Lines Matching refs:ssl
48 static int ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl, in ssl_write_renegotiation_ext() argument
60 if (ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { in ssl_write_renegotiation_ext()
67 MBEDTLS_SSL_CHK_BUF_PTR(p, end, 5 + ssl->verify_data_len); in ssl_write_renegotiation_ext()
76 *p++ = MBEDTLS_BYTE_0(ssl->verify_data_len + 1); in ssl_write_renegotiation_ext()
77 *p++ = MBEDTLS_BYTE_0(ssl->verify_data_len); in ssl_write_renegotiation_ext()
79 memcpy(p, ssl->own_verify_data, ssl->verify_data_len); in ssl_write_renegotiation_ext()
81 *olen = 5 + ssl->verify_data_len; in ssl_write_renegotiation_ext()
92 static int ssl_write_supported_point_formats_ext(mbedtls_ssl_context *ssl, in ssl_write_supported_point_formats_ext() argument
98 (void) ssl; /* ssl used for debugging only */ in ssl_write_supported_point_formats_ext()
125 static int ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl, in ssl_write_ecjpake_kkpp_ext() argument
137 if (ssl->handshake->psa_pake_ctx_is_ok != 1) { in ssl_write_ecjpake_kkpp_ext()
154 if (ssl->handshake->ecjpake_cache == NULL || in ssl_write_ecjpake_kkpp_ext()
155 ssl->handshake->ecjpake_cache_len == 0) { in ssl_write_ecjpake_kkpp_ext()
158 ret = mbedtls_psa_ecjpake_write_round(&ssl->handshake->psa_pake_ctx, in ssl_write_ecjpake_kkpp_ext()
162 psa_destroy_key(ssl->handshake->psa_pake_password); in ssl_write_ecjpake_kkpp_ext()
163 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in ssl_write_ecjpake_kkpp_ext()
168 ssl->handshake->ecjpake_cache = mbedtls_calloc(1, kkpp_len); in ssl_write_ecjpake_kkpp_ext()
169 if (ssl->handshake->ecjpake_cache == NULL) { in ssl_write_ecjpake_kkpp_ext()
174 memcpy(ssl->handshake->ecjpake_cache, p + 2, kkpp_len); in ssl_write_ecjpake_kkpp_ext()
175 ssl->handshake->ecjpake_cache_len = kkpp_len; in ssl_write_ecjpake_kkpp_ext()
179 kkpp_len = ssl->handshake->ecjpake_cache_len; in ssl_write_ecjpake_kkpp_ext()
182 memcpy(p + 2, ssl->handshake->ecjpake_cache, kkpp_len); in ssl_write_ecjpake_kkpp_ext()
196 static int ssl_write_cid_ext(mbedtls_ssl_context *ssl, in ssl_write_cid_ext() argument
211 if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || in ssl_write_cid_ext()
212 ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { in ssl_write_cid_ext()
219 MBEDTLS_SSL_CHK_BUF_PTR(p, end, (unsigned) (ssl->own_cid_len + 5)); in ssl_write_cid_ext()
224 ext_len = (size_t) ssl->own_cid_len + 1; in ssl_write_cid_ext()
228 *p++ = (uint8_t) ssl->own_cid_len; in ssl_write_cid_ext()
229 memcpy(p, ssl->own_cid, ssl->own_cid_len); in ssl_write_cid_ext()
231 *olen = ssl->own_cid_len + 5; in ssl_write_cid_ext()
239 static int ssl_write_max_fragment_length_ext(mbedtls_ssl_context *ssl, in ssl_write_max_fragment_length_ext() argument
248 if (ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE) { in ssl_write_max_fragment_length_ext()
263 *p++ = ssl->conf->mfl_code; in ssl_write_max_fragment_length_ext()
273 static int ssl_write_encrypt_then_mac_ext(mbedtls_ssl_context *ssl, in ssl_write_encrypt_then_mac_ext() argument
282 if (ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED) { in ssl_write_encrypt_then_mac_ext()
305 static int ssl_write_extended_ms_ext(mbedtls_ssl_context *ssl, in ssl_write_extended_ms_ext() argument
314 if (ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED) { in ssl_write_extended_ms_ext()
337 static int ssl_write_session_ticket_ext(mbedtls_ssl_context *ssl, in ssl_write_session_ticket_ext() argument
343 size_t tlen = ssl->session_negotiate->ticket_len; in ssl_write_session_ticket_ext()
347 if (ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED) { in ssl_write_session_ticket_ext()
365 if (ssl->session_negotiate->ticket == NULL || tlen == 0) { in ssl_write_session_ticket_ext()
372 memcpy(p, ssl->session_negotiate->ticket, tlen); in ssl_write_session_ticket_ext()
382 static int ssl_write_use_srtp_ext(mbedtls_ssl_context *ssl, in ssl_write_use_srtp_ext() argument
393 if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) || in ssl_write_use_srtp_ext()
394 (ssl->conf->dtls_srtp_profile_list == NULL) || in ssl_write_use_srtp_ext()
395 (ssl->conf->dtls_srtp_profile_list_len == 0)) { in ssl_write_use_srtp_ext()
408 if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED) { in ssl_write_use_srtp_ext()
409 mki_len = ssl->dtls_srtp_info.mki_len; in ssl_write_use_srtp_ext()
415 ext_len = 2 + 2 * (ssl->conf->dtls_srtp_profile_list_len) + 1 + mki_len; in ssl_write_use_srtp_ext()
440 *p++ = MBEDTLS_BYTE_0(2 * ssl->conf->dtls_srtp_profile_list_len); in ssl_write_use_srtp_ext()
443 protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len; in ssl_write_use_srtp_ext()
446 (ssl->conf->dtls_srtp_profile_list[protection_profiles_index]); in ssl_write_use_srtp_ext()
460 ssl->conf->dtls_srtp_profile_list[protection_profiles_index] in ssl_write_use_srtp_ext()
