Lines Matching refs:ssl
45 static int ssl_tls13_write_supported_versions_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_supported_versions_ext() argument
51 unsigned char versions_len = (ssl->handshake->min_tls_version <= in ssl_tls13_write_supported_versions_ext()
82 if (ssl->handshake->min_tls_version <= MBEDTLS_SSL_VERSION_TLS1_2) { in ssl_tls13_write_supported_versions_ext()
91 ssl, MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS); in ssl_tls13_write_supported_versions_ext()
97 static int ssl_tls13_parse_supported_versions_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_supported_versions_ext() argument
101 ((void) ssl); in ssl_tls13_parse_supported_versions_ext()
104 if (mbedtls_ssl_read_version(buf, ssl->conf->transport) != in ssl_tls13_parse_supported_versions_ext()
126 static int ssl_tls13_parse_alpn_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_alpn_ext() argument
135 if (ssl->conf->alpn_list == NULL) { in ssl_tls13_parse_alpn_ext()
161 for (const char *const *alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++) { in ssl_tls13_parse_alpn_ext()
164 ssl->alpn_chosen = *alpn; in ssl_tls13_parse_alpn_ext()
174 static int ssl_tls13_reset_key_share(mbedtls_ssl_context *ssl) in ssl_tls13_reset_key_share() argument
176 uint16_t group_id = ssl->handshake->offered_group_id; in ssl_tls13_reset_key_share()
189 status = psa_destroy_key(ssl->handshake->xxdh_psa_privkey); in ssl_tls13_reset_key_share()
196 ssl->handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; in ssl_tls13_reset_key_share()
212 static int ssl_tls13_get_default_group_id(mbedtls_ssl_context *ssl, in ssl_tls13_get_default_group_id() argument
219 const uint16_t *group_list = ssl->conf->group_list; in ssl_tls13_get_default_group_id()
242 ((void) ssl); in ssl_tls13_get_default_group_id()
263 static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_key_share_ext() argument
287 group_id = ssl->handshake->offered_group_id; in ssl_tls13_write_key_share_ext()
290 MBEDTLS_SSL_PROC_CHK(ssl_tls13_get_default_group_id(ssl, in ssl_tls13_write_key_share_ext()
318 ssl, group_id, p, end, &key_exchange_len); in ssl_tls13_write_key_share_ext()
351 ssl->handshake->offered_group_id = group_id; in ssl_tls13_write_key_share_ext()
359 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_KEY_SHARE); in ssl_tls13_write_key_share_ext()
376 static int ssl_tls13_parse_hrr_key_share_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_hrr_key_share_ext() argument
385 const uint16_t *group_list = ssl->conf->group_list; in ssl_tls13_parse_hrr_key_share_ext()
432 if (found == 0 || selected_group == ssl->handshake->offered_group_id) { in ssl_tls13_parse_hrr_key_share_ext()
441 ssl->handshake->offered_group_id = selected_group; in ssl_tls13_parse_hrr_key_share_ext()
445 (void) ssl; in ssl_tls13_parse_hrr_key_share_ext()
465 static int ssl_tls13_parse_key_share_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_key_share_ext() argument
482 offered_group = ssl->handshake->offered_group_id; in ssl_tls13_parse_key_share_ext()
497 ret = mbedtls_ssl_tls13_read_public_xxdhe_share(ssl, p, end - p); in ssl_tls13_parse_key_share_ext()
529 static int ssl_tls13_parse_cookie_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_cookie_ext() argument
535 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_cookie_ext()
562 static int ssl_tls13_write_cookie_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_cookie_ext() argument
569 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_write_cookie_ext()
594 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_COOKIE); in ssl_tls13_write_cookie_ext()
610 static int ssl_tls13_write_psk_key_exchange_modes_ext(mbedtls_ssl_context *ssl, in ssl_tls13_write_psk_key_exchange_modes_ext() argument
624 if (!mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl)) { in ssl_tls13_write_psk_key_exchange_modes_ext()
643 if (mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl)) { in ssl_tls13_write_psk_key_exchange_modes_ext()
650 if (mbedtls_ssl_conf_tls13_is_psk_enabled(ssl)) { in ssl_tls13_write_psk_key_exchange_modes_ext()
664 ssl, MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES); in ssl_tls13_write_psk_key_exchange_modes_ext()
682 static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl) in ssl_tls13_has_configured_ticket() argument
684 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_has_configured_ticket()
685 return ssl->handshake->resume && in ssl_tls13_has_configured_ticket()
