23 #ifndef MBEDTLS_SSL_INTERNAL_H
24 #define MBEDTLS_SSL_INTERNAL_H
28 #if defined(MBEDTLS_MD5_C)
32 #if defined(MBEDTLS_SHA1_C)
36 #if defined(MBEDTLS_SHA256_C)
40 #if defined(MBEDTLS_SHA512_C)
44 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && !defined(inline)
45 #define inline __inline
49 #define MBEDTLS_SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3
51 #if defined(MBEDTLS_SSL_PROTO_SSL3)
52 #define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_0
54 #if defined(MBEDTLS_SSL_PROTO_TLS1)
55 #define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1
57 #if defined(MBEDTLS_SSL_PROTO_TLS1_1)
58 #define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2
60 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
61 #define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3
68 #define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3
70 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
71 #define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3
73 #if defined(MBEDTLS_SSL_PROTO_TLS1_1)
74 #define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2
76 #if defined(MBEDTLS_SSL_PROTO_TLS1)
77 #define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1
79 #if defined(MBEDTLS_SSL_PROTO_SSL3)
80 #define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_0
86 #define MBEDTLS_SSL_INITIAL_HANDSHAKE 0
87 #define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS 1
88 #define MBEDTLS_SSL_RENEGOTIATION_DONE 2
89 #define MBEDTLS_SSL_RENEGOTIATION_PENDING 3
99 #define MBEDTLS_SSL_RETRANS_PREPARING 0
100 #define MBEDTLS_SSL_RETRANS_SENDING 1
101 #define MBEDTLS_SSL_RETRANS_WAITING 2
102 #define MBEDTLS_SSL_RETRANS_FINISHED 3
110 #if defined(MBEDTLS_ZLIB_SUPPORT)
111 #define MBEDTLS_SSL_COMPRESSION_ADD 1024
113 #define MBEDTLS_SSL_COMPRESSION_ADD 0
116 #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_MODE_CBC)
118 #if defined(MBEDTLS_SHA512_C)
119 #define MBEDTLS_SSL_MAC_ADD 48
120 #elif defined(MBEDTLS_SHA256_C)
121 #define MBEDTLS_SSL_MAC_ADD 32
123 #define MBEDTLS_SSL_MAC_ADD 20
127 #define MBEDTLS_SSL_MAC_ADD 16
130 #if defined(MBEDTLS_CIPHER_MODE_CBC)
131 #define MBEDTLS_SSL_PADDING_ADD 256
133 #define MBEDTLS_SSL_PADDING_ADD 0
136 #define MBEDTLS_SSL_BUFFER_LEN ( MBEDTLS_SSL_MAX_CONTENT_LEN \
137 + MBEDTLS_SSL_COMPRESSION_ADD \
139 + MBEDTLS_SSL_MAC_ADD \
140 + MBEDTLS_SSL_PADDING_ADD \
148 #define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0)
165 #if defined(MBEDTLS_DHM_C)
168 #if defined(MBEDTLS_ECDH_C)
171 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
174 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
178 #if defined(MBEDTLS_X509_CRT_PARSE_C)
180 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
187 #if defined(MBEDTLS_SSL_PROTO_DTLS)
213 #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
214 defined(MBEDTLS_SSL_PROTO_TLS1_1)
218 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
219 #if defined(MBEDTLS_SHA256_C)
222 #if defined(MBEDTLS_SHA512_C)
230 int (*
tls_prf)(
const unsigned char *, size_t,
const char *,
231 const unsigned char *, size_t,
232 unsigned char *, size_t);
245 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
248 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
273 #if defined(MBEDTLS_SSL_PROTO_SSL3)
288 #if defined(MBEDTLS_ZLIB_SUPPORT)
289 z_stream ctx_deflate;
290 z_stream ctx_inflate;
294 #if defined(MBEDTLS_X509_CRT_PARSE_C)
306 #if defined(MBEDTLS_SSL_PROTO_DTLS)
363 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
367 #if defined(MBEDTLS_PK_C)
375 #if defined(MBEDTLS_ECP_C)
379 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED)
384 #if defined(MBEDTLS_X509_CRT_PARSE_C)
394 return( key_cert == NULL ? NULL : key_cert->
key );
406 return( key_cert == NULL ? NULL : key_cert->
cert );
425 unsigned char ver[2] );
427 const unsigned char ver[2] );
431 #if defined(MBEDTLS_SSL_PROTO_DTLS)
442 #if defined(MBEDTLS_SSL_PROTO_DTLS)
451 #if defined(MBEDTLS_SSL_PROTO_DTLS)
458 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
467 const unsigned char *A = (
const unsigned char *) a;
468 const unsigned char *B = (
const unsigned char *) b;
469 unsigned char diff = 0;
471 for( i = 0; i < n; i++ )
void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl)
int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl)
unsigned char mbedtls_ssl_hash_from_md_alg(int md)
mbedtls_sha1_context fin_sha1
void(* update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t)
void mbedtls_ssl_read_version(int *major, int *minor, int transport, const unsigned char ver[2])
mbedtls_ssl_key_cert * key_cert
int mbedtls_ssl_handshake_server_step(mbedtls_ssl_context *ssl)
unsigned char alt_out_ctr[8]
unsigned char randbytes[64]
int mbedtls_ssl_write_change_cipher_spec(mbedtls_ssl_context *ssl)
mbedtls_ssl_flight_item * cur_msg
mbedtls_sha256_context fin_sha256
int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl)
Certificate revocation list structure.