469 memcpy(p, ssl->dtls_srtp_info.mki_value, mki_len); in ssl_write_use_srtp_ext()
474 MBEDTLS_SSL_DEBUG_BUF(3, "sending mki", ssl->dtls_srtp_info.mki_value, in ssl_write_use_srtp_ext()
475 ssl->dtls_srtp_info.mki_len); in ssl_write_use_srtp_ext()
492 int mbedtls_ssl_tls12_write_client_hello_exts(mbedtls_ssl_context *ssl, in mbedtls_ssl_tls12_write_client_hello_exts() argument
502 (void) ssl; in mbedtls_ssl_tls12_write_client_hello_exts()
513 if ((ret = ssl_write_renegotiation_ext(ssl, p, end, &ext_len)) != 0) { in mbedtls_ssl_tls12_write_client_hello_exts()
524 if ((ret = ssl_write_supported_point_formats_ext(ssl, p, end, in mbedtls_ssl_tls12_write_client_hello_exts()
534 if ((ret = ssl_write_ecjpake_kkpp_ext(ssl, p, end, &ext_len)) != 0) { in mbedtls_ssl_tls12_write_client_hello_exts()
542 if ((ret = ssl_write_cid_ext(ssl, p, end, &ext_len)) != 0) { in mbedtls_ssl_tls12_write_client_hello_exts()
550 if ((ret = ssl_write_max_fragment_length_ext(ssl, p, end, in mbedtls_ssl_tls12_write_client_hello_exts()
559 if ((ret = ssl_write_encrypt_then_mac_ext(ssl, p, end, &ext_len)) != 0) { in mbedtls_ssl_tls12_write_client_hello_exts()
567 if ((ret = ssl_write_extended_ms_ext(ssl, p, end, &ext_len)) != 0) { in mbedtls_ssl_tls12_write_client_hello_exts()
575 if ((ret = ssl_write_use_srtp_ext(ssl, p, end, &ext_len)) != 0) { in mbedtls_ssl_tls12_write_client_hello_exts()
583 if ((ret = ssl_write_session_ticket_ext(ssl, p, end, &ext_len)) != 0) { in mbedtls_ssl_tls12_write_client_hello_exts()
596 static int ssl_parse_renegotiation_info(mbedtls_ssl_context *ssl, in ssl_parse_renegotiation_info() argument
601 if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { in ssl_parse_renegotiation_info()
603 if (len != 1 + ssl->verify_data_len * 2 || in ssl_parse_renegotiation_info()
604 buf[0] != ssl->verify_data_len * 2 || in ssl_parse_renegotiation_info()
606 ssl->own_verify_data, ssl->verify_data_len) != 0 || in ssl_parse_renegotiation_info()
607 mbedtls_ct_memcmp(buf + 1 + ssl->verify_data_len, in ssl_parse_renegotiation_info()
608 ssl->peer_verify_data, ssl->verify_data_len) != 0) { in ssl_parse_renegotiation_info()
611 ssl, in ssl_parse_renegotiation_info()
623 ssl, in ssl_parse_renegotiation_info()
629 ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; in ssl_parse_renegotiation_info()
637 static int ssl_parse_max_fragment_length_ext(mbedtls_ssl_context *ssl, in ssl_parse_max_fragment_length_ext() argument
645 if (ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE || in ssl_parse_max_fragment_length_ext()
647 buf[0] != ssl->conf->mfl_code) { in ssl_parse_max_fragment_length_ext()
651 ssl, in ssl_parse_max_fragment_length_ext()
663 static int ssl_parse_cid_ext(mbedtls_ssl_context *ssl, in ssl_parse_cid_ext() argument
670 ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || in ssl_parse_cid_ext()
672 ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { in ssl_parse_cid_ext()
674 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_cid_ext()
681 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_cid_ext()
691 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_cid_ext()
698 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_cid_ext()
703 ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; in ssl_parse_cid_ext()
704 ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; in ssl_parse_cid_ext()
705 memcpy(ssl->handshake->peer_cid, buf, peer_cid_len); in ssl_parse_cid_ext()
716 static int ssl_parse_encrypt_then_mac_ext(mbedtls_ssl_context *ssl, in ssl_parse_encrypt_then_mac_ext() argument
720 if (ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || in ssl_parse_encrypt_then_mac_ext()
725 ssl, in ssl_parse_encrypt_then_mac_ext()
733 ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; in ssl_parse_encrypt_then_mac_ext()
741 static int ssl_parse_extended_ms_ext(mbedtls_ssl_context *ssl, in ssl_parse_extended_ms_ext() argument
745 if (ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || in ssl_parse_extended_ms_ext()
750 ssl, in ssl_parse_extended_ms_ext()
758 ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; in ssl_parse_extended_ms_ext()
766 static int ssl_parse_session_ticket_ext(mbedtls_ssl_context *ssl, in ssl_parse_session_ticket_ext() argument
770 if (ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED || in ssl_parse_session_ticket_ext()
775 ssl, in ssl_parse_session_ticket_ext()
783 ssl->handshake->new_session_ticket = 1; in ssl_parse_session_ticket_ext()
793 static int ssl_parse_supported_point_formats_ext(mbedtls_ssl_context *ssl, in ssl_parse_supported_point_formats_ext() argument
802 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_point_formats_ext()
821 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_supported_point_formats_ext()
831 static int ssl_parse_ecjpake_kkpp(mbedtls_ssl_context *ssl, in ssl_parse_ecjpake_kkpp() argument
837 if (ssl->handshake->ciphersuite_info->key_exchange != in ssl_parse_ecjpake_kkpp()
