Lines Matching refs:ssl
56 int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, in mbedtls_ssl_set_client_transport_id() argument
60 if( ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER ) in mbedtls_ssl_set_client_transport_id()
63 mbedtls_free( ssl->cli_id ); in mbedtls_ssl_set_client_transport_id()
65 if( ( ssl->cli_id = mbedtls_calloc( 1, ilen ) ) == NULL ) in mbedtls_ssl_set_client_transport_id()
68 memcpy( ssl->cli_id, info, ilen ); in mbedtls_ssl_set_client_transport_id()
69 ssl->cli_id_len = ilen; in mbedtls_ssl_set_client_transport_id()
86 static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, in ssl_parse_servername_ext() argument
99 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_servername_ext()
107 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_servername_ext()
119 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_servername_ext()
126 ret = ssl->conf->f_sni( ssl->conf->p_sni, in ssl_parse_servername_ext()
127 ssl, p + 3, hostname_len ); in ssl_parse_servername_ext()
131 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_servername_ext()
145 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_servername_ext()
154 static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, in ssl_parse_renegotiation_info() argument
159 if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_parse_renegotiation_info()
162 if( len != 1 + ssl->verify_data_len || in ssl_parse_renegotiation_info()
163 buf[0] != ssl->verify_data_len || in ssl_parse_renegotiation_info()
164 mbedtls_ssl_safer_memcmp( buf + 1, ssl->peer_verify_data, in ssl_parse_renegotiation_info()
165 ssl->verify_data_len ) != 0 ) in ssl_parse_renegotiation_info()
168 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_renegotiation_info()
179 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_renegotiation_info()
184 ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; in ssl_parse_renegotiation_info()
205 static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, in ssl_parse_signature_algorithms_ext() argument
219 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_signature_algorithms_ext()
228 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_signature_algorithms_ext()
262 if( mbedtls_ssl_check_sig_hash( ssl, md_cur ) == 0 ) in ssl_parse_signature_algorithms_ext()
264 mbedtls_ssl_sig_hash_set_add( &ssl->handshake->hash_algs, sig_cur, md_cur ); in ssl_parse_signature_algorithms_ext()
283 static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, in ssl_parse_supported_elliptic_curves() argument
293 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_elliptic_curves()
302 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_elliptic_curves()
308 if( ssl->handshake->curves != NULL ) in ssl_parse_supported_elliptic_curves()
311 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_elliptic_curves()
324 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_elliptic_curves()
329 ssl->handshake->curves = curves; in ssl_parse_supported_elliptic_curves()
349 static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, in ssl_parse_supported_point_formats() argument
359 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_point_formats()
372 ssl->handshake->ecdh_ctx.point_format = p[0]; in ssl_parse_supported_point_formats()
375 ssl->handshake->ecjpake_ctx.point_format = p[0]; in ssl_parse_supported_point_formats()
391 static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, in ssl_parse_ecjpake_kkpp() argument
397 if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) in ssl_parse_ecjpake_kkpp()
403 if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx, in ssl_parse_ecjpake_kkpp()
407 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_ecjpake_kkpp()
413 ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK; in ssl_parse_ecjpake_kkpp()
420 static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, in ssl_parse_max_fragment_length_ext() argument
427 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_max_fragment_length_ext()
432 ssl->session_negotiate->mfl_code = buf[0]; in ssl_parse_max_fragment_length_ext()
439 static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, in ssl_parse_truncated_hmac_ext() argument
446 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_truncated_hmac_ext()
453 if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) in ssl_parse_truncated_hmac_ext()
454 ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; in ssl_parse_truncated_hmac_ext()
461 static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, in ssl_parse_encrypt_then_mac_ext() argument
468 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_encrypt_then_mac_ext()
475 if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED && in ssl_parse_encrypt_then_mac_ext()
476 ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) in ssl_parse_encrypt_then_mac_ext()
478 ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; in ssl_parse_encrypt_then_mac_ext()
486 static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, in ssl_parse_extended_ms_ext() argument
493 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_extended_ms_ext()
500 if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED && in ssl_parse_extended_ms_ext()
501 ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) in ssl_parse_extended_ms_ext()
503 ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; in ssl_parse_extended_ms_ext()
511 static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, in ssl_parse_session_ticket_ext() argument
520 if( ssl->conf->f_ticket_parse == NULL || in ssl_parse_session_ticket_ext()
521 ssl->conf->f_ticket_write == NULL ) in ssl_parse_session_ticket_ext()
527 ssl->handshake->new_session_ticket = 1; in ssl_parse_session_ticket_ext()
535 if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_parse_session_ticket_ext()
545 if( ( ret = ssl->conf->f_ticket_parse( ssl->conf->p_ticket, &session, in ssl_parse_session_ticket_ext()
564 session.id_len = ssl->session_negotiate->id_len; in ssl_parse_session_ticket_ext()
565 memcpy( &session.id, ssl->session_negotiate->id, session.id_len ); in ssl_parse_session_ticket_ext()
567 mbedtls_ssl_session_free( ssl->session_negotiate ); in ssl_parse_session_ticket_ext()
568 memcpy( ssl->session_negotiate, &session, sizeof( mbedtls_ssl_session ) ); in ssl_parse_session_ticket_ext()
575 ssl->handshake->resume = 1; in ssl_parse_session_ticket_ext()
578 ssl->handshake->new_session_ticket = 0; in ssl_parse_session_ticket_ext()
585 static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, in ssl_parse_alpn_ext() argument
