47#if !defined(MBEDTLS_CONFIG_FILE)
50#include MBEDTLS_CONFIG_FILE
53#if defined(MBEDTLS_SSL_CLI_C)
55#if defined(MBEDTLS_PLATFORM_C)
59#define mbedtls_calloc calloc
60#define mbedtls_free free
71#if defined(MBEDTLS_HAVE_TIME)
75#if defined(MBEDTLS_SSL_SESSION_TICKETS)
79#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
82 const unsigned char *
end,
85 unsigned char *
p =
buf;
94 (
"client hello, adding server name extension: %s",
130 *
p++ = (
unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF );
131 *
p++ = (
unsigned char)( ( (hostname_len + 5) ) & 0xFF );
133 *
p++ = (
unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF );
134 *
p++ = (
unsigned char)( ( (hostname_len + 3) ) & 0xFF );
137 *
p++ = (
unsigned char)( ( hostname_len >> 8 ) & 0xFF );
138 *
p++ = (
unsigned char)( ( hostname_len ) & 0xFF );
142 *olen = hostname_len + 9;
148#if defined(MBEDTLS_SSL_RENEGOTIATION)
151 const unsigned char *
end,
154 unsigned char *
p =
buf;
165 (
"client hello, adding renegotiation extension" ) );
192#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
193 defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
196 const unsigned char *
end,
199 unsigned char *
p =
buf;
200 size_t sig_alg_len = 0;
203#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C)
204 unsigned char *sig_alg_list =
buf + 6;
213 (
"client hello, adding signature_algorithms extension" ) );
220#if defined(MBEDTLS_ECDSA_C)
223#if defined(MBEDTLS_RSA_C)
229 (
"length in bytes of sig-hash-alg extension too big" ) );
235 if( sig_alg_len == 0 )
247#if defined(MBEDTLS_ECDSA_C)
251#if defined(MBEDTLS_RSA_C)
277 *
p++ = (
unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF );
278 *
p++ = (
unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF );
280 *
p++ = (
unsigned char)( ( sig_alg_len >> 8 ) & 0xFF );
281 *
p++ = (
unsigned char)( ( sig_alg_len ) & 0xFF );
283 *olen = 6 + sig_alg_len;
290#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
291 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
294 const unsigned char *
end,
297 unsigned char *
p =
buf;
298 unsigned char *elliptic_curve_list =
p + 6;
299 size_t elliptic_curve_len = 0;
306 (
"client hello, adding supported_elliptic_curves extension" ) );
319 (
"invalid curve in ssl configuration" ) );
322 elliptic_curve_len += 2;
327 (
"malformed supported_elliptic_curves extension in config" ) );
333 if( elliptic_curve_len == 0 )
338 elliptic_curve_len = 0;
345 elliptic_curve_list[elliptic_curve_len++] =
info->tls_id >> 8;
346 elliptic_curve_list[elliptic_curve_len++] =
info->tls_id & 0xFF;
354 *
p++ = (
unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF );
355 *
p++ = (
unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF );
357 *
p++ = (
unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF );
358 *
p++ = (
unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF );
360 *olen = 6 + elliptic_curve_len;
367 const unsigned char *
end,
370 unsigned char *
p =
buf;
376 (
"client hello, adding supported_point_formats extension" ) );
397#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
400 const unsigned char *
end,
404 unsigned char *
p =
buf;
414 (
"client hello, adding ecjpake_kkpp extension" ) );
432 p + 2,
end -
p - 2, &kkpp_len,
437 "mbedtls_ecjpake_write_round_one",
ret );
449 ssl->
handshake->ecjpake_cache_len = kkpp_len;
455 kkpp_len = ssl->
handshake->ecjpake_cache_len;
461 *
p++ = (
unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
462 *
p++ = (
unsigned char)( ( kkpp_len ) & 0xFF );
464 *olen = kkpp_len + 4;
470#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
473 const unsigned char *
end,
476 unsigned char *
p =
buf;
484 (
"client hello, adding max_fragment_length extension" ) );
504#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
507 const unsigned char *
end,
510 unsigned char *
p =
buf;
518 (
"client hello, adding truncated_hmac extension" ) );
534#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
537 const unsigned char *
end,
540 unsigned char *
p =
buf;
549 (
"client hello, adding encrypt_then_mac extension" ) );
565#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
568 const unsigned char *
end,
571 unsigned char *
p =
buf;
580 (
"client hello, adding extended_master_secret extension" ) );
598#if defined(MBEDTLS_SSL_SESSION_TICKETS)
601 const unsigned char *
end,
604 unsigned char *
p =
buf;
613 (
"client hello, adding session ticket extension" ) );
621 *
p++ = (
unsigned char)( ( tlen >> 8 ) & 0xFF );
622 *
p++ = (
unsigned char)( ( tlen ) & 0xFF );
630 (
"sending session ticket of length %d", tlen ) );
