Lines Matching refs:ctx
120 SSL_CTX *ctx;
128 SSL_CTX *ctx;
138 SSL_CTX *ctx;
147 SSL_CTX *ctx;
819 coap_set_user_prefs(SSL_CTX *ctx) {
820 SSL_CTX_set_cipher_list(ctx, COAP_OPENSSL_CIPHERS);
823 SSL_CTX_set1_sigalgs_list(ctx, COAP_OPENSSL_SIGALGS);
824 SSL_CTX_set1_client_sigalgs_list(ctx, COAP_OPENSSL_SIGALGS);
828 SSL_CTX_set1_groups_list(ctx, COAP_OPENSSL_GROUPS);
844 context->dtls.ctx = SSL_CTX_new(DTLS_method());
845 if (!context->dtls.ctx)
847 SSL_CTX_set_min_proto_version(context->dtls.ctx, DTLS1_2_VERSION);
848 SSL_CTX_set_app_data(context->dtls.ctx, &context->dtls);
849 SSL_CTX_set_read_ahead(context->dtls.ctx, 1);
850 coap_set_user_prefs(context->dtls.ctx);
861 SSL_CTX_set_cookie_generate_cb(context->dtls.ctx, coap_dtls_generate_cookie);
862 SSL_CTX_set_cookie_verify_cb(context->dtls.ctx, coap_dtls_verify_cookie);
863 SSL_CTX_set_info_callback(context->dtls.ctx, coap_dtls_info_callback);
864 SSL_CTX_set_options(context->dtls.ctx, SSL_OP_NO_QUERY_MTU);
866 SSL_CTX_set_options(context->dtls.ctx, SSL_OP_LEGACY_SERVER_CONNECT);
883 context->tls.ctx = SSL_CTX_new(TLS_method());
884 if (!context->tls.ctx)
886 SSL_CTX_set_app_data(context->tls.ctx, &context->tls);
887 SSL_CTX_set_min_proto_version(context->tls.ctx, TLS1_VERSION);
888 coap_set_user_prefs(context->tls.ctx);
889 SSL_CTX_set_info_callback(context->tls.ctx, coap_dtls_info_callback);
921 SSL_CTX_set_psk_server_callback(o_context->dtls.ctx,
924 SSL_CTX_set_psk_server_callback(o_context->tls.ctx,
931 SSL_CTX_use_psk_identity_hint(o_context->dtls.ctx, hint);
933 SSL_CTX_use_psk_identity_hint(o_context->tls.ctx, hint);
938 SSL_CTX_set_tlsext_servername_arg(o_context->dtls.ctx,
940 SSL_CTX_set_tlsext_servername_callback(o_context->dtls.ctx,
943 SSL_CTX_set_tlsext_servername_arg(o_context->tls.ctx,
945 SSL_CTX_set_tlsext_servername_callback(o_context->tls.ctx,
949 SSL_CTX_set_client_hello_cb(o_context->dtls.ctx,
953 SSL_CTX_set_client_hello_cb(o_context->tls.ctx,
962 o_context->dtls.ssl = SSL_new(o_context->dtls.ctx);
995 o_context->dtls.ssl = SSL_new(o_context->dtls.ctx);
1123 setup_pki_server(SSL_CTX *ctx,
1130 if (!(SSL_CTX_use_certificate_file(ctx,
1145 if (!(SSL_CTX_use_PrivateKey_file(ctx,
1167 SSL_CTX_set_client_CA_list(ctx, cert_names);
1176 st = SSL_CTX_get_cert_store(ctx);
1203 if (!cert || !SSL_CTX_use_certificate(ctx, cert)) {
1227 if (!pkey || !SSL_CTX_use_PrivateKey(ctx, pkey)) {
1252 st = SSL_CTX_get_cert_store(ctx);
1258 SSL_CTX_add_client_CA(ctx, x);
1269 if (!(SSL_CTX_use_certificate_ASN1(ctx,
1285 if (!(SSL_CTX_use_PrivateKey_ASN1(pkey_type, ctx,
1304 if (!x509 || !SSL_CTX_add_client_CA(ctx, x509)) {
1312 st = SSL_CTX_get_cert_store(ctx);
1358 if (!SSL_CTX_use_PrivateKey(ctx, pkey)) {
1367 if (!(SSL_CTX_use_PrivateKey_file(ctx,
1395 if (!SSL_CTX_use_certificate(ctx, x509)) {
1404 if (!(SSL_CTX_use_certificate_file(ctx,
1433 if (!SSL_CTX_add_client_CA(ctx, x509)) {
1440 st = SSL_CTX_get_cert_store(ctx);
1447 if (!x509 || !SSL_CTX_add_client_CA(ctx, x509)) {
1455 st = SSL_CTX_get_cert_store(ctx);
1524 SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
1548 st = SSL_CTX_get_cert_store(ctx);
