Lines Matching refs:ssl
102 int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_cid() argument
107 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_set_cid()
111 ssl->negotiate_cid = enable; in mbedtls_ssl_set_cid()
119 if (own_cid_len != ssl->conf->cid_len) { in mbedtls_ssl_set_cid()
122 (unsigned) ssl->conf->cid_len)); in mbedtls_ssl_set_cid()
126 memcpy(ssl->own_cid, own_cid, own_cid_len); in mbedtls_ssl_set_cid()
129 ssl->own_cid_len = (uint8_t) own_cid_len; in mbedtls_ssl_set_cid()
134 int mbedtls_ssl_get_own_cid(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_own_cid() argument
141 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_get_own_cid()
148 if (ssl->own_cid_len == 0 || ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { in mbedtls_ssl_get_own_cid()
153 *own_cid_len = ssl->own_cid_len; in mbedtls_ssl_get_own_cid()
155 memcpy(own_cid, ssl->own_cid, ssl->own_cid_len); in mbedtls_ssl_get_own_cid()
164 int mbedtls_ssl_get_peer_cid(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_peer_cid() argument
171 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || in mbedtls_ssl_get_peer_cid()
172 mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_get_peer_cid()
180 if (ssl->transform_in->in_cid_len == 0 && in mbedtls_ssl_get_peer_cid()
181 ssl->transform_in->out_cid_len == 0) { in mbedtls_ssl_get_peer_cid()
186 *peer_cid_len = ssl->transform_in->out_cid_len; in mbedtls_ssl_get_peer_cid()
188 memcpy(peer_cid, ssl->transform_in->out_cid, in mbedtls_ssl_get_peer_cid()
189 ssl->transform_in->out_cid_len); in mbedtls_ssl_get_peer_cid()
343 static void handle_buffer_resizing(mbedtls_ssl_context *ssl, int downsizing, in handle_buffer_resizing() argument
350 if (ssl->in_buf != NULL) { in handle_buffer_resizing()
351 written_in = ssl->in_msg - ssl->in_buf; in handle_buffer_resizing()
352 iv_offset_in = ssl->in_iv - ssl->in_buf; in handle_buffer_resizing()
353 len_offset_in = ssl->in_len - ssl->in_buf; in handle_buffer_resizing()
354 hdr_in = ssl->in_hdr - ssl->in_buf; in handle_buffer_resizing()
356 ssl->in_buf_len > in_buf_new_len && ssl->in_left < in_buf_new_len : in handle_buffer_resizing()
357 ssl->in_buf_len < in_buf_new_len) { in handle_buffer_resizing()
358 if (resize_buffer(&ssl->in_buf, in_buf_new_len, &ssl->in_buf_len) != 0) { in handle_buffer_resizing()
368 if (ssl->out_buf != NULL) { in handle_buffer_resizing()
369 written_out = ssl->out_msg - ssl->out_buf; in handle_buffer_resizing()
370 iv_offset_out = ssl->out_iv - ssl->out_buf; in handle_buffer_resizing()
371 len_offset_out = ssl->out_len - ssl->out_buf; in handle_buffer_resizing()
373 ssl->out_buf_len > out_buf_new_len && ssl->out_left < out_buf_new_len : in handle_buffer_resizing()
374 ssl->out_buf_len < out_buf_new_len) { in handle_buffer_resizing()
375 if (resize_buffer(&ssl->out_buf, out_buf_new_len, &ssl->out_buf_len) != 0) { in handle_buffer_resizing()
386 ssl->in_hdr = ssl->in_buf + hdr_in; in handle_buffer_resizing()
387 mbedtls_ssl_update_in_pointers(ssl); in handle_buffer_resizing()
388 mbedtls_ssl_reset_out_pointers(ssl); in handle_buffer_resizing()
392 ssl->out_msg = ssl->out_buf + written_out; in handle_buffer_resizing()
393 ssl->out_len = ssl->out_buf + len_offset_out; in handle_buffer_resizing()
394 ssl->out_iv = ssl->out_buf + iv_offset_out; in handle_buffer_resizing()
396 ssl->in_msg = ssl->in_buf + written_in; in handle_buffer_resizing()
397 ssl->in_len = ssl->in_buf + len_offset_in; in handle_buffer_resizing()
398 ssl->in_iv = ssl->in_buf + iv_offset_in; in handle_buffer_resizing()
431 const mbedtls_ssl_context *ssl);
709 void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl, in mbedtls_ssl_print_extension() argument
717 ssl, level, file, line, in mbedtls_ssl_print_extension()
729 ssl, level, file, line, in mbedtls_ssl_print_extension()
737 ssl, level, file, line, in mbedtls_ssl_print_extension()
742 void mbedtls_ssl_print_extensions(const mbedtls_ssl_context *ssl, in mbedtls_ssl_print_extensions() argument
752 ssl, level, file, line, hs_msg_type, extension_type_table[i], in mbedtls_ssl_print_extensions()
765 void mbedtls_ssl_print_ticket_flags(const mbedtls_ssl_context *ssl, in mbedtls_ssl_print_ticket_flags() argument
771 mbedtls_debug_print_msg(ssl, level, file, line, in mbedtls_ssl_print_ticket_flags()
778 mbedtls_debug_print_msg(ssl, level, file, line, "- %s is set.", in mbedtls_ssl_print_ticket_flags()
787 void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl, in mbedtls_ssl_optimize_checksum() argument
794 ssl->handshake->update_checksum = ssl_update_checksum_sha384; in mbedtls_ssl_optimize_checksum()
799 ssl->handshake->update_checksum = ssl_update_checksum_sha256; in mbedtls_ssl_optimize_checksum()
808 int mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl, in mbedtls_ssl_add_hs_hdr_to_checksum() argument
820 return ssl->handshake->update_checksum(ssl, hs_hdr, sizeof(hs_hdr)); in mbedtls_ssl_add_hs_hdr_to_checksum()
823 int mbedtls_ssl_add_hs_msg_to_checksum(mbedtls_ssl_context *ssl, in mbedtls_ssl_add_hs_msg_to_checksum() argument
829 ret = mbedtls_ssl_add_hs_hdr_to_checksum(ssl, hs_type, msg_len); in mbedtls_ssl_add_hs_msg_to_checksum()
833 return ssl->handshake->update_checksum(ssl, msg, msg_len); in mbedtls_ssl_add_hs_msg_to_checksum()
836 int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl) in mbedtls_ssl_reset_checksum() argument
846 ((void) ssl); in mbedtls_ssl_reset_checksum()
850 status = psa_hash_abort(&ssl->handshake->fin_sha256_psa); in mbedtls_ssl_reset_checksum()
854 status = psa_hash_setup(&ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256); in mbedtls_ssl_reset_checksum()
859 mbedtls_md_free(&ssl->handshake->fin_sha256); in mbedtls_ssl_reset_checksum()
860 mbedtls_md_init(&ssl->handshake->fin_sha256); in mbedtls_ssl_reset_checksum()
861 ret = mbedtls_md_setup(&ssl->handshake->fin_sha256, in mbedtls_ssl_reset_checksum()
867 ret = mbedtls_md_starts(&ssl->handshake->fin_sha256); in mbedtls_ssl_reset_checksum()
875 status = psa_hash_abort(&ssl->handshake->fin_sha384_psa); in mbedtls_ssl_reset_checksum()
879 status = psa_hash_setup(&ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384); in mbedtls_ssl_reset_checksum()
884 mbedtls_md_free(&ssl->handshake->fin_sha384); in mbedtls_ssl_reset_checksum()
885 mbedtls_md_init(&ssl->handshake->fin_sha384); in mbedtls_ssl_reset_checksum()
886 ret = mbedtls_md_setup(&ssl->handshake->fin_sha384, in mbedtls_ssl_reset_checksum()
891 ret = mbedtls_md_starts(&ssl->handshake->fin_sha384); in mbedtls_ssl_reset_checksum()
900 static int ssl_update_checksum_start(mbedtls_ssl_context *ssl, in ssl_update_checksum_start() argument
911 ((void) ssl); in ssl_update_checksum_start()
917 status = psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len); in ssl_update_checksum_start()
922 ret = mbedtls_md_update(&ssl->handshake->fin_sha256, buf, len); in ssl_update_checksum_start()
930 status = psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len); in ssl_update_checksum_start()
935 ret = mbedtls_md_update(&ssl->handshake->fin_sha384, buf, len); in ssl_update_checksum_start()
945 static int ssl_update_checksum_sha256(mbedtls_ssl_context *ssl, in ssl_update_checksum_sha256() argument
950 &ssl->handshake->fin_sha256_psa, buf, len)); in ssl_update_checksum_sha256()
952 return mbedtls_md_update(&ssl->handshake->fin_sha256, buf, len); in ssl_update_checksum_sha256()
958 static int ssl_update_checksum_sha384(mbedtls_ssl_context *ssl, in ssl_update_checksum_sha384() argument
963 &ssl->handshake->fin_sha384_psa, buf, len)); in ssl_update_checksum_sha384()
965 return mbedtls_md_update(&ssl->handshake->fin_sha384, buf, len); in ssl_update_checksum_sha384()
1054 static int ssl_handshake_init(mbedtls_ssl_context *ssl) in ssl_handshake_init() argument
1060 if (ssl->transform_negotiate) { in ssl_handshake_init()
1061 mbedtls_ssl_transform_free(ssl->transform_negotiate); in ssl_handshake_init()
1064 if (ssl->session_negotiate) { in ssl_handshake_init()
1065 mbedtls_ssl_session_free(ssl->session_negotiate); in ssl_handshake_init()
1067 if (ssl->handshake) { in ssl_handshake_init()
1068 mbedtls_ssl_handshake_free(ssl); in ssl_handshake_init()
1076 if (ssl->transform_negotiate == NULL) { in ssl_handshake_init()
1077 ssl->transform_negotiate = mbedtls_calloc(1, sizeof(mbedtls_ssl_transform)); in ssl_handshake_init()
1081 if (ssl->session_negotiate == NULL) { in ssl_handshake_init()
1082 ssl->session_negotiate = mbedtls_calloc(1, sizeof(mbedtls_ssl_session)); in ssl_handshake_init()
1085 if (ssl->handshake == NULL) { in ssl_handshake_init()
1086 ssl->handshake = mbedtls_calloc(1, sizeof(mbedtls_ssl_handshake_params)); in ssl_handshake_init()
1091 handle_buffer_resizing(ssl, 0, MBEDTLS_SSL_IN_BUFFER_LEN, in ssl_handshake_init()
1096 if (ssl->handshake == NULL || in ssl_handshake_init()
1098 ssl->transform_negotiate == NULL || in ssl_handshake_init()
1100 ssl->session_negotiate == NULL) { in ssl_handshake_init()
1103 mbedtls_free(ssl->handshake); in ssl_handshake_init()
1104 ssl->handshake = NULL; in ssl_handshake_init()
1107 mbedtls_free(ssl->transform_negotiate); in ssl_handshake_init()
1108 ssl->transform_negotiate = NULL; in ssl_handshake_init()
1111 mbedtls_free(ssl->session_negotiate); in ssl_handshake_init()
1112 ssl->session_negotiate = NULL; in ssl_handshake_init()
1119 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_IDLE; in ssl_handshake_init()
1122 ssl->discard_early_data_record = MBEDTLS_SSL_EARLY_DATA_NO_DISCARD; in ssl_handshake_init()
1124 ssl->total_early_data_size = 0; in ssl_handshake_init()
1128 mbedtls_ssl_session_init(ssl->session_negotiate); in ssl_handshake_init()
1129 ssl_handshake_params_init(ssl->handshake); in ssl_handshake_init()
1132 mbedtls_ssl_transform_init(ssl->transform_negotiate); in ssl_handshake_init()
1136 ret = mbedtls_ssl_reset_checksum(ssl); in ssl_handshake_init()
1145 ssl->handshake->new_session_tickets_count = in ssl_handshake_init()
1146 ssl->conf->new_session_tickets_count; in ssl_handshake_init()
1150 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_handshake_init()
1151 ssl->handshake->alt_transform_out = ssl->transform_out; in ssl_handshake_init()
1153 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_handshake_init()
1154 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; in ssl_handshake_init()
1156 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; in ssl_handshake_init()
1159 mbedtls_ssl_set_timer(ssl, 0); in ssl_handshake_init()
1171 if (ssl->conf->curve_list != NULL) { in ssl_handshake_init()
1173 const mbedtls_ecp_group_id *curve_list = ssl->conf->curve_list; in ssl_handshake_init()
