Lines Matching refs:handshake
411 if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) in ssl_write_ecjpake_kkpp_ext()
427 if( ssl->handshake->ecjpake_cache == NULL || in ssl_write_ecjpake_kkpp_ext()
428 ssl->handshake->ecjpake_cache_len == 0 ) in ssl_write_ecjpake_kkpp_ext()
432 ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, in ssl_write_ecjpake_kkpp_ext()
442 ssl->handshake->ecjpake_cache = mbedtls_calloc( 1, kkpp_len ); in ssl_write_ecjpake_kkpp_ext()
443 if( ssl->handshake->ecjpake_cache == NULL ) in ssl_write_ecjpake_kkpp_ext()
449 memcpy( ssl->handshake->ecjpake_cache, p + 2, kkpp_len ); in ssl_write_ecjpake_kkpp_ext()
450 ssl->handshake->ecjpake_cache_len = kkpp_len; in ssl_write_ecjpake_kkpp_ext()
456 kkpp_len = ssl->handshake->ecjpake_cache_len; in ssl_write_ecjpake_kkpp_ext()
459 memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); in ssl_write_ecjpake_kkpp_ext()
834 unsigned char *p = ssl->handshake->randbytes; in ssl_generate_random()
844 ssl->handshake->verify_cookie != NULL ) in ssl_generate_random()
901 mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) in ssl_validate_ciphersuite()
997 memcpy( p, ssl->handshake->randbytes, 32 ); in ssl_write_client_hello()
1019 ssl->handshake->resume == 0 ) in ssl_write_client_hello()
1082 if( ssl->handshake->verify_cookie == NULL ) in ssl_write_client_hello()
1090 ssl->handshake->verify_cookie, in ssl_write_client_hello()
1091 ssl->handshake->verify_cookie_len ); in ssl_write_client_hello()
1093 *p++ = ssl->handshake->verify_cookie_len; in ssl_write_client_hello()
1096 ssl->handshake->verify_cookie_len ); in ssl_write_client_hello()
1097 memcpy( p, ssl->handshake->verify_cookie, in ssl_write_client_hello()
1098 ssl->handshake->verify_cookie_len ); in ssl_write_client_hello()
1099 p += ssl->handshake->verify_cookie_len; in ssl_write_client_hello()
1465 ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; in ssl_parse_cid_ext()
1466 ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; in ssl_parse_cid_ext()
1467 memcpy( ssl->handshake->peer_cid, buf, peer_cid_len ); in ssl_parse_cid_ext()
1520 ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; in ssl_parse_extended_ms_ext()
1545 ssl->handshake->new_session_ticket = 1; in ssl_parse_session_ticket_ext()
1576 ssl->handshake->ecdh_ctx.point_format = p[0]; in ssl_parse_supported_point_formats_ext()
1579 mbedtls_ecjpake_set_point_format( &ssl->handshake->ecjpake_ctx, in ssl_parse_supported_point_formats_ext()
1605 if( ssl->handshake->ciphersuite_info->key_exchange != in ssl_parse_ecjpake_kkpp()
1613 mbedtls_free( ssl->handshake->ecjpake_cache ); in ssl_parse_ecjpake_kkpp()
1614 ssl->handshake->ecjpake_cache = NULL; in ssl_parse_ecjpake_kkpp()
1615 ssl->handshake->ecjpake_cache_len = 0; in ssl_parse_ecjpake_kkpp()
1617 if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx, in ssl_parse_ecjpake_kkpp()
1882 mbedtls_free( ssl->handshake->verify_cookie ); in ssl_parse_hello_verify_request()
1884 ssl->handshake->verify_cookie = mbedtls_calloc( 1, cookie_len ); in ssl_parse_hello_verify_request()
1885 if( ssl->handshake->verify_cookie == NULL ) in ssl_parse_hello_verify_request()
1891 memcpy( ssl->handshake->verify_cookie, p, cookie_len ); in ssl_parse_hello_verify_request()
1892 ssl->handshake->verify_cookie_len = cookie_len; in ssl_parse_hello_verify_request()
1973 mbedtls_free( ssl->handshake->verify_cookie ); in ssl_parse_server_hello()
1974 ssl->handshake->verify_cookie = NULL; in ssl_parse_server_hello()
1975 ssl->handshake->verify_cookie_len = 0; in ssl_parse_server_hello()
2032 memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 ); in ssl_parse_server_hello()
2096 ssl->handshake->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i ); in ssl_parse_server_hello()
2097 if( ssl->handshake->ciphersuite_info == NULL ) in ssl_parse_server_hello()
2106 mbedtls_ssl_optimize_checksum( ssl, ssl->handshake->ciphersuite_info ); in ssl_parse_server_hello()
2114 if( ssl->handshake->resume == 0 || n == 0 || in ssl_parse_server_hello()
