Lines Matching refs:transform
421 static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform,
1025 void mbedtls_ssl_transform_init(mbedtls_ssl_transform *transform) in mbedtls_ssl_transform_init() argument
1027 memset(transform, 0, sizeof(mbedtls_ssl_transform)); in mbedtls_ssl_transform_init()
1030 transform->psa_key_enc = MBEDTLS_SVC_KEY_ID_INIT; in mbedtls_ssl_transform_init()
1031 transform->psa_key_dec = MBEDTLS_SVC_KEY_ID_INIT; in mbedtls_ssl_transform_init()
1033 mbedtls_cipher_init(&transform->cipher_ctx_enc); in mbedtls_ssl_transform_init()
1034 mbedtls_cipher_init(&transform->cipher_ctx_dec); in mbedtls_ssl_transform_init()
1039 transform->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; in mbedtls_ssl_transform_init()
1040 transform->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; in mbedtls_ssl_transform_init()
1042 mbedtls_md_init(&transform->md_ctx_enc); in mbedtls_ssl_transform_init()
1043 mbedtls_md_init(&transform->md_ctx_dec); in mbedtls_ssl_transform_init()
1527 if (ssl->transform) { in mbedtls_ssl_session_reset_msg_layer()
1528 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_session_reset_msg_layer()
1529 mbedtls_free(ssl->transform); in mbedtls_ssl_session_reset_msg_layer()
1530 ssl->transform = NULL; in mbedtls_ssl_session_reset_msg_layer()
2416 const mbedtls_ssl_transform *transform) in mbedtls_ssl_get_mode_from_transform() argument
2420 transform->psa_alg in mbedtls_ssl_get_mode_from_transform()
2422 mbedtls_cipher_get_cipher_mode(&transform->cipher_ctx_enc) in mbedtls_ssl_get_mode_from_transform()
2428 encrypt_then_mac = transform->encrypt_then_mac; in mbedtls_ssl_get_mode_from_transform()
5123 if (ssl->transform == NULL || ssl->session == NULL) { in mbedtls_ssl_context_save()
5147 if (mbedtls_ssl_transform_uses_aead(ssl->transform) != 1) { in mbedtls_ssl_context_save()
5195 used += sizeof(ssl->transform->randbytes); in mbedtls_ssl_context_save()
5197 memcpy(p, ssl->transform->randbytes, in mbedtls_ssl_context_save()
5198 sizeof(ssl->transform->randbytes)); in mbedtls_ssl_context_save()
5199 p += sizeof(ssl->transform->randbytes); in mbedtls_ssl_context_save()
5203 used += 2U + ssl->transform->in_cid_len + ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5205 *p++ = ssl->transform->in_cid_len; in mbedtls_ssl_context_save()
5206 memcpy(p, ssl->transform->in_cid, ssl->transform->in_cid_len); in mbedtls_ssl_context_save()
5207 p += ssl->transform->in_cid_len; in mbedtls_ssl_context_save()
5209 *p++ = ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5210 memcpy(p, ssl->transform->out_cid, ssl->transform->out_cid_len); in mbedtls_ssl_context_save()
5211 p += ssl->transform->out_cid_len; in mbedtls_ssl_context_save()
5384 ssl->transform = ssl->transform_negotiate; in ssl_context_load()
5385 ssl->transform_in = ssl->transform; in ssl_context_load()
5386 ssl->transform_out = ssl->transform; in ssl_context_load()
5397 if ((size_t) (end - p) < sizeof(ssl->transform->randbytes)) { in ssl_context_load()
5401 ret = ssl_tls12_populate_transform(ssl->transform, in ssl_context_load()
5416 p += sizeof(ssl->transform->randbytes); in ssl_context_load()
5424 ssl->transform->in_cid_len = *p++; in ssl_context_load()
5426 if ((size_t) (end - p) < ssl->transform->in_cid_len + 1u) { in ssl_context_load()
5430 memcpy(ssl->transform->in_cid, p, ssl->transform->in_cid_len); in ssl_context_load()
5431 p += ssl->transform->in_cid_len; in ssl_context_load()
5433 ssl->transform->out_cid_len = *p++; in ssl_context_load()
5435 if ((size_t) (end - p) < ssl->transform->out_cid_len) { in ssl_context_load()
5439 memcpy(ssl->transform->out_cid, p, ssl->transform->out_cid_len); in ssl_context_load()
5440 p += ssl->transform->out_cid_len; in ssl_context_load()
5530 mbedtls_ssl_update_out_pointers(ssl, ssl->transform); in ssl_context_load()
5606 if (ssl->transform) { in mbedtls_ssl_free()
5607 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_free()
5608 mbedtls_free(ssl->transform); in mbedtls_ssl_free()
8290 if (ssl->transform) { in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8291 mbedtls_ssl_transform_free(ssl->transform); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8292 mbedtls_free(ssl->transform); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8294 ssl->transform = ssl->transform_negotiate; in mbedtls_ssl_handshake_wrapup_free_hs_transform()
8627 static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, in ssl_tls12_populate_transform() argument
8668 transform->encrypt_then_mac = encrypt_then_mac; in ssl_tls12_populate_transform()
8670 transform->tls_version = tls_version; in ssl_tls12_populate_transform()
8673 memcpy(transform->randbytes, randbytes, sizeof(transform->randbytes)); in ssl_tls12_populate_transform()
8701 transform->taglen = in ssl_tls12_populate_transform()
