Lines Matching refs:conn
90 static int tls_derive_keys(struct tlsv1_client *conn,
93 static int tls_process_server_key_exchange(struct tlsv1_client *conn, u8 ct,
95 static int tls_process_certificate_request(struct tlsv1_client *conn, u8 ct,
97 static int tls_process_server_hello_done(struct tlsv1_client *conn, u8 ct,
101 static void tls_alert(struct tlsv1_client *conn, u8 level, u8 description) in tls_alert() argument
103 conn->alert_level = level; in tls_alert()
104 conn->alert_description = description; in tls_alert()
108 static void tls_verify_hash_add(struct tlsv1_client *conn, const u8 *buf, in tls_verify_hash_add() argument
111 if (conn->verify_md5_client && conn->verify_sha1_client) { in tls_verify_hash_add()
112 crypto_hash_update(conn->verify_md5_client, buf, len); in tls_verify_hash_add()
113 crypto_hash_update(conn->verify_sha1_client, buf, len); in tls_verify_hash_add()
115 if (conn->verify_md5_server && conn->verify_sha1_server) { in tls_verify_hash_add()
116 crypto_hash_update(conn->verify_md5_server, buf, len); in tls_verify_hash_add()
117 crypto_hash_update(conn->verify_sha1_server, buf, len); in tls_verify_hash_add()
119 if (conn->verify_md5_cert && conn->verify_sha1_cert) { in tls_verify_hash_add()
120 crypto_hash_update(conn->verify_md5_cert, buf, len); in tls_verify_hash_add()
121 crypto_hash_update(conn->verify_sha1_cert, buf, len); in tls_verify_hash_add()
126 static u8 * tls_send_alert(struct tlsv1_client *conn, in tls_send_alert() argument
165 static u8 * tls_send_client_hello(struct tlsv1_client *conn, in tls_send_client_hello() argument
176 WPA_PUT_BE32(conn->client_random, now.sec); in tls_send_client_hello()
177 if (os_get_random(conn->client_random + 4, TLS_RANDOM_LEN - 4)) { in tls_send_client_hello()
183 conn->client_random, TLS_RANDOM_LEN); in tls_send_client_hello()
185 len = 100 + conn->num_cipher_suites * 2 + conn->client_hello_ext_len; in tls_send_client_hello()
208 os_memcpy(pos, conn->client_random, TLS_RANDOM_LEN); in tls_send_client_hello()
211 *pos++ = conn->session_id_len; in tls_send_client_hello()
212 os_memcpy(pos, conn->session_id, conn->session_id_len); in tls_send_client_hello()
213 pos += conn->session_id_len; in tls_send_client_hello()
215 WPA_PUT_BE16(pos, 2 * conn->num_cipher_suites); in tls_send_client_hello()
217 for (i = 0; i < conn->num_cipher_suites; i++) { in tls_send_client_hello()
218 WPA_PUT_BE16(pos, conn->cipher_suites[i]); in tls_send_client_hello()
225 if (conn->client_hello_ext) { in tls_send_client_hello()
226 os_memcpy(pos, conn->client_hello_ext, in tls_send_client_hello()
227 conn->client_hello_ext_len); in tls_send_client_hello()
228 pos += conn->client_hello_ext_len; in tls_send_client_hello()
232 tls_verify_hash_add(conn, hs_start, pos - hs_start); in tls_send_client_hello()
234 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE, in tls_send_client_hello()
237 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_send_client_hello()
243 conn->state = SERVER_HELLO; in tls_send_client_hello()
249 static int tls_process_server_hello(struct tlsv1_client *conn, u8 ct, in tls_process_server_hello() argument
259 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_hello()
274 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_hello()
299 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_hello()
309 os_memcpy(conn->server_random, pos, TLS_RANDOM_LEN); in tls_process_server_hello()
312 conn->server_random, TLS_RANDOM_LEN); in tls_process_server_hello()
319 if (conn->session_id_len && conn->session_id_len == *pos && in tls_process_server_hello()
320 os_memcmp(conn->session_id, pos + 1, conn->session_id_len) == 0) { in tls_process_server_hello()
321 pos += 1 + conn->session_id_len; in tls_process_server_hello()
323 conn->session_resumed = 1; in tls_process_server_hello()
325 conn->session_id_len = *pos; in tls_process_server_hello()
327 os_memcpy(conn->session_id, pos, conn->session_id_len); in tls_process_server_hello()
328 pos += conn->session_id_len; in tls_process_server_hello()
331 conn->session_id, conn->session_id_len); in tls_process_server_hello()
338 for (i = 0; i < conn->num_cipher_suites; i++) { in tls_process_server_hello()
339 if (cipher_suite == conn->cipher_suites[i]) in tls_process_server_hello()
342 if (i == conn->num_cipher_suites) { in tls_process_server_hello()
345 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_hello()
350 if (conn->session_resumed && cipher_suite != conn->prev_cipher_suite) { in tls_process_server_hello()
