NCBI C++ ToolKit
Functions
ssl_srv.c File Reference
#include "common.h"
#include "mbedtls/platform.h"
#include "mbedtls/ssl.h"
#include "mbedtls/ssl_internal.h"
#include "mbedtls/debug.h"
#include "mbedtls/error.h"
#include "mbedtls/platform_util.h"
#include "constant_time_internal.h"
#include "mbedtls/constant_time.h"
#include <string.h>
#include "mbedtls/ecp.h"
#include "mbedtls/platform_time.h"
+ Include dependency graph for ssl_srv.c:

Go to the source code of this file.

Go to the SVN repository for this file.

Functions

int mbedtls_ssl_set_client_transport_id_ncbicxx_2_28_3 (mbedtls_ssl_context *ssl, const unsigned char *info, size_t ilen)
 
void mbedtls_ssl_conf_dtls_cookies_ncbicxx_2_28_3 (mbedtls_ssl_config *conf, mbedtls_ssl_cookie_write_t *f_cookie_write, mbedtls_ssl_cookie_check_t *f_cookie_check, void *p_cookie)
 
static int ssl_parse_servername_ext (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 
static int ssl_parse_renegotiation_info (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 
static int ssl_parse_supported_elliptic_curves (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 
static int ssl_parse_supported_point_formats (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 
static int ssl_parse_max_fragment_length_ext (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 
static int ssl_parse_truncated_hmac_ext (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 
static int ssl_parse_encrypt_then_mac_ext (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 
static int ssl_parse_extended_ms_ext (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 
static int ssl_parse_session_ticket_ext (mbedtls_ssl_context *ssl, unsigned char *buf, size_t len)
 
static int ssl_parse_alpn_ext (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 
static int ssl_check_key_curve (mbedtls_pk_context *pk, const mbedtls_ecp_curve_info **curves)
 
static int ssl_pick_cert (mbedtls_ssl_context *ssl, const mbedtls_ssl_ciphersuite_t *ciphersuite_info)
 
static int ssl_ciphersuite_match (mbedtls_ssl_context *ssl, int suite_id, const mbedtls_ssl_ciphersuite_t **ciphersuite_info)
 
static int ssl_parse_client_hello (mbedtls_ssl_context *ssl)
 
static void ssl_write_truncated_hmac_ext (mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen)
 
static void ssl_write_encrypt_then_mac_ext (mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen)
 
static void ssl_write_extended_ms_ext (mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen)
 
static void ssl_write_session_ticket_ext (mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen)
 
static void ssl_write_renegotiation_ext (mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen)
 
static void ssl_write_max_fragment_length_ext (mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen)
 
static void ssl_write_supported_point_formats_ext (mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen)
 
static void ssl_write_alpn_ext (mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen)
 
static int ssl_write_hello_verify_request (mbedtls_ssl_context *ssl)
 
static void ssl_handle_id_based_session_resumption (mbedtls_ssl_context *ssl)
 
static int ssl_write_server_hello (mbedtls_ssl_context *ssl)
 
static int ssl_write_certificate_request (mbedtls_ssl_context *ssl)
 
static int ssl_get_ecdh_params_from_cert (mbedtls_ssl_context *ssl)
 
static int ssl_prepare_server_key_exchange (mbedtls_ssl_context *ssl, size_t *signature_len)
 
static int ssl_write_server_key_exchange (mbedtls_ssl_context *ssl)
 
static int ssl_write_server_hello_done (mbedtls_ssl_context *ssl)
 
static int ssl_parse_client_dh_public (mbedtls_ssl_context *ssl, unsigned char **p, const unsigned char *end)
 
static int ssl_decrypt_encrypted_pms (mbedtls_ssl_context *ssl, const unsigned char *p, const unsigned char *end, unsigned char *peer_pms, size_t *peer_pmslen, size_t peer_pmssize)
 
static int ssl_parse_encrypted_pms (mbedtls_ssl_context *ssl, const unsigned char *p, const unsigned char *end, size_t pms_offset)
 
static int ssl_parse_client_key_exchange (mbedtls_ssl_context *ssl)
 
static int ssl_parse_certificate_verify (mbedtls_ssl_context *ssl)
 
static int ssl_write_new_session_ticket (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_handshake_server_step_ncbicxx_2_28_3 (mbedtls_ssl_context *ssl)
 