640#if defined(MBEDTLS_SSL_ALPN)
643 const unsigned char *
end,
646 unsigned char *
p =
buf;
690 buf[4] = (
unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
691 buf[5] = (
unsigned char)( ( ( *olen - 6 ) ) & 0xFF );
694 buf[2] = (
unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
695 buf[3] = (
unsigned char)( ( ( *olen - 4 ) ) & 0xFF );
708#if defined(MBEDTLS_HAVE_TIME)
715#if defined(MBEDTLS_SSL_PROTO_DTLS)
723#if defined(MBEDTLS_HAVE_TIME)
725 *
p++ = (
unsigned char)(
t >> 24 );
726 *
p++ = (
unsigned char)(
t >> 16 );
727 *
p++ = (
unsigned char)(
t >> 8 );
728 *
p++ = (
unsigned char)(
t );
754static int ssl_validate_ciphersuite(
757 int min_minor_ver,
int max_minor_ver )
760 if( suite_info ==
NULL )
767#if defined(MBEDTLS_SSL_PROTO_DTLS)
773#if defined(MBEDTLS_ARC4_C)
779#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
791 size_t i,
n, olen, ext_len = 0;
794 unsigned char *
p, *
q;
795 const unsigned char *
end;
797 unsigned char offer_compress;
798 const int *ciphersuites;
800#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
801 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
813#if defined(MBEDTLS_SSL_RENEGOTIATION)
824 (
"configured max major version is invalid, consider using mbedtls_ssl_config_defaults()" ) );
863 if( (
ret = ssl_generate_random( ssl ) ) != 0 )
887 if( n < 16 || n > 32 ||
896#if defined(MBEDTLS_SSL_SESSION_TICKETS)
901#if defined(MBEDTLS_SSL_RENEGOTIATION)
927 for(
i = 0;
i <
n;
i++ )
949#if defined(MBEDTLS_SSL_PROTO_DTLS)
988 for(
i = 0; ciphersuites[
i] != 0;
i++ )
992 if( ssl_validate_ciphersuite( ciphersuite_info, ssl,
1000#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
1001 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1008 *
p++ = (
unsigned char)( ciphersuites[
i] >> 8 );
1009 *
p++ = (
unsigned char)( ciphersuites[
i] );
1013 (
"client hello, got %d ciphersuites (excluding SCSVs)",
n ) );
1018#if defined(MBEDTLS_SSL_RENEGOTIATION)
1030#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
1042 *
q++ = (
unsigned char)(
n >> 7 );
1043 *
q++ = (
unsigned char)(
n << 1 );
1045#if defined(MBEDTLS_ZLIB_SUPPORT)
1057#if defined(MBEDTLS_SSL_PROTO_DTLS)
1062 if( offer_compress )
1089#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
1090 if( (
ret = ssl_write_hostname_ext( ssl,
p + 2 + ext_len,
1091 end, &olen ) ) != 0 )
1101#if defined(MBEDTLS_SSL_RENEGOTIATION)
1102 if( (
ret = ssl_write_renegotiation_ext( ssl,
p + 2 + ext_len,
1103 end, &olen ) ) != 0 )
1111#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
1112 defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
1113 if( (
ret = ssl_write_signature_algorithms_ext( ssl,
p + 2 + ext_len,
1114 end, &olen ) ) != 0 )
1122#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
1123 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1126 if( (
ret = ssl_write_supported_elliptic_curves_ext( ssl,
p + 2 + ext_len,
1127 end, &olen ) ) != 0 )
1134 if( (
ret = ssl_write_supported_point_formats_ext( ssl,
p + 2 + ext_len,
1135 end, &olen ) ) != 0 )
1144#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1145 if( (
ret = ssl_write_ecjpake_kkpp_ext( ssl,
p + 2 + ext_len,
1146 end, &olen ) ) != 0 )
1154#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
1155 if( (
ret = ssl_write_max_fragment_length_ext( ssl,
p + 2 + ext_len,
1156 end, &olen ) ) != 0 )
1164#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
1165 if( (
ret = ssl_write_truncated_hmac_ext( ssl,
p + 2 + ext_len,
1166 end, &olen ) ) != 0 )
1174#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
1175 if( (
ret = ssl_write_encrypt_then_mac_ext( ssl,
p + 2 + ext_len,
1176 end, &olen ) ) != 0 )
1184#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
1185 if( (
ret = ssl_write_extended_ms_ext( ssl,
p + 2 + ext_len,
1186 end, &olen ) ) != 0 )
1194#if defined(MBEDTLS_SSL_ALPN)
1195 if( (
ret = ssl_write_alpn_ext( ssl,
p + 2 + ext_len,
1196 end, &olen ) ) != 0 )
1204#if defined(MBEDTLS_SSL_SESSION_TICKETS)
1205 if( (
ret = ssl_write_session_ticket_ext( ssl,
p + 2 + ext_len,
1206 end, &olen ) ) != 0 )
1224 *
p++ = (
unsigned char)( ( ext_len >> 8 ) & 0xFF );
1225 *
p++ = (
unsigned char)( ( ext_len ) & 0xFF );
1235#if defined(MBEDTLS_SSL_PROTO_DTLS)
1237 mbedtls_ssl_send_flight_completed( ssl );
1246#if defined(MBEDTLS_SSL_PROTO_DTLS)
1248 (
ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
1261 const unsigned char *
buf,
1264#if defined(MBEDTLS_SSL_RENEGOTIATION)
1286 if(
len != 1 ||
buf[0] != 0x00 )
1289 (
"non-zero length renegotiation info" ) );
