Lines Matching refs:ssl
46 static int ssl_tls13_write_supported_versions_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_supported_versions_ext() argument
52 unsigned char versions_len = (ssl->handshake->min_tls_version <= in ssl_tls13_write_supported_versions_ext()
83 if (ssl->handshake->min_tls_version <= MBEDTLS_SSL_VERSION_TLS1_2) { in ssl_tls13_write_supported_versions_ext()
92 ssl, MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS); in ssl_tls13_write_supported_versions_ext()
98 static int ssl_tls13_parse_supported_versions_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_supported_versions_ext() argument
102 ((void) ssl); in ssl_tls13_parse_supported_versions_ext()
105 if (mbedtls_ssl_read_version(buf, ssl->conf->transport) != in ssl_tls13_parse_supported_versions_ext()
127 static int ssl_tls13_parse_alpn_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_alpn_ext() argument
136 if (ssl->conf->alpn_list == NULL) { in ssl_tls13_parse_alpn_ext()
162 for (const char **alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++) { in ssl_tls13_parse_alpn_ext()
165 ssl->alpn_chosen = *alpn; in ssl_tls13_parse_alpn_ext()
175 static int ssl_tls13_reset_key_share(mbedtls_ssl_context *ssl) in ssl_tls13_reset_key_share() argument
177 uint16_t group_id = ssl->handshake->offered_group_id; in ssl_tls13_reset_key_share()
190 status = psa_destroy_key(ssl->handshake->xxdh_psa_privkey); in ssl_tls13_reset_key_share()
197 ssl->handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_tls13_reset_key_share()
213 static int ssl_tls13_get_default_group_id(mbedtls_ssl_context *ssl, in ssl_tls13_get_default_group_id() argument
220 const uint16_t *group_list = mbedtls_ssl_get_groups(ssl); in ssl_tls13_get_default_group_id()
243 ((void) ssl); in ssl_tls13_get_default_group_id()
264 static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_key_share_ext() argument
288 group_id = ssl->handshake->offered_group_id; in ssl_tls13_write_key_share_ext()
291 MBEDTLS_SSL_PROC_CHK(ssl_tls13_get_default_group_id(ssl, in ssl_tls13_write_key_share_ext()
319 ssl, group_id, p, end, &key_exchange_len); in ssl_tls13_write_key_share_ext()
352 ssl->handshake->offered_group_id = group_id; in ssl_tls13_write_key_share_ext()
360 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_KEY_SHARE); in ssl_tls13_write_key_share_ext()
377 static int ssl_tls13_parse_hrr_key_share_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_hrr_key_share_ext() argument
386 const uint16_t *group_list = mbedtls_ssl_get_groups(ssl); in ssl_tls13_parse_hrr_key_share_ext()
433 if (found == 0 || selected_group == ssl->handshake->offered_group_id) { in ssl_tls13_parse_hrr_key_share_ext()
442 ssl->handshake->offered_group_id = selected_group; in ssl_tls13_parse_hrr_key_share_ext()
446 (void) ssl; in ssl_tls13_parse_hrr_key_share_ext()
466 static int ssl_tls13_parse_key_share_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_key_share_ext() argument
483 offered_group = ssl->handshake->offered_group_id; in ssl_tls13_parse_key_share_ext()
498 ret = mbedtls_ssl_tls13_read_public_xxdhe_share(ssl, p, end - p); in ssl_tls13_parse_key_share_ext()
530 static int ssl_tls13_parse_cookie_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_cookie_ext() argument
536 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_cookie_ext()
563 static int ssl_tls13_write_cookie_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_cookie_ext() argument
570 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_write_cookie_ext()
595 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_COOKIE); in ssl_tls13_write_cookie_ext()
611 static int ssl_tls13_write_psk_key_exchange_modes_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_psk_key_exchange_modes_ext() argument
625 if (!mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl)) { in ssl_tls13_write_psk_key_exchange_modes_ext()
644 if (mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl)) { in ssl_tls13_write_psk_key_exchange_modes_ext()
651 if (mbedtls_ssl_conf_tls13_is_psk_enabled(ssl)) { in ssl_tls13_write_psk_key_exchange_modes_ext()
665 ssl, MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES); in ssl_tls13_write_psk_key_exchange_modes_ext()
683 static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl) in ssl_tls13_has_configured_ticket() argument
685 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_has_configured_ticket()
686 return ssl->handshake->resume && in ssl_tls13_has_configured_ticket()
