Lines Matching refs:ssl
227 int tls1_prf(SSL *ssl, uint8_t *out, size_t out_len, const uint8_t *secret, in tls1_prf() argument
238 uint32_t algorithm_prf = ssl_get_algorithm_prf(ssl); in tls1_prf()
263 static int tls1_generate_key_block(SSL *ssl, uint8_t *out, size_t out_len) { in tls1_generate_key_block() argument
264 return ssl->enc_method->prf( in tls1_generate_key_block()
265 ssl, out, out_len, ssl->session->master_key, in tls1_generate_key_block()
266 ssl->session->master_key_length, TLS_MD_KEY_EXPANSION_CONST, in tls1_generate_key_block()
267 TLS_MD_KEY_EXPANSION_CONST_SIZE, ssl->s3->server_random, SSL3_RANDOM_SIZE, in tls1_generate_key_block()
268 ssl->s3->client_random, SSL3_RANDOM_SIZE); in tls1_generate_key_block()
271 int tls1_change_cipher_state(SSL *ssl, int which) { in tls1_change_cipher_state() argument
283 const EVP_AEAD *aead = ssl->s3->tmp.new_aead; in tls1_change_cipher_state()
289 if (SSL_IS_DTLS(ssl)) { in tls1_change_cipher_state()
290 ssl->d1->r_epoch++; in tls1_change_cipher_state()
291 memset(&ssl->d1->bitmap, 0, sizeof(ssl->d1->bitmap)); in tls1_change_cipher_state()
293 memset(ssl->s3->read_sequence, 0, sizeof(ssl->s3->read_sequence)); in tls1_change_cipher_state()
295 if (SSL_IS_DTLS(ssl)) { in tls1_change_cipher_state()
296 ssl->d1->w_epoch++; in tls1_change_cipher_state()
297 memcpy(ssl->d1->last_write_sequence, ssl->s3->write_sequence, in tls1_change_cipher_state()
298 sizeof(ssl->s3->write_sequence)); in tls1_change_cipher_state()
300 memset(ssl->s3->write_sequence, 0, sizeof(ssl->s3->write_sequence)); in tls1_change_cipher_state()
303 mac_secret_len = ssl->s3->tmp.new_mac_secret_len; in tls1_change_cipher_state()
304 iv_len = ssl->s3->tmp.new_fixed_iv_len; in tls1_change_cipher_state()
323 key_data = ssl->s3->tmp.key_block; in tls1_change_cipher_state()
347 if (key_data - ssl->s3->tmp.key_block != ssl->s3->tmp.key_block_length) { in tls1_change_cipher_state()
353 SSL_AEAD_CTX_free(ssl->aead_read_ctx); in tls1_change_cipher_state()
354 ssl->aead_read_ctx = SSL_AEAD_CTX_new( in tls1_change_cipher_state()
355 evp_aead_open, ssl3_version_from_wire(ssl, ssl->version), in tls1_change_cipher_state()
356 ssl->s3->tmp.new_cipher, key, key_len, mac_secret, mac_secret_len, iv, in tls1_change_cipher_state()
358 return ssl->aead_read_ctx != NULL; in tls1_change_cipher_state()
361 SSL_AEAD_CTX_free(ssl->aead_write_ctx); in tls1_change_cipher_state()
362 ssl->aead_write_ctx = SSL_AEAD_CTX_new( in tls1_change_cipher_state()
363 evp_aead_seal, ssl3_version_from_wire(ssl, ssl->version), in tls1_change_cipher_state()
364 ssl->s3->tmp.new_cipher, key, key_len, mac_secret, mac_secret_len, iv, in tls1_change_cipher_state()
366 return ssl->aead_write_ctx != NULL; in tls1_change_cipher_state()
369 int tls1_setup_key_block(SSL *ssl) { in tls1_setup_key_block() argument
376 if (ssl->s3->tmp.key_block_length != 0) { in tls1_setup_key_block()
380 if (ssl->session->cipher == NULL) { in tls1_setup_key_block()
385 ssl->session->cipher, in tls1_setup_key_block()
386 ssl3_version_from_wire(ssl, ssl->version))) { in tls1_setup_key_block()
