794         ssl->handshake->update_checksum = ssl_update_checksum_sha384;  in mbedtls_ssl_optimize_checksum()
799         ssl->handshake->update_checksum = ssl_update_checksum_sha256;  in mbedtls_ssl_optimize_checksum()
820     return ssl->handshake->update_checksum(ssl, hs_hdr, sizeof(hs_hdr));  in mbedtls_ssl_add_hs_hdr_to_checksum()
833     return ssl->handshake->update_checksum(ssl, msg, msg_len);  in mbedtls_ssl_add_hs_msg_to_checksum()
850     status = psa_hash_abort(&ssl->handshake->fin_sha256_psa);  in mbedtls_ssl_reset_checksum()
854     status = psa_hash_setup(&ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256);  in mbedtls_ssl_reset_checksum()
859     mbedtls_md_free(&ssl->handshake->fin_sha256);  in mbedtls_ssl_reset_checksum()
860     mbedtls_md_init(&ssl->handshake->fin_sha256);  in mbedtls_ssl_reset_checksum()
861     ret = mbedtls_md_setup(&ssl->handshake->fin_sha256,  in mbedtls_ssl_reset_checksum()
867     ret = mbedtls_md_starts(&ssl->handshake->fin_sha256);  in mbedtls_ssl_reset_checksum()
875     status = psa_hash_abort(&ssl->handshake->fin_sha384_psa);  in mbedtls_ssl_reset_checksum()
879     status = psa_hash_setup(&ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384);  in mbedtls_ssl_reset_checksum()
884     mbedtls_md_free(&ssl->handshake->fin_sha384);  in mbedtls_ssl_reset_checksum()
885     mbedtls_md_init(&ssl->handshake->fin_sha384);  in mbedtls_ssl_reset_checksum()
886     ret = mbedtls_md_setup(&ssl->handshake->fin_sha384,  in mbedtls_ssl_reset_checksum()
891     ret = mbedtls_md_starts(&ssl->handshake->fin_sha384);  in mbedtls_ssl_reset_checksum()
917     status = psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len);  in ssl_update_checksum_start()
922     ret = mbedtls_md_update(&ssl->handshake->fin_sha256, buf, len);  in ssl_update_checksum_start()
930     status = psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len);  in ssl_update_checksum_start()
935     ret = mbedtls_md_update(&ssl->handshake->fin_sha384, buf, len);  in ssl_update_checksum_start()
950                                          &ssl->handshake->fin_sha256_psa, buf, len));  in ssl_update_checksum_sha256()
952     return mbedtls_md_update(&ssl->handshake->fin_sha256, buf, len);  in ssl_update_checksum_sha256()
963                                          &ssl->handshake->fin_sha384_psa, buf, len));  in ssl_update_checksum_sha384()
965     return mbedtls_md_update(&ssl->handshake->fin_sha384, buf, len);  in ssl_update_checksum_sha384()
970 static void ssl_handshake_params_init(mbedtls_ssl_handshake_params *handshake)  in ssl_handshake_params_init()  argument
972     memset(handshake, 0, sizeof(mbedtls_ssl_handshake_params));  in ssl_handshake_params_init()
976     handshake->fin_sha256_psa = psa_hash_operation_init();  in ssl_handshake_params_init()
978     mbedtls_md_init(&handshake->fin_sha256);  in ssl_handshake_params_init()
983     handshake->fin_sha384_psa = psa_hash_operation_init();  in ssl_handshake_params_init()
985     mbedtls_md_init(&handshake->fin_sha384);  in ssl_handshake_params_init()
989     handshake->update_checksum = ssl_update_checksum_start;  in ssl_handshake_params_init()
992     mbedtls_dhm_init(&handshake->dhm_ctx);  in ssl_handshake_params_init()
996     mbedtls_ecdh_init(&handshake->ecdh_ctx);  in ssl_handshake_params_init()
1000     handshake->psa_pake_ctx = psa_pake_operation_init();  in ssl_handshake_params_init()
