Lines Matching refs:hs
212 state = s->s3->hs.state;
214 switch (s->s3->hs.state) {
217 /* s->s3->hs.state=SSL_ST_ACCEPT; */
234 &s->s3->hs.our_min_tls_version,
235 &s->s3->hs.our_max_tls_version)) {
242 s->s3->hs.our_min_tls_version)) {
259 if (s->s3->hs.state != SSL_ST_RENEGOTIATE) {
275 s->s3->hs.state = SSL3_ST_SR_CLNT_HELLO_A;
290 * s->s3->hs.state == SSL_ST_RENEGOTIATE,
294 s->s3->hs.state = SSL3_ST_SW_HELLO_REQ_A;
309 s->s3->hs.tls12.next_state = SSL3_ST_SR_CLNT_HELLO_A;
311 s->s3->hs.tls12.next_state = SSL3_ST_SW_HELLO_REQ_C;
312 s->s3->hs.state = SSL3_ST_SW_FLUSH;
324 s->s3->hs.state = SSL_ST_OK;
339 s->s3->hs.state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
341 s->s3->hs.state = SSL3_ST_SW_SRVR_HELLO_A;
355 if (listen && s->s3->hs.state == SSL3_ST_SW_SRVR_HELLO_A) {
375 s->s3->hs.state = SSL3_ST_SW_SRVR_HELLO_A;
385 s->s3->hs.state = SSL3_ST_SW_FLUSH;
386 s->s3->hs.tls12.next_state = SSL3_ST_SR_CLNT_HELLO_A;
403 s->s3->hs.state = SSL3_ST_SW_SESSION_TICKET_A;
405 s->s3->hs.state = SSL3_ST_SW_CHANGE_A;
407 s->s3->hs.state = SSL3_ST_SW_CERT_A;
415 if (!(s->s3->hs.cipher->algorithm_auth &
423 s->s3->hs.state = SSL3_ST_SW_CERT_STATUS_A;
425 s->s3->hs.state = SSL3_ST_SW_KEY_EXCH_A;
428 s->s3->hs.state = SSL3_ST_SW_KEY_EXCH_A;
435 alg_k = s->s3->hs.cipher->algorithm_mkey;
454 s->s3->hs.state = SSL3_ST_SW_CERT_REQ_A;
480 ((s->s3->hs.cipher->algorithm_auth &
485 s->s3->hs.tls12.cert_request = 0;
486 s->s3->hs.state = SSL3_ST_SW_SRVR_DONE_A;
491 s->s3->hs.tls12.cert_request = 1;
497 s->s3->hs.state = SSL3_ST_SW_SRVR_DONE_A;
509 s->s3->hs.tls12.next_state = SSL3_ST_SR_CERT_A;
510 s->s3->hs.state = SSL3_ST_SW_FLUSH;
531 s->s3->hs.state = s->s3->hs.tls12.next_state;
538 s->s3->hs.state = s->s3->hs.tls12.next_state;
543 if (s->s3->hs.tls12.cert_request != 0) {
549 s->s3->hs.state = SSL3_ST_SR_KEY_EXCH_A;
559 s->s3->hs.state = SSL3_ST_SR_CERT_VRFY_A;
563 alg_k = s->s3->hs.cipher->algorithm_mkey;
565 s->s3->hs.state = SSL3_ST_SR_CERT_VRFY_A;
575 s->s3->hs.state = SSL3_ST_SR_CERT_VRFY_A;
585 s->s3->hs.tls12.cert_verify,
586 sizeof(s->s3->hs.tls12.cert_verify),
605 s->s3->hs.state = SSL3_ST_SR_FINISHED_A;
621 s->s3->hs.state = SSL_ST_OK;
623 s->s3->hs.state = SSL3_ST_SW_SESSION_TICKET_A;
625 s->s3->hs.state = SSL3_ST_SW_CHANGE_A;
634 s->s3->hs.state = SSL3_ST_SW_CHANGE_A;
643 s->s3->hs.state = SSL3_ST_SW_KEY_EXCH_A;
652 s->s3->hs.state = SSL3_ST_SW_FINISHED_A;
654 s->session->cipher_value = s->s3->hs.cipher->value;
671 s->s3->hs.state = SSL3_ST_SW_FLUSH;
673 s->s3->hs.tls12.next_state = SSL3_ST_SR_FINISHED_A;
676 s->s3->hs.tls12.next_state = SSL_ST_OK;
