Lines Matching defs:ssl
46 static int ssl_tls13_write_supported_versions_ext(mbedtls_ssl_context *ssl,
52 unsigned char versions_len = (ssl->handshake->min_tls_version <=
83 if (ssl->handshake->min_tls_version <= MBEDTLS_SSL_VERSION_TLS1_2) {
92 ssl, MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS);
98 static int ssl_tls13_parse_supported_versions_ext(mbedtls_ssl_context *ssl,
102 ((void) ssl);
105 if (mbedtls_ssl_read_version(buf, ssl->conf->transport) !=
127 static int ssl_tls13_parse_alpn_ext(mbedtls_ssl_context *ssl,
136 if (ssl->conf->alpn_list == NULL) {
162 for (const char **alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++) {
165 ssl->alpn_chosen = *alpn;
175 static int ssl_tls13_reset_key_share(mbedtls_ssl_context *ssl)
177 uint16_t group_id = ssl->handshake->offered_group_id;
190 status = psa_destroy_key(ssl->handshake->xxdh_psa_privkey);
197 ssl->handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
213 static int ssl_tls13_get_default_group_id(mbedtls_ssl_context *ssl,
220 const uint16_t *group_list = mbedtls_ssl_get_groups(ssl);
243 ((void) ssl);
264 static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl,
288 group_id = ssl->handshake->offered_group_id;
291 MBEDTLS_SSL_PROC_CHK(ssl_tls13_get_default_group_id(ssl,
319 ssl, group_id, p, end, &key_exchange_len);
351 ssl->handshake->offered_group_id = group_id;
359 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_KEY_SHARE);
376 static int ssl_tls13_parse_hrr_key_share_ext(mbedtls_ssl_context *ssl,
385 const uint16_t *group_list = mbedtls_ssl_get_groups(ssl);
401 * The supported_group was based on the info in ssl->conf->group_list.
432 if (found == 0 || selected_group == ssl->handshake->offered_group_id) {
441 ssl->handshake->offered_group_id = selected_group;
445 (void) ssl;
465 static int ssl_tls13_parse_key_share_ext(mbedtls_ssl_context *ssl,
482 offered_group = ssl->handshake->offered_group_id;
497 ret = mbedtls_ssl_tls13_read_public_xxdhe_share(ssl, p, end - p);
529 static int ssl_tls13_parse_cookie_ext(mbedtls_ssl_context *ssl,
535 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
562 static int ssl_tls13_write_cookie_ext(mbedtls_ssl_context *ssl,
569 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
594 mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_COOKIE);
610 static int ssl_tls13_write_psk_key_exchange_modes_ext(mbedtls_ssl_context *ssl,
624 if (!mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl)) {
643 if (mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl)) {
650 if (mbedtls_ssl_conf_tls13_is_psk_enabled(ssl)) {
664 ssl, MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES);
682 static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl)
684 mbedtls_ssl_session *session = ssl->session_negotiate;
685 return ssl->handshake->resume &&
688 ssl, mbedtls_ssl_tls13_session_get_ticket_flags(
693 static int ssl_tls13_early_data_has_valid_ticket(mbedtls_ssl_context *ssl)
695 mbedtls_ssl_session *session = ssl->session_negotiate;
696 return ssl->handshake->resume &&
699 mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, session->ciphersuite);
704 static int ssl_tls13_ticket_get_identity(mbedtls_ssl_context *ssl,
709 mbedtls_ssl_session *session = ssl->session_negotiate;
711 if (!ssl_tls13_has_configured_ticket(ssl)) {
722 static int ssl_tls13_ticket_get_psk(mbedtls_ssl_context *ssl,
728 mbedtls_ssl_session *session = ssl->session_negotiate;
730 if (!ssl_tls13_has_configured_ticket(ssl)) {
743 static int ssl_tls13_psk_get_identity(mbedtls_ssl_context *ssl,
749 if (!mbedtls_ssl_conf_has_static_psk(ssl->conf)) {
754 *identity = ssl->conf->psk_identity;
755 *identity_len = ssl->conf->psk_identity_len;
760 static int ssl_tls13_psk_get_psk(mbedtls_ssl_context *ssl,
766 if (!mbedtls_ssl_conf_has_static_psk(ssl->conf)) {
771 *psk = ssl->conf->psk;
772 *psk_len = ssl->conf->psk_len;
776 static int ssl_tls13_get_configured_psk_count(mbedtls_ssl_context *ssl)
780 if (ssl_tls13_has_configured_ticket(ssl)) {
785 if (mbedtls_ssl_conf_has_static_psk(ssl->conf)) {
793 static int ssl_tls13_write_identity(mbedtls_ssl_context *ssl,
801 ((void) ssl);
823 static int ssl_tls13_write_binder(mbedtls_ssl_context *ssl,
851 ssl, mbedtls_md_type_from_psa_alg(hash_alg),
857 ret = mbedtls_ssl_tls13_create_psk_binder(ssl, hash_alg,
895 mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end,
911 configured_psk_count = ssl_tls13_get_configured_psk_count(ssl);
930 ssl, &hash_alg, &identity, &identity_len) == 0) {
933 mbedtls_ssl_session *session = ssl->session_negotiate;
942 ret = ssl_tls13_write_identity(ssl, p, end,
947 ret = ssl_tls13_write_identity(ssl, p, end, identity, identity_len,
960 ssl, &hash_alg, &identity, &identity_len) == 0) {