mbedtls_ecdh_context ecdh_ctx
static int mbedtls_ssl_safer_memcmp(const void *a, const void *b, size_t n)
mbedtls_sha512_context fin_sha512
mbedtls_pk_type_t
Public key types.
int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl)
static size_t mbedtls_ssl_hs_hdr_len(const mbedtls_ssl_context *ssl)
#define MBEDTLS_SSL_TRANSPORT_DATAGRAM
Curve information for use by other modules.
int mbedtls_ssl_resend(mbedtls_ssl_context *ssl)
unsigned char mbedtls_ssl_sig_from_pk(mbedtls_pk_context *pk)
int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl)
Generic message digest context.
mbedtls_x509_crt * sni_ca_chain
void mbedtls_ssl_handshake_free(mbedtls_ssl_handshake_params *handshake)
Free referenced items in an SSL handshake context and clear memory.
mbedtls_md5_context fin_md5
int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want)
mbedtls_ssl_handshake_params * handshake
int mbedtls_ssl_dtls_replay_check(mbedtls_ssl_context *ssl)
const mbedtls_ecp_curve_info ** curves
mbedtls_ssl_transform * alt_transform_out
int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl)
mbedtls_ssl_flight_item * next
unsigned char retransmit_state
mbedtls_ssl_key_cert * key_cert
void mbedtls_ssl_transform_free(mbedtls_ssl_transform *transform)
Free referenced items in an SSL transform context and clear memory.
SHA-512 context structure.
int mbedtls_ssl_check_cert_usage(const mbedtls_x509_crt *cert, const mbedtls_ssl_ciphersuite_t *ciphersuite, int cert_endpoint, uint32_t *flags)
int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex)
int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id)
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash)
void(* calc_verify)(mbedtls_ssl_context *, unsigned char *)
int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl)
mbedtls_key_exchange_type_t
unsigned char * verify_cookie
static mbedtls_x509_crt * mbedtls_ssl_own_cert(mbedtls_ssl_context *ssl)
mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig)
mbedtls_ecp_group_id
Domain parameters (curve, subgroup and generator) identifiers.
const mbedtls_ssl_config * conf
SHA-256 context structure.
int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl)
This structure is used for storing ciphersuite information.
uint32_t retransmit_timeout
#define MBEDTLS_PREMASTER_SIZE
int mbedtls_ssl_parse_change_cipher_spec(mbedtls_ssl_context *ssl)
void mbedtls_ssl_write_version(int major, int minor, int transport, unsigned char ver[2])
unsigned char verify_cookie_len
mbedtls_ssl_key_cert * next
void mbedtls_ssl_recv_flight_completed(mbedtls_ssl_context *ssl)
int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl)
void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl, const mbedtls_ssl_ciphersuite_t *ciphersuite_info)
int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl)
unsigned int in_flight_start_seq
void mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl)
Container for an X.509 certificate.
int mbedtls_ssl_check_sig_hash(const mbedtls_ssl_context *ssl, mbedtls_md_type_t md)
mbedtls_ssl_key_cert * sni_key_cert
int mbedtls_ssl_handshake_client_step(mbedtls_ssl_context *ssl)
unsigned char premaster[MBEDTLS_PREMASTER_SIZE]
void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl)
void(* calc_finished)(mbedtls_ssl_context *, unsigned char *, int)
mbedtls_ssl_flight_item * flight
mbedtls_x509_crl * sni_ca_crl
int(* tls_prf)(const unsigned char *, size_t, const char *, const unsigned char *, size_t, unsigned char *, size_t)
void mbedtls_ssl_dtls_replay_update(mbedtls_ssl_context *ssl)
mbedtls_dhm_context dhm_ctx
static mbedtls_pk_context * mbedtls_ssl_own_key(mbedtls_ssl_context *ssl)
static size_t mbedtls_ssl_hdr_len(const mbedtls_ssl_context *ssl)