593 if( ssl->conf->alpn_list == NULL ) in ssl_parse_alpn_ext()
607 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
615 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
632 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
640 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
649 for( ours = ssl->conf->alpn_list; *ours != NULL; ours++ ) in ssl_parse_alpn_ext()
659 ssl->alpn_chosen = *ours; in ssl_parse_alpn_ext()
666 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
702 static int ssl_pick_cert( mbedtls_ssl_context *ssl, in ssl_pick_cert() argument
711 if( ssl->handshake->sni_key_cert != NULL ) in ssl_pick_cert()
712 list = ssl->handshake->sni_key_cert; in ssl_pick_cert()
715 list = ssl->conf->key_cert; in ssl_pick_cert()
757 ssl_check_key_curve( &cur->cert->pk, ssl->handshake->curves ) != 0 ) in ssl_pick_cert()
769 if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 && in ssl_pick_cert()
791 ssl->handshake->key_cert = cur; in ssl_pick_cert()
793 ssl->handshake->key_cert->cert ); in ssl_pick_cert()
805 static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, in ssl_ciphersuite_match() argument
824 if( suite_info->min_minor_ver > ssl->minor_ver || in ssl_ciphersuite_match()
825 suite_info->max_minor_ver < ssl->minor_ver ) in ssl_ciphersuite_match()
832 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_ciphersuite_match()
838 if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && in ssl_ciphersuite_match()
848 ( ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK ) == 0 ) in ssl_ciphersuite_match()
859 ( ssl->handshake->curves == NULL || in ssl_ciphersuite_match()
860 ssl->handshake->curves[0] == NULL ) ) in ssl_ciphersuite_match()
872 ssl->conf->f_psk == NULL && in ssl_ciphersuite_match()
873 ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL || in ssl_ciphersuite_match()
874 ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) ) in ssl_ciphersuite_match()
885 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_ciphersuite_match()
889 … mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, sig_type ) == MBEDTLS_MD_NONE ) in ssl_ciphersuite_match()
908 if( ssl_pick_cert( ssl, suite_info ) != 0 ) in ssl_ciphersuite_match()
921 static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) in ssl_parse_client_hello_v2() argument
934 if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_parse_client_hello_v2()
937 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello_v2()
943 buf = ssl->in_hdr; in ssl_parse_client_hello_v2()
979 ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; in ssl_parse_client_hello_v2()
980 ssl->minor_ver = ( buf[4] <= ssl->conf->max_minor_ver ) in ssl_parse_client_hello_v2()
981 ? buf[4] : ssl->conf->max_minor_ver; in ssl_parse_client_hello_v2()
983 if( ssl->minor_ver < ssl->conf->min_minor_ver ) in ssl_parse_client_hello_v2()
987 ssl->major_ver, ssl->minor_ver, in ssl_parse_client_hello_v2()
988 ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); in ssl_parse_client_hello_v2()
990 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello_v2()
995 ssl->handshake->max_major_ver = buf[3]; in ssl_parse_client_hello_v2()
996 ssl->handshake->max_minor_ver = buf[4]; in ssl_parse_client_hello_v2()
998 if( ( ret = mbedtls_ssl_fetch_input( ssl, 2 + n ) ) != 0 ) in ssl_parse_client_hello_v2()
1004 ssl->handshake->update_checksum( ssl, buf + 2, n ); in ssl_parse_client_hello_v2()
1006 buf = ssl->in_msg; in ssl_parse_client_hello_v2()
1007 n = ssl->in_left - 5; in ssl_parse_client_hello_v2()
1061 ssl->session_negotiate->id_len = sess_len; in ssl_parse_client_hello_v2()
1062 memset( ssl->session_negotiate->id, 0, in ssl_parse_client_hello_v2()
1063 sizeof( ssl->session_negotiate->id ) ); in ssl_parse_client_hello_v2()
1064 memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->id_len ); in ssl_parse_client_hello_v2()
1067 memset( ssl->handshake->randbytes, 0, 64 ); in ssl_parse_client_hello_v2()
1068 memcpy( ssl->handshake->randbytes + 32 - chal_len, p, chal_len ); in ssl_parse_client_hello_v2()
1079 if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) in ssl_parse_client_hello_v2()
1084 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello_v2()
1089 ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; in ssl_parse_client_hello_v2()
1103 if( ssl->minor_ver < ssl->conf->max_minor_ver ) in ssl_parse_client_hello_v2()
1107 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello_v2()
1119 ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; in ssl_parse_client_hello_v2()
1136 if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], in ssl_parse_client_hello_v2()
1159 ssl->session_negotiate->ciphersuite = ciphersuites[i]; in ssl_parse_client_hello_v2()
1160 ssl->transform_negotiate->ciphersuite_info = ciphersuite_info; in ssl_parse_client_hello_v2()
1165 if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && in ssl_parse_client_hello_v2()
1166 ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) in ssl_parse_client_hello_v2()
1169 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello_v2()
1174 ssl->in_left = 0; in ssl_parse_client_hello_v2()
1175 ssl->state++; in ssl_parse_client_hello_v2()
1186 static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) in ssl_parse_client_hello() argument
1224 if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_parse_client_hello()
1227 if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 ) in ssl_parse_client_hello()
1235 buf = ssl->in_hdr; in ssl_parse_client_hello()
1239 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) in ssl_parse_client_hello()
1242 return( ssl_parse_client_hello_v2( ssl ) ); in ssl_parse_client_hello()
1245 MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, mbedtls_ssl_hdr_len( ssl ) ); in ssl_parse_client_hello()
1266 ( ssl->in_len[0] << 8 ) | ssl->in_len[1] ) ); in ssl_parse_client_hello()
1271 mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf + 1 ); in ssl_parse_client_hello()
1286 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM in ssl_parse_client_hello()
1288 && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE in ssl_parse_client_hello()
1293 if( ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0 ) in ssl_parse_client_hello()
1299 memcpy( ssl->out_ctr + 2, ssl->in_ctr + 2, 6 ); in ssl_parse_client_hello()
1302 if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) in ssl_parse_client_hello()
1305 ssl->next_record_offset = 0; in ssl_parse_client_hello()
1306 ssl->in_left = 0; in ssl_parse_client_hello()
1311 mbedtls_ssl_dtls_replay_update( ssl ); in ssl_parse_client_hello()
1316 msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1]; in ssl_parse_client_hello()
