47#if !defined(MBEDTLS_CONFIG_FILE)
50#include MBEDTLS_CONFIG_FILE
53#if defined(MBEDTLS_SSL_SRV_C)
55#if defined(MBEDTLS_PLATFORM_C)
59#define mbedtls_calloc calloc
60#define mbedtls_free free
70#if defined(MBEDTLS_ECP_C)
74#if defined(MBEDTLS_HAVE_TIME)
78#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
80 const unsigned char *
info,
92 ssl->cli_id_len = ilen;
102 conf->f_cookie_write = f_cookie_write;
103 conf->f_cookie_check = f_cookie_check;
104 conf->p_cookie = p_cookie;
108#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
110 const unsigned char *
buf,
114 size_t servername_list_size, hostname_len;
115 const unsigned char *
p;
126 servername_list_size = ( (
buf[0] << 8 ) | (
buf[1] ) );
127 if( servername_list_size + 2 !=
len )
136 while( servername_list_size > 2 )
138 hostname_len = ( (
p[1] << 8 ) |
p[2] );
139 if( hostname_len + 3 > servername_list_size )
150 ssl,
p + 3, hostname_len );
161 servername_list_size -= hostname_len + 3;
162 p += hostname_len + 3;
165 if( servername_list_size != 0 )
178 const unsigned char *
buf,
181#if defined(MBEDTLS_SSL_RENEGOTIATION)
199 if(
len != 1 ||
buf[0] != 0x0 )
213#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
214 defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
229 const unsigned char *
buf,
232 size_t sig_alg_list_size;
234 const unsigned char *
p;
246 sig_alg_list_size = ( (
buf[0] << 8 ) | (
buf[1] ) );
247 if( sig_alg_list_size + 2 !=
len ||
248 sig_alg_list_size % 2 != 0 )
272 " unknown sig alg encoding %d",
p[1] ) );
281 " unknown hash alg encoding %d",
p[0] ) );
289 " match sig %d and hash %d",
295 "hash alg %d not supported", md_cur ) );
304#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
305 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
307 const unsigned char *
buf,
310 size_t list_size, our_size;
311 const unsigned char *
p;
320 list_size = ( (
buf[0] << 8 ) | (
buf[1] ) );
321 if( list_size + 2 !=
len ||
341 our_size = list_size / 2 + 1;
355 while( list_size > 0 && our_size > 1 )
359 if( curve_info !=
NULL )
361 *curves++ = curve_info;
373 const unsigned char *
buf,
377 const unsigned char *
p;
379 if(
len == 0 || (
size_t)(
buf[0] + 1 ) !=
len )
389 while( list_size > 0 )
394#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
397#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
398 ssl->
handshake->ecjpake_ctx.point_format =
p[0];
413#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
415 const unsigned char *
buf,
442#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
444 const unsigned char *
buf,
461#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
463 const unsigned char *
buf,
483#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
485 const unsigned char *
buf,
508#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
510 const unsigned char *
buf,
533#if defined(MBEDTLS_SSL_SESSION_TICKETS)
543 if( ssl->
conf->f_ticket_parse ==
NULL ||
557#if defined(MBEDTLS_SSL_RENEGOTIATION)
607#if defined(MBEDTLS_SSL_ALPN)
609 const unsigned char *
buf,
size_t len )
611 size_t list_len, cur_len, ours_len;
612 const unsigned char *theirs, *
start, *
end;
635 list_len = (
buf[0] << 8 ) |
buf[1];
636 if( list_len !=
len - 2 )
648 for( theirs =
start; theirs !=
end; theirs += cur_len )
653 if( cur_len > (
size_t)(
end - theirs ) )
674 ours_len =
strlen( *ours );
675 for( theirs =
start; theirs !=
end; theirs += cur_len )
679 if( cur_len == ours_len &&
680 memcmp( theirs, *ours, cur_len ) == 0 )
699#if defined(MBEDTLS_X509_CRT_PARSE_C)
703#if defined(MBEDTLS_ECDSA_C)
710 while( *crv !=
NULL )
712 if( (*crv)->grp_id == grp_id )
733#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
774 "(extended) key usage extension" ) );
778#if defined(MBEDTLS_ECDSA_C)
795 if( fallback ==
NULL )
799 "sha-2 with pre-TLS 1.2 client" ) );
833#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
834 defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
839 if( suite_info ==
NULL )
854#if defined(MBEDTLS_SSL_PROTO_DTLS)
860#if defined(MBEDTLS_ARC4_C)
869#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
874 "not configured or ext missing" ) );
880#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
886 "no common elliptic curve" ) );