1001     handshake->psa_pake_password = MBEDTLS_SVC_KEY_ID_INIT;  in ssl_handshake_params_init()
1003     mbedtls_ecjpake_init(&handshake->ecjpake_ctx);  in ssl_handshake_params_init()
1006     handshake->ecjpake_cache = NULL;  in ssl_handshake_params_init()
1007     handshake->ecjpake_cache_len = 0;  in ssl_handshake_params_init()
1012     mbedtls_x509_crt_restart_init(&handshake->ecrs_ctx);  in ssl_handshake_params_init()
1016     handshake->sni_authmode = MBEDTLS_SSL_VERIFY_UNSET;  in ssl_handshake_params_init()
1021     mbedtls_pk_init(&handshake->peer_pubkey);  in ssl_handshake_params_init()
1067     if (ssl->handshake) {  in ssl_handshake_init()
1085     if (ssl->handshake == NULL) {  in ssl_handshake_init()
1086         ssl->handshake = mbedtls_calloc(1, sizeof(mbedtls_ssl_handshake_params));  in ssl_handshake_init()
1096     if (ssl->handshake           == NULL ||  in ssl_handshake_init()
1103         mbedtls_free(ssl->handshake);  in ssl_handshake_init()
1104         ssl->handshake = NULL;  in ssl_handshake_init()
1129     ssl_handshake_params_init(ssl->handshake);  in ssl_handshake_init()
1145     ssl->handshake->new_session_tickets_count =  in ssl_handshake_init()
1151         ssl->handshake->alt_transform_out = ssl->transform_out;  in ssl_handshake_init()
1154             ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING;  in ssl_handshake_init()
1156             ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING;  in ssl_handshake_init()
1196         ssl->handshake->group_list = group_list;  in ssl_handshake_init()
1197         ssl->handshake->group_list_heap_allocated = 1;  in ssl_handshake_init()
1199         ssl->handshake->group_list = ssl->conf->group_list;  in ssl_handshake_init()
1200         ssl->handshake->group_list_heap_allocated = 0;  in ssl_handshake_init()
1241         ssl->handshake->sig_algs = mbedtls_calloc(1, sig_algs_len +  in ssl_handshake_init()
1243         if (ssl->handshake->sig_algs == NULL) {  in ssl_handshake_init()
1247         p = (uint16_t *) ssl->handshake->sig_algs;  in ssl_handshake_init()
1263         ssl->handshake->sig_algs_heap_allocated = 1;  in ssl_handshake_init()
1267         ssl->handshake->sig_algs_heap_allocated = 0;  in ssl_handshake_init()
1539     if (ssl->handshake != NULL) {  in mbedtls_ssl_session_reset_msg_layer()
1541         mbedtls_ssl_transform_free(ssl->handshake->transform_earlydata);  in mbedtls_ssl_session_reset_msg_layer()
1542         mbedtls_free(ssl->handshake->transform_earlydata);  in mbedtls_ssl_session_reset_msg_layer()
1543         ssl->handshake->transform_earlydata = NULL;  in mbedtls_ssl_session_reset_msg_layer()
1546         mbedtls_ssl_transform_free(ssl->handshake->transform_handshake);  in mbedtls_ssl_session_reset_msg_layer()
1547         mbedtls_free(ssl->handshake->transform_handshake);  in mbedtls_ssl_session_reset_msg_layer()
1548         ssl->handshake->transform_handshake = NULL;  in mbedtls_ssl_session_reset_msg_layer()
1747     if (ssl->handshake->resume == 1) {  in mbedtls_ssl_set_session()
1780     ssl->handshake->resume = 1;  in mbedtls_ssl_set_session()
1915     *name_len = ssl->handshake->sni_name_len;  in mbedtls_ssl_get_hs_sni()
1916     return ssl->handshake->sni_name;  in mbedtls_ssl_get_hs_sni()
1923     return ssl_append_key_cert(&ssl->handshake->sni_key_cert,  in mbedtls_ssl_set_hs_own_cert()