1319 if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_parse_client_hello()
1322 msg_len = ssl->in_hslen; in ssl_parse_client_hello()
1333 if( ( ret = mbedtls_ssl_fetch_input( ssl, in ssl_parse_client_hello()
1334 mbedtls_ssl_hdr_len( ssl ) + msg_len ) ) != 0 ) in ssl_parse_client_hello()
1342 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_client_hello()
1343 ssl->next_record_offset = msg_len + mbedtls_ssl_hdr_len( ssl ); in ssl_parse_client_hello()
1346 ssl->in_left = 0; in ssl_parse_client_hello()
1349 buf = ssl->in_msg; in ssl_parse_client_hello()
1353 ssl->handshake->update_checksum( ssl, buf, msg_len ); in ssl_parse_client_hello()
1363 if( msg_len < mbedtls_ssl_hs_hdr_len( ssl ) ) in ssl_parse_client_hello()
1382 msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) ) in ssl_parse_client_hello()
1389 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_client_hello()
1396 if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) in ssl_parse_client_hello()
1399 unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | in ssl_parse_client_hello()
1400 ssl->in_msg[5]; in ssl_parse_client_hello()
1402 if( cli_msg_seq != ssl->handshake->in_msg_seq ) in ssl_parse_client_hello()
1406 ssl->handshake->in_msg_seq ) ); in ssl_parse_client_hello()
1410 ssl->handshake->in_msg_seq++; in ssl_parse_client_hello()
1415 unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | in ssl_parse_client_hello()
1416 ssl->in_msg[5]; in ssl_parse_client_hello()
1417 ssl->handshake->out_msg_seq = cli_msg_seq; in ssl_parse_client_hello()
1418 ssl->handshake->in_msg_seq = cli_msg_seq + 1; in ssl_parse_client_hello()
1425 if( ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 || in ssl_parse_client_hello()
1426 memcmp( ssl->in_msg + 1, ssl->in_msg + 9, 3 ) != 0 ) in ssl_parse_client_hello()
1434 buf += mbedtls_ssl_hs_hdr_len( ssl ); in ssl_parse_client_hello()
1435 msg_len -= mbedtls_ssl_hs_hdr_len( ssl ); in ssl_parse_client_hello()
1469 mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, in ssl_parse_client_hello()
1470 ssl->conf->transport, buf ); in ssl_parse_client_hello()
1472 ssl->handshake->max_major_ver = ssl->major_ver; in ssl_parse_client_hello()
1473 ssl->handshake->max_minor_ver = ssl->minor_ver; in ssl_parse_client_hello()
1475 if( ssl->major_ver < ssl->conf->min_major_ver || in ssl_parse_client_hello()
1476 ssl->minor_ver < ssl->conf->min_minor_ver ) in ssl_parse_client_hello()
1480 ssl->major_ver, ssl->minor_ver, in ssl_parse_client_hello()
1481 ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); in ssl_parse_client_hello()
1482 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1487 if( ssl->major_ver > ssl->conf->max_major_ver ) in ssl_parse_client_hello()
1489 ssl->major_ver = ssl->conf->max_major_ver; in ssl_parse_client_hello()
1490 ssl->minor_ver = ssl->conf->max_minor_ver; in ssl_parse_client_hello()
1492 else if( ssl->minor_ver > ssl->conf->max_minor_ver ) in ssl_parse_client_hello()
1493 ssl->minor_ver = ssl->conf->max_minor_ver; in ssl_parse_client_hello()
1500 memcpy( ssl->handshake->randbytes, buf + 2, 32 ); in ssl_parse_client_hello()
1507 if( sess_len > sizeof( ssl->session_negotiate->id ) || in ssl_parse_client_hello()
1511 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1518 ssl->session_negotiate->id_len = sess_len; in ssl_parse_client_hello()
1519 memset( ssl->session_negotiate->id, 0, in ssl_parse_client_hello()
1520 sizeof( ssl->session_negotiate->id ) ); in ssl_parse_client_hello()
1521 memcpy( ssl->session_negotiate->id, buf + 35, in ssl_parse_client_hello()
1522 ssl->session_negotiate->id_len ); in ssl_parse_client_hello()
1528 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_client_hello()
1536 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1545 if( ssl->conf->f_cookie_check != NULL in ssl_parse_client_hello()
1547 && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE in ssl_parse_client_hello()
1551 if( ssl->conf->f_cookie_check( ssl->conf->p_cookie, in ssl_parse_client_hello()
1553 ssl->cli_id, ssl->cli_id_len ) != 0 ) in ssl_parse_client_hello()
1556 ssl->handshake->verify_cookie_len = 1; in ssl_parse_client_hello()
1561 ssl->handshake->verify_cookie_len = 0; in ssl_parse_client_hello()
1595 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1615 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1623 ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; in ssl_parse_client_hello()
1629 ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE; in ssl_parse_client_hello()
1637 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_client_hello()
1638 ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; in ssl_parse_client_hello()
1643 if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) in ssl_parse_client_hello()
1655 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1667 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1684 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1694 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1703 if( ssl->conf->f_sni == NULL ) in ssl_parse_client_hello()
1706 ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1718 ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1728 ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1742 ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1749 ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT; in ssl_parse_client_hello()
1751 ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1762 ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1772 ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1782 ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1792 ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1802 ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1812 ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1822 ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ); in ssl_parse_client_hello()
1839 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1856 if( ssl->minor_ver < ssl->conf->max_minor_ver ) in ssl_parse_client_hello()
1860 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1882 if( mbedtls_ssl_check_sig_hash( ssl, md_default ) != 0 ) in ssl_parse_client_hello()
1885 mbedtls_ssl_sig_hash_set_const_hash( &ssl->handshake->hash_algs, md_default ); in ssl_parse_client_hello()
1900 if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) in ssl_parse_client_hello()
1904 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1909 ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; in ssl_parse_client_hello()
1917 if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION && in ssl_parse_client_hello()
