#include "polarssl/config.h"
#include "polarssl/debug.h"
#include "polarssl/ssl.h"
#include "polarssl/ecp.h"
#include <stdlib.h>
#include <stdio.h>
#include <time.h>
Go to the source code of this file.
Defines | |
#define | polarssl_malloc malloc |
#define | polarssl_free free |
Functions | |
static int | ssl_save_session (const ssl_session *session, unsigned char *buf, size_t buf_len, size_t *olen) |
static int | ssl_load_session (ssl_session *session, const unsigned char *buf, size_t len) |
static int | ssl_write_ticket (ssl_context *ssl, size_t *tlen) |
static int | ssl_parse_ticket (ssl_context *ssl, unsigned char *buf, size_t len) |
static int | ssl_sni_wrapper (ssl_context *ssl, const unsigned char *name, size_t len) |
static int | ssl_parse_servername_ext (ssl_context *ssl, const unsigned char *buf, size_t len) |
static int | ssl_parse_renegotiation_info (ssl_context *ssl, const unsigned char *buf, size_t len) |
static int | ssl_parse_signature_algorithms_ext (ssl_context *ssl, const unsigned char *buf, size_t len) |
static int | ssl_parse_supported_elliptic_curves (ssl_context *ssl, const unsigned char *buf, size_t len) |
static int | ssl_parse_supported_point_formats (ssl_context *ssl, const unsigned char *buf, size_t len) |
static int | ssl_parse_max_fragment_length_ext (ssl_context *ssl, const unsigned char *buf, size_t len) |
static int | ssl_parse_truncated_hmac_ext (ssl_context *ssl, const unsigned char *buf, size_t len) |
static int | ssl_parse_session_ticket_ext (ssl_context *ssl, unsigned char *buf, size_t len) |
static int | ssl_parse_client_hello_v2 (ssl_context *ssl) |
static int | ssl_key_matches_curves (pk_context *pk, const ecp_curve_info **curves) |
static int | ssl_pick_cert (ssl_context *ssl, const ssl_ciphersuite_t *ciphersuite_info) |
static int | ssl_parse_client_hello (ssl_context *ssl) |
static void | ssl_write_truncated_hmac_ext (ssl_context *ssl, unsigned char *buf, size_t *olen) |
static void | ssl_write_session_ticket_ext (ssl_context *ssl, unsigned char *buf, size_t *olen) |
static void | ssl_write_renegotiation_ext (ssl_context *ssl, unsigned char *buf, size_t *olen) |
static void | ssl_write_max_fragment_length_ext (ssl_context *ssl, unsigned char *buf, size_t *olen) |
static void | ssl_write_supported_point_formats_ext (ssl_context *ssl, unsigned char *buf, size_t *olen) |
static int | ssl_write_server_hello (ssl_context *ssl) |
static int | ssl_write_certificate_request (ssl_context *ssl) |
static int | ssl_write_server_key_exchange (ssl_context *ssl) |
static int | ssl_write_server_hello_done (ssl_context *ssl) |
static int | ssl_parse_client_dh_public (ssl_context *ssl, unsigned char **p, const unsigned char *end) |
static int | ssl_parse_encrypted_pms (ssl_context *ssl, const unsigned char *p, const unsigned char *end, size_t pms_offset) |
static int | ssl_parse_client_psk_identity (ssl_context *ssl, unsigned char **p, const unsigned char *end) |
static int | ssl_parse_client_key_exchange (ssl_context *ssl) |
static int | ssl_parse_certificate_verify (ssl_context *ssl) |
static int | ssl_write_new_session_ticket (ssl_context *ssl) |
int | ssl_handshake_server_step (ssl_context *ssl) |
#define polarssl_free free |
#define polarssl_malloc malloc |
int ssl_handshake_server_step | ( | ssl_context * | ssl | ) |
Definition at line 2907 of file ssl_srv.c.
