Lines Matching refs:s3
58 && (s->s3.tmp.new_cipher->algorithm_auth & SSL_aNULL)) in cert_req_allowed()
59 || (s->s3.tmp.new_cipher->algorithm_auth & (SSL_aSRP | SSL_aPSK))) in cert_req_allowed()
74 long alg_k = s->s3.tmp.new_cipher->algorithm_mkey; in key_exchange_expected()
304 } else if (!(s->s3.tmp.new_cipher->algorithm_auth in ossl_statem_client_read_transition()
314 || ((s->s3.tmp.new_cipher->algorithm_mkey & SSL_PSK) in ossl_statem_client_read_transition()
347 if (ske_expected || ((s->s3.tmp.new_cipher->algorithm_mkey & SSL_PSK) in ossl_statem_client_read_transition()
482 else if (s->s3.tmp.cert_req == 0) in ossl_statem_client13_write_transition()
501 if (s->s3.tmp.cert_req == 0) in ossl_statem_client13_write_transition()
512 st->hand_state = (s->s3.tmp.cert_req == 1) ? TLS_ST_CW_CERT_VRFY in ossl_statem_client13_write_transition()
616 if (s->s3.tmp.cert_req) in ossl_statem_client_write_transition()
637 if (s->s3.tmp.cert_req == 1) { in ossl_statem_client_write_transition()
642 if (s->s3.flags & TLS1_FLAGS_SKIP_CERT_VERIFY) { in ossl_statem_client_write_transition()
660 if (!SSL_CONNECTION_IS_DTLS(s) && s->s3.npn_seen) in ossl_statem_client_write_transition()
855 s->session->cipher = s->s3.tmp.new_cipher; in ossl_statem_client_post_work()
859 if (s->s3.tmp.new_compression == NULL) in ossl_statem_client_post_work()
862 s->session->compress_meth = s->s3.tmp.new_compression->id; in ossl_statem_client_post_work()
1194 p = s->s3.client_random; in tls_construct_client_hello()
1203 for (idx = 0; idx < sizeof(s->s3.client_random); idx++) { in tls_construct_client_hello()
1213 if (i && ssl_fill_hello_random(s, 0, p, sizeof(s->s3.client_random), in tls_construct_client_hello()
1253 || !WPACKET_memcpy(pkt, s->s3.client_random, SSL3_RANDOM_SIZE)) { in tls_construct_client_hello()
1326 || s->s3.tmp.max_ver < TLS1_3_VERSION)) { in tls_construct_client_hello()
1409 if (SSL_CONNECTION_IS_TLS13(s) && s->s3.tmp.new_cipher != NULL in set_client_ciphersuite()
1410 && s->s3.tmp.new_cipher->id != c->id) { in set_client_ciphersuite()
1451 s->s3.tmp.new_cipher = c; in set_client_ciphersuite()
1498 if (!PACKET_copy_bytes(pkt, s->s3.server_random, SSL3_RANDOM_SIZE)) { in tls_process_server_hello()
1699 s->s3.tmp.min_ver = s->version; in tls_process_server_hello()
1700 s->s3.tmp.max_ver = s->version; in tls_process_server_hello()
1742 s->s3.tmp.new_compression = comp; in tls_process_server_hello()
1852 if (s->ext.tls13_cookie_len == 0 && s->s3.tmp.pkey != NULL) { in tls_process_as_hello_retry_request()
1938 if ((clu->amask & sc->s3.tmp.new_cipher->algorithm_auth) == 0) { in tls_post_process_server_rpk()
2124 if ((clu->amask & s->s3.tmp.new_cipher->algorithm_auth) == 0) { in tls_post_process_server_certificate()
2238 if (s->s3.tmp.new_cipher->algorithm_auth & (SSL_aRSA | SSL_aDSS)) in tls_process_ske_srp()
2320 s->s3.peer_tmp = peer_tmp; in tls_process_ske_dhe()
2327 if (s->s3.tmp.new_cipher->algorithm_auth & (SSL_aRSA | SSL_aDSS)) in tls_process_ske_dhe()
2369 if ((s->s3.peer_tmp = ssl_generate_param_group(s, curve_id)) == NULL) { in tls_process_ske_ecdhe()
2380 if (EVP_PKEY_set1_encoded_public_key(s->s3.peer_tmp, in tls_process_ske_ecdhe()
2392 if (s->s3.tmp.new_cipher->algorithm_auth & SSL_aECDSA) in tls_process_ske_ecdhe()
2394 else if (s->s3.tmp.new_cipher->algorithm_auth & SSL_aRSA) in tls_process_ske_ecdhe()
2412 alg_k = s->s3.tmp.new_cipher->algorithm_mkey; in tls_process_key_exchange()
2416 EVP_PKEY_free(s->s3.peer_tmp); in tls_process_key_exchange()
2417 s->s3.peer_tmp = NULL; in tls_process_key_exchange()
2484 if (!tls1_lookup_md(sctx, s->s3.tmp.peer_sigalg, &md)) { in tls_process_key_exchange()
2538 if (!(s->s3.tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP)) in tls_process_key_exchange()
2564 if (s->s3.tmp.valid_flags != NULL) in tls_process_certificate_request()