1196 ssl->handshake->group_list = group_list; in ssl_handshake_init()
1197 ssl->handshake->group_list_heap_allocated = 1; in ssl_handshake_init()
1199 ssl->handshake->group_list = ssl->conf->group_list; in ssl_handshake_init()
1200 ssl->handshake->group_list_heap_allocated = 0; in ssl_handshake_init()
1210 if (mbedtls_ssl_conf_is_tls12_only(ssl->conf) && in ssl_handshake_init()
1211 ssl->conf->sig_hashes != NULL) { in ssl_handshake_init()
1213 const int *sig_hashes = ssl->conf->sig_hashes; in ssl_handshake_init()
1241 ssl->handshake->sig_algs = mbedtls_calloc(1, sig_algs_len + in ssl_handshake_init()
1243 if (ssl->handshake->sig_algs == NULL) { in ssl_handshake_init()
1247 p = (uint16_t *) ssl->handshake->sig_algs; in ssl_handshake_init()
1263 ssl->handshake->sig_algs_heap_allocated = 1; in ssl_handshake_init()
1267 ssl->handshake->sig_algs_heap_allocated = 0; in ssl_handshake_init()
1308 void mbedtls_ssl_init(mbedtls_ssl_context *ssl) in mbedtls_ssl_init() argument
1310 memset(ssl, 0, sizeof(mbedtls_ssl_context)); in mbedtls_ssl_init()
1314 static int ssl_conf_version_check(const mbedtls_ssl_context *ssl) in ssl_conf_version_check() argument
1316 const mbedtls_ssl_config *conf = ssl->conf; in ssl_conf_version_check()
1339 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_conf_version_check()
1354 static int ssl_conf_check(const mbedtls_ssl_context *ssl) in ssl_conf_check() argument
1357 ret = ssl_conf_version_check(ssl); in ssl_conf_check()
1362 if (ssl->conf->f_rng == NULL) { in ssl_conf_check()
1376 int mbedtls_ssl_setup(mbedtls_ssl_context *ssl, in mbedtls_ssl_setup() argument
1383 ssl->conf = conf; in mbedtls_ssl_setup()
1385 if ((ret = ssl_conf_check(ssl)) != 0) { in mbedtls_ssl_setup()
1388 ssl->tls_version = ssl->conf->max_tls_version; in mbedtls_ssl_setup()
1395 ssl->out_buf = NULL; in mbedtls_ssl_setup()
1398 ssl->in_buf_len = in_buf_len; in mbedtls_ssl_setup()
1400 ssl->in_buf = mbedtls_calloc(1, in_buf_len); in mbedtls_ssl_setup()
1401 if (ssl->in_buf == NULL) { in mbedtls_ssl_setup()
1408 ssl->out_buf_len = out_buf_len; in mbedtls_ssl_setup()
1410 ssl->out_buf = mbedtls_calloc(1, out_buf_len); in mbedtls_ssl_setup()
1411 if (ssl->out_buf == NULL) { in mbedtls_ssl_setup()
1417 mbedtls_ssl_reset_in_pointers(ssl); in mbedtls_ssl_setup()
1418 mbedtls_ssl_reset_out_pointers(ssl); in mbedtls_ssl_setup()
1421 memset(&ssl->dtls_srtp_info, 0, sizeof(ssl->dtls_srtp_info)); in mbedtls_ssl_setup()
1424 if ((ret = ssl_handshake_init(ssl)) != 0) { in mbedtls_ssl_setup()
1431 mbedtls_free(ssl->in_buf); in mbedtls_ssl_setup()
1432 mbedtls_free(ssl->out_buf); in mbedtls_ssl_setup()
1434 ssl->conf = NULL; in mbedtls_ssl_setup()
1437 ssl->in_buf_len = 0; in mbedtls_ssl_setup()
1438 ssl->out_buf_len = 0; in mbedtls_ssl_setup()
1440 ssl->in_buf = NULL; in mbedtls_ssl_setup()
1441 ssl->out_buf = NULL; in mbedtls_ssl_setup()
1443 ssl->in_hdr = NULL; in mbedtls_ssl_setup()
1444 ssl->in_ctr = NULL; in mbedtls_ssl_setup()
1445 ssl->in_len = NULL; in mbedtls_ssl_setup()
1446 ssl->in_iv = NULL; in mbedtls_ssl_setup()
1447 ssl->in_msg = NULL; in mbedtls_ssl_setup()
1449 ssl->out_hdr = NULL; in mbedtls_ssl_setup()
1450 ssl->out_ctr = NULL; in mbedtls_ssl_setup()
1451 ssl->out_len = NULL; in mbedtls_ssl_setup()
1452 ssl->out_iv = NULL; in mbedtls_ssl_setup()
1453 ssl->out_msg = NULL; in mbedtls_ssl_setup()
1465 void mbedtls_ssl_session_reset_msg_layer(mbedtls_ssl_context *ssl, in mbedtls_ssl_session_reset_msg_layer() argument
1469 size_t in_buf_len = ssl->in_buf_len; in mbedtls_ssl_session_reset_msg_layer()
1470 size_t out_buf_len = ssl->out_buf_len; in mbedtls_ssl_session_reset_msg_layer()
1481 mbedtls_ssl_set_timer(ssl, 0); in mbedtls_ssl_session_reset_msg_layer()
1483 mbedtls_ssl_reset_in_pointers(ssl); in mbedtls_ssl_session_reset_msg_layer()
1484 mbedtls_ssl_reset_out_pointers(ssl); in mbedtls_ssl_session_reset_msg_layer()
1487 ssl->in_offt = NULL; in mbedtls_ssl_session_reset_msg_layer()
1488 ssl->nb_zero = 0; in mbedtls_ssl_session_reset_msg_layer()
1489 ssl->in_msgtype = 0; in mbedtls_ssl_session_reset_msg_layer()
1490 ssl->in_msglen = 0; in mbedtls_ssl_session_reset_msg_layer()
1491 ssl->in_hslen = 0; in mbedtls_ssl_session_reset_msg_layer()
1492 ssl->keep_current_message = 0; in mbedtls_ssl_session_reset_msg_layer()
1493 ssl->transform_in = NULL; in mbedtls_ssl_session_reset_msg_layer()
1498 ssl->badmac_seen_or_in_hsfraglen = 0; in mbedtls_ssl_session_reset_msg_layer()
1502 ssl->next_record_offset = 0; in mbedtls_ssl_session_reset_msg_layer()
1503 ssl->in_epoch = 0; in mbedtls_ssl_session_reset_msg_layer()
1508 ssl->in_left = 0; in mbedtls_ssl_session_reset_msg_layer()
1509 memset(ssl->in_buf, 0, in_buf_len); in mbedtls_ssl_session_reset_msg_layer()
1512 ssl->send_alert = 0; in mbedtls_ssl_session_reset_msg_layer()
1515 ssl->out_msgtype = 0; in mbedtls_ssl_session_reset_msg_layer()
1516 ssl->out_msglen = 0; in mbedtls_ssl_session_reset_msg_layer()
1517 ssl->out_left = 0; in mbedtls_ssl_session_reset_msg_layer()
1518 memset(ssl->out_buf, 0, out_buf_len); in mbedtls_ssl_session_reset_msg_layer()
1519 memset(ssl->cur_out_ctr, 0, sizeof(ssl->cur_out_ctr)); in mbedtls_ssl_session_reset_msg_layer()
1520 ssl->transform_out = NULL; in mbedtls_ssl_session_reset_msg_layer()
1523 mbedtls_ssl_dtls_replay_reset(ssl); in mbedtls_ssl_session_reset_msg_layer()
1527 if (ssl->transform) { in mbedtls_ssl_session_reset_msg_layer()
1528 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_session_reset_msg_layer()
1529 mbedtls_free(ssl->transform); in mbedtls_ssl_session_reset_msg_layer()
1530 ssl->transform = NULL; in mbedtls_ssl_session_reset_msg_layer()
1535 mbedtls_ssl_transform_free(ssl->transform_application); in mbedtls_ssl_session_reset_msg_layer()
1536 mbedtls_free(ssl->transform_application); in mbedtls_ssl_session_reset_msg_layer()
1537 ssl->transform_application = NULL; in mbedtls_ssl_session_reset_msg_layer()
1539 if (ssl->handshake != NULL) { in mbedtls_ssl_session_reset_msg_layer()
1541 mbedtls_ssl_transform_free(ssl->handshake->transform_earlydata); in mbedtls_ssl_session_reset_msg_layer()
1542 mbedtls_free(ssl->handshake->transform_earlydata); in mbedtls_ssl_session_reset_msg_layer()
1543 ssl->handshake->transform_earlydata = NULL; in mbedtls_ssl_session_reset_msg_layer()
1546 mbedtls_ssl_transform_free(ssl->handshake->transform_handshake); in mbedtls_ssl_session_reset_msg_layer()
1547 mbedtls_free(ssl->handshake->transform_handshake); in mbedtls_ssl_session_reset_msg_layer()
1548 ssl->handshake->transform_handshake = NULL; in mbedtls_ssl_session_reset_msg_layer()
1554 int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial) in mbedtls_ssl_session_reset_int() argument
1558 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HELLO_REQUEST); in mbedtls_ssl_session_reset_int()
1559 ssl->tls_version = ssl->conf->max_tls_version; in mbedtls_ssl_session_reset_int()
1561 mbedtls_ssl_session_reset_msg_layer(ssl, partial); in mbedtls_ssl_session_reset_int()
1565 ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE; in mbedtls_ssl_session_reset_int()
1566 ssl->renego_records_seen = 0; in mbedtls_ssl_session_reset_int()
1568 ssl->verify_data_len = 0; in mbedtls_ssl_session_reset_int()
1569 memset(ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN); in mbedtls_ssl_session_reset_int()
1570 memset(ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN); in mbedtls_ssl_session_reset_int()
1572 ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION; in mbedtls_ssl_session_reset_int()
1574 ssl->session_in = NULL; in mbedtls_ssl_session_reset_int()
1575 ssl->session_out = NULL; in mbedtls_ssl_session_reset_int()
1576 if (ssl->session) { in mbedtls_ssl_session_reset_int()
1577 mbedtls_ssl_session_free(ssl->session); in mbedtls_ssl_session_reset_int()
1578 mbedtls_free(ssl->session); in mbedtls_ssl_session_reset_int()
1579 ssl->session = NULL; in mbedtls_ssl_session_reset_int()
1583 ssl->alpn_chosen = NULL; in mbedtls_ssl_session_reset_int()
1592 mbedtls_free(ssl->cli_id); in mbedtls_ssl_session_reset_int()
1593 ssl->cli_id = NULL; in mbedtls_ssl_session_reset_int()
1594 ssl->cli_id_len = 0; in mbedtls_ssl_session_reset_int()
1598 if ((ret = ssl_handshake_init(ssl)) != 0) { in mbedtls_ssl_session_reset_int()
1609 int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl) in mbedtls_ssl_session_reset() argument
1611 return mbedtls_ssl_session_reset_int(ssl, 0); in mbedtls_ssl_session_reset()
1641 void mbedtls_ssl_set_datagram_packing(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_datagram_packing() argument
1644 ssl->disable_datagram_packing = !allow_packing; in mbedtls_ssl_set_datagram_packing()
1686 void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_bio() argument
1692 ssl->p_bio = p_bio; in mbedtls_ssl_set_bio()
1693 ssl->f_send = f_send; in mbedtls_ssl_set_bio()
1694 ssl->f_recv = f_recv; in mbedtls_ssl_set_bio()
1695 ssl->f_recv_timeout = f_recv_timeout; in mbedtls_ssl_set_bio()
1699 void mbedtls_ssl_set_mtu(mbedtls_ssl_context *ssl, uint16_t mtu) in mbedtls_ssl_set_mtu() argument
1701 ssl->mtu = mtu; in mbedtls_ssl_set_mtu()
1710 void mbedtls_ssl_set_timer_cb(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_timer_cb() argument
1715 ssl->p_timer = p_timer; in mbedtls_ssl_set_timer_cb()
1716 ssl->f_set_timer = f_set_timer; in mbedtls_ssl_set_timer_cb()
1717 ssl->f_get_timer = f_get_timer; in mbedtls_ssl_set_timer_cb()
1720 mbedtls_ssl_set_timer(ssl, 0); in mbedtls_ssl_set_timer_cb()
1736 int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session) in mbedtls_ssl_set_session() argument
1740 if (ssl == NULL || in mbedtls_ssl_set_session()
1742 ssl->session_negotiate == NULL || in mbedtls_ssl_set_session()
1743 ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_set_session()
1747 if (ssl->handshake->resume == 1) { in mbedtls_ssl_set_session()
1758 ssl, ciphersuite_info, MBEDTLS_SSL_VERSION_TLS1_3, in mbedtls_ssl_set_session()
1775 if ((ret = mbedtls_ssl_session_copy(ssl->session_negotiate, in mbedtls_ssl_set_session()
1780 ssl->handshake->resume = 1; in mbedtls_ssl_set_session()
1912 const unsigned char *mbedtls_ssl_get_hs_sni(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_hs_sni() argument
1915 *name_len = ssl->handshake->sni_name_len; in mbedtls_ssl_get_hs_sni()
1916 return ssl->handshake->sni_name; in mbedtls_ssl_get_hs_sni()
1919 int mbedtls_ssl_set_hs_own_cert(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_own_cert() argument
1923 return ssl_append_key_cert(&ssl->handshake->sni_key_cert, in mbedtls_ssl_set_hs_own_cert()
1927 void mbedtls_ssl_set_hs_ca_chain(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_ca_chain() argument