353 "0x%04x)", cipher_suite, conn->prev_cipher_suite); in tls_process_server_hello()
354 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_hello()
359 if (tlsv1_record_set_cipher_suite(&conn->rl, cipher_suite) < 0) { in tls_process_server_hello()
362 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_hello()
367 conn->prev_cipher_suite = cipher_suite; in tls_process_server_hello()
369 if (conn->session_resumed || conn->ticket_key) in tls_process_server_hello()
370 tls_derive_keys(conn, NULL, 0); in tls_process_server_hello()
378 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_hello()
392 conn->state = (conn->session_resumed || conn->ticket) ? in tls_process_server_hello()
399 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_server_hello()
404 static int tls_server_key_exchange_allowed(struct tlsv1_client *conn) in tls_server_key_exchange_allowed() argument
409 suite = tls_get_cipher_suite(conn->rl.cipher_suite); in tls_server_key_exchange_allowed()
429 static int tls_process_certificate(struct tlsv1_client *conn, u8 ct, in tls_process_certificate() argument
441 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_certificate()
452 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_certificate()
465 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_certificate()
470 return tls_process_server_key_exchange(conn, ct, in_data, in tls_process_certificate()
473 return tls_process_certificate_request(conn, ct, in_data, in tls_process_certificate()
476 return tls_process_server_hello_done(conn, ct, in_data, in tls_process_certificate()
483 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_certificate()
505 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_certificate()
517 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_certificate()
526 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_certificate()
540 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_certificate()
550 crypto_public_key_free(conn->server_rsa_key); in tls_process_certificate()
552 &conn->server_rsa_key)) { in tls_process_certificate()
555 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_certificate()
566 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_certificate()
582 if (x509_certificate_chain_validate(conn->trusted_certs, chain, in tls_process_certificate()
610 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, tls_reason); in tls_process_certificate()
619 conn->state = SERVER_KEY_EXCHANGE; in tls_process_certificate()
625 static void tlsv1_client_free_dh(struct tlsv1_client *conn) in tlsv1_client_free_dh() argument
627 os_free(conn->dh_p); in tlsv1_client_free_dh()
628 os_free(conn->dh_g); in tlsv1_client_free_dh()
629 os_free(conn->dh_ys); in tlsv1_client_free_dh()
630 conn->dh_p = conn->dh_g = conn->dh_ys = NULL; in tlsv1_client_free_dh()
634 static int tlsv1_process_diffie_hellman(struct tlsv1_client *conn, in tlsv1_process_diffie_hellman() argument
639 tlsv1_client_free_dh(conn); in tlsv1_process_diffie_hellman()
646 conn->dh_p_len = WPA_GET_BE16(pos); in tlsv1_process_diffie_hellman()
648 if (conn->dh_p_len == 0 || end - pos < (int) conn->dh_p_len) in tlsv1_process_diffie_hellman()
650 conn->dh_p = os_malloc(conn->dh_p_len); in tlsv1_process_diffie_hellman()
651 if (conn->dh_p == NULL) in tlsv1_process_diffie_hellman()
653 os_memcpy(conn->dh_p, pos, conn->dh_p_len); in tlsv1_process_diffie_hellman()
654 pos += conn->dh_p_len; in tlsv1_process_diffie_hellman()
656 conn->dh_p, conn->dh_p_len); in tlsv1_process_diffie_hellman()
660 conn->dh_g_len = WPA_GET_BE16(pos); in tlsv1_process_diffie_hellman()
662 if (conn->dh_g_len == 0 || end - pos < (int) conn->dh_g_len) in tlsv1_process_diffie_hellman()
664 conn->dh_g = os_malloc(conn->dh_g_len); in tlsv1_process_diffie_hellman()
665 if (conn->dh_g == NULL) in tlsv1_process_diffie_hellman()
667 os_memcpy(conn->dh_g, pos, conn->dh_g_len); in tlsv1_process_diffie_hellman()
668 pos += conn->dh_g_len; in tlsv1_process_diffie_hellman()
670 conn->dh_g, conn->dh_g_len); in tlsv1_process_diffie_hellman()
671 if (conn->dh_g_len == 1 && conn->dh_g[0] < 2) in tlsv1_process_diffie_hellman()
676 conn->dh_ys_len = WPA_GET_BE16(pos); in tlsv1_process_diffie_hellman()
678 if (conn->dh_ys_len == 0 || end - pos < (int) conn->dh_ys_len) in tlsv1_process_diffie_hellman()
680 conn->dh_ys = os_malloc(conn->dh_ys_len); in tlsv1_process_diffie_hellman()
681 if (conn->dh_ys == NULL) in tlsv1_process_diffie_hellman()