688 ssl, mbedtls_ssl_tls13_session_get_ticket_flags( in ssl_tls13_has_configured_ticket()
693 static int ssl_tls13_early_data_has_valid_ticket(mbedtls_ssl_context *ssl) in ssl_tls13_early_data_has_valid_ticket() argument
695 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_early_data_has_valid_ticket()
696 return ssl->handshake->resume && in ssl_tls13_early_data_has_valid_ticket()
699 mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, session->ciphersuite); in ssl_tls13_early_data_has_valid_ticket()
704 static int ssl_tls13_ticket_get_identity(mbedtls_ssl_context *ssl, in ssl_tls13_ticket_get_identity() argument
709 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_ticket_get_identity()
711 if (!ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_ticket_get_identity()
722 static int ssl_tls13_ticket_get_psk(mbedtls_ssl_context *ssl, in ssl_tls13_ticket_get_psk() argument
728 mbedtls_ssl_session *session = ssl->session_negotiate; in ssl_tls13_ticket_get_psk()
730 if (!ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_ticket_get_psk()
743 static int ssl_tls13_psk_get_identity(mbedtls_ssl_context *ssl, in ssl_tls13_psk_get_identity() argument
749 if (!mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_psk_get_identity()
754 *identity = ssl->conf->psk_identity; in ssl_tls13_psk_get_identity()
755 *identity_len = ssl->conf->psk_identity_len; in ssl_tls13_psk_get_identity()
760 static int ssl_tls13_psk_get_psk(mbedtls_ssl_context *ssl, in ssl_tls13_psk_get_psk() argument
766 if (!mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_psk_get_psk()
771 *psk = ssl->conf->psk; in ssl_tls13_psk_get_psk()
772 *psk_len = ssl->conf->psk_len; in ssl_tls13_psk_get_psk()
776 static int ssl_tls13_get_configured_psk_count(mbedtls_ssl_context *ssl) in ssl_tls13_get_configured_psk_count() argument
780 if (ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_get_configured_psk_count()
785 if (mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_get_configured_psk_count()
793 static int ssl_tls13_write_identity(mbedtls_ssl_context *ssl, in ssl_tls13_write_identity() argument
801 ((void) ssl); in ssl_tls13_write_identity()
823 static int ssl_tls13_write_binder(mbedtls_ssl_context *ssl, in ssl_tls13_write_binder() argument
851 ssl, mbedtls_md_type_from_psa_alg(hash_alg), in ssl_tls13_write_binder()
857 ret = mbedtls_ssl_tls13_create_psk_binder(ssl, hash_alg, in ssl_tls13_write_binder()
895 mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext() argument
911 configured_psk_count = ssl_tls13_get_configured_psk_count(ssl); in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
930 ssl, &hash_alg, &identity, &identity_len) == 0) { in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
933 mbedtls_ssl_session *session = ssl->session_negotiate; in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
942 ret = ssl_tls13_write_identity(ssl, p, end, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
947 ret = ssl_tls13_write_identity(ssl, p, end, identity, identity_len, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
960 ssl, &hash_alg, &identity, &identity_len) == 0) { in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
962 ret = ssl_tls13_write_identity(ssl, p, end, identity, identity_len, 0, in mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext()
999 mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end) in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext() argument
1015 if (ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len) == 0) { in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1017 ret = ssl_tls13_write_binder(ssl, p, end, in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1028 if (ssl_tls13_psk_get_psk(ssl, &hash_alg, &psk, &psk_len) == 0) { in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1030 ret = ssl_tls13_write_binder(ssl, p, end, in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1050 ssl, MBEDTLS_TLS_EXT_PRE_SHARED_KEY); in mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext()
1074 static int ssl_tls13_parse_server_pre_shared_key_ext(mbedtls_ssl_context *ssl, in ssl_tls13_parse_server_pre_shared_key_ext() argument
1086 ssl->handshake->selected_identity = (uint16_t) selected_identity; in ssl_tls13_parse_server_pre_shared_key_ext()
1090 if (selected_identity >= ssl_tls13_get_configured_psk_count(ssl)) { in ssl_tls13_parse_server_pre_shared_key_ext()
1099 if (selected_identity == 0 && ssl_tls13_has_configured_ticket(ssl)) { in ssl_tls13_parse_server_pre_shared_key_ext()
