Lines Matching refs:handshake
599 if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) in ssl_use_opaque_psk()
780 if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED ) in ssl_tls12_populate_transform()
789 transform->out_cid_len = ssl->handshake->peer_cid_len; in ssl_tls12_populate_transform()
790 memcpy( transform->out_cid, ssl->handshake->peer_cid, in ssl_tls12_populate_transform()
791 ssl->handshake->peer_cid_len ); in ssl_tls12_populate_transform()
1111 static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, in ssl_set_handshake_prfs() argument
1124 handshake->tls_prf = tls_prf_sha384; in ssl_set_handshake_prfs()
1125 handshake->calc_verify = ssl_calc_verify_tls_sha384; in ssl_set_handshake_prfs()
1126 handshake->calc_finished = ssl_calc_finished_tls_sha384; in ssl_set_handshake_prfs()
1133 handshake->tls_prf = tls_prf_sha256; in ssl_set_handshake_prfs()
1134 handshake->calc_verify = ssl_calc_verify_tls_sha256; in ssl_set_handshake_prfs()
1135 handshake->calc_finished = ssl_calc_finished_tls_sha256; in ssl_set_handshake_prfs()
1161 static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake, in ssl_compute_master() argument
1188 unsigned char const *salt = handshake->randbytes; in ssl_compute_master()
1199 if( handshake->resume != 0 ) in ssl_compute_master()
1206 if( handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED ) in ssl_compute_master()
1210 handshake->calc_verify( ssl, session_hash, &salt_len ); in ssl_compute_master()
1219 if( handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && in ssl_compute_master()
1229 mbedtls_md_type_t hash_alg = handshake->ciphersuite_info->mac; in ssl_compute_master()
1267 ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, in ssl_compute_master()
1278 handshake->premaster, in ssl_compute_master()
1279 handshake->pmslen ); in ssl_compute_master()
1281 mbedtls_platform_zeroize( handshake->premaster, in ssl_compute_master()
1282 sizeof(handshake->premaster) ); in ssl_compute_master()
1292 ssl->handshake->ciphersuite_info; in mbedtls_ssl_derive_keys()
1297 ret = ssl_set_handshake_prfs( ssl->handshake, in mbedtls_ssl_derive_keys()
1307 ret = ssl_compute_master( ssl->handshake, in mbedtls_ssl_derive_keys()
1321 memcpy( tmp, ssl->handshake->randbytes, 64 ); in mbedtls_ssl_derive_keys()
1322 memcpy( ssl->handshake->randbytes, tmp + 32, 32 ); in mbedtls_ssl_derive_keys()
1323 memcpy( ssl->handshake->randbytes + 32, tmp, 32 ); in mbedtls_ssl_derive_keys()
1336 ssl->handshake->tls_prf, in mbedtls_ssl_derive_keys()
1337 ssl->handshake->randbytes, in mbedtls_ssl_derive_keys()
1348 mbedtls_platform_zeroize( ssl->handshake->randbytes, in mbedtls_ssl_derive_keys()
1349 sizeof( ssl->handshake->randbytes ) ); in mbedtls_ssl_derive_keys()
1368 status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa ); in ssl_calc_verify_tls_sha256()
1392 mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); in ssl_calc_verify_tls_sha256()
1417 status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa ); in ssl_calc_verify_tls_sha384()
1441 mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); in ssl_calc_verify_tls_sha384()
1459 unsigned char *p = ssl->handshake->premaster; in mbedtls_ssl_psk_derive_premaster()
1460 unsigned char *end = p + sizeof( ssl->handshake->premaster ); in mbedtls_ssl_psk_derive_premaster()
1522 if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, in mbedtls_ssl_psk_derive_premaster()
1532 MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); in mbedtls_ssl_psk_derive_premaster()