2124 ssl->handshake->resume = 0; in ssl_parse_server_hello()
2149 ssl->handshake->resume ? "a" : "no" ) ); in ssl_parse_server_hello()
2198 ssl->handshake->ecrs_enabled = 1; in ssl_parse_server_hello()
2451 if( ( ret = mbedtls_dhm_read_params( &ssl->handshake->dhm_ctx, in ssl_parse_server_dh_params()
2458 dhm_actual_bitlen = mbedtls_dhm_get_bitlen( &ssl->handshake->dhm_ctx ); in ssl_parse_server_dh_params()
2467 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); in ssl_parse_server_dh_params()
2468 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); in ssl_parse_server_dh_params()
2469 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); in ssl_parse_server_dh_params()
2486 grp_id = ssl->handshake->ecdh_ctx.grp.id; in ssl_check_server_ecdh_params()
2488 grp_id = ssl->handshake->ecdh_ctx.grp_id; in ssl_check_server_ecdh_params()
2503 if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || in ssl_check_server_ecdh_params()
2504 ssl->handshake->ecdh_ctx.grp.nbits > 521 ) in ssl_check_server_ecdh_params()
2508 MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, in ssl_check_server_ecdh_params()
2529 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_parse_server_ecdh_params_psa() local
2548 if( ( handshake->ecdh_psa_type = in ssl_parse_server_ecdh_params_psa()
2555 handshake->ecdh_bits = (uint16_t) ecdh_bits; in ssl_parse_server_ecdh_params_psa()
2567 handshake->ecdh_psa_peerkey, in ssl_parse_server_ecdh_params_psa()
2568 sizeof( handshake->ecdh_psa_peerkey ), in ssl_parse_server_ecdh_params_psa()
2569 &handshake->ecdh_psa_peerkey_len ) != 0 ) in ssl_parse_server_ecdh_params_psa()
2598 if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx, in ssl_parse_server_ecdh_params()
2675 unsigned char *p = ssl->handshake->premaster + pms_offset; in ssl_write_encrypted_pms()
2701 ssl->handshake->pmslen = 48; in ssl_write_encrypted_pms()
2704 peer_pk = &ssl->handshake->peer_pubkey; in ssl_write_encrypted_pms()
2725 p, ssl->handshake->pmslen, in ssl_write_encrypted_pms()
2828 peer_pk = &ssl->handshake->peer_pubkey; in ssl_get_ecdh_params_from_cert()
2847 if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, peer_key, in ssl_get_ecdh_params_from_cert()
2876 ssl->handshake->ciphersuite_info; in ssl_parse_server_key_exchange()
2917 if( ssl->handshake->ecrs_enabled && in ssl_parse_server_key_exchange()
2918 ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing ) in ssl_parse_server_key_exchange()
2966 if( ssl->handshake->ecrs_enabled ) in ssl_parse_server_key_exchange()
2967 ssl->handshake->ecrs_state = ssl_ecrs_ske_start_processing; in ssl_parse_server_key_exchange()
3063 ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, in ssl_parse_server_key_exchange()
3186 peer_pk = &ssl->handshake->peer_pubkey; in ssl_parse_server_key_exchange()
3211 if( ssl->handshake->ecrs_enabled ) in ssl_parse_server_key_exchange()
3212 rs_ctx = &ssl->handshake->ecrs_ctx.pk; in ssl_parse_server_key_exchange()
3254 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_request()
3276 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_request()
3486 ssl->handshake->ciphersuite_info; in ssl_write_client_key_exchange()
3496 content_len = mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ); in ssl_write_client_key_exchange()
3501 ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, in ssl_write_client_key_exchange()
3502 (int) mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ), in ssl_write_client_key_exchange()
3511 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); in ssl_write_client_key_exchange()
3512 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); in ssl_write_client_key_exchange()
3514 if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, in ssl_write_client_key_exchange()
3515 ssl->handshake->premaster, in ssl_write_client_key_exchange()
3517 &ssl->handshake->pmslen, in ssl_write_client_key_exchange()
3524 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); in ssl_write_client_key_exchange()
