Lines Matching refs:handshake
205 if (ssl->handshake->curves_tls_id != NULL) { in ssl_parse_supported_groups_ext()
226 ssl->handshake->curves_tls_id = curves_tls_id; in ssl_parse_supported_groups_ext()
267 ssl->handshake->ecdh_ctx.point_format = p[0]; in ssl_parse_supported_point_formats()
271 mbedtls_ecjpake_set_point_format(&ssl->handshake->ecjpake_ctx, in ssl_parse_supported_point_formats()
297 if (ssl->handshake->psa_pake_ctx_is_ok != 1) in ssl_parse_ecjpake_kkpp()
299 if (mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) in ssl_parse_ecjpake_kkpp()
308 &ssl->handshake->psa_pake_ctx, buf, len, in ssl_parse_ecjpake_kkpp()
310 psa_destroy_key(ssl->handshake->psa_pake_password); in ssl_parse_ecjpake_kkpp()
311 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in ssl_parse_ecjpake_kkpp()
322 if ((ret = mbedtls_ecjpake_read_round_one(&ssl->handshake->ecjpake_ctx, in ssl_parse_ecjpake_kkpp()
332 ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK; in ssl_parse_ecjpake_kkpp()
411 ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; in ssl_parse_cid_ext()
412 ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; in ssl_parse_cid_ext()
413 memcpy(ssl->handshake->peer_cid, buf, peer_cid_len); in ssl_parse_cid_ext()
461 ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; in ssl_parse_extended_ms_ext()
485 ssl->handshake->new_session_ticket = 1; in ssl_parse_session_ticket_ext()
533 ssl->handshake->resume = 1; in ssl_parse_session_ticket_ext()
536 ssl->handshake->new_session_ticket = 0; in ssl_parse_session_ticket_ext()
703 if (ssl->handshake->sni_key_cert != NULL) { in ssl_pick_cert()
704 list = ssl->handshake->sni_key_cert; in ssl_pick_cert()
770 ssl->handshake->curves_tls_id) != 0) { in ssl_pick_cert()
782 ssl->handshake->key_cert = cur; in ssl_pick_cert()
784 ssl->handshake->key_cert->cert); in ssl_pick_cert()
823 (ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK) == 0) { in ssl_ciphersuite_match()
834 (ssl->handshake->curves_tls_id == NULL || in ssl_ciphersuite_match()
835 ssl->handshake->curves_tls_id[0] == 0)) { in ssl_ciphersuite_match()
1035 ret = ssl->handshake->update_checksum(ssl, buf, msg_len); in ssl_parse_client_hello()
1071 if (cli_msg_seq != ssl->handshake->in_msg_seq) { in ssl_parse_client_hello()
1074 ssl->handshake->in_msg_seq)); in ssl_parse_client_hello()
1078 ssl->handshake->in_msg_seq++; in ssl_parse_client_hello()
1083 ssl->handshake->out_msg_seq = cli_msg_seq; in ssl_parse_client_hello()
1084 ssl->handshake->in_msg_seq = cli_msg_seq + 1; in ssl_parse_client_hello()
1158 memcpy(ssl->handshake->randbytes, buf + 2, 32); in ssl_parse_client_hello()
1209 ssl->handshake->cookie_verify_result = 1; in ssl_parse_client_hello()
1212 ssl->handshake->cookie_verify_result = 0; in ssl_parse_client_hello()
1367 ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT; in ssl_parse_client_hello()
1483 uint16_t *received_sig_algs = ssl->handshake->received_sig_algs; in ssl_parse_client_hello()
1566 ssl->handshake->sni_name = NULL; in ssl_parse_client_hello()
1567 ssl->handshake->sni_name_len = 0; in ssl_parse_client_hello()
1637 ssl->handshake->ciphersuite_info = ciphersuite_info; in ssl_parse_client_hello()
1680 if (ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_DISABLED) { in ssl_write_cid_ext()
1764 if (ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED) { in ssl_write_extended_ms_ext()
1789 if (ssl->handshake->new_session_ticket == 0) { in ssl_write_session_ticket_ext()
1879 if ((ssl->handshake->cli_exts & in ssl_write_supported_point_formats_ext()
1915 if (ssl->handshake->ciphersuite_info->key_exchange != in ssl_write_ecjpake_kkpp_ext()
1931 ret = mbedtls_psa_ecjpake_write_round(&ssl->handshake->psa_pake_ctx, in ssl_write_ecjpake_kkpp_ext()
1935 psa_destroy_key(ssl->handshake->psa_pake_password); in ssl_write_ecjpake_kkpp_ext()
1936 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in ssl_write_ecjpake_kkpp_ext()
1941 ret = mbedtls_ecjpake_write_round_one(&ssl->handshake->ecjpake_ctx, in ssl_write_ecjpake_kkpp_ext()