1542 if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, in mbedtls_ssl_psk_derive_premaster()
1553 MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, in mbedtls_ssl_psk_derive_premaster()
1576 ssl->handshake->pmslen = p - ssl->handshake->premaster; in mbedtls_ssl_psk_derive_premaster()
1644 ssl->handshake->ciphersuite_info; in mbedtls_ssl_write_certificate()
1662 ssl->handshake->ciphersuite_info; in mbedtls_ssl_parse_certificate()
1686 ssl->handshake->ciphersuite_info; in mbedtls_ssl_write_certificate()
2013 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_coordinate()
2045 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_verify()
2093 if( ssl->handshake->sni_ca_chain != NULL ) in ssl_parse_certificate_verify()
2095 ca_chain = ssl->handshake->sni_ca_chain; in ssl_parse_certificate_verify()
2096 ca_crl = ssl->handshake->sni_ca_crl; in ssl_parse_certificate_verify()
2264 mbedtls_pk_init( &ssl->handshake->peer_pubkey ); in ssl_remember_peer_pubkey()
2266 &ssl->handshake->peer_pubkey ); in ssl_remember_peer_pubkey()
2282 const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET in mbedtls_ssl_parse_certificate()
2283 ? ssl->handshake->sni_authmode in mbedtls_ssl_parse_certificate()
2301 if( ssl->handshake->ecrs_enabled && in mbedtls_ssl_parse_certificate()
2302 ssl->handshake->ecrs_state == ssl_ecrs_crt_verify ) in mbedtls_ssl_parse_certificate()
2304 chain = ssl->handshake->ecrs_peer_cert; in mbedtls_ssl_parse_certificate()
2305 ssl->handshake->ecrs_peer_cert = NULL; in mbedtls_ssl_parse_certificate()
2353 if( ssl->handshake->ecrs_enabled) in mbedtls_ssl_parse_certificate()
2354 ssl->handshake->ecrs_state = ssl_ecrs_crt_verify; in mbedtls_ssl_parse_certificate()
2357 if( ssl->handshake->ecrs_enabled) in mbedtls_ssl_parse_certificate()
2358 rs_ctx = &ssl->handshake->ecrs_ctx; in mbedtls_ssl_parse_certificate()
2412 ssl->handshake->ecrs_peer_cert = chain; in mbedtls_ssl_parse_certificate()
2435 ssl->handshake->update_checksum = ssl_update_checksum_sha384; in mbedtls_ssl_optimize_checksum()
2440 ssl->handshake->update_checksum = ssl_update_checksum_sha256; in mbedtls_ssl_optimize_checksum()
2455 psa_hash_abort( &ssl->handshake->fin_sha256_psa ); in mbedtls_ssl_reset_checksum()
2456 psa_hash_setup( &ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); in mbedtls_ssl_reset_checksum()
2458 mbedtls_sha256_starts( &ssl->handshake->fin_sha256, 0 ); in mbedtls_ssl_reset_checksum()
2463 psa_hash_abort( &ssl->handshake->fin_sha384_psa ); in mbedtls_ssl_reset_checksum()
2464 psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); in mbedtls_ssl_reset_checksum()
2466 mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 1 ); in mbedtls_ssl_reset_checksum()
2478 psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); in ssl_update_checksum_start()
2480 mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len ); in ssl_update_checksum_start()
2485 psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); in ssl_update_checksum_start()
2487 mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len ); in ssl_update_checksum_start()
2499 psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); in ssl_update_checksum_sha256()
2501 mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len ); in ssl_update_checksum_sha256()
2511 psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); in ssl_update_checksum_sha384()
2513 mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len ); in ssl_update_checksum_sha384()
2548 status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa ); in ssl_calc_finished_tls_sha256()
