Lines Matching refs:ssl
49 int vdb_mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, in vdb_mbedtls_ssl_set_client_transport_id() argument
53 if( ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER ) in vdb_mbedtls_ssl_set_client_transport_id()
56 vdb_mbedtls_free( ssl->cli_id ); in vdb_mbedtls_ssl_set_client_transport_id()
58 if( ( ssl->cli_id = vdb_mbedtls_calloc( 1, ilen ) ) == NULL ) in vdb_mbedtls_ssl_set_client_transport_id()
61 memcpy( ssl->cli_id, info, ilen ); in vdb_mbedtls_ssl_set_client_transport_id()
62 ssl->cli_id_len = ilen; in vdb_mbedtls_ssl_set_client_transport_id()
79 static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, in ssl_parse_servername_ext() argument
92 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_servername_ext()
100 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_servername_ext()
112 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_servername_ext()
119 ret = ssl->conf->f_sni( ssl->conf->p_sni, in ssl_parse_servername_ext()
120 ssl, p + 3, hostname_len ); in ssl_parse_servername_ext()
124 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_servername_ext()
138 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_servername_ext()
168 static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) in ssl_use_opaque_psk() argument
170 if( ssl->conf->f_psk != NULL ) in ssl_use_opaque_psk()
175 if( ! vdb_mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) in ssl_use_opaque_psk()
181 if( ! vdb_mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) ) in ssl_use_opaque_psk()
189 static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, in ssl_parse_renegotiation_info() argument
194 if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_parse_renegotiation_info()
197 if( len != 1 + ssl->verify_data_len || in ssl_parse_renegotiation_info()
198 buf[0] != ssl->verify_data_len || in ssl_parse_renegotiation_info()
199 vdb_mbedtls_ssl_safer_memcmp( buf + 1, ssl->peer_verify_data, in ssl_parse_renegotiation_info()
200 ssl->verify_data_len ) != 0 ) in ssl_parse_renegotiation_info()
203 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_renegotiation_info()
214 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_renegotiation_info()
219 ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; in ssl_parse_renegotiation_info()
240 static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, in ssl_parse_signature_algorithms_ext() argument
254 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_signature_algorithms_ext()
263 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_signature_algorithms_ext()
297 if( vdb_mbedtls_ssl_check_sig_hash( ssl, md_cur ) == 0 ) in ssl_parse_signature_algorithms_ext()
299 vdb_mbedtls_ssl_sig_hash_set_add( &ssl->handshake->hash_algs, sig_cur, md_cur ); in ssl_parse_signature_algorithms_ext()
318 static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, in ssl_parse_supported_elliptic_curves() argument
328 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_elliptic_curves()
337 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_elliptic_curves()
343 if( ssl->handshake->curves != NULL ) in ssl_parse_supported_elliptic_curves()
346 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_elliptic_curves()
359 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_elliptic_curves()
364 ssl->handshake->curves = curves; in ssl_parse_supported_elliptic_curves()
384 static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, in ssl_parse_supported_point_formats() argument
394 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_point_formats()
407 ssl->handshake->ecdh_ctx.point_format = p[0]; in ssl_parse_supported_point_formats()
410 ssl->handshake->ecjpake_ctx.point_format = p[0]; in ssl_parse_supported_point_formats()
426 static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, in ssl_parse_ecjpake_kkpp() argument
432 if( vdb_mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) in ssl_parse_ecjpake_kkpp()
438 if( ( ret = vdb_mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx, in ssl_parse_ecjpake_kkpp()
442 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_ecjpake_kkpp()
448 ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK; in ssl_parse_ecjpake_kkpp()
455 static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, in ssl_parse_max_fragment_length_ext() argument
462 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_max_fragment_length_ext()
467 ssl->session_negotiate->mfl_code = buf[0]; in ssl_parse_max_fragment_length_ext()
474 static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, in ssl_parse_cid_ext() argument
481 if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_cid_ext()
484 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_cid_ext()
501 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_cid_ext()
512 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_cid_ext()
518 if( ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED ) in ssl_parse_cid_ext()
529 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_cid_ext()
534 ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; in ssl_parse_cid_ext()
535 ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; in ssl_parse_cid_ext()
536 memcpy( ssl->handshake->peer_cid, buf, peer_cid_len ); in ssl_parse_cid_ext()
546 static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, in ssl_parse_truncated_hmac_ext() argument
553 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_truncated_hmac_ext()
560 if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) in ssl_parse_truncated_hmac_ext()
561 ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; in ssl_parse_truncated_hmac_ext()
568 static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, in ssl_parse_encrypt_then_mac_ext() argument
575 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_encrypt_then_mac_ext()
582 if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED && in ssl_parse_encrypt_then_mac_ext()
583 ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) in ssl_parse_encrypt_then_mac_ext()
585 ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; in ssl_parse_encrypt_then_mac_ext()
593 static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, in ssl_parse_extended_ms_ext() argument
600 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_extended_ms_ext()
607 if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED && in ssl_parse_extended_ms_ext()
608 ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) in ssl_parse_extended_ms_ext()
610 ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; in ssl_parse_extended_ms_ext()
618 static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, in ssl_parse_session_ticket_ext() argument
627 if( ssl->conf->f_ticket_parse == NULL || in ssl_parse_session_ticket_ext()
628 ssl->conf->f_ticket_write == NULL ) in ssl_parse_session_ticket_ext()
634 ssl->handshake->new_session_ticket = 1; in ssl_parse_session_ticket_ext()
642 if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_parse_session_ticket_ext()
652 if( ( ret = ssl->conf->f_ticket_parse( ssl->conf->p_ticket, &session, in ssl_parse_session_ticket_ext()
671 session.id_len = ssl->session_negotiate->id_len; in ssl_parse_session_ticket_ext()