891#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
897 ssl->
conf->psk_identity_len == 0 || ssl->
conf->psk_len == 0 ) )
904#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
905 defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
915 "for signature algorithm %d", sig_type ) );
923#if defined(MBEDTLS_X509_CRT_PARSE_C)
931 if( ssl_pick_cert( ssl, suite_info ) != 0 )
934 "no suitable certificate" ) );
939 *ciphersuite_info = suite_info;
943#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
946 int ret, got_common_suite;
949 unsigned int ciph_len, sess_len, chal_len;
950 unsigned char *
buf, *
p;
951 const int *ciphersuites;
956#if defined(MBEDTLS_SSL_RENEGOTIATION)
973 ( (
buf[0] & 0x7F ) << 8 ) |
buf[1] ) );
994 n = ( (
buf[0] << 8 ) |
buf[1] ) & 0x7FFF;
996 if( n < 17 || n > 512 )
1009 " [%d:%d] < [%d:%d]",
1042 ciph_len = (
buf[0] << 8 ) |
buf[1];
1043 sess_len = (
buf[2] << 8 ) |
buf[3];
1044 chal_len = (
buf[4] << 8 ) |
buf[5];
1047 ciph_len, sess_len, chal_len ) );
1052 if( ciph_len < 3 || ( ciph_len % 3 ) != 0 )
1064 if( chal_len < 8 || chal_len > 32 )
1070 if(
n != 6 + ciph_len + sess_len + chal_len )
1077 buf + 6, ciph_len );
1079 buf + 6 + ciph_len, sess_len );
1081 buf + 6 + ciph_len + sess_len, chal_len );
1083 p =
buf + 6 + ciph_len;
1096 for(
i = 0,
p =
buf + 6;
i < ciph_len;
i += 3,
p += 3 )
1101#if defined(MBEDTLS_SSL_RENEGOTIATION)
1105 "during renegotiation" ) );
1117#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
1118 for(
i = 0,
p =
buf + 6;
i < ciph_len;
i += 3,
p += 3 )
1141 got_common_suite = 0;
1143 ciphersuite_info =
NULL;
1144#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
1145 for(
j = 0,
p =
buf + 6;
j < ciph_len;
j += 3,
p += 3 )
1146 for(
i = 0; ciphersuites[
i] != 0;
i++ )
1148 for(
i = 0; ciphersuites[
i] != 0;
i++ )
1149 for(
j = 0,
p =
buf + 6;
j < ciph_len;
j += 3,
p += 3 )
1153 p[1] != ( ( ciphersuites[
i] >> 8 ) & 0xFF ) ||
1154 p[2] != ( ( ciphersuites[
i] ) & 0xFF ) )
1157 got_common_suite = 1;
1159 if( (
ret = ssl_ciphersuite_match( ssl, ciphersuites[
i],
1160 &ciphersuite_info ) ) != 0 )
1163 if( ciphersuite_info !=
NULL )
1164 goto have_ciphersuite_v2;
1167 if( got_common_suite )
1170 "but none of them usable" ) );
1211 int ret, got_common_suite;
1213 size_t ciph_offset, comp_offset, ext_offset;
1214 size_t msg_len, ciph_len, sess_len, comp_len, ext_len;
1215#if defined(MBEDTLS_SSL_PROTO_DTLS)
1216 size_t cookie_offset, cookie_len;
1219#if defined(MBEDTLS_SSL_RENEGOTIATION)
1220 int renegotiation_info_seen = 0;
1222 int handshake_failure = 0;
1223 const int *ciphersuites;
1230#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
1231 defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
1232 int sig_hash_alg_ext_present = 0;
1238#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
1246#if defined(MBEDTLS_SSL_RENEGOTIATION)
1260#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
1261#if defined(MBEDTLS_SSL_PROTO_DTLS)
1264 if( (
buf[0] & 0x80 ) != 0 )
1265 return( ssl_parse_client_hello_v2( ssl ) );
1308#if defined(MBEDTLS_SSL_PROTO_DTLS)
1324#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
1325 if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 )
1328 ssl->next_record_offset = 0;
1330 goto read_record_header;
1334 mbedtls_ssl_dtls_replay_update( ssl );
1364#if defined(MBEDTLS_SSL_PROTO_DTLS)
1401 (
buf[1] << 16 ) | (
buf[2] << 8 ) |
buf[3] ) );
1411#if defined(MBEDTLS_SSL_PROTO_DTLS)
1418#if defined(MBEDTLS_SSL_RENEGOTIATION)
1422 unsigned int cli_msg_seq = ( ssl->
in_msg[4] << 8 ) |
1425 if( cli_msg_seq != ssl->
handshake->in_msg_seq )
1428 "%d (expected %d)", cli_msg_seq,
1438 unsigned int cli_msg_seq = ( ssl->
in_msg[4] << 8 ) |
1440 ssl->
handshake->out_msg_seq = cli_msg_seq;
1441 ssl->
handshake->in_msg_seq = cli_msg_seq + 1;
1502 " [%d:%d] < [%d:%d]",
1531 sess_len + 34 + 2 > msg_len )
1550#if defined(MBEDTLS_SSL_PROTO_DTLS)
1553 cookie_offset = 35 + sess_len;
1554 cookie_len =
buf[cookie_offset];
1556 if( cookie_offset + 1 + cookie_len + 2 > msg_len )
1565 buf + cookie_offset + 1, cookie_len );
1567#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
1568 if( ssl->
conf->f_cookie_check !=
NULL
1574 if( ssl->
conf->f_cookie_check( ssl->