2565 memset(s->s3.tmp.valid_flags, 0, s->ssl_pkey_num * sizeof(uint32_t)); in tls_process_certificate_request()
2567 s->s3.tmp.valid_flags = OPENSSL_zalloc(s->ssl_pkey_num * sizeof(uint32_t)); in tls_process_certificate_request()
2570 if (s->s3.tmp.valid_flags == NULL) in tls_process_certificate_request()
2587 OPENSSL_free(s->s3.tmp.ctype); in tls_process_certificate_request()
2588 s->s3.tmp.ctype = NULL; in tls_process_certificate_request()
2589 s->s3.tmp.ctype_len = 0; in tls_process_certificate_request()
2627 if (!PACKET_memdup(&ctypes, &s->s3.tmp.ctype, &s->s3.tmp.ctype_len)) { in tls_process_certificate_request()
2668 s->s3.tmp.cert_req = 1; in tls_process_certificate_request()
2969 if (s->s3.tmp.new_cipher->algorithm_mkey & SSL_kSRP) { in tls_process_server_done()
3035 OPENSSL_free(s->s3.tmp.psk); in tls_construct_cke_psk_preamble()
3036 s->s3.tmp.psk = tmppsk; in tls_construct_cke_psk_preamble()
3037 s->s3.tmp.psklen = psklen; in tls_construct_cke_psk_preamble()
3137 s->s3.tmp.pms = pms; in tls_construct_cke_rsa()
3138 s->s3.tmp.pmslen = pmslen; in tls_construct_cke_rsa()
3157 skey = s->s3.peer_tmp; in tls_construct_cke_dhe()
3218 skey = s->s3.peer_tmp; in tls_construct_cke_ecdhe()
3270 if ((s->s3.tmp.new_cipher->algorithm_auth & SSL_aGOST12) != 0) in tls_construct_cke_gost()
3317 || EVP_DigestUpdate(ukm_hash, s->s3.client_random, in tls_construct_cke_gost()
3319 || EVP_DigestUpdate(ukm_hash, s->s3.server_random, in tls_construct_cke_gost()
3350 s->s3.tmp.pms = pms; in tls_construct_cke_gost()
3351 s->s3.tmp.pmslen = pmslen; in tls_construct_cke_gost()
3368 if ((s->s3.tmp.new_cipher->algorithm_enc & SSL_MAGMA) != 0) in ossl_gost18_cke_cipher_nid()
3370 else if ((s->s3.tmp.new_cipher->algorithm_enc & SSL_KUZNYECHIK) != 0) in ossl_gost18_cke_cipher_nid()
3389 || EVP_DigestUpdate(hash, s->s3.client_random, SSL3_RANDOM_SIZE) <= 0 in ossl_gost_ukm()
3390 || EVP_DigestUpdate(hash, s->s3.server_random, SSL3_RANDOM_SIZE) <= 0 in ossl_gost_ukm()
3486 s->s3.tmp.pms = pms; in tls_construct_cke_gost18()
3487 s->s3.tmp.pmslen = pmslen; in tls_construct_cke_gost18()
3532 alg_k = s->s3.tmp.new_cipher->algorithm_mkey; in tls_construct_client_key_exchange()
3567 OPENSSL_clear_free(s->s3.tmp.pms, s->s3.tmp.pmslen); in tls_construct_client_key_exchange()
3568 s->s3.tmp.pms = NULL; in tls_construct_client_key_exchange()
3569 s->s3.tmp.pmslen = 0; in tls_construct_client_key_exchange()
3571 OPENSSL_clear_free(s->s3.tmp.psk, s->s3.tmp.psklen); in tls_construct_client_key_exchange()
3572 s->s3.tmp.psk = NULL; in tls_construct_client_key_exchange()
3573 s->s3.tmp.psklen = 0; in tls_construct_client_key_exchange()
3583 pms = s->s3.tmp.pms; in tls_client_key_exchange_post_work()
3584 pmslen = s->s3.tmp.pmslen; in tls_client_key_exchange_post_work()
3588 if (s->s3.tmp.new_cipher->algorithm_mkey & SSL_kSRP) { in tls_client_key_exchange_post_work()
3597 if (pms == NULL && !(s->s3.tmp.new_cipher->algorithm_mkey & SSL_kPSK)) { in tls_client_key_exchange_post_work()
3645 s->s3.tmp.pms = NULL; in tls_client_key_exchange_post_work()
3646 s->s3.tmp.pmslen = 0; in tls_client_key_exchange_post_work()
3658 if (!tls_choose_sigalg(s, 0) || s->s3.tmp.sigalg == NULL) in ssl3_check_client_certificate()
3729 s->s3.tmp.cert_req = 0; in tls_prepare_client_certificate()
3733 s->s3.tmp.cert_req = 2; in tls_prepare_client_certificate()
3774 if (s->s3.tmp.cert_req != 2) in tls_construct_client_certificate()
3924 alg_k = s->s3.tmp.new_cipher->algorithm_mkey; in ssl3_check_cert_and_algorithm()
3925 alg_a = s->s3.tmp.new_cipher->algorithm_auth; in ssl3_check_cert_and_algorithm()
3947 if ((alg_k & SSL_kDHE) && (s->s3.peer_tmp == NULL)) { in ssl3_check_cert_and_algorithm()
4124 if (ssl_version_cmp(s, maxproto, s->s3.tmp.max_ver) >= 0 in ssl_cipher_list_to_bytes()
4125 && ssl_version_cmp(s, minproto, s->s3.tmp.max_ver) <= 0) in ssl_cipher_list_to_bytes()
