36 #if defined(POLARSSL_SSL_TLS_C)
41 #if defined(POLARSSL_MEMORY_C)
44 #define polarssl_malloc malloc
45 #define polarssl_free free
50 #if defined _MSC_VER && !defined strcasecmp
51 #define strcasecmp _stricmp
54 #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
78 #if defined(POLARSSL_X509_CRT_PARSE_C)
99 #if defined(POLARSSL_SSL_SESSION_TICKETS)
113 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
115 const unsigned char *key_enc,
const unsigned char *key_dec,
117 const unsigned char *iv_enc,
const unsigned char *iv_dec,
119 const unsigned char *mac_enc,
const unsigned char *mac_dec,
120 size_t maclen) = NULL;
121 int (*ssl_hw_record_activate)(
ssl_context *ssl,
int direction) = NULL;
122 int (*ssl_hw_record_reset)(
ssl_context *ssl) = NULL;
123 int (*ssl_hw_record_write)(
ssl_context *ssl) = NULL;
124 int (*ssl_hw_record_read)(
ssl_context *ssl) = NULL;
125 int (*ssl_hw_record_finish)(
ssl_context *ssl) = NULL;
131 #if defined(POLARSSL_SSL_PROTO_SSL3)
132 static int ssl3_prf(
const unsigned char *secret,
size_t slen,
134 const unsigned char *random,
size_t rlen,
135 unsigned char *dstbuf,
size_t dlen )
140 unsigned char padding[16];
141 unsigned char sha1sum[20];
152 for( i = 0; i < dlen / 16; i++ )
154 memset( padding, (
unsigned char) (
'A' + i), 1 + i );
168 memset( &md5, 0,
sizeof( md5 ) );
169 memset( &sha1, 0,
sizeof( sha1 ) );
171 memset( padding, 0,
sizeof( padding ) );
172 memset( sha1sum, 0,
sizeof( sha1sum ) );
178 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1)
179 static int tls1_prf(
const unsigned char *secret,
size_t slen,
181 const unsigned char *random,
size_t rlen,
182 unsigned char *dstbuf,
size_t dlen )
186 const unsigned char *S1, *S2;
187 unsigned char tmp[128];
188 unsigned char h_i[20];
190 if(
sizeof( tmp ) < 20 + strlen( label ) + rlen )
193 hs = ( slen + 1 ) / 2;
195 S2 = secret + slen - hs;
197 nb = strlen( label );
198 memcpy( tmp + 20, label, nb );
199 memcpy( tmp + 20 + nb, random, rlen );
205 md5_hmac( S1, hs, tmp + 20, nb, 4 + tmp );
207 for( i = 0; i < dlen; i += 16 )
209 md5_hmac( S1, hs, 4 + tmp, 16 + nb, h_i );
210 md5_hmac( S1, hs, 4 + tmp, 16, 4 + tmp );
212 k = ( i + 16 > dlen ) ? dlen % 16 : 16;
214 for( j = 0; j < k; j++ )
215 dstbuf[i + j] = h_i[j];
223 for( i = 0; i < dlen; i += 20 )
228 k = ( i + 20 > dlen ) ? dlen % 20 : 20;
230 for( j = 0; j < k; j++ )
231 dstbuf[i + j] = (
unsigned char)( dstbuf[i + j] ^ h_i[j] );
234 memset( tmp, 0,
sizeof( tmp ) );
235 memset( h_i, 0,
sizeof( h_i ) );
241 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
242 #if defined(POLARSSL_SHA256_C)
243 static int tls_prf_sha256(
const unsigned char *secret,
size_t slen,
245 const unsigned char *random,
size_t rlen,
246 unsigned char *dstbuf,
size_t dlen )
250 unsigned char tmp[128];
251 unsigned char h_i[32];
253 if(
sizeof( tmp ) < 32 + strlen( label ) + rlen )
256 nb = strlen( label );
257 memcpy( tmp + 32, label, nb );
258 memcpy( tmp + 32 + nb, random, rlen );
266 for( i = 0; i < dlen; i += 32 )
271 k = ( i + 32 > dlen ) ? dlen % 32 : 32;
273 for( j = 0; j < k; j++ )
274 dstbuf[i + j] = h_i[j];
277 memset( tmp, 0,
sizeof( tmp ) );
278 memset( h_i, 0,
sizeof( h_i ) );
284 #if defined(POLARSSL_SHA512_C)