1612 SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
1614 X509_STORE *st = SSL_CTX_get_cert_store(ctx);
1673 SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
1686 st = SSL_CTX_get_cert_store(ctx);
1805 SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
1824 st = SSL_CTX_get_cert_store(ctx);
1830 SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
1841 st = SSL_CTX_get_cert_store(ctx);
1914 tls_verify_call_back(int preverify_ok, X509_STORE_CTX *ctx) {
1915 SSL *ssl = X509_STORE_CTX_get_ex_data(ctx,
1921 int depth = X509_STORE_CTX_get_error_depth(ctx);
1922 int err = X509_STORE_CTX_get_error(ctx);
1923 X509 *x509 = X509_STORE_CTX_get_current_cert(ctx);
1964 X509_STORE_CTX_set_error(ctx, err);
1994 X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REJECTED);
1996 X509_STORE_CTX_set_error(ctx, X509_V_ERR_INVALID_CA);
2139 SSL_CTX *ctx;
2149 ctx = SSL_CTX_new(DTLS_method());
2150 if (!ctx)
2152 SSL_CTX_set_min_proto_version(ctx, DTLS1_2_VERSION);
2153 SSL_CTX_set_app_data(ctx, &context->dtls);
2154 SSL_CTX_set_read_ahead(ctx, 1);
2155 coap_set_user_prefs(ctx);
2156 SSL_CTX_set_cookie_generate_cb(ctx, coap_dtls_generate_cookie);
2157 SSL_CTX_set_cookie_verify_cb(ctx, coap_dtls_verify_cookie);
2158 SSL_CTX_set_info_callback(ctx, coap_dtls_info_callback);
2159 SSL_CTX_set_options(ctx, SSL_OP_NO_QUERY_MTU);
2164 ctx = SSL_CTX_new(TLS_method());
2165 if (!ctx)
2167 SSL_CTX_set_app_data(ctx, &context->tls);
2168 SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
2169 coap_set_user_prefs(ctx);
2170 SSL_CTX_set_info_callback(ctx, coap_dtls_info_callback);
2171 SSL_CTX_set_alpn_select_cb(ctx, server_alpn_callback, NULL);
2176 setup_pki_server(ctx, &sni_setup_data);
2181 context->sni_entry_list[context->sni_count].ctx = ctx;
2184 SSL_set_SSL_CTX(ssl, context->sni_entry_list[i].ctx);
2186 SSL_set_options(ssl, SSL_CTX_get_options(context->sni_entry_list[i].ctx));
2236 SSL_CTX *ctx;
2247 ctx = SSL_CTX_new(DTLS_method());
2248 if (!ctx)
2250 SSL_CTX_set_min_proto_version(ctx, DTLS1_2_VERSION);
2251 SSL_CTX_set_app_data(ctx, &o_context->dtls);
2252 SSL_CTX_set_read_ahead(ctx, 1);
2253 SSL_CTX_set_cipher_list(ctx, COAP_OPENSSL_CIPHERS);
2254 SSL_CTX_set_cookie_generate_cb(ctx, coap_dtls_generate_cookie);
2255 SSL_CTX_set_cookie_verify_cb(ctx, coap_dtls_verify_cookie);
2256 SSL_CTX_set_info_callback(ctx, coap_dtls_info_callback);
2257 SSL_CTX_set_options(ctx, SSL_OP_NO_QUERY_MTU);
2262 ctx = SSL_CTX_new(TLS_method());
2263 if (!ctx)
2265 SSL_CTX_set_app_data(ctx, &o_context->tls);
2266 SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
2267 SSL_CTX_set_cipher_list(ctx, COAP_OPENSSL_CIPHERS);
2268 SSL_CTX_set_info_callback(ctx, coap_dtls_info_callback);
2269 SSL_CTX_set_alpn_select_cb(ctx, server_alpn_callback, NULL);
2280 o_context->psk_sni_entry_list[o_context->psk_sni_count].ctx =
2281 ctx;
2284 SSL_set_SSL_CTX(ssl, o_context->psk_sni_entry_list[i].ctx);
2287 SSL_CTX_get_options(o_context->psk_sni_entry_list[i].ctx));
2632 coap_dtls_context_set_pki(coap_context_t *ctx,
2637 ((coap_openssl_context_t *)ctx->dtls_context);