1931 ssl->handshake->sni_ca_chain = ca_chain; in mbedtls_ssl_set_hs_ca_chain()
1932 ssl->handshake->sni_ca_crl = ca_crl; in mbedtls_ssl_set_hs_ca_chain()
1936 void mbedtls_ssl_set_hs_dn_hints(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_dn_hints() argument
1939 ssl->handshake->dn_hints = crt; in mbedtls_ssl_set_hs_dn_hints()
1943 void mbedtls_ssl_set_hs_authmode(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_authmode() argument
1946 ssl->handshake->sni_authmode = authmode; in mbedtls_ssl_set_hs_authmode()
1951 void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_verify() argument
1955 ssl->f_vrfy = f_vrfy; in mbedtls_ssl_set_verify()
1956 ssl->p_vrfy = p_vrfy; in mbedtls_ssl_set_verify()
1967 mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_ecjpake_password_common() argument
1983 status = psa_pake_setup(&ssl->handshake->psa_pake_ctx, &cipher_suite); in mbedtls_ssl_set_hs_ecjpake_password_common()
1988 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_set_hs_ecjpake_password_common()
2000 status = psa_pake_set_user(&ssl->handshake->psa_pake_ctx, user, user_len); in mbedtls_ssl_set_hs_ecjpake_password_common()
2005 status = psa_pake_set_peer(&ssl->handshake->psa_pake_ctx, peer, peer_len); in mbedtls_ssl_set_hs_ecjpake_password_common()
2010 status = psa_pake_set_password_key(&ssl->handshake->psa_pake_ctx, pwd); in mbedtls_ssl_set_hs_ecjpake_password_common()
2015 ssl->handshake->psa_pake_ctx_is_ok = 1; in mbedtls_ssl_set_hs_ecjpake_password_common()
2020 int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_ecjpake_password() argument
2027 if (ssl->handshake == NULL || ssl->conf == NULL) { in mbedtls_ssl_set_hs_ecjpake_password()
2041 &ssl->handshake->psa_pake_password); in mbedtls_ssl_set_hs_ecjpake_password()
2046 status = mbedtls_ssl_set_hs_ecjpake_password_common(ssl, in mbedtls_ssl_set_hs_ecjpake_password()
2047 ssl->handshake->psa_pake_password); in mbedtls_ssl_set_hs_ecjpake_password()
2049 psa_destroy_key(ssl->handshake->psa_pake_password); in mbedtls_ssl_set_hs_ecjpake_password()
2050 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in mbedtls_ssl_set_hs_ecjpake_password()
2057 int mbedtls_ssl_set_hs_ecjpake_password_opaque(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_ecjpake_password_opaque() argument
2062 if (ssl->handshake == NULL || ssl->conf == NULL) { in mbedtls_ssl_set_hs_ecjpake_password_opaque()
2070 status = mbedtls_ssl_set_hs_ecjpake_password_common(ssl, pwd); in mbedtls_ssl_set_hs_ecjpake_password_opaque()
2072 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in mbedtls_ssl_set_hs_ecjpake_password_opaque()
2079 int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_ecjpake_password() argument
2085 if (ssl->handshake == NULL || ssl->conf == NULL) { in mbedtls_ssl_set_hs_ecjpake_password()
2094 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_set_hs_ecjpake_password()
2100 return mbedtls_ecjpake_setup(&ssl->handshake->ecjpake_ctx, in mbedtls_ssl_set_hs_ecjpake_password()
2219 static void ssl_remove_psk(mbedtls_ssl_context *ssl) in ssl_remove_psk() argument
2222 if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { in ssl_remove_psk()
2225 if (ssl->handshake->psk_opaque_is_internal) { in ssl_remove_psk()
2226 psa_destroy_key(ssl->handshake->psk_opaque); in ssl_remove_psk()
2227 ssl->handshake->psk_opaque_is_internal = 0; in ssl_remove_psk()
2229 ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT; in ssl_remove_psk()
2232 if (ssl->handshake->psk != NULL) { in ssl_remove_psk()
2233 mbedtls_zeroize_and_free(ssl->handshake->psk, in ssl_remove_psk()
2234 ssl->handshake->psk_len); in ssl_remove_psk()
2235 ssl->handshake->psk_len = 0; in ssl_remove_psk()
2236 ssl->handshake->psk = NULL; in ssl_remove_psk()
2241 int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_psk() argument
2251 if (psk == NULL || ssl->handshake == NULL) { in mbedtls_ssl_set_hs_psk()
2259 ssl_remove_psk(ssl); in mbedtls_ssl_set_hs_psk()
2263 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { in mbedtls_ssl_set_hs_psk()
2264 if (ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384) { in mbedtls_ssl_set_hs_psk()
2274 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_set_hs_psk()
2290 ssl->handshake->psk_opaque_is_internal = 1; in mbedtls_ssl_set_hs_psk()
2291 return mbedtls_ssl_set_hs_psk_opaque(ssl, key); in mbedtls_ssl_set_hs_psk()
2293 if ((ssl->handshake->psk = mbedtls_calloc(1, psk_len)) == NULL) { in mbedtls_ssl_set_hs_psk()
2297 ssl->handshake->psk_len = psk_len; in mbedtls_ssl_set_hs_psk()
2298 memcpy(ssl->handshake->psk, psk, ssl->handshake->psk_len); in mbedtls_ssl_set_hs_psk()
2333 int mbedtls_ssl_set_hs_psk_opaque(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_hs_psk_opaque() argument
2337 (ssl->handshake == NULL)) { in mbedtls_ssl_set_hs_psk_opaque()
2341 ssl_remove_psk(ssl); in mbedtls_ssl_set_hs_psk_opaque()
2342 ssl->handshake->psk_opaque = psk; in mbedtls_ssl_set_hs_psk_opaque()
2790 const mbedtls_ssl_context *ssl) in mbedtls_ssl_has_set_hostname_been_called() argument
2792 return ssl->hostname != NULL; in mbedtls_ssl_has_set_hostname_been_called()
2801 const char *mbedtls_ssl_get_hostname_pointer(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_hostname_pointer() argument
2803 if (ssl->hostname == ssl_hostname_skip_cn_verification) { in mbedtls_ssl_get_hostname_pointer()
2806 return ssl->hostname; in mbedtls_ssl_get_hostname_pointer()
2809 static void mbedtls_ssl_free_hostname(mbedtls_ssl_context *ssl) in mbedtls_ssl_free_hostname() argument
2811 if (ssl->hostname != NULL && in mbedtls_ssl_free_hostname()
2812 ssl->hostname != ssl_hostname_skip_cn_verification) { in mbedtls_ssl_free_hostname()
2813 mbedtls_zeroize_and_free(ssl->hostname, strlen(ssl->hostname)); in mbedtls_ssl_free_hostname()
2815 ssl->hostname = NULL; in mbedtls_ssl_free_hostname()
2818 int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname) in mbedtls_ssl_set_hostname() argument
2835 mbedtls_ssl_free_hostname(ssl); in mbedtls_ssl_set_hostname()
2843 ssl->hostname = (char *) ssl_hostname_skip_cn_verification; in mbedtls_ssl_set_hostname()
2845 ssl->hostname = mbedtls_calloc(1, hostname_len + 1); in mbedtls_ssl_set_hostname()
2846 if (ssl->hostname == NULL) { in mbedtls_ssl_set_hostname()
2853 memcpy(ssl->hostname, hostname, hostname_len); in mbedtls_ssl_set_hostname()
2855 ssl->hostname[hostname_len] = '\0'; in mbedtls_ssl_set_hostname()
2901 const char *mbedtls_ssl_get_alpn_protocol(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_alpn_protocol() argument
2903 return ssl->alpn_chosen; in mbedtls_ssl_get_alpn_protocol()
2914 int mbedtls_ssl_dtls_srtp_set_mki_value(mbedtls_ssl_context *ssl, in mbedtls_ssl_dtls_srtp_set_mki_value() argument
2922 if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED) { in mbedtls_ssl_dtls_srtp_set_mki_value()
2926 memcpy(ssl->dtls_srtp_info.mki_value, mki_value, mki_len); in mbedtls_ssl_dtls_srtp_set_mki_value()
2927 ssl->dtls_srtp_info.mki_len = mki_len; in mbedtls_ssl_dtls_srtp_set_mki_value()
2962 void mbedtls_ssl_get_dtls_srtp_negotiation_result(const mbedtls_ssl_context *ssl, in mbedtls_ssl_get_dtls_srtp_negotiation_result() argument
2965 dtls_srtp_info->chosen_dtls_srtp_profile = ssl->dtls_srtp_info.chosen_dtls_srtp_profile; in mbedtls_ssl_get_dtls_srtp_negotiation_result()
2970 dtls_srtp_info->mki_len = ssl->dtls_srtp_info.mki_len; in mbedtls_ssl_get_dtls_srtp_negotiation_result()
2971 memcpy(dtls_srtp_info->mki_value, ssl->dtls_srtp_info.mki_value, in mbedtls_ssl_get_dtls_srtp_negotiation_result()
2972 ssl->dtls_srtp_info.mki_len); in mbedtls_ssl_get_dtls_srtp_negotiation_result()
3091 void mbedtls_ssl_set_export_keys_cb(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_export_keys_cb() argument
3095 ssl->f_export_keys = f_export_keys; in mbedtls_ssl_set_export_keys_cb()
3096 ssl->p_export_keys = p_export_keys; in mbedtls_ssl_set_export_keys_cb()
3120 void *mbedtls_ssl_get_async_operation_data(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_async_operation_data() argument
3122 if (ssl->handshake == NULL) { in mbedtls_ssl_get_async_operation_data()
3125 return ssl->handshake->user_async_ctx; in mbedtls_ssl_get_async_operation_data()
3129 void mbedtls_ssl_set_async_operation_data(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_async_operation_data() argument
3132 if (ssl->handshake != NULL) { in mbedtls_ssl_set_async_operation_data()
3133 ssl->handshake->user_async_ctx = ctx; in mbedtls_ssl_set_async_operation_data()
3141 uint32_t mbedtls_ssl_get_verify_result(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_verify_result() argument
3143 if (ssl->session != NULL) { in mbedtls_ssl_get_verify_result()
3144 return ssl->session->verify_result; in mbedtls_ssl_get_verify_result()
3147 if (ssl->session_negotiate != NULL) { in mbedtls_ssl_get_verify_result()
3148 return ssl->session_negotiate->verify_result; in mbedtls_ssl_get_verify_result()
3154 int mbedtls_ssl_get_ciphersuite_id_from_ssl(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_ciphersuite_id_from_ssl() argument
3156 if (ssl == NULL || ssl->session == NULL) { in mbedtls_ssl_get_ciphersuite_id_from_ssl()
3160 return ssl->session->ciphersuite; in mbedtls_ssl_get_ciphersuite_id_from_ssl()
3163 const char *mbedtls_ssl_get_ciphersuite(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_ciphersuite() argument
3165 if (ssl == NULL || ssl->session == NULL) { in mbedtls_ssl_get_ciphersuite()
3169 return mbedtls_ssl_get_ciphersuite_name(ssl->session->ciphersuite); in mbedtls_ssl_get_ciphersuite()
3172 const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_version() argument
3175 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_get_version()
3176 switch (ssl->tls_version) { in mbedtls_ssl_get_version()
3185 switch (ssl->tls_version) { in mbedtls_ssl_get_version()
3197 size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_output_record_size_limit() argument
3202 if (ssl->session != NULL && in mbedtls_ssl_get_output_record_size_limit()
3203 ssl->session->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && in mbedtls_ssl_get_output_record_size_limit()
3204 ssl->session->record_size_limit < max_len) { in mbedtls_ssl_get_output_record_size_limit()
3205 record_size_limit = ssl->session->record_size_limit; in mbedtls_ssl_get_output_record_size_limit()
3210 if (ssl->session_negotiate != NULL && in mbedtls_ssl_get_output_record_size_limit()
3211 ssl->session_negotiate->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && in mbedtls_ssl_get_output_record_size_limit()
3212 ssl->session_negotiate->record_size_limit < max_len) { in mbedtls_ssl_get_output_record_size_limit()