conf->p_cookie,
1575 buf + cookie_offset + 1, cookie_len,
1576 ssl->cli_id, ssl->cli_id_len ) != 0 )
1591 if( cookie_len != 0 )
1604 ciph_offset = cookie_offset + 1 + cookie_len;
1608 ciph_offset = 35 + sess_len;
1610 ciph_len = (
buf[ciph_offset + 0] << 8 )
1611 | (
buf[ciph_offset + 1] );
1614 ciph_len + 2 + ciph_offset + 1 > msg_len ||
1615 ( ciph_len % 2 ) != 0 )
1624 buf + ciph_offset + 2, ciph_len );
1629 comp_offset = ciph_offset + 2 + ciph_len;
1631 comp_len =
buf[comp_offset];
1635 comp_len + comp_offset + 1 > msg_len )
1644 buf + comp_offset + 1, comp_len );
1647#if defined(MBEDTLS_ZLIB_SUPPORT)
1648 for(
i = 0;
i < comp_len; ++
i )
1659#if defined(MBEDTLS_SSL_PROTO_DTLS)
1665#if defined(MBEDTLS_SSL_PROTO_SSL3)
1672 ext_offset = comp_offset + 1 + comp_len;
1673 if( msg_len > ext_offset )
1675 if( msg_len < ext_offset + 2 )
1683 ext_len = (
buf[ext_offset + 0] << 8 )
1684 | (
buf[ext_offset + 1] );
1686 if( ( ext_len > 0 && ext_len < 4 ) ||
1687 msg_len != ext_offset + 2 + ext_len )
1698 ext =
buf + ext_offset + 2;
1701 while( ext_len != 0 )
1703 unsigned int ext_id;
1705 if ( ext_len < 4 ) {
1711 ext_id = ( (
ext[0] << 8 ) | (
ext[1] ) );
1723#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
1737#if defined(MBEDTLS_SSL_RENEGOTIATION)
1738 renegotiation_info_seen = 1;
1746#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
1747 defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
1751 ret = ssl_parse_signature_algorithms_ext( ssl,
ext + 4,
ext_size );
1755 sig_hash_alg_ext_present = 1;
1760#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
1761 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1765 ret = ssl_parse_supported_elliptic_curves( ssl,
ext + 4,
ext_size );
1774 ret = ssl_parse_supported_point_formats( ssl,
ext + 4,
ext_size );
1781#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1791#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
1795 ret = ssl_parse_max_fragment_length_ext( ssl,
ext + 4,
ext_size );
1801#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
1811#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
1821#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
1831#if defined(MBEDTLS_SSL_SESSION_TICKETS)
1841#if defined(MBEDTLS_SSL_ALPN)
1859 if( ext_len > 0 && ext_len < 4 )
1867#if defined(MBEDTLS_SSL_PROTO_SSL3)
1871#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
1872 for(
i = 0,
p =
buf + ciph_offset + 2;
i < ciph_len;
i += 2,
p += 2 )
1894#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
1895 defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
1901 if( sig_hash_alg_ext_present == 0 )
1917 for(
i = 0,
p =
buf + ciph_offset + 2;
i < ciph_len;
i += 2,
p += 2 )
1922#if defined(MBEDTLS_SSL_RENEGOTIATION)
1926 "during renegotiation" ) );
1944 handshake_failure = 1;
1946#if defined(MBEDTLS_SSL_RENEGOTIATION)
1949 renegotiation_info_seen == 0 )
1952 handshake_failure = 1;
1959 handshake_failure = 1;
1963 renegotiation_info_seen == 1 )
1966 handshake_failure = 1;
1970 if( handshake_failure == 1 )
1982 got_common_suite = 0;
1984 ciphersuite_info =
NULL;
1985#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
1986 for(
j = 0,
p =
buf + ciph_offset + 2;
j < ciph_len;
j += 2,
p += 2 )
1987 for(
i = 0; ciphersuites[
i] != 0;
i++ )
1989 for(
i = 0; ciphersuites[
i] != 0;
i++ )
1990 for(
j = 0,
p =
buf + ciph_offset + 2;
j < ciph_len;
j += 2,
p += 2 )
1993 if(
p[0] != ( ( ciphersuites[
i] >> 8 ) & 0xFF ) ||
1994 p[1] != ( ( ciphersuites[
i] ) & 0xFF ) )
1997 got_common_suite = 1;
1999 if( (
ret = ssl_ciphersuite_match( ssl, ciphersuites[
i],
2000 &ciphersuite_info ) ) != 0 )
2003 if( ciphersuite_info !=
NULL )
2004 goto have_ciphersuite;
2007 if( got_common_suite )
2010 "but none of them usable" ) );
2031#if defined(MBEDTLS_SSL_PROTO_DTLS)
2033 mbedtls_ssl_recv_flight_completed( ssl );
2037#if defined(MBEDTLS_DEBUG_C) && \
2038 defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
2039 defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
2053 "%d - should not happen", sig_alg ) );
2063#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
2068 unsigned char *
p =
buf;
2088#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
2093 unsigned char *