672 memcpy( &session.id, ssl->session_negotiate->id, session.id_len ); in ssl_parse_session_ticket_ext()
674 vdb_mbedtls_ssl_session_free( ssl->session_negotiate ); in ssl_parse_session_ticket_ext()
675 memcpy( ssl->session_negotiate, &session, sizeof( mbedtls_ssl_session ) ); in ssl_parse_session_ticket_ext()
682 ssl->handshake->resume = 1; in ssl_parse_session_ticket_ext()
685 ssl->handshake->new_session_ticket = 0; in ssl_parse_session_ticket_ext()
692 static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, in ssl_parse_alpn_ext() argument
700 if( ssl->conf->alpn_list == NULL ) in ssl_parse_alpn_ext()
714 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
722 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
739 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
747 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
756 for( ours = ssl->conf->alpn_list; *ours != NULL; ours++ ) in ssl_parse_alpn_ext()
766 ssl->alpn_chosen = *ours; in ssl_parse_alpn_ext()
773 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
780 static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, in ssl_parse_use_srtp_ext() argument
792 if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) || in ssl_parse_use_srtp_ext()
793 ( ssl->conf->dtls_srtp_profile_list == NULL ) || in ssl_parse_use_srtp_ext()
794 ( ssl->conf->dtls_srtp_profile_list_len == 0 ) ) in ssl_parse_use_srtp_ext()
818 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_use_srtp_ext()
823 ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET; in ssl_parse_use_srtp_ext()
833 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_use_srtp_ext()
857 for( i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++) in ssl_parse_use_srtp_ext()
859 if( client_protection == ssl->conf->dtls_srtp_profile_list[i] ) in ssl_parse_use_srtp_ext()
861 ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i]; in ssl_parse_use_srtp_ext()
868 if( ssl->dtls_srtp_info.chosen_dtls_srtp_profile != MBEDTLS_TLS_SRTP_UNSET ) in ssl_parse_use_srtp_ext()
878 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_use_srtp_ext()
884 if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED && in ssl_parse_use_srtp_ext()
887 ssl->dtls_srtp_info.mki_len = mki_length; in ssl_parse_use_srtp_ext()
889 memcpy( ssl->dtls_srtp_info.mki_value, buf, mki_length ); in ssl_parse_use_srtp_ext()
891 MBEDTLS_SSL_DEBUG_BUF( 3, "using mki", ssl->dtls_srtp_info.mki_value, in ssl_parse_use_srtp_ext()
892 ssl->dtls_srtp_info.mki_len ); in ssl_parse_use_srtp_ext()
929 static int ssl_pick_cert( mbedtls_ssl_context *ssl, in ssl_pick_cert() argument
938 if( ssl->handshake->sni_key_cert != NULL ) in ssl_pick_cert()
939 list = ssl->handshake->sni_key_cert; in ssl_pick_cert()
942 list = ssl->conf->key_cert; in ssl_pick_cert()
985 ssl_check_key_curve( &cur->cert->pk, ssl->handshake->curves ) != 0 ) in ssl_pick_cert()
997 if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 && in ssl_pick_cert()
1019 ssl->handshake->key_cert = cur; in ssl_pick_cert()
1021 ssl->handshake->key_cert->cert ); in ssl_pick_cert()
1033 static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, in ssl_ciphersuite_match() argument
1053 if( suite_info->min_minor_ver > ssl->minor_ver || in ssl_ciphersuite_match()
1054 suite_info->max_minor_ver < ssl->minor_ver ) in ssl_ciphersuite_match()
1061 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_ciphersuite_match()
1067 if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && in ssl_ciphersuite_match()
1077 ( ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK ) == 0 ) in ssl_ciphersuite_match()
1088 ( ssl->handshake->curves == NULL || in ssl_ciphersuite_match()
1089 ssl->handshake->curves[0] == NULL ) ) in ssl_ciphersuite_match()
1101 ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) in ssl_ciphersuite_match()
1112 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_ciphersuite_match()
1116 … vdb_mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, sig_type ) == MBEDTLS_MD_NONE ) in ssl_ciphersuite_match()
1135 if( ssl_pick_cert( ssl, suite_info ) != 0 ) in ssl_ciphersuite_match()
1148 static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) in ssl_parse_client_hello_v2() argument
1161 if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_parse_client_hello_v2()
1164 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello_v2()
1170 buf = ssl->in_hdr; in ssl_parse_client_hello_v2()
1206 ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; in ssl_parse_client_hello_v2()
1207 ssl->minor_ver = ( buf[4] <= ssl->conf->max_minor_ver ) in ssl_parse_client_hello_v2()
1208 ? buf[4] : ssl->conf->max_minor_ver; in ssl_parse_client_hello_v2()
1210 if( ssl->minor_ver < ssl->conf->min_minor_ver ) in ssl_parse_client_hello_v2()
1214 ssl->major_ver, ssl->minor_ver, in ssl_parse_client_hello_v2()
1215 ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); in ssl_parse_client_hello_v2()
1217 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello_v2()
1222 ssl->handshake->max_major_ver = buf[3]; in ssl_parse_client_hello_v2()
1223 ssl->handshake->max_minor_ver = buf[4]; in ssl_parse_client_hello_v2()
1225 if( ( ret = vdb_mbedtls_ssl_fetch_input( ssl, 2 + n ) ) != 0 ) in ssl_parse_client_hello_v2()
1231 ssl->handshake->update_checksum( ssl, buf + 2, n ); in ssl_parse_client_hello_v2()
1233 buf = ssl->in_msg; in ssl_parse_client_hello_v2()
1234 n = ssl->in_left - 5; in ssl_parse_client_hello_v2()
1288 ssl->session_negotiate->id_len = sess_len; in ssl_parse_client_hello_v2()
1289 memset( ssl->session_negotiate->id, 0, in ssl_parse_client_hello_v2()
1290 sizeof( ssl->session_negotiate->id ) ); in ssl_parse_client_hello_v2()
1291 memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->id_len ); in ssl_parse_client_hello_v2()
1294 memset( ssl->handshake->randbytes, 0, 64 ); in ssl_parse_client_hello_v2()
1295 memcpy( ssl->handshake->randbytes + 32 - chal_len, p, chal_len ); in ssl_parse_client_hello_v2()
1306 if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) in ssl_parse_client_hello_v2()
1311 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello_v2()
1316 ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; in ssl_parse_client_hello_v2()
1330 if( ssl->minor_ver < ssl->conf->max_minor_ver ) in ssl_parse_client_hello_v2()
1334 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello_v2()
1346 ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; in ssl_parse_client_hello_v2()
1363 if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], in ssl_parse_client_hello_v2()
1386 ssl->session_negotiate->ciphersuite = ciphersuites[i]; in ssl_parse_client_hello_v2()
1387 ssl->handshake->ciphersuite_info = ciphersuite_info; in ssl_parse_client_hello_v2()
1392 if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && in ssl_parse_client_hello_v2()
1393 ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) in ssl_parse_client_hello_v2()
1396 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello_v2()
1401 ssl->in_left = 0; in ssl_parse_client_hello_v2()
1402 ssl->state++; in ssl_parse_client_hello_v2()
1413 static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) in ssl_parse_client_hello() argument
1451 if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_parse_client_hello()