962 ret = ssl_tls13_write_identity(ssl, p, end, identity, identity_len, 0,
999 mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end)
1015 if (ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len) == 0) {
1017 ret = ssl_tls13_write_binder(ssl, p, end,
1028 if (ssl_tls13_psk_get_psk(ssl, &hash_alg, &psk, &psk_len) == 0) {
1030 ret = ssl_tls13_write_binder(ssl, p, end,
1050 ssl, MBEDTLS_TLS_EXT_PRE_SHARED_KEY);
1074 static int ssl_tls13_parse_server_pre_shared_key_ext(mbedtls_ssl_context *ssl,
1086 ssl->handshake->selected_identity = (uint16_t) selected_identity;
1090 if (selected_identity >= ssl_tls13_get_configured_psk_count(ssl)) {
1099 if (selected_identity == 0 && ssl_tls13_has_configured_ticket(ssl)) {
1100 ret = ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len);
1103 if (mbedtls_ssl_conf_has_static_psk(ssl->conf)) {
1104 ret = ssl_tls13_psk_get_psk(ssl, &hash_alg, &psk, &psk_len);
1113 if (mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac)
1123 ret = mbedtls_ssl_set_hs_psk(ssl, psk, psk_len);
1133 int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl,
1148 ret = ssl_tls13_write_supported_versions_ext(ssl, p, end, &ext_len);
1157 ret = ssl_tls13_write_cookie_ext(ssl, p, end, &ext_len);
1165 ssl, p, end, &ext_len);
1173 if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) {
1174 ret = ssl_tls13_write_key_share_ext(ssl, p, end, &ext_len);
1191 if (!ssl->handshake->hello_retry_request_flag) {
1192 if (mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl) &&
1193 ssl_tls13_early_data_has_valid_ticket(ssl) &&
1194 ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) {
1196 ssl, 0, p, end, &ext_len);
1202 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_IND_SENT;
1204 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT;
1219 ret = ssl_tls13_write_psk_key_exchange_modes_ext(ssl, p, end, &ext_len);
1231 int mbedtls_ssl_tls13_finalize_client_hello(mbedtls_ssl_context *ssl)
1233 ((void) ssl);
1242 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_IND_SENT) {
1246 ret = ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len);
1253 ret = mbedtls_ssl_set_hs_psk(ssl, psk, psk_len);
1272 ssl->session_negotiate->ciphersuite);
1273 ssl->handshake->ciphersuite_info = ciphersuite_info;
1276 ssl->handshake->key_exchange_mode =
1282 ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl);
1290 ret = mbedtls_ssl_tls13_compute_early_transform(ssl);
1299 ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO);
1304 ssl, ssl->handshake->transform_earlydata);
1305 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_CAN_WRITE;
1319 * \param[in] ssl SSL context
1329 mbedtls_ssl_context *ssl,
1359 ssl, p, end,
1369 static int ssl_tls13_is_downgrade_negotiation(mbedtls_ssl_context *ssl,
1401 static int ssl_server_hello_is_hrr(mbedtls_ssl_context *ssl,
1440 static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl,
1445 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1448 ssl, buf, end));
1452 ssl_tls13_is_downgrade_negotiation(ssl, buf, end));
1468 * ssl->keep_current_message flag for the ServerHello to be kept and
1469 * parsed as a TLS 1.2 ServerHello. We also change ssl->tls_version to
1473 ssl->keep_current_message = 1;
1474 ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
1476 ssl, MBEDTLS_SSL_HS_SERVER_HELLO,
1479 if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) {
1480 ret = ssl_tls13_reset_key_share(ssl);
1489 ssl->session_negotiate->tls_version = ssl->tls_version;
1490 ssl->session_negotiate->endpoint = ssl->conf->endpoint;
1494 ret = ssl_server_hello_is_hrr(ssl, buf, end);
1519 if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) {
1539 static int ssl_tls13_check_server_hello_session_id_echo(mbedtls_ssl_context *ssl,
1552 if (ssl->session_negotiate->id_len != legacy_session_id_echo_len ||
1553 memcmp(ssl->session_negotiate->id, p, legacy_session_id_echo_len) != 0) {
1555 ssl->session_negotiate->id,
1556 ssl->session_negotiate->id_len);
1569 MBEDTLS_SSL_DEBUG_BUF(3, "Session ID", ssl->session_negotiate->id,
1570 ssl->session_negotiate->id_len);
1586 static int ssl_tls13_parse_server_hello(mbedtls_ssl_context *ssl,
1593 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1623 if (mbedtls_ssl_read_version(p, ssl->conf->transport) !=
1651 if (ssl_tls13_check_server_hello_session_id_echo(ssl, &p, end) != 0) {
1671 if ((mbedtls_ssl_validate_ciphersuite(ssl, ciphersuite_info,
1672 ssl->tls_version,
1673 ssl->tls_version) != 0) ||
1674 !mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, cipher_suite)) {
1684 (cipher_suite != ssl->session_negotiate->ciphersuite)) {
1695 mbedtls_ssl_optimize_checksum(ssl, ciphersuite_info);
1702 ssl->session_negotiate->start = mbedtls_time(NULL);