683 os_memcpy(conn->dh_ys, pos, conn->dh_ys_len); in tlsv1_process_diffie_hellman()
684 pos += conn->dh_ys_len; in tlsv1_process_diffie_hellman()
686 conn->dh_ys, conn->dh_ys_len); in tlsv1_process_diffie_hellman()
691 tlsv1_client_free_dh(conn); in tlsv1_process_diffie_hellman()
696 static int tls_process_server_key_exchange(struct tlsv1_client *conn, u8 ct, in tls_process_server_key_exchange() argument
707 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_key_exchange()
718 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_server_key_exchange()
731 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_server_key_exchange()
738 return tls_process_certificate_request(conn, ct, in_data, in tls_process_server_key_exchange()
741 return tls_process_server_hello_done(conn, ct, in_data, in tls_process_server_key_exchange()
747 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_key_exchange()
754 if (!tls_server_key_exchange_allowed(conn)) { in tls_process_server_key_exchange()
757 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_key_exchange()
763 suite = tls_get_cipher_suite(conn->rl.cipher_suite); in tls_process_server_key_exchange()
765 if (tlsv1_process_diffie_hellman(conn, pos, len) < 0) { in tls_process_server_key_exchange()
766 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_key_exchange()
772 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_key_exchange()
779 conn->state = SERVER_CERTIFICATE_REQUEST; in tls_process_server_key_exchange()
785 static int tls_process_certificate_request(struct tlsv1_client *conn, u8 ct, in tls_process_certificate_request() argument
795 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_certificate_request()
806 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_certificate_request()
819 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_certificate_request()
826 return tls_process_server_hello_done(conn, ct, in_data, in tls_process_certificate_request()
832 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_certificate_request()
839 conn->certificate_requested = 1; in tls_process_certificate_request()
843 conn->state = SERVER_HELLO_DONE; in tls_process_certificate_request()
849 static int tls_process_server_hello_done(struct tlsv1_client *conn, u8 ct, in tls_process_server_hello_done() argument
859 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_hello_done()
870 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_server_hello_done()
883 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_server_hello_done()
891 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_hello_done()
900 conn->state = CLIENT_KEY_EXCHANGE; in tls_process_server_hello_done()
906 static int tls_process_server_change_cipher_spec(struct tlsv1_client *conn, in tls_process_server_change_cipher_spec() argument
916 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_change_cipher_spec()
926 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_DECODE_ERROR); in tls_process_server_change_cipher_spec()
933 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_change_cipher_spec()
939 if (tlsv1_record_change_read_cipher(&conn->rl) < 0) { in tls_process_server_change_cipher_spec()
942 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_change_cipher_spec()
949 conn->state = SERVER_FINISHED; in tls_process_server_change_cipher_spec()
955 static int tls_process_server_finished(struct tlsv1_client *conn, u8 ct, in tls_process_server_finished() argument
966 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_finished()
978 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_finished()
986 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_finished()
1000 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_finished()
1009 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_finished()
1017 if (conn->verify_md5_server == NULL || in tls_process_server_finished()
1018 crypto_hash_finish(conn->verify_md5_server, hash, &hlen) < 0) { in tls_process_server_finished()
1019 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_finished()
1021 conn->verify_md5_server = NULL; in tls_process_server_finished()
1022 crypto_hash_finish(conn->verify_sha1_server, NULL, NULL); in tls_process_server_finished()
1023 conn->verify_sha1_server = NULL; in tls_process_server_finished()
1026 conn->verify_md5_server = NULL; in tls_process_server_finished()
1028 if (conn->verify_sha1_server == NULL || in tls_process_server_finished()
1029 crypto_hash_finish(conn->verify_sha1_server, hash + MD5_MAC_LEN, in tls_process_server_finished()