1454 if( ( ret = vdb_mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 ) in ssl_parse_client_hello()
1462 buf = ssl->in_hdr; in ssl_parse_client_hello()
1466 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) in ssl_parse_client_hello()
1469 return( ssl_parse_client_hello_v2( ssl ) ); in ssl_parse_client_hello()
1472 MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, vdb_mbedtls_ssl_in_hdr_len( ssl ) ); in ssl_parse_client_hello()
1493 ( ssl->in_len[0] << 8 ) | ssl->in_len[1] ) ); in ssl_parse_client_hello()
1498 vdb_mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf + 1 ); in ssl_parse_client_hello()
1513 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM in ssl_parse_client_hello()
1515 && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE in ssl_parse_client_hello()
1520 if( ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0 ) in ssl_parse_client_hello()
1526 memcpy( ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6 ); in ssl_parse_client_hello()
1529 if( vdb_mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) in ssl_parse_client_hello()
1532 ssl->next_record_offset = 0; in ssl_parse_client_hello()
1533 ssl->in_left = 0; in ssl_parse_client_hello()
1538 vdb_mbedtls_ssl_dtls_replay_update( ssl ); in ssl_parse_client_hello()
1543 msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1]; in ssl_parse_client_hello()
1546 if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_parse_client_hello()
1549 msg_len = ssl->in_hslen; in ssl_parse_client_hello()
1560 if( ( ret = vdb_mbedtls_ssl_fetch_input( ssl, in ssl_parse_client_hello()
1561 vdb_mbedtls_ssl_in_hdr_len( ssl ) + msg_len ) ) != 0 ) in ssl_parse_client_hello()
1569 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_client_hello()
1570 ssl->next_record_offset = msg_len + vdb_mbedtls_ssl_in_hdr_len( ssl ); in ssl_parse_client_hello()
1573 ssl->in_left = 0; in ssl_parse_client_hello()
1576 buf = ssl->in_msg; in ssl_parse_client_hello()
1580 ssl->handshake->update_checksum( ssl, buf, msg_len ); in ssl_parse_client_hello()
1590 if( msg_len < vdb_mbedtls_ssl_hs_hdr_len( ssl ) ) in ssl_parse_client_hello()
1609 msg_len != vdb_mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) ) in ssl_parse_client_hello()
1616 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_client_hello()
1623 if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) in ssl_parse_client_hello()
1626 unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | in ssl_parse_client_hello()
1627 ssl->in_msg[5]; in ssl_parse_client_hello()
1629 if( cli_msg_seq != ssl->handshake->in_msg_seq ) in ssl_parse_client_hello()
1633 ssl->handshake->in_msg_seq ) ); in ssl_parse_client_hello()
1637 ssl->handshake->in_msg_seq++; in ssl_parse_client_hello()
1642 unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | in ssl_parse_client_hello()
1643 ssl->in_msg[5]; in ssl_parse_client_hello()
1644 ssl->handshake->out_msg_seq = cli_msg_seq; in ssl_parse_client_hello()
1645 ssl->handshake->in_msg_seq = cli_msg_seq + 1; in ssl_parse_client_hello()
1652 if( ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 || in ssl_parse_client_hello()
1653 memcmp( ssl->in_msg + 1, ssl->in_msg + 9, 3 ) != 0 ) in ssl_parse_client_hello()
1661 buf += vdb_mbedtls_ssl_hs_hdr_len( ssl ); in ssl_parse_client_hello()
1662 msg_len -= vdb_mbedtls_ssl_hs_hdr_len( ssl ); in ssl_parse_client_hello()
1696 vdb_mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, in ssl_parse_client_hello()
1697 ssl->conf->transport, buf ); in ssl_parse_client_hello()
1699 ssl->handshake->max_major_ver = ssl->major_ver; in ssl_parse_client_hello()
1700 ssl->handshake->max_minor_ver = ssl->minor_ver; in ssl_parse_client_hello()
1702 if( ssl->major_ver < ssl->conf->min_major_ver || in ssl_parse_client_hello()
1703 ssl->minor_ver < ssl->conf->min_minor_ver ) in ssl_parse_client_hello()
1707 ssl->major_ver, ssl->minor_ver, in ssl_parse_client_hello()
1708 ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); in ssl_parse_client_hello()
1709 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1714 if( ssl->major_ver > ssl->conf->max_major_ver ) in ssl_parse_client_hello()
1716 ssl->major_ver = ssl->conf->max_major_ver; in ssl_parse_client_hello()
1717 ssl->minor_ver = ssl->conf->max_minor_ver; in ssl_parse_client_hello()
1719 else if( ssl->minor_ver > ssl->conf->max_minor_ver ) in ssl_parse_client_hello()
1720 ssl->minor_ver = ssl->conf->max_minor_ver; in ssl_parse_client_hello()
1727 memcpy( ssl->handshake->randbytes, buf + 2, 32 ); in ssl_parse_client_hello()
1734 if( sess_len > sizeof( ssl->session_negotiate->id ) || in ssl_parse_client_hello()
1738 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1745 ssl->session_negotiate->id_len = sess_len; in ssl_parse_client_hello()
1746 memset( ssl->session_negotiate->id, 0, in ssl_parse_client_hello()
1747 sizeof( ssl->session_negotiate->id ) ); in ssl_parse_client_hello()
1748 memcpy( ssl->session_negotiate->id, buf + 35, in ssl_parse_client_hello()
1749 ssl->session_negotiate->id_len ); in ssl_parse_client_hello()
1755 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_client_hello()
1763 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1772 if( ssl->conf->f_cookie_check != NULL in ssl_parse_client_hello()
1774 && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE in ssl_parse_client_hello()
1778 if( ssl->conf->f_cookie_check( ssl->conf->p_cookie, in ssl_parse_client_hello()
1780 ssl->cli_id, ssl->cli_id_len ) != 0 ) in ssl_parse_client_hello()
1783 ssl->handshake->verify_cookie_len = 1; in ssl_parse_client_hello()
1788 ssl->handshake->verify_cookie_len = 0; in ssl_parse_client_hello()
1822 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1842 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1850 ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; in ssl_parse_client_hello()
1856 ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE; in ssl_parse_client_hello()
1864 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_client_hello()
1865 ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; in ssl_parse_client_hello()
1870 if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) in ssl_parse_client_hello()
1882 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1894 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1911 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1921 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1930 if( ssl->conf->f_sni == NULL ) in ssl_parse_client_hello()
1933 ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1945 ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1955 ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1969 ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1976 ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT; in ssl_parse_client_hello()
1978 ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1989 ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1999 ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
2009 ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
2019 ret = ssl_parse_cid_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
2029 ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
2039 ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
2049 ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