731 if (!s->s3->hs.tls12.reuse_message && !skip) {
732 if (s->s3->hs.state != state) {
733 new_state = s->s3->hs.state;
734 s->s3->hs.state = state;
736 s->s3->hs.state = new_state;
756 if (s->s3->hs.state == SSL3_ST_SW_HELLO_REQ_A) {
763 s->s3->hs.state = SSL3_ST_SW_HELLO_REQ_B;
796 if (s->s3->hs.state == SSL3_ST_SR_CLNT_HELLO_A)
797 s->s3->hs.state = SSL3_ST_SR_CLNT_HELLO_B;
851 s->s3->hs.peer_legacy_version = client_version;
854 s->s3->hs.negotiated_tls_version = ssl_tls_version(shared_version);
855 if (s->s3->hs.negotiated_tls_version == 0) {
1039 if (s->s3->hs.our_max_tls_version >= TLS1_2_VERSION &&
1040 s->s3->hs.negotiated_tls_version < s->s3->hs.our_max_tls_version) {
1049 if (s->s3->hs.negotiated_tls_version == TLS1_2_VERSION) {
1079 sk_SSL_CIPHER_free(s->s3->hs.client_ciphers);
1080 s->s3->hs.client_ciphers = ciphers;
1092 pref_cipher = ssl3_choose_cipher(s, s->s3->hs.client_ciphers,
1099 s->s3->hs.cipher = pref_cipher;
1103 s->cipher_list = sk_SSL_CIPHER_dup(s->s3->hs.client_ciphers);
1117 sk_SSL_CIPHER_free(s->s3->hs.client_ciphers);
1118 s->s3->hs.client_ciphers = ciphers;
1121 if ((c = ssl3_choose_cipher(s, s->s3->hs.client_ciphers,
1127 s->s3->hs.cipher = c;
1128 s->session->cipher_value = s->s3->hs.cipher->value;
1130 s->s3->hs.cipher = ssl3_get_cipher_by_value(s->session->cipher_value);
1131 if (s->s3->hs.cipher == NULL)
1150 * s->hs.cipher - the new cipher to use.
1181 if (s->s3->hs.state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
1206 s->s3->hs.state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
1209 /* s->s3->hs.state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
1226 if (s->s3->hs.state == SSL3_ST_SW_SRVR_HELLO_A) {
1270 if (!CBB_add_u16(&server_hello, s->s3->hs.cipher->value))
1303 if (s->s3->hs.state == SSL3_ST_SW_SRVR_DONE_A) {
1310 s->s3->hs.state = SSL3_ST_SW_SRVR_DONE_B;
1327 tls_key_share_free(s->s3->hs.key_share);
1328 if ((s->s3->hs.key_share = tls_key_share_new_nid(nid)) == NULL)
1340 tls_key_share_set_key_bits(s->s3->hs.key_share,
1347 SSL_C_PKEYLENGTH(s->s3->hs.cipher));
1356 if (!tls_key_share_set_dh_params(s->s3->hs.key_share, dh_params))
1360 if (!tls_key_share_generate(s->s3->hs.key_share))
1363 if (!tls_key_share_params(s->s3->hs.key_share, cbb))
1365 if (!tls_key_share_public(s->s3->hs.key_share, cbb))
1368 if (!tls_key_share_peer_security(s, s->s3->hs.key_share)) {
1392 tls_key_share_free(s->s3->hs.key_share);
1393 if ((s->s3->hs.key_share = tls_key_share_new_nid(nid)) == NULL)
1396 if (!tls_key_share_generate(s->s3->hs.key_share))
1404 if (!CBB_add_u16(cbb, tls_key_share_group(s->s3->hs.key_share)))
