Lines Matching refs:ssl
163 ssl_t *ssl, in kssl_compute_record_mac() argument
179 spec = &ssl->spec[direction]; in kssl_compute_record_mac()
196 if (IS_TLS(ssl)) { in kssl_compute_record_mac()
203 if (IS_TLS(ssl) || (spec->hmac_mech.cm_type != CRYPTO_MECH_INVALID && in kssl_compute_record_mac()
246 !IS_TLS(ssl)); in kssl_compute_record_mac()
257 bcopy(&(ssl->mac_ctx[direction][0]), ctx, in kssl_compute_record_mac()
263 bcopy(&(ssl->mac_ctx[direction][1]), ctx, in kssl_compute_record_mac()
277 kssl_handle_handshake_message(ssl_t *ssl, mblk_t *mp, int *err, in kssl_handle_handshake_message() argument
283 ASSERT(ssl->msg.state == MSG_BODY); in kssl_handle_handshake_message()
284 ASSERT(ssl->msg.msglen_bytes == 3); in kssl_handle_handshake_message()
285 ASSERT(mp->b_wptr >= mp->b_rptr + ssl->msg.msglen); in kssl_handle_handshake_message()
287 ssl->sslcnt++; in kssl_handle_handshake_message()
288 msglen = ssl->msg.msglen; in kssl_handle_handshake_message()
290 if (ssl->msg.type == client_hello) { in kssl_handle_handshake_message()
291 MD5Init(&ssl->hs_md5); in kssl_handle_handshake_message()
292 SHA1Init(&ssl->hs_sha1); in kssl_handle_handshake_message()
295 if (ssl->msg.type == finished && ssl->resumed == B_FALSE) { in kssl_handle_handshake_message()
296 if (kssl_compute_handshake_hashes(ssl, &ssl->hs_hashes, in kssl_handle_handshake_message()
303 if (ssl->msg.type != finished || ssl->resumed == B_FALSE) { in kssl_handle_handshake_message()
304 msghdr[0] = (uchar_t)ssl->msg.type; in kssl_handle_handshake_message()
309 kssl_update_handshake_hashes(ssl, msghdr, 4); in kssl_handle_handshake_message()
310 kssl_update_handshake_hashes(ssl, mp->b_rptr, msglen); in kssl_handle_handshake_message()
313 ssl->msg.state = MSG_INIT; in kssl_handle_handshake_message()
314 ssl->msg.msglen = 0; in kssl_handle_handshake_message()
315 ssl->msg.msglen_bytes = 0; in kssl_handle_handshake_message()
317 switch (ssl->msg.type) { in kssl_handle_handshake_message()
319 if (ssl->hs_waitstate != wait_client_hello) { in kssl_handle_handshake_message()
320 kssl_send_alert(ssl, alert_fatal, in kssl_handle_handshake_message()
323 ssl->activeinput = B_FALSE; in kssl_handle_handshake_message()
326 *err = kssl_handle_client_hello(ssl, mp, msglen); in kssl_handle_handshake_message()
328 ssl->activeinput = B_FALSE; in kssl_handle_handshake_message()
333 if (ssl->hs_waitstate != wait_client_key) { in kssl_handle_handshake_message()
334 kssl_send_alert(ssl, alert_fatal, in kssl_handle_handshake_message()
337 ssl->activeinput = B_FALSE; in kssl_handle_handshake_message()
340 *err = kssl_handle_client_key_exchange(ssl, mp, in kssl_handle_handshake_message()
344 if (ssl->hs_waitstate != wait_finished) { in kssl_handle_handshake_message()
345 kssl_send_alert(ssl, alert_fatal, in kssl_handle_handshake_message()
348 ssl->activeinput = B_FALSE; in kssl_handle_handshake_message()
351 *err = kssl_handle_finished(ssl, mp, msglen); in kssl_handle_handshake_message()
354 kssl_send_alert(ssl, alert_fatal, unexpected_message); in kssl_handle_handshake_message()
355 ssl->activeinput = B_FALSE; in kssl_handle_handshake_message()
362 kssl_update_handshake_hashes(ssl_t *ssl, uchar_t *buf, uint_t len) in kssl_update_handshake_hashes() argument