1303#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
1305 const unsigned char *
buf,
1317 (
"non-matching max fragment length extension" ) );
1329#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
1331 const unsigned char *
buf,
1338 (
"non-matching truncated HMAC extension" ) );
1354#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
1356 const unsigned char *
buf,
1364 (
"non-matching encrypt-then-MAC extension" ) );
1380#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
1382 const unsigned char *
buf,
1390 (
"non-matching extended master secret extension" ) );
1406#if defined(MBEDTLS_SSL_SESSION_TICKETS)
1408 const unsigned char *
buf,
1415 (
"non-matching session ticket extension" ) );
1431#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
1432 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1434 const unsigned char *
buf,
1438 const unsigned char *
p;
1440 if(
len == 0 || (
size_t)(
buf[0] + 1 ) !=
len )
1450 while( list_size > 0 )
1455#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
1458#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1459 ssl->
handshake->ecjpake_ctx.point_format =
p[0];
1477#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1479 const unsigned char *
buf,
1511#if defined(MBEDTLS_SSL_ALPN)
1513 const unsigned char *
buf,
size_t len )
1515 size_t list_len, name_len;
1547 list_len = (
buf[0] << 8 ) |
buf[1];
1548 if( list_len !=
len - 2 )
1556 if( name_len != list_len - 1 )
1566 if( name_len ==
strlen( *
p ) &&
1584#if defined(MBEDTLS_SSL_PROTO_DTLS)
1588 int major_ver, minor_ver;
1589 unsigned char cookie_len;
1600 (
"incoming HelloVerifyRequest message is too short" ) );
1637 (
"cookie length does not match incoming message size" ) );
1654 ssl->
handshake->verify_cookie_len = cookie_len;
1660 mbedtls_ssl_recv_flight_completed( ssl );
1673 unsigned char *
buf, *
ext;
1675#if defined(MBEDTLS_ZLIB_SUPPORT)
1678#if defined(MBEDTLS_SSL_RENEGOTIATION)
1679 int renegotiation_info_seen = 0;
1681 int handshake_failure = 0;
1697#if defined(MBEDTLS_SSL_RENEGOTIATION)
1706 (
"renegotiation requested, but not honored by server" ) );
1711 (
"non-handshake message during renegotiation" ) );
1726#if defined(MBEDTLS_SSL_PROTO_DTLS)
1733 return( ssl_parse_hello_verify_request( ssl ) );
1777 (
"server version out of bounds - min: [%d:%d], server: [%d:%d], max: [%d:%d]",
1812 ext_len = ( (
buf[38 +
n] << 8 )
1813 | (
buf[39 +
n] ) );
1815 if( ( ext_len > 0 && ext_len < 4 ) ||
1846#if defined(MBEDTLS_ZLIB_SUPPORT)
1848#if defined(MBEDTLS_SSL_PROTO_DTLS)
1862 (
"server hello, bad compression: %d", comp ) );
1879 (
"ciphersuite info for %04x not found",
i ) );
1905#if defined(MBEDTLS_HAVE_TIME)
1960 if( ssl_validate_ciphersuite( suite_info, ssl, ssl->
minor_ver,
1972 (
"server hello, chosen ciphersuite: %s", suite_info->
name ) );
1974#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
1983#
if defined(MBEDTLS_ZLIB_SUPPORT)
2000 (
"server hello, total extension length: %d", ext_len ) );
2004 unsigned int ext_id = ( (
ext[0] << 8 )
2022#if defined(MBEDTLS_SSL_RENEGOTIATION)
2023 renegotiation_info_seen = 1;
2026 if( (
ret = ssl_parse_renegotiation_info( ssl,
ext + 4,
2032#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
2035 (
"found max_fragment_length extension" ) );
2037 if( (
ret = ssl_parse_max_fragment_length_ext( ssl,
2046#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
2050 if( (
ret = ssl_parse_truncated_hmac_ext( ssl,
2059#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
2063 if( (
ret = ssl_parse_encrypt_then_mac_ext( ssl,
2072#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
2075 (
"found extended_master_secret extension" ) );
2077 if( (
ret = ssl_parse_extended_ms_ext( ssl,
2086#if defined(MBEDTLS_SSL_SESSION_TICKETS)
2090 if( (
ret = ssl_parse_session_ticket_ext( ssl,
2099#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
2100 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
2103 (
"found supported_point_formats extension" ) );
2105 if( (
ret = ssl_parse_supported_point_formats_ext( ssl,
2115#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
2119 if( (
ret = ssl_parse_ecjpake_kkpp( ssl,
2128#if defined(MBEDTLS_SSL_ALPN)
2132 if( (
ret = ssl_parse_alpn_ext( ssl,
ext + 4,
ext_size ) ) != 0 )
2140 (
"unknown extension found: %d (ignoring)", ext_id ) );
2146 if( ext_len > 0 && ext_len < 4 )
2161 (
"legacy renegotiation, breaking off handshake" ) );
2162 handshake_failure = 1;
2164#if defined(MBEDTLS_SSL_RENEGOTIATION)
2167 renegotiation_info_seen == 0 )
2170 (
"renegotiation_info extension missing (secure)" ) );