2059 ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
2069 ret = ssl_parse_use_srtp_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
2086 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
2103 if( ssl->minor_ver < ssl->conf->max_minor_ver ) in ssl_parse_client_hello()
2107 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
2129 if( vdb_mbedtls_ssl_check_sig_hash( ssl, md_default ) != 0 ) in ssl_parse_client_hello()
2132 vdb_mbedtls_ssl_sig_hash_set_const_hash( &ssl->handshake->hash_algs, md_default ); in ssl_parse_client_hello()
2147 if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) in ssl_parse_client_hello()
2151 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
2156 ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; in ssl_parse_client_hello()
2164 if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION && in ssl_parse_client_hello()
2165 ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) in ssl_parse_client_hello()
2171 else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && in ssl_parse_client_hello()
2172 ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && in ssl_parse_client_hello()
2178 else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && in ssl_parse_client_hello()
2179 ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && in ssl_parse_client_hello()
2180 ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) in ssl_parse_client_hello()
2185 else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && in ssl_parse_client_hello()
2186 ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && in ssl_parse_client_hello()
2196 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
2207 ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; in ssl_parse_client_hello()
2223 if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], in ssl_parse_client_hello()
2235 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
2242 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
2250 ssl->session_negotiate->ciphersuite = ciphersuites[i]; in ssl_parse_client_hello()
2251 ssl->handshake->ciphersuite_info = ciphersuite_info; in ssl_parse_client_hello()
2253 ssl->state++; in ssl_parse_client_hello()
2256 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_client_hello()
2257 vdb_mbedtls_ssl_recv_flight_completed( ssl ); in ssl_parse_client_hello()
2264 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_parse_client_hello()
2269 … mbedtls_md_type_t md_alg = vdb_mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, in ssl_parse_client_hello()
2288 static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, in ssl_write_truncated_hmac_ext() argument
2294 if( ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) in ssl_write_truncated_hmac_ext()
2313 static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, in ssl_write_cid_ext() argument
2319 const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; in ssl_write_cid_ext()
2325 if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_DISABLED ) in ssl_write_cid_ext()
2330 if( end < p || (size_t)( end - p ) < (unsigned)( ssl->own_cid_len + 5 ) ) in ssl_write_cid_ext()
2349 ext_len = (size_t) ssl->own_cid_len + 1; in ssl_write_cid_ext()
2353 *p++ = (uint8_t) ssl->own_cid_len; in ssl_write_cid_ext()
2354 memcpy( p, ssl->own_cid, ssl->own_cid_len ); in ssl_write_cid_ext()
2356 *olen = ssl->own_cid_len + 5; in ssl_write_cid_ext()
2361 static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, in ssl_write_encrypt_then_mac_ext() argument
2369 if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || in ssl_write_encrypt_then_mac_ext()
2370 ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) in ssl_write_encrypt_then_mac_ext()
2383 ssl->session_negotiate->ciphersuite ) ) == NULL || in ssl_write_encrypt_then_mac_ext()
2404 static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, in ssl_write_extended_ms_ext() argument
2410 if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || in ssl_write_extended_ms_ext()
2411 ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) in ssl_write_extended_ms_ext()
2431 static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, in ssl_write_session_ticket_ext() argument
2437 if( ssl->handshake->new_session_ticket == 0 ) in ssl_write_session_ticket_ext()
2455 static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, in ssl_write_renegotiation_ext() argument
2461 if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION ) in ssl_write_renegotiation_ext()
2473 if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_write_renegotiation_ext()
2476 *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF; in ssl_write_renegotiation_ext()
2477 *p++ = ssl->verify_data_len * 2 & 0xFF; in ssl_write_renegotiation_ext()
2479 memcpy( p, ssl->peer_verify_data, ssl->verify_data_len ); in ssl_write_renegotiation_ext()
2480 p += ssl->verify_data_len; in ssl_write_renegotiation_ext()
2481 memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); in ssl_write_renegotiation_ext()
2482 p += ssl->verify_data_len; in ssl_write_renegotiation_ext()
2496 static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, in ssl_write_max_fragment_length_ext() argument
2502 if( ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) in ssl_write_max_fragment_length_ext()
2516 *p++ = ssl->session_negotiate->mfl_code; in ssl_write_max_fragment_length_ext()
2524 static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, in ssl_write_supported_point_formats_ext() argument
2529 ((void) ssl); in ssl_write_supported_point_formats_ext()
2531 if( ( ssl->handshake->cli_exts & in ssl_write_supported_point_formats_ext()
2554 static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, in ssl_write_ecjpake_kkpp_ext() argument
2560 const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; in ssl_write_ecjpake_kkpp_ext()
2566 if( ssl->handshake->ciphersuite_info->key_exchange != in ssl_write_ecjpake_kkpp_ext()
2581 ret = vdb_mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, in ssl_write_ecjpake_kkpp_ext()
2583 ssl->conf->f_rng, ssl->conf->p_rng ); in ssl_write_ecjpake_kkpp_ext()
2598 static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, in ssl_write_alpn_ext() argument
2601 if( ssl->alpn_chosen == NULL ) in ssl_write_alpn_ext()
2619 *olen = 7 + strlen( ssl->alpn_chosen ); in ssl_write_alpn_ext()
2629 memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); in ssl_write_alpn_ext()
2634 static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, in ssl_write_use_srtp_ext() argument
2640 const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; in ssl_write_use_srtp_ext()
2644 if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) || in ssl_write_use_srtp_ext()
2645 ( ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) ) in ssl_write_use_srtp_ext()
2652 if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED ) in ssl_write_use_srtp_ext()
2654 mki_len = ssl->dtls_srtp_info.mki_len; in ssl_write_use_srtp_ext()
2686 ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); in ssl_write_use_srtp_ext()
2699 memcpy( &buf[9], ssl->dtls_srtp_info.mki_value, mki_len ); in ssl_write_use_srtp_ext()
2706 static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) in ssl_write_hello_verify_request() argument