689 ssl, mbedtls_ssl_tls13_session_get_ticket_flags( in ssl_tls13_has_configured_ticket()
694 static int ssl_tls13_early_data_has_valid_ticket(mbedtls_ssl_context *ssl) in ssl_tls13_early_data_has_valid_ticket() argument
696 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_early_data_has_valid_ticket()
697 return ssl->handshake->resume && in ssl_tls13_early_data_has_valid_ticket()
700 mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, session->ciphersuite); in ssl_tls13_early_data_has_valid_ticket()
705 static int ssl_tls13_ticket_get_identity(mbedtls_ssl_context *ssl, in ssl_tls13_ticket_get_identity() argument
710 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_ticket_get_identity()
712 if (!ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_ticket_get_identity()
723 static int ssl_tls13_ticket_get_psk(mbedtls_ssl_context *ssl, in ssl_tls13_ticket_get_psk() argument
729 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_ticket_get_psk()
731 if (!ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_ticket_get_psk()
744 static int ssl_tls13_psk_get_identity(mbedtls_ssl_context *ssl, in ssl_tls13_psk_get_identity() argument
750 if (!mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_psk_get_identity()
755 *identity = ssl->conf->psk_identity; in ssl_tls13_psk_get_identity()
756 *identity_len = ssl->conf->psk_identity_len; in ssl_tls13_psk_get_identity()
761 static int ssl_tls13_psk_get_psk(mbedtls_ssl_context *ssl, in ssl_tls13_psk_get_psk() argument
767 if (!mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_psk_get_psk()
772 *psk = ssl->conf->psk; in ssl_tls13_psk_get_psk()
773 *psk_len = ssl->conf->psk_len; in ssl_tls13_psk_get_psk()
777 static int ssl_tls13_get_configured_psk_count(mbedtls_ssl_context *ssl) in ssl_tls13_get_configured_psk_count() argument
781 if (ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_get_configured_psk_count()
786 if (mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_get_configured_psk_count()
794 static int ssl_tls13_write_identity(mbedtls_ssl_context *ssl, in ssl_tls13_write_identity() argument
802 ((void) ssl); in ssl_tls13_write_identity()
824 static int ssl_tls13_write_binder(mbedtls_ssl_context *ssl, in ssl_tls13_write_binder() argument
852 ssl, mbedtls_md_type_from_psa_alg(hash_alg), in ssl_tls13_write_binder()
858 ret = mbedtls_ssl_tls13_create_psk_binder(ssl, hash_alg, in ssl_tls13_write_binder()
896 mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext() argument
912 configured_psk_count = ssl_tls13_get_configured_psk_count(ssl); in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
931 ssl, &hash_alg, &identity, &identity_len) == 0) { in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
934 mbedtls_ssl_session *session = ssl->session_negotiate; in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
943 ret = ssl_tls13_write_identity(ssl, p, end, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
948 ret = ssl_tls13_write_identity(ssl, p, end, identity, identity_len, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
961 ssl, &hash_alg, &identity, &identity_len) == 0) { in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
963 ret = ssl_tls13_write_identity(ssl, p, end, identity, identity_len, 0, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
1000 mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end) in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext() argument
1016 if (ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len) == 0) { in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1018 ret = ssl_tls13_write_binder(ssl, p, end, in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1029 if (ssl_tls13_psk_get_psk(ssl, &hash_alg, &psk, &psk_len) == 0) { in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1031 ret = ssl_tls13_write_binder(ssl, p, end, in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1051 ssl, MBEDTLS_TLS_EXT_PRE_SHARED_KEY); in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1075 static int ssl_tls13_parse_server_pre_shared_key_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_server_pre_shared_key_ext() argument
1087 ssl->handshake->selected_identity = (uint16_t) selected_identity; in ssl_tls13_parse_server_pre_shared_key_ext()
1091 if (selected_identity >= ssl_tls13_get_configured_psk_count(ssl)) { in ssl_tls13_parse_server_pre_shared_key_ext()
1100 if (selected_identity == 0 && ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_parse_server_pre_shared_key_ext()