2171 handshake_failure = 1;
2179 handshake_failure = 1;
2183 renegotiation_info_seen == 1 )
2186 (
"renegotiation_info extension present (legacy)" ) );
2187 handshake_failure = 1;
2191 if( handshake_failure == 1 )
2205#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
2206 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
2209 unsigned char *
end )
2212 size_t dhm_actual_bitlen;
2231 if( dhm_actual_bitlen < ssl->conf->dhm_min_bitlen )
2234 (
unsigned) dhm_actual_bitlen,
2248#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
2249 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
2250 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
2251 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
2252 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
2257#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
2264 if( curve_info ==
NULL )
2272#if defined(MBEDTLS_ECP_C)
2291#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
2292 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
2293 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
2296 unsigned char *
end )
2309 (
const unsigned char **)
p,
end ) ) != 0 )
2312#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
2319 if( ssl_check_server_ecdh_params( ssl ) != 0 )
2322 (
"bad server key exchange message (ECDHE curve)" ) );
2332#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
2335 unsigned char *
end )
2346 if(
end - (*
p) < 2 )
2349 (
"bad server key exchange message (psk_identity_hint length)" ) );
2352 len = (*p)[0] << 8 | (*p)[1];
2358 (
"bad server key exchange message (psk_identity_hint length)" ) );
2374#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
2375 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
2380 size_t offset,
size_t *olen,
2438#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
2439 defined(MBEDTLS_SSL_PROTO_TLS1_2)
2440 if( len_bytes == 2 )
2453#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
2454#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
2455 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
2456 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
2473 if( (*
p) + 2 >
end )
2483 (
"Server used unsupported HashAlgorithm %d", *(
p)[0] ) );
2494 (
"server used unsupported SignatureAlgorithm %d", (*
p)[1] ) );
2504 (
"server used HashAlgorithm %d that was not offered", *(
p)[0] ) );
2521#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
2522 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
2550 if( ssl_check_server_ecdh_params( ssl ) != 0 )
2570#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
2581#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
2582 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
2586 if( (
ret = ssl_get_ecdh_params_from_cert( ssl ) ) != 0 )
2605#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
2607 ssl->
handshake->ecrs_state == ssl_ecrs_ske_start_processing )
2609 goto start_processing;
2645 (
"server key exchange message must not be skipped" ) );
2654#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
2656 ssl->
handshake->ecrs_state = ssl_ecrs_ske_start_processing;
2664#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
2670 if( ssl_parse_server_psk_hint( ssl, &
p,
end ) != 0 )
2682#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
2683 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
2690#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
2691 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
2695 if( ssl_parse_server_dh_params( ssl, &
p,
end ) != 0 )
2708#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
2709 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
2710 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
2715 if( ssl_parse_server_ecdh_params( ssl, &
p,
end ) != 0 )
2729#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
2751#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
2754 size_t sig_len, hashlen;
2755 unsigned char hash[64];
2759 size_t params_len =
p -
params;
2760 void *rs_ctx =
NULL;
2765#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
2768 if( ssl_parse_signature_algorithm( ssl, &
p,
end,
2769 &md_alg, &pk_alg ) != 0 )
2772 (
"bad server key exchange message" ) );
2784 (
"bad server key exchange message" ) );
2794#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
2795 defined(MBEDTLS_SSL_PROTO_TLS1_1)
2824 sig_len = (
p[0] << 8 ) |
p[1];
2827 if(
p !=
end - sig_len )
2842#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
2843 defined(MBEDTLS_SSL_PROTO_TLS1_1)
2855#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
