Home
last modified time | relevance | path

Searched refs:ssl (Results 1 – 20 of 20) sorted by relevance

/optee_os/lib/libmbedtls/mbedtls/library/
H A Dssl_tls12_client.c51 static int ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl, in ssl_write_renegotiation_ext() argument
63 if (ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { in ssl_write_renegotiation_ext()
70 MBEDTLS_SSL_CHK_BUF_PTR(p, end, 5 + ssl->verify_data_len); in ssl_write_renegotiation_ext()
79 *p++ = MBEDTLS_BYTE_0(ssl->verify_data_len + 1); in ssl_write_renegotiation_ext()
80 *p++ = MBEDTLS_BYTE_0(ssl->verify_data_len); in ssl_write_renegotiation_ext()
82 memcpy(p, ssl->own_verify_data, ssl->verify_data_len); in ssl_write_renegotiation_ext()
84 *olen = 5 + ssl->verify_data_len; in ssl_write_renegotiation_ext()
95 static int ssl_write_supported_point_formats_ext(mbedtls_ssl_context *ssl, in ssl_write_supported_point_formats_ext() argument
101 (void) ssl; /* ssl used for debugging only */ in ssl_write_supported_point_formats_ext()
128 static int ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl, in ssl_write_ecjpake_kkpp_ext() argument
[all …]
H A Dssl_msg.c280 static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl);
286 void mbedtls_ssl_set_timer(mbedtls_ssl_context *ssl, uint32_t millisecs) in mbedtls_ssl_set_timer() argument
288 if (ssl->f_set_timer == NULL) { in mbedtls_ssl_set_timer()
293 ssl->f_set_timer(ssl->p_timer, millisecs / 4, millisecs); in mbedtls_ssl_set_timer()
299 int mbedtls_ssl_check_timer(mbedtls_ssl_context *ssl) in mbedtls_ssl_check_timer() argument
301 if (ssl->f_get_timer == NULL) { in mbedtls_ssl_check_timer()
305 if (ssl->f_get_timer(ssl->p_timer) == 2) { in mbedtls_ssl_check_timer()
314 static int ssl_parse_record_header(mbedtls_ssl_context const *ssl,
319 int mbedtls_ssl_check_record(mbedtls_ssl_context const *ssl, in mbedtls_ssl_check_record() argument
330 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM) { in mbedtls_ssl_check_record()
[all …]
H A Dssl_tls12_server.c48 int mbedtls_ssl_set_client_transport_id(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_client_transport_id() argument
52 if (ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER) { in mbedtls_ssl_set_client_transport_id()
56 mbedtls_free(ssl->cli_id); in mbedtls_ssl_set_client_transport_id()
58 if ((ssl->cli_id = mbedtls_calloc(1, ilen)) == NULL) { in mbedtls_ssl_set_client_transport_id()
62 memcpy(ssl->cli_id, info, ilen); in mbedtls_ssl_set_client_transport_id()
63 ssl->cli_id_len = ilen; in mbedtls_ssl_set_client_transport_id()
107 static int ssl_parse_renegotiation_info(mbedtls_ssl_context *ssl, in ssl_parse_renegotiation_info() argument
112 if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { in ssl_parse_renegotiation_info()
114 if (len != 1 + ssl->verify_data_len || in ssl_parse_renegotiation_info()
115 buf[0] != ssl->verify_data_len || in ssl_parse_renegotiation_info()
[all …]
H A Dssl_tls13_server.c25 mbedtls_ssl_context *ssl, in ssl_tls13_validate_peer_ciphersuite() argument
29 if (!mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, cipher_suite)) { in ssl_tls13_validate_peer_ciphersuite()
34 if ((mbedtls_ssl_validate_ciphersuite(ssl, ciphersuite_info, in ssl_tls13_validate_peer_ciphersuite()
35 ssl->tls_version, in ssl_tls13_validate_peer_ciphersuite()
36 ssl->tls_version) != 0)) { in ssl_tls13_validate_peer_ciphersuite()
43 mbedtls_ssl_context *ssl, in ssl_tls13_select_ciphersuite() argument
71 ssl_tls13_validate_peer_ciphersuite(ssl, id); in ssl_tls13_select_ciphersuite()