1918 ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) in ssl_parse_client_hello()
1924 else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && in ssl_parse_client_hello()
1925 ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && in ssl_parse_client_hello()
1931 else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && in ssl_parse_client_hello()
1932 ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && in ssl_parse_client_hello()
1933 ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) in ssl_parse_client_hello()
1938 else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && in ssl_parse_client_hello()
1939 ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && in ssl_parse_client_hello()
1949 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1960 ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; in ssl_parse_client_hello()
1976 if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], in ssl_parse_client_hello()
1988 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
1995 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_hello()
2003 ssl->session_negotiate->ciphersuite = ciphersuites[i]; in ssl_parse_client_hello()
2004 ssl->transform_negotiate->ciphersuite_info = ciphersuite_info; in ssl_parse_client_hello()
2006 ssl->state++; in ssl_parse_client_hello()
2009 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_parse_client_hello()
2010 mbedtls_ssl_recv_flight_completed( ssl ); in ssl_parse_client_hello()
2017 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_parse_client_hello()
2022 mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, in ssl_parse_client_hello()
2041 static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, in ssl_write_truncated_hmac_ext() argument
2047 if( ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) in ssl_write_truncated_hmac_ext()
2066 static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, in ssl_write_encrypt_then_mac_ext() argument
2074 if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || in ssl_write_encrypt_then_mac_ext()
2075 ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) in ssl_write_encrypt_then_mac_ext()
2088 ssl->session_negotiate->ciphersuite ) ) == NULL || in ssl_write_encrypt_then_mac_ext()
2109 static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, in ssl_write_extended_ms_ext() argument
2115 if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || in ssl_write_extended_ms_ext()
2116 ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) in ssl_write_extended_ms_ext()
2136 static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, in ssl_write_session_ticket_ext() argument
2142 if( ssl->handshake->new_session_ticket == 0 ) in ssl_write_session_ticket_ext()
2160 static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, in ssl_write_renegotiation_ext() argument
2166 if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION ) in ssl_write_renegotiation_ext()
2178 if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) in ssl_write_renegotiation_ext()
2181 *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF; in ssl_write_renegotiation_ext()
2182 *p++ = ssl->verify_data_len * 2 & 0xFF; in ssl_write_renegotiation_ext()
2184 memcpy( p, ssl->peer_verify_data, ssl->verify_data_len ); in ssl_write_renegotiation_ext()
2185 p += ssl->verify_data_len; in ssl_write_renegotiation_ext()
2186 memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); in ssl_write_renegotiation_ext()
2187 p += ssl->verify_data_len; in ssl_write_renegotiation_ext()
2201 static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, in ssl_write_max_fragment_length_ext() argument
2207 if( ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) in ssl_write_max_fragment_length_ext()
2221 *p++ = ssl->session_negotiate->mfl_code; in ssl_write_max_fragment_length_ext()
2229 static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, in ssl_write_supported_point_formats_ext() argument
2234 ((void) ssl); in ssl_write_supported_point_formats_ext()
2236 if( ( ssl->handshake->cli_exts & in ssl_write_supported_point_formats_ext()
2259 static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, in ssl_write_ecjpake_kkpp_ext() argument
2265 const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; in ssl_write_ecjpake_kkpp_ext()
2271 if( ssl->transform_negotiate->ciphersuite_info->key_exchange != in ssl_write_ecjpake_kkpp_ext()
2286 ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, in ssl_write_ecjpake_kkpp_ext()
2288 ssl->conf->f_rng, ssl->conf->p_rng ); in ssl_write_ecjpake_kkpp_ext()
2303 static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, in ssl_write_alpn_ext() argument
2306 if( ssl->alpn_chosen == NULL ) in ssl_write_alpn_ext()
2324 *olen = 7 + strlen( ssl->alpn_chosen ); in ssl_write_alpn_ext()
2334 memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); in ssl_write_alpn_ext()
2339 static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) in ssl_write_hello_verify_request() argument
2342 unsigned char *p = ssl->out_msg + 4; in ssl_write_hello_verify_request()
2356 mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, in ssl_write_hello_verify_request()
2357 ssl->conf->transport, p ); in ssl_write_hello_verify_request()
2362 if( ssl->conf->f_cookie_write == NULL ) in ssl_write_hello_verify_request()
2371 if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie, in ssl_write_hello_verify_request()
2372 &p, ssl->out_buf + MBEDTLS_SSL_OUT_BUFFER_LEN, in ssl_write_hello_verify_request()
2373 ssl->cli_id, ssl->cli_id_len ) ) != 0 ) in ssl_write_hello_verify_request()
2383 ssl->out_msglen = p - ssl->out_msg; in ssl_write_hello_verify_request()
2384 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_hello_verify_request()
2385 ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST; in ssl_write_hello_verify_request()
2387 ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT; in ssl_write_hello_verify_request()
2389 if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) in ssl_write_hello_verify_request()
2401 static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) in ssl_write_server_hello() argument
2413 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in ssl_write_server_hello()
2414 ssl->handshake->verify_cookie_len != 0 ) in ssl_write_server_hello()
2419 return( ssl_write_hello_verify_request( ssl ) ); in ssl_write_server_hello()
2423 if( ssl->conf->f_rng == NULL ) in ssl_write_server_hello()
2436 buf = ssl->out_msg; in ssl_write_server_hello()
2439 mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, in ssl_write_server_hello()