2856 defined(MBEDTLS_SSL_PROTO_TLS1_2)
2899#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
2906 md_alg,
hash, hashlen,
p, sig_len, rs_ctx ) ) != 0 )
2908#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
2916#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
2933#if ! defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED)
2957 size_t cert_type_len = 0, dn_len = 0;
3055#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
3058 size_t sig_alg_len =
3061#if defined(MBEDTLS_DEBUG_C)
3062 unsigned char* sig_alg;
3079 + 3 +
n + sig_alg_len )
3089#if defined(MBEDTLS_DEBUG_C)
3091 for(
i = 0;
i < sig_alg_len;
i += 2 )
3094 (
"Supported Signature Algorithm found: %d,%d",
3095 sig_alg[
i], sig_alg[
i + 1] ) );
3099 n += 2 + sig_alg_len;
3152#if defined(MBEDTLS_SSL_PROTO_DTLS)
3154 mbedtls_ssl_recv_flight_completed( ssl );
3171#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
3210#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
3211 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
3212 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
3213 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
3224#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
3227 if( ssl->
handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret )
3241#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
3251#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
3255 ssl->
handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret;
3269#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
3284#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
3297 n = ssl->
conf->psk_identity_len;
3302 (
"psk identity too long or SSL buffer too short" ) );
3310 ssl->
conf->psk_identity,
3311 ssl->
conf->psk_identity_len );
3312 i += ssl->
conf->psk_identity_len;
3314#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
3321#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
3324 if( (
ret = ssl_write_encrypted_pms( ssl,
i, &
n, 2 ) ) != 0 )
3329#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
3340 (
"psk identity or DHM size too long or SSL buffer too short" ) );
3359#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
3384 if( (
ret = mbedtls_ssl_psk_derive_premaster( ssl,
3388 "mbedtls_ssl_psk_derive_premaster",
ret );
3394#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
3398 if( (
ret = ssl_write_encrypted_pms( ssl,
i, &
n, 0 ) ) != 0 )
3403#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
3429 ((
void) ciphersuite_info);
3451#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \
3452 !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
3453 !defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
3454 !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
3455 !defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)&& \
3456 !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
3492 unsigned char hash[48];
3493 unsigned char *hash_start =
hash;
3495 unsigned int hashlen;
3496 void *rs_ctx =
NULL;
3500#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
3502 ssl->
handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign )
3541#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
3543 ssl->
handshake->ecrs_state = ssl_ecrs_crt_vrfy_sign;
3550#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
3551 defined(MBEDTLS_SSL_PROTO_TLS1_1)
3582#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
3625#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
3631 md_alg, hash_start, hashlen,
3636#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
3669#if defined(MBEDTLS_SSL_SESSION_TICKETS)
3675 unsigned char *ticket;
3676 const unsigned char *
msg;
3718 (
msg[2] << 8 ) | (
msg[3] );
3720 ticket_len = (
msg[4] << 8 ) | (
msg[5] );
3740 if( ticket_len == 0 )
3792#if defined(MBEDTLS_SSL_PROTO_DTLS)
3796 if( (
ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
3803#if defined(MBEDTLS_SSL_SESSION_TICKETS)
3811 switch( ssl->
state )
3821 ret = ssl_write_client_hello( ssl );
3832 ret = ssl_parse_server_hello( ssl );
3840 ret = ssl_parse_server_key_exchange( ssl );
3844 ret = ssl_parse_certificate_request( ssl );
3848 ret = ssl_parse_server_hello_done( ssl );
3863 ret = ssl_write_client_key_exchange( ssl );
3867 ret = ssl_write_certificate_verify( ssl );
3883#if defined(MBEDTLS_SSL_SESSION_TICKETS)
3885 ret = ssl_parse_new_session_ticket( ssl );
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
ACPI_SIZE strlen(const char *String)
#define MBEDTLS_MPI_MAX_SIZE
size_t mbedtls_mpi_size(const mbedtls_mpi *X)
Return the total size of an MPI value in bytes.