413 ssl->s3->tmp.new_aead = aead; in tls1_setup_key_block()
414 ssl->s3->tmp.new_mac_secret_len = (uint8_t)mac_secret_len; in tls1_setup_key_block()
415 ssl->s3->tmp.new_fixed_iv_len = (uint8_t)fixed_iv_len; in tls1_setup_key_block()
416 ssl->s3->tmp.new_variable_iv_len = (uint8_t)variable_iv_len; in tls1_setup_key_block()
421 ssl3_cleanup_key_block(ssl); in tls1_setup_key_block()
429 ssl->s3->tmp.key_block_length = key_block_len; in tls1_setup_key_block()
430 ssl->s3->tmp.key_block = p; in tls1_setup_key_block()
432 if (!tls1_generate_key_block(ssl, p, key_block_len)) { in tls1_setup_key_block()
446 int tls1_cert_verify_mac(SSL *ssl, int md_nid, uint8_t *out) { in tls1_cert_verify_mac() argument
449 ctx_template = &ssl->s3->handshake_md5; in tls1_cert_verify_mac()
450 } else if (md_nid == EVP_MD_CTX_type(&ssl->s3->handshake_hash)) { in tls1_cert_verify_mac()
451 ctx_template = &ssl->s3->handshake_hash; in tls1_cert_verify_mac()
499 int tls1_handshake_digest(SSL *ssl, uint8_t *out, size_t out_len) { in tls1_handshake_digest() argument
501 if (EVP_MD_CTX_md(&ssl->s3->handshake_md5) != NULL && in tls1_handshake_digest()
502 !append_digest(&ssl->s3->handshake_md5, out, &md5_len, out_len)) { in tls1_handshake_digest()
507 if (!append_digest(&ssl->s3->handshake_hash, out + md5_len, &len, in tls1_handshake_digest()
515 int tls1_final_finish_mac(SSL *ssl, const char *str, int slen, uint8_t *out) { in tls1_final_finish_mac() argument
522 assert(ssl->s3->handshake_buffer == NULL); in tls1_final_finish_mac()
524 digests_len = tls1_handshake_digest(ssl, buf, sizeof(buf)); in tls1_final_finish_mac()
530 if (!ssl->enc_method->prf(ssl, out, 12, ssl->session->master_key, in tls1_final_finish_mac()
531 ssl->session->master_key_length, str, slen, buf, in tls1_final_finish_mac()
543 int tls1_generate_master_secret(SSL *ssl, uint8_t *out, in tls1_generate_master_secret() argument
546 if (ssl->s3->tmp.extended_master_secret) { in tls1_generate_master_secret()
548 int digests_len = tls1_handshake_digest(ssl, digests, sizeof(digests)); in tls1_generate_master_secret()
553 if (!ssl->enc_method->prf(ssl, out, SSL3_MASTER_SECRET_SIZE, premaster, in tls1_generate_master_secret()
561 if (!ssl->enc_method->prf(ssl, out, SSL3_MASTER_SECRET_SIZE, premaster, in tls1_generate_master_secret()
564 ssl->s3->client_random, SSL3_RANDOM_SIZE, in tls1_generate_master_secret()
565 ssl->s3->server_random, SSL3_RANDOM_SIZE)) { in tls1_generate_master_secret()
573 int tls1_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len, in tls1_export_keying_material() argument
577 if (!ssl->s3->have_version || ssl->version == SSL3_VERSION) { in tls1_export_keying_material()
596 memcpy(seed, ssl->s3->client_random, SSL3_RANDOM_SIZE); in tls1_export_keying_material()
597 memcpy(seed + SSL3_RANDOM_SIZE, ssl->s3->server_random, SSL3_RANDOM_SIZE); in tls1_export_keying_material()
604 int ret = ssl->enc_method->prf(ssl, out, out_len, ssl->session->master_key, in tls1_export_keying_material()
605 ssl->session->master_key_length, label, in tls1_export_keying_material()