844 mbedtls_free(ssl->handshake->ecjpake_cache); in ssl_parse_ecjpake_kkpp()
845 ssl->handshake->ecjpake_cache = NULL; in ssl_parse_ecjpake_kkpp()
846 ssl->handshake->ecjpake_cache_len = 0; in ssl_parse_ecjpake_kkpp()
849 &ssl->handshake->psa_pake_ctx, buf, len, in ssl_parse_ecjpake_kkpp()
851 psa_destroy_key(ssl->handshake->psa_pake_password); in ssl_parse_ecjpake_kkpp()
852 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in ssl_parse_ecjpake_kkpp()
856 ssl, in ssl_parse_ecjpake_kkpp()
868 static int ssl_parse_alpn_ext(mbedtls_ssl_context *ssl, in ssl_parse_alpn_ext() argument
875 if (ssl->conf->alpn_list == NULL) { in ssl_parse_alpn_ext()
878 ssl, in ssl_parse_alpn_ext()
896 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
903 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
910 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
916 for (p = ssl->conf->alpn_list; *p != NULL; p++) { in ssl_parse_alpn_ext()
919 ssl->alpn_chosen = *p; in ssl_parse_alpn_ext()
925 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_alpn_ext()
933 static int ssl_parse_use_srtp_ext(mbedtls_ssl_context *ssl, in ssl_parse_use_srtp_ext() argument
942 if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) || in ssl_parse_use_srtp_ext()
943 (ssl->conf->dtls_srtp_profile_list == NULL) || in ssl_parse_use_srtp_ext()
944 (ssl->conf->dtls_srtp_profile_list_len == 0)) { in ssl_parse_use_srtp_ext()
959 if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED) { in ssl_parse_use_srtp_ext()
960 mki_len = ssl->dtls_srtp_info.mki_len; in ssl_parse_use_srtp_ext()
994 ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET; in ssl_parse_use_srtp_ext()
999 for (i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++) { in ssl_parse_use_srtp_ext()
1000 if (server_protection == ssl->conf->dtls_srtp_profile_list[i]) { in ssl_parse_use_srtp_ext()
1001 ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i]; in ssl_parse_use_srtp_ext()
1010 if (ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET) { in ssl_parse_use_srtp_ext()
1011 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_use_srtp_ext()
1019 ssl->dtls_srtp_info.mki_len = 0; in ssl_parse_use_srtp_ext()
1029 (memcmp(ssl->dtls_srtp_info.mki_value, &buf[5], mki_len)))) { in ssl_parse_use_srtp_ext()
1030 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_use_srtp_ext()
1036 MBEDTLS_SSL_DEBUG_BUF(3, "received mki", ssl->dtls_srtp_info.mki_value, in ssl_parse_use_srtp_ext()
1037 ssl->dtls_srtp_info.mki_len); in ssl_parse_use_srtp_ext()
1049 static int ssl_parse_hello_verify_request(mbedtls_ssl_context *ssl) in ssl_parse_hello_verify_request() argument
1052 const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); in ssl_parse_hello_verify_request()
1067 if (mbedtls_ssl_hs_hdr_len(ssl) + 3 > ssl->in_msglen) { in ssl_parse_hello_verify_request()
1070 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_hello_verify_request()
1093 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_hello_verify_request()
1100 if ((ssl->in_msg + ssl->in_msglen) - p < cookie_len) { in ssl_parse_hello_verify_request()
1103 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_hello_verify_request()
1109 mbedtls_free(ssl->handshake->cookie); in ssl_parse_hello_verify_request()
1111 ssl->handshake->cookie = mbedtls_calloc(1, cookie_len); in ssl_parse_hello_verify_request()
1112 if (ssl->handshake->cookie == NULL) { in ssl_parse_hello_verify_request()
1117 memcpy(ssl->handshake->cookie, p, cookie_len); in ssl_parse_hello_verify_request()
1118 ssl->handshake->cookie_len = cookie_len; in ssl_parse_hello_verify_request()
1121 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in ssl_parse_hello_verify_request()
1122 ret = mbedtls_ssl_reset_checksum(ssl); in ssl_parse_hello_verify_request()
1128 mbedtls_ssl_recv_flight_completed(ssl); in ssl_parse_hello_verify_request()
1137 static int ssl_parse_server_hello(mbedtls_ssl_context *ssl) in ssl_parse_server_hello() argument
1152 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in ssl_parse_server_hello()
1158 buf = ssl->in_msg; in ssl_parse_server_hello()
1160 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in ssl_parse_server_hello()
1162 if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { in ssl_parse_server_hello()
1163 ssl->renego_records_seen++; in ssl_parse_server_hello()
1165 if (ssl->conf->renego_max_records >= 0 && in ssl_parse_server_hello()
1166 ssl->renego_records_seen > ssl->conf->renego_max_records) { in ssl_parse_server_hello()
1175 ssl->keep_current_message = 1; in ssl_parse_server_hello()
1182 ssl, in ssl_parse_server_hello()
1189 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_parse_server_hello()
1193 return ssl_parse_hello_verify_request(ssl); in ssl_parse_server_hello()
1196 mbedtls_free(ssl->handshake->cookie); in ssl_parse_server_hello()