size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X)
Return the number of bits up to and including the most significant bit of value 1.
@ MBEDTLS_CIPHER_ARC4_128
int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx, unsigned char **p, const unsigned char *end)
This function parses the DHM parameters in a TLS ServerKeyExchange handshake message (DHM modulus,...
int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx, unsigned char *output, size_t output_size, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function derives and exports the shared secret (G^Y)^X mod P.
int mbedtls_dhm_make_public(mbedtls_dhm_context *ctx, int x_size, unsigned char *output, size_t olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function creates a DHM key pair and exports the raw public key in big-endian format.
static const WCHAR *const ext[]
int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, mbedtls_ecdh_side side)
This function sets up an ECDH context from an EC key.
int mbedtls_ecdh_make_public(mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates a public key and exports it as a TLS ClientKeyExchange payload.
int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function derives and exports the shared secret.
int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx, const unsigned char **buf, const unsigned char *end)
This function parses the ECDHE parameters in a TLS ServerKeyExchange handshake message.
int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
Read and process the second round message (TLS: contents of the Client/ServerKeyExchange).
int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate and write the first round message (TLS: contents of the Client/ServerHello extension,...
int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate and write the second round message (TLS: contents of the Client/ServerKeyExchange).
int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Derive the shared secret (TLS: Pre-Master Secret).
int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx)
Check if an ECJPAKE context is ready for use.
int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
Read and process the first round message (TLS: contents of the Client/ServerHello extension,...
GLdouble GLdouble GLdouble GLdouble q
GLenum const GLfloat * params
GLenum GLuint GLenum GLsizei const GLchar * buf
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
mbedtls_md_type_t
Supported message digests.
#define memcpy(s1, s2, n)
int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_pk_restart_ctx *rs_ctx)
Restartable version of mbedtls_pk_sign()
int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type)
Tell if a context can do the operation given by type.
mbedtls_pk_type_t
Public key types.
static mbedtls_ecp_keypair * mbedtls_pk_ec(const mbedtls_pk_context pk)
int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len, mbedtls_pk_restart_ctx *rs_ctx)
Restartable version of mbedtls_pk_verify()
int mbedtls_pk_encrypt(mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Encrypt message (including padding if relevant).
#define mbedtls_ssl_ciphersuite_from_id
Configuration options (set of defines)
#define MBEDTLS_SSL_RENEGOTIATION
Functions for controlling and providing debug output from the library.
#define MBEDTLS_SSL_DEBUG_RET(level, text, ret)
#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr)
#define MBEDTLS_SSL_DEBUG_MSG(level, args)
#define MBEDTLS_SSL_DEBUG_MPI(level, text, X)
#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len)
#define MBEDTLS_ECP_PF_UNCOMPRESSED
#define MBEDTLS_ECP_PF_COMPRESSED
#define MBEDTLS_ERR_ECP_IN_PROGRESS
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id)
This function retrieves curve information from an internal group identifier.