364 MD5Update(&ssl->hs_md5, buf, len); in kssl_update_handshake_hashes()
365 SHA1Update(&ssl->hs_sha1, buf, len); in kssl_update_handshake_hashes()
370 ssl_t *ssl, in kssl_compute_handshake_hashes() argument
374 MD5_CTX md5 = ssl->hs_md5; /* clone md5 context */ in kssl_compute_handshake_hashes()
375 SHA1_CTX sha1 = ssl->hs_sha1; /* clone sha1 context */ in kssl_compute_handshake_hashes()
379 if (IS_TLS(ssl)) { in kssl_compute_handshake_hashes()
398 return (kssl_tls_PRF(ssl, in kssl_compute_handshake_hashes()
399 ssl->sid.master_secret, in kssl_compute_handshake_hashes()
412 MD5Update(md5ctx, ssl->sid.master_secret, in kssl_compute_handshake_hashes()
418 MD5Update(md5ctx, ssl->sid.master_secret, in kssl_compute_handshake_hashes()
425 SHA1Update(sha1ctx, ssl->sid.master_secret, in kssl_compute_handshake_hashes()
431 SHA1Update(sha1ctx, ssl->sid.master_secret, in kssl_compute_handshake_hashes()
458 kssl_handle_client_hello(ssl_t *ssl, mblk_t *mp, int msglen) in kssl_handle_client_hello() argument
471 ASSERT(ssl->msg.type == client_hello); in kssl_handle_client_hello()
472 ASSERT(ssl->hs_waitstate == wait_client_hello); in kssl_handle_client_hello()
473 ASSERT(ssl->resumed == B_FALSE); in kssl_handle_client_hello()
484 if (ssl->major_version != 3 || (ssl->major_version == 3 && in kssl_handle_client_hello()
485 ssl->minor_version != 0 && ssl->minor_version != 1)) { in kssl_handle_client_hello()
487 uchar_t, ssl->major_version, in kssl_handle_client_hello()
488 uchar_t, ssl->minor_version); in kssl_handle_client_hello()
495 bcopy(mp->b_rptr, ssl->client_random, SSL3_RANDOM_LENGTH); in kssl_handle_client_hello()
499 ASSERT(ssl->sid.cached == B_FALSE); in kssl_handle_client_hello()
510 kssl_lookup_sid(&ssl->sid, mp->b_rptr, &ssl->faddr, in kssl_handle_client_hello()
511 ssl->kssl_entry); in kssl_handle_client_hello()
541 if (ssl->sid.cached == B_TRUE) { in kssl_handle_client_hello()
542 suite = ssl->sid.cipher_suite; in kssl_handle_client_hello()
561 ssl->secure_renegotiation = B_TRUE; in kssl_handle_client_hello()
568 if (suite_found && ssl->secure_renegotiation) in kssl_handle_client_hello()
573 kssl_uncache_sid(&ssl->sid, ssl->kssl_entry); in kssl_handle_client_hello()
577 for (i = 0; i < ssl->kssl_entry->kssl_cipherSuites_nentries; i++) { in kssl_handle_client_hello()
578 suite = ssl->kssl_entry->kssl_cipherSuites[i]; in kssl_handle_client_hello()
596 ssl->secure_renegotiation = B_TRUE; in kssl_handle_client_hello()
606 (ssl->secure_renegotiation || (i > 0))) in kssl_handle_client_hello()
613 if (ssl->sslcnt == 1) { in kssl_handle_client_hello()
621 if (ssl->kssl_entry->ke_fallback_head == NULL) { in kssl_handle_client_hello()
677 ssl->pending_cipher_suite = selected_suite; in kssl_handle_client_hello()
678 ssl->pending_malg = cipher_suite_defs[i].malg; in kssl_handle_client_hello()
679 ssl->pending_calg = cipher_suite_defs[i].calg; in kssl_handle_client_hello()
680 ssl->pending_keyblksz = cipher_suite_defs[i].keyblksz; in kssl_handle_client_hello()
760 ssl->secure_renegotiation = B_TRUE; in kssl_handle_client_hello()
775 if (ssl->sid.cached == B_TRUE) { in kssl_handle_client_hello()
776 err = kssl_send_server_hello(ssl); in kssl_handle_client_hello()