References _ssl_context::handshake, _ssl_handshake_params::new_session_ticket, POLARSSL_ERR_SSL_BAD_INPUT_DATA, SSL_CERTIFICATE_REQUEST, SSL_CERTIFICATE_VERIFY, SSL_CLIENT_CERTIFICATE, SSL_CLIENT_CHANGE_CIPHER_SPEC, SSL_CLIENT_FINISHED, SSL_CLIENT_HELLO, SSL_CLIENT_KEY_EXCHANGE, SSL_DEBUG_MSG, SSL_FLUSH_BUFFERS, ssl_flush_output(), SSL_HANDSHAKE_OVER, ssl_handshake_wrapup(), SSL_HANDSHAKE_WRAPUP, SSL_HELLO_REQUEST, ssl_parse_certificate(), ssl_parse_certificate_verify(), ssl_parse_change_cipher_spec(), ssl_parse_client_hello(), ssl_parse_client_key_exchange(), ssl_parse_finished(), SSL_SERVER_CERTIFICATE, SSL_SERVER_CHANGE_CIPHER_SPEC, SSL_SERVER_FINISHED, SSL_SERVER_HELLO, SSL_SERVER_HELLO_DONE, SSL_SERVER_KEY_EXCHANGE, ssl_write_certificate(), ssl_write_certificate_request(), ssl_write_change_cipher_spec(), ssl_write_finished(), ssl_write_new_session_ticket(), ssl_write_server_hello(), ssl_write_server_hello_done(), ssl_write_server_key_exchange(), and _ssl_context::state.
Referenced by ssl_handshake_step().
static int ssl_key_matches_curves | ( | pk_context * | pk, | |
const ecp_curve_info ** | curves | |||
) | [static] |
static int ssl_load_session | ( | ssl_session * | session, | |
const unsigned char * | buf, | |||
size_t | len | |||
) | [static] |
Definition at line 103 of file ssl_srv.c.
References _ssl_session::peer_cert, POLARSSL_ERR_SSL_BAD_INPUT_DATA, POLARSSL_ERR_SSL_MALLOC_FAILED, polarssl_free, polarssl_malloc, x509_crt_free(), x509_crt_init(), and x509_crt_parse().
Referenced by ssl_parse_ticket().
static int ssl_parse_certificate_verify | ( | ssl_context * | ssl | ) | [static] |
Definition at line 2698 of file ssl_srv.c.
References _ssl_handshake_params::calc_verify, _ssl_transform::ciphersuite_info, _ssl_context::handshake, _ssl_context::in_hslen, _ssl_context::in_msg, _ssl_context::in_msgtype, _ssl_ciphersuite_t::key_exchange, _ssl_context::minor_ver, _ssl_session::peer_cert, _x509_crt::pk, pk_can_do(), pk_verify(), POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY, POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE, POLARSSL_KEY_EXCHANGE_DHE_PSK, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, POLARSSL_KEY_EXCHANGE_PSK, POLARSSL_MD_NONE, POLARSSL_MD_SHA1, POLARSSL_PK_ECDSA, POLARSSL_PK_NONE, _ssl_context::session_negotiate, SSL_DEBUG_MSG, SSL_DEBUG_RET, SSL_HS_CERTIFICATE_VERIFY, ssl_md_alg_from_hash(), SSL_MINOR_VERSION_3, SSL_MSG_HANDSHAKE, ssl_pk_alg_from_sig(), ssl_read_record(), _ssl_context::state, _ssl_context::transform_negotiate, and _ssl_handshake_params::verify_sig_alg.
Referenced by ssl_handshake_server_step().
static int ssl_parse_client_dh_public | ( | ssl_context * | ssl, | |
unsigned char ** | p, | |||
const unsigned char * | end | |||
) | [static] |
Definition at line 2270 of file ssl_srv.c.
References _ssl_handshake_params::dhm_ctx, dhm_read_public(), dhm_context::GY, _ssl_context::handshake, dhm_context::len, POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE, POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP, POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE, SSL_DEBUG_MPI, SSL_DEBUG_MSG, and SSL_DEBUG_RET.
Referenced by ssl_parse_client_key_exchange().
static int ssl_parse_client_hello | ( | ssl_context * | ssl | ) | [static] |
Definition at line 977 of file ssl_srv.c.