#define MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE
#define MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE
#define MBEDTLS_SSL_TRUNC_HMAC_ENABLED
#define MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE
#define MBEDTLS_ERR_SSL_BAD_CONFIG
#define MBEDTLS_SSL_ARC4_DISABLED
#define MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION
#define MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH
#define MBEDTLS_SSL_MINOR_VERSION_0
#define MBEDTLS_SSL_SIG_RSA
#define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC
@ MBEDTLS_SSL_CERTIFICATE_VERIFY
@ MBEDTLS_SSL_HANDSHAKE_OVER
@ MBEDTLS_SSL_SERVER_HELLO_DONE
@ MBEDTLS_SSL_SERVER_FINISHED
@ MBEDTLS_SSL_SERVER_KEY_EXCHANGE
@ MBEDTLS_SSL_SERVER_HELLO
@ MBEDTLS_SSL_CLIENT_KEY_EXCHANGE
@ MBEDTLS_SSL_CLIENT_HELLO
@ MBEDTLS_SSL_SERVER_CERTIFICATE
@ MBEDTLS_SSL_CERTIFICATE_REQUEST
@ MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET
@ MBEDTLS_SSL_CLIENT_FINISHED
@ MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC
@ MBEDTLS_SSL_HANDSHAKE_WRAPUP
@ MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC
@ MBEDTLS_SSL_HELLO_REQUEST
@ MBEDTLS_SSL_CLIENT_CERTIFICATE
@ MBEDTLS_SSL_FLUSH_BUFFERS
#define MBEDTLS_SSL_MINOR_VERSION_3
int mbedtls_ssl_send_alert_message(mbedtls_ssl_context *ssl, unsigned char level, unsigned char message)
Send an alert message.
#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST
#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED
#define MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR
#define MBEDTLS_SSL_HS_SERVER_HELLO_DONE
#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP
#define MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER
#define MBEDTLS_TLS_EXT_ALPN
#define MBEDTLS_TLS_EXT_RENEGOTIATION_INFO
#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET
#define MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME
#define MBEDTLS_SSL_EXTENDED_MS_DISABLED
#define MBEDTLS_SSL_TRUNC_HMAC_DISABLED
#define MBEDTLS_TLS_EXT_SIG_ALG
#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS
#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA
#define MBEDTLS_SSL_HASH_SHA256
#define MBEDTLS_SSL_COMPRESS_NULL
#define MBEDTLS_SSL_LEGACY_RENEGOTIATION
#define MBEDTLS_ERR_SSL_ALLOC_FAILED
#define MBEDTLS_SSL_EXTENDED_MS_ENABLED
#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE
#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO
#define MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET
#define MBEDTLS_SSL_IS_FALLBACK
#define MBEDTLS_TLS_EXT_SESSION_TICKET
#define MBEDTLS_SSL_SESSION_TICKETS_DISABLED
#define MBEDTLS_SSL_ALERT_LEVEL_FATAL
#define MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION
#define MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE
#define MBEDTLS_SSL_SECURE_RENEGOTIATION
#define MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR
#define MBEDTLS_TLS_EXT_SERVERNAME
#define MBEDTLS_SSL_MAX_FRAG_LEN_NONE
#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE
#define MBEDTLS_SSL_MAJOR_VERSION_3
#define MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT
#define MBEDTLS_SSL_MINOR_VERSION_2
#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE
#define MBEDTLS_SSL_HS_NEW_SESSION_TICKET
#define MBEDTLS_SSL_SIG_ECDSA
#define MBEDTLS_SSL_HS_CERTIFICATE_VERIFY
#define MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE
#define MBEDTLS_SSL_ETM_ENABLED
#define MBEDTLS_SSL_ETM_DISABLED
#define MBEDTLS_SSL_HASH_SHA384
#define MBEDTLS_SSL_COMPRESS_DEFLATE
#define MBEDTLS_SSL_TRANSPORT_DATAGRAM
#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS
#define MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST
#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH
#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL
#define MBEDTLS_PREMASTER_SIZE
#define MBEDTLS_SSL_FALLBACK_SCSV_VALUE
#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE
#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO
#define MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO
#define MBEDTLS_SSL_HS_SERVER_HELLO
#define MBEDTLS_SSL_OUT_CONTENT_LEN
#define MBEDTLS_SSL_HS_CLIENT_HELLO
#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION
#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
#define MBEDTLS_ERR_SSL_NO_RNG
#define MBEDTLS_SSL_HS_CERTIFICATE_REQUEST
#define MBEDTLS_ERR_SSL_INTERNAL_ERROR
#define MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR
#define MBEDTLS_SSL_MSG_HANDSHAKE
#define MBEDTLS_TLS_EXT_TRUNCATED_HMAC
#define MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES
int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info)
int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info)
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info)
static int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
#define MBEDTLS_CIPHERSUITE_NODTLS
static int mbedtls_ssl_ciphersuite_uses_server_signature(const mbedtls_ssl_ciphersuite_t *info)
@ MBEDTLS_KEY_EXCHANGE_PSK
@ MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
@ MBEDTLS_KEY_EXCHANGE_DHE_PSK
@ MBEDTLS_KEY_EXCHANGE_DHE_RSA
@ MBEDTLS_KEY_EXCHANGE_ECDH_RSA
@ MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
@ MBEDTLS_KEY_EXCHANGE_RSA
@ MBEDTLS_KEY_EXCHANGE_ECJPAKE
@ MBEDTLS_KEY_EXCHANGE_RSA_PSK
@ MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
@ MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
Internal functions shared by the SSL modules.