2568 mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); in ssl_calc_finished_tls_sha256()
2585 ssl->handshake->tls_prf( session->master, 48, sender, in ssl_calc_finished_tls_sha256()
2625 status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa ); in ssl_calc_finished_tls_sha384()
2644 mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); in ssl_calc_finished_tls_sha384()
2661 ssl->handshake->tls_prf( session->master, 48, sender, in ssl_calc_finished_tls_sha384()
2681 mbedtls_free( ssl->handshake ); in mbedtls_ssl_handshake_wrapup_free_hs_transform()
2682 ssl->handshake = NULL; in mbedtls_ssl_handshake_wrapup_free_hs_transform()
2700 int resume = ssl->handshake->resume; in mbedtls_ssl_handshake_wrapup()
2745 ssl->handshake->flight != NULL ) in mbedtls_ssl_handshake_wrapup()
2771 ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint ); in mbedtls_ssl_write_finished()
2794 if( ssl->handshake->resume != 0 ) in mbedtls_ssl_write_finished()
2820 ssl->handshake->alt_transform_out = ssl->transform_out; in mbedtls_ssl_write_finished()
2821 memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, in mbedtls_ssl_write_finished()
2822 sizeof( ssl->handshake->alt_out_ctr ) ); in mbedtls_ssl_write_finished()
2882 ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 ); in mbedtls_ssl_parse_finished()
2931 if( ssl->handshake->resume != 0 ) in mbedtls_ssl_parse_finished()
2957 static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) in ssl_handshake_params_init() argument
2959 memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) ); in ssl_handshake_params_init()
2964 handshake->fin_sha256_psa = psa_hash_operation_init(); in ssl_handshake_params_init()
2965 psa_hash_setup( &handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); in ssl_handshake_params_init()
2967 mbedtls_sha256_init( &handshake->fin_sha256 ); in ssl_handshake_params_init()
2968 mbedtls_sha256_starts( &handshake->fin_sha256, 0 ); in ssl_handshake_params_init()
2973 handshake->fin_sha384_psa = psa_hash_operation_init(); in ssl_handshake_params_init()
2974 psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); in ssl_handshake_params_init()
2976 mbedtls_sha512_init( &handshake->fin_sha512 ); in ssl_handshake_params_init()
2977 mbedtls_sha512_starts( &handshake->fin_sha512, 1 ); in ssl_handshake_params_init()
2982 handshake->update_checksum = ssl_update_checksum_start; in ssl_handshake_params_init()
2986 mbedtls_ssl_sig_hash_set_init( &handshake->hash_algs ); in ssl_handshake_params_init()
2990 mbedtls_dhm_init( &handshake->dhm_ctx ); in ssl_handshake_params_init()
2993 mbedtls_ecdh_init( &handshake->ecdh_ctx ); in ssl_handshake_params_init()
2996 mbedtls_ecjpake_init( &handshake->ecjpake_ctx ); in ssl_handshake_params_init()
2998 handshake->ecjpake_cache = NULL; in ssl_handshake_params_init()
2999 handshake->ecjpake_cache_len = 0; in ssl_handshake_params_init()
3004 mbedtls_x509_crt_restart_init( &handshake->ecrs_ctx ); in ssl_handshake_params_init()
3008 handshake->sni_authmode = MBEDTLS_SSL_VERIFY_UNSET; in ssl_handshake_params_init()
3013 mbedtls_pk_init( &handshake->peer_pubkey ); in ssl_handshake_params_init()
3042 if( ssl->handshake ) in ssl_handshake_init()
3059 if( ssl->handshake == NULL ) in ssl_handshake_init()
3061 ssl->handshake = mbedtls_calloc( 1, sizeof(mbedtls_ssl_handshake_params) ); in ssl_handshake_init()
3071 if( ssl->handshake == NULL || in ssl_handshake_init()
3077 mbedtls_free( ssl->handshake ); in ssl_handshake_init()
3081 ssl->handshake = NULL; in ssl_handshake_init()