3213 record_size_limit = ssl->session_negotiate->record_size_limit; in mbedtls_ssl_get_output_record_size_limit()
3221 size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_input_max_frag_len() argument
3228 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && in mbedtls_ssl_get_input_max_frag_len()
3229 ssl->state >= MBEDTLS_SSL_SERVER_HELLO_DONE) { in mbedtls_ssl_get_input_max_frag_len()
3230 return ssl_mfl_code_to_length(ssl->conf->mfl_code); in mbedtls_ssl_get_input_max_frag_len()
3235 if (ssl->session_out != NULL) { in mbedtls_ssl_get_input_max_frag_len()
3236 read_mfl = ssl_mfl_code_to_length(ssl->session_out->mfl_code); in mbedtls_ssl_get_input_max_frag_len()
3243 if (ssl->session_negotiate != NULL) { in mbedtls_ssl_get_input_max_frag_len()
3244 read_mfl = ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code); in mbedtls_ssl_get_input_max_frag_len()
3253 size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_output_max_frag_len() argument
3260 max_len = ssl_mfl_code_to_length(ssl->conf->mfl_code); in mbedtls_ssl_get_output_max_frag_len()
3263 if (ssl->session_out != NULL && in mbedtls_ssl_get_output_max_frag_len()
3264 ssl_mfl_code_to_length(ssl->session_out->mfl_code) < max_len) { in mbedtls_ssl_get_output_max_frag_len()
3265 max_len = ssl_mfl_code_to_length(ssl->session_out->mfl_code); in mbedtls_ssl_get_output_max_frag_len()
3269 if (ssl->session_negotiate != NULL && in mbedtls_ssl_get_output_max_frag_len()
3270 ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code) < max_len) { in mbedtls_ssl_get_output_max_frag_len()
3271 max_len = ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code); in mbedtls_ssl_get_output_max_frag_len()
3279 size_t mbedtls_ssl_get_current_mtu(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_current_mtu() argument
3282 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && in mbedtls_ssl_get_current_mtu()
3283 (ssl->state == MBEDTLS_SSL_CLIENT_HELLO || in mbedtls_ssl_get_current_mtu()
3284 ssl->state == MBEDTLS_SSL_SERVER_HELLO)) { in mbedtls_ssl_get_current_mtu()
3288 if (ssl->handshake == NULL || ssl->handshake->mtu == 0) { in mbedtls_ssl_get_current_mtu()
3289 return ssl->mtu; in mbedtls_ssl_get_current_mtu()
3292 if (ssl->mtu == 0) { in mbedtls_ssl_get_current_mtu()
3293 return ssl->handshake->mtu; in mbedtls_ssl_get_current_mtu()
3296 return ssl->mtu < ssl->handshake->mtu ? in mbedtls_ssl_get_current_mtu()
3297 ssl->mtu : ssl->handshake->mtu; in mbedtls_ssl_get_current_mtu()
3301 int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_max_out_record_payload() argument
3308 (void) ssl; in mbedtls_ssl_get_max_out_record_payload()
3312 const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl); in mbedtls_ssl_get_max_out_record_payload()
3320 const size_t record_size_limit = mbedtls_ssl_get_output_record_size_limit(ssl); in mbedtls_ssl_get_max_out_record_payload()
3327 if (ssl->transform_out != NULL && in mbedtls_ssl_get_max_out_record_payload()
3328 ssl->transform_out->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_get_max_out_record_payload()
3344 if (mbedtls_ssl_get_current_mtu(ssl) != 0) { in mbedtls_ssl_get_max_out_record_payload()
3345 const size_t mtu = mbedtls_ssl_get_current_mtu(ssl); in mbedtls_ssl_get_max_out_record_payload()
3346 const int ret = mbedtls_ssl_get_record_expansion(ssl); in mbedtls_ssl_get_max_out_record_payload()
3367 ((void) ssl); in mbedtls_ssl_get_max_out_record_payload()
3373 int mbedtls_ssl_get_max_in_record_payload(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_max_in_record_payload() argument
3378 (void) ssl; in mbedtls_ssl_get_max_in_record_payload()
3382 const size_t mfl = mbedtls_ssl_get_input_max_frag_len(ssl); in mbedtls_ssl_get_max_in_record_payload()
3393 const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl) in mbedtls_ssl_get_peer_cert() argument
3395 if (ssl == NULL || ssl->session == NULL) { in mbedtls_ssl_get_peer_cert()
3400 return ssl->session->peer_cert; in mbedtls_ssl_get_peer_cert()
3408 int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, in mbedtls_ssl_get_session() argument
3413 if (ssl == NULL || in mbedtls_ssl_get_session()
3415 ssl->session == NULL || in mbedtls_ssl_get_session()
3416 ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_get_session()
3431 if (ssl->session->exported == 1) { in mbedtls_ssl_get_session()
3435 ret = mbedtls_ssl_session_copy(dst, ssl->session); in mbedtls_ssl_get_session()
3441 ssl->session->exported = 1; in mbedtls_ssl_get_session()
4524 static int ssl_prepare_handshake_step(mbedtls_ssl_context *ssl) in ssl_prepare_handshake_step() argument
4543 if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { in ssl_prepare_handshake_step()
4548 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_prepare_handshake_step()
4549 ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { in ssl_prepare_handshake_step()
4550 if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { in ssl_prepare_handshake_step()
4559 int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl) in mbedtls_ssl_handshake_step() argument
4563 if (ssl == NULL || in mbedtls_ssl_handshake_step()
4564 ssl->conf == NULL || in mbedtls_ssl_handshake_step()
4565 ssl->handshake == NULL || in mbedtls_ssl_handshake_step()
4566 ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { in mbedtls_ssl_handshake_step()
4570 ret = ssl_prepare_handshake_step(ssl); in mbedtls_ssl_handshake_step()
4575 ret = mbedtls_ssl_handle_pending_alert(ssl); in mbedtls_ssl_handshake_step()
4585 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_handshake_step()
4587 mbedtls_ssl_states_str((mbedtls_ssl_states) ssl->state))); in mbedtls_ssl_handshake_step()
4589 switch (ssl->state) { in mbedtls_ssl_handshake_step()
4591 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in mbedtls_ssl_handshake_step()
4596 ret = mbedtls_ssl_write_client_hello(ssl); in mbedtls_ssl_handshake_step()
4601 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_handshake_step()
4602 ret = mbedtls_ssl_tls13_handshake_client_step(ssl); in mbedtls_ssl_handshake_step()
4604 ret = mbedtls_ssl_handshake_client_step(ssl); in mbedtls_ssl_handshake_step()
4607 ret = mbedtls_ssl_handshake_client_step(ssl); in mbedtls_ssl_handshake_step()
4609 ret = mbedtls_ssl_tls13_handshake_client_step(ssl); in mbedtls_ssl_handshake_step()
4616 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_handshake_step()
4618 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { in mbedtls_ssl_handshake_step()
4619 ret = mbedtls_ssl_tls13_handshake_server_step(ssl); in mbedtls_ssl_handshake_step()
4621 ret = mbedtls_ssl_handshake_server_step(ssl); in mbedtls_ssl_handshake_step()
4624 ret = mbedtls_ssl_handshake_server_step(ssl); in mbedtls_ssl_handshake_step()
4626 ret = mbedtls_ssl_tls13_handshake_server_step(ssl); in mbedtls_ssl_handshake_step()
4635 if (ssl->send_alert) { in mbedtls_ssl_handshake_step()
4636 ret = mbedtls_ssl_handle_pending_alert(ssl); in mbedtls_ssl_handshake_step()
4648 int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl) in mbedtls_ssl_handshake() argument
4654 if (ssl == NULL || ssl->conf == NULL) { in mbedtls_ssl_handshake()
4659 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_handshake()
4660 (ssl->f_set_timer == NULL || ssl->f_get_timer == NULL)) { in mbedtls_ssl_handshake()
4670 while (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { in mbedtls_ssl_handshake()
4671 ret = mbedtls_ssl_handshake_step(ssl); in mbedtls_ssl_handshake()
4689 static int ssl_write_hello_request(mbedtls_ssl_context *ssl) in ssl_write_hello_request() argument
4695 ssl->out_msglen = 4; in ssl_write_hello_request()
4696 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_hello_request()
4697 ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_REQUEST; in ssl_write_hello_request()
4699 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in ssl_write_hello_request()
4719 int mbedtls_ssl_start_renegotiation(mbedtls_ssl_context *ssl) in mbedtls_ssl_start_renegotiation() argument
4725 if ((ret = ssl_handshake_init(ssl)) != 0) { in mbedtls_ssl_start_renegotiation()
4732 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_start_renegotiation()
4733 ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { in mbedtls_ssl_start_renegotiation()
4734 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_start_renegotiation()
4735 ssl->handshake->out_msg_seq = 1; in mbedtls_ssl_start_renegotiation()
4737 ssl->handshake->in_msg_seq = 1; in mbedtls_ssl_start_renegotiation()
4742 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HELLO_REQUEST); in mbedtls_ssl_start_renegotiation()
4743 ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS; in mbedtls_ssl_start_renegotiation()
4745 if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { in mbedtls_ssl_start_renegotiation()
4759 int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl) in mbedtls_ssl_renegotiate() argument
4763 if (ssl == NULL || ssl->conf == NULL) { in mbedtls_ssl_renegotiate()
4769 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_renegotiate()
4770 if (mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_renegotiate()
4774 ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; in mbedtls_ssl_renegotiate()
4777 if (ssl->out_left != 0) { in mbedtls_ssl_renegotiate()
4778 return mbedtls_ssl_flush_output(ssl); in mbedtls_ssl_renegotiate()
4781 return ssl_write_hello_request(ssl); in mbedtls_ssl_renegotiate()
4790 if (ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { in mbedtls_ssl_renegotiate()
4791 if (mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_renegotiate()
4795 if ((ret = mbedtls_ssl_start_renegotiation(ssl)) != 0) { in mbedtls_ssl_renegotiate()
4800 if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { in mbedtls_ssl_renegotiate()
4811 void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl) in mbedtls_ssl_handshake_free() argument
4813 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in mbedtls_ssl_handshake_free()
4821 if (ssl->handshake->group_list_heap_allocated) { in mbedtls_ssl_handshake_free()
4830 if (ssl->handshake->sig_algs_heap_allocated) { in mbedtls_ssl_handshake_free()
4836 if (ssl->handshake->certificate_request_context) { in mbedtls_ssl_handshake_free()
4843 if (ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0) { in mbedtls_ssl_handshake_free()
4844 ssl->conf->f_async_cancel(ssl); in mbedtls_ssl_handshake_free()
4903 if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { in mbedtls_ssl_handshake_free()
4906 if (ssl->handshake->psk_opaque_is_internal) { in mbedtls_ssl_handshake_free()