p =
buf;
2131#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
2136 unsigned char *
p =
buf;
2158#if defined(MBEDTLS_SSL_SESSION_TICKETS)
2163 unsigned char *
p =
buf;
2187 unsigned char *
p =
buf;
2200#if defined(MBEDTLS_SSL_RENEGOTIATION)
2223#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
2228 unsigned char *
p =
buf;
2250#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
2251 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
2256 unsigned char *
p =
buf;
2281#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
2287 unsigned char *
p =
buf;
2310 p + 2,
end -
p - 2, &kkpp_len,
2318 *
p++ = (
unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
2319 *
p++ = (
unsigned char)( ( kkpp_len ) & 0xFF );
2321 *olen = kkpp_len + 4;
2325#if defined(MBEDTLS_SSL_ALPN )
2327 unsigned char *
buf,
size_t *olen )
2349 buf[2] = (
unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
2350 buf[3] = (
unsigned char)( ( ( *olen - 4 ) ) & 0xFF );
2352 buf[4] = (
unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
2353 buf[5] = (
unsigned char)( ( ( *olen - 6 ) ) & 0xFF );
2355 buf[6] = (
unsigned char)( ( ( *olen - 7 ) ) & 0xFF );
2361#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
2365 unsigned char *
p = ssl->
out_msg + 4;
2366 unsigned char *cookie_len_byte;
2385 if( ssl->
conf->f_cookie_write ==
NULL )
2392 cookie_len_byte =
p++;
2394 if( (
ret = ssl->
conf->f_cookie_write( ssl->
conf->p_cookie,
2396 ssl->cli_id, ssl->cli_id_len ) ) != 0 )
2402 *cookie_len_byte = (
unsigned char)(
p - ( cookie_len_byte + 1 ) );
2418#if defined(MBEDTLS_SSL_PROTO_DTLS)
2420 (
ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
2435#if defined(MBEDTLS_HAVE_TIME)
2439 size_t olen, ext_len = 0,
n;
2440 unsigned char *
buf, *
p;
2444#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
2446 ssl->
handshake->verify_cookie_len != 0 )
2451 return( ssl_write_hello_verify_request( ssl ) );
2478#if defined(MBEDTLS_HAVE_TIME)
2480 *
p++ = (
unsigned char)(
t >> 24 );
2481 *
p++ = (
unsigned char)(
t >> 16 );
2482 *
p++ = (
unsigned char)(
t >> 8 );
2483 *
p++ = (
unsigned char)(
t );
2527#if defined(MBEDTLS_HAVE_TIME)
2531#if defined(MBEDTLS_SSL_SESSION_TICKETS)
2588#if defined(MBEDTLS_SSL_PROTO_SSL3)
2596 ssl_write_renegotiation_ext( ssl,
p + 2 + ext_len, &olen );
2599#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
2600 ssl_write_max_fragment_length_ext( ssl,
p + 2 + ext_len, &olen );
2604#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
2605 ssl_write_truncated_hmac_ext( ssl,
p + 2 + ext_len, &olen );
2609#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
2610 ssl_write_encrypt_then_mac_ext( ssl,
p + 2 + ext_len, &olen );
2614#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
2615 ssl_write_extended_ms_ext( ssl,
p + 2 + ext_len, &olen );
2619#if defined(MBEDTLS_SSL_SESSION_TICKETS)
2620 ssl_write_session_ticket_ext( ssl,
p + 2 + ext_len, &olen );
2624#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
2625 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
2629 ssl_write_supported_point_formats_ext( ssl,
p + 2 + ext_len, &olen );
2634#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
2635 ssl_write_ecjpake_kkpp_ext( ssl,
p + 2 + ext_len, &olen );
2639#if defined(MBEDTLS_SSL_ALPN)
2640 ssl_write_alpn_ext( ssl,
p + 2 + ext_len, &olen );
2648 *
p++ = (
unsigned char)( ( ext_len >> 8 ) & 0xFF );
2649 *
p++ = (
unsigned char)( ( ext_len ) & 0xFF );
2653#if defined(MBEDTLS_SSL_PROTO_SSL3)
2668#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \
2669 !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
2670 !defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
2671 !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
2672 !defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)&& \
2673 !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
2701 size_t dn_size, total_dn_size;
2702 size_t ct_len, sa_len;
2703 unsigned char *
buf, *
p;
2712#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
2753#if defined(MBEDTLS_RSA_C)
2756#if defined(MBEDTLS_ECDSA_C)
2760 p[0] = (
unsigned char) ct_len++;
2764#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
2792#if defined(MBEDTLS_RSA_C)
2793 p[2 + sa_len++] =