2709 unsigned char *p = ssl->out_msg + 4; in ssl_write_hello_verify_request()
2723 vdb_mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, in ssl_write_hello_verify_request()
2724 ssl->conf->transport, p ); in ssl_write_hello_verify_request()
2729 if( ssl->conf->f_cookie_write == NULL ) in ssl_write_hello_verify_request()
2738 if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie, in ssl_write_hello_verify_request()
2739 &p, ssl->out_buf + MBEDTLS_SSL_OUT_BUFFER_LEN, in ssl_write_hello_verify_request()
2740 ssl->cli_id, ssl->cli_id_len ) ) != 0 ) in ssl_write_hello_verify_request()
2750 ssl->out_msglen = p - ssl->out_msg; in ssl_write_hello_verify_request()
2751 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_hello_verify_request()
2752 ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST; in ssl_write_hello_verify_request()
2754 ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT; in ssl_write_hello_verify_request()
2756 if( ( ret = vdb_mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) in ssl_write_hello_verify_request()
2763 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_write_hello_verify_request()
2764 ( ret = vdb_mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) in ssl_write_hello_verify_request()
2777 static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) in ssl_write_server_hello() argument
2789 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_write_server_hello()
2790 ssl->handshake->verify_cookie_len != 0 ) in ssl_write_server_hello()
2795 return( ssl_write_hello_verify_request( ssl ) ); in ssl_write_server_hello()
2799 if( ssl->conf->f_rng == NULL ) in ssl_write_server_hello()
2812 buf = ssl->out_msg; in ssl_write_server_hello()
2815 vdb_mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, in ssl_write_server_hello()
2816 ssl->conf->transport, p ); in ssl_write_server_hello()
2831 if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) in ssl_write_server_hello()
2837 if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) in ssl_write_server_hello()
2842 memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); in ssl_write_server_hello()
2851 if( ssl->handshake->resume == 0 && in ssl_write_server_hello()
2853 ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE && in ssl_write_server_hello()
2855 ssl->session_negotiate->id_len != 0 && in ssl_write_server_hello()
2856 ssl->conf->f_get_cache != NULL && in ssl_write_server_hello()
2857 ssl->conf->f_get_cache( ssl->conf->p_cache, ssl->session_negotiate ) == 0 ) in ssl_write_server_hello()
2860 ssl->handshake->resume = 1; in ssl_write_server_hello()
2863 if( ssl->handshake->resume == 0 ) in ssl_write_server_hello()
2869 ssl->state++; in ssl_write_server_hello()
2872 ssl->session_negotiate->start = mbedtls_time( NULL ); in ssl_write_server_hello()
2876 if( ssl->handshake->new_session_ticket != 0 ) in ssl_write_server_hello()
2878 ssl->session_negotiate->id_len = n = 0; in ssl_write_server_hello()
2879 memset( ssl->session_negotiate->id, 0, 32 ); in ssl_write_server_hello()
2884 ssl->session_negotiate->id_len = n = 32; in ssl_write_server_hello()
2885 if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, in ssl_write_server_hello()
2895 n = ssl->session_negotiate->id_len; in ssl_write_server_hello()
2896 ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; in ssl_write_server_hello()
2898 if( ( ret = vdb_mbedtls_ssl_derive_keys( ssl ) ) != 0 ) in ssl_write_server_hello()
2913 *p++ = (unsigned char) ssl->session_negotiate->id_len; in ssl_write_server_hello()
2914 memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); in ssl_write_server_hello()
2915 p += ssl->session_negotiate->id_len; in ssl_write_server_hello()
2920 ssl->handshake->resume ? "a" : "no" ) ); in ssl_write_server_hello()
2922 *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); in ssl_write_server_hello()
2923 *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); in ssl_write_server_hello()
2924 *p++ = (unsigned char)( ssl->session_negotiate->compression ); in ssl_write_server_hello()
2927 vdb_mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); in ssl_write_server_hello()
2929 ssl->session_negotiate->compression ) ); in ssl_write_server_hello()
2933 if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) in ssl_write_server_hello()
2940 ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2944 ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2949 ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2954 ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2959 ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2964 ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2969 ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2976 vdb_mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ) ) ) in ssl_write_server_hello()
2978 ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2984 ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2989 ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2994 ssl_write_use_srtp_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
3011 ssl->out_msglen = p - buf; in ssl_write_server_hello()
3012 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_server_hello()
3013 ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; in ssl_write_server_hello()
3015 ret = vdb_mbedtls_ssl_write_handshake_msg( ssl ); in ssl_write_server_hello()
3023 static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) in ssl_write_certificate_request() argument
3026 ssl->handshake->ciphersuite_info; in ssl_write_certificate_request()
3033 ssl->state++; in ssl_write_certificate_request()
3041 static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) in ssl_write_certificate_request() argument
3045 ssl->handshake->ciphersuite_info; in ssl_write_certificate_request()
3049 const unsigned char * const end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; in ssl_write_certificate_request()
3055 ssl->state++; in ssl_write_certificate_request()
3058 if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) in ssl_write_certificate_request()
3059 authmode = ssl->handshake->sni_authmode; in ssl_write_certificate_request()
3062 authmode = ssl->conf->authmode; in ssl_write_certificate_request()
3083 buf = ssl->out_msg; in ssl_write_certificate_request()
3119 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_write_certificate_request()
3126 for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) in ssl_write_certificate_request()
3130 if( MBEDTLS_SSL_HASH_NONE == hash || vdb_mbedtls_ssl_set_calc_verify_md( ssl, hash ) ) in ssl_write_certificate_request()
3158 if( ssl->conf->cert_req_ca_list == MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED ) in ssl_write_certificate_request()
3166 if( ssl->handshake->sni_ca_chain != NULL ) in ssl_write_certificate_request()
3167 crt = ssl->handshake->sni_ca_chain; in ssl_write_certificate_request()
3170 crt = ssl->conf->ca_chain; in ssl_write_certificate_request()
3196 ssl->out_msglen = p - buf; in ssl_write_certificate_request()
3197 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_certificate_request()
3198 ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; in ssl_write_certificate_request()
3199 ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 ); in ssl_write_certificate_request()