1931     ssl->handshake->sni_ca_chain   = ca_chain;  in mbedtls_ssl_set_hs_ca_chain()
1932     ssl->handshake->sni_ca_crl     = ca_crl;  in mbedtls_ssl_set_hs_ca_chain()
1939     ssl->handshake->dn_hints = crt;  in mbedtls_ssl_set_hs_dn_hints()
1946     ssl->handshake->sni_authmode = authmode;  in mbedtls_ssl_set_hs_authmode()
1983     status = psa_pake_setup(&ssl->handshake->psa_pake_ctx, &cipher_suite);  in mbedtls_ssl_set_hs_ecjpake_password_common()
2000     status = psa_pake_set_user(&ssl->handshake->psa_pake_ctx, user, user_len);  in mbedtls_ssl_set_hs_ecjpake_password_common()
2005     status = psa_pake_set_peer(&ssl->handshake->psa_pake_ctx, peer, peer_len);  in mbedtls_ssl_set_hs_ecjpake_password_common()
2010     status = psa_pake_set_password_key(&ssl->handshake->psa_pake_ctx, pwd);  in mbedtls_ssl_set_hs_ecjpake_password_common()
2015     ssl->handshake->psa_pake_ctx_is_ok = 1;  in mbedtls_ssl_set_hs_ecjpake_password_common()
2027     if (ssl->handshake == NULL || ssl->conf == NULL) {  in mbedtls_ssl_set_hs_ecjpake_password()
2041                             &ssl->handshake->psa_pake_password);  in mbedtls_ssl_set_hs_ecjpake_password()
2047                                                         ssl->handshake->psa_pake_password);  in mbedtls_ssl_set_hs_ecjpake_password()
2049         psa_destroy_key(ssl->handshake->psa_pake_password);  in mbedtls_ssl_set_hs_ecjpake_password()
2050         psa_pake_abort(&ssl->handshake->psa_pake_ctx);  in mbedtls_ssl_set_hs_ecjpake_password()
2062     if (ssl->handshake == NULL || ssl->conf == NULL) {  in mbedtls_ssl_set_hs_ecjpake_password_opaque()
2072         psa_pake_abort(&ssl->handshake->psa_pake_ctx);  in mbedtls_ssl_set_hs_ecjpake_password_opaque()
2085     if (ssl->handshake == NULL || ssl->conf == NULL) {  in mbedtls_ssl_set_hs_ecjpake_password()
2100     return mbedtls_ecjpake_setup(&ssl->handshake->ecjpake_ctx,  in mbedtls_ssl_set_hs_ecjpake_password()
2222     if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) {  in ssl_remove_psk()
2225         if (ssl->handshake->psk_opaque_is_internal) {  in ssl_remove_psk()
2226             psa_destroy_key(ssl->handshake->psk_opaque);  in ssl_remove_psk()
2227             ssl->handshake->psk_opaque_is_internal = 0;  in ssl_remove_psk()
2229         ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT;  in ssl_remove_psk()
2232     if (ssl->handshake->psk != NULL) {  in ssl_remove_psk()
2233         mbedtls_zeroize_and_free(ssl->handshake->psk,  in ssl_remove_psk()
2234                                  ssl->handshake->psk_len);  in ssl_remove_psk()
2235         ssl->handshake->psk_len = 0;  in ssl_remove_psk()
2236         ssl->handshake->psk = NULL;  in ssl_remove_psk()
2251     if (psk == NULL || ssl->handshake == NULL) {  in mbedtls_ssl_set_hs_psk()
2264         if (ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384) {  in mbedtls_ssl_set_hs_psk()
2290     ssl->handshake->psk_opaque_is_internal = 1;  in mbedtls_ssl_set_hs_psk()
2293     if ((ssl->handshake->psk = mbedtls_calloc(1, psk_len)) == NULL) {  in mbedtls_ssl_set_hs_psk()
2297     ssl->handshake->psk_len = psk_len;  in mbedtls_ssl_set_hs_psk()
2298     memcpy(ssl->handshake->psk, psk, ssl->handshake->psk_len);  in mbedtls_ssl_set_hs_psk()
2337         (ssl->handshake == NULL)) {  in mbedtls_ssl_set_hs_psk_opaque()
2342     ssl->handshake->psk_opaque = psk;  in mbedtls_ssl_set_hs_psk_opaque()