1408 if (!tls_key_share_public(s->s3->hs.key_share, &public))
1442 if (s->s3->hs.state == SSL3_ST_SW_KEY_EXCH_A) {
1462 type = s->s3->hs.cipher->algorithm_mkey;
1488 if (!(s->s3->hs.cipher->algorithm_auth & SSL_aNULL)) {
1489 if ((pkey = ssl_get_sign_pkey(s, s->s3->hs.cipher,
1494 s->s3->hs.our_sigalg = sigalg;
1542 s->s3->hs.state = SSL3_ST_SW_KEY_EXCH_B;
1577 if (s->s3->hs.state == SSL3_ST_SW_CERT_REQ_A) {
1591 if (!ssl_sigalgs_build(s->s3->hs.negotiated_tls_version,
1618 s->s3->hs.state = SSL3_ST_SW_CERT_REQ_B;
1653 fakepms[0] = s->s3->hs.peer_legacy_version >> 8;
1654 fakepms[1] = s->s3->hs.peer_legacy_version & 0xff;
1714 valid &= crypto_ct_eq_u8(pms[pad_len + 0], s->s3->hs.peer_legacy_version >> 8);
1715 valid &= crypto_ct_eq_u8(pms[pad_len + 1], s->s3->hs.peer_legacy_version & 0xff);
1741 if (s->s3->hs.key_share == NULL) {
1747 if (!tls_key_share_peer_public(s->s3->hs.key_share, cbs,
1761 if (!tls_key_share_derive(s->s3->hs.key_share, &key, &key_len))
1784 if (s->s3->hs.key_share == NULL) {
1795 if (!tls_key_share_peer_public(s->s3->hs.key_share, &public,
1804 if (!tls_key_share_derive(s->s3->hs.key_share, &key, &key_len))
1835 alg_k = s->s3->hs.cipher->algorithm_mkey;
1899 if (s->s3->hs.tls12.message_type != SSL3_MT_CERTIFICATE_VERIFY) {
1900 s->s3->hs.tls12.reuse_message = 1;
1951 s->s3->hs.peer_sigalg = sigalg;
1988 verify = RSA_verify(NID_md5_sha1, s->s3->hs.tls12.cert_verify,
2010 &(s->s3->hs.tls12.cert_verify[MD5_DIGEST_LENGTH]),
2055 if (s->s3->hs.tls12.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
2067 if (s->s3->hs.tls12.cert_request != 0) {
2072 s->s3->hs.tls12.reuse_message = 1;
2076 if (s->s3->hs.tls12.message_type != SSL3_MT_CERTIFICATE) {
2170 if (s->s3->hs.state == SSL3_ST_SW_CERT_A) {
2184 s->s3->hs.state = SSL3_ST_SW_CERT_B;
2224 if (s->s3->hs.state == SSL3_ST_SW_SESSION_TICKET_A) {
2311 s->s3->hs.state = SSL3_ST_SW_SESSION_TICKET_B;
2339 if (s->s3->hs.state == SSL3_ST_SW_CERT_STATUS_A) {
2353 s->s3->hs.state = SSL3_ST_SW_CERT_STATUS_B;
2373 if (s->s3->hs.state == SSL3_ST_SW_CHANGE_A) {
2396 s->s3->hs.state = SSL3_ST_SW_CHANGE_B;
2437 if (s->s3->hs.peer_finished_len != md_len ||
2444 if (!CBS_mem_equal(&cbs, s->s3->hs.peer_finished, CBS_len(&cbs))) {
2453 s->s3->hs.peer_finished, md_len);
2469 if (s->s3->hs.state == SSL3_ST_SW_FINISHED_A) {
2475 s->s3->hs.finished, s->s3->hs.finished_len);
2476 s->s3->previous_server_finished_len = s->s3->hs.finished_len;
2481 if (!CBB_add_bytes(&finished, s->s3->hs.finished,
2482 s->s3->hs.finished_len))
2487 s->s3->hs.state = SSL3_ST_SW_FINISHED_B;