109 static int ssl_tls13_parse_key_exchange_modes_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_key_exchange_modes_ext() argument
147 ssl->handshake->tls13_kex_modes = ke_modes; in ssl_tls13_parse_key_exchange_modes_ext()
177 static int ssl_tls13_key_exchange_is_psk_available(mbedtls_ssl_context *ssl);
[all …]
H A Dssl_tls13_client.c46 static int ssl_tls13_write_supported_versions_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_supported_versions_ext() argument
52 unsigned char versions_len = (ssl->handshake->min_tls_version <= in ssl_tls13_write_supported_versions_ext()
83 if (ssl->handshake->min_tls_version <= MBEDTLS_SSL_VERSION_TLS1_2) { in ssl_tls13_write_supported_versions_ext()
92 ssl, MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS); in ssl_tls13_write_supported_versions_ext()
98 static int ssl_tls13_parse_supported_versions_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_supported_versions_ext() argument
102 ((void) ssl); in ssl_tls13_parse_supported_versions_ext()
105 if (mbedtls_ssl_read_version(buf, ssl->conf->transport) != in ssl_tls13_parse_supported_versions_ext()
127 static int ssl_tls13_parse_alpn_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_alpn_ext() argument
136 if (ssl->conf->alpn_list == NULL) { in ssl_tls13_parse_alpn_ext()
162 for (const char **alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++) { in ssl_tls13_parse_alpn_ext()
[all …]
H A Dssl_tls.c102 int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl, in mbedtls_ssl_set_cid() argument
107 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_set_cid()
111 ssl->negotiate_cid = enable; in mbedtls_ssl_set_cid()
119 if (own_cid_len != ssl->conf->cid_len) { in mbedtls_ssl_set_cid()
122 (unsigned) ssl->conf->cid_len)); in mbedtls_ssl_set_cid()
126 memcpy(ssl->own_cid, own_cid, own_cid_len); in mbedtls_ssl_set_cid()
129 ssl->own_cid_len = (uint8_t) own_cid_len; in mbedtls_ssl_set_cid()
134 int mbedtls_ssl_get_own_cid(mbedtls_ssl_context *ssl, in mbedtls_ssl_get_own_cid() argument
141 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in mbedtls_ssl_get_own_cid()
148 if (ssl->own_cid_len == 0 || ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { in mbedtls_ssl_get_own_cid()
[all …]
H A Dssl_client.c26 static int ssl_write_hostname_ext(mbedtls_ssl_context *ssl, in ssl_write_hostname_ext() argument
32 const char *hostname = mbedtls_ssl_get_hostname_pointer(ssl); in ssl_write_hostname_ext()
94 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_SERVERNAME); in ssl_write_hostname_ext()
115 static int ssl_write_alpn_ext(mbedtls_ssl_context *ssl, in ssl_write_alpn_ext() argument
124 if (ssl->conf->alpn_list == NULL) { in ssl_write_alpn_ext()
146 for (const char **cur = ssl->conf->alpn_list; *cur != NULL; cur++) { in ssl_write_alpn_ext()
168 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_ALPN); in ssl_write_alpn_ext()
218 static int ssl_write_supported_groups_ext(mbedtls_ssl_context *ssl, in ssl_write_supported_groups_ext() argument
227 const uint16_t *group_list = mbedtls_ssl_get_groups(ssl); in ssl_write_supported_groups_ext()
309 ssl, MBEDTLS_TLS_EXT_SUPPORTED_GROUPS); in ssl_write_supported_groups_ext()
[all …]
H A Dssl_tls13_generic.c40 int mbedtls_ssl_tls13_crypto_init(mbedtls_ssl_context *ssl) in mbedtls_ssl_tls13_crypto_init() argument
44 (void) ssl; // unused when debugging is disabled in mbedtls_ssl_tls13_crypto_init()
57 int mbedtls_ssl_tls13_fetch_handshake_msg(mbedtls_ssl_context *ssl, in mbedtls_ssl_tls13_fetch_handshake_msg() argument