2096 if (ssl->handshake->resume == 1) { in ssl_handle_id_based_session_resumption()
2132 ssl->handshake->resume = 1; in ssl_handle_id_based_session_resumption()
2153 ssl->handshake->cookie_verify_result != 0) { in ssl_write_server_hello()
2224 memcpy(ssl->handshake->randbytes + 32, buf + 6, 32); in ssl_write_server_hello()
2230 if (ssl->handshake->resume == 0) { in ssl_write_server_hello()
2242 if (ssl->handshake->new_session_ticket != 0) { in ssl_write_server_hello()
2282 ssl->handshake->resume ? "a" : "no")); in ssl_write_server_hello()
2379 ssl->handshake->ciphersuite_info; in ssl_write_certificate_request()
2398 ssl->handshake->ciphersuite_info; in ssl_write_certificate_request()
2411 if (ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET) { in ssl_write_certificate_request()
2412 authmode = ssl->handshake->sni_authmode; in ssl_write_certificate_request()
2515 if (ssl->handshake->dn_hints != NULL) { in ssl_write_certificate_request()
2516 crt = ssl->handshake->dn_hints; in ssl_write_certificate_request()
2524 if (ssl->handshake->sni_ca_chain != NULL) { in ssl_write_certificate_request()
2525 crt = ssl->handshake->sni_ca_chain; in ssl_write_certificate_request()
2611 ssl->handshake->xxdh_psa_type = psa_get_key_type(&key_attributes); in ssl_get_ecdh_params_from_cert()
2612 ssl->handshake->xxdh_psa_bits = psa_get_key_bits(&key_attributes); in ssl_get_ecdh_params_from_cert()
2625 PSA_KEY_TYPE_ECC_KEY_PAIR(ssl->handshake->xxdh_psa_type)); in ssl_get_ecdh_params_from_cert()
2626 psa_set_key_bits(&key_attributes, ssl->handshake->xxdh_psa_bits); in ssl_get_ecdh_params_from_cert()
2634 &ssl->handshake->xxdh_psa_privkey); in ssl_get_ecdh_params_from_cert()
2642 ssl->handshake->xxdh_psa_privkey_is_external = 0; in ssl_get_ecdh_params_from_cert()
2652 ssl->handshake->xxdh_psa_privkey = pk->priv_id; in ssl_get_ecdh_params_from_cert()
2653 ssl->handshake->xxdh_psa_privkey_is_external = 1; in ssl_get_ecdh_params_from_cert()
2675 &ssl->handshake->xxdh_psa_bits); in ssl_get_ecdh_params_from_cert()
2677 ssl->handshake->xxdh_psa_type = key_type; in ssl_get_ecdh_params_from_cert()
2683 PSA_KEY_TYPE_ECC_KEY_PAIR(ssl->handshake->xxdh_psa_type)); in ssl_get_ecdh_params_from_cert()
2684 psa_set_key_bits(&key_attributes, ssl->handshake->xxdh_psa_bits); in ssl_get_ecdh_params_from_cert()
2693 &ssl->handshake->xxdh_psa_privkey); in ssl_get_ecdh_params_from_cert()
2731 if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx, in ssl_get_ecdh_params_from_cert()
2761 ssl->handshake->async_in_progress = 0; in ssl_resume_server_key_exchange()
2778 ssl->handshake->ciphersuite_info; in ssl_prepare_server_key_exchange()
2837 ret = mbedtls_psa_ecjpake_write_round(&ssl->handshake->psa_pake_ctx, in ssl_prepare_server_key_exchange()
2842 psa_destroy_key(ssl->handshake->psa_pake_password); in ssl_prepare_server_key_exchange()
2843 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in ssl_prepare_server_key_exchange()
2854 &ssl->handshake->ecjpake_ctx, in ssl_prepare_server_key_exchange()
2905 if ((ret = mbedtls_dhm_set_group(&ssl->handshake->dhm_ctx, in ssl_prepare_server_key_exchange()
2913 &ssl->handshake->dhm_ctx, in ssl_prepare_server_key_exchange()
2914 (int) mbedtls_dhm_get_len(&ssl->handshake->dhm_ctx), in ssl_prepare_server_key_exchange()
2927 MBEDTLS_SSL_DEBUG_MPI(3, "DHM: X ", &ssl->handshake->dhm_ctx.X); in ssl_prepare_server_key_exchange()
2928 MBEDTLS_SSL_DEBUG_MPI(3, "DHM: P ", &ssl->handshake->dhm_ctx.P); in ssl_prepare_server_key_exchange()
2929 MBEDTLS_SSL_DEBUG_MPI(3, "DHM: G ", &ssl->handshake->dhm_ctx.G); in ssl_prepare_server_key_exchange()
2930 MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GX", &ssl->handshake->dhm_ctx.GX); in ssl_prepare_server_key_exchange()
2947 uint16_t *curr_tls_id = ssl->handshake->curves_tls_id; in ssl_prepare_server_key_exchange()
2957 for (curr_tls_id = ssl->handshake->curves_tls_id; in ssl_prepare_server_key_exchange()
2977 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_prepare_server_key_exchange() local
