Lines Matching refs:s3
197 if ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) &&
303 s->s3->flags &= ~SSL3_FLAGS_SGC_RESTART_DONE;
304 s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
306 s->s3->change_cipher_spec = 0;
319 else if (!s->s3->send_connection_binding &&
346 s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
420 if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aKRB5|SSL_aSRP))
421 && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
448 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
454 s->s3->tmp.use_rsa_tmp=0;
482 || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
483 && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
510 ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
515 (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) ||
517 (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSRP)
520 || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
524 s->s3->tmp.cert_request=0;
526 if (s->s3->handshake_buffer)
532 s->s3->tmp.cert_request=1;
539 s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
549 s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
574 s->state=s->s3->tmp.next_state;
586 if (s->s3->tmp.cert_request)
614 if (s->s3->next_proto_neg_seen)
630 if (!s->s3->handshake_buffer)
635 s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
652 if (s->s3->handshake_buffer)
656 if (s->s3->handshake_dgst[dgst_num])
660 s->method->ssl3_enc->cert_verify_mac(s,EVP_MD_CTX_type(s->s3->handshake_dgst[dgst_num]),&(s->s3->tmp.cert_verify_md[offset]));
661 dgst_size=EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
680 if (!s->s3->change_cipher_spec)
681 s->s3->flags |= SSL3_FLAGS_CCS_OK;
689 if (s->s3->next_proto_neg_seen)
706 * s->s3->change_cipher_spec is set when a CCS is
710 if (!s->s3->change_cipher_spec)
711 s->s3->flags |= SSL3_FLAGS_CCS_OK;
728 * s->s3->change_cipher_spec is set when a CCS is
732 if (!s->s3->change_cipher_spec)
733 s->s3->flags |= SSL3_FLAGS_CCS_OK;
770 s->session->cipher=s->s3->tmp.new_cipher;
801 s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
803 if (s->s3->next_proto_neg_seen)
805 s->s3->tmp.next_state=SSL3_ST_SR_NEXT_PROTO_A;
808 s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
812 s->s3->tmp.next_state=SSL_ST_OK;
853 if (!s->s3->tmp.reuse_message && !skip)
917 s->s3->tmp.reuse_message = 1;
918 if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
922 if (s->s3->flags & SSL3_FLAGS_SGC_RESTART_DONE)
930 if (s->s3->tmp.dh != NULL)
932 DH_free(s->s3->tmp.dh);
933 s->s3->tmp.dh = NULL;
937 if (s->s3->tmp.ecdh != NULL)
939 EC_KEY_free(s->s3->tmp.ecdh);
940 s->s3->tmp.ecdh = NULL;
943 s->s3->flags |= SSL3_FLAGS_SGC_RESTART_DONE;
1020 memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
1241 pos=s->s3->server_random;
1289 s->s3->tmp.new_compression=NULL;
1309 s->s3->tmp.new_compression=comp;
1313 if (s->s3->tmp.new_compression == NULL)
1354 s->s3->tmp.new_compression=comp;
1399 s->s3->tmp.new_cipher=c;
1421 s->s3->tmp.new_cipher=nc;
1423 s->s3->tmp.new_cipher=ec;
1425 s->s3->tmp.new_cipher=s->session->cipher;
1429 s->s3->tmp.new_cipher=s->session->cipher;
1484 p=s->s3->server_random;
1495 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
1528 i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
1535 if (s->s3->tmp.new_compression == NULL)
1538 *(p++)=s->s3->tmp.new_compression->id;
1626 type=s->s3->tmp.new_cipher->algorithm_mkey;
1640 SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
1641 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
1659 s->s3->tmp.use_rsa_tmp=1;
1669 SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
1670 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
1678 if (s->s3->tmp.dh != NULL)
1690 s->s3->tmp.dh=dh;
1728 SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
1729 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
1738 if (s->s3->tmp.ecdh != NULL)
1756 s->s3->tmp.ecdh=ecdh;
1776 if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
1887 if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aSRP))
1888 && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
1890 if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher,&md))
1980 EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1981 EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
2019 EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
2020 EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
2202 alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
2213 if (s->s3->tmp.use_rsa_tmp)
2367 if (s->s3->tmp.dh == NULL)
2374 dh_srvr=s->s3->tmp.dh;
2393 DH_free(s->s3->tmp.dh);
2394 s->s3->tmp.dh=NULL;
2626 tkey = s->s3->tmp.ecdh;
2742 EC_KEY_free(s->s3->tmp.ecdh);
2743 s->s3->tmp.ecdh = NULL;
2906 alg_a = s->s3->tmp.new_cipher->algorithm_auth;
3014 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)
3016 s->s3->tmp.reuse_message=1;
3041 if (s->s3->change_cipher_spec)
3111 hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
3141 i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
3163 &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
3179 &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
3203 j=EVP_PKEY_verify(pctx,signature,64,s->s3->tmp.cert_verify_md,32);
3228 if (s->s3->handshake_buffer)
3230 BIO_free(s->s3->handshake_buffer);
3231 s->s3->handshake_buffer = NULL;
3232 s->s3->flags &= ~TLS1_FLAGS_KEEP_HANDSHAKE;
3257 if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE)
3267 if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request)
3273 s->s3->tmp.reuse_message=1;
3277 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
3348 if (s->s3->handshake_buffer && !ssl3_digest_cached_records(s))
3412 if ((s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) ||
3413 (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5))
3620 if (!s->s3->next_proto_neg_seen)
3637 * in this handshake, but s->s3->change_cipher_spec does (will be reset
3639 if (!s->s3->change_cipher_spec)