1031 conn->verify_sha1_server = NULL; in tls_process_server_finished()
1032 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_finished()
1036 conn->verify_sha1_server = NULL; in tls_process_server_finished()
1038 if (tls_prf(conn->master_secret, TLS_MASTER_SECRET_LEN, in tls_process_server_finished()
1042 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_process_server_finished()
1058 conn->state = (conn->session_resumed || conn->ticket) ? in tls_process_server_finished()
1075 static int tls_derive_keys(struct tlsv1_client *conn, in tls_derive_keys() argument
1087 os_memcpy(seed, conn->client_random, TLS_RANDOM_LEN); in tls_derive_keys()
1088 os_memcpy(seed + TLS_RANDOM_LEN, conn->server_random, in tls_derive_keys()
1092 conn->master_secret, TLS_MASTER_SECRET_LEN)) { in tls_derive_keys()
1098 conn->master_secret, TLS_MASTER_SECRET_LEN); in tls_derive_keys()
1101 os_memcpy(seed, conn->server_random, TLS_RANDOM_LEN); in tls_derive_keys()
1102 os_memcpy(seed + TLS_RANDOM_LEN, conn->client_random, TLS_RANDOM_LEN); in tls_derive_keys()
1103 key_block_len = 2 * (conn->rl.hash_size + conn->rl.key_material_len + in tls_derive_keys()
1104 conn->rl.iv_size); in tls_derive_keys()
1105 if (tls_prf(conn->master_secret, TLS_MASTER_SECRET_LEN, in tls_derive_keys()
1117 os_memcpy(conn->rl.write_mac_secret, pos, conn->rl.hash_size); in tls_derive_keys()
1118 pos += conn->rl.hash_size; in tls_derive_keys()
1120 os_memcpy(conn->rl.read_mac_secret, pos, conn->rl.hash_size); in tls_derive_keys()
1121 pos += conn->rl.hash_size; in tls_derive_keys()
1124 os_memcpy(conn->rl.write_key, pos, conn->rl.key_material_len); in tls_derive_keys()
1125 pos += conn->rl.key_material_len; in tls_derive_keys()
1127 os_memcpy(conn->rl.read_key, pos, conn->rl.key_material_len); in tls_derive_keys()
1128 pos += conn->rl.key_material_len; in tls_derive_keys()
1131 os_memcpy(conn->rl.write_iv, pos, conn->rl.iv_size); in tls_derive_keys()
1132 pos += conn->rl.iv_size; in tls_derive_keys()
1134 os_memcpy(conn->rl.read_iv, pos, conn->rl.iv_size); in tls_derive_keys()
1135 pos += conn->rl.iv_size; in tls_derive_keys()
1141 static int tls_write_client_certificate(struct tlsv1_client *conn, in tls_write_client_certificate() argument
1167 cert = conn->client_cert; in tls_write_client_certificate()
1174 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_certificate()
1185 cert = x509_certificate_get_subject(conn->trusted_certs, in tls_write_client_certificate()
1188 if (cert == conn->client_cert || cert == NULL) { in tls_write_client_certificate()
1202 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE, in tls_write_client_certificate()
1205 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_certificate()
1211 tls_verify_hash_add(conn, hs_start, pos - hs_start); in tls_write_client_certificate()
1219 static int tlsv1_key_x_anon_dh(struct tlsv1_client *conn, u8 **pos, u8 *end) in tlsv1_key_x_anon_dh() argument
1226 csecret_len = conn->dh_p_len; in tlsv1_key_x_anon_dh()
1231 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_key_x_anon_dh()
1238 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_key_x_anon_dh()
1244 if (os_memcmp(csecret, conn->dh_p, csecret_len) > 0) in tlsv1_key_x_anon_dh()
1256 dh_yc_len = conn->dh_p_len; in tlsv1_key_x_anon_dh()
1261 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_key_x_anon_dh()
1266 crypto_mod_exp(conn->dh_g, conn->dh_g_len, in tlsv1_key_x_anon_dh()
1268 conn->dh_p, conn->dh_p_len, in tlsv1_key_x_anon_dh()
1279 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_key_x_anon_dh()
1289 shared_len = conn->dh_p_len; in tlsv1_key_x_anon_dh()
1294 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_key_x_anon_dh()
1301 crypto_mod_exp(conn->dh_ys, conn->dh_ys_len, in tlsv1_key_x_anon_dh()
1303 conn->dh_p, conn->dh_p_len, in tlsv1_key_x_anon_dh()
1310 if (tls_derive_keys(conn, shared, shared_len)) { in tlsv1_key_x_anon_dh()
1312 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_key_x_anon_dh()
1319 tlsv1_client_free_dh(conn); in tlsv1_key_x_anon_dh()
1322 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, TLS_ALERT_INTERNAL_ERROR); in tlsv1_key_x_anon_dh()
1328 static int tlsv1_key_x_rsa(struct tlsv1_client *conn, u8 **pos, u8 *end) in tlsv1_key_x_rsa() argument
1335 tls_derive_keys(conn, pre_master_secret, in tlsv1_key_x_rsa()
1338 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_key_x_rsa()
1344 if (conn->server_rsa_key == NULL) { in tlsv1_key_x_rsa()