4907 psa_destroy_key(ssl->handshake->psk_opaque); in mbedtls_ssl_handshake_free()
4908 ssl->handshake->psk_opaque_is_internal = 0; in mbedtls_ssl_handshake_free()
4910 ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT; in mbedtls_ssl_handshake_free()
4949 mbedtls_ssl_buffering_free(ssl); in mbedtls_ssl_handshake_free()
4973 handle_buffer_resizing(ssl, 1, mbedtls_ssl_get_input_buflen(ssl), in mbedtls_ssl_handshake_free()
4974 mbedtls_ssl_get_output_buflen(ssl)); in mbedtls_ssl_handshake_free()
5095 int mbedtls_ssl_context_save(mbedtls_ssl_context *ssl, in mbedtls_ssl_context_save() argument
5114 if (mbedtls_ssl_is_handshake_over(ssl) == 0) { in mbedtls_ssl_context_save()
5118 if (ssl->handshake != NULL) { in mbedtls_ssl_context_save()
5123 if (ssl->transform == NULL || ssl->session == NULL) { in mbedtls_ssl_context_save()
5128 if (mbedtls_ssl_check_pending(ssl) != 0) { in mbedtls_ssl_context_save()
5132 if (ssl->out_left != 0) { in mbedtls_ssl_context_save()
5137 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_context_save()
5142 if (ssl->tls_version != MBEDTLS_SSL_VERSION_TLS1_2) { in mbedtls_ssl_context_save()
5147 if (mbedtls_ssl_transform_uses_aead(ssl->transform) != 1) { in mbedtls_ssl_context_save()
5153 if (ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED) { in mbedtls_ssl_context_save()
5173 ret = ssl_session_save(ssl->session, 1, NULL, 0, &session_len); in mbedtls_ssl_context_save()
5183 ret = ssl_session_save(ssl->session, 1, in mbedtls_ssl_context_save()
5195 used += sizeof(ssl->transform->randbytes); in mbedtls_ssl_context_save()
5197 memcpy(p, ssl->transform->randbytes, in mbedtls_ssl_context_save()
5198 sizeof(ssl->transform->randbytes)); in mbedtls_ssl_context_save()
5199 p += sizeof(ssl->transform->randbytes); in mbedtls_ssl_context_save()
5203 used += 2U + ssl->transform->in_cid_len + ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5205 *p++ = ssl->transform->in_cid_len; in mbedtls_ssl_context_save()
5206 memcpy(p, ssl->transform->in_cid, ssl->transform->in_cid_len); in mbedtls_ssl_context_save()
5207 p += ssl->transform->in_cid_len; in mbedtls_ssl_context_save()
5209 *p++ = ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5210 memcpy(p, ssl->transform->out_cid, ssl->transform->out_cid_len); in mbedtls_ssl_context_save()
5211 p += ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5220 MBEDTLS_PUT_UINT32_BE(ssl->badmac_seen_or_in_hsfraglen, p, 0); in mbedtls_ssl_context_save()
5227 MBEDTLS_PUT_UINT64_BE(ssl->in_window_top, p, 0); in mbedtls_ssl_context_save()
5230 MBEDTLS_PUT_UINT64_BE(ssl->in_window, p, 0); in mbedtls_ssl_context_save()
5238 *p++ = ssl->disable_datagram_packing; in mbedtls_ssl_context_save()
5244 memcpy(p, ssl->cur_out_ctr, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN); in mbedtls_ssl_context_save()
5251 MBEDTLS_PUT_UINT16_BE(ssl->mtu, p, 0); in mbedtls_ssl_context_save()
5258 const uint8_t alpn_len = ssl->alpn_chosen in mbedtls_ssl_context_save()
5259 ? (uint8_t) strlen(ssl->alpn_chosen) in mbedtls_ssl_context_save()
5266 if (ssl->alpn_chosen != NULL) { in mbedtls_ssl_context_save()
5267 memcpy(p, ssl->alpn_chosen, alpn_len); in mbedtls_ssl_context_save()
5285 return mbedtls_ssl_session_reset_int(ssl, 0); in mbedtls_ssl_context_save()
5295 static int ssl_context_load(mbedtls_ssl_context *ssl, in ssl_context_load() argument
5313 if (ssl->state != MBEDTLS_SSL_HELLO_REQUEST || in ssl_context_load()
5314 ssl->session != NULL) { in ssl_context_load()
5324 ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED || in ssl_context_load()
5326 ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || in ssl_context_load()
5327 ssl->conf->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2 || in ssl_context_load()
5328 ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2 in ssl_context_load()
5360 ssl->session = ssl->session_negotiate; in ssl_context_load()
5361 ssl->session_in = ssl->session; in ssl_context_load()
5362 ssl->session_out = ssl->session; in ssl_context_load()
5363 ssl->session_negotiate = NULL; in ssl_context_load()
5369 ret = ssl_session_load(ssl->session, 1, p, session_len); in ssl_context_load()
5371 mbedtls_ssl_session_free(ssl->session); in ssl_context_load()
5384 ssl->transform = ssl->transform_negotiate; in ssl_context_load()
5385 ssl->transform_in = ssl->transform; in ssl_context_load()
5386 ssl->transform_out = ssl->transform; in ssl_context_load()
5387 ssl->transform_negotiate = NULL; in ssl_context_load()
5391 prf_func = ssl_tls12prf_from_cs(ssl->session->ciphersuite); in ssl_context_load()
5397 if ((size_t) (end - p) < sizeof(ssl->transform->randbytes)) { in ssl_context_load()
5401 ret = ssl_tls12_populate_transform(ssl->transform, in ssl_context_load()
5402 ssl->session->ciphersuite, in ssl_context_load()
5403 ssl->session->master, in ssl_context_load()
5405 ssl->session->encrypt_then_mac, in ssl_context_load()
5410 ssl->conf->endpoint, in ssl_context_load()
5411 ssl); in ssl_context_load()
5416 p += sizeof(ssl->transform->randbytes); in ssl_context_load()
5424 ssl->transform->in_cid_len = *p++; in ssl_context_load()
5426 if ((size_t) (end - p) < ssl->transform->in_cid_len + 1u) { in ssl_context_load()
5430 memcpy(ssl->transform->in_cid, p, ssl->transform->in_cid_len); in ssl_context_load()
5431 p += ssl->transform->in_cid_len; in ssl_context_load()
5433 ssl->transform->out_cid_len = *p++; in ssl_context_load()
5435 if ((size_t) (end - p) < ssl->transform->out_cid_len) { in ssl_context_load()
5439 memcpy(ssl->transform->out_cid, p, ssl->transform->out_cid_len); in ssl_context_load()
5440 p += ssl->transform->out_cid_len; in ssl_context_load()
5450 ssl->badmac_seen_or_in_hsfraglen = MBEDTLS_GET_UINT32_BE(p, 0); in ssl_context_load()
5458 ssl->in_window_top = MBEDTLS_GET_UINT64_BE(p, 0); in ssl_context_load()
5461 ssl->in_window = MBEDTLS_GET_UINT64_BE(p, 0); in ssl_context_load()
5470 ssl->disable_datagram_packing = *p++; in ssl_context_load()
5473 if ((size_t) (end - p) < sizeof(ssl->cur_out_ctr)) { in ssl_context_load()
5476 memcpy(ssl->cur_out_ctr, p, sizeof(ssl->cur_out_ctr)); in ssl_context_load()
5477 p += sizeof(ssl->cur_out_ctr); in ssl_context_load()
5484 ssl->mtu = MBEDTLS_GET_UINT16_BE(p, 0); in ssl_context_load()
5499 if (alpn_len != 0 && ssl->conf->alpn_list != NULL) { in ssl_context_load()
5501 for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) { in ssl_context_load()
5504 ssl->alpn_chosen = *cur; in ssl_context_load()
5511 if (alpn_len != 0 && ssl->alpn_chosen == NULL) { in ssl_context_load()
5525 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER); in ssl_context_load()
5526 ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; in ssl_context_load()
5530 mbedtls_ssl_update_out_pointers(ssl, ssl->transform); in ssl_context_load()
5533 ssl->in_epoch = 1; in ssl_context_load()
5540 if (ssl->handshake != NULL) { in ssl_context_load()
5541 mbedtls_ssl_handshake_free(ssl); in ssl_context_load()
5542 mbedtls_free(ssl->handshake); in ssl_context_load()
5543 ssl->handshake = NULL; in ssl_context_load()
5576 void mbedtls_ssl_free(mbedtls_ssl_context *ssl) in mbedtls_ssl_free() argument
5578 if (ssl == NULL) { in mbedtls_ssl_free()
5584 if (ssl->out_buf != NULL) { in mbedtls_ssl_free()
5586 size_t out_buf_len = ssl->out_buf_len; in mbedtls_ssl_free()
5591 mbedtls_zeroize_and_free(ssl->out_buf, out_buf_len); in mbedtls_ssl_free()
5592 ssl->out_buf = NULL; in mbedtls_ssl_free()
5595 if (ssl->in_buf != NULL) { in mbedtls_ssl_free()
5597 size_t in_buf_len = ssl->in_buf_len; in mbedtls_ssl_free()
5602 mbedtls_zeroize_and_free(ssl->in_buf, in_buf_len); in mbedtls_ssl_free()
5603 ssl->in_buf = NULL; in mbedtls_ssl_free()
5606 if (ssl->transform) { in mbedtls_ssl_free()
5607 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_free()
5608 mbedtls_free(ssl->transform); in mbedtls_ssl_free()
5611 if (ssl->handshake) { in mbedtls_ssl_free()
5612 mbedtls_ssl_handshake_free(ssl); in mbedtls_ssl_free()
5613 mbedtls_free(ssl->handshake); in mbedtls_ssl_free()
5616 mbedtls_ssl_transform_free(ssl->transform_negotiate); in mbedtls_ssl_free()
5617 mbedtls_free(ssl->transform_negotiate); in mbedtls_ssl_free()
5620 mbedtls_ssl_session_free(ssl->session_negotiate); in mbedtls_ssl_free()
5621 mbedtls_free(ssl->session_negotiate); in mbedtls_ssl_free()
5625 mbedtls_ssl_transform_free(ssl->transform_application); in mbedtls_ssl_free()
5626 mbedtls_free(ssl->transform_application); in mbedtls_ssl_free()
5629 if (ssl->session) { in mbedtls_ssl_free()
5630 mbedtls_ssl_session_free(ssl->session); in mbedtls_ssl_free()
5631 mbedtls_free(ssl->session); in mbedtls_ssl_free()
5635 mbedtls_ssl_free_hostname(ssl); in mbedtls_ssl_free()
5639 mbedtls_free(ssl->cli_id); in mbedtls_ssl_free()
5645 mbedtls_platform_zeroize(ssl, sizeof(mbedtls_ssl_context)); in mbedtls_ssl_free()
6278 int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id) in mbedtls_ssl_check_curve_tls_id() argument
6280 const uint16_t *group_list = mbedtls_ssl_get_groups(ssl); in mbedtls_ssl_check_curve_tls_id()
6299 int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id) in mbedtls_ssl_check_curve() argument
6307 return mbedtls_ssl_check_curve_tls_id(ssl, tls_id); in mbedtls_ssl_check_curve()
6437 int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_handshake_transcript() argument
6452 hash_operation_to_clone = &ssl->handshake->fin_sha384_psa; in mbedtls_ssl_get_handshake_transcript()
6458 hash_operation_to_clone = &ssl->handshake->fin_sha256_psa; in mbedtls_ssl_get_handshake_transcript()
6479 (void) ssl; in mbedtls_ssl_get_handshake_transcript()
6487 static int ssl_get_handshake_transcript_sha384(mbedtls_ssl_context *ssl, in ssl_get_handshake_transcript_sha384() argument
6504 ret = mbedtls_md_clone(&sha384, &ssl->handshake->fin_sha384); in ssl_get_handshake_transcript_sha384()
6525 static int ssl_get_handshake_transcript_sha256(mbedtls_ssl_context *ssl, in ssl_get_handshake_transcript_sha256() argument
6542 ret = mbedtls_md_clone(&sha256, &ssl->handshake->fin_sha256); in ssl_get_handshake_transcript_sha256()
6561 int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_handshake_transcript() argument
6571 return ssl_get_handshake_transcript_sha384(ssl, dst, dst_len, olen); in mbedtls_ssl_get_handshake_transcript()
6576 return ssl_get_handshake_transcript_sha256(ssl, dst, dst_len, olen); in mbedtls_ssl_get_handshake_transcript()
6582 (void) ssl; in mbedtls_ssl_get_handshake_transcript()
6635 int mbedtls_ssl_parse_sig_alg_ext(mbedtls_ssl_context *ssl, in mbedtls_ssl_parse_sig_alg_ext() argument
6649 memset(ssl->handshake->received_sig_algs, 0, in mbedtls_ssl_parse_sig_alg_ext()
6650 sizeof(ssl->handshake->received_sig_algs)); in mbedtls_ssl_parse_sig_alg_ext()