285 static int tls_prf_sha384(
const unsigned char *secret,
size_t slen,
287 const unsigned char *random,
size_t rlen,
288 unsigned char *dstbuf,
size_t dlen )
292 unsigned char tmp[128];
293 unsigned char h_i[48];
295 if(
sizeof( tmp ) < 48 + strlen( label ) + rlen )
298 nb = strlen( label );
299 memcpy( tmp + 48, label, nb );
300 memcpy( tmp + 48 + nb, random, rlen );
308 for( i = 0; i < dlen; i += 48 )
313 k = ( i + 48 > dlen ) ? dlen % 48 : 48;
315 for( j = 0; j < k; j++ )
316 dstbuf[i + j] = h_i[j];
319 memset( tmp, 0,
sizeof( tmp ) );
320 memset( h_i, 0,
sizeof( h_i ) );
327 static void ssl_update_checksum_start(
ssl_context *,
const unsigned char *,
size_t);
329 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
330 defined(POLARSSL_SSL_PROTO_TLS1_1)
331 static void ssl_update_checksum_md5sha1(
ssl_context *,
const unsigned char *,
size_t);
334 #if defined(POLARSSL_SSL_PROTO_SSL3)
335 static void ssl_calc_verify_ssl(
ssl_context *,
unsigned char *);
336 static void ssl_calc_finished_ssl(
ssl_context *,
unsigned char *,
int);
339 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1)
340 static void ssl_calc_verify_tls(
ssl_context *,
unsigned char *);
341 static void ssl_calc_finished_tls(
ssl_context *,
unsigned char *,
int);
344 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
345 #if defined(POLARSSL_SHA256_C)
346 static void ssl_update_checksum_sha256(
ssl_context *,
const unsigned char *,
size_t);
347 static void ssl_calc_verify_tls_sha256(
ssl_context *,
unsigned char *);
348 static void ssl_calc_finished_tls_sha256(
ssl_context *,
unsigned char *,
int);
351 #if defined(POLARSSL_SHA512_C)
352 static void ssl_update_checksum_sha384(
ssl_context *,
const unsigned char *,
size_t);
353 static void ssl_calc_verify_tls_sha384(
ssl_context *,
unsigned char *);
354 static void ssl_calc_finished_tls_sha384(
ssl_context *,
unsigned char *,
int);
361 unsigned char tmp[64];
362 unsigned char keyblk[256];
365 unsigned char *mac_enc;
366 unsigned char *mac_dec;
378 if( cipher_info == NULL )
386 if( md_info == NULL )
396 #if defined(POLARSSL_SSL_PROTO_SSL3)
405 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1)
414 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
415 #if defined(POLARSSL_SHA512_C)
419 handshake->
tls_prf = tls_prf_sha384;
420 handshake->
calc_verify = ssl_calc_verify_tls_sha384;
425 #if defined(POLARSSL_SHA256_C)
428 handshake->
tls_prf = tls_prf_sha256;
429 handshake->
calc_verify = ssl_calc_verify_tls_sha256;
450 if( handshake->
resume == 0 )
468 memcpy( handshake->
randbytes, tmp + 32, 32 );
469 memcpy( handshake->
randbytes + 32, tmp, 32 );
470 memset( tmp, 0,
sizeof( tmp ) );
504 transform->
ivlen = 12;
528 #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
553 SSL_DEBUG_MSG( 3, (
"keylen: %d, minlen: %d, ivlen: %d, maclen: %d",
562 key1 = keyblk + transform->
maclen * 2;
563 key2 = keyblk + transform->
maclen * 2 + transform->
keylen;
566 mac_dec = keyblk + transform->
maclen;
573 memcpy( transform->
iv_enc, key2 + transform->
keylen, iv_copy_len );
574 memcpy( transform->
iv_dec, key2 + transform->
keylen + iv_copy_len,
579 key1 = keyblk + transform->
maclen * 2 + transform->
keylen;
580 key2 = keyblk + transform->
maclen * 2;