1100 ret = ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len); in ssl_tls13_parse_server_pre_shared_key_ext()
1103 if (mbedtls_ssl_conf_has_static_psk(ssl->conf)) { in ssl_tls13_parse_server_pre_shared_key_ext()
1104 ret = ssl_tls13_psk_get_psk(ssl, &hash_alg, &psk, &psk_len); in ssl_tls13_parse_server_pre_shared_key_ext()
1113 if (mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac) in ssl_tls13_parse_server_pre_shared_key_ext()
1123 ret = mbedtls_ssl_set_hs_psk(ssl, psk, psk_len); in ssl_tls13_parse_server_pre_shared_key_ext()
1133 int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, in mbedtls_ssl_tls13_write_client_hello_exts() argument
1148 ret = ssl_tls13_write_supported_versions_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1157 ret = ssl_tls13_write_cookie_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1165 ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1173 if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in mbedtls_ssl_tls13_write_client_hello_exts()
1174 ret = ssl_tls13_write_key_share_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1191 if (!ssl->handshake->hello_retry_request_flag) { in mbedtls_ssl_tls13_write_client_hello_exts()
1192 if (mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl) && in mbedtls_ssl_tls13_write_client_hello_exts()
1193 ssl_tls13_early_data_has_valid_ticket(ssl) && in mbedtls_ssl_tls13_write_client_hello_exts()
1194 ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { in mbedtls_ssl_tls13_write_client_hello_exts()
1196 ssl, 0, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1202 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_IND_SENT; in mbedtls_ssl_tls13_write_client_hello_exts()
1204 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT; in mbedtls_ssl_tls13_write_client_hello_exts()
1219 ret = ssl_tls13_write_psk_key_exchange_modes_ext(ssl, p, end, &ext_len); in mbedtls_ssl_tls13_write_client_hello_exts()
1231 int mbedtls_ssl_tls13_finalize_client_hello(mbedtls_ssl_context *ssl) in mbedtls_ssl_tls13_finalize_client_hello() argument
1233 ((void) ssl); in mbedtls_ssl_tls13_finalize_client_hello()
1242 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_IND_SENT) { in mbedtls_ssl_tls13_finalize_client_hello()
1246 ret = ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len); in mbedtls_ssl_tls13_finalize_client_hello()
1253 ret = mbedtls_ssl_set_hs_psk(ssl, psk, psk_len); in mbedtls_ssl_tls13_finalize_client_hello()
1272 ssl->session_negotiate->ciphersuite); in mbedtls_ssl_tls13_finalize_client_hello()
1273 ssl->handshake->ciphersuite_info = ciphersuite_info; in mbedtls_ssl_tls13_finalize_client_hello()
1276 ssl->handshake->key_exchange_mode = in mbedtls_ssl_tls13_finalize_client_hello()
1282 ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl); in mbedtls_ssl_tls13_finalize_client_hello()
1290 ret = mbedtls_ssl_tls13_compute_early_transform(ssl); in mbedtls_ssl_tls13_finalize_client_hello()
1299 ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO); in mbedtls_ssl_tls13_finalize_client_hello()
1304 ssl, ssl->handshake->transform_earlydata); in mbedtls_ssl_tls13_finalize_client_hello()
1305 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_CAN_WRITE; in mbedtls_ssl_tls13_finalize_client_hello()
1329 mbedtls_ssl_context *ssl, in ssl_tls13_is_supported_versions_ext_present() argument
1359 ssl, p, end, in ssl_tls13_is_supported_versions_ext_present()
1369 static int ssl_tls13_is_downgrade_negotiation(mbedtls_ssl_context *ssl, in ssl_tls13_is_downgrade_negotiation() argument
1401 static int ssl_server_hello_is_hrr(mbedtls_ssl_context *ssl, in ssl_server_hello_is_hrr() argument
1440 static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl, in ssl_tls13_preprocess_server_hello() argument
1445 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_preprocess_server_hello()
1448 ssl, buf, end)); in ssl_tls13_preprocess_server_hello()
1452 ssl_tls13_is_downgrade_negotiation(ssl, buf, end)); in ssl_tls13_preprocess_server_hello()
1473 ssl->keep_current_message = 1; in ssl_tls13_preprocess_server_hello()
1474 ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; in ssl_tls13_preprocess_server_hello()
1476 ssl, MBEDTLS_SSL_HS_SERVER_HELLO, in ssl_tls13_preprocess_server_hello()
1479 if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in ssl_tls13_preprocess_server_hello()
1480 ret = ssl_tls13_reset_key_share(ssl); in ssl_tls13_preprocess_server_hello()