1347 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_key_x_rsa()
1356 conn->server_rsa_key, in tlsv1_key_x_rsa()
1362 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_key_x_rsa()
1375 static int tls_write_client_key_exchange(struct tlsv1_client *conn, in tls_write_client_key_exchange() argument
1383 suite = tls_get_cipher_suite(conn->rl.cipher_suite); in tls_write_client_key_exchange()
1407 if (tlsv1_key_x_anon_dh(conn, &pos, end) < 0) in tls_write_client_key_exchange()
1410 if (tlsv1_key_x_rsa(conn, &pos, end) < 0) in tls_write_client_key_exchange()
1416 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE, in tls_write_client_key_exchange()
1419 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_key_exchange()
1424 tls_verify_hash_add(conn, hs_start, pos - hs_start); in tls_write_client_key_exchange()
1432 static int tls_write_client_certificate_verify(struct tlsv1_client *conn, in tls_write_client_certificate_verify() argument
1479 if (conn->verify_md5_cert == NULL || in tls_write_client_certificate_verify()
1480 crypto_hash_finish(conn->verify_md5_cert, hpos, &hlen) < 0) in tls_write_client_certificate_verify()
1482 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_certificate_verify()
1484 conn->verify_md5_cert = NULL; in tls_write_client_certificate_verify()
1485 crypto_hash_finish(conn->verify_sha1_cert, NULL, NULL); in tls_write_client_certificate_verify()
1486 conn->verify_sha1_cert = NULL; in tls_write_client_certificate_verify()
1491 crypto_hash_finish(conn->verify_md5_cert, NULL, NULL); in tls_write_client_certificate_verify()
1493 conn->verify_md5_cert = NULL; in tls_write_client_certificate_verify()
1495 if (conn->verify_sha1_cert == NULL || in tls_write_client_certificate_verify()
1496 crypto_hash_finish(conn->verify_sha1_cert, hpos, &hlen) < 0) { in tls_write_client_certificate_verify()
1497 conn->verify_sha1_cert = NULL; in tls_write_client_certificate_verify()
1498 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_certificate_verify()
1502 conn->verify_sha1_cert = NULL; in tls_write_client_certificate_verify()
1523 if (crypto_private_key_sign_pkcs1(conn->client_key, hash, hlen, in tls_write_client_certificate_verify()
1526 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_certificate_verify()
1536 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE, in tls_write_client_certificate_verify()
1539 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_certificate_verify()
1545 tls_verify_hash_add(conn, hs_start, pos - hs_start); in tls_write_client_certificate_verify()
1553 static int tls_write_client_change_cipher_spec(struct tlsv1_client *conn, in tls_write_client_change_cipher_spec() argument
1565 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_CHANGE_CIPHER_SPEC, in tls_write_client_change_cipher_spec()
1568 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_change_cipher_spec()
1573 if (tlsv1_record_change_write_cipher(&conn->rl) < 0) { in tls_write_client_change_cipher_spec()
1576 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_change_cipher_spec()
1587 static int tls_write_client_finished(struct tlsv1_client *conn, in tls_write_client_finished() argument
1602 if (conn->verify_md5_client == NULL || in tls_write_client_finished()
1603 crypto_hash_finish(conn->verify_md5_client, hash, &hlen) < 0) { in tls_write_client_finished()
1604 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_finished()
1606 conn->verify_md5_client = NULL; in tls_write_client_finished()
1607 crypto_hash_finish(conn->verify_sha1_client, NULL, NULL); in tls_write_client_finished()
1608 conn->verify_sha1_client = NULL; in tls_write_client_finished()
1611 conn->verify_md5_client = NULL; in tls_write_client_finished()
1613 if (conn->verify_sha1_client == NULL || in tls_write_client_finished()
1614 crypto_hash_finish(conn->verify_sha1_client, hash + MD5_MAC_LEN, in tls_write_client_finished()
1616 conn->verify_sha1_client = NULL; in tls_write_client_finished()
1617 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_finished()
1621 conn->verify_sha1_client = NULL; in tls_write_client_finished()
1623 if (tls_prf(conn->master_secret, TLS_MASTER_SECRET_LEN, in tls_write_client_finished()
1627 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_finished()
1646 tls_verify_hash_add(conn, hs_start, pos - hs_start); in tls_write_client_finished()
1648 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE, in tls_write_client_finished()