2440 ssl->conf->transport, p ); in ssl_write_server_hello()
2455 if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) in ssl_write_server_hello()
2461 if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) in ssl_write_server_hello()
2466 memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); in ssl_write_server_hello()
2475 if( ssl->handshake->resume == 0 && in ssl_write_server_hello()
2477 ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE && in ssl_write_server_hello()
2479 ssl->session_negotiate->id_len != 0 && in ssl_write_server_hello()
2480 ssl->conf->f_get_cache != NULL && in ssl_write_server_hello()
2481 ssl->conf->f_get_cache( ssl->conf->p_cache, ssl->session_negotiate ) == 0 ) in ssl_write_server_hello()
2484 ssl->handshake->resume = 1; in ssl_write_server_hello()
2487 if( ssl->handshake->resume == 0 ) in ssl_write_server_hello()
2493 ssl->state++; in ssl_write_server_hello()
2496 ssl->session_negotiate->start = mbedtls_time( NULL ); in ssl_write_server_hello()
2500 if( ssl->handshake->new_session_ticket != 0 ) in ssl_write_server_hello()
2502 ssl->session_negotiate->id_len = n = 0; in ssl_write_server_hello()
2503 memset( ssl->session_negotiate->id, 0, 32 ); in ssl_write_server_hello()
2508 ssl->session_negotiate->id_len = n = 32; in ssl_write_server_hello()
2509 if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, in ssl_write_server_hello()
2519 n = ssl->session_negotiate->id_len; in ssl_write_server_hello()
2520 ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; in ssl_write_server_hello()
2522 if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) in ssl_write_server_hello()
2537 *p++ = (unsigned char) ssl->session_negotiate->id_len; in ssl_write_server_hello()
2538 memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); in ssl_write_server_hello()
2539 p += ssl->session_negotiate->id_len; in ssl_write_server_hello()
2544 ssl->handshake->resume ? "a" : "no" ) ); in ssl_write_server_hello()
2546 *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); in ssl_write_server_hello()
2547 *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); in ssl_write_server_hello()
2548 *p++ = (unsigned char)( ssl->session_negotiate->compression ); in ssl_write_server_hello()
2551 mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); in ssl_write_server_hello()
2553 ssl->session_negotiate->compression ) ); in ssl_write_server_hello()
2557 if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) in ssl_write_server_hello()
2564 ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2568 ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2573 ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2578 ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2583 ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2588 ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2594 ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2599 ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2604 ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen ); in ssl_write_server_hello()
2621 ssl->out_msglen = p - buf; in ssl_write_server_hello()
2622 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_server_hello()
2623 ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; in ssl_write_server_hello()
2625 ret = mbedtls_ssl_write_record( ssl ); in ssl_write_server_hello()
2638 static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) in ssl_write_certificate_request() argument
2641 ssl->transform_negotiate->ciphersuite_info; in ssl_write_certificate_request()
2652 ssl->state++; in ssl_write_certificate_request()
2660 static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) in ssl_write_certificate_request() argument
2664 ssl->transform_negotiate->ciphersuite_info; in ssl_write_certificate_request()
2668 const unsigned char * const end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; in ssl_write_certificate_request()
2674 ssl->state++; in ssl_write_certificate_request()
2677 if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) in ssl_write_certificate_request()
2678 authmode = ssl->handshake->sni_authmode; in ssl_write_certificate_request()
2681 authmode = ssl->conf->authmode; in ssl_write_certificate_request()
2706 buf = ssl->out_msg; in ssl_write_certificate_request()
2742 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_write_certificate_request()
2749 for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) in ssl_write_certificate_request()
2753 if( MBEDTLS_SSL_HASH_NONE == hash || mbedtls_ssl_set_calc_verify_md( ssl, hash ) ) in ssl_write_certificate_request()
2781 if( ssl->conf->cert_req_ca_list == MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED ) in ssl_write_certificate_request()
2784 if( ssl->handshake->sni_ca_chain != NULL ) in ssl_write_certificate_request()
2785 crt = ssl->handshake->sni_ca_chain; in ssl_write_certificate_request()
2788 crt = ssl->conf->ca_chain; in ssl_write_certificate_request()
2814 ssl->out_msglen = p - buf; in ssl_write_certificate_request()
2815 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_certificate_request()
2816 ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; in ssl_write_certificate_request()
2817 ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 ); in ssl_write_certificate_request()
2818 ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size ); in ssl_write_certificate_request()
2820 ret = mbedtls_ssl_write_record( ssl ); in ssl_write_certificate_request()
2835 static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) in ssl_get_ecdh_params_from_cert() argument
2839 if( ! mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECKEY ) ) in ssl_get_ecdh_params_from_cert()
2845 if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, in ssl_get_ecdh_params_from_cert()
2846 mbedtls_pk_ec( *mbedtls_ssl_own_key( ssl ) ), in ssl_get_ecdh_params_from_cert()
2860 static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, in ssl_resume_server_key_exchange() argument
2868 unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2; in ssl_resume_server_key_exchange()
2869 size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_OUT_CONTENT_LEN in ssl_resume_server_key_exchange()
2871 int ret = ssl->conf->f_async_resume( ssl, in ssl_resume_server_key_exchange()
2875 ssl->handshake->async_in_progress = 0; in ssl_resume_server_key_exchange()
2876 mbedtls_ssl_set_async_operation_data( ssl, NULL ); in ssl_resume_server_key_exchange()
2887 static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, in ssl_prepare_server_key_exchange() argument
2891 ssl->transform_negotiate->ciphersuite_info; in ssl_prepare_server_key_exchange()