582 mac_enc = keyblk + transform->
maclen;
590 memcpy( transform->
iv_dec, key1 + transform->
keylen, iv_copy_len );
591 memcpy( transform->
iv_enc, key1 + transform->
keylen + iv_copy_len,
595 #if defined(POLARSSL_SSL_PROTO_SSL3)
603 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
604 defined(POLARSSL_SSL_PROTO_TLS1_2)
617 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
618 if( ssl_hw_record_init != NULL)
624 if( ( ret = ssl_hw_record_init( ssl, key1, key2, transform->
keylen,
628 transform->
maclen ) ) != 0 )
636 switch( cipher_info->
type )
648 cipher_info ) ) != 0 )
655 cipher_info ) ) != 0 )
677 #if defined(POLARSSL_CIPHER_MODE_CBC)
704 memset( keyblk, 0,
sizeof( keyblk ) );
706 #if defined(POLARSSL_ZLIB_SUPPORT)
711 if( ssl->compress_buf == NULL )
715 if( ssl->compress_buf == NULL )
725 memset( &transform->ctx_deflate, 0,
sizeof( transform->ctx_deflate ) );
726 memset( &transform->ctx_inflate, 0,
sizeof( transform->ctx_inflate ) );
728 if( deflateInit( &transform->ctx_deflate, Z_DEFAULT_COMPRESSION ) != Z_OK ||
729 inflateInit( &transform->ctx_inflate ) != Z_OK )
742 #if defined(POLARSSL_SSL_PROTO_SSL3)
743 void ssl_calc_verify_ssl(
ssl_context *ssl,
unsigned char hash[36] )
747 unsigned char pad_1[48];
748 unsigned char pad_2[48];
755 memset( pad_1, 0x36, 48 );
756 memset( pad_2, 0x5C, 48 );
785 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1)
786 void ssl_calc_verify_tls(
ssl_context *ssl,
unsigned char hash[36] )
806 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
807 #if defined(POLARSSL_SHA256_C)
808 void ssl_calc_verify_tls_sha256(
ssl_context *ssl,
unsigned char hash[32] )
824 #if defined(POLARSSL_SHA512_C)
825 void ssl_calc_verify_tls_sha384(
ssl_context *ssl,
unsigned char hash[48] )
842 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
855 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
858 if( end - p < 2 + (
int) ssl->
psk_len )
861 *(p++) = (
unsigned char)( ssl->
psk_len >> 8 );
862 *(p++) = (
unsigned char)( ssl->
psk_len );
867 #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
880 #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
886 if( end - p < 2 + (
int) len )
889 *(p++) = (
unsigned char)( len >> 8 );
890 *(p++) = (
unsigned char)( len );
903 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
910 p + 2, end - (p + 2),
917 *(p++) = (
unsigned char)( zlen >> 8 );
918 *(p++) = (
unsigned char)( zlen );
931 *(p++) = (
unsigned char)( ssl->
psk_len >> 8 );
932 *(p++) = (
unsigned char)( ssl->
psk_len );
942 #if defined(POLARSSL_SSL_PROTO_SSL3)
946 static void ssl_mac(
md_context_t *md_ctx,
unsigned char *secret,
947 unsigned char *buf,
size_t len,
948 unsigned char *ctr,
int type )
950 unsigned char header[11];
951 unsigned char padding[48];
963 memcpy( header, ctr, 8 );
964 header[ 8] = (
unsigned char) type;
965 header[ 9] = (
unsigned char)( len >> 8 );
966 header[10] = (
unsigned char)( len );
968 memset( padding, 0x36, padlen );
976 memset( padding, 0x5C, padlen );
997 #if defined(POLARSSL_SSL_PROTO_SSL3)
1007 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
1008 defined(POLARSSL_SSL_PROTO_TLS1_2)
1030 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
1037 #if defined(POLARSSL_ARC4_C)