1651 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tls_write_client_finished()
1664 static size_t tls_client_cert_chain_der_len(struct tlsv1_client *conn) in tls_client_cert_chain_der_len() argument
1669 cert = conn->client_cert; in tls_client_cert_chain_der_len()
1674 cert = x509_certificate_get_subject(conn->trusted_certs, in tls_client_cert_chain_der_len()
1682 static u8 * tls_send_client_key_exchange(struct tlsv1_client *conn, in tls_send_client_key_exchange() argument
1691 if (conn->certificate_requested) in tls_send_client_key_exchange()
1692 msglen += tls_client_cert_chain_der_len(conn); in tls_send_client_key_exchange()
1701 if (conn->certificate_requested) { in tls_send_client_key_exchange()
1702 if (tls_write_client_certificate(conn, &pos, end) < 0) { in tls_send_client_key_exchange()
1708 if (tls_write_client_key_exchange(conn, &pos, end) < 0 || in tls_send_client_key_exchange()
1709 (conn->certificate_requested && conn->client_key && in tls_send_client_key_exchange()
1710 tls_write_client_certificate_verify(conn, &pos, end) < 0) || in tls_send_client_key_exchange()
1711 tls_write_client_change_cipher_spec(conn, &pos, end) < 0 || in tls_send_client_key_exchange()
1712 tls_write_client_finished(conn, &pos, end) < 0) { in tls_send_client_key_exchange()
1719 conn->state = SERVER_CHANGE_CIPHER_SPEC; in tls_send_client_key_exchange()
1725 static u8 * tls_send_change_cipher_spec(struct tlsv1_client *conn, in tls_send_change_cipher_spec() argument
1739 if (tls_write_client_change_cipher_spec(conn, &pos, end) < 0 || in tls_send_change_cipher_spec()
1740 tls_write_client_finished(conn, &pos, end) < 0) { in tls_send_change_cipher_spec()
1749 conn->state = ESTABLISHED; in tls_send_change_cipher_spec()
1755 static int tlsv1_client_process_handshake(struct tlsv1_client *conn, u8 ct, in tlsv1_client_process_handshake() argument
1763 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_client_process_handshake()
1772 switch (conn->state) { in tlsv1_client_process_handshake()
1774 if (tls_process_server_hello(conn, ct, buf, len)) in tlsv1_client_process_handshake()
1778 if (tls_process_certificate(conn, ct, buf, len)) in tlsv1_client_process_handshake()
1782 if (tls_process_server_key_exchange(conn, ct, buf, len)) in tlsv1_client_process_handshake()
1786 if (tls_process_certificate_request(conn, ct, buf, len)) in tlsv1_client_process_handshake()
1790 if (tls_process_server_hello_done(conn, ct, buf, len)) in tlsv1_client_process_handshake()
1794 if (tls_process_server_change_cipher_spec(conn, ct, buf, len)) in tlsv1_client_process_handshake()
1798 if (tls_process_server_finished(conn, ct, buf, len)) in tlsv1_client_process_handshake()
1804 conn->state); in tlsv1_client_process_handshake()
1809 tls_verify_hash_add(conn, buf, *len); in tlsv1_client_process_handshake()
1823 u8 * tlsv1_client_handshake(struct tlsv1_client *conn, in tlsv1_client_handshake() argument
1831 if (conn->state == CLIENT_HELLO) { in tlsv1_client_handshake()
1834 return tls_send_client_hello(conn, out_len); in tlsv1_client_handshake()
1849 if (tlsv1_record_receive(&conn->rl, pos, end - pos, in tlsv1_client_handshake()
1853 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, alert); in tlsv1_client_handshake()
1865 if (tlsv1_client_process_handshake(conn, ct, in_pos, in tlsv1_client_handshake()
1877 switch (conn->state) { in tlsv1_client_handshake()
1879 msg = tls_send_client_key_exchange(conn, out_len); in tlsv1_client_handshake()
1882 msg = tls_send_change_cipher_spec(conn, out_len); in tlsv1_client_handshake()
1887 conn->state = ESTABLISHED; in tlsv1_client_handshake()
1894 "generating reply", conn->state); in tlsv1_client_handshake()
1900 if (conn->alert_level) { in tlsv1_client_handshake()
1901 conn->state = FAILED; in tlsv1_client_handshake()
1903 msg = tls_send_alert(conn, conn->alert_level, in tlsv1_client_handshake()
1904 conn->alert_description, out_len); in tlsv1_client_handshake()
1923 int tlsv1_client_encrypt(struct tlsv1_client *conn, in tlsv1_client_encrypt() argument
1934 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_APPLICATION_DATA, in tlsv1_client_encrypt()
1937 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_client_encrypt()
1958 int tlsv1_client_decrypt(struct tlsv1_client *conn, in tlsv1_client_decrypt() argument
1976 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_client_decrypt()
1982 res = tlsv1_record_receive(&conn->rl, pos, in_end - pos, in tlsv1_client_decrypt()
