257                              struct mbed_ssl_backend_data *backend,  in mbed_set_ssl_version_min_max()  argument
331   mbedtls_ssl_conf_min_version(&backend->config, MBEDTLS_SSL_MAJOR_VERSION_3,  in mbed_set_ssl_version_min_max()
333   mbedtls_ssl_conf_max_version(&backend->config, MBEDTLS_SSL_MAJOR_VERSION_3,  in mbed_set_ssl_version_min_max()
336   mbedtls_ssl_conf_min_tls_version(&backend->config, ver_min);  in mbed_set_ssl_version_min_max()
337   mbedtls_ssl_conf_max_tls_version(&backend->config, ver_max);  in mbed_set_ssl_version_min_max()
380                           struct mbed_ssl_backend_data *backend,  in mbed_set_selected_ciphers()  argument
479   backend->ciphersuites = selected;  in mbed_set_selected_ciphers()
480   mbedtls_ssl_conf_ciphersuites(&backend->config, backend->ciphersuites);  in mbed_set_selected_ciphers()
562   struct mbed_ssl_backend_data *backend =  local
563     (struct mbed_ssl_backend_data *)connssl->backend;
579   DEBUGASSERT(backend);
580   DEBUGASSERT(!backend->initialized);
589   mbedtls_ctr_drbg_init(&backend->ctr_drbg);
591   ret = mbedtls_ctr_drbg_seed(&backend->ctr_drbg, entropy_func_mutex,
600   mbedtls_entropy_init(&backend->entropy);
601   mbedtls_ctr_drbg_init(&backend->ctr_drbg);
603   ret = mbedtls_ctr_drbg_seed(&backend->ctr_drbg, mbedtls_entropy_func,
604                               &backend->entropy, NULL, 0);
614   mbedtls_x509_crt_init(&backend->cacert);
624     ret = mbedtls_x509_crt_parse(&backend->cacert, newblob,
637     ret = mbedtls_x509_crt_parse_file(&backend->cacert, ssl_cafile);
653     ret = mbedtls_x509_crt_parse_path(&backend->cacert, ssl_capath);
670   mbedtls_x509_crt_init(&backend->clicert);
674     ret = mbedtls_x509_crt_parse_file(&backend->clicert, ssl_cert);
697     ret = mbedtls_x509_crt_parse(&backend->clicert, newblob,
710   mbedtls_pk_init(&backend->pk);
716       ret = mbedtls_pk_parse_keyfile(&backend->pk, ssl_config->key,
719                                      &backend->ctr_drbg);
721       ret = mbedtls_pk_parse_keyfile(&backend->pk, ssl_config->key,
742       ret = mbedtls_pk_parse_key(&backend->pk, key_data, ssl_key_blob->len,
746                                  &backend->ctr_drbg);
748       ret = mbedtls_pk_parse_key(&backend->pk, key_data, ssl_key_blob->len,
761     if(ret == 0 && !(mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_RSA) ||
762                      mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_ECKEY)))
768   mbedtls_x509_crl_init(&backend->crl);
772     ret = mbedtls_x509_crl_parse_file(&backend->crl, ssl_crlfile);
795   mbedtls_ssl_config_init(&backend->config);
796   ret = mbedtls_ssl_config_defaults(&backend->config,
807   mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(&backend->config,
814   mbedtls_ssl_conf_verify(&backend->config, mbed_verify_cb, cf);
815   mbedtls_ssl_conf_authmode(&backend->config, MBEDTLS_SSL_VERIFY_REQUIRED);
817   mbedtls_ssl_init(&backend->ssl);
818   backend->initialized = TRUE;
821   mbedtls_ssl_conf_cert_profile(&backend->config,
824   ret = mbed_set_ssl_version_min_max(data, backend, conn_config);
828   mbedtls_ssl_conf_rng(&backend->config, mbedtls_ctr_drbg_random,
829                        &backend->ctr_drbg);
831   ret = mbedtls_ssl_setup(&backend->ssl, &backend->config);
839   mbedtls_ssl_set_bio(&backend->ssl, cf,
846     CURLcode result = mbed_set_selected_ciphers(data, backend,
851     CURLcode result = mbed_set_selected_ciphers(data, backend,
861     mbedtls_ssl_conf_ciphersuites(&backend->config,
867   mbedtls_ssl_conf_renegotiation(&backend->config,
872   mbedtls_ssl_conf_session_tickets(&backend->config,
892         ret = mbedtls_ssl_set_session(&backend->ssl, &session);
903   mbedtls_ssl_conf_ca_chain(&backend->config,
904                             &backend->cacert,
906                             &backend->crl);
912     mbedtls_ssl_conf_own_cert(&backend->config,
913                               &backend->clicert, &backend->pk);
916   if(mbedtls_ssl_set_hostname(&backend->ssl, connssl->peer.sni ?