64 if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) { in mbedtls_ssl_tls13_fetch_handshake_msg()
69 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || in mbedtls_ssl_tls13_fetch_handshake_msg()
70 ssl->in_msg[0] != hs_type) { in mbedtls_ssl_tls13_fetch_handshake_msg()
85 *buf = ssl->in_msg + 4; in mbedtls_ssl_tls13_fetch_handshake_msg()
86 *buf_len = ssl->in_hslen - 4; in mbedtls_ssl_tls13_fetch_handshake_msg()
94 mbedtls_ssl_context *ssl, in mbedtls_ssl_tls13_is_supported_versions_ext_present_in_exts() argument
222 static int ssl_tls13_parse_certificate_verify(mbedtls_ssl_context *ssl, in ssl_tls13_parse_certificate_verify() argument
[all …]
H A Dssl_misc.h429 size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl);
445 size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl);
458 size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl);
1284 int mbedtls_ssl_tls12_write_client_hello_exts(mbedtls_ssl_context *ssl,
1305 mbedtls_ssl_context *ssl,
1325 void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl);
1328 void mbedtls_ssl_set_inbound_transform(mbedtls_ssl_context *ssl,
1332 void mbedtls_ssl_set_outbound_transform(mbedtls_ssl_context *ssl,
1336 int mbedtls_ssl_handshake_client_step(mbedtls_ssl_context *ssl);
1338 int mbedtls_ssl_handshake_server_step(mbedtls_ssl_context *ssl);
[all …]
H A Ddebug.c34 static inline void debug_send_line(const mbedtls_ssl_context *ssl, int level, in debug_send_line() argument
45 mbedtls_snprintf(idstr, sizeof(idstr), "%p: %s", (void *) ssl, str); in debug_send_line()
46 ssl->conf->f_dbg(ssl->conf->p_dbg, level, file, line, idstr); in debug_send_line()
48 ssl->conf->f_dbg(ssl->conf->p_dbg, level, file, line, str); in debug_send_line()
53 void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level, in mbedtls_debug_print_msg() argument
63 if (NULL == ssl || in mbedtls_debug_print_msg()
64 NULL == ssl->conf || in mbedtls_debug_print_msg()
65 NULL == ssl->conf->f_dbg || in mbedtls_debug_print_msg()
84 debug_send_line(ssl, level, file, line, str); in mbedtls_debug_print_msg()
87 void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level, in mbedtls_debug_print_ret() argument
[all …]
H A Ddebug_internal.h30 void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
49 void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level,
70 void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level,
91 void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level,
113 void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level,
134 void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
165 void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
H A Dssl_tls13_keys.c671 static int ssl_tls13_key_schedule_stage_application(mbedtls_ssl_context *ssl) in ssl_tls13_key_schedule_stage_application() argument
674 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_key_schedule_stage_application()
772 int mbedtls_ssl_tls13_calculate_verify_data(mbedtls_ssl_context *ssl, in mbedtls_ssl_tls13_calculate_verify_data() argument
786 &ssl->handshake->tls13_hs_secrets; in mbedtls_ssl_tls13_calculate_verify_data()
788 mbedtls_md_type_t const md_type = (mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac; in mbedtls_ssl_tls13_calculate_verify_data()
791 (mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac); in mbedtls_ssl_tls13_calculate_verify_data()
809 ret = mbedtls_ssl_get_handshake_transcript(ssl, md_type, in mbedtls_ssl_tls13_calculate_verify_data()
834 int mbedtls_ssl_tls13_create_psk_binder(mbedtls_ssl_context *ssl, in mbedtls_ssl_tls13_create_psk_binder() argument
