Lines Matching defs:conn
24 static size_t tls_server_cert_chain_der_len(struct tlsv1_server *conn)
29 cert = conn->cred ? conn->cred->cert : NULL;
34 cert = x509_certificate_get_subject(conn->cred->trusted_certs,
42 static int tls_write_server_hello(struct tlsv1_server *conn,
51 tlsv1_server_log(conn, "Send ServerHello");
59 WPA_PUT_BE32(conn->server_random, now.sec);
60 if (random_get_bytes(conn->server_random + 4, TLS_RANDOM_LEN - 4)) {
66 conn->server_random, TLS_RANDOM_LEN);
68 conn->session_id_len = TLS_SESSION_ID_MAX_LEN;
69 if (random_get_bytes(conn->session_id, conn->session_id_len)) {
75 conn->session_id, conn->session_id_len);
88 WPA_PUT_BE16(pos, conn->rl.tls_version);
91 os_memcpy(pos, conn->server_random, TLS_RANDOM_LEN);
94 *pos++ = conn->session_id_len;
95 os_memcpy(pos, conn->session_id, conn->session_id_len);
96 pos += conn->session_id_len;
98 WPA_PUT_BE16(pos, conn->cipher_suite);
107 if (conn->status_request) {
117 if (conn->status_request_v2) {
129 if (conn->session_ticket && conn->session_ticket_cb) {
130 int res = conn->session_ticket_cb(
131 conn->session_ticket_cb_ctx,
132 conn->session_ticket, conn->session_ticket_len,
133 conn->client_random, conn->server_random,
134 conn->master_secret);
136 tlsv1_server_log(conn, "SessionTicket callback indicated failure");
137 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
141 conn->use_session_ticket = res;
143 if (conn->use_session_ticket) {
144 if (tlsv1_server_derive_keys(conn, NULL, 0) < 0) {
147 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
171 tls_verify_hash_add(&conn->verify, hs_start, pos - hs_start);
173 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE,
177 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
189 static int tls_write_server_certificate(struct tlsv1_server *conn,
197 suite = tls_get_cipher_suite(conn->rl.cipher_suite);
206 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
211 tlsv1_server_log(conn, "Send Certificate");
228 cert = conn->cred->cert;
235 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
246 cert = x509_certificate_get_subject(conn->cred->trusted_certs,
249 if (cert == conn->cred->cert || cert == NULL) {
263 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE,
267 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
273 tls_verify_hash_add(&conn->verify, hs_start, pos - hs_start);
281 static int tls_write_server_certificate_status(struct tlsv1_server *conn,
301 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
306 tlsv1_server_log(conn, "Send CertificateStatus (multi=%d)", ocsp_multi);
350 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE,
354 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
360 tls_verify_hash_add(&conn->verify, hs_start, pos - hs_start);
368 static int tls_write_server_key_exchange(struct tlsv1_server *conn,
380 suite = tls_get_cipher_suite(conn->rl.cipher_suite);
386 if (!tls_server_key_exchange_allowed(conn->rl.cipher_suite)) {
397 if (conn->cred == NULL || conn->cred->dh_p == NULL ||
398 conn->cred->dh_g == NULL) {
404 tlsv1_server_get_dh_p(conn, &dh_p, &dh_p_len);
406 os_free(conn->dh_secret);
407 conn->dh_secret_len = dh_p_len;
408 conn->dh_secret = os_malloc(conn->dh_secret_len);
409 if (conn->dh_secret == NULL) {
412 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
416 if (random_get_bytes(conn->dh_secret, conn->dh_secret_len)) {
419 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
421 os_free(conn->dh_secret);
422 conn->dh_secret = NULL;
426 if (os_memcmp(conn->dh_secret, dh_p, conn->dh_secret_len) > 0)
427 conn->dh_secret[0] = 0; /* make sure secret < p */
429 pos = conn->dh_secret;
430 while (pos + 1 < conn->dh_secret + conn->dh_secret_len && *pos == 0)
432 if (pos != conn->dh_secret) {
433 os_memmove(conn->dh_secret, pos,
434 conn->dh_secret_len - (pos - conn->dh_secret));
435 conn->dh_secret_len -= pos - conn->dh_secret;
438 conn->dh_secret, conn->dh_secret_len);
446 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
450 if (crypto_mod_exp(conn->cred->dh_g, conn->cred->dh_g_len,
451 conn->dh_secret, conn->dh_secret_len,
453 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
483 tlsv1_server_log(conn, "Send ServerKeyExchange");
503 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
514 if (2 + conn->cred->dh_g_len > (size_t) (end - pos)) {
517 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
522 WPA_PUT_BE16(pos, conn->cred->dh_g_len);
524 os_memcpy(pos, conn->cred->dh_g, conn->cred->dh_g_len);
525 pos += conn->cred->dh_g_len;
531 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
569 if (conn->rl.tls_version >= TLS_VERSION_1_2) {
572 conn->rl.tls_version, TLS_HASH_ALG_SHA256,
573 conn->client_random,
574 conn->server_random, server_params,
588 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
615 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
621 conn->rl.tls_version, conn->client_random,
622 conn->server_random, server_params,
627 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