3200 ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size ); in ssl_write_certificate_request()
3202 ret = vdb_mbedtls_ssl_write_handshake_msg( ssl ); in ssl_write_certificate_request()
3212 static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) in ssl_get_ecdh_params_from_cert() argument
3216 if( ! vdb_mbedtls_pk_can_do( vdb_mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECKEY ) ) in ssl_get_ecdh_params_from_cert()
3222 if( ( ret = vdb_mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, in ssl_get_ecdh_params_from_cert()
3223 vdb_mbedtls_pk_ec( *vdb_mbedtls_ssl_own_key( ssl ) ), in ssl_get_ecdh_params_from_cert()
3237 static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, in ssl_resume_server_key_exchange() argument
3245 unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2; in ssl_resume_server_key_exchange()
3246 size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_OUT_CONTENT_LEN in ssl_resume_server_key_exchange()
3248 int ret = ssl->conf->f_async_resume( ssl, in ssl_resume_server_key_exchange()
3252 ssl->handshake->async_in_progress = 0; in ssl_resume_server_key_exchange()
3253 vdb_mbedtls_ssl_set_async_operation_data( ssl, NULL ); in ssl_resume_server_key_exchange()
3264 static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, in ssl_prepare_server_key_exchange() argument
3268 ssl->handshake->ciphersuite_info; in ssl_prepare_server_key_exchange()
3281 ssl->out_msglen = 4; /* header (type:1, length:3) to be written later */ in ssl_prepare_server_key_exchange()
3299 &ssl->handshake->ecjpake_ctx, in ssl_prepare_server_key_exchange()
3300 ssl->out_msg + ssl->out_msglen, in ssl_prepare_server_key_exchange()
3301 MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, &len, in ssl_prepare_server_key_exchange()
3302 ssl->conf->f_rng, ssl->conf->p_rng ); in ssl_prepare_server_key_exchange()
3309 ssl->out_msglen += len; in ssl_prepare_server_key_exchange()
3323 ssl->out_msg[ssl->out_msglen++] = 0x00; in ssl_prepare_server_key_exchange()
3324 ssl->out_msg[ssl->out_msglen++] = 0x00; in ssl_prepare_server_key_exchange()
3338 if( ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL ) in ssl_prepare_server_key_exchange()
3353 if( ( ret = vdb_mbedtls_dhm_set_group( &ssl->handshake->dhm_ctx, in ssl_prepare_server_key_exchange()
3354 &ssl->conf->dhm_P, in ssl_prepare_server_key_exchange()
3355 &ssl->conf->dhm_G ) ) != 0 ) in ssl_prepare_server_key_exchange()
3362 &ssl->handshake->dhm_ctx, in ssl_prepare_server_key_exchange()
3363 (int) vdb_mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), in ssl_prepare_server_key_exchange()
3364 ssl->out_msg + ssl->out_msglen, &len, in ssl_prepare_server_key_exchange()
3365 ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) in ssl_prepare_server_key_exchange()
3372 dig_signed = ssl->out_msg + ssl->out_msglen; in ssl_prepare_server_key_exchange()
3375 ssl->out_msglen += len; in ssl_prepare_server_key_exchange()
3377 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); in ssl_prepare_server_key_exchange()
3378 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); in ssl_prepare_server_key_exchange()
3379 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); in ssl_prepare_server_key_exchange()
3380 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); in ssl_prepare_server_key_exchange()
3404 for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) in ssl_prepare_server_key_exchange()
3405 for( curve = ssl->handshake->curves; *curve != NULL; curve++ ) in ssl_prepare_server_key_exchange()
3418 if( ( ret = vdb_mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx, in ssl_prepare_server_key_exchange()
3426 &ssl->handshake->ecdh_ctx, &len, in ssl_prepare_server_key_exchange()
3427 ssl->out_msg + ssl->out_msglen, in ssl_prepare_server_key_exchange()
3428 MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, in ssl_prepare_server_key_exchange()
3429 ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) in ssl_prepare_server_key_exchange()
3436 dig_signed = ssl->out_msg + ssl->out_msglen; in ssl_prepare_server_key_exchange()
3439 ssl->out_msglen += len; in ssl_prepare_server_key_exchange()
3441 MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, in ssl_prepare_server_key_exchange()
3455 size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed; in ssl_prepare_server_key_exchange()
3474 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_prepare_server_key_exchange()
3479 ( md_alg = vdb_mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, in ssl_prepare_server_key_exchange()
3515 ret = vdb_mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, in ssl_prepare_server_key_exchange()
3528 ret = vdb_mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, in ssl_prepare_server_key_exchange()
3549 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_prepare_server_key_exchange()
3567 ssl->out_msg[ssl->out_msglen++] = in ssl_prepare_server_key_exchange()
3569 ssl->out_msg[ssl->out_msglen++] = in ssl_prepare_server_key_exchange()
3575 if( ssl->conf->f_async_sign_start != NULL ) in ssl_prepare_server_key_exchange()
3577 ret = ssl->conf->f_async_sign_start( ssl, in ssl_prepare_server_key_exchange()
3578 vdb_mbedtls_ssl_own_cert( ssl ), in ssl_prepare_server_key_exchange()
3586 ssl->handshake->async_in_progress = 1; in ssl_prepare_server_key_exchange()
3587 return( ssl_resume_server_key_exchange( ssl, signature_len ) ); in ssl_prepare_server_key_exchange()
3589 ssl->handshake->async_in_progress = 1; in ssl_prepare_server_key_exchange()
3598 if( vdb_mbedtls_ssl_own_key( ssl ) == NULL ) in ssl_prepare_server_key_exchange()
3609 if( ( ret = vdb_mbedtls_pk_sign( vdb_mbedtls_ssl_own_key( ssl ), in ssl_prepare_server_key_exchange()
3611 ssl->out_msg + ssl->out_msglen + 2, in ssl_prepare_server_key_exchange()
3613 ssl->conf->f_rng, in ssl_prepare_server_key_exchange()
3614 ssl->conf->p_rng ) ) != 0 ) in ssl_prepare_server_key_exchange()
3629 static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) in ssl_write_server_key_exchange() argument
3635 ssl->handshake->ciphersuite_info; in ssl_write_server_key_exchange()
3650 ssl_get_ecdh_params_from_cert( ssl ); in ssl_write_server_key_exchange()
3657 ssl->state++; in ssl_write_server_key_exchange()
3666 if( ssl->handshake->async_in_progress != 0 ) in ssl_write_server_key_exchange()
3669 ret = ssl_resume_server_key_exchange( ssl, &signature_len ); in ssl_write_server_key_exchange()
3676 ret = ssl_prepare_server_key_exchange( ssl, &signature_len ); in ssl_write_server_key_exchange()
3688 ssl->out_msglen = 0; in ssl_write_server_key_exchange()
3698 ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len >> 8 ); in ssl_write_server_key_exchange()
3699 ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len ); in ssl_write_server_key_exchange()
3702 ssl->out_msg + ssl->out_msglen, in ssl_write_server_key_exchange()
3706 ssl->out_msglen += signature_len; in ssl_write_server_key_exchange()
3711 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_server_key_exchange()
3712 ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE; in ssl_write_server_key_exchange()
3714 ssl->state++; in ssl_write_server_key_exchange()
3716 if( ( ret = vdb_mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) in ssl_write_server_key_exchange()