References _ssl_context::allow_legacy_renegotiation, _ssl_session::ciphersuite, _ssl_transform::ciphersuite_info, _ssl_context::ciphersuite_list, _ssl_handshake_params::cli_exts, _ssl_session::compression, _ssl_handshake_params::curves, _ssl_context::f_psk, _ssl_context::f_sni, _ssl_context::handshake, _ssl_session::id, _ssl_context::in_hdr, _ssl_context::in_left, _ssl_context::in_msg, _ssl_context::in_msglen, _ssl_session::length, _ssl_context::major_ver, _ssl_handshake_params::max_major_ver, _ssl_ciphersuite_t::max_minor_ver, _ssl_handshake_params::max_minor_ver, _ssl_context::max_minor_ver, _ssl_context::min_major_ver, _ssl_ciphersuite_t::min_minor_ver, _ssl_context::min_minor_ver, _ssl_context::minor_ver, POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO, POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION, POLARSSL_ERR_SSL_BAD_INPUT_DATA, POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN, _ssl_context::psk, _ssl_context::psk_identity, _ssl_context::psk_identity_len, _ssl_context::psk_len, _ssl_handshake_params::randbytes, _ssl_context::renegotiation, _ssl_context::secure_renegotiation, _ssl_context::session_negotiate, SSL_ALERT_LEVEL_FATAL, SSL_ALERT_MSG_PROTOCOL_VERSION, ssl_ciphersuite_from_id(), ssl_ciphersuite_uses_ec(), ssl_ciphersuite_uses_psk(), SSL_COMPRESS_DEFLATE, SSL_COMPRESS_NULL, SSL_DEBUG_BUF, SSL_DEBUG_MSG, SSL_DEBUG_RET, SSL_EMPTY_RENEGOTIATION_INFO, ssl_fetch_input(), SSL_HS_CLIENT_HELLO, SSL_INITIAL_HANDSHAKE, SSL_LEGACY_BREAK_HANDSHAKE, SSL_LEGACY_NO_RENEGOTIATION, SSL_LEGACY_RENEGOTIATION, SSL_MAJOR_VERSION_3, SSL_MSG_HANDSHAKE, ssl_optimize_checksum(), ssl_parse_client_hello_v2(), ssl_parse_max_fragment_length_ext(), ssl_parse_renegotiation_info(), ssl_parse_servername_ext(), ssl_parse_session_ticket_ext(), ssl_parse_signature_algorithms_ext(), ssl_parse_supported_elliptic_curves(), ssl_parse_supported_point_formats(), ssl_parse_truncated_hmac_ext(), ssl_pick_cert(), SSL_RENEGOTIATION, SSL_SECURE_RENEGOTIATION, ssl_send_alert_message(), ssl_send_fatal_handshake_failure(), _ssl_context::state, TLS_EXT_MAX_FRAGMENT_LENGTH, TLS_EXT_RENEGOTIATION_INFO, TLS_EXT_SERVERNAME, TLS_EXT_SESSION_TICKET, TLS_EXT_SIG_ALG, TLS_EXT_SUPPORTED_ELLIPTIC_CURVES, TLS_EXT_SUPPORTED_POINT_FORMATS, TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT, TLS_EXT_TRUNCATED_HMAC, _ssl_context::transform_negotiate, and _ssl_handshake_params::update_checksum.
Referenced by ssl_handshake_server_step().
static int ssl_parse_client_hello_v2 | ( | ssl_context * | ssl | ) | [static] |
Definition at line 684 of file ssl_srv.c.
