33 	const u8 *pos, *end;
46 	pos = in_data;
53 	if (*pos != TLS_HANDSHAKE_TYPE_SERVER_HELLO) {
55 			   "message %d (expected ServerHello)", *pos);
61 	pos++;
63 	len = WPA_GET_BE24(pos);
64 	pos += 3;
72 	wpa_hexdump(MSG_MSGDUMP, "TLSv1: ServerHello", pos, len);
73 	end = pos + len;
76 	if (end - pos < 2)
78 	tls_version = WPA_GET_BE16(pos);
81 			   "ServerHello %u.%u", pos[0], pos[1]);
86 	pos += 2;
93 	if (end - pos < TLS_RANDOM_LEN)
96 	os_memcpy(conn->server_random, pos, TLS_RANDOM_LEN);
97 	pos += TLS_RANDOM_LEN;
102 	if (end - pos < 1)
104 	if (end - pos < 1 + *pos || *pos > TLS_SESSION_ID_MAX_LEN)
106 	if (conn->session_id_len && conn->session_id_len == *pos &&
107 	    os_memcmp(conn->session_id, pos + 1, conn->session_id_len) == 0) {
108 		pos += 1 + conn->session_id_len;
112 		conn->session_id_len = *pos;
113 		pos++;
114 		os_memcpy(conn->session_id, pos, conn->session_id_len);
115 		pos += conn->session_id_len;
121 	if (end - pos < 2)
123 	cipher_suite = WPA_GET_BE16(pos);
124 	pos += 2;
157 	if (end - pos < 1)
159 	if (*pos != TLS_COMPRESSION_NULL) {
161 			   "compression 0x%02x", *pos);
166 	pos++;
168 	if (end != pos) {
171 			    "end of ServerHello", pos, end - pos);
217 	const u8 *pos, *end;
231 	pos = in_data;
241 	type = *pos++;
242 	len = WPA_GET_BE24(pos);
243 	pos += 3;
285 	end = pos + len;
287 	if (end - pos < 3) {
294 	list_len = WPA_GET_BE24(pos);
295 	pos += 3;
297 	if ((size_t) (end - pos) != list_len) {
301 			   (unsigned long) (end - pos));
307 	while (pos < end) {
308 		if (end - pos < 3) {
317 		cert_len = WPA_GET_BE24(pos);
318 		pos += 3;
320 		if ((size_t) (end - pos) < cert_len) {
324 				   (unsigned long) (end - pos));
336 			if (tls_parse_cert(pos, cert_len,
347 		cert = x509_certificate_parse(pos, cert_len);
364 		pos += cert_len;
440 	const u8 *pos, *end, *server_params, *server_params_end;
447 	pos = buf;
450 	if (end - pos < 3)
452 	server_params = pos;
453 	val = WPA_GET_BE16(pos);
454 	pos += 2;
455 	if (val == 0 || val > (size_t) (end - pos)) {
460 	bits = count_bits(pos, conn->dh_p_len);
465 			    pos, conn->dh_p_len);
471 	os_memcpy(conn->dh_p, pos, conn->dh_p_len);
472 	pos += conn->dh_p_len;
476 	if (end - pos < 3)
478 	val = WPA_GET_BE16(pos);
479 	pos += 2;
480 	if (val == 0 || val > (size_t) (end - pos))
486 	os_memcpy(conn->dh_g, pos, conn->dh_g_len);
487 	pos += conn->dh_g_len;
493 	if (end - pos < 3)
495 	val = WPA_GET_BE16(pos);
496 	pos += 2;
497 	if (val == 0 || val > (size_t) (end - pos))
503 	os_memcpy(conn->dh_ys, pos, conn->dh_ys_len);
504 	pos += conn->dh_ys_len;
507 	server_params_end = pos;
525 			if (end - pos < 2)
527 			if (pos[0] != TLS_HASH_ALG_SHA256 ||
528 			    pos[1] != TLS_SIGN_ALG_RSA) {
530 					   pos[0], pos[1]);
533 			pos += 2;
556 					 hash, hlen, pos, end - pos,
573 	const u8 *pos, *end;
586 	pos = in_data;
596 	type = *pos++;
597 	len = WPA_GET_BE24(pos);
598 	pos += 3;
609 	end = pos + len;
636 	wpa_hexdump(MSG_DEBUG, "TLSv1: ServerKeyExchange", pos, len);
640 		if (tlsv1_process_diffie_hellman(conn, pos, len,
664 	const u8 *pos, *end;
676 	pos = in_data;
686 	type = *pos++;
687 	len = WPA_GET_BE24(pos);
688 	pos += 3;
699 	end = pos + len;
728 	const u8 *pos, *end;
740 	pos = in_data;
750 	type = *pos++;
751 	len = WPA_GET_BE24(pos);
752 	pos += 3;
762 	end = pos + len;
786 	const u8 *pos;
819 	pos = in_data;
828 	if (*pos != TLS_CHANGE_CIPHER_SPEC) {
830 			   "received data 0x%x", *pos);
845 	*in_len = pos + 1 - in_data;
856 	const u8 *pos, *end;
869 	pos = in_data;
881 	if (pos[0] != TLS_HANDSHAKE_TYPE_FINISHED) {
883 			   "type 0x%x", pos[0]);
889 	len = WPA_GET_BE24(pos + 1);
891 	pos += 4;
902 	end = pos + len;
912 		    pos, TLS_VERIFY_DATA_LEN);
968 	if (os_memcmp_const(pos, verify_data, TLS_VERIFY_DATA_LEN) != 0) {
990 	const u8 *pos;
1001 	pos = in_data;
1005 		    pos, left);
1009 		os_memcpy(*out_data, pos, left);

Indexes created Sun Aug 18 21:54:11 MDT 2024