hash;
2796#if defined(MBEDTLS_ECDSA_C)
2797 p[2 + sa_len++] =
hash;
2802 p[0] = (
unsigned char)( sa_len >> 8 );
2803 p[1] = (
unsigned char)( sa_len );
2819#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
2831 (
size_t)(
end -
p ) < dn_size ||
2832 (
size_t)(
end -
p ) < 2 + dn_size )
2838 *
p++ = (
unsigned char)( dn_size >> 8 );
2839 *
p++ = (
unsigned char)( dn_size );
2845 total_dn_size += 2 + dn_size;
2853 ssl->
out_msg[4 + ct_len + sa_len] = (
unsigned char)( total_dn_size >> 8 );
2854 ssl->
out_msg[5 + ct_len + sa_len] = (
unsigned char)( total_dn_size );
2869#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
2870 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
2894#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) && \
2895 defined(MBEDTLS_SSL_ASYNC_PRIVATE)
2897 size_t *signature_len )
2907 int ret = ssl->
conf->f_async_resume( ssl,
2908 sig_start, signature_len, sig_max_len );
2912 mbedtls_ssl_set_async_operation_data( ssl,
NULL );
2924 size_t *signature_len )
2928#if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED)
2929#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
2930 unsigned char *dig_signed =
NULL;
2934 (
void) ciphersuite_info;
2935#if !defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
2936 (
void) signature_len;
2950#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
2976#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
2977 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
2990#if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED)
3029#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
3045#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
3064 if( (*curve)->grp_id == *gid )
3065 goto curve_matching_done;
3068 if( curve ==
NULL || *curve ==
NULL )
3077 (*curve)->grp_id ) ) != 0 )
3093#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
3110#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
3129#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
3148#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
3149 defined(MBEDTLS_SSL_PROTO_TLS1_1)
3168#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
3169 defined(MBEDTLS_SSL_PROTO_TLS1_1)
3182#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
3183 defined(MBEDTLS_SSL_PROTO_TLS1_2)
3206#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
3232#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
3233 if( ssl->
conf->f_async_sign_start !=
NULL )
3235 ret = ssl->
conf->f_async_sign_start( ssl,
3237 md_alg,
hash, hashlen );
3245 return( ssl_resume_server_key_exchange( ssl, signature_len ) );
3268 md_alg,
hash, hashlen,
3290 size_t signature_len = 0;
3291#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED)
3298#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED)
3305#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
3308 ssl_get_ecdh_params_from_cert( ssl );
3320#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) && \
3321 defined(MBEDTLS_SSL_ASYNC_PRIVATE)
3324 if( ssl->
handshake->async_in_progress != 0 )
3327 ret = ssl_resume_server_key_exchange( ssl, &signature_len );
3334 ret = ssl_prepare_server_key_exchange( ssl, &signature_len );
3353#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
3354 if( signature_len != 0 )
3396#if defined(MBEDTLS_SSL_PROTO_DTLS)
3398 mbedtls_ssl_send_flight_completed( ssl );
3407#if defined(MBEDTLS_SSL_PROTO_DTLS)
3409 (
ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
3421#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
3422 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
3424 const unsigned char *
end )
3438 n = ( (*p)[0] << 8 ) | (*
p)[1];
3462#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
3463 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
3465#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
3467 unsigned char *peer_pms,
3468 size_t *peer_pmslen,
3469 size_t peer_pmssize )
3471 int ret = ssl->
conf->f_async_resume( ssl,
3472 peer_pms, peer_pmslen, peer_pmssize );
3476 mbedtls_ssl_set_async_operation_data( ssl,
NULL );
3484 const unsigned char *
p,
3485 const unsigned char *
end,
3486 unsigned char *peer_pms,
3487 size_t *peer_pmslen,
3488 size_t peer_pmssize )
3495#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