2658 if (context->dtls.ctx) {
2661 if (!setup_pki_server(context->dtls.ctx, setup_data))
2676 SSL_CTX_set_tlsext_servername_arg(context->dtls.ctx, &context->setup_data);
2677 SSL_CTX_set_tlsext_servername_callback(context->dtls.ctx,
2680 SSL_CTX_set_client_hello_cb(context->dtls.ctx,
2686 if (context->tls.ctx) {
2689 if (!setup_pki_server(context->tls.ctx, setup_data))
2704 SSL_CTX_set_tlsext_servername_arg(context->tls.ctx, &context->setup_data);
2705 SSL_CTX_set_tlsext_servername_callback(context->tls.ctx,
2708 SSL_CTX_set_client_hello_cb(context->tls.ctx,
2713 SSL_CTX_set_alpn_select_cb(context->tls.ctx, server_alpn_callback, NULL);
2723 context->dtls.ssl = SSL_new(context->dtls.ctx);
2742 coap_dtls_context_set_pki_root_cas(coap_context_t *ctx,
2747 ((coap_openssl_context_t *)ctx->dtls_context);
2748 if (context->dtls.ctx) {
2749 if (!SSL_CTX_load_verify_locations(context->dtls.ctx, ca_file, ca_dir)) {
2756 if (context->tls.ctx) {
2757 if (!SSL_CTX_load_verify_locations(context->tls.ctx, ca_file, ca_dir)) {
2768 coap_dtls_context_check_keys_enabled(coap_context_t *ctx) {
2770 ((coap_openssl_context_t *)ctx->dtls_context);
2782 if (context->dtls.ctx)
2783 SSL_CTX_free(context->dtls.ctx);
2791 if (context->tls.ctx)
2792 SSL_CTX_free(context->tls.ctx);
2799 SSL_CTX_free(context->sni_entry_list[i].ctx);
2807 SSL_CTX_free(context->psk_sni_entry_list[i].ctx);
2825 nssl = SSL_new(dtls->ctx);
2965 ssl = SSL_new(dtls->ctx);
3287 ssl = SSL_new(tls->ctx);
3346 ssl = SSL_new(tls->ctx);
3798 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
3800 /* EVP_CIPHER_CTX_init(ctx); */
3801 C(EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL));
3802 C(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, (int)ccm->l, NULL));
3803 C(EVP_CIPHER_CTX_ctrl(ctx,
3807 C(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, (int)ccm->tag_len, NULL));
3808 C(EVP_EncryptInit_ex(ctx, NULL, NULL, ccm->key.s, ccm->nonce));
3809 /* C(EVP_CIPHER_CTX_set_padding(ctx, 0)); */
3811 C(EVP_EncryptUpdate(ctx, NULL, &result_len, NULL, (int)data->length));
3813 C(EVP_EncryptUpdate(ctx, NULL, &result_len, aad->s, (int)aad->length));
3815 C(EVP_EncryptUpdate(ctx, result, &result_len, data->s, (int)data->length));
3816 /* C(EVP_EncryptFinal_ex(ctx, result + result_len, &tmp)); */
3818 C(EVP_EncryptFinal_ex(ctx, result + result_len, &tmp));
3822 C(EVP_CIPHER_CTX_ctrl(ctx,
3828 EVP_CIPHER_CTX_free(ctx);
3868 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
3870 C(EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL));
3871 C(EVP_CIPHER_CTX_ctrl(ctx,
3875 C(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, (int)ccm->tag_len, rwtag));
3876 C(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, (int)ccm->l, NULL));
3877 /* C(EVP_CIPHER_CTX_set_padding(ctx, 0)); */
3878 C(EVP_DecryptInit_ex(ctx, NULL, NULL, ccm->key.s, ccm->nonce));
3880 C(EVP_DecryptUpdate(ctx, NULL, &len, NULL, (int)data->length));
3882 C(EVP_DecryptUpdate(ctx, NULL, &len, aad->s, (int)aad->length));
3884 tmp = EVP_DecryptUpdate(ctx, result, &len, data->s, (int)data->length);
3885 EVP_CIPHER_CTX_free(ctx);