6662 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2 && in mbedtls_ssl_parse_sig_alg_ext()
6663 (!(mbedtls_ssl_sig_alg_is_supported(ssl, sig_alg) && in mbedtls_ssl_parse_sig_alg_ext()
6664 mbedtls_ssl_sig_alg_is_offered(ssl, sig_alg)))) { in mbedtls_ssl_parse_sig_alg_ext()
6673 ssl->handshake->received_sig_algs[common_idx] = sig_alg; in mbedtls_ssl_parse_sig_alg_ext()
6693 ssl->handshake->received_sig_algs[common_idx] = MBEDTLS_TLS_SIG_NONE; in mbedtls_ssl_parse_sig_alg_ext()
7034 const mbedtls_ssl_context *ssl) in ssl_compute_master() argument
7066 ssl = NULL; /* make sure we don't use it except for those cases */ in ssl_compute_master()
7067 (void) ssl; in ssl_compute_master()
7079 ret = handshake->calc_verify(ssl, session_hash, &seed_len); in ssl_compute_master()
7102 psk = mbedtls_ssl_get_opaque_psk(ssl); in ssl_compute_master()
7133 ssl->conf->psk, ssl->conf->psk_len, in ssl_compute_master()
7224 int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl) in mbedtls_ssl_derive_keys() argument
7228 ssl->handshake->ciphersuite_info; in mbedtls_ssl_derive_keys()
7233 ret = ssl_set_handshake_prfs(ssl->handshake, in mbedtls_ssl_derive_keys()
7241 ret = ssl_compute_master(ssl->handshake, in mbedtls_ssl_derive_keys()
7242 ssl->session_negotiate->master, in mbedtls_ssl_derive_keys()
7243 ssl); in mbedtls_ssl_derive_keys()
7254 memcpy(tmp, ssl->handshake->randbytes, 64); in mbedtls_ssl_derive_keys()
7255 memcpy(ssl->handshake->randbytes, tmp + 32, 32); in mbedtls_ssl_derive_keys()
7256 memcpy(ssl->handshake->randbytes + 32, tmp, 32); in mbedtls_ssl_derive_keys()
7261 ret = ssl_tls12_populate_transform(ssl->transform_negotiate, in mbedtls_ssl_derive_keys()
7262 ssl->session_negotiate->ciphersuite, in mbedtls_ssl_derive_keys()
7263 ssl->session_negotiate->master, in mbedtls_ssl_derive_keys()
7265 ssl->session_negotiate->encrypt_then_mac, in mbedtls_ssl_derive_keys()
7267 ssl->handshake->tls_prf, in mbedtls_ssl_derive_keys()
7268 ssl->handshake->randbytes, in mbedtls_ssl_derive_keys()
7269 ssl->tls_version, in mbedtls_ssl_derive_keys()
7270 ssl->conf->endpoint, in mbedtls_ssl_derive_keys()
7271 ssl); in mbedtls_ssl_derive_keys()
7278 mbedtls_platform_zeroize(ssl->handshake->randbytes, in mbedtls_ssl_derive_keys()
7279 sizeof(ssl->handshake->randbytes)); in mbedtls_ssl_derive_keys()
7286 int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md) in mbedtls_ssl_set_calc_verify_md() argument
7291 ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384; in mbedtls_ssl_set_calc_verify_md()
7296 ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256; in mbedtls_ssl_set_calc_verify_md()
7304 (void) ssl; in mbedtls_ssl_set_calc_verify_md()
7310 static int ssl_calc_verify_tls_psa(const mbedtls_ssl_context *ssl, in ssl_calc_verify_tls_psa() argument
7320 (void) ssl; in ssl_calc_verify_tls_psa()
7341 static int ssl_calc_verify_tls_legacy(const mbedtls_ssl_context *ssl, in ssl_calc_verify_tls_legacy() argument
7352 (void) ssl; in ssl_calc_verify_tls_legacy()
7382 int ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *ssl, in ssl_calc_verify_tls_sha256() argument
7387 return ssl_calc_verify_tls_psa(ssl, &ssl->handshake->fin_sha256_psa, 32, in ssl_calc_verify_tls_sha256()
7390 return ssl_calc_verify_tls_legacy(ssl, &ssl->handshake->fin_sha256, in ssl_calc_verify_tls_sha256()
7397 int ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *ssl, in ssl_calc_verify_tls_sha384() argument
7402 return ssl_calc_verify_tls_psa(ssl, &ssl->handshake->fin_sha384_psa, 48, in ssl_calc_verify_tls_sha384()
7405 return ssl_calc_verify_tls_legacy(ssl, &ssl->handshake->fin_sha384, in ssl_calc_verify_tls_sha384()
7413 int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex) in mbedtls_ssl_psk_derive_premaster() argument
7415 unsigned char *p = ssl->handshake->premaster; in mbedtls_ssl_psk_derive_premaster()
7416 unsigned char *end = p + sizeof(ssl->handshake->premaster); in mbedtls_ssl_psk_derive_premaster()
7419 int psk_ret = mbedtls_ssl_get_psk(ssl, &psk, &psk_len); in mbedtls_ssl_psk_derive_premaster()
7480 if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, in mbedtls_ssl_psk_derive_premaster()
7482 ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { in mbedtls_ssl_psk_derive_premaster()
7489 MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K); in mbedtls_ssl_psk_derive_premaster()
7497 if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, &zlen, in mbedtls_ssl_psk_derive_premaster()
7499 ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { in mbedtls_ssl_psk_derive_premaster()
7507 MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, in mbedtls_ssl_psk_derive_premaster()
7531 ssl->handshake->pmslen = (size_t) (p - ssl->handshake->premaster); in mbedtls_ssl_psk_derive_premaster()
7539 static int ssl_write_hello_request(mbedtls_ssl_context *ssl);
7542 int mbedtls_ssl_resend_hello_request(mbedtls_ssl_context *ssl) in mbedtls_ssl_resend_hello_request() argument
7546 if (ssl->conf->renego_max_records < 0) { in mbedtls_ssl_resend_hello_request()
7547 uint32_t ratio = ssl->conf->hs_timeout_max / ssl->conf->hs_timeout_min + 1; in mbedtls_ssl_resend_hello_request()
7555 if (++ssl->renego_records_seen > doublings) { in mbedtls_ssl_resend_hello_request()
7561 return ssl_write_hello_request(ssl); in mbedtls_ssl_resend_hello_request()
7571 int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) in mbedtls_ssl_write_certificate() argument
7574 ssl->handshake->ciphersuite_info; in mbedtls_ssl_write_certificate()
7580 mbedtls_ssl_handshake_increment_state(ssl); in mbedtls_ssl_write_certificate()
7588 int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl) in mbedtls_ssl_parse_certificate() argument
7591 ssl->handshake->ciphersuite_info; in mbedtls_ssl_parse_certificate()
7597 mbedtls_ssl_handshake_increment_state(ssl); in mbedtls_ssl_parse_certificate()
7608 int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) in mbedtls_ssl_write_certificate() argument
7614 ssl->handshake->ciphersuite_info; in mbedtls_ssl_write_certificate()
7620 mbedtls_ssl_handshake_increment_state(ssl); in mbedtls_ssl_write_certificate()
7625 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_write_certificate()
7626 if (ssl->handshake->client_auth == 0) { in mbedtls_ssl_write_certificate()
7628 mbedtls_ssl_handshake_increment_state(ssl); in mbedtls_ssl_write_certificate()
7634 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_write_certificate()
7635 if (mbedtls_ssl_own_cert(ssl) == NULL) { in mbedtls_ssl_write_certificate()
7643 MBEDTLS_SSL_DEBUG_CRT(3, "own certificate", mbedtls_ssl_own_cert(ssl)); in mbedtls_ssl_write_certificate()
7655 crt = mbedtls_ssl_own_cert(ssl); in mbedtls_ssl_write_certificate()
7666 ssl->out_msg[i] = MBEDTLS_BYTE_2(n); in mbedtls_ssl_write_certificate()
7667 ssl->out_msg[i + 1] = MBEDTLS_BYTE_1(n); in mbedtls_ssl_write_certificate()
7668 ssl->out_msg[i + 2] = MBEDTLS_BYTE_0(n); in mbedtls_ssl_write_certificate()
7670 i += 3; memcpy(ssl->out_msg + i, crt->raw.p, n); in mbedtls_ssl_write_certificate()
7674 ssl->out_msg[4] = MBEDTLS_BYTE_2(i - 7); in mbedtls_ssl_write_certificate()
7675 ssl->out_msg[5] = MBEDTLS_BYTE_1(i - 7); in mbedtls_ssl_write_certificate()
7676 ssl->out_msg[6] = MBEDTLS_BYTE_0(i - 7); in mbedtls_ssl_write_certificate()
7678 ssl->out_msglen = i; in mbedtls_ssl_write_certificate()
7679 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in mbedtls_ssl_write_certificate()
7680 ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE; in mbedtls_ssl_write_certificate()
7682 mbedtls_ssl_handshake_increment_state(ssl); in mbedtls_ssl_write_certificate()
7684 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in mbedtls_ssl_write_certificate()
7698 static int ssl_check_peer_crt_unchanged(mbedtls_ssl_context *ssl, in ssl_check_peer_crt_unchanged() argument
7702 mbedtls_x509_crt const * const peer_crt = ssl->session->peer_cert; in ssl_check_peer_crt_unchanged()
7716 static int ssl_check_peer_crt_unchanged(mbedtls_ssl_context *ssl, in ssl_check_peer_crt_unchanged() argument
7722 ssl->session->peer_cert_digest; in ssl_check_peer_crt_unchanged()
7724 ssl->session->peer_cert_digest_type; in ssl_check_peer_crt_unchanged()
7754 static int ssl_parse_certificate_chain(mbedtls_ssl_context *ssl, in ssl_parse_certificate_chain() argument
7764 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in ssl_parse_certificate_chain()
7766 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_certificate_chain()
7771 if (ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE) { in ssl_parse_certificate_chain()
7772 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_certificate_chain()
7777 if (ssl->in_hslen < mbedtls_ssl_hs_hdr_len(ssl) + 3 + 3) { in ssl_parse_certificate_chain()
7779 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_certificate_chain()
7784 i = mbedtls_ssl_hs_hdr_len(ssl); in ssl_parse_certificate_chain()
7789 n = MBEDTLS_GET_UINT16_BE(ssl->in_msg, i + 1); in ssl_parse_certificate_chain()
7791 if (ssl->in_msg[i] != 0 || in ssl_parse_certificate_chain()
7792 ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len(ssl)) { in ssl_parse_certificate_chain()
7794 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_certificate_chain()
7803 while (i < ssl->in_hslen) { in ssl_parse_certificate_chain()
7805 if (i + 3 > ssl->in_hslen) { in ssl_parse_certificate_chain()
7807 mbedtls_ssl_send_alert_message(ssl, in ssl_parse_certificate_chain()
7814 if (ssl->in_msg[i] != 0) { in ssl_parse_certificate_chain()
7816 mbedtls_ssl_send_alert_message(ssl, in ssl_parse_certificate_chain()
7823 n = MBEDTLS_GET_UINT16_BE(ssl->in_msg, i + 1); in ssl_parse_certificate_chain()
7826 if (n < 128 || i + n > ssl->in_hslen) { in ssl_parse_certificate_chain()
7828 mbedtls_ssl_send_alert_message(ssl, in ssl_parse_certificate_chain()
7837 ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && in ssl_parse_certificate_chain()
7838 ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { in ssl_parse_certificate_chain()
7844 if (ssl_check_peer_crt_unchanged(ssl, in ssl_parse_certificate_chain()
7845 &ssl->in_msg[i], in ssl_parse_certificate_chain()
7848 mbedtls_ssl_send_alert_message(ssl, in ssl_parse_certificate_chain()
7855 ssl_clear_peer_cert(ssl->session); in ssl_parse_certificate_chain()
7861 ret = mbedtls_x509_crt_parse_der(chain, ssl->in_msg + i, n); in ssl_parse_certificate_chain()
7865 ret = mbedtls_x509_crt_parse_der_nocopy(chain, ssl->in_msg + i, n); in ssl_parse_certificate_chain()
7885 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert); in ssl_parse_certificate_chain()