3122     if (ssl->handshake == NULL) {  in mbedtls_ssl_get_async_operation_data()
3125         return ssl->handshake->user_async_ctx;  in mbedtls_ssl_get_async_operation_data()
3132     if (ssl->handshake != NULL) {  in mbedtls_ssl_set_async_operation_data()
3133         ssl->handshake->user_async_ctx = ctx;  in mbedtls_ssl_set_async_operation_data()
3288     if (ssl->handshake == NULL || ssl->handshake->mtu == 0) {  in mbedtls_ssl_get_current_mtu()
3293         return ssl->handshake->mtu;  in mbedtls_ssl_get_current_mtu()
3296     return ssl->mtu < ssl->handshake->mtu ?  in mbedtls_ssl_get_current_mtu()
3297            ssl->mtu : ssl->handshake->mtu;  in mbedtls_ssl_get_current_mtu()
4549         ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) {  in ssl_prepare_handshake_step()
4565         ssl->handshake == NULL                       ||  in mbedtls_ssl_handshake_step()
4735             ssl->handshake->out_msg_seq = 1;  in mbedtls_ssl_start_renegotiation()
4737             ssl->handshake->in_msg_seq = 1;  in mbedtls_ssl_start_renegotiation()
4813     mbedtls_ssl_handshake_params *handshake = ssl->handshake;  in mbedtls_ssl_handshake_free()  local
4815     if (handshake == NULL) {  in mbedtls_ssl_handshake_free()
4821     if (ssl->handshake->group_list_heap_allocated) {  in mbedtls_ssl_handshake_free()
4822         mbedtls_free((void *) handshake->group_list);  in mbedtls_ssl_handshake_free()
4824     handshake->group_list = NULL;  in mbedtls_ssl_handshake_free()
4830     if (ssl->handshake->sig_algs_heap_allocated) {  in mbedtls_ssl_handshake_free()
4831         mbedtls_free((void *) handshake->sig_algs);  in mbedtls_ssl_handshake_free()
4833     handshake->sig_algs = NULL;  in mbedtls_ssl_handshake_free()
4836     if (ssl->handshake->certificate_request_context) {  in mbedtls_ssl_handshake_free()
4837         mbedtls_free((void *) handshake->certificate_request_context);  in mbedtls_ssl_handshake_free()
4843     if (ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0) {  in mbedtls_ssl_handshake_free()
4845         handshake->async_in_progress = 0;  in mbedtls_ssl_handshake_free()
4851     psa_hash_abort(&handshake->fin_sha256_psa);  in mbedtls_ssl_handshake_free()
4853     mbedtls_md_free(&handshake->fin_sha256);  in mbedtls_ssl_handshake_free()
4858     psa_hash_abort(&handshake->fin_sha384_psa);  in mbedtls_ssl_handshake_free()
4860     mbedtls_md_free(&handshake->fin_sha384);  in mbedtls_ssl_handshake_free()
4865     mbedtls_dhm_free(&handshake->dhm_ctx);  in mbedtls_ssl_handshake_free()
4869     mbedtls_ecdh_free(&handshake->ecdh_ctx);  in mbedtls_ssl_handshake_free()
4874     psa_pake_abort(&handshake->psa_pake_ctx);  in mbedtls_ssl_handshake_free()
4880     if (!mbedtls_svc_key_id_is_null(handshake->psa_pake_password)) {  in mbedtls_ssl_handshake_free()
4881         psa_destroy_key(handshake->psa_pake_password);  in mbedtls_ssl_handshake_free()
4883     handshake->psa_pake_password = MBEDTLS_SVC_KEY_ID_INIT;  in mbedtls_ssl_handshake_free()
4885     mbedtls_ecjpake_free(&handshake->ecjpake_ctx);  in mbedtls_ssl_handshake_free()
4888     mbedtls_free(handshake->ecjpake_cache);  in mbedtls_ssl_handshake_free()
4889     handshake->ecjpake_cache = NULL;  in mbedtls_ssl_handshake_free()
4890     handshake->ecjpake_cache_len = 0;  in mbedtls_ssl_handshake_free()