1101 ret = ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len); in ssl_tls13_parse_server_pre_shared_key_ext()
1104 if (mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_parse_server_pre_shared_key_ext()
1105 ret = ssl_tls13_psk_get_psk(ssl, &hash_alg, &psk, &psk_len); in ssl_tls13_parse_server_pre_shared_key_ext()
1114 if (mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac) in ssl_tls13_parse_server_pre_shared_key_ext()
1124 ret = mbedtls_ssl_set_hs_psk(ssl, psk, psk_len); in ssl_tls13_parse_server_pre_shared_key_ext()
1134 int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, in mbedtls_ssl_tls13_write_client_hello_exts() argument
1145 ret = mbedtls_ssl_tls13_crypto_init(ssl); in mbedtls_ssl_tls13_write_client_hello_exts()
1154 ret = ssl_tls13_write_supported_versions_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1163 ret = ssl_tls13_write_cookie_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1171 ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1179 if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in mbedtls_ssl_tls13_write_client_hello_exts()
1180 ret = ssl_tls13_write_key_share_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1197 if (!ssl->handshake->hello_retry_request_flag) { in mbedtls_ssl_tls13_write_client_hello_exts()
1198 if (mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl) && in mbedtls_ssl_tls13_write_client_hello_exts()
1199 ssl_tls13_early_data_has_valid_ticket(ssl) && in mbedtls_ssl_tls13_write_client_hello_exts()
1200 ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { in mbedtls_ssl_tls13_write_client_hello_exts()
1202 ssl, 0, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1208 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_IND_SENT; in mbedtls_ssl_tls13_write_client_hello_exts()
1210 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT; in mbedtls_ssl_tls13_write_client_hello_exts()
1225 ret = ssl_tls13_write_psk_key_exchange_modes_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1237 int mbedtls_ssl_tls13_finalize_client_hello(mbedtls_ssl_context *ssl) in mbedtls_ssl_tls13_finalize_client_hello() argument
1239 ((void) ssl); in mbedtls_ssl_tls13_finalize_client_hello()
1248 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_IND_SENT) { in mbedtls_ssl_tls13_finalize_client_hello()
1252 ret = ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len); in mbedtls_ssl_tls13_finalize_client_hello()
1259 ret = mbedtls_ssl_set_hs_psk(ssl, psk, psk_len); in mbedtls_ssl_tls13_finalize_client_hello()
1278 ssl->session_negotiate->ciphersuite); in mbedtls_ssl_tls13_finalize_client_hello()
1279 ssl->handshake->ciphersuite_info = ciphersuite_info; in mbedtls_ssl_tls13_finalize_client_hello()
1282 ssl->handshake->key_exchange_mode = in mbedtls_ssl_tls13_finalize_client_hello()
1288 ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl); in mbedtls_ssl_tls13_finalize_client_hello()
1296 ret = mbedtls_ssl_tls13_compute_early_transform(ssl); in mbedtls_ssl_tls13_finalize_client_hello()
1305 ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO); in mbedtls_ssl_tls13_finalize_client_hello()
1310 ssl, ssl->handshake->transform_earlydata); in mbedtls_ssl_tls13_finalize_client_hello()
1311 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_CAN_WRITE; in mbedtls_ssl_tls13_finalize_client_hello()
1335 mbedtls_ssl_context *ssl, in ssl_tls13_is_supported_versions_ext_present() argument
1365 ssl, p, end, in ssl_tls13_is_supported_versions_ext_present()
1375 static int ssl_tls13_is_downgrade_negotiation(mbedtls_ssl_context *ssl, in ssl_tls13_is_downgrade_negotiation() argument
1407 static int ssl_server_hello_is_hrr(mbedtls_ssl_context *ssl, in ssl_server_hello_is_hrr() argument
1446 static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl, in ssl_tls13_preprocess_server_hello() argument
1451 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_preprocess_server_hello()
1454 ssl, buf, end)); in ssl_tls13_preprocess_server_hello()
1458 ssl_tls13_is_downgrade_negotiation(ssl, buf, end)); in ssl_tls13_preprocess_server_hello()
1479 ssl->keep_current_message = 1; in ssl_tls13_preprocess_server_hello()
1480 ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; in ssl_tls13_preprocess_server_hello()
1482 ssl, MBEDTLS_SSL_HS_SERVER_HELLO, in ssl_tls13_preprocess_server_hello()
1485 if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in ssl_tls13_preprocess_server_hello()
1486 ret = ssl_tls13_reset_key_share(ssl); in ssl_tls13_preprocess_server_hello()