1489 ssl->session_negotiate->tls_version = ssl->tls_version; in ssl_tls13_preprocess_server_hello()
1490 ssl->session_negotiate->endpoint = ssl->conf->endpoint; in ssl_tls13_preprocess_server_hello()
1494 ret = ssl_server_hello_is_hrr(ssl, buf, end); in ssl_tls13_preprocess_server_hello()
1519 if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in ssl_tls13_preprocess_server_hello()
1539 static int ssl_tls13_check_server_hello_session_id_echo(mbedtls_ssl_context *ssl, in ssl_tls13_check_server_hello_session_id_echo() argument
1552 if (ssl->session_negotiate->id_len != legacy_session_id_echo_len || in ssl_tls13_check_server_hello_session_id_echo()
1553 memcmp(ssl->session_negotiate->id, p, legacy_session_id_echo_len) != 0) { in ssl_tls13_check_server_hello_session_id_echo()
1555 ssl->session_negotiate->id, in ssl_tls13_check_server_hello_session_id_echo()
1556 ssl->session_negotiate->id_len); in ssl_tls13_check_server_hello_session_id_echo()
1569 MBEDTLS_SSL_DEBUG_BUF(3, "Session ID", ssl->session_negotiate->id, in ssl_tls13_check_server_hello_session_id_echo()
1570 ssl->session_negotiate->id_len); in ssl_tls13_check_server_hello_session_id_echo()
1586 static int ssl_tls13_parse_server_hello(mbedtls_ssl_context *ssl, in ssl_tls13_parse_server_hello() argument
1593 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_server_hello()
1623 if (mbedtls_ssl_read_version(p, ssl->conf->transport) != in ssl_tls13_parse_server_hello()
1651 if (ssl_tls13_check_server_hello_session_id_echo(ssl, &p, end) != 0) { in ssl_tls13_parse_server_hello()
1671 if ((mbedtls_ssl_validate_ciphersuite(ssl, ciphersuite_info, in ssl_tls13_parse_server_hello()
1672 ssl->tls_version, in ssl_tls13_parse_server_hello()
1673 ssl->tls_version) != 0) || in ssl_tls13_parse_server_hello()
1674 !mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, cipher_suite)) { in ssl_tls13_parse_server_hello()
1684 (cipher_suite != ssl->session_negotiate->ciphersuite)) { in ssl_tls13_parse_server_hello()
1695 mbedtls_ssl_optimize_checksum(ssl, ciphersuite_info); in ssl_tls13_parse_server_hello()
1702 ssl->session_negotiate->start = mbedtls_time(NULL); in ssl_tls13_parse_server_hello()
1754 ssl, hs_msg_type, extension_type, allowed_extensions_mask); in ssl_tls13_parse_server_hello()
1762 ret = ssl_tls13_parse_cookie_ext(ssl, in ssl_tls13_parse_server_hello()
1773 ret = ssl_tls13_parse_supported_versions_ext(ssl, in ssl_tls13_parse_server_hello()
1786 ssl, p, extension_data_end)) != 0) { in ssl_tls13_parse_server_hello()
1796 if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { in ssl_tls13_parse_server_hello()
1802 ret = ssl_tls13_parse_hrr_key_share_ext(ssl, in ssl_tls13_parse_server_hello()
1805 ret = ssl_tls13_parse_key_share_ext(ssl, in ssl_tls13_parse_server_hello()
1857 static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) in ssl_tls13_postprocess_server_hello() argument
1860 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_postprocess_server_hello()
1900 ssl, handshake->key_exchange_mode)) { in ssl_tls13_postprocess_server_hello()
1922 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT || in ssl_tls13_postprocess_server_hello()
1927 ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl); in ssl_tls13_postprocess_server_hello()
1935 ret = mbedtls_ssl_tls13_compute_handshake_transform(ssl); in ssl_tls13_postprocess_server_hello()
1943 mbedtls_ssl_set_inbound_transform(ssl, handshake->transform_handshake); in ssl_tls13_postprocess_server_hello()
1945 ssl->session_in = ssl->session_negotiate; in ssl_tls13_postprocess_server_hello()
1958 static int ssl_tls13_postprocess_hrr(mbedtls_ssl_context *ssl) in ssl_tls13_postprocess_hrr() argument
1962 mbedtls_ssl_session_reset_msg_layer(ssl, 0); in ssl_tls13_postprocess_hrr()
1970 ret = ssl_tls13_reset_key_share(ssl); in ssl_tls13_postprocess_hrr()
1975 ssl->session_negotiate->ciphersuite = ssl->handshake->ciphersuite_info->id; in ssl_tls13_postprocess_hrr()
1978 if (ssl->early_data_state != MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT) { in ssl_tls13_postprocess_hrr()
1979 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_REJECTED; in ssl_tls13_postprocess_hrr()
1991 static int ssl_tls13_process_server_hello(mbedtls_ssl_context *ssl) in ssl_tls13_process_server_hello() argument
2001 ssl, MBEDTLS_SSL_HS_SERVER_HELLO, &buf, &buf_len)); in ssl_tls13_process_server_hello()
2003 ret = ssl_tls13_preprocess_server_hello(ssl, buf, buf + buf_len); in ssl_tls13_process_server_hello()