1197 ssl->handshake->cookie = NULL; in ssl_parse_server_hello()
1198 ssl->handshake->cookie_len = 0; in ssl_parse_server_hello()
1203 if (ssl->in_hslen < 38 + mbedtls_ssl_hs_hdr_len(ssl) || in ssl_parse_server_hello()
1206 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_server_hello()
1222 buf += mbedtls_ssl_hs_hdr_len(ssl); in ssl_parse_server_hello()
1225 ssl->tls_version = (mbedtls_ssl_protocol_version) mbedtls_ssl_read_version(buf, in ssl_parse_server_hello()
1226 … ssl->conf->transport); in ssl_parse_server_hello()
1227 ssl->session_negotiate->tls_version = ssl->tls_version; in ssl_parse_server_hello()
1228 ssl->session_negotiate->endpoint = ssl->conf->endpoint; in ssl_parse_server_hello()
1230 if (ssl->tls_version < ssl->conf->min_tls_version || in ssl_parse_server_hello()
1231 ssl->tls_version > ssl->conf->max_tls_version) { in ssl_parse_server_hello()
1235 (unsigned) ssl->conf->min_tls_version, in ssl_parse_server_hello()
1236 (unsigned) ssl->tls_version, in ssl_parse_server_hello()
1237 (unsigned) ssl->conf->max_tls_version)); in ssl_parse_server_hello()
1239 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_server_hello()
1251 memcpy(ssl->handshake->randbytes + 32, buf + 2, 32); in ssl_parse_server_hello()
1259 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_server_hello()
1264 if (ssl->in_hslen > mbedtls_ssl_hs_hdr_len(ssl) + 39 + n) { in ssl_parse_server_hello()
1268 ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 40 + n + ext_len) { in ssl_parse_server_hello()
1271 ssl, in ssl_parse_server_hello()
1276 } else if (ssl->in_hslen == mbedtls_ssl_hs_hdr_len(ssl) + 38 + n) { in ssl_parse_server_hello()
1280 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_server_hello()
1297 ssl, in ssl_parse_server_hello()
1306 ssl->handshake->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(i); in ssl_parse_server_hello()
1307 if (ssl->handshake->ciphersuite_info == NULL) { in ssl_parse_server_hello()
1310 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_server_hello()
1315 mbedtls_ssl_optimize_checksum(ssl, ssl->handshake->ciphersuite_info); in ssl_parse_server_hello()
1323 if (ssl->handshake->resume == 0 || n == 0 || in ssl_parse_server_hello()
1325 ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE || in ssl_parse_server_hello()
1327 ssl->session_negotiate->ciphersuite != i || in ssl_parse_server_hello()
1328 ssl->session_negotiate->id_len != n || in ssl_parse_server_hello()
1329 memcmp(ssl->session_negotiate->id, buf + 35, n) != 0) { in ssl_parse_server_hello()
1330 mbedtls_ssl_handshake_increment_state(ssl); in ssl_parse_server_hello()
1331 ssl->handshake->resume = 0; in ssl_parse_server_hello()
1333 ssl->session_negotiate->start = mbedtls_time(NULL); in ssl_parse_server_hello()
1335 ssl->session_negotiate->ciphersuite = i; in ssl_parse_server_hello()
1336 ssl->session_negotiate->id_len = n; in ssl_parse_server_hello()
1337 memcpy(ssl->session_negotiate->id, buf + 35, n); in ssl_parse_server_hello()
1339 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC); in ssl_parse_server_hello()
1343 ssl->handshake->resume ? "a" : "no")); in ssl_parse_server_hello()
1354 if (ssl->conf->ciphersuite_list[i] == 0) { in ssl_parse_server_hello()
1357 ssl, in ssl_parse_server_hello()
1363 if (ssl->conf->ciphersuite_list[i++] == in ssl_parse_server_hello()
1364 ssl->session_negotiate->ciphersuite) { in ssl_parse_server_hello()
1370 ssl->session_negotiate->ciphersuite); in ssl_parse_server_hello()
1371 if (mbedtls_ssl_validate_ciphersuite(ssl, suite_info, ssl->tls_version, in ssl_parse_server_hello()
1372 ssl->tls_version) != 0) { in ssl_parse_server_hello()
1375 ssl, in ssl_parse_server_hello()
1386 ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { in ssl_parse_server_hello()
1387 ssl->handshake->ecrs_enabled = 1; in ssl_parse_server_hello()
1394 ssl, in ssl_parse_server_hello()
1413 ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_server_hello()
1425 if ((ret = ssl_parse_renegotiation_info(ssl, ext + 4, in ssl_parse_server_hello()
1437 if ((ret = ssl_parse_max_fragment_length_ext(ssl, in ssl_parse_server_hello()
1449 if ((ret = ssl_parse_cid_ext(ssl, in ssl_parse_server_hello()
1462 if ((ret = ssl_parse_encrypt_then_mac_ext(ssl, in ssl_parse_server_hello()
1475 if ((ret = ssl_parse_extended_ms_ext(ssl, in ssl_parse_server_hello()
1487 if ((ret = ssl_parse_session_ticket_ext(ssl, in ssl_parse_server_hello()
1502 if ((ret = ssl_parse_supported_point_formats_ext(ssl, in ssl_parse_server_hello()
1516 if ((ret = ssl_parse_ecjpake_kkpp(ssl, in ssl_parse_server_hello()
1528 if ((ret = ssl_parse_alpn_ext(ssl, ext + 4, ext_size)) != 0) { in ssl_parse_server_hello()
1539 if ((ret = ssl_parse_use_srtp_ext(ssl, ext + 4, ext_size)) != 0) { in ssl_parse_server_hello()
1565 if (ssl->handshake->resume) { in ssl_parse_server_hello()
1566 if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { in ssl_parse_server_hello()