1044 "including %d bytes of padding",
1074 SSL_DEBUG_MSG( 1, (
"total encrypted length incorrect %d %d",
1081 ssl->
out_msg + olen, &olen ) ) != 0 )
1089 SSL_DEBUG_MSG( 1, (
"total encrypted length incorrect %d %d",
1097 #if defined(POLARSSL_GCM_C)
1101 size_t enc_msglen, olen, totlen;
1102 unsigned char *enc_msg;
1103 unsigned char add_data[13];
1108 memcpy( add_data, ssl->
out_ctr, 8 );
1112 add_data[11] = ( ssl->
out_msglen >> 8 ) & 0xFF;
1143 "including %d bytes of padding",
1161 add_data, 13 ) ) != 0 )
1167 enc_msg, enc_msglen,
1168 enc_msg, &olen ) ) != 0 )
1175 enc_msg + olen, &olen ) ) != 0 )
1181 if( totlen != enc_msglen )
1193 enc_msg + enc_msglen, 16 ) ) != 0 )
1198 SSL_DEBUG_BUF( 4,
"after encrypt: tag", enc_msg + enc_msglen, 16 );
1202 #if defined(POLARSSL_CIPHER_MODE_CBC)
1207 unsigned char *enc_msg;
1208 size_t enc_msglen, padlen, olen = 0;
1215 for( i = 0; i <= padlen; i++ )
1223 #if defined(POLARSSL_SSL_PROTO_TLS1_1) || defined(POLARSSL_SSL_PROTO_TLS1_2)
1251 "including %d bytes of IV and %d bytes of padding",
1272 enc_msg, enc_msglen, enc_msg,
1282 enc_msg + olen, &olen ) ) != 0 )
1288 if( enc_msglen != olen )
1290 SSL_DEBUG_MSG( 1, (
"total encrypted length incorrect %d %d",
1291 enc_msglen, olen ) );
1296 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1)
1315 for( i = 8; i > 0; i-- )
1316 if( ++ssl->
out_ctr[i - 1] != 0 )
1324 #define POLARSSL_SSL_MAX_MAC_SIZE 48
1328 size_t i, padlen = 0, correct = 1;
1329 unsigned char tmp[POLARSSL_SSL_MAX_MAC_SIZE];
1340 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
1347 #if defined(POLARSSL_ARC4_C)
1385 ssl->
in_msg + olen, &olen ) ) != 0 )
1400 #if defined(POLARSSL_GCM_C)
1404 unsigned char *dec_msg;
1405 unsigned char *dec_msg_result;
1406 size_t dec_msglen, olen, totlen;
1407 unsigned char add_data[13];
1416 dec_msg_result = ssl->
in_msg;
1419 memcpy( add_data, ssl->
in_ctr, 8 );
1423 add_data[11] = ( ssl->
in_msglen >> 8 ) & 0xFF;
1449 add_data, 13 ) ) != 0 )
1455 dec_msg, dec_msglen,
1456 dec_msg_result, &olen ) ) != 0 )
1463 dec_msg_result + olen, &olen ) ) != 0 )
1469 if( totlen != dec_msglen )
1479 dec_msg + dec_msglen, 16 ) ) != 0 )
1488 #if defined(POLARSSL_CIPHER_MODE_CBC)
1496 unsigned char *dec_msg;
1497 unsigned char *dec_msg_result;
1512 #if defined(POLARSSL_SSL_PROTO_TLS1_1) || defined(POLARSSL_SSL_PROTO_TLS1_2)
1520 SSL_DEBUG_MSG( 1, (
"msglen (%d) < max( ivlen(%d), maclen (%d) + 1 ) ( + expl IV )",
1527 dec_msg_result = ssl->
in_msg;
1529 #if defined(POLARSSL_SSL_PROTO_TLS1_1) || defined(POLARSSL_SSL_PROTO_TLS1_2)
1558 dec_msg, dec_msglen, dec_msg_result,
1567 dec_msg_result + olen, &olen ) ) != 0 )
1573 if( dec_msglen != olen )
1580 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1)
1596 #if defined(POLARSSL_SSL_DEBUG_ALL)
1597 SSL_DEBUG_MSG( 1, (
"msglen (%d) < maclen (%d) + padlen (%d)",
1604 #if defined(POLARSSL_SSL_PROTO_SSL3)
1609 #if defined(POLARSSL_SSL_DEBUG_ALL)
1611 "should be no more than %d",
1619 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
1620 defined(POLARSSL_SSL_PROTO_TLS1_2)
1627 size_t pad_count = 0, real_count = 1;
1628 size_t padding_idx = ssl->
in_msglen - padlen - 1;
1630 for( i = 1; i <= 256; i++ )
1632 real_count &= ( i <= padlen );