2903 ssl->out_msglen = 4; /* header (type:1, length:3) to be written later */ in ssl_prepare_server_key_exchange()
2921 &ssl->handshake->ecjpake_ctx, in ssl_prepare_server_key_exchange()
2922 ssl->out_msg + ssl->out_msglen, in ssl_prepare_server_key_exchange()
2923 MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, &len, in ssl_prepare_server_key_exchange()
2924 ssl->conf->f_rng, ssl->conf->p_rng ); in ssl_prepare_server_key_exchange()
2931 ssl->out_msglen += len; in ssl_prepare_server_key_exchange()
2945 ssl->out_msg[ssl->out_msglen++] = 0x00; in ssl_prepare_server_key_exchange()
2946 ssl->out_msg[ssl->out_msglen++] = 0x00; in ssl_prepare_server_key_exchange()
2960 if( ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL ) in ssl_prepare_server_key_exchange()
2975 if( ( ret = mbedtls_dhm_set_group( &ssl->handshake->dhm_ctx, in ssl_prepare_server_key_exchange()
2976 &ssl->conf->dhm_P, in ssl_prepare_server_key_exchange()
2977 &ssl->conf->dhm_G ) ) != 0 ) in ssl_prepare_server_key_exchange()
2984 &ssl->handshake->dhm_ctx, in ssl_prepare_server_key_exchange()
2985 (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), in ssl_prepare_server_key_exchange()
2986 ssl->out_msg + ssl->out_msglen, &len, in ssl_prepare_server_key_exchange()
2987 ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) in ssl_prepare_server_key_exchange()
2994 dig_signed = ssl->out_msg + ssl->out_msglen; in ssl_prepare_server_key_exchange()
2997 ssl->out_msglen += len; in ssl_prepare_server_key_exchange()
2999 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); in ssl_prepare_server_key_exchange()
3000 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); in ssl_prepare_server_key_exchange()
3001 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); in ssl_prepare_server_key_exchange()
3002 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); in ssl_prepare_server_key_exchange()
3026 for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) in ssl_prepare_server_key_exchange()
3027 for( curve = ssl->handshake->curves; *curve != NULL; curve++ ) in ssl_prepare_server_key_exchange()
3040 if( ( ret = mbedtls_ecp_group_load( &ssl->handshake->ecdh_ctx.grp, in ssl_prepare_server_key_exchange()
3048 &ssl->handshake->ecdh_ctx, &len, in ssl_prepare_server_key_exchange()
3049 ssl->out_msg + ssl->out_msglen, in ssl_prepare_server_key_exchange()
3050 MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, in ssl_prepare_server_key_exchange()
3051 ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) in ssl_prepare_server_key_exchange()
3058 dig_signed = ssl->out_msg + ssl->out_msglen; in ssl_prepare_server_key_exchange()
3061 ssl->out_msglen += len; in ssl_prepare_server_key_exchange()
3063 MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q ", &ssl->handshake->ecdh_ctx.Q ); in ssl_prepare_server_key_exchange()
3076 size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed; in ssl_prepare_server_key_exchange()
3095 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_prepare_server_key_exchange()
3100 ( md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, in ssl_prepare_server_key_exchange()
3136 ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, in ssl_prepare_server_key_exchange()
3149 ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, in ssl_prepare_server_key_exchange()
3170 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_prepare_server_key_exchange()
3188 ssl->out_msg[ssl->out_msglen++] = in ssl_prepare_server_key_exchange()
3190 ssl->out_msg[ssl->out_msglen++] = in ssl_prepare_server_key_exchange()
3196 if( ssl->conf->f_async_sign_start != NULL ) in ssl_prepare_server_key_exchange()
3198 ret = ssl->conf->f_async_sign_start( ssl, in ssl_prepare_server_key_exchange()
3199 mbedtls_ssl_own_cert( ssl ), in ssl_prepare_server_key_exchange()
3207 ssl->handshake->async_in_progress = 1; in ssl_prepare_server_key_exchange()
3208 return( ssl_resume_server_key_exchange( ssl, signature_len ) ); in ssl_prepare_server_key_exchange()
3210 ssl->handshake->async_in_progress = 1; in ssl_prepare_server_key_exchange()
3219 if( mbedtls_ssl_own_key( ssl ) == NULL ) in ssl_prepare_server_key_exchange()
3230 if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), in ssl_prepare_server_key_exchange()
3232 ssl->out_msg + ssl->out_msglen + 2, in ssl_prepare_server_key_exchange()
3234 ssl->conf->f_rng, in ssl_prepare_server_key_exchange()
3235 ssl->conf->p_rng ) ) != 0 ) in ssl_prepare_server_key_exchange()
3250 static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) in ssl_write_server_key_exchange() argument
3256 ssl->transform_negotiate->ciphersuite_info; in ssl_write_server_key_exchange()
3271 ssl_get_ecdh_params_from_cert( ssl ); in ssl_write_server_key_exchange()
3278 ssl->state++; in ssl_write_server_key_exchange()
3287 if( ssl->handshake->async_in_progress != 0 ) in ssl_write_server_key_exchange()
3290 ret = ssl_resume_server_key_exchange( ssl, &signature_len ); in ssl_write_server_key_exchange()
3297 ret = ssl_prepare_server_key_exchange( ssl, &signature_len ); in ssl_write_server_key_exchange()
3309 ssl->out_msglen = 0; in ssl_write_server_key_exchange()
3319 ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len >> 8 ); in ssl_write_server_key_exchange()
3320 ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len ); in ssl_write_server_key_exchange()
3323 ssl->out_msg + ssl->out_msglen, in ssl_write_server_key_exchange()
3327 ssl->out_msglen += signature_len; in ssl_write_server_key_exchange()
3332 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_server_key_exchange()
3333 ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE; in ssl_write_server_key_exchange()
3335 ssl->state++; in ssl_write_server_key_exchange()
3337 if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) in ssl_write_server_key_exchange()
3347 static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) in ssl_write_server_hello_done() argument
3353 ssl->out_msglen = 4; in ssl_write_server_hello_done()
3354 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_server_hello_done()
3355 ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO_DONE; in ssl_write_server_hello_done()
3357 ssl->state++; in ssl_write_server_hello_done()
3360 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) in ssl_write_server_hello_done()
3361 mbedtls_ssl_send_flight_completed( ssl ); in ssl_write_server_hello_done()
3364 if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) in ssl_write_server_hello_done()
3377 static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p, in ssl_parse_client_dh_public() argument