931       backend->protocols[i] = connssl->alpn->entries[i];
935     if(mbedtls_ssl_conf_alpn_protocols(&backend->config,
936                                        &backend->protocols[0])) {
947   mbedtls_ssl_conf_dbg(&backend->config, mbed_debug, data);
959     CURLcode result = (*data->set.ssl.fsslctx)(data, &backend->config,
977   struct mbed_ssl_backend_data *backend =  local
978     (struct mbed_ssl_backend_data *)connssl->backend;
987   DEBUGASSERT(backend);
989   ret = mbedtls_ssl_handshake(&backend->ssl);
1007                 mbedtls_ssl_get_version_number(&backend->ssl));
1020                 mbedtls_ssl_get_ciphersuite_id_from_ssl(&backend->ssl);
1023           mbedtls_ssl_get_version(&backend->ssl), cipher_str);
1027         mbedtls_ssl_get_version(&backend->ssl));
1037     peercert = mbedtls_ssl_get_peer_cert(&backend->ssl);
1105     const char *proto = mbedtls_ssl_get_alpn_protocol(&backend->ssl);
1128   struct mbed_ssl_backend_data *backend =  local
1129     (struct mbed_ssl_backend_data *)connssl->backend;
1133   DEBUGASSERT(backend);
1141     ret = mbedtls_ssl_get_session(&backend->ssl, &session);
1181   struct mbed_ssl_backend_data *backend =  local
1182     (struct mbed_ssl_backend_data *)connssl->backend;
1186   DEBUGASSERT(backend);
1187   ret = mbedtls_ssl_write(&backend->ssl, (unsigned char *)mem, len);
1213   struct mbed_ssl_backend_data *backend =  local
1214     (struct mbed_ssl_backend_data *)connssl->backend;
1220   DEBUGASSERT(backend);
1222   if(!backend->initialized || cf->shutdown) {
1230   if(!backend->sent_shutdown) {
1232     backend->sent_shutdown = TRUE;
1234       ret = mbedtls_ssl_close_notify(&backend->ssl);
1258     ret = mbedtls_ssl_read(&backend->ssl, buf, sizeof(buf));
1262       ret = mbedtls_ssl_read(&backend->ssl, buf, sizeof(buf));
1301   struct mbed_ssl_backend_data *backend =  local
1302     (struct mbed_ssl_backend_data *)connssl->backend;
1305   DEBUGASSERT(backend);
1306   if(backend->initialized) {
1307     mbedtls_pk_free(&backend->pk);
1308     mbedtls_x509_crt_free(&backend->clicert);
1309     mbedtls_x509_crt_free(&backend->cacert);
1311     mbedtls_x509_crl_free(&backend->crl);
1313     Curl_safefree(backend->ciphersuites);
1314     mbedtls_ssl_config_free(&backend->config);
1315     mbedtls_ssl_free(&backend->ssl);
1316     mbedtls_ctr_drbg_free(&backend->ctr_drbg);
1318     mbedtls_entropy_free(&backend->entropy);
1320     backend->initialized = FALSE;
1329   struct mbed_ssl_backend_data *backend =  local
1330     (struct mbed_ssl_backend_data *)connssl->backend;
1334   DEBUGASSERT(backend);
1336   ret = mbedtls_ssl_read(&backend->ssl, (unsigned char *)buf,
1502     struct mbed_ssl_backend_data *backend =  local
1503       (struct mbed_ssl_backend_data *)ctx->backend;
1505     if(mbedtls_ssl_get_version_number(&backend->ssl) <=
1593   struct mbed_ssl_backend_data *backend;  local
1596   DEBUGASSERT(ctx && ctx->backend);
1597   backend = (struct mbed_ssl_backend_data *)ctx->backend;
1598   return mbedtls_ssl_get_bytes_avail(&backend->ssl) != 0;
1625   struct mbed_ssl_backend_data *backend =  local
1626     (struct mbed_ssl_backend_data *)connssl->backend;
1628   DEBUGASSERT(backend);
1629   return &backend->ssl;

Last Index update Mon Nov 25 22:09:01 UTC 2024

Dedicated to & Maintained by Room-11