Function Documentation

◆ mbedtls_ssl_conf_dtls_cookies_ncbicxx_2_28_3()

void mbedtls_ssl_conf_dtls_cookies_ncbicxx_2_28_3 ( mbedtls_ssl_config conf,
mbedtls_ssl_cookie_write_t f_cookie_write,
mbedtls_ssl_cookie_check_t f_cookie_check,
void *  p_cookie 
)

Definition at line 65 of file ssl_srv.c.

◆ mbedtls_ssl_handshake_server_step_ncbicxx_2_28_3()

int mbedtls_ssl_handshake_server_step_ncbicxx_2_28_3 ( mbedtls_ssl_context ssl)

◆ mbedtls_ssl_set_client_transport_id_ncbicxx_2_28_3()

int mbedtls_ssl_set_client_transport_id_ncbicxx_2_28_3 ( mbedtls_ssl_context ssl,
const unsigned char *  info,
size_t  ilen 
)

◆ ssl_check_key_curve()

static int ssl_check_key_curve ( mbedtls_pk_context pk,
const mbedtls_ecp_curve_info **  curves 
)
static

Definition at line 873 of file ssl_srv.c.

References NULL, and while().

Referenced by ssl_pick_cert().

◆ ssl_ciphersuite_match()

static int ssl_ciphersuite_match ( mbedtls_ssl_context ssl,
int  suite_id,
const mbedtls_ssl_ciphersuite_t **  ciphersuite_info 
)
static

◆ ssl_decrypt_encrypted_pms()

static int ssl_decrypt_encrypted_pms ( mbedtls_ssl_context ssl,
const unsigned char *  p,
const unsigned char *  end,
unsigned char *  peer_pms,
size_t *  peer_pmslen,
size_t  peer_pmssize 
)
static

◆ ssl_get_ecdh_params_from_cert()

static int ssl_get_ecdh_params_from_cert ( mbedtls_ssl_context ssl)
static

◆ ssl_handle_id_based_session_resumption()

static void ssl_handle_id_based_session_resumption ( mbedtls_ssl_context ssl)
static

◆ ssl_parse_alpn_ext()

static int ssl_parse_alpn_ext ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static

◆ ssl_parse_certificate_verify()

static int ssl_parse_certificate_verify ( mbedtls_ssl_context ssl)
static

◆ ssl_parse_client_dh_public()

static int ssl_parse_client_dh_public ( mbedtls_ssl_context ssl,
unsigned char **  p,
const unsigned char *  end 
)
static

◆ ssl_parse_client_hello()

static int ssl_parse_client_hello ( mbedtls_ssl_context ssl)
static

Definition at line 1370 of file ssl_srv.c.