3726 static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) in ssl_write_server_hello_done() argument
3732 ssl->out_msglen = 4; in ssl_write_server_hello_done()
3733 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_server_hello_done()
3734 ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO_DONE; in ssl_write_server_hello_done()
3736 ssl->state++; in ssl_write_server_hello_done()
3739 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_write_server_hello_done()
3740 vdb_mbedtls_ssl_send_flight_completed( ssl ); in ssl_write_server_hello_done()
3743 if( ( ret = vdb_mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) in ssl_write_server_hello_done()
3750 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_write_server_hello_done()
3751 ( ret = vdb_mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) in ssl_write_server_hello_done()
3765 static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p, in ssl_parse_client_dh_public() argument
3789 if( ( ret = vdb_mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) in ssl_parse_client_dh_public()
3797 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); in ssl_parse_client_dh_public()
3808 static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl, in ssl_resume_decrypt_pms() argument
3813 int ret = ssl->conf->f_async_resume( ssl, in ssl_resume_decrypt_pms()
3817 ssl->handshake->async_in_progress = 0; in ssl_resume_decrypt_pms()
3818 vdb_mbedtls_ssl_set_async_operation_data( ssl, NULL ); in ssl_resume_decrypt_pms()
3825 static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, in ssl_decrypt_encrypted_pms() argument
3833 mbedtls_pk_context *private_key = vdb_mbedtls_ssl_own_key( ssl ); in ssl_decrypt_encrypted_pms()
3834 mbedtls_pk_context *public_key = &vdb_mbedtls_ssl_own_cert( ssl )->pk; in ssl_decrypt_encrypted_pms()
3840 if( ssl->handshake->async_in_progress != 0 ) in ssl_decrypt_encrypted_pms()
3843 return( ssl_resume_decrypt_pms( ssl, in ssl_decrypt_encrypted_pms()
3853 if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) in ssl_decrypt_encrypted_pms()
3878 if( ssl->conf->f_async_decrypt_start != NULL ) in ssl_decrypt_encrypted_pms()
3880 ret = ssl->conf->f_async_decrypt_start( ssl, in ssl_decrypt_encrypted_pms()
3881 vdb_mbedtls_ssl_own_cert( ssl ), in ssl_decrypt_encrypted_pms()
3889 ssl->handshake->async_in_progress = 1; in ssl_decrypt_encrypted_pms()
3890 return( ssl_resume_decrypt_pms( ssl, in ssl_decrypt_encrypted_pms()
3895 ssl->handshake->async_in_progress = 1; in ssl_decrypt_encrypted_pms()
3912 ssl->conf->f_rng, ssl->conf->p_rng ); in ssl_decrypt_encrypted_pms()
3916 static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, in ssl_parse_encrypted_pms() argument
3922 unsigned char *pms = ssl->handshake->premaster + pms_offset; in ssl_parse_encrypted_pms()
3939 ret = ssl_decrypt_encrypted_pms( ssl, p, end, in ssl_parse_encrypted_pms()
3949 vdb_mbedtls_ssl_write_version( ssl->handshake->max_major_ver, in ssl_parse_encrypted_pms()
3950 ssl->handshake->max_minor_ver, in ssl_parse_encrypted_pms()
3951 ssl->conf->transport, ver ); in ssl_parse_encrypted_pms()
3982 ret = ssl->conf->f_rng( ssl->conf->p_rng, fake_pms, sizeof( fake_pms ) ); in ssl_parse_encrypted_pms()
3995 if( sizeof( ssl->handshake->premaster ) < pms_offset || in ssl_parse_encrypted_pms()
3996 sizeof( ssl->handshake->premaster ) - pms_offset < 48 ) in ssl_parse_encrypted_pms()
4001 ssl->handshake->pmslen = 48; in ssl_parse_encrypted_pms()
4005 for( i = 0; i < ssl->handshake->pmslen; i++ ) in ssl_parse_encrypted_pms()
4014 static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned char **p, in ssl_parse_client_psk_identity() argument
4020 if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) in ssl_parse_client_psk_identity()
4044 if( ssl->conf->f_psk != NULL ) in ssl_parse_client_psk_identity()
4046 if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 ) in ssl_parse_client_psk_identity()
4053 if( n != ssl->conf->psk_identity_len || in ssl_parse_client_psk_identity()
4054 vdb_mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 ) in ssl_parse_client_psk_identity()
4063 vdb_mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_psk_identity()
4074 static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) in ssl_parse_client_key_exchange() argument
4080 ciphersuite_info = ssl->handshake->ciphersuite_info; in ssl_parse_client_key_exchange()
4089 ( ssl->handshake->async_in_progress != 0 ) ) in ssl_parse_client_key_exchange()
4098 if( ( ret = vdb_mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) in ssl_parse_client_key_exchange()
4104 p = ssl->in_msg + vdb_mbedtls_ssl_hs_hdr_len( ssl ); in ssl_parse_client_key_exchange()
4105 end = ssl->in_msg + ssl->in_hslen; in ssl_parse_client_key_exchange()
4107 if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) in ssl_parse_client_key_exchange()
4113 if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE ) in ssl_parse_client_key_exchange()
4122 if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
4134 if( ( ret = vdb_mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, in ssl_parse_client_key_exchange()
4135 ssl->handshake->premaster, in ssl_parse_client_key_exchange()
4137 &ssl->handshake->pmslen, in ssl_parse_client_key_exchange()
4138 ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) in ssl_parse_client_key_exchange()
4144 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); in ssl_parse_client_key_exchange()
4157 if( ( ret = vdb_mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
4164 MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
4167 if( ( ret = vdb_mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
4168 &ssl->handshake->pmslen, in ssl_parse_client_key_exchange()
4169 ssl->handshake->premaster, in ssl_parse_client_key_exchange()
4171 ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) in ssl_parse_client_key_exchange()
4177 MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
4188 if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
4203 if( ssl_use_opaque_psk( ssl ) == 1 ) in ssl_parse_client_key_exchange()
4207 if( ( ret = vdb_mbedtls_ssl_psk_derive_premaster( ssl, in ssl_parse_client_key_exchange()
4220 if ( ssl->handshake->async_in_progress != 0 ) in ssl_parse_client_key_exchange()
4228 p += ssl->conf->psk_identity_len + 2; in ssl_parse_client_key_exchange()
4232 if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
4240 if( ssl_use_opaque_psk( ssl ) == 1 ) in ssl_parse_client_key_exchange()
4244 if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 ) in ssl_parse_client_key_exchange()
4250 if( ( ret = vdb_mbedtls_ssl_psk_derive_premaster( ssl, in ssl_parse_client_key_exchange()
4262 if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
4267 if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
4275 if( ssl_use_opaque_psk( ssl ) == 1 ) in ssl_parse_client_key_exchange()
4285 if( ( ret = vdb_mbedtls_ssl_psk_derive_premaster( ssl, in ssl_parse_client_key_exchange()
4297 if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
4303 if( ( ret = vdb_mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
4312 if( ssl_use_opaque_psk( ssl ) == 1 ) in ssl_parse_client_key_exchange()
4316 MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
