xref: /third_party/mbedtls/library/ssl_tls13_keys.c

664  * \param ssl  The SSL context to operate on. This must be in key schedule
671 static int ssl_tls13_key_schedule_stage_application(mbedtls_ssl_context *ssl)
674     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
772 int mbedtls_ssl_tls13_calculate_verify_data(mbedtls_ssl_context *ssl,
786         &ssl->handshake->tls13_hs_secrets;
788     mbedtls_md_type_t const md_type = (mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac;
791         (mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac);
809     ret = mbedtls_ssl_get_handshake_transcript(ssl, md_type,
834 int mbedtls_ssl_tls13_create_psk_binder(mbedtls_ssl_context *ssl,
848     ssl = NULL; /* make sure we don't use it except for debug */
849     ((void) ssl);
928     mbedtls_ssl_context *ssl /* DEBUG ONLY */)
949     ssl = NULL; /* make sure we don't use it except for those cases */
950     (void) ssl;
1134 static int ssl_tls13_generate_early_key(mbedtls_ssl_context *ssl,
1147     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1164     ret = mbedtls_ssl_get_handshake_transcript(ssl, md_type,
1191     if (ssl->f_export_keys != NULL) {
1192         ssl->f_export_keys(
1193             ssl->p_export_keys,
1232 int mbedtls_ssl_tls13_compute_early_transform(mbedtls_ssl_context *ssl)
1237     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1241     ret = ssl_tls13_generate_early_key(ssl, &traffic_keys);
1256         ssl->conf->endpoint,
1259         ssl);
1276 int mbedtls_ssl_tls13_key_schedule_stage_early(mbedtls_ssl_context *ssl)
1280     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1291     if (mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) {
1292         ret = mbedtls_ssl_tls13_export_handshake_psk(ssl, &psk, &psk_len);
1325  * \param ssl  The SSL context to operate on. This must be in
1335 static int ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl,
1347     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1366     ret = mbedtls_ssl_get_handshake_transcript(ssl, md_type,
1396     if (ssl->f_export_keys != NULL) {
1397         ssl->f_export_keys(
1398             ssl->p_export_keys,
1406         ssl->f_export_keys(
1407             ssl->p_export_keys,
1459  * \param ssl  The SSL context to operate on. This must be in key schedule
1466 static int ssl_tls13_key_schedule_stage_handshake(mbedtls_ssl_context *ssl)
1469     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1481     if (mbedtls_ssl_tls13_key_exchange_mode_with_ephemeral(ssl)) {
1563  * \param ssl  The SSL context to operate on. This must be in
1574     mbedtls_ssl_context *ssl,
1578     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1582         &ssl->session_negotiate->app_secrets;
1616     ret = mbedtls_ssl_get_handshake_transcript(ssl, md_type,
1657     if (ssl->f_export_keys != NULL) {
1658         ssl->f_export_keys(
1659             ssl->p_export_keys,
1667         ssl->f_export_keys(
1668             ssl->p_export_keys,
1690     mbedtls_platform_zeroize(ssl->handshake->randbytes,
1691                              sizeof(ssl->handshake->randbytes));
1697 int mbedtls_ssl_tls13_compute_handshake_transform(mbedtls_ssl_context *ssl)
1702     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1705     ret = ssl_tls13_key_schedule_stage_handshake(ssl);
1713     ret = ssl_tls13_generate_handshake_keys(ssl, &traffic_keys);
1728         ssl->conf->endpoint,
1731         ssl);
1747 int mbedtls_ssl_tls13_compute_resumption_master_secret(mbedtls_ssl_context *ssl)
1751     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1760     ret = mbedtls_ssl_get_handshake_transcript(ssl, md_type,
1771         &ssl->session_negotiate->app_secrets);
1782         ssl->session_negotiate->app_secrets.resumption_master_secret,
1790 int mbedtls_ssl_tls13_compute_application_transform(mbedtls_ssl_context *ssl)
1796     ret = ssl_tls13_key_schedule_stage_application(ssl);
1803     ret = ssl_tls13_generate_application_keys(ssl, &traffic_keys);
1819         ssl->conf->endpoint,
1820         ssl->handshake->ciphersuite_info->id,
1822         ssl);
1828     ssl->transform_application = transform_application;
1840 int mbedtls_ssl_tls13_export_handshake_psk(mbedtls_ssl_context *ssl,
1851     if (mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) {
1855     status = psa_get_key_attributes(ssl->handshake->psk_opaque, &key_attributes);
1866     status = psa_export_key(ssl->handshake->psk_opaque,
1875     *psk = ssl->handshake->psk;
1876     *psk_len = ssl->handshake->psk_len;

Indexes created Thu Nov 07 10:32:03 CST 2024