3091 ssl_handshake_params_init( ssl->handshake ); in ssl_handshake_init()
3096 ssl->handshake->alt_transform_out = ssl->transform_out; in ssl_handshake_init()
3099 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; in ssl_handshake_init()
3101 ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; in ssl_handshake_init()
3142 ssl->handshake->group_list = group_list; in ssl_handshake_init()
3143 ssl->handshake->group_list_heap_allocated = 1; in ssl_handshake_init()
3147 ssl->handshake->group_list = ssl->conf->group_list; in ssl_handshake_init()
3148 ssl->handshake->group_list_heap_allocated = 0; in ssl_handshake_init()
3584 if( ssl->handshake->resume == 1 ) in mbedtls_ssl_set_session()
3591 ssl->handshake->resume = 1; in mbedtls_ssl_set_session()
3692 return( ssl_append_key_cert( &ssl->handshake->sni_key_cert, in mbedtls_ssl_set_hs_own_cert()
3700 ssl->handshake->sni_ca_chain = ca_chain; in mbedtls_ssl_set_hs_ca_chain()
3701 ssl->handshake->sni_ca_crl = ca_crl; in mbedtls_ssl_set_hs_ca_chain()
3707 ssl->handshake->sni_authmode = authmode; in mbedtls_ssl_set_hs_authmode()
3731 if( ssl->handshake == NULL || ssl->conf == NULL ) in mbedtls_ssl_set_hs_ecjpake_password()
3739 return( mbedtls_ecjpake_setup( &ssl->handshake->ecjpake_ctx, in mbedtls_ssl_set_hs_ecjpake_password()
3856 if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) in ssl_remove_psk()
3858 ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT; in ssl_remove_psk()
3862 if( ssl->handshake->psk != NULL ) in ssl_remove_psk()
3864 mbedtls_platform_zeroize( ssl->handshake->psk, in ssl_remove_psk()
3865 ssl->handshake->psk_len ); in ssl_remove_psk()
3866 mbedtls_free( ssl->handshake->psk ); in ssl_remove_psk()
3867 ssl->handshake->psk_len = 0; in ssl_remove_psk()
3874 if( psk == NULL || ssl->handshake == NULL ) in mbedtls_ssl_set_hs_psk()
3882 if( ( ssl->handshake->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) in mbedtls_ssl_set_hs_psk()
3885 ssl->handshake->psk_len = psk_len; in mbedtls_ssl_set_hs_psk()
3886 memcpy( ssl->handshake->psk, psk, ssl->handshake->psk_len ); in mbedtls_ssl_set_hs_psk()
3921 ( ssl->handshake == NULL ) ) in mbedtls_ssl_set_hs_psk_opaque()
3925 ssl->handshake->psk_opaque = psk; in mbedtls_ssl_set_hs_psk_opaque()
4333 if( ssl->handshake == NULL ) in mbedtls_ssl_get_async_operation_data()
4336 return( ssl->handshake->user_async_ctx ); in mbedtls_ssl_get_async_operation_data()
4342 if( ssl->handshake != NULL ) in mbedtls_ssl_set_async_operation_data()
4343 ssl->handshake->user_async_ctx = ctx; in mbedtls_ssl_set_async_operation_data()
4467 if( ssl->handshake == NULL || ssl->handshake->mtu == 0 ) in mbedtls_ssl_get_current_mtu()
4471 return( ssl->handshake->mtu ); in mbedtls_ssl_get_current_mtu()
4473 return( ssl->mtu < ssl->handshake->mtu ? in mbedtls_ssl_get_current_mtu()
4474 ssl->mtu : ssl->handshake->mtu ); in mbedtls_ssl_get_current_mtu()
5215 ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) in ssl_prepare_handshake_step()
5231 ssl->handshake == NULL || in mbedtls_ssl_handshake_step()
5380 ssl->handshake->out_msg_seq = 1; in mbedtls_ssl_start_renegotiation()
5382 ssl->handshake->in_msg_seq = 1; in mbedtls_ssl_start_renegotiation()
5474 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in mbedtls_ssl_handshake_free() local
5476 if( handshake == NULL ) in mbedtls_ssl_handshake_free()
5481 if ( ssl->handshake->group_list_heap_allocated ) in mbedtls_ssl_handshake_free()
5482 mbedtls_free( (void*) handshake->group_list ); in mbedtls_ssl_handshake_free()
5483 handshake->group_list = NULL; in mbedtls_ssl_handshake_free()