1569 ssl, in ssl_parse_server_hello()
1579 if (ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && in ssl_parse_server_hello()
1580 ssl->conf->allow_legacy_renegotiation == in ssl_parse_server_hello()
1587 else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && in ssl_parse_server_hello()
1588 ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && in ssl_parse_server_hello()
1593 } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && in ssl_parse_server_hello()
1594 ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && in ssl_parse_server_hello()
1595 ssl->conf->allow_legacy_renegotiation == in ssl_parse_server_hello()
1599 } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && in ssl_parse_server_hello()
1600 ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && in ssl_parse_server_hello()
1610 ssl, in ssl_parse_server_hello()
1625 static int ssl_parse_server_ecdh_params(mbedtls_ssl_context *ssl, in ssl_parse_server_ecdh_params() argument
1631 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_parse_server_ecdh_params()
1660 if (mbedtls_ssl_check_curve_tls_id(ssl, tls_id) != 0) { in ssl_parse_server_ecdh_params()
1696 static int ssl_parse_server_psk_hint(mbedtls_ssl_context *ssl, in ssl_parse_server_psk_hint() argument
1702 ((void) ssl); in ssl_parse_server_psk_hint()
1738 static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) in ssl_get_ecdh_params_from_cert() argument
1744 peer_pk = &ssl->handshake->peer_pubkey; in ssl_get_ecdh_params_from_cert()
1746 if (ssl->session_negotiate->peer_cert == NULL) { in ssl_get_ecdh_params_from_cert()
1751 peer_pk = &ssl->session_negotiate->peer_cert->pk; in ssl_get_ecdh_params_from_cert()
1765 if (mbedtls_ssl_check_curve(ssl, grp_id) != 0) { in ssl_get_ecdh_params_from_cert()
1780 &ssl->handshake->xxdh_psa_bits); in ssl_get_ecdh_params_from_cert()
1782 ssl->handshake->xxdh_psa_type = key_type; in ssl_get_ecdh_params_from_cert()
1785 memcpy(ssl->handshake->xxdh_psa_peerkey, peer_pk->pub_raw, peer_pk->pub_raw_len); in ssl_get_ecdh_params_from_cert()
1786 ssl->handshake->xxdh_psa_peerkey_len = peer_pk->pub_raw_len; in ssl_get_ecdh_params_from_cert()
1801 static int ssl_parse_server_key_exchange(mbedtls_ssl_context *ssl) in ssl_parse_server_key_exchange() argument
1805 ssl->handshake->ciphersuite_info; in ssl_parse_server_key_exchange()
1814 if ((ret = ssl_get_ecdh_params_from_cert(ssl)) != 0) { in ssl_parse_server_key_exchange()
1817 ssl, in ssl_parse_server_key_exchange()
1824 mbedtls_ssl_handshake_increment_state(ssl); in ssl_parse_server_key_exchange()
1833 if (ssl->handshake->ecrs_enabled && in ssl_parse_server_key_exchange()
1834 ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing) { in ssl_parse_server_key_exchange()
1839 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in ssl_parse_server_key_exchange()
1844 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in ssl_parse_server_key_exchange()
1847 ssl, in ssl_parse_server_key_exchange()
1857 if (ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE) { in ssl_parse_server_key_exchange()
1861 ssl->keep_current_message = 1; in ssl_parse_server_key_exchange()
1868 ssl, in ssl_parse_server_key_exchange()
1876 if (ssl->handshake->ecrs_enabled) { in ssl_parse_server_key_exchange()
1877 ssl->handshake->ecrs_state = ssl_ecrs_ske_start_processing; in ssl_parse_server_key_exchange()
1882 p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); in ssl_parse_server_key_exchange()
1883 end = ssl->in_msg + ssl->in_hslen; in ssl_parse_server_key_exchange()
1889 if (ssl_parse_server_psk_hint(ssl, &p, end) != 0) { in ssl_parse_server_key_exchange()
1892 ssl, in ssl_parse_server_key_exchange()
1911 if (ssl_parse_server_ecdh_params(ssl, &p, end) != 0) { in ssl_parse_server_key_exchange()
1914 ssl, in ssl_parse_server_key_exchange()
1949 &ssl->handshake->psa_pake_ctx, p, end - p, in ssl_parse_server_key_exchange()
1951 psa_destroy_key(ssl->handshake->psa_pake_password); in ssl_parse_server_key_exchange()
1952 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in ssl_parse_server_key_exchange()
1956 ssl, in ssl_parse_server_key_exchange()
1975 unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); in ssl_parse_server_key_exchange()
1983 peer_pk = &ssl->handshake->peer_pubkey; in ssl_parse_server_key_exchange()
1985 if (ssl->session_negotiate->peer_cert == NULL) { in ssl_parse_server_key_exchange()
1990 peer_pk = &ssl->session_negotiate->peer_cert->pk; in ssl_parse_server_key_exchange()
2000 !mbedtls_ssl_sig_alg_is_offered(ssl, sig_alg) && in ssl_parse_server_key_exchange()
2001 !mbedtls_ssl_sig_alg_is_supported(ssl, sig_alg)) { in ssl_parse_server_key_exchange()
2005 ssl, in ssl_parse_server_key_exchange()
2016 ssl, in ssl_parse_server_key_exchange()
2029 ssl, in ssl_parse_server_key_exchange()
2040 ssl, in ssl_parse_server_key_exchange()