References _ssl_context::allow_legacy_renegotiation, _ssl_session::ciphersuite, _ssl_transform::ciphersuite_info, _ssl_context::ciphersuite_list, _ssl_context::handshake, _ssl_session::id, _ssl_context::in_hdr, _ssl_context::in_left, _ssl_context::in_msg, _ssl_session::length, _ssl_context::major_ver, _ssl_handshake_params::max_major_ver, _ssl_ciphersuite_t::max_minor_ver, _ssl_handshake_params::max_minor_ver, _ssl_context::max_minor_ver, _ssl_context::min_major_ver, _ssl_ciphersuite_t::min_minor_ver, _ssl_context::min_minor_ver, _ssl_context::minor_ver, POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO, POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION, POLARSSL_ERR_SSL_BAD_INPUT_DATA, POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN, _ssl_handshake_params::randbytes, _ssl_context::renegotiation, _ssl_context::secure_renegotiation, _ssl_context::session_negotiate, SSL_ALERT_LEVEL_FATAL, SSL_ALERT_MSG_PROTOCOL_VERSION, ssl_ciphersuite_from_id(), SSL_DEBUG_BUF, SSL_DEBUG_MSG, SSL_DEBUG_RET, SSL_EMPTY_RENEGOTIATION_INFO, ssl_fetch_input(), SSL_HS_CLIENT_HELLO, SSL_INITIAL_HANDSHAKE, SSL_LEGACY_BREAK_HANDSHAKE, SSL_LEGACY_RENEGOTIATION, SSL_MAJOR_VERSION_3, ssl_optimize_checksum(), SSL_RENEGOTIATION, SSL_SECURE_RENEGOTIATION, ssl_send_alert_message(), ssl_send_fatal_handshake_failure(), _ssl_context::state, _ssl_context::transform_negotiate, and _ssl_handshake_params::update_checksum.
Referenced by ssl_parse_client_hello().
static int ssl_parse_client_key_exchange | ( | ssl_context * | ssl | ) | [static] |
Definition at line 2446 of file ssl_srv.c.
References _ssl_transform::ciphersuite_info, dhm_calc_secret(), _ssl_handshake_params::dhm_ctx, ecdh_calc_secret(), _ssl_handshake_params::ecdh_ctx, ecdh_read_public(), _ssl_context::f_rng, ecdh_context::grp, _ssl_context::handshake, _ssl_context::in_hslen, _ssl_context::in_msg, _ssl_context::in_msglen, _ssl_context::in_msgtype, dhm_context::K, _ssl_ciphersuite_t::key_exchange, dhm_context::len, mpi_size(), ecp_group::P, _ssl_context::p_rng, _ssl_handshake_params::pmslen, POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE, POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS, POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP, POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE, POLARSSL_KEY_EXCHANGE_DHE_PSK, POLARSSL_KEY_EXCHANGE_DHE_RSA, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, POLARSSL_KEY_EXCHANGE_PSK, POLARSSL_KEY_EXCHANGE_RSA, POLARSSL_KEY_EXCHANGE_RSA_PSK, POLARSSL_MPI_MAX_SIZE, _ssl_handshake_params::premaster, ecdh_context::Qp, SSL_DEBUG_ECP, SSL_DEBUG_MPI, SSL_DEBUG_MSG, SSL_DEBUG_RET, ssl_derive_keys(), SSL_HS_CLIENT_KEY_EXCHANGE, SSL_MSG_HANDSHAKE, ssl_parse_client_dh_public(), ssl_parse_client_psk_identity(), ssl_parse_encrypted_pms(), ssl_psk_derive_premaster(), ssl_read_record(), _ssl_context::state, _ssl_context::transform_negotiate, and ecdh_context::z.
Referenced by ssl_handshake_server_step().
static int ssl_parse_client_psk_identity | ( | ssl_context * | ssl, | |
unsigned char ** | p, | |||
const unsigned char * | end | |||
) | [static] |
Definition at line 2377 of file ssl_srv.c.
References _ssl_context::f_psk, _ssl_context::p_psk, POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE, POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED, POLARSSL_ERR_SSL_UNKNOWN_IDENTITY, _ssl_context::psk, _ssl_context::psk_identity, _ssl_context::psk_identity_len, _ssl_context::psk_len, safer_memcmp(), SSL_ALERT_LEVEL_FATAL, SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY, SSL_DEBUG_BUF, SSL_DEBUG_MSG, and ssl_send_alert_message().
Referenced by ssl_parse_client_key_exchange().
static int ssl_parse_encrypted_pms | ( | ssl_context * | ssl, | |
const unsigned char * | p, | |||
const unsigned char * | end, | |||
size_t | pms_offset | |||
) | [static] |
Definition at line 2310 of file ssl_srv.c.
References _ssl_context::f_rng, _ssl_context::handshake, _ssl_handshake_params::max_major_ver, _ssl_handshake_params::max_minor_ver, _ssl_context::minor_ver, _ssl_context::p_rng, pk_can_do(), pk_decrypt(), pk_get_len(), _ssl_handshake_params::pmslen, POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE, POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED, POLARSSL_PK_RSA, _ssl_handshake_params::premaster, SSL_DEBUG_MSG, SSL_MINOR_VERSION_0, and ssl_own_key().