3498 if( ssl->
handshake->async_in_progress != 0 )
3501 return( ssl_resume_decrypt_pms( ssl,
3502 peer_pms, peer_pmslen, peer_pmssize ) );
3509#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
3510 defined(MBEDTLS_SSL_PROTO_TLS1_2)
3513 if (
p + 2 >
end ) {
3517 if( *
p++ != ( (
len >> 8 ) & 0xFF ) ||
3518 *
p++ != ( (
len ) & 0xFF ) )
3535#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
3536 if( ssl->
conf->f_async_decrypt_start !=
NULL )
3538 ret = ssl->
conf->f_async_decrypt_start( ssl,
3548 return( ssl_resume_decrypt_pms( ssl,
3569 peer_pms, peer_pmslen, peer_pmssize,
3575 const unsigned char *
p,
3576 const unsigned char *
end,
3581 unsigned char ver[2];
3582 unsigned char fake_pms[48], peer_pms[48];
3584 size_t i, peer_pmslen;
3594 peer_pms[0] = peer_pms[1] = ~0;
3597 ret = ssl_decrypt_encrypted_pms( ssl,
p,
end,
3600 sizeof( peer_pms ) );
3602#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
3614 diff = (
unsigned int)
ret;
3615 diff |= peer_pmslen ^ 48;
3616 diff |= peer_pms[0] ^ ver[0];
3617 diff |= peer_pms[1] ^ ver[1];
3622#if defined(_MSC_VER)
3623#pragma warning( push )
3624#pragma warning( disable : 4146 )
3626 mask = - ( ( diff | - diff ) >> (
sizeof(
unsigned int ) * 8 - 1 ) );
3627#if defined(_MSC_VER)
3628#pragma warning( pop )
3648#if defined(MBEDTLS_SSL_DEBUG_ALL)
3664 pms[
i] = (
mask & fake_pms[
i] ) | ( (
~mask) & peer_pms[
i] );
3671#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
3673 const unsigned char *
end )
3680 ssl->
conf->psk_identity_len == 0 || ssl->
conf->psk_len == 0 ) )
3695 n = ( (*p)[0] << 8 ) | (*
p)[1];
3698 if( n < 1 || n > 65535 ||
n > (
size_t) (
end - *
p ) )
3706 if( ssl->
conf->f_psk( ssl->
conf->p_psk, ssl, *
p,
n ) != 0 )
3713 if(
n != ssl->
conf->psk_identity_len ||
3738 unsigned char *
p, *
end;
3744#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && \
3745 ( defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
3746 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) )
3749 ( ssl->
handshake->async_in_progress != 0 ) )
3779#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
3782 if( (
ret = ssl_parse_client_dh_public( ssl, &
p,
end ) ) != 0 )
3808#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
3809 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
3810 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
3811 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
3818 p,
end -
p) ) != 0 )
3845#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
3848 if( (
ret = ssl_parse_client_psk_identity( ssl, &
p,
end ) ) != 0 )
3860 if( (
ret = mbedtls_ssl_psk_derive_premaster( ssl,
3869#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
3872#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
3873 if ( ssl->
handshake->async_in_progress != 0 )
3881 p += ssl->
conf->psk_identity_len + 2;
3885 if( (
ret = ssl_parse_client_psk_identity( ssl, &
p,
end ) ) != 0 )
3891 if( (
ret = ssl_parse_encrypted_pms( ssl,
p,
end, 2 ) ) != 0 )
3897 if( (
ret = mbedtls_ssl_psk_derive_premaster( ssl,
3906#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
3909 if( (
ret = ssl_parse_client_psk_identity( ssl, &
p,
end ) ) != 0 )
3914 if( (
ret = ssl_parse_client_dh_public( ssl, &
p,
end ) ) != 0 )
3926 if( (
ret = mbedtls_ssl_psk_derive_premaster( ssl,
3935#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
3938 if( (
ret = ssl_parse_client_psk_identity( ssl, &
p,
end ) ) != 0 )
3945 p,
end -
p ) ) != 0 )
3954 if( (
ret = mbedtls_ssl_psk_derive_premaster( ssl,
3963#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
3966 if( (
ret = ssl_parse_encrypted_pms( ssl,
p,
end, 0 ) ) != 0 )
3974#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
4014#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \
4015 !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
4016 !defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
4017 !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
4018 !defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)&& \
4019 !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
4046 unsigned char hash[48];
4047 unsigned char *hash_start =
hash;
4049#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