2994 handshake->xxdh_psa_type = key_type; in ssl_prepare_server_key_exchange()
2995 handshake->xxdh_psa_bits = ec_bits; in ssl_prepare_server_key_exchange()
3000 psa_set_key_type(&key_attributes, handshake->xxdh_psa_type); in ssl_prepare_server_key_exchange()
3001 psa_set_key_bits(&key_attributes, handshake->xxdh_psa_bits); in ssl_prepare_server_key_exchange()
3018 &handshake->xxdh_psa_privkey); in ssl_prepare_server_key_exchange()
3040 status = psa_export_public_key(handshake->xxdh_psa_privkey, in ssl_prepare_server_key_exchange()
3046 (void) psa_destroy_key(handshake->xxdh_psa_privkey); in ssl_prepare_server_key_exchange()
3047 handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_prepare_server_key_exchange()
3060 if ((ret = mbedtls_ecdh_setup(&ssl->handshake->ecdh_ctx, in ssl_prepare_server_key_exchange()
3067 &ssl->handshake->ecdh_ctx, &len, in ssl_prepare_server_key_exchange()
3075 MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, in ssl_prepare_server_key_exchange()
3182 ssl->handshake->async_in_progress = 1; in ssl_prepare_server_key_exchange()
3185 ssl->handshake->async_in_progress = 1; in ssl_prepare_server_key_exchange()
3231 ssl->handshake->ciphersuite_info; in ssl_write_server_key_exchange()
3264 if (ssl->handshake->async_in_progress != 0) { in ssl_write_server_key_exchange()
3382 if ((ret = mbedtls_dhm_read_public(&ssl->handshake->dhm_ctx, *p, n)) != 0) { in ssl_parse_client_dh_public()
3389 MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GY", &ssl->handshake->dhm_ctx.GY); in ssl_parse_client_dh_public()
3409 ssl->handshake->async_in_progress = 0; in ssl_resume_decrypt_pms()
3439 if (ssl->handshake->async_in_progress != 0) { in ssl_decrypt_encrypted_pms()
3477 ssl->handshake->async_in_progress = 1; in ssl_decrypt_encrypted_pms()
3483 ssl->handshake->async_in_progress = 1; in ssl_decrypt_encrypted_pms()
3510 unsigned char *pms = ssl->handshake->premaster + pms_offset; in ssl_parse_encrypted_pms()
3570 if (sizeof(ssl->handshake->premaster) < pms_offset || in ssl_parse_encrypted_pms()
3571 sizeof(ssl->handshake->premaster) - pms_offset < 48) { in ssl_parse_encrypted_pms()
3575 ssl->handshake->pmslen = 48; in ssl_parse_encrypted_pms()
3579 mbedtls_ct_memcpy_if(diff, pms, fake_pms, peer_pms, ssl->handshake->pmslen); in ssl_parse_encrypted_pms()
3648 ciphersuite_info = ssl->handshake->ciphersuite_info; in ssl_parse_client_key_exchange()
3657 (ssl->handshake->async_in_progress != 0)) { in ssl_parse_client_key_exchange()
3694 if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, in ssl_parse_client_key_exchange()
3695 ssl->handshake->premaster, in ssl_parse_client_key_exchange()
3697 &ssl->handshake->pmslen, in ssl_parse_client_key_exchange()
3703 MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K); in ssl_parse_client_key_exchange()
3718 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_parse_client_key_exchange() local
3739 if (data_len > sizeof(handshake->xxdh_psa_peerkey)) { in ssl_parse_client_key_exchange()
3743 sizeof(handshake->xxdh_psa_peerkey))); in ssl_parse_client_key_exchange()
3746 memcpy(handshake->xxdh_psa_peerkey, p, data_len); in ssl_parse_client_key_exchange()
3747 handshake->xxdh_psa_peerkey_len = data_len; in ssl_parse_client_key_exchange()
3751 PSA_ALG_ECDH, handshake->xxdh_psa_privkey, in ssl_parse_client_key_exchange()
3752 handshake->xxdh_psa_peerkey, handshake->xxdh_psa_peerkey_len, in ssl_parse_client_key_exchange()
3753 handshake->premaster, sizeof(handshake->premaster), in ssl_parse_client_key_exchange()
3754 &handshake->pmslen); in ssl_parse_client_key_exchange()
3758 if (handshake->xxdh_psa_privkey_is_external == 0) { in ssl_parse_client_key_exchange()
3759 (void) psa_destroy_key(handshake->xxdh_psa_privkey); in ssl_parse_client_key_exchange()
3761 handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_parse_client_key_exchange()
3765 if (handshake->xxdh_psa_privkey_is_external == 0) { in ssl_parse_client_key_exchange()
