake()
5783 (ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || in ssl_tls12_handle_hs_message_post_handshake()
5784 ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl))) { in ssl_tls12_handle_hs_message_post_handshake()
5789 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_tls12_handle_hs_message_post_handshake()
5798 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in ssl_tls12_handle_hs_message_post_handshake()
5799 ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO) { in ssl_tls12_handle_hs_message_post_handshake()
5804 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_tls12_handle_hs_message_post_handshake()
5814 if (!(ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || in ssl_tls12_handle_hs_message_post_handshake()
5815 (ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && in ssl_tls12_handle_hs_message_post_handshake()
5816 ssl->conf->allow_legacy_renegotiation == in ssl_tls12_handle_hs_message_post_handshake()
5824 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_tls12_handle_hs_message_post_handshake()
5825 ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_tls12_handle_hs_message_post_handshake()
5826 ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; in ssl_tls12_handle_hs_message_post_handshake()
5829 ret = mbedtls_ssl_start_renegotiation(ssl); in ssl_tls12_handle_hs_message_post_handshake()
5845 if ((ret = mbedtls_ssl_send_alert_message(ssl, in ssl_tls12_handle_hs_message_post_handshake()
5857 static int ssl_handle_hs_message_post_handshake(mbedtls_ssl_context *ssl) in ssl_handle_hs_message_post_handshake() argument
5861 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in ssl_handle_hs_message_post_handshake()
5862 return ssl_tls13_handle_hs_message_post_handshake(ssl); in ssl_handle_hs_message_post_handshake()
5867 if (ssl->tls_version <= MBEDTLS_SSL_VERSION_TLS1_2) { in ssl_handle_hs_message_post_handshake()
5868 return ssl_tls12_handle_hs_message_post_handshake(ssl); in ssl_handle_hs_message_post_handshake()
5893 mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) in ssl_read_application_data() argument
5895 size_t n = (len < ssl->in_msglen) ? len : ssl->in_msglen; in ssl_read_application_data()
5898 memcpy(buf, ssl->in_offt, n); in ssl_read_application_data()
5899 ssl->in_msglen -= n; in ssl_read_application_data()
5904 mbedtls_platform_zeroize(ssl->in_offt, n); in ssl_read_application_data()
5906 if (ssl->in_msglen == 0) { in ssl_read_application_data()
5908 ssl->in_offt = NULL; in ssl_read_application_data()
5909 ssl->keep_current_message = 0; in ssl_read_application_data()
5912 ssl->in_offt += n; in ssl_read_application_data()
5921 int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) in mbedtls_ssl_read() argument
5925 if (ssl == NULL || ssl->conf == NULL) { in mbedtls_ssl_read()
5932 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_read()
5933 if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { in mbedtls_ssl_read()
5937 if (ssl->handshake != NULL && in mbedtls_ssl_read()
5938 ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { in mbedtls_ssl_read()
5939 if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { in mbedtls_ssl_read()
5959 ret = ssl_check_ctr_renegotiate(ssl); in mbedtls_ssl_read()
5967 if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { in mbedtls_ssl_read()
5968 ret = mbedtls_ssl_handshake(ssl); in mbedtls_ssl_read()
5977 while (ssl->in_offt == NULL) { in mbedtls_ssl_read()
5979 if (ssl->f_get_timer != NULL && in mbedtls_ssl_read()
5980 ssl->f_get_timer(ssl->p_timer) == -1) { in mbedtls_ssl_read()
5981 mbedtls_ssl_set_timer(ssl, ssl->conf->read_timeout); in mbedtls_ssl_read()
5984 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in mbedtls_ssl_read()
5993 if (ssl->in_msglen == 0 && in mbedtls_ssl_read()
5994 ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA) { in mbedtls_ssl_read()
5998 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in mbedtls_ssl_read()
6008 if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) { in mbedtls_ssl_read()
6009 ret = ssl_handle_hs_message_post_handshake(ssl); in mbedtls_ssl_read()
6040 else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { in mbedtls_ssl_read()
6041 if (ssl->conf->renego_max_records >= 0) { in mbedtls_ssl_read()
6042 if (++ssl->renego_records_seen > ssl->conf->renego_max_records) { in mbedtls_ssl_read()
6052 if (ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT) { in mbedtls_ssl_read()
6057 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA) { in mbedtls_ssl_read()
6062 ssl->in_offt = ssl->in_msg; in mbedtls_ssl_read()
6066 if (mbedtls_ssl_is_handshake_over(ssl) == 1) { in mbedtls_ssl_read()
6067 mbedtls_ssl_set_timer(ssl, 0); in mbedtls_ssl_read()
6075 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && in mbedtls_ssl_read()
6076 ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { in mbedtls_ssl_read()
6077 if ((ret = mbedtls_ssl_resend_hello_request(ssl)) != 0) { in mbedtls_ssl_read()
6087 ret = ssl_read_application_data(ssl, buf, len); in mbedtls_ssl_read()
6095 int mbedtls_ssl_read_early_data(mbedtls_ssl_context *ssl, in mbedtls_ssl_read_early_data() argument
6098 if (ssl == NULL || (ssl->conf == NULL)) { in mbedtls_ssl_read_early_data()
6106 if ((ssl->state != MBEDTLS_SSL_END_OF_EARLY_DATA) || in mbedtls_ssl_read_early_data()