4096#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
4097 defined(MBEDTLS_SSL_PROTO_TLS1_1)
4115#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
4132 " for verify message" ) );
4136#if !defined(MBEDTLS_MD_SHA1)
4153 " for verify message" ) );
4194 md_alg, hash_start, hashlen,
4195 ssl->
in_msg +
i, sig_len ) ) != 0 )
4214#if defined(MBEDTLS_SSL_SESSION_TICKETS)
4237 if( (
ret = ssl->
conf->f_ticket_write( ssl->
conf->p_ticket,
4241 &tlen, &lifetime ) ) != 0 )
4247 ssl->
out_msg[4] = ( lifetime >> 24 ) & 0xFF;
4248 ssl->
out_msg[5] = ( lifetime >> 16 ) & 0xFF;
4249 ssl->
out_msg[6] = ( lifetime >> 8 ) & 0xFF;
4250 ssl->
out_msg[7] = ( lifetime ) & 0xFF;
4252 ssl->
out_msg[8] = (
unsigned char)( ( tlen >> 8 ) & 0xFF );
4253 ssl->
out_msg[9] = (
unsigned char)( ( tlen ) & 0xFF );
4290#if defined(MBEDTLS_SSL_PROTO_DTLS)
4294 if( (
ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
4299 switch( ssl->
state )
4309 ret = ssl_parse_client_hello( ssl );
4312#if defined(MBEDTLS_SSL_PROTO_DTLS)
4325 ret = ssl_write_server_hello( ssl );
4333 ret = ssl_write_server_key_exchange( ssl );
4337 ret = ssl_write_certificate_request( ssl );
4341 ret = ssl_write_server_hello_done( ssl );
4356 ret = ssl_parse_client_key_exchange( ssl );
4360 ret = ssl_parse_certificate_verify( ssl );
4377#if defined(MBEDTLS_SSL_SESSION_TICKETS)
4379 ret = ssl_write_new_session_ticket( ssl );
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
ACPI_SIZE strlen(const char *String)
#define MBEDTLS_MPI_MAX_SIZE
size_t mbedtls_mpi_size(const mbedtls_mpi *X)
Return the total size of an MPI value in bytes.
@ MBEDTLS_CIPHER_ARC4_128
int mbedtls_dhm_read_public(mbedtls_dhm_context *ctx, const unsigned char *input, size_t ilen)
This function imports the raw public value of the peer.
int mbedtls_dhm_set_group(mbedtls_dhm_context *ctx, const mbedtls_mpi *P, const mbedtls_mpi *G)
This function sets the prime modulus and generator.
int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx, unsigned char *output, size_t output_size, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function derives and exports the shared secret (G^Y)^X mod P.
int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size, unsigned char *output, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates a DHM key pair and exports its public part together with the DHM parameters i...
static const WCHAR *const ext[]
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *
int mbedtls_ecdh_setup(mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id)
This function sets up the ECDH context with the information given.
int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, mbedtls_ecdh_side side)
This function sets up an ECDH context from an EC key.
int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function derives and exports the shared secret.
int mbedtls_ecdh_make_params(mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates an EC key pair and exports its in the format used in a TLS ServerKeyExchange ...
int mbedtls_ecdh_read_public(mbedtls_ecdh_context *ctx, const unsigned char *buf, size_t blen)
This function parses and processes the ECDHE payload of a TLS ClientKeyExchange message.
int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
Read and process the second round message (TLS: contents of the Client/ServerKeyExchange).
int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate and write the first round message (TLS: contents of the Client/ServerHello extension,...
int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate and write the second round message (TLS: contents of the Client/ServerKeyExchange).
int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Derive the shared secret (TLS: Pre-Master Secret).
int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx)
Check if an ECJPAKE context is ready for use.
int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
Read and process the first round message (TLS: contents of the Client/ServerHello extension,...
GLenum GLuint GLenum GLsizei const GLchar * buf
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
mbedtls_x509_buf subject_raw
struct mbedtls_x509_crt * next
mbedtls_md_type_t
Supported message digests.