References mbedtls_ssl_config::allow_legacy_renegotiation, buf, mbedtls_ssl_session::ciphersuite, mbedtls_ssl_handshake_params::ciphersuite_info, mbedtls_ssl_config::ciphersuite_list, mbedtls_ssl_handshake_params::cli_exts, mbedtls_ssl_session::compression, mbedtls_ssl_context::conf, mbedtls_ssl_context::cur_out_ctr, mbedtls_ssl_context::handshake, i, mbedtls_ssl_session::id, mbedtls_ssl_session::id_len, if(), mbedtls_ssl_context::in_ctr, mbedtls_ssl_context::in_hdr, mbedtls_ssl_context::in_hslen, mbedtls_ssl_context::in_left, mbedtls_ssl_context::in_len, mbedtls_ssl_context::in_msg, mbedtls_ssl_context::major_ver, mbedtls_ssl_config::max_major_ver, mbedtls_ssl_handshake_params::max_major_ver, mbedtls_ssl_config::max_minor_ver, mbedtls_ssl_handshake_params::max_minor_ver, MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO, MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION, MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE, MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN, MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE, MBEDTLS_GET_UINT16_BE, MBEDTLS_MD_NONE, MBEDTLS_MD_SHA1, MBEDTLS_PK_NONE, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE, MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK, MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION, mbedtls_ssl_check_sig_hash, MBEDTLS_SSL_COMPRESS_DEFLATE, MBEDTLS_SSL_COMPRESS_NULL, MBEDTLS_SSL_DEBUG_BUF, MBEDTLS_SSL_DEBUG_MSG, MBEDTLS_SSL_DEBUG_RET, mbedtls_ssl_dtls_replay_check, mbedtls_ssl_dtls_replay_update, MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO, MBEDTLS_SSL_FALLBACK_SCSV_VALUE, mbedtls_ssl_fetch_input(), mbedtls_ssl_get_ciphersuite_sig_alg, mbedtls_ssl_hash_from_md_alg(), MBEDTLS_SSL_HS_CLIENT_HELLO, mbedtls_ssl_hs_hdr_len(), MBEDTLS_SSL_IN_CONTENT_LEN, mbedtls_ssl_in_hdr_len(), MBEDTLS_SSL_INITIAL_HANDSHAKE, MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, MBEDTLS_SSL_LEGACY_RENEGOTIATION, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MSG_HANDSHAKE, mbedtls_ssl_read_version(), mbedtls_ssl_recv_flight_completed, MBEDTLS_SSL_RENEGOTIATION, MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS, MBEDTLS_SSL_SECURE_RENEGOTIATION, mbedtls_ssl_send_alert_message(), mbedtls_ssl_sig_hash_set_const_hash, mbedtls_ssl_sig_hash_set_find, MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_TLS_EXT_ALPN, MBEDTLS_TLS_EXT_CID, MBEDTLS_TLS_EXT_ECJPAKE_KKPP, MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, MBEDTLS_TLS_EXT_SERVERNAME, MBEDTLS_TLS_EXT_SESSION_TICKET, MBEDTLS_TLS_EXT_SIG_ALG, MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES, MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT, MBEDTLS_TLS_EXT_TRUNCATED_HMAC, MBEDTLS_TLS_EXT_USE_SRTP, mbedtls_ssl_config::min_major_ver, mbedtls_ssl_config::min_minor_ver, mbedtls_ssl_context::minor_ver, mbedtls_ssl_ciphersuite_t::name, NULL, mbedtls_ssl_handshake_params::randbytes, mbedtls_ssl_context::secure_renegotiation, mbedtls_ssl_context::session_negotiate, ssl_ciphersuite_match(), ssl_parse_alpn_ext(), ssl_parse_encrypt_then_mac_ext(), ssl_parse_extended_ms_ext(), ssl_parse_max_fragment_length_ext(), ssl_parse_renegotiation_info(), ssl_parse_servername_ext(), ssl_parse_session_ticket_ext(), ssl_parse_supported_elliptic_curves(), ssl_parse_supported_point_formats(), ssl_parse_truncated_hmac_ext(), mbedtls_ssl_context::state, mbedtls_ssl_config::transport, and mbedtls_ssl_handshake_params::update_checksum.

Referenced by mbedtls_ssl_handshake_server_step_ncbicxx_2_28_3().

◆ ssl_parse_client_key_exchange()

static int ssl_parse_client_key_exchange ( mbedtls_ssl_context ssl)
static

Definition at line 3985 of file ssl_srv.c.