4898     mbedtls_free((void *) handshake->curves_tls_id);  in mbedtls_ssl_handshake_free()
4903     if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) {  in mbedtls_ssl_handshake_free()
4906         if (ssl->handshake->psk_opaque_is_internal) {  in mbedtls_ssl_handshake_free()
4907             psa_destroy_key(ssl->handshake->psk_opaque);  in mbedtls_ssl_handshake_free()
4908             ssl->handshake->psk_opaque_is_internal = 0;  in mbedtls_ssl_handshake_free()
4910         ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT;  in mbedtls_ssl_handshake_free()
4913     if (handshake->psk != NULL) {  in mbedtls_ssl_handshake_free()
4914         mbedtls_zeroize_and_free(handshake->psk, handshake->psk_len);  in mbedtls_ssl_handshake_free()
4925     ssl_key_cert_free(handshake->sni_key_cert);  in mbedtls_ssl_handshake_free()
4929     mbedtls_x509_crt_restart_free(&handshake->ecrs_ctx);  in mbedtls_ssl_handshake_free()
4930     if (handshake->ecrs_peer_cert != NULL) {  in mbedtls_ssl_handshake_free()
4931         mbedtls_x509_crt_free(handshake->ecrs_peer_cert);  in mbedtls_ssl_handshake_free()
4932         mbedtls_free(handshake->ecrs_peer_cert);  in mbedtls_ssl_handshake_free()
4938     mbedtls_pk_free(&handshake->peer_pubkey);  in mbedtls_ssl_handshake_free()
4943     mbedtls_free(handshake->cookie);  in mbedtls_ssl_handshake_free()
4948     mbedtls_ssl_flight_free(handshake->flight);  in mbedtls_ssl_handshake_free()
4953     if (handshake->xxdh_psa_privkey_is_external == 0) {  in mbedtls_ssl_handshake_free()
4954         psa_destroy_key(handshake->xxdh_psa_privkey);  in mbedtls_ssl_handshake_free()
4959     mbedtls_ssl_transform_free(handshake->transform_handshake);  in mbedtls_ssl_handshake_free()
4960     mbedtls_free(handshake->transform_handshake);  in mbedtls_ssl_handshake_free()
4962     mbedtls_ssl_transform_free(handshake->transform_earlydata);  in mbedtls_ssl_handshake_free()
4963     mbedtls_free(handshake->transform_earlydata);  in mbedtls_ssl_handshake_free()
4978     mbedtls_platform_zeroize(handshake,  in mbedtls_ssl_handshake_free()
5118     if (ssl->handshake != NULL) {  in mbedtls_ssl_context_save()
5540     if (ssl->handshake != NULL) {  in ssl_context_load()
5542         mbedtls_free(ssl->handshake);  in ssl_context_load()
5543         ssl->handshake = NULL;  in ssl_context_load()
5611     if (ssl->handshake) {  in mbedtls_ssl_free()
5613         mbedtls_free(ssl->handshake);  in mbedtls_ssl_free()
6452             hash_operation_to_clone = &ssl->handshake->fin_sha384_psa;  in mbedtls_ssl_get_handshake_transcript()
6458             hash_operation_to_clone = &ssl->handshake->fin_sha256_psa;  in mbedtls_ssl_get_handshake_transcript()
6504     ret = mbedtls_md_clone(&sha384, &ssl->handshake->fin_sha384);  in ssl_get_handshake_transcript_sha384()
6542     ret = mbedtls_md_clone(&sha256, &ssl->handshake->fin_sha256);  in ssl_get_handshake_transcript_sha256()
6649     memset(ssl->handshake->received_sig_algs, 0,  in mbedtls_ssl_parse_sig_alg_ext()
6650            sizeof(ssl->handshake->received_sig_algs));  in mbedtls_ssl_parse_sig_alg_ext()
6673             ssl->handshake->received_sig_algs[common_idx] = sig_alg;  in mbedtls_ssl_parse_sig_alg_ext()
6693     ssl->handshake->received_sig_algs[common_idx] = MBEDTLS_TLS_SIG_NONE;  in mbedtls_ssl_parse_sig_alg_ext()
6989 static int ssl_set_handshake_prfs(mbedtls_ssl_handshake_params *handshake,  in ssl_set_handshake_prfs()  argument