2052 ret = mbedtls_ssl_get_key_exchange_md_tls1_2(ssl, hash, &hashlen, in ssl_parse_server_key_exchange()
2071 ssl, in ssl_parse_server_key_exchange()
2078 if (ssl->handshake->ecrs_enabled) { in ssl_parse_server_key_exchange()
2079 rs_ctx = &ssl->handshake->ecrs_ctx.pk; in ssl_parse_server_key_exchange()
2100 ssl, in ssl_parse_server_key_exchange()
2123 mbedtls_ssl_handshake_increment_state(ssl); in ssl_parse_server_key_exchange()
2132 static int ssl_parse_certificate_request(mbedtls_ssl_context *ssl) in ssl_parse_certificate_request() argument
2135 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_request()
2141 mbedtls_ssl_handshake_increment_state(ssl); in ssl_parse_certificate_request()
2150 static int ssl_parse_certificate_request(mbedtls_ssl_context *ssl) in ssl_parse_certificate_request() argument
2157 ssl->handshake->ciphersuite_info; in ssl_parse_certificate_request()
2168 mbedtls_ssl_handshake_increment_state(ssl); in ssl_parse_certificate_request()
2172 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in ssl_parse_certificate_request()
2177 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in ssl_parse_certificate_request()
2180 ssl, in ssl_parse_certificate_request()
2186 mbedtls_ssl_handshake_increment_state(ssl); in ssl_parse_certificate_request()
2187 ssl->handshake->client_auth = in ssl_parse_certificate_request()
2188 (ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST); in ssl_parse_certificate_request()
2191 ssl->handshake->client_auth ? "a" : "no")); in ssl_parse_certificate_request()
2193 if (ssl->handshake->client_auth == 0) { in ssl_parse_certificate_request()
2195 ssl->keep_current_message = 1; in ssl_parse_certificate_request()
2223 buf = ssl->in_msg; in ssl_parse_certificate_request()
2226 if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl)) { in ssl_parse_certificate_request()
2228 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_certificate_request()
2232 cert_type_len = buf[mbedtls_ssl_hs_hdr_len(ssl)]; in ssl_parse_certificate_request()
2245 if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl) + 2 + n) { in ssl_parse_certificate_request()
2247 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_certificate_request()
2253 sig_alg_len = MBEDTLS_GET_UINT16_BE(buf, mbedtls_ssl_hs_hdr_len(ssl) + 1 + n); in ssl_parse_certificate_request()
2267 if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl) + 3 + n + sig_alg_len) { in ssl_parse_certificate_request()
2270 ssl, in ssl_parse_certificate_request()
2277 sig_alg = buf + mbedtls_ssl_hs_hdr_len(ssl) + 3 + n; in ssl_parse_certificate_request()
2288 dn_len = MBEDTLS_GET_UINT16_BE(buf, mbedtls_ssl_hs_hdr_len(ssl) + 1 + n); in ssl_parse_certificate_request()
2291 if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 3 + n) { in ssl_parse_certificate_request()
2293 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_certificate_request()
2299 dn = buf + mbedtls_ssl_hs_hdr_len(ssl) + 3 + n - dn_len; in ssl_parse_certificate_request()
2313 ssl, in ssl_parse_certificate_request()
2333 static int ssl_parse_server_hello_done(mbedtls_ssl_context *ssl) in ssl_parse_server_hello_done() argument
2339 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in ssl_parse_server_hello_done()
2344 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in ssl_parse_server_hello_done()
2349 if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) || in ssl_parse_server_hello_done()
2350 ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO_DONE) { in ssl_parse_server_hello_done()
2352 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_server_hello_done()
2357 mbedtls_ssl_handshake_increment_state(ssl); in ssl_parse_server_hello_done()
2360 if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in ssl_parse_server_hello_done()
2361 mbedtls_ssl_recv_flight_completed(ssl); in ssl_parse_server_hello_done()
2371 static int ssl_write_client_key_exchange(mbedtls_ssl_context *ssl) in ssl_write_client_key_exchange() argument
2378 ssl->handshake->ciphersuite_info; in ssl_write_client_key_exchange()
2394 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_write_client_key_exchange()
2427 unsigned char *own_pubkey = ssl->out_msg + header_len + 1; in ssl_write_client_key_exchange()
2428 unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; in ssl_write_client_key_exchange()
2441 ssl->out_msg[header_len] = (unsigned char) own_pubkey_len; in ssl_write_client_key_exchange()
2451 ssl->handshake->premaster, in ssl_write_client_key_exchange()
2452 sizeof(ssl->handshake->premaster), in ssl_write_client_key_exchange()
2453 &ssl->handshake->pmslen); in ssl_write_client_key_exchange()
2472 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_write_client_key_exchange()
2477 if (mbedtls_ssl_conf_has_static_psk(ssl->conf) == 0) { in ssl_write_client_key_exchange()
2489 if (header_len + content_len_size + ssl->conf->psk_identity_len in ssl_write_client_key_exchange()