2015 MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_server_hello(ssl, buf, in ssl_tls13_process_server_hello()
2019 MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_reset_transcript_for_hrr(ssl)); in ssl_tls13_process_server_hello()
2023 ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, buf_len)); in ssl_tls13_process_server_hello()
2026 MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_hrr(ssl)); in ssl_tls13_process_server_hello()
2033 ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO); in ssl_tls13_process_server_hello()
2035 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in ssl_tls13_process_server_hello()
2038 MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_server_hello(ssl)); in ssl_tls13_process_server_hello()
2039 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS); in ssl_tls13_process_server_hello()
2063 static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl, in ssl_tls13_parse_encrypted_extensions() argument
2071 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_encrypted_extensions()
2102 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, extension_type, in ssl_tls13_parse_encrypted_extensions()
2114 ssl, p, (size_t) extension_data_len)) != 0) { in ssl_tls13_parse_encrypted_extensions()
2139 ssl, p, p + extension_data_len); in ssl_tls13_parse_encrypted_extensions()
2184 static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) in ssl_tls13_process_encrypted_extensions() argument
2189 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_process_encrypted_extensions()
2194 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, in ssl_tls13_process_encrypted_extensions()
2199 ssl_tls13_parse_encrypted_extensions(ssl, buf, buf + buf_len)); in ssl_tls13_process_encrypted_extensions()
2230 if ((!mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) || in ssl_tls13_process_encrypted_extensions()
2233 ssl->session_negotiate->ciphersuite) { in ssl_tls13_process_encrypted_extensions()
2241 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_ACCEPTED; in ssl_tls13_process_encrypted_extensions()
2242 } else if (ssl->early_data_state != in ssl_tls13_process_encrypted_extensions()
2244 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_REJECTED; in ssl_tls13_process_encrypted_extensions()
2258 ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id; in ssl_tls13_process_encrypted_extensions()
2261 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, in ssl_tls13_process_encrypted_extensions()
2265 if (mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) { in ssl_tls13_process_encrypted_extensions()
2266 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED); in ssl_tls13_process_encrypted_extensions()
2268 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST); in ssl_tls13_process_encrypted_extensions()
2271 ((void) ssl); in ssl_tls13_process_encrypted_extensions()
2272 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED); in ssl_tls13_process_encrypted_extensions()
2296 static int ssl_tls13_write_end_of_early_data(mbedtls_ssl_context *ssl) in ssl_tls13_write_end_of_early_data() argument
2304 ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, in ssl_tls13_write_end_of_early_data()
2308 ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, 0)); in ssl_tls13_write_end_of_early_data()
2311 mbedtls_ssl_finish_handshake_msg(ssl, buf_len, 0)); in ssl_tls13_write_end_of_early_data()
2313 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); in ssl_tls13_write_end_of_early_data()
2321 int mbedtls_ssl_get_early_data_status(mbedtls_ssl_context *ssl) in mbedtls_ssl_get_early_data_status() argument
2323 if ((ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) || in mbedtls_ssl_get_early_data_status()
2324 (!mbedtls_ssl_is_handshake_over(ssl))) { in mbedtls_ssl_get_early_data_status()
2328 switch (ssl->early_data_state) { in mbedtls_ssl_get_early_data_status()
2362 static int ssl_tls13_certificate_request_coordinate(mbedtls_ssl_context *ssl) in ssl_tls13_certificate_request_coordinate() argument
2366 if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) { in ssl_tls13_certificate_request_coordinate()
2370 ssl->keep_current_message = 1; in ssl_tls13_certificate_request_coordinate()
2372 if ((ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) && in ssl_tls13_certificate_request_coordinate()
2373 (ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST)) { in ssl_tls13_certificate_request_coordinate()
2392 static int ssl_tls13_parse_certificate_request(mbedtls_ssl_context *ssl, in ssl_tls13_parse_certificate_request() argument