Referenced by ssl_parse_client_key_exchange().
static int ssl_parse_max_fragment_length_ext | ( | ssl_context * | ssl, | |
const unsigned char * | buf, | |||
size_t | len | |||
) | [static] |
Definition at line 604 of file ssl_srv.c.
References _ssl_session::mfl_code, POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO, _ssl_context::session_negotiate, SSL_DEBUG_MSG, and SSL_MAX_FRAG_LEN_INVALID.
Referenced by ssl_parse_client_hello().
static int ssl_parse_renegotiation_info | ( | ssl_context * | ssl, | |
const unsigned char * | buf, | |||
size_t | len | |||
) | [static] |
Definition at line 413 of file ssl_srv.c.
References _ssl_context::peer_verify_data, POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO, _ssl_context::renegotiation, safer_memcmp(), _ssl_context::secure_renegotiation, SSL_DEBUG_MSG, SSL_INITIAL_HANDSHAKE, SSL_SECURE_RENEGOTIATION, ssl_send_fatal_handshake_failure(), and _ssl_context::verify_data_len.
Referenced by ssl_parse_client_hello().
static int ssl_parse_servername_ext | ( | ssl_context * | ssl, | |
const unsigned char * | buf, | |||
size_t | len | |||
) | [static] |
Definition at line 362 of file ssl_srv.c.
References POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO, SSL_ALERT_LEVEL_FATAL, SSL_ALERT_MSG_UNRECOGNIZED_NAME, SSL_DEBUG_MSG, ssl_send_alert_message(), ssl_sni_wrapper(), and TLS_EXT_SERVERNAME_HOSTNAME.
Referenced by ssl_parse_client_hello().
static int ssl_parse_session_ticket_ext | ( | ssl_context * | ssl, | |
unsigned char * | buf, | |||
size_t | len | |||
) | [static] |
Definition at line 640 of file ssl_srv.c.
References _ssl_context::handshake, _ssl_handshake_params::new_session_ticket, _ssl_context::renegotiation, _ssl_handshake_params::resume, _ssl_context::session_tickets, SSL_DEBUG_MSG, SSL_DEBUG_RET, SSL_INITIAL_HANDSHAKE, ssl_parse_ticket(), and SSL_SESSION_TICKETS_DISABLED.
Referenced by ssl_parse_client_hello().
static int ssl_parse_signature_algorithms_ext | ( | ssl_context * | ssl, | |
const unsigned char * | buf, | |||
size_t | len | |||
) | [static] |
Definition at line 454 of file ssl_srv.c.
References _ssl_context::handshake, POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO, _ssl_handshake_params::sig_alg, SSL_DEBUG_MSG, SSL_HASH_MD5, SSL_HASH_SHA1, SSL_HASH_SHA224, SSL_HASH_SHA256, SSL_HASH_SHA384, and SSL_HASH_SHA512.
Referenced by ssl_parse_client_hello().
static int ssl_parse_supported_elliptic_curves | ( | ssl_context * | ssl, | |
const unsigned char * | buf, | |||
size_t | len | |||
) | [static] |
Definition at line 523 of file ssl_srv.c.
References _ssl_handshake_params::curves, ecp_curve_info_from_tls_id(), _ssl_context::handshake, POLARSSL_ECP_DP_MAX, POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO, POLARSSL_ERR_SSL_MALLOC_FAILED, polarssl_malloc, and SSL_DEBUG_MSG.
Referenced by ssl_parse_client_hello().
static int ssl_parse_supported_point_formats | ( | ssl_context * | ssl, | |
const unsigned char * | buf, | |||
size_t | len | |||
) | [static] |
Definition at line 570 of file ssl_srv.c.
References _ssl_handshake_params::ecdh_ctx, _ssl_context::handshake, ecdh_context::point_format, POLARSSL_ECP_PF_COMPRESSED, POLARSSL_ECP_PF_UNCOMPRESSED, POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO, and SSL_DEBUG_MSG.