848 ssl = NULL; /* make sure we don't use it except for debug */ in mbedtls_ssl_tls13_create_psk_binder()
849 ((void) ssl); in mbedtls_ssl_tls13_create_psk_binder()
[all …]
H A Dssl_debug_helpers.h41 void mbedtls_ssl_print_extensions(const mbedtls_ssl_context *ssl,
46 void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl,
52 void mbedtls_ssl_print_ticket_flags(const mbedtls_ssl_context *ssl,
58 mbedtls_ssl_print_extensions(ssl, level, __FILE__, __LINE__, \
62 mbedtls_ssl_print_extension(ssl, level, __FILE__, __LINE__, \
68 mbedtls_ssl_print_ticket_flags(ssl, level, __FILE__, __LINE__, flags)
H A Dssl_tls13_keys.h480 int mbedtls_ssl_tls13_create_psk_binder(mbedtls_ssl_context *ssl,
519 mbedtls_ssl_context *ssl);
542 int mbedtls_ssl_tls13_key_schedule_stage_early(mbedtls_ssl_context *ssl);
555 int mbedtls_ssl_tls13_compute_resumption_master_secret(mbedtls_ssl_context *ssl);
580 int mbedtls_ssl_tls13_calculate_verify_data(mbedtls_ssl_context *ssl,
604 int mbedtls_ssl_tls13_compute_early_transform(mbedtls_ssl_context *ssl);
617 int mbedtls_ssl_tls13_compute_handshake_transform(mbedtls_ssl_context *ssl);
629 int mbedtls_ssl_tls13_compute_application_transform(mbedtls_ssl_context *ssl);
644 int mbedtls_ssl_tls13_export_handshake_psk(mbedtls_ssl_context *ssl,
H A Dssl_client.h20 int mbedtls_ssl_write_client_hello(mbedtls_ssl_context *ssl);
H A Dssl_tls13_invasive.h16 int mbedtls_ssl_tls13_parse_certificate(mbedtls_ssl_context *ssl,
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/
H A Dssl.h1064 typedef int mbedtls_ssl_async_sign_t(mbedtls_ssl_context *ssl,
1130 typedef int mbedtls_ssl_async_decrypt_t(mbedtls_ssl_context *ssl,
1178 typedef int mbedtls_ssl_async_resume_t(mbedtls_ssl_context *ssl,
1200 typedef void mbedtls_ssl_async_cancel_t(mbedtls_ssl_context *ssl);
1444 typedef int (*mbedtls_ssl_hs_cb_t)(mbedtls_ssl_context *ssl);
2066 void mbedtls_ssl_init(mbedtls_ssl_context *ssl);
2100 int mbedtls_ssl_setup(mbedtls_ssl_context *ssl,
2112 int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl);
2305 const mbedtls_ssl_context *ssl) in mbedtls_ssl_context_get_config() argument
2307 return ssl->MBEDTLS_PRIVATE(conf); in mbedtls_ssl_context_get_config()
[all …]
H A Ddebug.h26 mbedtls_debug_print_msg(ssl, level, __FILE__, __LINE__, \
30 mbedtls_debug_print_ret(ssl, level, __FILE__, __LINE__, text, ret)
33 mbedtls_debug_print_buf(ssl, level, __FILE__, __LINE__, text, buf, len)
37 mbedtls_debug_print_mpi(ssl, level, __FILE__, __LINE__, text, X)
42 mbedtls_debug_print_ecp(ssl, level, __FILE__, __LINE__, text, X)
48 mbedtls_debug_print_crt(ssl, level, __FILE__, __LINE__, text, crt)
56 mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr)
/optee_os/lib/libmbedtls/mbedtls/
H A DChangeLog910 * Fix a compilation error on some platforms when including mbedtls/ssl.h
1422 * Add accessor to obtain ciphersuite id from ssl context.
2384 * Fix use-after-scope error in programs/ssl/ssl_client2.c and ssl_server2.c
2714 * The new utility programs/ssl/ssl_context_info prints a human-readable
3307 * Fix configuration queries in ssl-opt.h. #2030
3308 * Ensure that ssl-opt.h can be run in OS X. #2029
3309 * Re-enable certain interoperability tests in ssl-opt.sh which had previously
3486 * Fix wrong order of freeing in programs/ssl/ssl_server2 example
4159 * Fix status handshake status message in programs/ssl/dtls_client.c. Found
4541 * Fix test in ssl-opt.sh that does not run properly with valgrind
[all …]
H A DREADME.md247 - `tests/ssl-opt.sh` runs integration tests for various TLS options (renegotiation, resumption, e…