7899 static int ssl_srv_check_client_no_crt_notification(mbedtls_ssl_context *ssl) in ssl_srv_check_client_no_crt_notification() argument
7901 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in ssl_srv_check_client_no_crt_notification()
7905 if (ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len(ssl) && in ssl_srv_check_client_no_crt_notification()
7906 ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && in ssl_srv_check_client_no_crt_notification()
7907 ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE && in ssl_srv_check_client_no_crt_notification()
7908 memcmp(ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl), "\0\0\0", 3) == 0) { in ssl_srv_check_client_no_crt_notification()
7925 static int ssl_parse_certificate_coordinate(mbedtls_ssl_context *ssl, in ssl_parse_certificate_coordinate() argument
7929 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_coordinate()
7936 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in ssl_parse_certificate_coordinate()
7942 ssl->session_negotiate->verify_result = in ssl_parse_certificate_coordinate()
7956 static int ssl_remember_peer_crt_digest(mbedtls_ssl_context *ssl, in ssl_remember_peer_crt_digest() argument
7961 ssl->session_negotiate->peer_cert_digest = in ssl_remember_peer_crt_digest()
7963 if (ssl->session_negotiate->peer_cert_digest == NULL) { in ssl_remember_peer_crt_digest()
7966 mbedtls_ssl_send_alert_message(ssl, in ssl_remember_peer_crt_digest()
7976 ssl->session_negotiate->peer_cert_digest); in ssl_remember_peer_crt_digest()
7978 ssl->session_negotiate->peer_cert_digest_type = in ssl_remember_peer_crt_digest()
7980 ssl->session_negotiate->peer_cert_digest_len = in ssl_remember_peer_crt_digest()
7987 static int ssl_remember_peer_pubkey(mbedtls_ssl_context *ssl, in ssl_remember_peer_pubkey() argument
7994 mbedtls_pk_init(&ssl->handshake->peer_pubkey); in ssl_remember_peer_pubkey()
7996 &ssl->handshake->peer_pubkey); in ssl_remember_peer_pubkey()
8006 int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl) in mbedtls_ssl_parse_certificate() argument
8012 const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET in mbedtls_ssl_parse_certificate()
8013 ? ssl->handshake->sni_authmode in mbedtls_ssl_parse_certificate()
8014 : ssl->conf->authmode; in mbedtls_ssl_parse_certificate()
8016 const int authmode = ssl->conf->authmode; in mbedtls_ssl_parse_certificate()
8023 crt_expected = ssl_parse_certificate_coordinate(ssl, authmode); in mbedtls_ssl_parse_certificate()
8030 if (ssl->handshake->ecrs_enabled && in mbedtls_ssl_parse_certificate()
8031 ssl->handshake->ecrs_state == ssl_ecrs_crt_verify) { in mbedtls_ssl_parse_certificate()
8032 chain = ssl->handshake->ecrs_peer_cert; in mbedtls_ssl_parse_certificate()
8033 ssl->handshake->ecrs_peer_cert = NULL; in mbedtls_ssl_parse_certificate()
8038 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in mbedtls_ssl_parse_certificate()
8046 if (ssl_srv_check_client_no_crt_notification(ssl) == 0) { in mbedtls_ssl_parse_certificate()
8047 ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING; in mbedtls_ssl_parse_certificate()
8059 ssl_clear_peer_cert(ssl->session_negotiate); in mbedtls_ssl_parse_certificate()
8065 mbedtls_ssl_send_alert_message(ssl, in mbedtls_ssl_parse_certificate()
8074 ret = ssl_parse_certificate_chain(ssl, chain); in mbedtls_ssl_parse_certificate()
8080 if (ssl->handshake->ecrs_enabled) { in mbedtls_ssl_parse_certificate()
8081 ssl->handshake->ecrs_state = ssl_ecrs_crt_verify; in mbedtls_ssl_parse_certificate()
8085 if (ssl->handshake->ecrs_enabled) { in mbedtls_ssl_parse_certificate()
8086 rs_ctx = &ssl->handshake->ecrs_ctx; in mbedtls_ssl_parse_certificate()
8090 ret = mbedtls_ssl_verify_certificate(ssl, authmode, chain, in mbedtls_ssl_parse_certificate()
8091 ssl->handshake->ciphersuite_info, in mbedtls_ssl_parse_certificate()
8119 ret = ssl_remember_peer_crt_digest(ssl, crt_start, crt_len); in mbedtls_ssl_parse_certificate()
8124 ret = ssl_remember_peer_pubkey(ssl, pk_start, pk_len); in mbedtls_ssl_parse_certificate()
8131 ssl->session_negotiate->peer_cert = chain; in mbedtls_ssl_parse_certificate()
8140 mbedtls_ssl_handshake_increment_state(ssl); in mbedtls_ssl_parse_certificate()
8145 ssl->handshake->ecrs_peer_cert = chain; in mbedtls_ssl_parse_certificate()
8159 static int ssl_calc_finished_tls_generic(mbedtls_ssl_context *ssl, void *ctx, in ssl_calc_finished_tls_generic() argument
8177 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_calc_finished_tls_generic()
8179 session = ssl->session; in ssl_calc_finished_tls_generic()
8224 ssl->handshake->tls_prf(session->master, 48, sender, in ssl_calc_finished_tls_generic()
8245 mbedtls_ssl_context *ssl, unsigned char *buf, int from) in ssl_calc_finished_tls_sha256() argument
8248 return ssl_calc_finished_tls_generic(ssl, in ssl_calc_finished_tls_sha256()
8250 &ssl->handshake->fin_sha256_psa, in ssl_calc_finished_tls_sha256()
8252 &ssl->handshake->fin_sha256, in ssl_calc_finished_tls_sha256()
8262 mbedtls_ssl_context *ssl, unsigned char *buf, int from) in ssl_calc_finished_tls_sha384() argument
8265 return ssl_calc_finished_tls_generic(ssl, in ssl_calc_finished_tls_sha384()
8267 &ssl->handshake->fin_sha384_psa, in ssl_calc_finished_tls_sha384()
8269 &ssl->handshake->fin_sha384, in ssl_calc_finished_tls_sha384()
8276 void mbedtls_ssl_handshake_wrapup_free_hs_transform(mbedtls_ssl_context *ssl) in mbedtls_ssl_handshake_wrapup_free_hs_transform() argument
8283 mbedtls_ssl_handshake_free(ssl); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8284 mbedtls_free(ssl->handshake); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8285 ssl->handshake = NULL; in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8290 if (ssl->transform) { in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8291 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8292 mbedtls_free(ssl->transform); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8294 ssl->transform = ssl->transform_negotiate; in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8295 ssl->transform_negotiate = NULL; in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8300 void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl) in mbedtls_ssl_handshake_wrapup() argument
8302 int resume = ssl->handshake->resume; in mbedtls_ssl_handshake_wrapup()
8307 if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { in mbedtls_ssl_handshake_wrapup()
8308 ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_DONE; in mbedtls_ssl_handshake_wrapup()
8309 ssl->renego_records_seen = 0; in mbedtls_ssl_handshake_wrapup()
8316 if (ssl->session) { in mbedtls_ssl_handshake_wrapup()
8319 ssl->session_negotiate->encrypt_then_mac = in mbedtls_ssl_handshake_wrapup()
8320 ssl->session->encrypt_then_mac; in mbedtls_ssl_handshake_wrapup()
8323 mbedtls_ssl_session_free(ssl->session); in mbedtls_ssl_handshake_wrapup()
8324 mbedtls_free(ssl->session); in mbedtls_ssl_handshake_wrapup()
8326 ssl->session = ssl->session_negotiate; in mbedtls_ssl_handshake_wrapup()
8327 ssl->session_negotiate = NULL; in mbedtls_ssl_handshake_wrapup()
8332 if (ssl->conf->f_set_cache != NULL && in mbedtls_ssl_handshake_wrapup()
8333 ssl->session->id_len != 0 && in mbedtls_ssl_handshake_wrapup()
8335 if (ssl->conf->f_set_cache(ssl->conf->p_cache, in mbedtls_ssl_handshake_wrapup()
8336 ssl->session->id, in mbedtls_ssl_handshake_wrapup()
8337 ssl->session->id_len, in mbedtls_ssl_handshake_wrapup()
8338 ssl->session) != 0) { in mbedtls_ssl_handshake_wrapup()
8344 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_handshake_wrapup()
8345 ssl->handshake->flight != NULL) { in mbedtls_ssl_handshake_wrapup()
8347 mbedtls_ssl_set_timer(ssl, 0); in mbedtls_ssl_handshake_wrapup()
8354 mbedtls_ssl_handshake_wrapup_free_hs_transform(ssl); in mbedtls_ssl_handshake_wrapup()
8356 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER); in mbedtls_ssl_handshake_wrapup()
8361 int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl) in mbedtls_ssl_write_finished() argument
8368 mbedtls_ssl_update_out_pointers(ssl, ssl->transform_negotiate); in mbedtls_ssl_write_finished()
8370 ret = ssl->handshake->calc_finished(ssl, ssl->out_msg + 4, ssl->conf->endpoint); in mbedtls_ssl_write_finished()
8385 ssl->verify_data_len = hash_len; in mbedtls_ssl_write_finished()
8386 memcpy(ssl->own_verify_data, ssl->out_msg + 4, hash_len); in mbedtls_ssl_write_finished()
8389 ssl->out_msglen = 4 + hash_len; in mbedtls_ssl_write_finished()
8390 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in mbedtls_ssl_write_finished()
8391 ssl->out_msg[0] = MBEDTLS_SSL_HS_FINISHED; in mbedtls_ssl_write_finished()
8397 if (ssl->handshake->resume != 0) { in mbedtls_ssl_write_finished()
8399 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_write_finished()
8400 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP); in mbedtls_ssl_write_finished()
8404 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_write_finished()
8405 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC); in mbedtls_ssl_write_finished()
8409 mbedtls_ssl_handshake_increment_state(ssl); in mbedtls_ssl_write_finished()
8419 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_write_finished()
8423 ssl->handshake->alt_transform_out = ssl->transform_out; in mbedtls_ssl_write_finished()
8424 memcpy(ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, in mbedtls_ssl_write_finished()
8425 sizeof(ssl->handshake->alt_out_ctr)); in mbedtls_ssl_write_finished()
8428 memset(&ssl->cur_out_ctr[2], 0, sizeof(ssl->cur_out_ctr) - 2); in mbedtls_ssl_write_finished()
8433 if (++ssl->cur_out_ctr[i - 1] != 0) { in mbedtls_ssl_write_finished()
8445 memset(ssl->cur_out_ctr, 0, sizeof(ssl->cur_out_ctr)); in mbedtls_ssl_write_finished()
8447 ssl->transform_out = ssl->transform_negotiate; in mbedtls_ssl_write_finished()
8448 ssl->session_out = ssl->session_negotiate; in mbedtls_ssl_write_finished()
8451 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_write_finished()
8452 mbedtls_ssl_send_flight_completed(ssl); in mbedtls_ssl_write_finished()
8456 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in mbedtls_ssl_write_finished()
8462 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_write_finished()
8463 (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { in mbedtls_ssl_write_finished()
8476 int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl) in mbedtls_ssl_parse_finished() argument
8484 ret = ssl->handshake->calc_finished(ssl, buf, ssl->conf->endpoint ^ 1); in mbedtls_ssl_parse_finished()
8490 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in mbedtls_ssl_parse_finished()
8495 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in mbedtls_ssl_parse_finished()