1633 pad_count += real_count *
1634 ( ssl->
in_msg[padding_idx + i] == padlen - 1 );
1637 correct &= ( pad_count == padlen );
1639 #if defined(POLARSSL_SSL_DEBUG_ALL)
1640 if( padlen > 0 && correct == 0)
1643 padlen &= correct * 0x1FF;
1673 #if defined(POLARSSL_SSL_PROTO_SSL3)
1683 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
1684 defined(POLARSSL_SSL_PROTO_TLS1_2)
1700 size_t j, extra_run = 0;
1701 extra_run = ( 13 + ssl->
in_msglen + padlen + 8 ) / 64 -
1704 extra_run &= correct * 0xFF;
1711 for( j = 0; j < extra_run; j++ )
1731 #if defined(POLARSSL_SSL_DEBUG_ALL)
1754 "messages, possible DoS attack" ) );
1761 for( i = 8; i > 0; i-- )
1762 if( ++ssl->
in_ctr[i - 1] != 0 )
1770 #if defined(POLARSSL_ZLIB_SUPPORT)
1777 unsigned char *msg_post = ssl->
out_msg;
1779 unsigned char *msg_pre = ssl->compress_buf;
1786 memcpy( msg_pre, ssl->
out_msg, len_pre );
1799 ret = deflate( &ssl->
transform_out->ctx_deflate, Z_SYNC_FLUSH );
1802 SSL_DEBUG_MSG( 1, (
"failed to perform compression (%d)", ret ) );
1822 unsigned char *msg_post = ssl->
in_msg;
1824 unsigned char *msg_pre = ssl->compress_buf;
1831 memcpy( msg_pre, ssl->
in_msg, len_pre );
1844 ret = inflate( &ssl->
transform_in->ctx_inflate, Z_SYNC_FLUSH );
1847 SSL_DEBUG_MSG( 1, (
"failed to perform decompression (%d)", ret ) );
1875 while( ssl->
in_left < nb_want )
1941 ssl->
out_msg[1] = (
unsigned char)( ( len - 4 ) >> 16 );
1942 ssl->
out_msg[2] = (
unsigned char)( ( len - 4 ) >> 8 );
1943 ssl->
out_msg[3] = (
unsigned char)( ( len - 4 ) );
1948 #if defined(POLARSSL_ZLIB_SUPPORT)
1952 if( ( ret = ssl_compress_buf( ssl ) ) != 0 )
1962 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
1963 if( ssl_hw_record_write != NULL)
1967 ret = ssl_hw_record_write( ssl );
1983 ssl->
out_hdr[3] = (
unsigned char)( len >> 8 );
1984 ssl->
out_hdr[4] = (
unsigned char)( len );
1988 if( ( ret = ssl_encrypt_buf( ssl ) ) != 0 )
1995 ssl->
out_hdr[3] = (
unsigned char)( len >> 8 );
1996 ssl->
out_hdr[4] = (
unsigned char)( len );
2002 "version = [%d:%d], msglen = %d",
2045 " %d, type = %d, hslen = %d",
2080 "version = [%d:%d], msglen = %d",
2116 #if defined(POLARSSL_SSL_PROTO_SSL3)
2125 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
2126 defined(POLARSSL_SSL_PROTO_TLS1_2)
2151 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
2152 if( ssl_hw_record_read != NULL)
2156 ret = ssl_hw_record_read( ssl );
2169 if( ( ret = ssl_decrypt_buf( ssl ) ) != 0 )
2171 #if defined(POLARSSL_SSL_ALERT_MESSAGES)
2193 #if defined(POLARSSL_ZLIB_SUPPORT)
2197 if( ( ret = ssl_decompress_buf( ssl ) ) != 0 )
2231 " %d, type = %d, hslen = %d",
2302 unsigned char level,
2303 unsigned char message )
2328 #if !defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \
2329 !defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
2330 !defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
2331 !defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
2399 #if defined(POLARSSL_SSL_PROTO_SSL3)
2440 while( crt != NULL )
2450 ssl->
out_msg[i ] = (
unsigned char)( n >> 16 );
2451 ssl->
out_msg[i + 1] = (
unsigned char)( n >> 8 );
2452 ssl->
out_msg[i + 2] = (
unsigned char)( n );
2454 i += 3; memcpy( ssl->
out_msg + i, crt->
raw.