2401 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_certificate_request()
2452 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, extension_type, in ssl_tls13_parse_certificate_request()
2462 ret = mbedtls_ssl_parse_sig_alg_ext(ssl, p, in ssl_tls13_parse_certificate_request()
2500 ssl->handshake->client_auth = 1; in ssl_tls13_parse_certificate_request()
2513 static int ssl_tls13_process_certificate_request(mbedtls_ssl_context *ssl) in ssl_tls13_process_certificate_request() argument
2519 MBEDTLS_SSL_PROC_CHK_NEG(ssl_tls13_certificate_request_coordinate(ssl)); in ssl_tls13_process_certificate_request()
2526 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, in ssl_tls13_process_certificate_request()
2530 ssl, buf, buf + buf_len)); in ssl_tls13_process_certificate_request()
2533 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, in ssl_tls13_process_certificate_request()
2543 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_CERTIFICATE); in ssl_tls13_process_certificate_request()
2555 static int ssl_tls13_process_server_certificate(mbedtls_ssl_context *ssl) in ssl_tls13_process_server_certificate() argument
2559 ret = mbedtls_ssl_tls13_process_certificate(ssl); in ssl_tls13_process_server_certificate()
2564 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CERTIFICATE_VERIFY); in ssl_tls13_process_server_certificate()
2572 static int ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl) in ssl_tls13_process_certificate_verify() argument
2576 ret = mbedtls_ssl_tls13_process_certificate_verify(ssl); in ssl_tls13_process_certificate_verify()
2581 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED); in ssl_tls13_process_certificate_verify()
2590 static int ssl_tls13_process_server_finished(mbedtls_ssl_context *ssl) in ssl_tls13_process_server_finished() argument
2594 ret = mbedtls_ssl_tls13_process_finished_message(ssl); in ssl_tls13_process_server_finished()
2599 ret = mbedtls_ssl_tls13_compute_application_transform(ssl); in ssl_tls13_process_server_finished()
2608 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_ACCEPTED) { in ssl_tls13_process_server_finished()
2609 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_SERVER_FINISHED_RECEIVED; in ssl_tls13_process_server_finished()
2610 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_END_OF_EARLY_DATA); in ssl_tls13_process_server_finished()
2616 ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED); in ssl_tls13_process_server_finished()
2618 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); in ssl_tls13_process_server_finished()
2629 static int ssl_tls13_write_client_certificate(mbedtls_ssl_context *ssl) in ssl_tls13_write_client_certificate() argument
2635 mbedtls_ssl_set_outbound_transform(ssl, ssl->handshake->transform_handshake); in ssl_tls13_write_client_certificate()
2638 if (ssl->handshake->client_auth) { in ssl_tls13_write_client_certificate()
2639 int ret = mbedtls_ssl_tls13_write_certificate(ssl); in ssl_tls13_write_client_certificate()
2644 if (mbedtls_ssl_own_cert(ssl) != NULL) { in ssl_tls13_write_client_certificate()
2653 mbedtls_ssl_handshake_set_state(ssl, in ssl_tls13_write_client_certificate()
2657 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); in ssl_tls13_write_client_certificate()
2668 static int ssl_tls13_write_client_certificate_verify(mbedtls_ssl_context *ssl) in ssl_tls13_write_client_certificate_verify() argument
2670 int ret = mbedtls_ssl_tls13_write_certificate_verify(ssl); in ssl_tls13_write_client_certificate_verify()
2673 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); in ssl_tls13_write_client_certificate_verify()
2684 static int ssl_tls13_write_client_finished(mbedtls_ssl_context *ssl) in ssl_tls13_write_client_finished() argument
2688 ret = mbedtls_ssl_tls13_write_finished_message(ssl); in ssl_tls13_write_client_finished()
2693 ret = mbedtls_ssl_tls13_compute_resumption_master_secret(ssl); in ssl_tls13_write_client_finished()
2700 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_FLUSH_BUFFERS); in ssl_tls13_write_client_finished()
2708 static int ssl_tls13_flush_buffers(mbedtls_ssl_context *ssl) in ssl_tls13_flush_buffers() argument
2711 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP); in ssl_tls13_flush_buffers()
2719 static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) in ssl_tls13_handshake_wrapup() argument
2722 mbedtls_ssl_tls13_handshake_wrapup(ssl); in ssl_tls13_handshake_wrapup()