1754 ssl, hs_msg_type, extension_type, allowed_extensions_mask);
1762 ret = ssl_tls13_parse_cookie_ext(ssl,
1773 ret = ssl_tls13_parse_supported_versions_ext(ssl,
1786 ssl, p, extension_data_end)) != 0) {
1796 if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) {
1802 ret = ssl_tls13_parse_hrr_key_share_ext(ssl,
1805 ret = ssl_tls13_parse_key_share_ext(ssl,
1857 static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl)
1860 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1900 ssl, handshake->key_exchange_mode)) {
1922 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT ||
1927 ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl);
1935 ret = mbedtls_ssl_tls13_compute_handshake_transform(ssl);
1943 mbedtls_ssl_set_inbound_transform(ssl, handshake->transform_handshake);
1945 ssl->session_in = ssl->session_negotiate;
1958 static int ssl_tls13_postprocess_hrr(mbedtls_ssl_context *ssl)
1962 mbedtls_ssl_session_reset_msg_layer(ssl, 0);
1970 ret = ssl_tls13_reset_key_share(ssl);
1975 ssl->session_negotiate->ciphersuite = ssl->handshake->ciphersuite_info->id;
1978 if (ssl->early_data_state != MBEDTLS_SSL_EARLY_DATA_STATE_NO_IND_SENT) {
1979 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_REJECTED;
1991 static int ssl_tls13_process_server_hello(mbedtls_ssl_context *ssl)
2001 ssl, MBEDTLS_SSL_HS_SERVER_HELLO, &buf, &buf_len));
2003 ret = ssl_tls13_preprocess_server_hello(ssl, buf, buf + buf_len);
2015 MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_server_hello(ssl, buf,
2019 MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_reset_transcript_for_hrr(ssl));
2023 ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, buf_len));
2026 MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_hrr(ssl));
2033 ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO);
2035 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO);
2038 MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_server_hello(ssl));
2039 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS);
2063 static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl,
2071 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
2102 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, extension_type,
2114 ssl, p, (size_t) extension_data_len)) != 0) {
2139 ssl, p, p + extension_data_len);
2184 static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl)
2189 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
2194 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
2199 ssl_tls13_parse_encrypted_extensions(ssl, buf, buf + buf_len));
2230 if ((!mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) ||
2233 ssl->session_negotiate->ciphersuite) {
2241 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_ACCEPTED;
2242 } else if (ssl->early_data_state !=
2244 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_REJECTED;
2250 * `ssl->session_negotiate->ciphersuite` still contains at this point the
2258 ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id;
2261 ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
2265 if (mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) {
2266 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED);
2268 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST);
2271 ((void) ssl);
2272 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED);
2296 static int ssl_tls13_write_end_of_early_data(mbedtls_ssl_context *ssl)
2304 ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA,
2308 ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, 0));
2311 mbedtls_ssl_finish_handshake_msg(ssl, buf_len, 0));
2313 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE);
2321 int mbedtls_ssl_get_early_data_status(mbedtls_ssl_context *ssl)
2323 if ((ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) ||
2324 (!mbedtls_ssl_is_handshake_over(ssl))) {
2328 switch (ssl->early_data_state) {
2362 static int ssl_tls13_certificate_request_coordinate(mbedtls_ssl_context *ssl)
2366 if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) {
2370 ssl->keep_current_message = 1;
2372 if ((ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) &&
2373 (ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST)) {
2392 static int ssl_tls13_parse_certificate_request(mbedtls_ssl_context *ssl,
2401 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
2452 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, extension_type,
2462 ret = mbedtls_ssl_parse_sig_alg_ext(ssl, p,
2500 ssl->handshake->client_auth = 1;
2513 static int ssl_tls13_process_certificate_request(mbedtls_ssl_context *ssl)
2519 MBEDTLS_SSL_PROC_CHK_NEG(ssl_tls13_certificate_request_coordinate(ssl));
2526 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
2530 ssl, buf, buf + buf_len));