p, n );
2455 i += n; crt = crt->
next;
2458 ssl->
out_msg[4] = (
unsigned char)( ( i - 7 ) >> 16 );
2459 ssl->
out_msg[5] = (
unsigned char)( ( i - 7 ) >> 8 );
2460 ssl->
out_msg[6] = (
unsigned char)( ( i - 7 ) );
2466 #if defined(POLARSSL_SSL_PROTO_SSL3)
2517 #if defined(POLARSSL_SSL_PROTO_SSL3)
2540 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
2541 defined(POLARSSL_SSL_PROTO_TLS1_2)
2548 memcmp( ssl->
in_msg + 4,
"\0\0\0", 3 ) == 0 )
2604 while( i < ssl->in_hslen )
2606 if( ssl->
in_msg[i] != 0 )
2612 n = ( (
unsigned int) ssl->
in_msg[i + 1] << 8 )
2613 | (
unsigned int) ssl->
in_msg[i + 2];
2616 if( n < 128 || i + n > ssl->
in_hslen )
2720 ((void) ciphersuite_info);
2722 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
2723 defined(POLARSSL_SSL_PROTO_TLS1_1)
2728 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
2729 #if defined(POLARSSL_SHA512_C)
2734 #if defined(POLARSSL_SHA256_C)
2744 static void ssl_update_checksum_start(
ssl_context *ssl,
2745 const unsigned char *buf,
size_t len )
2747 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
2748 defined(POLARSSL_SSL_PROTO_TLS1_1)
2752 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
2753 #if defined(POLARSSL_SHA256_C)
2756 #if defined(POLARSSL_SHA512_C)
2762 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
2763 defined(POLARSSL_SSL_PROTO_TLS1_1)
2764 static void ssl_update_checksum_md5sha1(
ssl_context *ssl,
2765 const unsigned char *buf,
size_t len )
2772 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
2773 #if defined(POLARSSL_SHA256_C)
2774 static void ssl_update_checksum_sha256(
ssl_context *ssl,
2775 const unsigned char *buf,
size_t len )
2781 #if defined(POLARSSL_SHA512_C)
2782 static void ssl_update_checksum_sha384(
ssl_context *ssl,
2783 const unsigned char *buf,
size_t len )
2790 #if defined(POLARSSL_SSL_PROTO_SSL3)
2791 static void ssl_calc_finished_ssl(
2798 unsigned char padbuf[48];
2799 unsigned char md5sum[16];
2800 unsigned char sha1sum[20];
2820 #if !defined(POLARSSL_MD5_ALT)
2825 #if !defined(POLARSSL_SHA1_ALT)
2833 memset( padbuf, 0x36, 48 );
2835 md5_update( &md5, (
const unsigned char *) sender, 4 );
2840 sha1_update( &sha1, (
const unsigned char *) sender, 4 );
2845 memset( padbuf, 0x5C, 48 );
2864 memset( padbuf, 0,
sizeof( padbuf ) );
2865 memset( md5sum, 0,
sizeof( md5sum ) );
2866 memset( sha1sum, 0,
sizeof( sha1sum ) );
2872 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1)
2873 static void ssl_calc_finished_tls(
2880 unsigned char padbuf[36];
2897 #if !defined(POLARSSL_MD5_ALT)
2902 #if !defined(POLARSSL_SHA1_ALT)
2909 :
"server finished";
2915 padbuf, 36, buf, len );
2922 memset( padbuf, 0,
sizeof( padbuf ) );
2928 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
2929 #if defined(POLARSSL_SHA256_C)
2930 static void ssl_calc_finished_tls_sha256(
2936 unsigned char padbuf[32];
2952 #if !defined(POLARSSL_SHA256_ALT)
2959 :
"server finished";
2964 padbuf, 32, buf, len );
2970 memset( padbuf, 0,
sizeof( padbuf ) );
2976 #if defined(POLARSSL_SHA512_C)
2977 static void ssl_calc_finished_tls_sha384(