2724 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER); in ssl_tls13_handshake_wrapup()
2742 mbedtls_ssl_context *ssl, in ssl_tls13_parse_new_session_ticket_early_data_ext() argument
2746 mbedtls_ssl_session *session = ssl->session; in ssl_tls13_parse_new_session_ticket_early_data_ext()
2762 static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, in ssl_tls13_parse_new_session_ticket_exts() argument
2766 mbedtls_ssl_handshake_params *handshake = ssl->handshake; in ssl_tls13_parse_new_session_ticket_exts()
2785 ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, extension_type, in ssl_tls13_parse_new_session_ticket_exts()
2795 ssl, p, p + extension_data_len); in ssl_tls13_parse_new_session_ticket_exts()
2833 static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl, in ssl_tls13_parse_new_session_ticket() argument
2841 mbedtls_ssl_session *session = ssl->session; in ssl_tls13_parse_new_session_ticket()
2912 ret = ssl_tls13_parse_new_session_ticket_exts(ssl, p, p + extensions_len); in ssl_tls13_parse_new_session_ticket()
2932 static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl, in ssl_tls13_postprocess_new_session_ticket() argument
2937 mbedtls_ssl_session *session = ssl->session; in ssl_tls13_postprocess_new_session_ticket()
2999 session, ssl->conf->tls13_kex_modes); in ssl_tls13_postprocess_new_session_ticket()
3009 static int ssl_tls13_process_new_session_ticket(mbedtls_ssl_context *ssl) in ssl_tls13_process_new_session_ticket() argument
3020 ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, in ssl_tls13_process_new_session_ticket()
3027 ssl->session->exported = 1; in ssl_tls13_process_new_session_ticket()
3030 ssl, buf, buf + buf_len, in ssl_tls13_process_new_session_ticket()
3034 ssl, ticket_nonce, ticket_nonce_len)); in ssl_tls13_process_new_session_ticket()
3042 ssl->session->exported = 0; in ssl_tls13_process_new_session_ticket()
3055 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER); in ssl_tls13_process_new_session_ticket()
3064 int mbedtls_ssl_tls13_handshake_client_step(mbedtls_ssl_context *ssl) in mbedtls_ssl_tls13_handshake_client_step() argument
3068 switch (ssl->state) { in mbedtls_ssl_tls13_handshake_client_step()
3070 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in mbedtls_ssl_tls13_handshake_client_step()
3074 ret = mbedtls_ssl_write_client_hello(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3078 ret = ssl_tls13_process_server_hello(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3082 ret = ssl_tls13_process_encrypted_extensions(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3087 ret = ssl_tls13_process_certificate_request(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3091 ret = ssl_tls13_process_server_certificate(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3095 ret = ssl_tls13_process_certificate_verify(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3100 ret = ssl_tls13_process_server_finished(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3105 ret = ssl_tls13_write_end_of_early_data(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3110 ret = ssl_tls13_write_client_certificate(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3115 ret = ssl_tls13_write_client_certificate_verify(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3120 ret = ssl_tls13_write_client_finished(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3124 ret = ssl_tls13_flush_buffers(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3128 ret = ssl_tls13_handshake_wrapup(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3136 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3140 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); in mbedtls_ssl_tls13_handshake_client_step()
3144 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3148 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); in mbedtls_ssl_tls13_handshake_client_step()
3153 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3155 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO); in mbedtls_ssl_tls13_handshake_client_step()
3160 ssl, ssl->handshake->transform_earlydata); in mbedtls_ssl_tls13_handshake_client_step()
3161 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_CAN_WRITE; in mbedtls_ssl_tls13_handshake_client_step()
3169 ret = ssl_tls13_process_new_session_ticket(ssl); in mbedtls_ssl_tls13_handshake_client_step()
3174 MBEDTLS_SSL_DEBUG_MSG(1, ("invalid state %d", ssl->state)); in mbedtls_ssl_tls13_handshake_client_step()