2533 ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
2543 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_CERTIFICATE);
2555 static int ssl_tls13_process_server_certificate(mbedtls_ssl_context *ssl)
2559 ret = mbedtls_ssl_tls13_process_certificate(ssl);
2564 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CERTIFICATE_VERIFY);
2572 static int ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl)
2576 ret = mbedtls_ssl_tls13_process_certificate_verify(ssl);
2581 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_FINISHED);
2590 static int ssl_tls13_process_server_finished(mbedtls_ssl_context *ssl)
2594 ret = mbedtls_ssl_tls13_process_finished_message(ssl);
2599 ret = mbedtls_ssl_tls13_compute_application_transform(ssl);
2608 if (ssl->early_data_state == MBEDTLS_SSL_EARLY_DATA_STATE_ACCEPTED) {
2609 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_SERVER_FINISHED_RECEIVED;
2610 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_END_OF_EARLY_DATA);
2616 ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED);
2618 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE);
2629 static int ssl_tls13_write_client_certificate(mbedtls_ssl_context *ssl)
2635 mbedtls_ssl_set_outbound_transform(ssl, ssl->handshake->transform_handshake);
2638 if (ssl->handshake->client_auth) {
2639 int ret = mbedtls_ssl_tls13_write_certificate(ssl);
2644 if (mbedtls_ssl_own_cert(ssl) != NULL) {
2653 mbedtls_ssl_handshake_set_state(ssl,
2657 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED);
2668 static int ssl_tls13_write_client_certificate_verify(mbedtls_ssl_context *ssl)
2670 int ret = mbedtls_ssl_tls13_write_certificate_verify(ssl);
2673 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED);
2684 static int ssl_tls13_write_client_finished(mbedtls_ssl_context *ssl)
2688 ret = mbedtls_ssl_tls13_write_finished_message(ssl);
2693 ret = mbedtls_ssl_tls13_compute_resumption_master_secret(ssl);
2700 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_FLUSH_BUFFERS);
2708 static int ssl_tls13_flush_buffers(mbedtls_ssl_context *ssl)
2711 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP);
2719 static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl)
2722 mbedtls_ssl_tls13_handshake_wrapup(ssl);
2724 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER);
2742 mbedtls_ssl_context *ssl,
2746 mbedtls_ssl_session *session = ssl->session;
2762 static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl,
2766 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
2785 ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, extension_type,
2795 ssl, p, p + extension_data_len);
2833 static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl,
2841 mbedtls_ssl_session *session = ssl->session;
2912 ret = ssl_tls13_parse_new_session_ticket_exts(ssl, p, p + extensions_len);
2932 static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl,
2937 mbedtls_ssl_session *session = ssl->session;
2999 session, ssl->conf->tls13_kex_modes);
3009 static int ssl_tls13_process_new_session_ticket(mbedtls_ssl_context *ssl)
3020 ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET,
3027 ssl->session->exported = 1;
3030 ssl, buf, buf + buf_len,
3034 ssl, ticket_nonce, ticket_nonce_len));
3042 ssl->session->exported = 0;
3055 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER);
3064 int mbedtls_ssl_tls13_handshake_client_step(mbedtls_ssl_context *ssl)
3068 switch (ssl->state) {
3070 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO);
3074 ret = mbedtls_ssl_write_client_hello(ssl);
3078 ret = ssl_tls13_process_server_hello(ssl);
3082 ret = ssl_tls13_process_encrypted_extensions(ssl);
3087 ret = ssl_tls13_process_certificate_request(ssl);
3091 ret = ssl_tls13_process_server_certificate(ssl);
3095 ret = ssl_tls13_process_certificate_verify(ssl);
3100 ret = ssl_tls13_process_server_finished(ssl);
3105 ret = ssl_tls13_write_end_of_early_data(ssl);
3110 ret = ssl_tls13_write_client_certificate(ssl);
3115 ret = ssl_tls13_write_client_certificate_verify(ssl);
3120 ret = ssl_tls13_write_client_finished(ssl);
3124 ret = ssl_tls13_flush_buffers(ssl);
3128 ret = ssl_tls13_handshake_wrapup(ssl);
3136 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl);
3140 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO);
3144 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl);
3148 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE);
3153 ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl);
3155 mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO);
3160 ssl, ssl->handshake->transform_earlydata);
3161 ssl->early_data_state = MBEDTLS_SSL_EARLY_DATA_STATE_CAN_WRITE;
3169 ret = ssl_tls13_process_new_session_ticket(ssl);
3174 MBEDTLS_SSL_DEBUG_MSG(1, ("invalid state %d", ssl->state));