2983 unsigned char padbuf[48];
2999 #if !defined(POLARSSL_SHA512_ALT)
3000 SSL_DEBUG_BUF( 4,
"finished sha512 state", (
unsigned char *)
3006 :
"server finished";
3011 padbuf, 48, buf, len );
3017 memset( padbuf, 0,
sizeof( padbuf ) );
3118 SSL_DEBUG_MSG( 3, (
"switching to new transform spec for outbound data" ) );
3123 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
3124 if( ssl_hw_record_activate != NULL)
3126 if( ( ret = ssl_hw_record_activate( ssl, SSL_CHANNEL_OUTBOUND ) ) != 0 )
3148 unsigned int hash_len;
3149 unsigned char buf[36];
3158 SSL_DEBUG_MSG( 3, (
"switching to new transform spec for inbound data" ) );
3161 memset( ssl->
in_ctr, 0, 8 );
3174 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
3175 if( ssl_hw_record_activate != NULL)
3177 if( ( ret = ssl_hw_record_activate( ssl, SSL_CHANNEL_INBOUND ) ) != 0 )
3207 if( memcmp( ssl->
in_msg + 4, buf, hash_len ) != 0 )
3262 SSL_DEBUG_MSG( 1, (
"malloc() of ssl sub-contexts failed" ) );
3270 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
3271 defined(POLARSSL_SSL_PROTO_TLS1_1)
3275 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
3276 #if defined(POLARSSL_SHA256_C)
3279 #if defined(POLARSSL_SHA512_C)
3287 #if defined(POLARSSL_ECDH_C)
3314 #if defined(POLARSSL_DHM_C)
3333 if( ssl->
in_ctr == NULL )
3354 #if defined(POLARSSL_SSL_SESSION_TICKETS)
3358 if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
3402 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
3403 if( ssl_hw_record_reset != NULL)
3406 if( ( ret = ssl_hw_record_reset( ssl ) ) != 0 )
3428 if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
3434 #if defined(POLARSSL_SSL_SESSION_TICKETS)
3438 static int ssl_ticket_keys_init(
ssl_context *ssl )
3442 unsigned char buf[16];
3454 if( ( ret = ssl->
f_rng( ssl->
p_rng, buf, 16 ) ) != 0 ||
3477 #if defined(POLARSSL_SSL_SESSION_TICKETS)
3488 #if defined(POLARSSL_X509_CRT_PARSE_C)
3490 int (*f_vrfy)(
void *,
x509_crt *,
int,
int *),
3499 int (*f_rng)(
void *,
unsigned char *,
size_t),
3507 void (*f_dbg)(
void *,
int,
const char *),
3515 int (*f_recv)(
void *,
unsigned char *,
size_t),
void *p_recv,
3516 int (*f_send)(
void *,
const unsigned char *,
size_t),
void *p_send )
3525 int (*f_get_cache)(
void *,
ssl_session *),
void *p_get_cache,
3526 int (*f_set_cache)(
void *,
const ssl_session *),
void *p_set_cache )
3563 int major,
int minor )
3574 #if defined(POLARSSL_X509_CRT_PARSE_C)
3581 if( key_cert == NULL )
3592 while( last->
next != NULL )
3594 last->
next = key_cert;
3601 x509_crl *ca_crl,
const char *peer_cn )
3613 if( key_cert == NULL )
3616 key_cert->
cert = own_cert;
3617 key_cert->
key = pk_key;
3622 #if defined(POLARSSL_RSA_C)
3629 if( key_cert == NULL )
3633 if( key_cert->
key == NULL )
3645 key_cert->
cert = own_cert;
3661 if( key_cert == NULL )
3665 if( key_cert->
key == NULL )
3671 rsa_decrypt, rsa_sign, rsa_key_len ) ) != 0 )
3674 key_cert->
cert = own_cert;
3681 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
3683 const unsigned char *psk_identity,
size_t psk_identity_len )
3685 if( psk == NULL || psk_identity == NULL )
3688 if( ssl->