6994         handshake->tls_prf = tls_prf_sha384;  in ssl_set_handshake_prfs()
6995         handshake->calc_verify = ssl_calc_verify_tls_sha384;  in ssl_set_handshake_prfs()
6996         handshake->calc_finished = ssl_calc_finished_tls_sha384;  in ssl_set_handshake_prfs()
7002         handshake->tls_prf = tls_prf_sha256;  in ssl_set_handshake_prfs()
7003         handshake->calc_verify = ssl_calc_verify_tls_sha256;  in ssl_set_handshake_prfs()
7004         handshake->calc_finished = ssl_calc_finished_tls_sha256;  in ssl_set_handshake_prfs()
7008         (void) handshake;  in ssl_set_handshake_prfs()
7032 static int ssl_compute_master(mbedtls_ssl_handshake_params *handshake,  in ssl_compute_master()  argument
7059     unsigned char const *seed = handshake->randbytes;  in ssl_compute_master()
7070     if (handshake->resume != 0) {  in ssl_compute_master()
7076     if (handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED) {  in ssl_compute_master()
7079         ret = handshake->calc_verify(ssl, session_hash, &seed_len);  in ssl_compute_master()
7091     if (mbedtls_ssl_ciphersuite_uses_psk(handshake->ciphersuite_info) == 1) {  in ssl_compute_master()
7098         mbedtls_md_type_t hash_alg = (mbedtls_md_type_t) handshake->ciphersuite_info->mac;  in ssl_compute_master()
7113         switch (handshake->ciphersuite_info->key_exchange) {  in ssl_compute_master()
7121                 other_secret = handshake->premaster + 2;  in ssl_compute_master()
7125                 other_secret_len = MBEDTLS_GET_UINT16_BE(handshake->premaster, 0);  in ssl_compute_master()
7126                 other_secret = handshake->premaster + 2;  in ssl_compute_master()
7161         if (handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {  in ssl_compute_master()
7169             handshake->pmslen = PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE;  in ssl_compute_master()
7183             status = psa_pake_get_implicit_key(&handshake->psa_pake_ctx,  in ssl_compute_master()
7191                                                      handshake->premaster,  in ssl_compute_master()
7192                                                      handshake->pmslen);  in ssl_compute_master()
7204         ret = handshake->tls_prf(handshake->premaster, handshake->pmslen,  in ssl_compute_master()
7214                               handshake->premaster,  in ssl_compute_master()
7215                               handshake->pmslen);  in ssl_compute_master()
7217         mbedtls_platform_zeroize(handshake->premaster,  in ssl_compute_master()
7218                                  sizeof(handshake->premaster));  in ssl_compute_master()
7228         ssl->handshake->ciphersuite_info;  in mbedtls_ssl_derive_keys()
7233     ret = ssl_set_handshake_prfs(ssl->handshake,  in mbedtls_ssl_derive_keys()
7241     ret = ssl_compute_master(ssl->handshake,  in mbedtls_ssl_derive_keys()
7254         memcpy(tmp, ssl->handshake->randbytes, 64);  in mbedtls_ssl_derive_keys()
7255         memcpy(ssl->handshake->randbytes, tmp + 32, 32);  in mbedtls_ssl_derive_keys()
7256         memcpy(ssl->handshake->randbytes + 32, tmp, 32);  in mbedtls_ssl_derive_keys()
7267                                        ssl->handshake->tls_prf,  in mbedtls_ssl_derive_keys()
7268                                        ssl->handshake->randbytes,  in mbedtls_ssl_derive_keys()