1987 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, alert); in tlsv1_client_decrypt()
1994 tls_alert(conn, TLS_ALERT_LEVEL_FATAL, in tlsv1_client_decrypt()
2031 static void tlsv1_client_free_verify_hashes(struct tlsv1_client *conn) in tlsv1_client_free_verify_hashes() argument
2033 crypto_hash_finish(conn->verify_md5_client, NULL, NULL); in tlsv1_client_free_verify_hashes()
2034 crypto_hash_finish(conn->verify_md5_server, NULL, NULL); in tlsv1_client_free_verify_hashes()
2035 crypto_hash_finish(conn->verify_md5_cert, NULL, NULL); in tlsv1_client_free_verify_hashes()
2036 crypto_hash_finish(conn->verify_sha1_client, NULL, NULL); in tlsv1_client_free_verify_hashes()
2037 crypto_hash_finish(conn->verify_sha1_server, NULL, NULL); in tlsv1_client_free_verify_hashes()
2038 crypto_hash_finish(conn->verify_sha1_cert, NULL, NULL); in tlsv1_client_free_verify_hashes()
2039 conn->verify_md5_client = NULL; in tlsv1_client_free_verify_hashes()
2040 conn->verify_md5_server = NULL; in tlsv1_client_free_verify_hashes()
2041 conn->verify_md5_cert = NULL; in tlsv1_client_free_verify_hashes()
2042 conn->verify_sha1_client = NULL; in tlsv1_client_free_verify_hashes()
2043 conn->verify_sha1_server = NULL; in tlsv1_client_free_verify_hashes()
2044 conn->verify_sha1_cert = NULL; in tlsv1_client_free_verify_hashes()
2048 static int tlsv1_client_init_verify_hashes(struct tlsv1_client *conn) in tlsv1_client_init_verify_hashes() argument
2050 conn->verify_md5_client = crypto_hash_init(CRYPTO_HASH_ALG_MD5, NULL, in tlsv1_client_init_verify_hashes()
2052 conn->verify_md5_server = crypto_hash_init(CRYPTO_HASH_ALG_MD5, NULL, in tlsv1_client_init_verify_hashes()
2054 conn->verify_md5_cert = crypto_hash_init(CRYPTO_HASH_ALG_MD5, NULL, 0); in tlsv1_client_init_verify_hashes()
2055 conn->verify_sha1_client = crypto_hash_init(CRYPTO_HASH_ALG_SHA1, NULL, in tlsv1_client_init_verify_hashes()
2057 conn->verify_sha1_server = crypto_hash_init(CRYPTO_HASH_ALG_SHA1, NULL, in tlsv1_client_init_verify_hashes()
2059 conn->verify_sha1_cert = crypto_hash_init(CRYPTO_HASH_ALG_SHA1, NULL, in tlsv1_client_init_verify_hashes()
2061 if (conn->verify_md5_client == NULL || in tlsv1_client_init_verify_hashes()
2062 conn->verify_md5_server == NULL || in tlsv1_client_init_verify_hashes()
2063 conn->verify_md5_cert == NULL || in tlsv1_client_init_verify_hashes()
2064 conn->verify_sha1_client == NULL || in tlsv1_client_init_verify_hashes()
2065 conn->verify_sha1_server == NULL || in tlsv1_client_init_verify_hashes()
2066 conn->verify_sha1_cert == NULL) { in tlsv1_client_init_verify_hashes()
2067 tlsv1_client_free_verify_hashes(conn); in tlsv1_client_init_verify_hashes()
2080 struct tlsv1_client *conn; in tlsv1_client_init() local
2084 conn = os_zalloc(sizeof(*conn)); in tlsv1_client_init()
2085 if (conn == NULL) in tlsv1_client_init()
2088 conn->state = CLIENT_HELLO; in tlsv1_client_init()
2090 if (tlsv1_client_init_verify_hashes(conn) < 0) { in tlsv1_client_init()
2093 os_free(conn); in tlsv1_client_init()
2098 suites = conn->cipher_suites; in tlsv1_client_init()
2106 conn->num_cipher_suites = count; in tlsv1_client_init()
2108 return conn; in tlsv1_client_init()
2116 void tlsv1_client_deinit(struct tlsv1_client *conn) in tlsv1_client_deinit() argument
2118 crypto_public_key_free(conn->server_rsa_key); in tlsv1_client_deinit()
2119 tlsv1_record_set_cipher_suite(&conn->rl, TLS_NULL_WITH_NULL_NULL); in tlsv1_client_deinit()
2120 tlsv1_record_change_write_cipher(&conn->rl); in tlsv1_client_deinit()
2121 tlsv1_record_change_read_cipher(&conn->rl); in tlsv1_client_deinit()
2122 tlsv1_client_free_verify_hashes(conn); in tlsv1_client_deinit()
2123 os_free(conn->client_hello_ext); in tlsv1_client_deinit()
2124 tlsv1_client_free_dh(conn); in tlsv1_client_deinit()
2125 x509_certificate_chain_free(conn->trusted_certs); in tlsv1_client_deinit()
2126 x509_certificate_chain_free(conn->client_cert); in tlsv1_client_deinit()
2127 crypto_private_key_free(conn->client_key); in tlsv1_client_deinit()
2128 os_free(conn); in tlsv1_client_deinit()
2137 int tlsv1_client_established(struct tlsv1_client *conn) in tlsv1_client_established() argument
2139 return conn->state == ESTABLISHED; in tlsv1_client_established()
2153 int tlsv1_client_prf(struct tlsv1_client *conn, const char *label, in tlsv1_client_prf() argument
2158 if (conn->state != ESTABLISHED) in tlsv1_client_prf()
2162 os_memcpy(seed, conn->server_random, TLS_RANDOM_LEN); in tlsv1_client_prf()
2163 os_memcpy(seed + TLS_RANDOM_LEN, conn->client_random, in tlsv1_client_prf()