3537 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_write_client_key_exchange() local
3562 psa_set_key_type( &key_attributes, handshake->ecdh_psa_type ); in ssl_write_client_key_exchange()
3563 psa_set_key_bits( &key_attributes, handshake->ecdh_bits ); in ssl_write_client_key_exchange()
3567 &handshake->ecdh_psa_privkey ); in ssl_write_client_key_exchange()
3573 status = psa_export_public_key( handshake->ecdh_psa_privkey, in ssl_write_client_key_exchange()
3597 handshake->ecdh_psa_privkey, in ssl_write_client_key_exchange()
3598 handshake->ecdh_psa_peerkey, in ssl_write_client_key_exchange()
3599 handshake->ecdh_psa_peerkey_len, in ssl_write_client_key_exchange()
3600 ssl->handshake->premaster, in ssl_write_client_key_exchange()
3601 sizeof( ssl->handshake->premaster ), in ssl_write_client_key_exchange()
3602 &ssl->handshake->pmslen ); in ssl_write_client_key_exchange()
3606 status = psa_destroy_key( handshake->ecdh_psa_privkey ); in ssl_write_client_key_exchange()
3609 handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_write_client_key_exchange()
3630 if( ssl->handshake->ecrs_enabled ) in ssl_write_client_key_exchange()
3632 if( ssl->handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret ) in ssl_write_client_key_exchange()
3635 mbedtls_ecdh_enable_restart( &ssl->handshake->ecdh_ctx ); in ssl_write_client_key_exchange()
3639 ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, in ssl_write_client_key_exchange()
3653 MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, in ssl_write_client_key_exchange()
3657 if( ssl->handshake->ecrs_enabled ) in ssl_write_client_key_exchange()
3659 ssl->handshake->ecrs_n = content_len; in ssl_write_client_key_exchange()
3660 ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret; in ssl_write_client_key_exchange()
3664 if( ssl->handshake->ecrs_enabled ) in ssl_write_client_key_exchange()
3665 content_len = ssl->handshake->ecrs_n; in ssl_write_client_key_exchange()
3667 if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, in ssl_write_client_key_exchange()
3668 &ssl->handshake->pmslen, in ssl_write_client_key_exchange()
3669 ssl->handshake->premaster, in ssl_write_client_key_exchange()
3681 MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, in ssl_write_client_key_exchange()
3755 content_len = mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ); in ssl_write_client_key_exchange()
3768 ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, in ssl_write_client_key_exchange()
3769 (int) mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ), in ssl_write_client_key_exchange()
3792 ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, in ssl_write_client_key_exchange()
3803 MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, in ssl_write_client_key_exchange()
3850 ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx, in ssl_write_client_key_exchange()
3861 ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, in ssl_write_client_key_exchange()
3862 ssl->handshake->premaster, 32, &ssl->handshake->pmslen, in ssl_write_client_key_exchange()
3899 ssl->handshake->ciphersuite_info; in ssl_write_certificate_verify()
3925 ssl->handshake->ciphersuite_info; in ssl_write_certificate_verify()
3941 if( ssl->handshake->ecrs_enabled && in ssl_write_certificate_verify()
3942 ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign ) in ssl_write_certificate_verify()
3978 if( ssl->handshake->ecrs_enabled ) in ssl_write_certificate_verify()
3979 ssl->handshake->ecrs_state = ssl_ecrs_crt_vrfy_sign; in ssl_write_certificate_verify()
3984 ssl->handshake->calc_verify( ssl, hash, &hashlen ); in ssl_write_certificate_verify()
4005 if( ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) in ssl_write_certificate_verify()
4029 if( ssl->handshake->ecrs_enabled ) in ssl_write_certificate_verify()
4030 rs_ctx = &ssl->handshake->ecrs_ctx.pk; in ssl_write_certificate_verify()
4132 ssl->handshake->new_session_ticket = 0; in ssl_parse_new_session_ticket()
4198 ssl->handshake->new_session_ticket != 0 ) in mbedtls_ssl_handshake_client_step()