Lines Matching refs:handshake
52 unsigned char versions_len = (ssl->handshake->min_tls_version <=
83 if (ssl->handshake->min_tls_version <= MBEDTLS_SSL_VERSION_TLS1_2) {
177 uint16_t group_id = ssl->handshake->offered_group_id;
190 status = psa_destroy_key(ssl->handshake->xxdh_psa_privkey);
197 ssl->handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
288 group_id = ssl->handshake->offered_group_id;
351 ssl->handshake->offered_group_id = group_id;
404 * then the client MUST abort the handshake with an "illegal_parameter" alert.
429 * ClientHello then the client MUST abort the handshake with
432 if (found == 0 || selected_group == ssl->handshake->offered_group_id) {
441 ssl->handshake->offered_group_id = selected_group;
482 offered_group = ssl->handshake->offered_group_id;
535 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
545 mbedtls_free(handshake->cookie);
546 handshake->cookie_len = 0;
547 handshake->cookie = mbedtls_calloc(1, cookie_len);
548 if (handshake->cookie == NULL) {
555 memcpy(handshake->cookie, p, cookie_len);
556 handshake->cookie_len = cookie_len;
569 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
571 if (handshake->cookie == NULL) {
577 handshake->cookie,
578 handshake->cookie_len);
580 MBEDTLS_SSL_CHK_BUF_PTR(p, end, handshake->cookie_len + 6);
585 MBEDTLS_PUT_UINT16_BE(handshake->cookie_len + 2, p, 2);
586 MBEDTLS_PUT_UINT16_BE(handshake->cookie_len, p, 4);
590 memcpy(p, handshake->cookie, handshake->cookie_len);
592 *out_len = handshake->cookie_len + 6;
685 return ssl->handshake->resume &&
696 return ssl->handshake->resume &&
849 /* Get current state of handshake transcript. */
1086 ssl->handshake->selected_identity = (uint16_t) selected_identity;
1113 if (mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac)
1191 if (!ssl->handshake->hello_retry_request_flag) {
1215 * otherwise fail the handshake with an "illegal_parameter" alert.
1261 * associated with the pre-shared key used for the handshake.
1262 * Note that if the server rejects early data, the handshake
1267 * encrypted handshake data and application data are
1273 ssl->handshake->ciphersuite_info = ciphersuite_info;
1276 ssl->handshake->key_exchange_mode =
1304 ssl, ssl->handshake->transform_earlydata);
1445 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1458 * abort the handshake with an "illegal parameter" alert.
1460 if (handshake->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2 || ret) {
1492 handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
1503 * to a HelloRetryRequest), it MUST abort the handshake with an
1506 if (handshake->hello_retry_request_flag) {
1514 * Clients must abort the handshake with an "illegal_parameter"
1528 handshake->hello_retry_request_flag = 1;
1593 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1640 memcpy(&handshake->randbytes[MBEDTLS_CLIENT_HELLO_RANDOM_LEN], p,
1680 * proposed in the HRR, we abort the handshake and send an
1683 else if ((!is_hrr) && handshake->hello_retry_request_flag &&
1697 handshake->ciphersuite_info = ciphersuite_info;
1735 handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
1824 MBEDTLS_SSL_PRINT_EXTS(3, hs_msg_type, handshake->received_extensions);
1860 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1870 switch (handshake->received_extensions &
1875 handshake->key_exchange_mode =
1881 handshake->key_exchange_mode =
1888 handshake->key_exchange_mode =
1900 ssl, handshake->key_exchange_mode)) {
1904 ssl_tls13_get_kex_mode_str(handshake->key_exchange_mode)));
1910 ssl_tls13_get_kex_mode_str(handshake->key_exchange_mode)));
1923 handshake->key_exchange_mode ==
1943 mbedtls_ssl_set_inbound_transform(ssl, handshake->transform_handshake);
1944 MBEDTLS_SSL_DEBUG_MSG(1, ("Switch to handshake keys for inbound traffic"));
1975 ssl->session_negotiate->ciphersuite = ssl->handshake->ciphersuite_info->id;
1987 * Wait and parse ServerHello handshake message.
2030 * its second ClientHello or before its encrypted handshake flight.
2071 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
2082 handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
2158 if ((handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(RECORD_SIZE_LIMIT)) &&
2159 (handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(MAX_FRAGMENT_LENGTH))) {
2170 handshake->received_extensions);
2189 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
2202 if (handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) {
2207 * abort the handshake with an "illegal_parameter" alert.
2221 * check here that the additional constraints on the handshake
2224 * - a PSK has been selected for the handshake
2225 * - the selected PSK for the handshake was the first one proposed
2227 * - the selected ciphersuite for the handshake is the ciphersuite
2231 handshake->selected_identity != 0 ||
2232 handshake->ciphersuite_info->id !=
2253 * it to check that the ciphersuite selected for the handshake is the
2258 ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id;
2401 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
2416 handshake->certificate_request_context =
2418 if (handshake->certificate_request_context == NULL) {
2422 memcpy(handshake->certificate_request_context, p,
2438 handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
2481 handshake->received_extensions);
2494 if ((handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(SIG_ALG)) == 0) {
2500 ssl->handshake->client_auth = 1;
2634 ("Switch to handshake traffic keys for outbound traffic"));
2635 mbedtls_ssl_set_outbound_transform(ssl, ssl->handshake->transform_handshake);
2638 if (ssl->handshake->client_auth) {
2710 MBEDTLS_SSL_DEBUG_MSG(2, ("handshake: done"));
2766 mbedtls_ssl_handshake_params *handshake = ssl->handshake;
2770 handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
2815 handshake->received_extensions);
3160 ssl, ssl->handshake->transform_earlydata);