1495 ssl->session_negotiate->tls_version = ssl->tls_version; in ssl_tls13_preprocess_server_hello()
1496 ssl->session_negotiate->endpoint = ssl->conf->endpoint; in ssl_tls13_preprocess_server_hello()
1500 ret = ssl_server_hello_is_hrr(ssl, buf, end); in ssl_tls13_preprocess_server_hello()
1525 if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in ssl_tls13_preprocess_server_hello()
1545 static int ssl_tls13_check_server_hello_session_id_echo(mbedtls_ssl_context *ssl, in ssl_tls13_check_server_hello_session_id_echo() argument
1558 if (ssl->session_negotiate->id_len != legacy_session_id_echo_len || in ssl_tls13_check_server_hello_session_id_echo()
1559 memcmp(ssl->session_negotiate->id, p, legacy_session_id_echo_len) != 0) { in ssl_tls13_check_server_hello_session_id_echo()
1561 ssl->session_negotiate->id, in ssl_tls13_check_server_hello_session_id_echo()
1562 ssl->session_negotiate->id_len); in ssl_tls13_check_server_hello_session_id_echo()
1575 MBEDTLS_SSL_DEBUG_BUF(3, "Session ID", ssl->session_negotiate->id, in ssl_tls13_check_server_hello_session_id_echo()
1576 ssl->session_negotiate->id_len); in ssl_tls13_check_server_hello_session_id_echo()
1592 static int ssl_tls13_parse_server_hello(mbedtls_ssl_context *ssl, in ssl_tls13_parse_server_hello() argument
1599 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_server_hello()
1629 if (mbedtls_ssl_read_version(p, ssl->conf->transport) != in ssl_tls13_parse_server_hello()
1657 if (ssl_tls13_check_server_hello_session_id_echo(ssl, &p, end) != 0) { in ssl_tls13_parse_server_hello()
1677 if ((mbedtls_ssl_validate_ciphersuite(ssl, ciphersuite_info, in ssl_tls13_parse_server_hello()
1678 ssl->tls_version, in ssl_tls13_parse_server_hello()
1679 ssl->tls_version) != 0) || in ssl_tls13_parse_server_hello()
1680 !mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, cipher_suite)) { in ssl_tls13_parse_server_hello()
1690 (cipher_suite != ssl->session_negotiate->ciphersuite)) { in ssl_tls13_parse_server_hello()
1701 mbedtls_ssl_optimize_checksum(ssl, ciphersuite_info); in ssl_tls13_parse_server_hello()
1708 ssl->session_negotiate->start = mbedtls_time(NULL); in ssl_tls13_parse_server_hello()
1760 ssl, hs_msg_type, extension_type, allowed_extensions_mask); in ssl_tls13_parse_server_hello()
1768 ret = ssl_tls13_parse_cookie_ext(ssl, in ssl_tls13_parse_server_hello()
1779 ret = ssl_tls13_parse_supported_versions_ext(ssl, in ssl_tls13_parse_server_hello()
1792 ssl, p, extension_data_end)) != 0) { in ssl_tls13_parse_server_hello()
1802 if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in ssl_tls13_parse_server_hello()
1808 ret = ssl_tls13_parse_hrr_key_share_ext(ssl, in ssl_tls13_parse_server_hello()
1811 ret = ssl_tls13_parse_key_share_ext(ssl, in ssl_tls13_parse_server_hello()
1863 static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) in ssl_tls13_postprocess_server_hello() argument
1866 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_postprocess_server_hello()
1906 ssl, handshake->key_exchange_mode)) { in ssl_tls13_postprocess_server_hello()
1928 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT || in ssl_tls13_postprocess_server_hello()
1933 ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl); in ssl_tls13_postprocess_server_hello()
1941 ret = mbedtls_ssl_tls13_compute_handshake_transform(ssl); in ssl_tls13_postprocess_server_hello()
1949 mbedtls_ssl_set_inbound_transform(ssl, handshake->transform_handshake); in ssl_tls13_postprocess_server_hello()
1951 ssl->session_in = ssl->session_negotiate; in ssl_tls13_postprocess_server_hello()
1964 static int ssl_tls13_postprocess_hrr(mbedtls_ssl_context *ssl) in ssl_tls13_postprocess_hrr() argument
1968 mbedtls_ssl_session_reset_msg_layer(ssl, 0); in ssl_tls13_postprocess_hrr()
1976 ret = ssl_tls13_reset_key_share(ssl); in ssl_tls13_postprocess_hrr()
1981 ssl->session_negotiate->ciphersuite = ssl->handshake->ciphersuite_info->id; in ssl_tls13_postprocess_hrr()
1984 if (ssl->early_data_state != MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT) { in ssl_tls13_postprocess_hrr()
1985 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_REJECTED; in ssl_tls13_postprocess_hrr()
1997 static int ssl_tls13_process_server_hello(mbedtls_ssl_context *ssl) in ssl_tls13_process_server_hello() argument
2007 ssl, MBEDTLS_SSL_HS_SERVER_HELLO, &buf, &buf_len)); in ssl_tls13_process_server_hello()
2009 ret = ssl_tls13_preprocess_server_hello(ssl, buf, buf + buf_len); in ssl_tls13_process_server_hello()