2496 unsigned char *p = ssl->out_msg + header_len; in ssl_write_client_key_exchange()
2498 *p++ = MBEDTLS_BYTE_1(ssl->conf->psk_identity_len); in ssl_write_client_key_exchange()
2499 *p++ = MBEDTLS_BYTE_0(ssl->conf->psk_identity_len); in ssl_write_client_key_exchange()
2502 memcpy(p, ssl->conf->psk_identity, in ssl_write_client_key_exchange()
2503 ssl->conf->psk_identity_len); in ssl_write_client_key_exchange()
2504 p += ssl->conf->psk_identity_len; in ssl_write_client_key_exchange()
2506 header_len += ssl->conf->psk_identity_len; in ssl_write_client_key_exchange()
2538 unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; in ssl_write_client_key_exchange()
2560 unsigned char *pms = ssl->handshake->premaster; in ssl_write_client_key_exchange()
2562 sizeof(ssl->handshake->premaster); in ssl_write_client_key_exchange()
2595 if (mbedtls_ssl_conf_has_static_psk(ssl->conf) == 0) { in ssl_write_client_key_exchange()
2603 content_len = ssl->conf->psk_identity_len; in ssl_write_client_key_exchange()
2611 ssl->out_msg[header_len++] = MBEDTLS_BYTE_1(content_len); in ssl_write_client_key_exchange()
2612 ssl->out_msg[header_len++] = MBEDTLS_BYTE_0(content_len); in ssl_write_client_key_exchange()
2614 memcpy(ssl->out_msg + header_len, in ssl_write_client_key_exchange()
2615 ssl->conf->psk_identity, in ssl_write_client_key_exchange()
2616 ssl->conf->psk_identity_len); in ssl_write_client_key_exchange()
2617 header_len += ssl->conf->psk_identity_len; in ssl_write_client_key_exchange()
2635 unsigned char *out_p = ssl->out_msg + header_len; in ssl_write_client_key_exchange()
2636 unsigned char *end_p = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN - in ssl_write_client_key_exchange()
2638 ret = mbedtls_psa_ecjpake_write_round(&ssl->handshake->psa_pake_ctx, in ssl_write_client_key_exchange()
2642 psa_destroy_key(ssl->handshake->psa_pake_password); in ssl_write_client_key_exchange()
2643 psa_pake_abort(&ssl->handshake->psa_pake_ctx); in ssl_write_client_key_exchange()
2655 ssl->out_msglen = header_len + content_len; in ssl_write_client_key_exchange()
2656 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_client_key_exchange()
2657 ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE; in ssl_write_client_key_exchange()
2659 mbedtls_ssl_handshake_increment_state(ssl); in ssl_write_client_key_exchange()
2661 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in ssl_write_client_key_exchange()
2673 static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl) in ssl_write_certificate_verify() argument
2676 ssl->handshake->ciphersuite_info; in ssl_write_certificate_verify()
2681 if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { in ssl_write_certificate_verify()
2688 mbedtls_ssl_handshake_increment_state(ssl); in ssl_write_certificate_verify()
2697 static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl) in ssl_write_certificate_verify() argument
2701 ssl->handshake->ciphersuite_info; in ssl_write_certificate_verify()
2709 size_t out_buf_len = ssl->out_buf_len - (size_t) (ssl->out_msg - ssl->out_buf); in ssl_write_certificate_verify()
2711 size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (size_t) (ssl->out_msg - ssl->out_buf); in ssl_write_certificate_verify()
2717 if (ssl->handshake->ecrs_enabled && in ssl_write_certificate_verify()
2718 ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign) { in ssl_write_certificate_verify()
2723 if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { in ssl_write_certificate_verify()
2730 mbedtls_ssl_handshake_increment_state(ssl); in ssl_write_certificate_verify()
2734 if (ssl->handshake->client_auth == 0 || in ssl_write_certificate_verify()
2735 mbedtls_ssl_own_cert(ssl) == NULL) { in ssl_write_certificate_verify()
2737 mbedtls_ssl_handshake_increment_state(ssl); in ssl_write_certificate_verify()
2741 if (mbedtls_ssl_own_key(ssl) == NULL) { in ssl_write_certificate_verify()
2750 if (ssl->handshake->ecrs_enabled) { in ssl_write_certificate_verify()
2751 ssl->handshake->ecrs_state = ssl_ecrs_crt_vrfy_sign; in ssl_write_certificate_verify()
2757 ret = ssl->handshake->calc_verify(ssl, hash, &hashlen); in ssl_write_certificate_verify()
2779 if (ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384) { in ssl_write_certificate_verify()
2781 ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA384; in ssl_write_certificate_verify()
2784 ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA256; in ssl_write_certificate_verify()
2786 ssl->out_msg[5] = mbedtls_ssl_sig_from_pk(mbedtls_ssl_own_key(ssl)); in ssl_write_certificate_verify()
2793 if (ssl->handshake->ecrs_enabled) { in ssl_write_certificate_verify()
2794 rs_ctx = &ssl->handshake->ecrs_ctx.pk; in ssl_write_certificate_verify()
2798 if ((ret = mbedtls_pk_sign_restartable(mbedtls_ssl_own_key(ssl), in ssl_write_certificate_verify()