References mbedtls_ssl_handshake_params::ciphersuite_info, mbedtls_ssl_context::conf, mbedtls_ssl_config::f_rng, mbedtls_ssl_context::handshake, mbedtls_ssl_context::in_hslen, mbedtls_ssl_context::in_msg, mbedtls_ssl_context::in_msgtype, mbedtls_ssl_ciphersuite_t::key_exchange, mbedtls_dhm_calc_secret(), mbedtls_ecdh_calc_secret(), mbedtls_ecdh_read_public(), mbedtls_ecjpake_derive_secret(), mbedtls_ecjpake_read_round_two(), MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED, MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE, MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS, MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP, MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE, MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE, MBEDTLS_ERR_SSL_INTERNAL_ERROR, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_KEY_EXCHANGE_ECJPAKE, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_MPI_MAX_SIZE, MBEDTLS_PREMASTER_SIZE, MBEDTLS_SSL_DEBUG_ECDH, MBEDTLS_SSL_DEBUG_MPI, MBEDTLS_SSL_DEBUG_MSG, MBEDTLS_SSL_DEBUG_RET, mbedtls_ssl_derive_keys(), MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE, mbedtls_ssl_hs_hdr_len(), MBEDTLS_SSL_MSG_HANDSHAKE, mbedtls_ssl_psk_derive_premaster, mbedtls_ssl_read_record(), mbedtls_ssl_config::p_rng, mbedtls_ssl_handshake_params::pmslen, mbedtls_ssl_handshake_params::premaster, ssl_parse_client_dh_public(), ssl_parse_encrypted_pms(), and mbedtls_ssl_context::state.

Referenced by mbedtls_ssl_handshake_server_step_ncbicxx_2_28_3().

◆ ssl_parse_encrypt_then_mac_ext()

static int ssl_parse_encrypt_then_mac_ext ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static

◆ ssl_parse_encrypted_pms()

static int ssl_parse_encrypted_pms ( mbedtls_ssl_context ssl,
const unsigned char *  p,
const unsigned char *  end,
size_t  pms_offset 
)
static

◆ ssl_parse_extended_ms_ext()

static int ssl_parse_extended_ms_ext ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static

◆ ssl_parse_max_fragment_length_ext()

static int ssl_parse_max_fragment_length_ext ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static

◆ ssl_parse_renegotiation_info()

static int ssl_parse_renegotiation_info ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static

◆ ssl_parse_servername_ext()

static int ssl_parse_servername_ext ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static

◆ ssl_parse_session_ticket_ext()

static int ssl_parse_session_ticket_ext ( mbedtls_ssl_context ssl,
unsigned char *  buf,
size_t  len 
)
static

◆ ssl_parse_supported_elliptic_curves()

static int ssl_parse_supported_elliptic_curves ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static

◆ ssl_parse_supported_point_formats()

static int ssl_parse_supported_point_formats ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static

◆ ssl_parse_truncated_hmac_ext()

static int ssl_parse_truncated_hmac_ext ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static

◆ ssl_pick_cert()

static int ssl_pick_cert ( mbedtls_ssl_context ssl,
const mbedtls_ssl_ciphersuite_t ciphersuite_info 
)
static

◆ ssl_prepare_server_key_exchange()

static int ssl_prepare_server_key_exchange ( mbedtls_ssl_context ssl,
size_t *  signature_len 
)
static

◆ ssl_write_alpn_ext()

static void ssl_write_alpn_ext ( mbedtls_ssl_context ssl,
unsigned char *  buf,
size_t *  olen 
)
static

◆ ssl_write_certificate_request()

static int ssl_write_certificate_request ( mbedtls_ssl_context ssl)
static

◆ ssl_write_encrypt_then_mac_ext()

static void ssl_write_encrypt_then_mac_ext ( mbedtls_ssl_context ssl,
unsigned char *  buf,
size_t *  olen 
)
static

◆ ssl_write_extended_ms_ext()

static void ssl_write_extended_ms_ext ( mbedtls_ssl_context ssl,
unsigned char *  buf,
size_t *  olen 
)
static

◆ ssl_write_hello_verify_request()

static int ssl_write_hello_verify_request ( mbedtls_ssl_context ssl)
static

◆ ssl_write_max_fragment_length_ext()

static void ssl_write_max_fragment_length_ext ( mbedtls_ssl_context ssl,
unsigned char *  buf,
size_t *  olen 
)
static