635 if (conn->test_flags & TLS_BREAK_SRV_KEY_X_HASH) {
636 tlsv1_server_log(conn, "TESTING: Break ServerKeyExchange signed params hash");
656 if (conn->cred == NULL ||
657 crypto_private_key_sign_pkcs1(conn->cred->key, hash, hlen,
660 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
666 if (conn->test_flags & TLS_BREAK_SRV_KEY_X_SIGNATURE) {
667 tlsv1_server_log(conn, "TESTING: Break ServerKeyExchange signed params signature");
677 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE,
681 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
687 tls_verify_hash_add(&conn->verify, hs_start, pos - hs_start);
695 static int tls_write_server_certificate_request(struct tlsv1_server *conn,
701 if (!conn->verify_peer) {
708 tlsv1_server_log(conn, "Send CertificateRequest");
743 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE,
747 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
753 tls_verify_hash_add(&conn->verify, hs_start, pos - hs_start);
761 static int tls_write_server_hello_done(struct tlsv1_server *conn,
768 tlsv1_server_log(conn, "Send ServerHelloDone");
781 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE,
785 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
790 tls_verify_hash_add(&conn->verify, payload, pos - payload);
798 static int tls_write_server_change_cipher_spec(struct tlsv1_server *conn,
804 tlsv1_server_log(conn, "Send ChangeCipherSpec");
808 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_CHANGE_CIPHER_SPEC,
812 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
817 if (tlsv1_record_change_write_cipher(&conn->rl) < 0) {
820 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
831 static int tls_write_server_finished(struct tlsv1_server *conn,
841 tlsv1_server_log(conn, "Send Finished");
846 if (conn->rl.tls_version >= TLS_VERSION_1_2) {
848 if (conn->verify.sha256_server == NULL ||
849 crypto_hash_finish(conn->verify.sha256_server, hash, &hlen)
851 conn->verify.sha256_server = NULL;
852 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
856 conn->verify.sha256_server = NULL;
861 if (conn->verify.md5_server == NULL ||
862 crypto_hash_finish(conn->verify.md5_server, hash, &hlen) < 0) {
863 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
865 conn->verify.md5_server = NULL;
866 crypto_hash_finish(conn->verify.sha1_server, NULL, NULL);
867 conn->verify.sha1_server = NULL;
870 conn->verify.md5_server = NULL;
872 if (conn->verify.sha1_server == NULL ||
873 crypto_hash_finish(conn->verify.sha1_server, hash + MD5_MAC_LEN,
875 conn->verify.sha1_server = NULL;
876 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
880 conn->verify.sha1_server = NULL;
887 if (tls_prf(conn->rl.tls_version,
888 conn->master_secret, TLS_MASTER_SECRET_LEN,
892 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
899 if (conn->test_flags & TLS_BREAK_VERIFY_DATA) {
900 tlsv1_server_log(conn, "TESTING: Break verify_data (server)");
913 tls_verify_hash_add(&conn->verify, hs_start, pos - hs_start);
915 if (tlsv1_record_send(&conn->rl, TLS_CONTENT_TYPE_HANDSHAKE,
919 tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
930 static u8 * tls_send_server_hello(struct tlsv1_server *conn, size_t *out_len)
940 if (conn->status_request_multi &&
941 conn->cred->ocsp_stapling_response_multi) {
943 conn->cred->ocsp_stapling_response_multi,
946 } else if ((conn->status_request || conn->status_request_v2) &&
947 conn->cred->ocsp_stapling_response) {
948 ocsp_resp = os_readfile(conn->cred->ocsp_stapling_response,
954 msglen = 1000 + tls_server_cert_chain_der_len(conn) + ocsp_resp_len;
965 if (tls_write_server_hello(conn, &pos, end) < 0) {
971 if (conn->use_session_ticket) {
975 if (tls_write_server_change_cipher_spec(conn, &pos, end) < 0 ||
976 tls_write_server_finished(conn, &pos, end) < 0) {
983 conn->state = CHANGE_CIPHER_SPEC;
989 if (tls_write_server_certificate(conn, &pos, end) < 0 ||
990 tls_write_server_certificate_status(conn, &pos, end, ocsp_multi,
992 tls_write_server_key_exchange(conn, &pos, end) < 0 ||
993 tls_write_server_certificate_request(conn, &pos, end) < 0 ||
994 tls_write_server_hello_done(conn, &pos, end) < 0) {
1003 conn->state = CLIENT_CERTIFICATE;
1009 static u8 * tls_send_change_cipher_spec(struct tlsv1_server *conn,
1023 if (tls_write_server_change_cipher_spec(conn, &pos, end) < 0 ||
1024 tls_write_server_finished(conn, &pos, end) < 0) {
1031 tlsv1_server_log(conn, "Handshake completed successfully");
1032 conn->state = ESTABLISHED;
1038 u8 * tlsv1_server_handshake_write(struct tlsv1_server *conn, size_t *out_len)
1040 switch (conn->state) {
1042 return tls_send_server_hello(conn, out_len);
1044 return tls_send_change_cipher_spec(conn, out_len);
1046 if (conn->state == ESTABLISHED && conn->use_session_ticket) {
1050 tlsv1_server_log(conn, "Unexpected state %d while generating reply",
1051 conn->state);
1057 u8 * tlsv1_server_send_alert(struct tlsv1_server *conn, u8 level,
1062 tlsv1_server_log(conn, "Send Alert(%d:%d)", level, description);
1075 WPA_PUT_BE16(pos, conn->rl.tls_version ? conn->rl.tls_version :