6107 (ssl->in_offt == NULL)) { in mbedtls_ssl_read_early_data()
6111 return ssl_read_application_data(ssl, buf, len); in mbedtls_ssl_read_early_data()
6128 static int ssl_write_real(mbedtls_ssl_context *ssl, in ssl_write_real() argument
6131 int ret = mbedtls_ssl_get_max_out_record_payload(ssl); in ssl_write_real()
6141 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_write_real()
6152 if (ssl->out_left != 0) { in ssl_write_real()
6159 if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { in ssl_write_real()
6169 ssl->out_msglen = len; in ssl_write_real()
6170 ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; in ssl_write_real()
6172 memcpy(ssl->out_msg, buf, len); in ssl_write_real()
6175 if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) { in ssl_write_real()
6187 int mbedtls_ssl_write(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len) in mbedtls_ssl_write() argument
6193 if (ssl == NULL || ssl->conf == NULL) { in mbedtls_ssl_write()
6198 if ((ret = ssl_check_ctr_renegotiate(ssl)) != 0) { in mbedtls_ssl_write()
6204 if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { in mbedtls_ssl_write()
6205 if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { in mbedtls_ssl_write()
6211 ret = ssl_write_real(ssl, buf, len); in mbedtls_ssl_write()
6219 int mbedtls_ssl_write_early_data(mbedtls_ssl_context *ssl, in mbedtls_ssl_write_early_data() argument
6228 if (ssl == NULL || (conf = ssl->conf) == NULL) { in mbedtls_ssl_write_early_data()
6242 if (ssl->tls_version != MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_write_early_data()
6258 if ((ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_IDLE) || in mbedtls_ssl_write_early_data()
6259 (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_IND_SENT)) { in mbedtls_ssl_write_early_data()
6260 while ((ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_IDLE) || in mbedtls_ssl_write_early_data()
6261 (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_IND_SENT)) { in mbedtls_ssl_write_early_data()
6262 ret = mbedtls_ssl_handshake_step(ssl); in mbedtls_ssl_write_early_data()
6268 ret = mbedtls_ssl_flush_output(ssl); in mbedtls_ssl_write_early_data()
6274 remaining = ssl->session_negotiate->max_early_data_size; in mbedtls_ssl_write_early_data()
6283 if ((ssl->early_data_state != MBEDTLS_SSL_EARLY_DATA_STATE_CAN_WRITE) && in mbedtls_ssl_write_early_data()
6284 (ssl->early_data_state != MBEDTLS_SSL_EARLY_DATA_STATE_ACCEPTED)) { in mbedtls_ssl_write_early_data()
6288 remaining = ssl->session_negotiate->max_early_data_size - in mbedtls_ssl_write_early_data()
6289 ssl->total_early_data_size; in mbedtls_ssl_write_early_data()
6295 ret = mbedtls_ssl_handshake(ssl); in mbedtls_ssl_write_early_data()
6302 if (((ssl->early_data_state != MBEDTLS_SSL_EARLY_DATA_STATE_CAN_WRITE) && in mbedtls_ssl_write_early_data()
6303 (ssl->early_data_state != MBEDTLS_SSL_EARLY_DATA_STATE_ACCEPTED)) in mbedtls_ssl_write_early_data()
6312 ret = ssl_write_real(ssl, buf, len); in mbedtls_ssl_write_early_data()
6314 ssl->total_early_data_size += ret; in mbedtls_ssl_write_early_data()
6326 int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl) in mbedtls_ssl_close_notify() argument
6330 if (ssl == NULL || ssl->conf == NULL) { in mbedtls_ssl_close_notify()
6336 if (mbedtls_ssl_is_handshake_over(ssl) == 1) { in mbedtls_ssl_close_notify()
6337 if ((ret = mbedtls_ssl_send_alert_message(ssl, in mbedtls_ssl_close_notify()
6377 void mbedtls_ssl_set_inbound_transform(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_inbound_transform() argument
6380 ssl->transform_in = transform; in mbedtls_ssl_set_inbound_transform()
6381 memset(ssl->in_ctr, 0, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN); in mbedtls_ssl_set_inbound_transform()
6384 void mbedtls_ssl_set_outbound_transform(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_outbound_transform() argument
6387 ssl->transform_out = transform; in mbedtls_ssl_set_outbound_transform()
6388 memset(ssl->cur_out_ctr, 0, sizeof(ssl->cur_out_ctr)); in mbedtls_ssl_set_outbound_transform()
6393 void mbedtls_ssl_buffering_free(mbedtls_ssl_context *ssl) in mbedtls_ssl_buffering_free() argument
6396 mbedtls_ssl_handshake_params * const hs = ssl->handshake; in mbedtls_ssl_buffering_free()
6402 ssl_free_buffered_record(ssl); in mbedtls_ssl_buffering_free()
6405 ssl_buffering_free_slot(ssl, offset); in mbedtls_ssl_buffering_free()
6409 static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl, in ssl_buffering_free_slot() argument
6412 mbedtls_ssl_handshake_params * const hs = ssl->handshake; in ssl_buffering_free_slot()
6476 int mbedtls_ssl_handle_pending_alert(mbedtls_ssl_context *ssl) in mbedtls_ssl_handle_pending_alert() argument
6481 if (ssl->send_alert == 0) { in mbedtls_ssl_handle_pending_alert()
6485 ret = mbedtls_ssl_send_alert_message(ssl, in mbedtls_ssl_handle_pending_alert()
6487 ssl->alert_type); in mbedtls_ssl_handle_pending_alert()
6493 ssl->send_alert = 0; in mbedtls_ssl_handle_pending_alert()
6500 return ssl->alert_reason; in mbedtls_ssl_handle_pending_alert()
6506 void mbedtls_ssl_pend_fatal_alert(mbedtls_ssl_context *ssl, in mbedtls_ssl_pend_fatal_alert() argument
6510 ssl->send_alert = 1; in mbedtls_ssl_pend_fatal_alert()
6511 ssl->alert_type = alert_type; in mbedtls_ssl_pend_fatal_alert()
6512 ssl->alert_reason = alert_reason; in mbedtls_ssl_pend_fatal_alert()