3766 status = psa_destroy_key(handshake->xxdh_psa_privkey); in ssl_parse_client_key_exchange()
3774 handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_parse_client_key_exchange()
3776 if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
3782 MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
3785 if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
3786 &ssl->handshake->pmslen, in ssl_parse_client_key_exchange()
3787 ssl->handshake->premaster, in ssl_parse_client_key_exchange()
3794 MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
3827 if (ssl->handshake->async_in_progress != 0) { in ssl_parse_client_key_exchange()
3874 unsigned char *pms = ssl->handshake->premaster; in ssl_parse_client_key_exchange()
3875 unsigned char *pms_end = pms + sizeof(ssl->handshake->premaster); in ssl_parse_client_key_exchange()
3879 if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, in ssl_parse_client_key_exchange()
3888 MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K); in ssl_parse_client_key_exchange()
3906 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_parse_client_key_exchange() local
3910 psa_destroy_key(handshake->xxdh_psa_privkey); in ssl_parse_client_key_exchange()
3911 handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_parse_client_key_exchange()
3917 psa_destroy_key(handshake->xxdh_psa_privkey); in ssl_parse_client_key_exchange()
3918 handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_parse_client_key_exchange()
3924 psa_destroy_key(handshake->xxdh_psa_privkey); in ssl_parse_client_key_exchange()
3925 handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_parse_client_key_exchange()
3934 if (ecpoint_len > sizeof(handshake->xxdh_psa_peerkey)) { in ssl_parse_client_key_exchange()
3935 psa_destroy_key(handshake->xxdh_psa_privkey); in ssl_parse_client_key_exchange()
3936 handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_parse_client_key_exchange()
3940 MBEDTLS_STATIC_ASSERT(sizeof(handshake->xxdh_psa_peerkey) >= UINT8_MAX, in ssl_parse_client_key_exchange()
3944 memcpy(handshake->xxdh_psa_peerkey, p, ecpoint_len); in ssl_parse_client_key_exchange()
3945 handshake->xxdh_psa_peerkey_len = ecpoint_len; in ssl_parse_client_key_exchange()
3954 unsigned char *psm = ssl->handshake->premaster; in ssl_parse_client_key_exchange()
3956 psm + sizeof(ssl->handshake->premaster); in ssl_parse_client_key_exchange()
3963 handshake->xxdh_psa_privkey, in ssl_parse_client_key_exchange()
3964 handshake->xxdh_psa_peerkey, in ssl_parse_client_key_exchange()
3965 handshake->xxdh_psa_peerkey_len, in ssl_parse_client_key_exchange()
3970 destruction_status = psa_destroy_key(handshake->xxdh_psa_privkey); in ssl_parse_client_key_exchange()
3971 handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_parse_client_key_exchange()
3989 if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
3995 MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
4019 &ssl->handshake->psa_pake_ctx, p, (size_t) (end - p), in ssl_parse_client_key_exchange()
4021 psa_destroy_key(ssl->handshake->psa_pake_password); in ssl_parse_client_key_exchange()
4022 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in ssl_parse_client_key_exchange()
4028 ret = mbedtls_ecjpake_read_round_two(&ssl->handshake->ecjpake_ctx, in ssl_parse_client_key_exchange()
4035 ret = mbedtls_ecjpake_derive_secret(&ssl->handshake->ecjpake_ctx, in ssl_parse_client_key_exchange()
4036 ssl->handshake->premaster, 32, &ssl->handshake->pmslen, in ssl_parse_client_key_exchange()
4067 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_verify()
4092 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_verify()
4136 peer_pk = &ssl->handshake->peer_pubkey; in ssl_parse_certificate_verify()
4214 ret = ssl->handshake->calc_verify(ssl, hash, &dummy_hlen); in ssl_parse_certificate_verify()
4284 ssl->handshake->new_session_ticket = 0; in ssl_write_new_session_ticket()
4384 if (ssl->handshake->new_session_ticket != 0) { in mbedtls_ssl_handshake_server_step()