8497 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_parse_finished()
8503 if (ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED) { in mbedtls_ssl_parse_finished()
8504 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_parse_finished()
8510 if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + hash_len) { in mbedtls_ssl_parse_finished()
8512 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_parse_finished()
8518 if (mbedtls_ct_memcmp(ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl), in mbedtls_ssl_parse_finished()
8521 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_parse_finished()
8528 ssl->verify_data_len = hash_len; in mbedtls_ssl_parse_finished()
8529 memcpy(ssl->peer_verify_data, buf, hash_len); in mbedtls_ssl_parse_finished()
8532 if (ssl->handshake->resume != 0) { in mbedtls_ssl_parse_finished()
8534 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { in mbedtls_ssl_parse_finished()
8535 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC); in mbedtls_ssl_parse_finished()
8539 if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_parse_finished()
8540 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP); in mbedtls_ssl_parse_finished()
8544 mbedtls_ssl_handshake_increment_state(ssl); in mbedtls_ssl_parse_finished()
8548 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_parse_finished()
8549 mbedtls_ssl_recv_flight_completed(ssl); in mbedtls_ssl_parse_finished()
8637 const mbedtls_ssl_context *ssl) in ssl_tls12_populate_transform() argument
8743 if (ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED) { in ssl_tls12_populate_transform()
8746 transform->in_cid_len = ssl->own_cid_len; in ssl_tls12_populate_transform()
8747 memcpy(transform->in_cid, ssl->own_cid, ssl->own_cid_len); in ssl_tls12_populate_transform()
8751 transform->out_cid_len = ssl->handshake->peer_cid_len; in ssl_tls12_populate_transform()
8752 memcpy(transform->out_cid, ssl->handshake->peer_cid, in ssl_tls12_populate_transform()
8753 ssl->handshake->peer_cid_len); in ssl_tls12_populate_transform()
8935 if (ssl->f_export_keys != NULL) { in ssl_tls12_populate_transform()
8936 ssl->f_export_keys(ssl->p_export_keys, in ssl_tls12_populate_transform()
9165 int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_key_exchange_md_tls1_2() argument
9182 if ((status = psa_hash_update(&hash_operation, ssl->handshake->randbytes, in mbedtls_ssl_get_key_exchange_md_tls1_2()
9202 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_get_key_exchange_md_tls1_2()
9221 int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_key_exchange_md_tls1_2() argument
9250 if ((ret = mbedtls_md_update(&ctx, ssl->handshake->randbytes, 64)) != 0) { in mbedtls_ssl_get_key_exchange_md_tls1_2()
9267 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_get_key_exchange_md_tls1_2()
9279 mbedtls_ssl_context *ssl, in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg() argument
9283 uint16_t *received_sig_algs = ssl->handshake->received_sig_algs; in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9305 if (ssl->handshake->key_cert && ssl->handshake->key_cert->key) { in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9310 !mbedtls_pk_can_do_ext(ssl->handshake->key_cert->key, in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9317 !mbedtls_pk_can_do_ext(ssl->handshake->key_cert->key, in mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg()
9338 const mbedtls_ssl_context *ssl, in mbedtls_ssl_validate_ciphersuite() argument
9343 (void) ssl; in mbedtls_ssl_validate_ciphersuite()
9358 ssl->handshake->psa_pake_ctx_is_ok != 1) in mbedtls_ssl_validate_ciphersuite()
9361 mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) in mbedtls_ssl_validate_ciphersuite()
9371 mbedtls_ssl_conf_has_static_psk(ssl->conf) == 0) { in mbedtls_ssl_validate_ciphersuite()
9422 int mbedtls_ssl_write_sig_alg_ext(mbedtls_ssl_context *ssl, unsigned char *buf, in mbedtls_ssl_write_sig_alg_ext() argument
9445 const uint16_t *sig_alg = mbedtls_ssl_get_sig_algs(ssl); in mbedtls_ssl_write_sig_alg_ext()
9454 if (!mbedtls_ssl_sig_alg_is_supported(ssl, *sig_alg)) { in mbedtls_ssl_write_sig_alg_ext()
9479 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_SIG_ALG); in mbedtls_ssl_write_sig_alg_ext()
9508 int mbedtls_ssl_parse_server_name_ext(mbedtls_ssl_context *ssl, in mbedtls_ssl_parse_server_name_ext() argument
9537 ssl->handshake->sni_name = p + 3; in mbedtls_ssl_parse_server_name_ext()
9538 ssl->handshake->sni_name_len = hostname_len; in mbedtls_ssl_parse_server_name_ext()
9539 if (ssl->conf->f_sni == NULL) { in mbedtls_ssl_parse_server_name_ext()
9542 ret = ssl->conf->f_sni(ssl->conf->p_sni, in mbedtls_ssl_parse_server_name_ext()
9543 ssl, p + 3, hostname_len); in mbedtls_ssl_parse_server_name_ext()
9562 int mbedtls_ssl_parse_alpn_ext(mbedtls_ssl_context *ssl, in mbedtls_ssl_parse_alpn_ext() argument
9573 if (ssl->conf->alpn_list == NULL) { in mbedtls_ssl_parse_alpn_ext()
9615 for (const char **alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++) { in mbedtls_ssl_parse_alpn_ext()
9622 ssl->alpn_chosen = *alpn; in mbedtls_ssl_parse_alpn_ext()
9637 int mbedtls_ssl_write_alpn_ext(mbedtls_ssl_context *ssl, in mbedtls_ssl_write_alpn_ext() argument
9646 if (ssl->alpn_chosen == NULL) { in mbedtls_ssl_write_alpn_ext()
9650 protocol_name_len = strlen(ssl->alpn_chosen); in mbedtls_ssl_write_alpn_ext()
9672 memcpy(p + 7, ssl->alpn_chosen, protocol_name_len); in mbedtls_ssl_write_alpn_ext()
9675 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_ALPN); in mbedtls_ssl_write_alpn_ext()
9848 static int get_hostname_for_verification(mbedtls_ssl_context *ssl, in get_hostname_for_verification() argument
9851 if (!mbedtls_ssl_has_set_hostname_been_called(ssl)) { in get_hostname_for_verification()
9854 if (mbedtls_ssl_conf_get_endpoint(ssl->conf) == MBEDTLS_SSL_IS_CLIENT && in get_hostname_for_verification()
9855 ssl->conf->authmode == MBEDTLS_SSL_VERIFY_REQUIRED) { in get_hostname_for_verification()
9861 *hostname = mbedtls_ssl_get_hostname_pointer(ssl); in get_hostname_for_verification()
9869 int mbedtls_ssl_verify_certificate(mbedtls_ssl_context *ssl, in mbedtls_ssl_verify_certificate() argument
9884 if (ssl->f_vrfy != NULL) { in mbedtls_ssl_verify_certificate()
9886 f_vrfy = ssl->f_vrfy; in mbedtls_ssl_verify_certificate()
9887 p_vrfy = ssl->p_vrfy; in mbedtls_ssl_verify_certificate()
9890 f_vrfy = ssl->conf->f_vrfy; in mbedtls_ssl_verify_certificate()
9891 p_vrfy = ssl->conf->p_vrfy; in mbedtls_ssl_verify_certificate()
9895 int ret = get_hostname_for_verification(ssl, &hostname); in mbedtls_ssl_verify_certificate()
9903 if (ssl->conf->f_ca_cb != NULL) { in mbedtls_ssl_verify_certificate()
9910 ssl->conf->f_ca_cb, in mbedtls_ssl_verify_certificate()
9911 ssl->conf->p_ca_cb, in mbedtls_ssl_verify_certificate()
9912 ssl->conf->cert_profile, in mbedtls_ssl_verify_certificate()
9914 &ssl->session_negotiate->verify_result, in mbedtls_ssl_verify_certificate()
9922 if (ssl->handshake->sni_ca_chain != NULL) { in mbedtls_ssl_verify_certificate()
9923 ca_chain = ssl->handshake->sni_ca_chain; in mbedtls_ssl_verify_certificate()
9924 ca_crl = ssl->handshake->sni_ca_crl; in mbedtls_ssl_verify_certificate()
9928 ca_chain = ssl->conf->ca_chain; in mbedtls_ssl_verify_certificate()
9929 ca_crl = ssl->conf->ca_crl; in mbedtls_ssl_verify_certificate()
9939 ssl->conf->cert_profile, in mbedtls_ssl_verify_certificate()
9941 &ssl->session_negotiate->verify_result, in mbedtls_ssl_verify_certificate()
9968 if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2 && in mbedtls_ssl_verify_certificate()
9970 if (mbedtls_ssl_check_curve(ssl, mbedtls_pk_get_ec_group_id(&chain->pk)) != 0) { in mbedtls_ssl_verify_certificate()
9972 ssl->session_negotiate->verify_result |= MBEDTLS_X509_BADCERT_BAD_KEY; in mbedtls_ssl_verify_certificate()
9983 ssl->conf->endpoint, in mbedtls_ssl_verify_certificate()
9984 ssl->tls_version, in mbedtls_ssl_verify_certificate()
9985 &ssl->session_negotiate->verify_result) != 0) { in mbedtls_ssl_verify_certificate()
10019 if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER) { in mbedtls_ssl_verify_certificate()
10021 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH) { in mbedtls_ssl_verify_certificate()
10023 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE) { in mbedtls_ssl_verify_certificate()
10025 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE) { in mbedtls_ssl_verify_certificate()
10027 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK) { in mbedtls_ssl_verify_certificate()
10029 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY) { in mbedtls_ssl_verify_certificate()
10031 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED) { in mbedtls_ssl_verify_certificate()
10033 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED) { in mbedtls_ssl_verify_certificate()
10035 } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED) { in mbedtls_ssl_verify_certificate()
10040 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in mbedtls_ssl_verify_certificate()
10045 if (ssl->session_negotiate->verify_result != 0) { in mbedtls_ssl_verify_certificate()
10047 (unsigned int) ssl->session_negotiate->verify_result)); in mbedtls_ssl_verify_certificate()
10060 static int mbedtls_ssl_tls12_export_keying_material(const mbedtls_ssl_context *ssl, in mbedtls_ssl_tls12_export_keying_material() argument
10095 ssl->transform->randbytes + MBEDTLS_SERVER_HELLO_RANDOM_LEN, in mbedtls_ssl_tls12_export_keying_material()
10098 ssl->transform->randbytes, in mbedtls_ssl_tls12_export_keying_material()
10104 ret = tls_prf_generic(hash_alg, ssl->session->master, sizeof(ssl->session->master), in mbedtls_ssl_tls12_export_keying_material()
10114 static int mbedtls_ssl_tls13_export_keying_material(mbedtls_ssl_context *ssl, in mbedtls_ssl_tls13_export_keying_material() argument
10125 const unsigned char *secret = ssl->session->app_secrets.exporter_master_secret; in mbedtls_ssl_tls13_export_keying_material()
10143 int mbedtls_ssl_export_keying_material(mbedtls_ssl_context *ssl, in mbedtls_ssl_export_keying_material() argument
10149 if (!mbedtls_ssl_is_handshake_over(ssl)) { in mbedtls_ssl_export_keying_material()
10158 int ciphersuite_id = mbedtls_ssl_get_ciphersuite_id_from_ssl(ssl); in mbedtls_ssl_export_keying_material()
10162 switch (mbedtls_ssl_get_version_number(ssl)) { in mbedtls_ssl_export_keying_material()
10165 return mbedtls_ssl_tls12_export_keying_material(ssl, hash_alg, out, key_len, in mbedtls_ssl_export_keying_material()
10171 return mbedtls_ssl_tls13_export_keying_material(ssl, in mbedtls_ssl_export_keying_material()