2021 MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_server_hello(ssl, buf, in ssl_tls13_process_server_hello()
2025 MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_reset_transcript_for_hrr(ssl)); in ssl_tls13_process_server_hello()
2029 ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, buf_len)); in ssl_tls13_process_server_hello()
2032 MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_hrr(ssl)); in ssl_tls13_process_server_hello()
2039 ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO); in ssl_tls13_process_server_hello()
2041 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in ssl_tls13_process_server_hello()
2044 MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_server_hello(ssl)); in ssl_tls13_process_server_hello()
2045 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS); in ssl_tls13_process_server_hello()
2069 static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl, in ssl_tls13_parse_encrypted_extensions() argument
2077 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_encrypted_extensions()
2108 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, extension_type, in ssl_tls13_parse_encrypted_extensions()
2120 ssl, p, (size_t) extension_data_len)) != 0) { in ssl_tls13_parse_encrypted_extensions()
2145 ssl, p, p + extension_data_len); in ssl_tls13_parse_encrypted_extensions()
2190 static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) in ssl_tls13_process_encrypted_extensions() argument
2195 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_process_encrypted_extensions()
2200 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, in ssl_tls13_process_encrypted_extensions()
2205 ssl_tls13_parse_encrypted_extensions(ssl, buf, buf + buf_len)); in ssl_tls13_process_encrypted_extensions()
2236 if ((!mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) || in ssl_tls13_process_encrypted_extensions()
2239 ssl->session_negotiate->ciphersuite) { in ssl_tls13_process_encrypted_extensions()
2247 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_ACCEPTED; in ssl_tls13_process_encrypted_extensions()
2248 } else if (ssl->early_data_state != in ssl_tls13_process_encrypted_extensions()
2250 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_REJECTED; in ssl_tls13_process_encrypted_extensions()
2264 ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id; in ssl_tls13_process_encrypted_extensions()
2267 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, in ssl_tls13_process_encrypted_extensions()
2271 if (mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) { in ssl_tls13_process_encrypted_extensions()
2272 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED); in ssl_tls13_process_encrypted_extensions()
2274 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST); in ssl_tls13_process_encrypted_extensions()
2277 ((void) ssl); in ssl_tls13_process_encrypted_extensions()
2278 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED); in ssl_tls13_process_encrypted_extensions()
2302 static int ssl_tls13_write_end_of_early_data(mbedtls_ssl_context *ssl) in ssl_tls13_write_end_of_early_data() argument
2310 ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, in ssl_tls13_write_end_of_early_data()
2314 ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, 0)); in ssl_tls13_write_end_of_early_data()
2317 mbedtls_ssl_finish_handshake_msg(ssl, buf_len, 0)); in ssl_tls13_write_end_of_early_data()
2319 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); in ssl_tls13_write_end_of_early_data()
2327 int mbedtls_ssl_get_early_data_status(mbedtls_ssl_context *ssl) in mbedtls_ssl_get_early_data_status() argument
2329 if ((ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) || in mbedtls_ssl_get_early_data_status()
2330 (!mbedtls_ssl_is_handshake_over(ssl))) { in mbedtls_ssl_get_early_data_status()
2334 switch (ssl->early_data_state) { in mbedtls_ssl_get_early_data_status()
2368 static int ssl_tls13_certificate_request_coordinate(mbedtls_ssl_context *ssl) in ssl_tls13_certificate_request_coordinate() argument
2372 if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) { in ssl_tls13_certificate_request_coordinate()
2376 ssl->keep_current_message = 1; in ssl_tls13_certificate_request_coordinate()
2378 if ((ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) && in ssl_tls13_certificate_request_coordinate()
2379 (ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST)) { in ssl_tls13_certificate_request_coordinate()