3401 if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) in ssl_parse_client_dh_public()
3409 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); in ssl_parse_client_dh_public()
3420 static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl, in ssl_resume_decrypt_pms() argument
3425 int ret = ssl->conf->f_async_resume( ssl, in ssl_resume_decrypt_pms()
3429 ssl->handshake->async_in_progress = 0; in ssl_resume_decrypt_pms()
3430 mbedtls_ssl_set_async_operation_data( ssl, NULL ); in ssl_resume_decrypt_pms()
3437 static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, in ssl_decrypt_encrypted_pms() argument
3445 mbedtls_pk_context *private_key = mbedtls_ssl_own_key( ssl ); in ssl_decrypt_encrypted_pms()
3446 mbedtls_pk_context *public_key = &mbedtls_ssl_own_cert( ssl )->pk; in ssl_decrypt_encrypted_pms()
3452 if( ssl->handshake->async_in_progress != 0 ) in ssl_decrypt_encrypted_pms()
3455 return( ssl_resume_decrypt_pms( ssl, in ssl_decrypt_encrypted_pms()
3465 if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) in ssl_decrypt_encrypted_pms()
3490 if( ssl->conf->f_async_decrypt_start != NULL ) in ssl_decrypt_encrypted_pms()
3492 ret = ssl->conf->f_async_decrypt_start( ssl, in ssl_decrypt_encrypted_pms()
3493 mbedtls_ssl_own_cert( ssl ), in ssl_decrypt_encrypted_pms()
3501 ssl->handshake->async_in_progress = 1; in ssl_decrypt_encrypted_pms()
3502 return( ssl_resume_decrypt_pms( ssl, in ssl_decrypt_encrypted_pms()
3507 ssl->handshake->async_in_progress = 1; in ssl_decrypt_encrypted_pms()
3524 ssl->conf->f_rng, ssl->conf->p_rng ); in ssl_decrypt_encrypted_pms()
3528 static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, in ssl_parse_encrypted_pms() argument
3534 unsigned char *pms = ssl->handshake->premaster + pms_offset; in ssl_parse_encrypted_pms()
3550 ret = ssl_decrypt_encrypted_pms( ssl, p, end, in ssl_parse_encrypted_pms()
3560 mbedtls_ssl_write_version( ssl->handshake->max_major_ver, in ssl_parse_encrypted_pms()
3561 ssl->handshake->max_minor_ver, in ssl_parse_encrypted_pms()
3562 ssl->conf->transport, ver ); in ssl_parse_encrypted_pms()
3593 ret = ssl->conf->f_rng( ssl->conf->p_rng, fake_pms, sizeof( fake_pms ) ); in ssl_parse_encrypted_pms()
3606 if( sizeof( ssl->handshake->premaster ) < pms_offset || in ssl_parse_encrypted_pms()
3607 sizeof( ssl->handshake->premaster ) - pms_offset < 48 ) in ssl_parse_encrypted_pms()
3612 ssl->handshake->pmslen = 48; in ssl_parse_encrypted_pms()
3616 for( i = 0; i < ssl->handshake->pmslen; i++ ) in ssl_parse_encrypted_pms()
3625 static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned char **p, in ssl_parse_client_psk_identity() argument
3631 if( ssl->conf->f_psk == NULL && in ssl_parse_client_psk_identity()
3632 ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL || in ssl_parse_client_psk_identity()
3633 ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) ) in ssl_parse_client_psk_identity()
3657 if( ssl->conf->f_psk != NULL ) in ssl_parse_client_psk_identity()
3659 if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 ) in ssl_parse_client_psk_identity()
3666 if( n != ssl->conf->psk_identity_len || in ssl_parse_client_psk_identity()
3667 mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 ) in ssl_parse_client_psk_identity()
3676 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_client_psk_identity()
3687 static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) in ssl_parse_client_key_exchange() argument
3693 ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; in ssl_parse_client_key_exchange()
3702 ( ssl->handshake->async_in_progress != 0 ) ) in ssl_parse_client_key_exchange()
3711 if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) in ssl_parse_client_key_exchange()
3717 p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); in ssl_parse_client_key_exchange()
3718 end = ssl->in_msg + ssl->in_hslen; in ssl_parse_client_key_exchange()
3720 if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) in ssl_parse_client_key_exchange()
3726 if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE ) in ssl_parse_client_key_exchange()
3735 if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
3747 if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, in ssl_parse_client_key_exchange()
3748 ssl->handshake->premaster, in ssl_parse_client_key_exchange()
3750 &ssl->handshake->pmslen, in ssl_parse_client_key_exchange()
3751 ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) in ssl_parse_client_key_exchange()
3757 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); in ssl_parse_client_key_exchange()
3770 if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
3777 MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); in ssl_parse_client_key_exchange()
3779 if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
3780 &ssl->handshake->pmslen, in ssl_parse_client_key_exchange()
3781 ssl->handshake->premaster, in ssl_parse_client_key_exchange()
3783 ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) in ssl_parse_client_key_exchange()
3789 MBEDTLS_SSL_DEBUG_MPI( 3, "ECDH: z ", &ssl->handshake->ecdh_ctx.z ); in ssl_parse_client_key_exchange()
3799 if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
3811 if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, in ssl_parse_client_key_exchange()
3824 if ( ssl->handshake->async_in_progress != 0 ) in ssl_parse_client_key_exchange()
3832 p += ssl->conf->psk_identity_len + 2; in ssl_parse_client_key_exchange()
3836 if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
3842 if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 ) in ssl_parse_client_key_exchange()
3848 if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, in ssl_parse_client_key_exchange()
3860 if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
3865 if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
3877 if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, in ssl_parse_client_key_exchange()
3889 if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) in ssl_parse_client_key_exchange()
3895 if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, in ssl_parse_client_key_exchange()
3902 MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); in ssl_parse_client_key_exchange()
3904 if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, in ssl_parse_client_key_exchange()
3916 if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 0 ) ) != 0 ) in ssl_parse_client_key_exchange()
3927 ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, in ssl_parse_client_key_exchange()
3935 ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, in ssl_parse_client_key_exchange()