Referenced by ssl_parse_client_hello().
static int ssl_parse_ticket | ( | ssl_context * | ssl, | |
unsigned char * | buf, | |||
size_t | len | |||
) | [static] |
Definition at line 244 of file ssl_srv.c.
References aes_crypt_cbc(), AES_DECRYPT, _ssl_ticket_keys::dec, _ssl_session::id, iv, _ssl_ticket_keys::key_name, _ssl_session::length, _ssl_ticket_keys::mac_key, POLARSSL_ERR_SSL_BAD_INPUT_DATA, POLARSSL_ERR_SSL_INVALID_MAC, POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED, _ssl_context::session_negotiate, sha256_hmac(), SSL_DEBUG_BUF, SSL_DEBUG_MSG, ssl_load_session(), ssl_session_free(), _ssl_session::start, _ssl_context::ticket_keys, and _ssl_context::ticket_lifetime.
Referenced by ssl_parse_session_ticket_ext().
static int ssl_parse_truncated_hmac_ext | ( | ssl_context * | ssl, | |
const unsigned char * | buf, | |||
size_t | len | |||
) | [static] |
Definition at line 621 of file ssl_srv.c.
References POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO, _ssl_context::session_negotiate, SSL_DEBUG_MSG, SSL_TRUNC_HMAC_ENABLED, and _ssl_session::trunc_hmac.
Referenced by ssl_parse_client_hello().
static int ssl_pick_cert | ( | ssl_context * | ssl, | |
const ssl_ciphersuite_t * | ciphersuite_info | |||
) | [static] |
Definition at line 937 of file ssl_srv.c.
References _ssl_handshake_params::curves, _ssl_context::handshake, _ssl_key_cert::key, _ssl_handshake_params::key_cert, _ssl_key_cert::next, pk_can_do(), POLARSSL_PK_ECDSA, POLARSSL_PK_NONE, _ssl_handshake_params::sni_key_cert, ssl_get_ciphersuite_sig_pk_alg(), and ssl_key_matches_curves().
Referenced by ssl_parse_client_hello().
static int ssl_save_session | ( | const ssl_session * | session, | |
unsigned char * | buf, | |||
size_t | buf_len, | |||
size_t * | olen | |||
) | [static] |
Definition at line 59 of file ssl_srv.c.
References _asn1_buf::len, _asn1_buf::p, _ssl_session::peer_cert, and _x509_crt::raw.
Referenced by ssl_write_ticket().
static int ssl_sni_wrapper | ( | ssl_context * | ssl, | |
const unsigned char * | name, | |||
size_t | len | |||
) | [static] |
Definition at line 347 of file ssl_srv.c.
References _ssl_context::f_sni, _ssl_context::handshake, _ssl_context::key_cert, _ssl_context::p_sni, and _ssl_handshake_params::sni_key_cert.
Referenced by ssl_parse_servername_ext().
static int ssl_write_certificate_request | ( | ssl_context * | ssl | ) | [static] |
Definition at line 1786 of file ssl_srv.c.
References _ssl_context::authmode, _ssl_context::ca_chain, _ssl_transform::ciphersuite_info, _ssl_context::handshake, _ssl_ciphersuite_t::key_exchange, _asn1_buf::len, _ssl_ciphersuite_t::mac, _ssl_context::minor_ver, _x509_crt::next, _ssl_context::out_msg, _ssl_context::out_msglen, _ssl_context::out_msgtype, _asn1_buf::p, POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE, POLARSSL_KEY_EXCHANGE_DHE_PSK, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, POLARSSL_KEY_EXCHANGE_PSK, POLARSSL_MD_SHA384, SSL_CERT_TYPE_ECDSA_SIGN, SSL_CERT_TYPE_RSA_SIGN, SSL_DEBUG_BUF, SSL_DEBUG_MSG, SSL_HASH_SHA256, SSL_HASH_SHA384, SSL_HS_CERTIFICATE_REQUEST, SSL_MINOR_VERSION_3, SSL_MSG_HANDSHAKE, SSL_SIG_ECDSA, SSL_SIG_RSA, SSL_VERIFY_NONE, ssl_write_record(), _ssl_context::state, _x509_crt::subject_raw, _ssl_context::transform_negotiate, and _ssl_handshake_params::verify_sig_alg.