4319 if( ( ret = vdb_mbedtls_ssl_psk_derive_premaster( ssl, in ssl_parse_client_key_exchange()
4331 if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 0 ) ) != 0 ) in ssl_parse_client_key_exchange()
4342 ret = vdb_mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, in ssl_parse_client_key_exchange()
4350 ret = vdb_mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, in ssl_parse_client_key_exchange()
4351 ssl->handshake->premaster, 32, &ssl->handshake->pmslen, in ssl_parse_client_key_exchange()
4352 ssl->conf->f_rng, ssl->conf->p_rng ); in ssl_parse_client_key_exchange()
4366 if( ( ret = vdb_mbedtls_ssl_derive_keys( ssl ) ) != 0 ) in ssl_parse_client_key_exchange()
4372 ssl->state++; in ssl_parse_client_key_exchange()
4380 static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) in ssl_parse_certificate_verify() argument
4383 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_verify()
4390 ssl->state++; in ssl_parse_certificate_verify()
4398 static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) in ssl_parse_certificate_verify() argument
4410 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_verify()
4418 ssl->state++; in ssl_parse_certificate_verify()
4423 if( ssl->session_negotiate->peer_cert == NULL ) in ssl_parse_certificate_verify()
4426 ssl->state++; in ssl_parse_certificate_verify()
4430 if( ssl->session_negotiate->peer_cert_digest == NULL ) in ssl_parse_certificate_verify()
4433 ssl->state++; in ssl_parse_certificate_verify()
4439 ret = vdb_mbedtls_ssl_read_record( ssl, 0 /* no checksum update */ ); in ssl_parse_certificate_verify()
4446 ssl->state++; in ssl_parse_certificate_verify()
4449 if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || in ssl_parse_certificate_verify()
4450 ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY ) in ssl_parse_certificate_verify()
4456 i = vdb_mbedtls_ssl_hs_hdr_len( ssl ); in ssl_parse_certificate_verify()
4459 peer_pk = &ssl->handshake->peer_pubkey; in ssl_parse_certificate_verify()
4461 if( ssl->session_negotiate->peer_cert == NULL ) in ssl_parse_certificate_verify()
4466 peer_pk = &ssl->session_negotiate->peer_cert->pk; in ssl_parse_certificate_verify()
4477 if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_parse_certificate_verify()
4494 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_parse_certificate_verify()
4496 if( i + 2 > ssl->in_hslen ) in ssl_parse_certificate_verify()
4505 md_alg = vdb_mbedtls_ssl_md_alg_from_hash( ssl->in_msg[i] ); in ssl_parse_certificate_verify()
4507 if( md_alg == MBEDTLS_MD_NONE || vdb_mbedtls_ssl_set_calc_verify_md( ssl, ssl->in_msg[i] ) ) in ssl_parse_certificate_verify()
4527 if( ( pk_alg = vdb_mbedtls_ssl_pk_alg_from_sig( ssl->in_msg[i] ) ) in ssl_parse_certificate_verify()
4553 if( i + 2 > ssl->in_hslen ) in ssl_parse_certificate_verify()
4559 sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1]; in ssl_parse_certificate_verify()
4562 if( i + sig_len != ssl->in_hslen ) in ssl_parse_certificate_verify()
4571 ssl->handshake->calc_verify( ssl, hash, &dummy_hlen ); in ssl_parse_certificate_verify()
4576 ssl->in_msg + i, sig_len ) ) != 0 ) in ssl_parse_certificate_verify()
4582 vdb_mbedtls_ssl_update_handshake_status( ssl ); in ssl_parse_certificate_verify()
4591 static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) in ssl_write_new_session_ticket() argument
4599 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_new_session_ticket()
4600 ssl->out_msg[0] = MBEDTLS_SSL_HS_NEW_SESSION_TICKET; in ssl_write_new_session_ticket()
4613 if( ( ret = ssl->conf->f_ticket_write( ssl->conf->p_ticket, in ssl_write_new_session_ticket()
4614 ssl->session_negotiate, in ssl_write_new_session_ticket()
4615 ssl->out_msg + 10, in ssl_write_new_session_ticket()
4616 ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN, in ssl_write_new_session_ticket()
4623 ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF; in ssl_write_new_session_ticket()
4624 ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF; in ssl_write_new_session_ticket()
4625 ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF; in ssl_write_new_session_ticket()
4626 ssl->out_msg[7] = ( lifetime ) & 0xFF; in ssl_write_new_session_ticket()
4628 ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); in ssl_write_new_session_ticket()
4629 ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF ); in ssl_write_new_session_ticket()
4631 ssl->out_msglen = 10 + tlen; in ssl_write_new_session_ticket()
4637 ssl->handshake->new_session_ticket = 0; in ssl_write_new_session_ticket()
4639 if( ( ret = vdb_mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) in ssl_write_new_session_ticket()
4654 int vdb_mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) in vdb_mbedtls_ssl_handshake_server_step() argument
4658 if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) in vdb_mbedtls_ssl_handshake_server_step()
4661 MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); in vdb_mbedtls_ssl_handshake_server_step()
4663 if( ( ret = vdb_mbedtls_ssl_flush_output( ssl ) ) != 0 ) in vdb_mbedtls_ssl_handshake_server_step()
4667 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in vdb_mbedtls_ssl_handshake_server_step()
4668 ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) in vdb_mbedtls_ssl_handshake_server_step()
4670 if( ( ret = vdb_mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) in vdb_mbedtls_ssl_handshake_server_step()
4675 switch( ssl->state ) in vdb_mbedtls_ssl_handshake_server_step()
4678 ssl->state = MBEDTLS_SSL_CLIENT_HELLO; in vdb_mbedtls_ssl_handshake_server_step()
4685 ret = ssl_parse_client_hello( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4701 ret = ssl_write_server_hello( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4705 ret = vdb_mbedtls_ssl_write_certificate( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4709 ret = ssl_write_server_key_exchange( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4713 ret = ssl_write_certificate_request( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4717 ret = ssl_write_server_hello_done( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4728 ret = vdb_mbedtls_ssl_parse_certificate( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4732 ret = ssl_parse_client_key_exchange( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4736 ret = ssl_parse_certificate_verify( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4740 ret = vdb_mbedtls_ssl_parse_change_cipher_spec( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4744 ret = vdb_mbedtls_ssl_parse_finished( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4754 if( ssl->handshake->new_session_ticket != 0 ) in vdb_mbedtls_ssl_handshake_server_step()
4755 ret = ssl_write_new_session_ticket( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4758 ret = vdb_mbedtls_ssl_write_change_cipher_spec( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4762 ret = vdb_mbedtls_ssl_write_finished( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4767 ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; in vdb_mbedtls_ssl_handshake_server_step()
4771 vdb_mbedtls_ssl_handshake_wrapup( ssl ); in vdb_mbedtls_ssl_handshake_server_step()
4775 MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); in vdb_mbedtls_ssl_handshake_server_step()