5488 if( ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0 ) in mbedtls_ssl_handshake_free()
5491 handshake->async_in_progress = 0; in mbedtls_ssl_handshake_free()
5498 psa_hash_abort( &handshake->fin_sha256_psa ); in mbedtls_ssl_handshake_free()
5500 mbedtls_sha256_free( &handshake->fin_sha256 ); in mbedtls_ssl_handshake_free()
5505 psa_hash_abort( &handshake->fin_sha384_psa ); in mbedtls_ssl_handshake_free()
5507 mbedtls_sha512_free( &handshake->fin_sha512 ); in mbedtls_ssl_handshake_free()
5513 mbedtls_dhm_free( &handshake->dhm_ctx ); in mbedtls_ssl_handshake_free()
5516 mbedtls_ecdh_free( &handshake->ecdh_ctx ); in mbedtls_ssl_handshake_free()
5519 mbedtls_ecjpake_free( &handshake->ecjpake_ctx ); in mbedtls_ssl_handshake_free()
5521 mbedtls_free( handshake->ecjpake_cache ); in mbedtls_ssl_handshake_free()
5522 handshake->ecjpake_cache = NULL; in mbedtls_ssl_handshake_free()
5523 handshake->ecjpake_cache_len = 0; in mbedtls_ssl_handshake_free()
5530 mbedtls_free( (void *) handshake->curves ); in mbedtls_ssl_handshake_free()
5534 if( handshake->psk != NULL ) in mbedtls_ssl_handshake_free()
5536 mbedtls_platform_zeroize( handshake->psk, handshake->psk_len ); in mbedtls_ssl_handshake_free()
5537 mbedtls_free( handshake->psk ); in mbedtls_ssl_handshake_free()
5547 if( handshake->sni_key_cert != NULL ) in mbedtls_ssl_handshake_free()
5549 mbedtls_ssl_key_cert *cur = handshake->sni_key_cert, *next; in mbedtls_ssl_handshake_free()
5561 mbedtls_x509_crt_restart_free( &handshake->ecrs_ctx ); in mbedtls_ssl_handshake_free()
5562 if( handshake->ecrs_peer_cert != NULL ) in mbedtls_ssl_handshake_free()
5564 mbedtls_x509_crt_free( handshake->ecrs_peer_cert ); in mbedtls_ssl_handshake_free()
5565 mbedtls_free( handshake->ecrs_peer_cert ); in mbedtls_ssl_handshake_free()
5571 mbedtls_pk_free( &handshake->peer_pubkey ); in mbedtls_ssl_handshake_free()
5575 mbedtls_free( handshake->verify_cookie ); in mbedtls_ssl_handshake_free()
5576 mbedtls_ssl_flight_free( handshake->flight ); in mbedtls_ssl_handshake_free()
5582 psa_destroy_key( handshake->ecdh_psa_privkey ); in mbedtls_ssl_handshake_free()
5586 mbedtls_ssl_transform_free( handshake->transform_handshake ); in mbedtls_ssl_handshake_free()
5587 mbedtls_ssl_transform_free( handshake->transform_earlydata ); in mbedtls_ssl_handshake_free()
5588 mbedtls_free( handshake->transform_earlydata ); in mbedtls_ssl_handshake_free()
5589 mbedtls_free( handshake->transform_handshake ); in mbedtls_ssl_handshake_free()
5603 mbedtls_platform_zeroize( handshake, in mbedtls_ssl_handshake_free()
5731 if( ssl->handshake != NULL ) in mbedtls_ssl_context_save()
6201 if( ssl->handshake != NULL ) in ssl_context_load()
6204 mbedtls_free( ssl->handshake ); in ssl_context_load()
6205 ssl->handshake = NULL; in ssl_context_load()
6275 if( ssl->handshake ) in mbedtls_ssl_free()
6281 mbedtls_free( ssl->handshake ); in mbedtls_ssl_free()
6944 ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384; in mbedtls_ssl_set_calc_verify_md()
6949 ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256; in mbedtls_ssl_set_calc_verify_md()
6986 if( ( status = psa_hash_update( &hash_operation, ssl->handshake->randbytes, in mbedtls_ssl_get_key_exchange_md_tls1_2()
7061 if( ( ret = mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 ) ) != 0 ) in mbedtls_ssl_get_key_exchange_md_tls1_2()
7119 mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); in ssl_get_handshake_transcript_sha384()
7149 mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); in ssl_get_handshake_transcript_sha256()