Referenced by ssl_handshake_server_step().
static void ssl_write_max_fragment_length_ext | ( | ssl_context * | ssl, | |
unsigned char * | buf, | |||
size_t * | olen | |||
) | [static] |
Definition at line 1530 of file ssl_srv.c.
References _ssl_session::mfl_code, _ssl_context::session_negotiate, SSL_DEBUG_MSG, SSL_MAX_FRAG_LEN_NONE, and TLS_EXT_MAX_FRAGMENT_LENGTH.
Referenced by ssl_write_server_hello().
static int ssl_write_new_session_ticket | ( | ssl_context * | ssl | ) | [static] |
Definition at line 2851 of file ssl_srv.c.
References _ssl_context::handshake, _ssl_handshake_params::new_session_ticket, _ssl_context::out_msg, _ssl_context::out_msglen, _ssl_context::out_msgtype, SSL_DEBUG_MSG, SSL_DEBUG_RET, SSL_HS_NEW_SESSION_TICKET, SSL_MSG_HANDSHAKE, ssl_write_record(), ssl_write_ticket(), and _ssl_context::ticket_lifetime.
Referenced by ssl_handshake_server_step().
static void ssl_write_renegotiation_ext | ( | ssl_context * | ssl, | |
unsigned char * | buf, | |||
size_t * | olen | |||
) | [static] |
Definition at line 1500 of file ssl_srv.c.
References _ssl_context::own_verify_data, _ssl_context::peer_verify_data, _ssl_context::secure_renegotiation, SSL_DEBUG_MSG, SSL_SECURE_RENEGOTIATION, TLS_EXT_RENEGOTIATION_INFO, and _ssl_context::verify_data_len.
Referenced by ssl_write_server_hello().
static int ssl_write_server_hello | ( | ssl_context * | ssl | ) | [static] |
Definition at line 1586 of file ssl_srv.c.
References _ssl_session::ciphersuite, _ssl_session::compression, _ssl_context::f_get_cache, _ssl_context::f_rng, _ssl_context::handshake, _ssl_session::id, _ssl_session::length, _ssl_context::major_ver, _ssl_context::minor_ver, _ssl_handshake_params::new_session_ticket, _ssl_context::out_msg, _ssl_context::out_msglen, _ssl_context::out_msgtype, _ssl_context::p_get_cache, _ssl_context::p_rng, _ssl_handshake_params::randbytes, _ssl_context::renegotiation, _ssl_handshake_params::resume, _ssl_context::session_negotiate, SSL_DEBUG_BUF, SSL_DEBUG_MSG, SSL_DEBUG_RET, ssl_derive_keys(), ssl_get_ciphersuite_name(), SSL_HS_SERVER_HELLO, SSL_INITIAL_HANDSHAKE, SSL_MSG_HANDSHAKE, SSL_SERVER_CHANGE_CIPHER_SPEC, ssl_write_max_fragment_length_ext(), ssl_write_record(), ssl_write_renegotiation_ext(), ssl_write_session_ticket_ext(), ssl_write_supported_point_formats_ext(), ssl_write_truncated_hmac_ext(), _ssl_session::start, and _ssl_context::state.
Referenced by ssl_handshake_server_step().
static int ssl_write_server_hello_done | ( | ssl_context * | ssl | ) | [static] |
Definition at line 2245 of file ssl_srv.c.
References _ssl_context::out_msg, _ssl_context::out_msglen, _ssl_context::out_msgtype, SSL_DEBUG_MSG, SSL_DEBUG_RET, SSL_HS_SERVER_HELLO_DONE, SSL_MSG_HANDSHAKE, ssl_write_record(), and _ssl_context::state.
Referenced by ssl_handshake_server_step().
static int ssl_write_server_key_exchange | ( | ssl_context * | ssl | ) | [static] |
Definition at line 1930 of file ssl_srv.c.