3936 ssl->handshake->premaster, 32, &ssl->handshake->pmslen, in ssl_parse_client_key_exchange()
3937 ssl->conf->f_rng, ssl->conf->p_rng ); in ssl_parse_client_key_exchange()
3951 if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) in ssl_parse_client_key_exchange()
3957 ssl->state++; in ssl_parse_client_key_exchange()
3970 static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) in ssl_parse_certificate_verify() argument
3973 ssl->transform_negotiate->ciphersuite_info; in ssl_parse_certificate_verify()
3984 ssl->state++; in ssl_parse_certificate_verify()
3992 static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) in ssl_parse_certificate_verify() argument
4004 ssl->transform_negotiate->ciphersuite_info; in ssl_parse_certificate_verify()
4013 ssl->session_negotiate->peer_cert == NULL ) in ssl_parse_certificate_verify()
4016 ssl->state++; in ssl_parse_certificate_verify()
4023 do ret = mbedtls_ssl_read_record_layer( ssl ); in ssl_parse_certificate_verify()
4032 ret = mbedtls_ssl_handle_message_type( ssl ); in ssl_parse_certificate_verify()
4043 ssl->state++; in ssl_parse_certificate_verify()
4046 if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || in ssl_parse_certificate_verify()
4047 ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY ) in ssl_parse_certificate_verify()
4053 i = mbedtls_ssl_hs_hdr_len( ssl ); in ssl_parse_certificate_verify()
4063 if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_parse_certificate_verify()
4069 if( mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, in ssl_parse_certificate_verify()
4081 if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) in ssl_parse_certificate_verify()
4083 if( i + 2 > ssl->in_hslen ) in ssl_parse_certificate_verify()
4092 md_alg = mbedtls_ssl_md_alg_from_hash( ssl->in_msg[i] ); in ssl_parse_certificate_verify()
4094 if( md_alg == MBEDTLS_MD_NONE || mbedtls_ssl_set_calc_verify_md( ssl, ssl->in_msg[i] ) ) in ssl_parse_certificate_verify()
4114 if( ( pk_alg = mbedtls_ssl_pk_alg_from_sig( ssl->in_msg[i] ) ) in ssl_parse_certificate_verify()
4125 if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) ) in ssl_parse_certificate_verify()
4140 if( i + 2 > ssl->in_hslen ) in ssl_parse_certificate_verify()
4146 sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1]; in ssl_parse_certificate_verify()
4149 if( i + sig_len != ssl->in_hslen ) in ssl_parse_certificate_verify()
4156 ssl->handshake->calc_verify( ssl, hash ); in ssl_parse_certificate_verify()
4158 if( ( ret = mbedtls_pk_verify( &ssl->session_negotiate->peer_cert->pk, in ssl_parse_certificate_verify()
4160 ssl->in_msg + i, sig_len ) ) != 0 ) in ssl_parse_certificate_verify()
4166 mbedtls_ssl_update_handshake_status( ssl ); in ssl_parse_certificate_verify()
4180 static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) in ssl_write_new_session_ticket() argument
4188 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_new_session_ticket()
4189 ssl->out_msg[0] = MBEDTLS_SSL_HS_NEW_SESSION_TICKET; in ssl_write_new_session_ticket()
4202 if( ( ret = ssl->conf->f_ticket_write( ssl->conf->p_ticket, in ssl_write_new_session_ticket()
4203 ssl->session_negotiate, in ssl_write_new_session_ticket()
4204 ssl->out_msg + 10, in ssl_write_new_session_ticket()
4205 ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN, in ssl_write_new_session_ticket()
4212 ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF; in ssl_write_new_session_ticket()
4213 ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF; in ssl_write_new_session_ticket()
4214 ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF; in ssl_write_new_session_ticket()
4215 ssl->out_msg[7] = ( lifetime ) & 0xFF; in ssl_write_new_session_ticket()
4217 ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); in ssl_write_new_session_ticket()
4218 ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF ); in ssl_write_new_session_ticket()
4220 ssl->out_msglen = 10 + tlen; in ssl_write_new_session_ticket()
4226 ssl->handshake->new_session_ticket = 0; in ssl_write_new_session_ticket()
4228 if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) in ssl_write_new_session_ticket()
4243 int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) in mbedtls_ssl_handshake_server_step() argument
4247 if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) in mbedtls_ssl_handshake_server_step()
4250 MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); in mbedtls_ssl_handshake_server_step()
4252 if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) in mbedtls_ssl_handshake_server_step()
4256 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in mbedtls_ssl_handshake_server_step()
4257 ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) in mbedtls_ssl_handshake_server_step()
4259 if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) in mbedtls_ssl_handshake_server_step()
4264 switch( ssl->state ) in mbedtls_ssl_handshake_server_step()
4267 ssl->state = MBEDTLS_SSL_CLIENT_HELLO; in mbedtls_ssl_handshake_server_step()
4274 ret = ssl_parse_client_hello( ssl ); in mbedtls_ssl_handshake_server_step()
4290 ret = ssl_write_server_hello( ssl ); in mbedtls_ssl_handshake_server_step()
4294 ret = mbedtls_ssl_write_certificate( ssl ); in mbedtls_ssl_handshake_server_step()
4298 ret = ssl_write_server_key_exchange( ssl ); in mbedtls_ssl_handshake_server_step()
4302 ret = ssl_write_certificate_request( ssl ); in mbedtls_ssl_handshake_server_step()
4306 ret = ssl_write_server_hello_done( ssl ); in mbedtls_ssl_handshake_server_step()
4317 ret = mbedtls_ssl_parse_certificate( ssl ); in mbedtls_ssl_handshake_server_step()
4321 ret = ssl_parse_client_key_exchange( ssl ); in mbedtls_ssl_handshake_server_step()
4325 ret = ssl_parse_certificate_verify( ssl ); in mbedtls_ssl_handshake_server_step()
4329 ret = mbedtls_ssl_parse_change_cipher_spec( ssl ); in mbedtls_ssl_handshake_server_step()
4333 ret = mbedtls_ssl_parse_finished( ssl ); in mbedtls_ssl_handshake_server_step()
4343 if( ssl->handshake->new_session_ticket != 0 ) in mbedtls_ssl_handshake_server_step()
4344 ret = ssl_write_new_session_ticket( ssl ); in mbedtls_ssl_handshake_server_step()
4347 ret = mbedtls_ssl_write_change_cipher_spec( ssl ); in mbedtls_ssl_handshake_server_step()
4351 ret = mbedtls_ssl_write_finished( ssl ); in mbedtls_ssl_handshake_server_step()
4356 ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; in mbedtls_ssl_handshake_server_step()
4360 mbedtls_ssl_handshake_wrapup( ssl ); in mbedtls_ssl_handshake_server_step()
4364 MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); in mbedtls_ssl_handshake_server_step()