2398 static int ssl_tls13_parse_certificate_request(mbedtls_ssl_context *ssl, in ssl_tls13_parse_certificate_request() argument
2407 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_certificate_request()
2458 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, extension_type, in ssl_tls13_parse_certificate_request()
2468 ret = mbedtls_ssl_parse_sig_alg_ext(ssl, p, in ssl_tls13_parse_certificate_request()
2506 ssl->handshake->client_auth = 1; in ssl_tls13_parse_certificate_request()
2519 static int ssl_tls13_process_certificate_request(mbedtls_ssl_context *ssl) in ssl_tls13_process_certificate_request() argument
2525 MBEDTLS_SSL_PROC_CHK_NEG(ssl_tls13_certificate_request_coordinate(ssl)); in ssl_tls13_process_certificate_request()
2532 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, in ssl_tls13_process_certificate_request()
2536 ssl, buf, buf + buf_len)); in ssl_tls13_process_certificate_request()
2539 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, in ssl_tls13_process_certificate_request()
2549 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_CERTIFICATE); in ssl_tls13_process_certificate_request()
2561 static int ssl_tls13_process_server_certificate(mbedtls_ssl_context *ssl) in ssl_tls13_process_server_certificate() argument
2565 ret = mbedtls_ssl_tls13_process_certificate(ssl); in ssl_tls13_process_server_certificate()
2570 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CERTIFICATE_VERIFY); in ssl_tls13_process_server_certificate()
2578 static int ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl) in ssl_tls13_process_certificate_verify() argument
2582 ret = mbedtls_ssl_tls13_process_certificate_verify(ssl); in ssl_tls13_process_certificate_verify()
2587 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED); in ssl_tls13_process_certificate_verify()
2596 static int ssl_tls13_process_server_finished(mbedtls_ssl_context *ssl) in ssl_tls13_process_server_finished() argument
2600 ret = mbedtls_ssl_tls13_process_finished_message(ssl); in ssl_tls13_process_server_finished()
2605 ret = mbedtls_ssl_tls13_compute_application_transform(ssl); in ssl_tls13_process_server_finished()
2614 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_ACCEPTED) { in ssl_tls13_process_server_finished()
2615 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_SERVER_FINISHED_RECEIVED; in ssl_tls13_process_server_finished()
2616 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_END_OF_EARLY_DATA); in ssl_tls13_process_server_finished()
2622 ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED); in ssl_tls13_process_server_finished()
2624 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); in ssl_tls13_process_server_finished()
2635 static int ssl_tls13_write_client_certificate(mbedtls_ssl_context *ssl) in ssl_tls13_write_client_certificate() argument
2641 mbedtls_ssl_set_outbound_transform(ssl, ssl->handshake->transform_handshake); in ssl_tls13_write_client_certificate()
2644 if (ssl->handshake->client_auth) { in ssl_tls13_write_client_certificate()
2645 int ret = mbedtls_ssl_tls13_write_certificate(ssl); in ssl_tls13_write_client_certificate()
2650 if (mbedtls_ssl_own_cert(ssl) != NULL) { in ssl_tls13_write_client_certificate()
2659 mbedtls_ssl_handshake_set_state(ssl, in ssl_tls13_write_client_certificate()
2663 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); in ssl_tls13_write_client_certificate()
2674 static int ssl_tls13_write_client_certificate_verify(mbedtls_ssl_context *ssl) in ssl_tls13_write_client_certificate_verify() argument
2676 int ret = mbedtls_ssl_tls13_write_certificate_verify(ssl); in ssl_tls13_write_client_certificate_verify()
2679 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); in ssl_tls13_write_client_certificate_verify()
2690 static int ssl_tls13_write_client_finished(mbedtls_ssl_context *ssl) in ssl_tls13_write_client_finished() argument
2694 ret = mbedtls_ssl_tls13_write_finished_message(ssl); in ssl_tls13_write_client_finished()
2699 ret = mbedtls_ssl_tls13_compute_resumption_master_secret(ssl); in ssl_tls13_write_client_finished()
2706 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_FLUSH_BUFFERS); in ssl_tls13_write_client_finished()
2714 static int ssl_tls13_flush_buffers(mbedtls_ssl_context *ssl) in ssl_tls13_flush_buffers() argument
2717 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP); in ssl_tls13_flush_buffers()
2725 static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) in ssl_tls13_handshake_wrapup() argument
2728 mbedtls_ssl_tls13_handshake_wrapup(ssl); in ssl_tls13_handshake_wrapup()