◆ ssl_write_new_session_ticket()

static int ssl_write_new_session_ticket ( mbedtls_ssl_context ssl)
static

◆ ssl_write_renegotiation_ext()

static void ssl_write_renegotiation_ext ( mbedtls_ssl_context ssl,
unsigned char *  buf,
size_t *  olen 
)
static

◆ ssl_write_server_hello()

static int ssl_write_server_hello ( mbedtls_ssl_context ssl)
static

Definition at line 2746 of file ssl_srv.c.

References buf, mbedtls_ssl_session::ciphersuite, mbedtls_ssl_session::compression, mbedtls_ssl_context::conf, mbedtls_ssl_config::f_rng, mbedtls_ssl_context::handshake, mbedtls_ssl_session::id, mbedtls_ssl_session::id_len, mbedtls_ssl_context::major_ver, MBEDTLS_BYTE_0, MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED, MBEDTLS_ERR_SSL_NO_RNG, MBEDTLS_PRINTF_LONGLONG, MBEDTLS_PRINTF_SIZET, MBEDTLS_PUT_UINT16_BE, MBEDTLS_PUT_UINT32_BE, mbedtls_ssl_ciphersuite_from_id(), mbedtls_ssl_ciphersuite_uses_ec(), MBEDTLS_SSL_DEBUG_BUF, MBEDTLS_SSL_DEBUG_MSG, MBEDTLS_SSL_DEBUG_RET, mbedtls_ssl_derive_keys(), mbedtls_ssl_get_ciphersuite_name(), MBEDTLS_SSL_HS_SERVER_HELLO, MBEDTLS_SSL_MSG_HANDSHAKE, MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC, MBEDTLS_SSL_TRANSPORT_DATAGRAM, mbedtls_ssl_write_handshake_msg(), mbedtls_ssl_write_version(), mbedtls_time, mbedtls_ssl_context::minor_ver, n, NULL, mbedtls_ssl_context::out_msg, mbedtls_ssl_context::out_msglen, mbedtls_ssl_context::out_msgtype, mbedtls_ssl_config::p_rng, mbedtls_ssl_handshake_params::randbytes, mbedtls_ssl_handshake_params::resume, mbedtls_ssl_context::session_negotiate, ssl_handle_id_based_session_resumption(), ssl_write_alpn_ext(), ssl_write_encrypt_then_mac_ext(), ssl_write_extended_ms_ext(), ssl_write_hello_verify_request(), ssl_write_max_fragment_length_ext(), ssl_write_renegotiation_ext(), ssl_write_session_ticket_ext(), ssl_write_supported_point_formats_ext(), ssl_write_truncated_hmac_ext(), mbedtls_ssl_context::state, t, and mbedtls_ssl_config::transport.

Referenced by mbedtls_ssl_handshake_server_step_ncbicxx_2_28_3().

◆ ssl_write_server_hello_done()

static int ssl_write_server_hello_done ( mbedtls_ssl_context ssl)
static

◆ ssl_write_server_key_exchange()

static int ssl_write_server_key_exchange ( mbedtls_ssl_context ssl)
static

◆ ssl_write_session_ticket_ext()

static void ssl_write_session_ticket_ext ( mbedtls_ssl_context ssl,
unsigned char *  buf,
size_t *  olen 
)
static

◆ ssl_write_supported_point_formats_ext()

static void ssl_write_supported_point_formats_ext ( mbedtls_ssl_context ssl,
unsigned char *  buf,
size_t *  olen 
)
static

◆ ssl_write_truncated_hmac_ext()

static void ssl_write_truncated_hmac_ext ( mbedtls_ssl_context ssl,
unsigned char *  buf,
size_t *  olen 
)
static
Modified on Fri Mar 01 10:09:08 2024 by modify_doxy.py rev. 669887