psk != NULL )
3710 int (*f_psk)(
void *,
ssl_context *,
const unsigned char *,
3719 #if defined(POLARSSL_DHM_C)
3759 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
3762 if( hostname == NULL )
3775 memcpy( ssl->
hostname, (
const unsigned char *) hostname,
3785 const unsigned char *,
size_t),
3813 #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
3816 if( mfl_code >=
sizeof( mfl_code_to_length ) ||
3828 #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
3850 #if defined(POLARSSL_SSL_SESSION_TICKETS)
3858 if( ssl->
f_rng == NULL )
3861 return( ssl_ticket_keys_init( ssl ) );
3885 if( ssl == NULL || ssl->
session == NULL )
3896 return(
"SSLv3.0" );
3899 return(
"TLSv1.0" );
3902 return(
"TLSv1.1" );
3905 return(
"TLSv1.2" );
3910 return(
"unknown" );
3913 #if defined(POLARSSL_X509_CRT_PARSE_C)
3916 if( ssl == NULL || ssl->
session == NULL )
3933 return( ssl_session_copy( dst, ssl->
session ) );
3943 #if defined(POLARSSL_SSL_CLI_C)
3948 #if defined(POLARSSL_SSL_SRV_C)
3965 #if defined(POLARSSL_X509_CRT_PARSE_C)
3997 if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
4065 SSL_DEBUG_MSG( 1, (
"handshake received (not HelloRequest)" ) );
4073 SSL_DEBUG_MSG( 3, (
"ignoring renegotiation, sending alert" ) );
4075 #if defined(POLARSSL_SSL_PROTO_SSL3)
4086 #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
4087 defined(POLARSSL_SSL_PROTO_TLS1_2)
4127 memcpy( buf, ssl->
in_offt, n );
4162 #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
4166 max_len = mfl_code_to_length[ssl->
mfl_code];
4178 n = ( len < max_len) ? len : max_len;
4192 memcpy( ssl->
out_msg, buf, n );
4238 #if defined(POLARSSL_ZLIB_SUPPORT)
4239 deflateEnd( &transform->ctx_deflate );
4240 inflateEnd( &transform->ctx_inflate );
4252 #if defined(POLARSSL_X509_CRT_PARSE_C)
4253 static void ssl_key_cert_free(
ssl_key_cert *key_cert )
4257 while( cur != NULL )
4275 #if defined(POLARSSL_DHM_C)
4278 #if defined(POLARSSL_ECDH_C)
4282 #if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
4287 #if defined(POLARSSL_X509_CRT_PARSE_C) && \
4288 defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
4297 while( cur != NULL )
4311 #if defined(POLARSSL_X509_CRT_PARSE_C)
4319 #if defined(POLARSSL_SSL_SESSION_TICKETS)
4339 if( ssl->
in_ctr != NULL )
4345 #if defined(POLARSSL_ZLIB_SUPPORT)
4346 if( ssl->compress_buf != NULL )
4353 #if defined(POLARSSL_DHM_C)
4381 #if defined(POLARSSL_SSL_SESSION_TICKETS)
4385 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
4394 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
4395 if( ssl->
psk != NULL )
4406 #if defined(POLARSSL_X509_CRT_PARSE_C)
4407 ssl_key_cert_free( ssl->
key_cert );
4410 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
4411 if( ssl_hw_record_finish != NULL )
4414 ssl_hw_record_finish( ssl );
4424 #if defined(POLARSSL_PK_C)
4430 #if defined(POLARSSL_RSA_C)
4434 #if defined(POLARSSL_ECDSA_C)
4445 #if defined(POLARSSL_RSA_C)
4449 #if defined(POLARSSL_ECDSA_C)
4466 #if defined(POLARSSL_MD5_C)
4470 #if defined(POLARSSL_SHA1_C)
4474 #if defined(POLARSSL_SHA256_C)
4480 #if defined(POLARSSL_SHA512_C)