#define MBEDTLS_MD_MAX_SIZE
#define memcpy(s1, s2, n)
static size_t mbedtls_pk_get_len(const mbedtls_pk_context *ctx)
Get the length in bytes of the underlying key.
int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type)
Tell if a context can do the operation given by type.
mbedtls_pk_type_t
Public key types.
int mbedtls_pk_decrypt(mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Decrypt message (including padding if relevant).
int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Make signature, including padding if relevant.
static mbedtls_ecp_keypair * mbedtls_pk_ec(const mbedtls_pk_context pk)
int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature (including padding if relevant).
#define mbedtls_cipher_info_from_type
#define mbedtls_ssl_ciphersuite_from_id
Configuration options (set of defines)
#define MBEDTLS_SSL_RENEGOTIATION
Functions for controlling and providing debug output from the library.
#define MBEDTLS_SSL_DEBUG_RET(level, text, ret)
#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr)
#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt)
#define MBEDTLS_SSL_DEBUG_MSG(level, args)
#define MBEDTLS_SSL_DEBUG_MPI(level, text, X)
#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len)
This file provides an API for Elliptic Curves over GF(P) (ECP).
#define MBEDTLS_ECP_PF_UNCOMPRESSED
#define MBEDTLS_ECP_PF_COMPRESSED
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id)
This function retrieves curve information from a TLS NamedCurve value.
#define MBEDTLS_ECP_DP_MAX
#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP
#define MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE
#define MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE
#define MBEDTLS_SSL_TRUNC_HMAC_ENABLED
#define MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE
#define MBEDTLS_SSL_ARC4_DISABLED
#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED
#define MBEDTLS_SSL_VERIFY_NONE
#define MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION
#define MBEDTLS_SSL_MAX_FRAG_LEN_INVALID
#define MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH
#define MBEDTLS_SSL_MINOR_VERSION_0
#define MBEDTLS_SSL_SIG_RSA
#define MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY
#define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC
@ MBEDTLS_SSL_CERTIFICATE_VERIFY
@ MBEDTLS_SSL_HANDSHAKE_OVER
@ MBEDTLS_SSL_SERVER_HELLO_DONE
@ MBEDTLS_SSL_SERVER_FINISHED
@ MBEDTLS_SSL_SERVER_KEY_EXCHANGE
@ MBEDTLS_SSL_SERVER_HELLO
@ MBEDTLS_SSL_CLIENT_KEY_EXCHANGE
@ MBEDTLS_SSL_CLIENT_HELLO
@ MBEDTLS_SSL_SERVER_CERTIFICATE
@ MBEDTLS_SSL_CERTIFICATE_REQUEST
@ MBEDTLS_SSL_CLIENT_FINISHED
@ MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC
@ MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT
@ MBEDTLS_SSL_HANDSHAKE_WRAPUP
@ MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC
@ MBEDTLS_SSL_HELLO_REQUEST
@ MBEDTLS_SSL_CLIENT_CERTIFICATE
@ MBEDTLS_SSL_FLUSH_BUFFERS
#define MBEDTLS_SSL_MINOR_VERSION_3
#define MBEDTLS_SSL_HASH_NONE
int mbedtls_ssl_send_alert_message(mbedtls_ssl_context *ssl, unsigned char level, unsigned char message)
Send an alert message.
#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED
#define MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR
#define MBEDTLS_SSL_HS_SERVER_HELLO_DONE
#define MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME
#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE
#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP
int mbedtls_ssl_cookie_write_t(void *ctx, unsigned char **p, unsigned char *end, const unsigned char *info, size_t ilen)
Callback type: generate a cookie.
#define MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER
#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN
#define MBEDTLS_TLS_EXT_ALPN
#define MBEDTLS_TLS_EXT_RENEGOTIATION_INFO
#define MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME
#define MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN
#define MBEDTLS_SSL_EXTENDED_MS_DISABLED
#define MBEDTLS_SSL_TRUNC_HMAC_DISABLED
#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS
#define MBEDTLS_TLS_EXT_SIG_ALG
#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA
#define MBEDTLS_SSL_COMPRESS_NULL
#define MBEDTLS_SSL_IS_SERVER
#define MBEDTLS_SSL_LEGACY_RENEGOTIATION
#define MBEDTLS_ERR_SSL_ALLOC_FAILED
#define MBEDTLS_SSL_EXTENDED_MS_ENABLED
#define MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK
#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE
void mbedtls_ssl_session_init(mbedtls_ssl_session *session)
Initialize SSL session structure.
#define MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET
#define MBEDTLS_TLS_EXT_SESSION_TICKET
#define MBEDTLS_SSL_ALERT_LEVEL_FATAL