xref: /third_party/curl/lib/vtls/mbedtls.c

275   struct mbed_ssl_backend_data *backend =
276     (struct mbed_ssl_backend_data *)connssl->backend;
289   DEBUGASSERT(backend);
316   mbedtls_ssl_conf_min_version(&backend->config, MBEDTLS_SSL_MAJOR_VERSION_3,
318   mbedtls_ssl_conf_max_version(&backend->config, MBEDTLS_SSL_MAJOR_VERSION_3,
328   struct mbed_ssl_backend_data *backend =
329     (struct mbed_ssl_backend_data *)connssl->backend;
345   DEBUGASSERT(backend);
355   mbedtls_ctr_drbg_init(&backend->ctr_drbg);
357   ret = mbedtls_ctr_drbg_seed(&backend->ctr_drbg, entropy_func_mutex,
366   mbedtls_entropy_init(&backend->entropy);
367   mbedtls_ctr_drbg_init(&backend->ctr_drbg);
369   ret = mbedtls_ctr_drbg_seed(&backend->ctr_drbg, mbedtls_entropy_func,
370                               &backend->entropy, NULL, 0);
380   mbedtls_x509_crt_init(&backend->cacert);
390     ret = mbedtls_x509_crt_parse(&backend->cacert, newblob,
403     ret = mbedtls_x509_crt_parse_file(&backend->cacert, ssl_cafile);
419     ret = mbedtls_x509_crt_parse_path(&backend->cacert, ssl_capath);
436   mbedtls_x509_crt_init(&backend->clicert);
440     ret = mbedtls_x509_crt_parse_file(&backend->clicert, ssl_cert);
463     ret = mbedtls_x509_crt_parse(&backend->clicert, newblob,
476   mbedtls_pk_init(&backend->pk);
482       ret = mbedtls_pk_parse_keyfile(&backend->pk, ssl_config->key,
485                                      &backend->ctr_drbg);
487       ret = mbedtls_pk_parse_keyfile(&backend->pk, ssl_config->key,
508       ret = mbedtls_pk_parse_key(&backend->pk, key_data, ssl_key_blob->len,
512                                  &backend->ctr_drbg);
514       ret = mbedtls_pk_parse_key(&backend->pk, key_data, ssl_key_blob->len,
527     if(ret == 0 && !(mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_RSA) ||
528                      mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_ECKEY)))
534   mbedtls_x509_crl_init(&backend->crl);
538     ret = mbedtls_x509_crl_parse_file(&backend->crl, ssl_crlfile);
561   mbedtls_ssl_config_init(&backend->config);
562   ret = mbedtls_ssl_config_defaults(&backend->config,
571   mbedtls_ssl_init(&backend->ssl);
572   if(mbedtls_ssl_setup(&backend->ssl, &backend->config)) {
578   mbedtls_ssl_conf_cert_profile(&backend->config,
585     mbedtls_ssl_conf_min_version(&backend->config, MBEDTLS_SSL_MAJOR_VERSION_3,
605   mbedtls_ssl_conf_authmode(&backend->config, MBEDTLS_SSL_VERIFY_OPTIONAL);
607   mbedtls_ssl_conf_rng(&backend->config, mbedtls_ctr_drbg_random,
608                        &backend->ctr_drbg);
609   mbedtls_ssl_set_bio(&backend->ssl, cf,
614   mbedtls_ssl_conf_ciphersuites(&backend->config,
618   mbedtls_ssl_conf_renegotiation(&backend->config,
623   mbedtls_ssl_conf_session_tickets(&backend->config,
633       ret = mbedtls_ssl_set_session(&backend->ssl, old_session);
644   mbedtls_ssl_conf_ca_chain(&backend->config,
645                             &backend->cacert,
647                             &backend->crl);
653     mbedtls_ssl_conf_own_cert(&backend->config,
654                               &backend->clicert, &backend->pk);
657   if(mbedtls_ssl_set_hostname(&backend->ssl, connssl->peer.sni?
672       backend->protocols[i] = connssl->alpn->entries[i];
676     if(mbedtls_ssl_conf_alpn_protocols(&backend->config,
677                                        &backend->protocols[0])) {
688   mbedtls_ssl_conf_dbg(&backend->config, mbed_debug, data);
700     ret = (*data->set.ssl.fsslctx)(data, &backend->config,
718   struct mbed_ssl_backend_data *backend =
719     (struct mbed_ssl_backend_data *)connssl->backend;
726   DEBUGASSERT(backend);
728   ret = mbedtls_ssl_handshake(&backend->ssl);
747         mbedtls_ssl_get_ciphersuite(&backend->ssl));
749   ret = mbedtls_ssl_get_verify_result(&backend->ssl);
774   peercert = mbedtls_ssl_get_peer_cert(&backend->ssl);
864     const char *proto = mbedtls_ssl_get_alpn_protocol(&backend->ssl);
882   struct mbed_ssl_backend_data *backend =
883     (struct mbed_ssl_backend_data *)connssl->backend;
887   DEBUGASSERT(backend);
901     ret = mbedtls_ssl_get_session(&backend->ssl, our_ssl_sessionid);
938   struct mbed_ssl_backend_data *backend =
939     (struct mbed_ssl_backend_data *)connssl->backend;
943   DEBUGASSERT(backend);
944   ret = mbedtls_ssl_write(&backend->ssl, (unsigned char *)mem, len);
963   struct mbed_ssl_backend_data *backend =
964     (struct mbed_ssl_backend_data *)connssl->backend;
968   DEBUGASSERT(backend);
972   (void)mbedtls_ssl_read(&backend->ssl, (unsigned char *)buf, sizeof(buf));
974   mbedtls_pk_free(&backend->pk);
975   mbedtls_x509_crt_free(&backend->clicert);
976   mbedtls_x509_crt_free(&backend->cacert);
978   mbedtls_x509_crl_free(&backend->crl);
980   mbedtls_ssl_config_free(&backend->config);
981   mbedtls_ssl_free(&backend->ssl);
982   mbedtls_ctr_drbg_free(&backend->ctr_drbg);
984   mbedtls_entropy_free(&backend->entropy);
993   struct mbed_ssl_backend_data *backend =
994     (struct mbed_ssl_backend_data *)connssl->backend;
999   DEBUGASSERT(backend);
1001   ret = mbedtls_ssl_read(&backend->ssl, (unsigned char *)buf,
1233   struct mbed_ssl_backend_data *backend;
1236   DEBUGASSERT(ctx && ctx->backend);
1237   backend = (struct mbed_ssl_backend_data *)ctx->backend;
1238   return mbedtls_ssl_get_bytes_avail(&backend->ssl) != 0;
1265   struct mbed_ssl_backend_data *backend =
1266     (struct mbed_ssl_backend_data *)connssl->backend;
1268   DEBUGASSERT(backend);
1269   return &backend->ssl;

Indexes created Thu Nov 07 10:32:03 CST 2024