7278     mbedtls_platform_zeroize(ssl->handshake->randbytes,  in mbedtls_ssl_derive_keys()
7279                              sizeof(ssl->handshake->randbytes));  in mbedtls_ssl_derive_keys()
7291             ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384;  in mbedtls_ssl_set_calc_verify_md()
7296             ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256;  in mbedtls_ssl_set_calc_verify_md()
7387     return ssl_calc_verify_tls_psa(ssl, &ssl->handshake->fin_sha256_psa, 32,  in ssl_calc_verify_tls_sha256()
7390     return ssl_calc_verify_tls_legacy(ssl, &ssl->handshake->fin_sha256,  in ssl_calc_verify_tls_sha256()
7402     return ssl_calc_verify_tls_psa(ssl, &ssl->handshake->fin_sha384_psa, 48,  in ssl_calc_verify_tls_sha384()
7405     return ssl_calc_verify_tls_legacy(ssl, &ssl->handshake->fin_sha384,  in ssl_calc_verify_tls_sha384()
7415     unsigned char *p = ssl->handshake->premaster;  in mbedtls_ssl_psk_derive_premaster()
7416     unsigned char *end = p + sizeof(ssl->handshake->premaster);  in mbedtls_ssl_psk_derive_premaster()
7480         if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx,  in mbedtls_ssl_psk_derive_premaster()
7489         MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K);  in mbedtls_ssl_psk_derive_premaster()
7497         if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, &zlen,  in mbedtls_ssl_psk_derive_premaster()
7507         MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx,  in mbedtls_ssl_psk_derive_premaster()
7531     ssl->handshake->pmslen = (size_t) (p - ssl->handshake->premaster);  in mbedtls_ssl_psk_derive_premaster()
7574         ssl->handshake->ciphersuite_info;  in mbedtls_ssl_write_certificate()
7591         ssl->handshake->ciphersuite_info;  in mbedtls_ssl_parse_certificate()
7614         ssl->handshake->ciphersuite_info;  in mbedtls_ssl_write_certificate()
7626         if (ssl->handshake->client_auth == 0) {  in mbedtls_ssl_write_certificate()
7929         ssl->handshake->ciphersuite_info;  in ssl_parse_certificate_coordinate()
7994     mbedtls_pk_init(&ssl->handshake->peer_pubkey);  in ssl_remember_peer_pubkey()
7996                                      &ssl->handshake->peer_pubkey);  in ssl_remember_peer_pubkey()
8012     const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET  in mbedtls_ssl_parse_certificate()
8013                        ? ssl->handshake->sni_authmode  in mbedtls_ssl_parse_certificate()
8030     if (ssl->handshake->ecrs_enabled &&  in mbedtls_ssl_parse_certificate()
8031         ssl->handshake->ecrs_state == ssl_ecrs_crt_verify) {  in mbedtls_ssl_parse_certificate()
8032         chain = ssl->handshake->ecrs_peer_cert;  in mbedtls_ssl_parse_certificate()
8033         ssl->handshake->ecrs_peer_cert = NULL;  in mbedtls_ssl_parse_certificate()
8080     if (ssl->handshake->ecrs_enabled) {  in mbedtls_ssl_parse_certificate()
8081         ssl->handshake->ecrs_state = ssl_ecrs_crt_verify;  in mbedtls_ssl_parse_certificate()
8085     if (ssl->handshake->ecrs_enabled) {  in mbedtls_ssl_parse_certificate()
8086         rs_ctx = &ssl->handshake->ecrs_ctx;  in mbedtls_ssl_parse_certificate()
8091                                          ssl->handshake->ciphersuite_info,  in mbedtls_ssl_parse_certificate()
8145         ssl->handshake->ecrs_peer_cert = chain;  in mbedtls_ssl_parse_certificate()