8707 transform->taglen, in ssl_tls12_populate_transform()
8746 transform->in_cid_len = ssl->own_cid_len; in ssl_tls12_populate_transform()
8747 memcpy(transform->in_cid, ssl->own_cid, ssl->own_cid_len); in ssl_tls12_populate_transform()
8748 MBEDTLS_SSL_DEBUG_BUF(3, "Incoming CID", transform->in_cid, in ssl_tls12_populate_transform()
8749 transform->in_cid_len); in ssl_tls12_populate_transform()
8751 transform->out_cid_len = ssl->handshake->peer_cid_len; in ssl_tls12_populate_transform()
8752 memcpy(transform->out_cid, ssl->handshake->peer_cid, in ssl_tls12_populate_transform()
8754 MBEDTLS_SSL_DEBUG_BUF(3, "Outgoing CID", transform->out_cid, in ssl_tls12_populate_transform()
8755 transform->out_cid_len); in ssl_tls12_populate_transform()
8788 transform->maclen = 0; in ssl_tls12_populate_transform()
8799 transform->ivlen = 12; in ssl_tls12_populate_transform()
8810 transform->fixed_ivlen = 12; in ssl_tls12_populate_transform()
8812 transform->fixed_ivlen = 4; in ssl_tls12_populate_transform()
8816 explicit_ivlen = transform->ivlen - transform->fixed_ivlen; in ssl_tls12_populate_transform()
8817 transform->minlen = explicit_ivlen + transform->taglen; in ssl_tls12_populate_transform()
8835 if ((ret = mbedtls_md_setup(&transform->md_ctx_enc, md_info, 1)) != 0 || in ssl_tls12_populate_transform()
8836 (ret = mbedtls_md_setup(&transform->md_ctx_dec, md_info, 1)) != 0) { in ssl_tls12_populate_transform()
8844 transform->maclen = mac_key_len; in ssl_tls12_populate_transform()
8848 transform->ivlen = PSA_CIPHER_IV_LENGTH(key_type, alg); in ssl_tls12_populate_transform()
8850 transform->ivlen = mbedtls_cipher_info_get_iv_size(cipher_info); in ssl_tls12_populate_transform()
8855 transform->minlen = transform->maclen; in ssl_tls12_populate_transform()
8865 transform->minlen = transform->maclen in ssl_tls12_populate_transform()
8870 transform->minlen = transform->maclen in ssl_tls12_populate_transform()
8872 - transform->maclen % block_size; in ssl_tls12_populate_transform()
8876 transform->minlen += transform->ivlen; in ssl_tls12_populate_transform()
8892 (unsigned) transform->minlen, in ssl_tls12_populate_transform()
8893 (unsigned) transform->ivlen, in ssl_tls12_populate_transform()
8894 (unsigned) transform->maclen)); in ssl_tls12_populate_transform()
8907 iv_copy_len = (transform->fixed_ivlen) ? in ssl_tls12_populate_transform()
8908 transform->fixed_ivlen : transform->ivlen; in ssl_tls12_populate_transform()
8909 memcpy(transform->iv_enc, key2 + keylen, iv_copy_len); in ssl_tls12_populate_transform()
8910 memcpy(transform->iv_dec, key2 + keylen + iv_copy_len, in ssl_tls12_populate_transform()
8922 iv_copy_len = (transform->fixed_ivlen) ? in ssl_tls12_populate_transform()
8923 transform->fixed_ivlen : transform->ivlen; in ssl_tls12_populate_transform()
8924 memcpy(transform->iv_dec, key1 + keylen, iv_copy_len); in ssl_tls12_populate_transform()
8925 memcpy(transform->iv_enc, key1 + keylen + iv_copy_len, in ssl_tls12_populate_transform()
8945 transform->psa_alg = alg; in ssl_tls12_populate_transform()
8955 &transform->psa_key_enc)) != PSA_SUCCESS) { in ssl_tls12_populate_transform()
8967 &transform->psa_key_dec)) != PSA_SUCCESS) { in ssl_tls12_populate_transform()
8974 if ((ret = mbedtls_cipher_setup(&transform->cipher_ctx_enc, in ssl_tls12_populate_transform()
8980 if ((ret = mbedtls_cipher_setup(&transform->cipher_ctx_dec, in ssl_tls12_populate_transform()
8986 if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc, key1, in ssl_tls12_populate_transform()
8993 if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec, key2, in ssl_tls12_populate_transform()
9002 if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_enc, in ssl_tls12_populate_transform()
9008 if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_dec, in ssl_tls12_populate_transform()
9022 transform->psa_mac_alg = PSA_ALG_HMAC(mac_alg); in ssl_tls12_populate_transform()
9030 &transform->psa_mac_enc)) != PSA_SUCCESS) { in ssl_tls12_populate_transform()
9036 if ((transform->psa_alg == MBEDTLS_SSL_NULL_CIPHER) || in ssl_tls12_populate_transform()
9037 ((transform->psa_alg == PSA_ALG_CBC_NO_PADDING) in ssl_tls12_populate_transform()
9039 && (transform->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED) in ssl_tls12_populate_transform()
9051 &transform->psa_mac_dec)) != PSA_SUCCESS) { in ssl_tls12_populate_transform()
9057 ret = mbedtls_md_hmac_starts(&transform->md_ctx_enc, mac_enc, mac_key_len); in ssl_tls12_populate_transform()
9061 ret = mbedtls_md_hmac_starts(&transform->md_ctx_dec, mac_dec, mac_key_len); in ssl_tls12_populate_transform()
10095 ssl->transform->randbytes + MBEDTLS_SERVER_HELLO_RANDOM_LEN, in mbedtls_ssl_tls12_export_keying_material()
10098 ssl->transform->randbytes, in mbedtls_ssl_tls12_export_keying_material()