static int mbedtls_ssl_safer_memcmp(const void *a, const void *b, size_t n)
mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig)
int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl)
int mbedtls_ssl_write_change_cipher_spec(mbedtls_ssl_context *ssl)
#define MBEDTLS_SSL_INITIAL_HANDSHAKE
#define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS
static mbedtls_pk_context * mbedtls_ssl_own_key(mbedtls_ssl_context *ssl)
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash)
int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl)
void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl)
int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl)
void mbedtls_ssl_write_version(int major, int minor, int transport, unsigned char ver[2])
#define MBEDTLS_SSL_RETRANS_SENDING
void mbedtls_ssl_read_version(int *major, int *minor, int transport, const unsigned char ver[2])
int mbedtls_ssl_check_sig_hash(const mbedtls_ssl_context *ssl, mbedtls_md_type_t md)
int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl)
int mbedtls_ssl_handshake_client_step(mbedtls_ssl_context *ssl)
#define MBEDTLS_SSL_MAX_CURVE_LIST_LEN
int mbedtls_ssl_write_handshake_msg(mbedtls_ssl_context *ssl)
void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl, const mbedtls_ssl_ciphersuite_t *ciphersuite_info)
static size_t mbedtls_ssl_hs_hdr_len(const mbedtls_ssl_context *ssl)
int mbedtls_ssl_parse_change_cipher_spec(mbedtls_ssl_context *ssl)
static mbedtls_x509_crt * mbedtls_ssl_own_cert(mbedtls_ssl_context *ssl)
unsigned char mbedtls_ssl_hash_from_md_alg(int md)
int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl, unsigned update_hs_digest)
Update record layer.
int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, unsigned char *hash, size_t *hashlen, unsigned char *data, size_t data_len, mbedtls_md_type_t md_alg)
int mbedtls_ssl_get_key_exchange_md_ssl_tls(mbedtls_ssl_context *ssl, unsigned char *output, unsigned char *data, size_t data_len)
void mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl)
int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl)
int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl)
#define MBEDTLS_SSL_CHK_BUF_PTR(cur, end, need)
This macro checks if the remaining size in a buffer is greater or equal than a needed space....
int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id)
unsigned char mbedtls_ssl_sig_from_pk(mbedtls_pk_context *pk)
#define MBEDTLS_SSL_MAX_SIG_HASH_ALG_LIST_LEN
The ECP key-pair structure.
This structure is used for storing ciphersuite information.
mbedtls_key_exchange_type_t key_exchange
mbedtls_cipher_type_t cipher
unsigned char max_major_ver
const int * ciphersuite_list[4]
unsigned int session_tickets
const mbedtls_ecp_group_id * curve_list
unsigned char max_minor_ver
unsigned char min_minor_ver
unsigned int arc4_disabled
unsigned int encrypt_then_mac
int(* f_rng)(void *, unsigned char *, size_t)
unsigned int dhm_min_bitlen
unsigned char min_major_ver
unsigned int allow_legacy_renegotiation
char own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]
mbedtls_ssl_session * session_negotiate
char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]
mbedtls_ssl_handshake_params * handshake
mbedtls_ssl_transform * transform_negotiate
const mbedtls_ssl_config * conf
unsigned char premaster[MBEDTLS_PREMASTER_SIZE]
unsigned char randbytes[64]
mbedtls_dhm_context dhm_ctx
mbedtls_ecdh_context ecdh_ctx
void(* calc_verify)(mbedtls_ssl_context *, unsigned char *)
mbedtls_x509_crt * peer_cert