2800 ssl->out_msg + 6 + offset, in ssl_write_certificate_verify()
2813 MBEDTLS_PUT_UINT16_BE(n, ssl->out_msg, offset + 4); in ssl_write_certificate_verify()
2815 ssl->out_msglen = 6 + n + offset; in ssl_write_certificate_verify()
2816 ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; in ssl_write_certificate_verify()
2817 ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_VERIFY; in ssl_write_certificate_verify()
2819 mbedtls_ssl_handshake_increment_state(ssl); in ssl_write_certificate_verify()
2821 if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { in ssl_write_certificate_verify()
2834 static int ssl_parse_new_session_ticket(mbedtls_ssl_context *ssl) in ssl_parse_new_session_ticket() argument
2844 if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { in ssl_parse_new_session_ticket()
2849 if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { in ssl_parse_new_session_ticket()
2852 ssl, in ssl_parse_new_session_ticket()
2868 if (ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET || in ssl_parse_new_session_ticket()
2869 ssl->in_hslen < 6 + mbedtls_ssl_hs_hdr_len(ssl)) { in ssl_parse_new_session_ticket()
2871 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_new_session_ticket()
2876 msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); in ssl_parse_new_session_ticket()
2882 if (ticket_len + 6 + mbedtls_ssl_hs_hdr_len(ssl) != ssl->in_hslen) { in ssl_parse_new_session_ticket()
2884 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_new_session_ticket()
2892 ssl->handshake->new_session_ticket = 0; in ssl_parse_new_session_ticket()
2893 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC); in ssl_parse_new_session_ticket()
2903 if (ssl->session != NULL && ssl->session->ticket != NULL) { in ssl_parse_new_session_ticket()
2904 mbedtls_zeroize_and_free(ssl->session->ticket, in ssl_parse_new_session_ticket()
2905 ssl->session->ticket_len); in ssl_parse_new_session_ticket()
2906 ssl->session->ticket = NULL; in ssl_parse_new_session_ticket()
2907 ssl->session->ticket_len = 0; in ssl_parse_new_session_ticket()
2910 mbedtls_zeroize_and_free(ssl->session_negotiate->ticket, in ssl_parse_new_session_ticket()
2911 ssl->session_negotiate->ticket_len); in ssl_parse_new_session_ticket()
2912 ssl->session_negotiate->ticket = NULL; in ssl_parse_new_session_ticket()
2913 ssl->session_negotiate->ticket_len = 0; in ssl_parse_new_session_ticket()
2917 mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, in ssl_parse_new_session_ticket()
2924 ssl->session_negotiate->ticket = ticket; in ssl_parse_new_session_ticket()
2925 ssl->session_negotiate->ticket_len = ticket_len; in ssl_parse_new_session_ticket()
2926 ssl->session_negotiate->ticket_lifetime = lifetime; in ssl_parse_new_session_ticket()
2934 ssl->session_negotiate->id_len = 0; in ssl_parse_new_session_ticket()
2945 int mbedtls_ssl_handshake_client_step(mbedtls_ssl_context *ssl) in mbedtls_ssl_handshake_client_step() argument
2952 if (ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC && in mbedtls_ssl_handshake_client_step()
2953 ssl->handshake->new_session_ticket != 0) { in mbedtls_ssl_handshake_client_step()
2954 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_NEW_SESSION_TICKET); in mbedtls_ssl_handshake_client_step()
2958 switch (ssl->state) { in mbedtls_ssl_handshake_client_step()
2960 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in mbedtls_ssl_handshake_client_step()
2967 ret = mbedtls_ssl_write_client_hello(ssl); in mbedtls_ssl_handshake_client_step()
2978 ret = ssl_parse_server_hello(ssl); in mbedtls_ssl_handshake_client_step()
2982 ret = mbedtls_ssl_parse_certificate(ssl); in mbedtls_ssl_handshake_client_step()
2986 ret = ssl_parse_server_key_exchange(ssl); in mbedtls_ssl_handshake_client_step()
2990 ret = ssl_parse_certificate_request(ssl); in mbedtls_ssl_handshake_client_step()
2994 ret = ssl_parse_server_hello_done(ssl); in mbedtls_ssl_handshake_client_step()
3005 ret = mbedtls_ssl_write_certificate(ssl); in mbedtls_ssl_handshake_client_step()
3009 ret = ssl_write_client_key_exchange(ssl); in mbedtls_ssl_handshake_client_step()
3013 ret = ssl_write_certificate_verify(ssl); in mbedtls_ssl_handshake_client_step()
3017 ret = mbedtls_ssl_write_change_cipher_spec(ssl); in mbedtls_ssl_handshake_client_step()
3021 ret = mbedtls_ssl_write_finished(ssl); in mbedtls_ssl_handshake_client_step()
3031 ret = ssl_parse_new_session_ticket(ssl); in mbedtls_ssl_handshake_client_step()
3036 ret = mbedtls_ssl_parse_change_cipher_spec(ssl); in mbedtls_ssl_handshake_client_step()
3040 ret = mbedtls_ssl_parse_finished(ssl); in mbedtls_ssl_handshake_client_step()
3045 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP); in mbedtls_ssl_handshake_client_step()
3049 mbedtls_ssl_handshake_wrapup(ssl); in mbedtls_ssl_handshake_client_step()
3053 MBEDTLS_SSL_DEBUG_MSG(1, ("invalid state %d", ssl->state)); in mbedtls_ssl_handshake_client_step()