2730 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER); in ssl_tls13_handshake_wrapup()
2748 mbedtls_ssl_context *ssl, in ssl_tls13_parse_new_session_ticket_early_data_ext() argument
2752 mbedtls_ssl_session *session = ssl->session; in ssl_tls13_parse_new_session_ticket_early_data_ext()
2768 static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, in ssl_tls13_parse_new_session_ticket_exts() argument
2772 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_new_session_ticket_exts()
2791 ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, extension_type, in ssl_tls13_parse_new_session_ticket_exts()
2801 ssl, p, p + extension_data_len); in ssl_tls13_parse_new_session_ticket_exts()
2839 static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl, in ssl_tls13_parse_new_session_ticket() argument
2847 mbedtls_ssl_session *session = ssl->session; in ssl_tls13_parse_new_session_ticket()
2918 ret = ssl_tls13_parse_new_session_ticket_exts(ssl, p, p + extensions_len); in ssl_tls13_parse_new_session_ticket()
2938 static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl, in ssl_tls13_postprocess_new_session_ticket() argument
2943 mbedtls_ssl_session *session = ssl->session; in ssl_tls13_postprocess_new_session_ticket()
3005 session, ssl->conf->tls13_kex_modes); in ssl_tls13_postprocess_new_session_ticket()
3015 static int ssl_tls13_process_new_session_ticket(mbedtls_ssl_context *ssl) in ssl_tls13_process_new_session_ticket() argument
3026 ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, in ssl_tls13_process_new_session_ticket()
3033 ssl->session->exported = 1; in ssl_tls13_process_new_session_ticket()
3036 ssl, buf, buf + buf_len, in ssl_tls13_process_new_session_ticket()
3040 ssl, ticket_nonce, ticket_nonce_len)); in ssl_tls13_process_new_session_ticket()
3048 ssl->session->exported = 0; in ssl_tls13_process_new_session_ticket()
3061 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER); in ssl_tls13_process_new_session_ticket()
3070 int mbedtls_ssl_tls13_handshake_client_step(mbedtls_ssl_context *ssl) in mbedtls_ssl_tls13_handshake_client_step() argument
3074 switch (ssl->state) { in mbedtls_ssl_tls13_handshake_client_step()
3076 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in mbedtls_ssl_tls13_handshake_client_step()
3080 ret = mbedtls_ssl_write_client_hello(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3084 ret = ssl_tls13_process_server_hello(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3088 ret = ssl_tls13_process_encrypted_extensions(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3093 ret = ssl_tls13_process_certificate_request(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3097 ret = ssl_tls13_process_server_certificate(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3101 ret = ssl_tls13_process_certificate_verify(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3106 ret = ssl_tls13_process_server_finished(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3111 ret = ssl_tls13_write_end_of_early_data(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3116 ret = ssl_tls13_write_client_certificate(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3121 ret = ssl_tls13_write_client_certificate_verify(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3126 ret = ssl_tls13_write_client_finished(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3130 ret = ssl_tls13_flush_buffers(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3134 ret = ssl_tls13_handshake_wrapup(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3142 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3146 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in mbedtls_ssl_tls13_handshake_client_step()
3150 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3154 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); in mbedtls_ssl_tls13_handshake_client_step()
3159 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3161 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO); in mbedtls_ssl_tls13_handshake_client_step()
3166 ssl, ssl->handshake->transform_earlydata); in mbedtls_ssl_tls13_handshake_client_step()
3167 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_CAN_WRITE; in mbedtls_ssl_tls13_handshake_client_step()
3175 ret = ssl_tls13_process_new_session_ticket(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3180 MBEDTLS_SSL_DEBUG_MSG(1, ("invalid state %d", ssl->state)); in mbedtls_ssl_tls13_handshake_client_step()