8224     ssl->handshake->tls_prf(session->master, 48, sender,  in ssl_calc_finished_tls_generic()
8250                                          &ssl->handshake->fin_sha256_psa,  in ssl_calc_finished_tls_sha256()
8252                                          &ssl->handshake->fin_sha256,  in ssl_calc_finished_tls_sha256()
8267                                          &ssl->handshake->fin_sha384_psa,  in ssl_calc_finished_tls_sha384()
8269                                          &ssl->handshake->fin_sha384,  in ssl_calc_finished_tls_sha384()
8284     mbedtls_free(ssl->handshake);  in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8285     ssl->handshake = NULL;  in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8302     int resume = ssl->handshake->resume;  in mbedtls_ssl_handshake_wrapup()
8345         ssl->handshake->flight != NULL) {  in mbedtls_ssl_handshake_wrapup()
8370     ret = ssl->handshake->calc_finished(ssl, ssl->out_msg + 4, ssl->conf->endpoint);  in mbedtls_ssl_write_finished()
8397     if (ssl->handshake->resume != 0) {  in mbedtls_ssl_write_finished()
8423         ssl->handshake->alt_transform_out = ssl->transform_out;  in mbedtls_ssl_write_finished()
8424         memcpy(ssl->handshake->alt_out_ctr, ssl->cur_out_ctr,  in mbedtls_ssl_write_finished()
8425                sizeof(ssl->handshake->alt_out_ctr));  in mbedtls_ssl_write_finished()
8484     ret = ssl->handshake->calc_finished(ssl, buf, ssl->conf->endpoint ^ 1);  in mbedtls_ssl_parse_finished()
8532     if (ssl->handshake->resume != 0) {  in mbedtls_ssl_parse_finished()
8743     if (ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED) {  in ssl_tls12_populate_transform()
8751         transform->out_cid_len = ssl->handshake->peer_cid_len;  in ssl_tls12_populate_transform()
8752         memcpy(transform->out_cid, ssl->handshake->peer_cid,  in ssl_tls12_populate_transform()
8753                ssl->handshake->peer_cid_len);  in ssl_tls12_populate_transform()
9182     if ((status = psa_hash_update(&hash_operation, ssl->handshake->randbytes,  in mbedtls_ssl_get_key_exchange_md_tls1_2()
9250     if ((ret = mbedtls_md_update(&ctx, ssl->handshake->randbytes, 64)) != 0) {  in mbedtls_ssl_get_key_exchange_md_tls1_2()
9283     uint16_t *received_sig_algs = ssl->handshake->received_sig_algs;  in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9305             if (ssl->handshake->key_cert && ssl->handshake->key_cert->key) {  in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9310                     !mbedtls_pk_can_do_ext(ssl->handshake->key_cert->key,  in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9317                     !mbedtls_pk_can_do_ext(ssl->handshake->key_cert->key,  in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9358         ssl->handshake->psa_pake_ctx_is_ok != 1)  in mbedtls_ssl_validate_ciphersuite()
9361         mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0)  in mbedtls_ssl_validate_ciphersuite()
9537             ssl->handshake->sni_name = p + 3;  in mbedtls_ssl_parse_server_name_ext()
9538             ssl->handshake->sni_name_len = hostname_len;  in mbedtls_ssl_parse_server_name_ext()
9922         if (ssl->handshake->sni_ca_chain != NULL) {  in mbedtls_ssl_verify_certificate()
9923             ca_chain = ssl->handshake->sni_ca_chain;  in mbedtls_ssl_verify_certificate()
9924             ca_crl   = ssl->handshake->sni_ca_crl;  in mbedtls_ssl_verify_certificate()