2166 os_memcpy(seed, conn->client_random, TLS_RANDOM_LEN); in tlsv1_client_prf()
2167 os_memcpy(seed + TLS_RANDOM_LEN, conn->server_random, in tlsv1_client_prf()
2171 return tls_prf(conn->master_secret, TLS_MASTER_SECRET_LEN, in tlsv1_client_prf()
2185 int tlsv1_client_get_cipher(struct tlsv1_client *conn, char *buf, in tlsv1_client_get_cipher() argument
2190 switch (conn->rl.cipher_suite) { in tlsv1_client_get_cipher()
2217 int tlsv1_client_shutdown(struct tlsv1_client *conn) in tlsv1_client_shutdown() argument
2219 conn->state = CLIENT_HELLO; in tlsv1_client_shutdown()
2221 tlsv1_client_free_verify_hashes(conn); in tlsv1_client_shutdown()
2222 if (tlsv1_client_init_verify_hashes(conn) < 0) { in tlsv1_client_shutdown()
2228 tlsv1_record_set_cipher_suite(&conn->rl, TLS_NULL_WITH_NULL_NULL); in tlsv1_client_shutdown()
2229 tlsv1_record_change_write_cipher(&conn->rl); in tlsv1_client_shutdown()
2230 tlsv1_record_change_read_cipher(&conn->rl); in tlsv1_client_shutdown()
2232 conn->certificate_requested = 0; in tlsv1_client_shutdown()
2233 crypto_public_key_free(conn->server_rsa_key); in tlsv1_client_shutdown()
2234 conn->server_rsa_key = NULL; in tlsv1_client_shutdown()
2235 conn->session_resumed = 0; in tlsv1_client_shutdown()
2246 int tlsv1_client_resumed(struct tlsv1_client *conn) in tlsv1_client_resumed() argument
2248 return !!conn->session_resumed; in tlsv1_client_resumed()
2260 int tlsv1_client_hello_ext(struct tlsv1_client *conn, int ext_type, in tlsv1_client_hello_ext() argument
2265 conn->ticket = 0; in tlsv1_client_hello_ext()
2266 os_free(conn->client_hello_ext); in tlsv1_client_hello_ext()
2267 conn->client_hello_ext = NULL; in tlsv1_client_hello_ext()
2268 conn->client_hello_ext_len = 0; in tlsv1_client_hello_ext()
2273 pos = conn->client_hello_ext = os_malloc(6 + data_len); in tlsv1_client_hello_ext()
2284 conn->client_hello_ext_len = 6 + data_len; in tlsv1_client_hello_ext()
2287 conn->ticket = 1; in tlsv1_client_hello_ext()
2301 int tlsv1_client_get_keys(struct tlsv1_client *conn, struct tls_keys *keys) in tlsv1_client_get_keys() argument
2304 if (conn->state == CLIENT_HELLO) in tlsv1_client_get_keys()
2307 keys->client_random = conn->client_random; in tlsv1_client_get_keys()
2310 if (conn->state != SERVER_HELLO) { in tlsv1_client_get_keys()
2311 keys->server_random = conn->server_random; in tlsv1_client_get_keys()
2313 keys->master_key = conn->master_secret; in tlsv1_client_get_keys()
2328 int tlsv1_client_set_master_key(struct tlsv1_client *conn, in tlsv1_client_set_master_key() argument
2335 os_memcpy(conn->master_secret, key, key_len); in tlsv1_client_set_master_key()
2336 conn->ticket_key = 1; in tlsv1_client_set_master_key()
2348 int tlsv1_client_get_keyblock_size(struct tlsv1_client *conn) in tlsv1_client_get_keyblock_size() argument
2350 if (conn->state == CLIENT_HELLO || conn->state == SERVER_HELLO) in tlsv1_client_get_keyblock_size()
2353 return 2 * (conn->rl.hash_size + conn->rl.key_material_len + in tlsv1_client_get_keyblock_size()
2354 conn->rl.iv_size); in tlsv1_client_get_keyblock_size()
2365 int tlsv1_client_set_cipher_list(struct tlsv1_client *conn, u8 *ciphers) in tlsv1_client_set_cipher_list() argument
2374 suites = conn->cipher_suites; in tlsv1_client_set_cipher_list()
2380 conn->num_cipher_suites = count; in tlsv1_client_set_cipher_list()
2521 int tlsv1_client_set_ca_cert(struct tlsv1_client *conn, const char *cert, in tlsv1_client_set_ca_cert() argument
2525 if (tlsv1_client_set_cert_chain(&conn->trusted_certs, cert, in tlsv1_client_set_ca_cert()
2548 int tlsv1_client_set_client_cert(struct tlsv1_client *conn, const char *cert, in tlsv1_client_set_client_cert() argument
2551 return tlsv1_client_set_cert_chain(&conn->client_cert, cert, in tlsv1_client_set_client_cert()
2556 static int tlsv1_client_set_key(struct tlsv1_client *conn, in tlsv1_client_set_key() argument
2559 conn->client_key = crypto_private_key_import(key, len); in tlsv1_client_set_key()
2560 if (conn->client_key == NULL) { in tlsv1_client_set_key()
2578 int tlsv1_client_set_private_key(struct tlsv1_client *conn, in tlsv1_client_set_private_key() argument
2584 crypto_private_key_free(conn->client_key); in tlsv1_client_set_private_key()
2585 conn->client_key = NULL; in tlsv1_client_set_private_key()
2588 return tlsv1_client_set_key(conn, private_key_blob, in tlsv1_client_set_private_key()
2603 ret = tlsv1_client_set_key(conn, buf, len); in tlsv1_client_set_private_key()