References _ssl_transform::ciphersuite_info, _ssl_handshake_params::curves, _ssl_handshake_params::dhm_ctx, _ssl_context::dhm_G, dhm_make_params(), _ssl_context::dhm_P, _ssl_handshake_params::ecdh_ctx, ecdh_make_params(), ecp_use_known_dp(), _ssl_context::f_rng, dhm_context::G, ecdh_context::grp, ecp_curve_info::grp_id, dhm_context::GX, _ssl_context::handshake, _ssl_ciphersuite_t::key_exchange, md5(), md5_finish(), md5_starts(), md5_update(), md_finish(), md_free_ctx(), md_info_from_type(), md_init_ctx(), md_starts(), md_update(), _ssl_context::minor_ver, mpi_copy(), mpi_size(), ecp_group::nbits, _ssl_context::out_msg, _ssl_context::out_msglen, _ssl_context::out_msgtype, dhm_context::P, _ssl_context::p_rng, pk_sign(), POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE, POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED, POLARSSL_KEY_EXCHANGE_DHE_PSK, POLARSSL_KEY_EXCHANGE_DHE_RSA, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, POLARSSL_KEY_EXCHANGE_PSK, POLARSSL_KEY_EXCHANGE_RSA, POLARSSL_KEY_EXCHANGE_RSA_PSK, POLARSSL_MD_NONE, POLARSSL_MD_SHA1, ecdh_context::Q, _ssl_handshake_params::randbytes, sha1(), sha1_finish(), sha1_starts(), sha1_update(), _ssl_handshake_params::sig_alg, SSL_DEBUG_BUF, SSL_DEBUG_ECP, SSL_DEBUG_MPI, SSL_DEBUG_MSG, SSL_DEBUG_RET, SSL_HS_SERVER_KEY_EXCHANGE, SSL_MAX_CONTENT_LEN, ssl_md_alg_from_hash(), SSL_MINOR_VERSION_3, SSL_MSG_HANDSHAKE, ssl_own_key(), ssl_sig_from_pk(), ssl_write_record(), _ssl_context::state, _ssl_context::transform_negotiate, and dhm_context::X.
Referenced by ssl_handshake_server_step().
static void ssl_write_session_ticket_ext | ( | ssl_context * | ssl, | |
unsigned char * | buf, | |||
size_t * | olen | |||
) | [static] |
Definition at line 1476 of file ssl_srv.c.
References _ssl_context::handshake, _ssl_handshake_params::new_session_ticket, SSL_DEBUG_MSG, and TLS_EXT_SESSION_TICKET.
Referenced by ssl_write_server_hello().
static void ssl_write_supported_point_formats_ext | ( | ssl_context * | ssl, | |
unsigned char * | buf, | |||
size_t * | olen | |||
) | [static] |
Definition at line 1557 of file ssl_srv.c.
References _ssl_handshake_params::cli_exts, _ssl_context::handshake, POLARSSL_ECP_PF_UNCOMPRESSED, SSL_DEBUG_MSG, TLS_EXT_SUPPORTED_POINT_FORMATS, and TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT.
Referenced by ssl_write_server_hello().
static int ssl_write_ticket | ( | ssl_context * | ssl, | |
size_t * | tlen | |||
) | [static] |
Definition at line 173 of file ssl_srv.c.
References aes_crypt_cbc(), AES_ENCRYPT, _ssl_ticket_keys::enc, _ssl_context::f_rng, iv, _ssl_ticket_keys::key_name, _ssl_ticket_keys::mac_key, _ssl_context::out_ctr, _ssl_context::out_msg, _ssl_context::p_rng, POLARSSL_ERR_SSL_BAD_INPUT_DATA, POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE, _ssl_context::session_negotiate, sha256_hmac(), SSL_DEBUG_BUF, SSL_MAX_CONTENT_LEN, ssl_save_session(), and _ssl_context::ticket_keys.
Referenced by ssl_write_new_session_ticket().
static void ssl_write_truncated_hmac_ext | ( | ssl_context * | ssl, | |
unsigned char * | buf, | |||
size_t * | olen | |||
) | [static] |
Definition at line 1451 of file ssl_srv.c.
References _ssl_context::session_negotiate, SSL_DEBUG_MSG, SSL_TRUNC_HMAC_DISABLED, TLS_EXT_TRUNCATED_HMAC, and _ssl_session::trunc_hmac.
Referenced by ssl_write_server_hello().