780 if (IS_TLS(ssl)) in kssl_handle_client_hello()
781 err = kssl_generate_tls_keyblock(ssl); in kssl_handle_client_hello()
783 kssl_generate_keyblock(ssl); in kssl_handle_client_hello()
785 err = kssl_send_change_cipher_specs(ssl); in kssl_handle_client_hello()
790 err = kssl_send_finished(ssl, 1); in kssl_handle_client_hello()
794 err = kssl_compute_handshake_hashes(ssl, &ssl->hs_hashes, in kssl_handle_client_hello()
799 ssl->hs_waitstate = wait_change_cipher; in kssl_handle_client_hello()
800 ssl->resumed = B_TRUE; in kssl_handle_client_hello()
801 ssl->activeinput = B_FALSE; in kssl_handle_client_hello()
806 (void) random_get_pseudo_bytes(ssl->sid.session_id, in kssl_handle_client_hello()
808 ssl->sid.client_addr = ssl->faddr; in kssl_handle_client_hello()
809 ssl->sid.cipher_suite = selected_suite; in kssl_handle_client_hello()
811 err = kssl_send_server_hello(ssl); in kssl_handle_client_hello()
815 err = kssl_send_certificate_and_server_hello_done(ssl); in kssl_handle_client_hello()
820 ssl->hs_waitstate = wait_client_key; in kssl_handle_client_hello()
821 ssl->activeinput = B_FALSE; in kssl_handle_client_hello()
825 kssl_send_alert(ssl, alert_fatal, desc); in kssl_handle_client_hello()
970 kssl_send_server_hello(ssl_t *ssl) in kssl_send_server_hello() argument
977 mp = allocb(ssl->tcp_mss, BPRI_HI); in kssl_send_server_hello()
982 ssl->handshake_sendbuf = mp; in kssl_send_server_hello()
985 if (ssl->secure_renegotiation) in kssl_send_server_hello()
990 buf[1] = ssl->major_version; in kssl_send_server_hello()
991 buf[2] = ssl->minor_version; in kssl_send_server_hello()
1005 buf[4] = ssl->major_version; /* version byte 0 */ in kssl_send_server_hello()
1006 buf[5] = ssl->minor_version; /* version byte 1 */ in kssl_send_server_hello()
1010 kssl_get_hello_random(ssl->server_random); in kssl_send_server_hello()
1011 bcopy(ssl->server_random, buf, SSL3_RANDOM_LENGTH); in kssl_send_server_hello()
1015 bcopy(ssl->sid.session_id, buf + 1, SSL3_SESSIONID_BYTES); in kssl_send_server_hello()
1018 buf[0] = (ssl->pending_cipher_suite >> 8) & 0xff; in kssl_send_server_hello()
1019 buf[1] = ssl->pending_cipher_suite & 0xff; in kssl_send_server_hello()
1029 if (ssl->secure_renegotiation) { in kssl_send_server_hello()
1045 kssl_update_handshake_hashes(ssl, msgstart, reclen); in kssl_send_server_hello()
1140 kssl_tls_PRF(ssl_t *ssl, in kssl_tls_PRF() argument
1204 #define IS_BAD_PRE_MASTER_SECRET(pms, pmslen, ssl) \ argument
1206 pms[0] != ssl->major_version || pms[1] != ssl->minor_version)
1208 #define FAKE_PRE_MASTER_SECRET(pms, pmslen, ssl, buf) { \ argument
1212 pms[0] = ssl->major_version; \
1213 pms[1] = ssl->minor_version; \
1218 kssl_generate_tls_ms(ssl_t *ssl, uchar_t *pms, size_t pmslen) in kssl_generate_tls_ms() argument
1229 bcopy(ssl->client_random, seed, SSL3_RANDOM_LENGTH); in kssl_generate_tls_ms()
1230 bcopy(ssl->server_random, seed + SSL3_RANDOM_LENGTH, in kssl_generate_tls_ms()
1234 if (IS_BAD_PRE_MASTER_SECRET(pms, pmslen, ssl)) { in kssl_generate_tls_ms()
1236 FAKE_PRE_MASTER_SECRET(pms, pmslen, ssl, buf); in kssl_generate_tls_ms()
1239 return (kssl_tls_PRF(ssl, in kssl_generate_tls_ms()
1244 ssl->sid.master_secret, in kssl_generate_tls_ms()
1245 (size_t)sizeof (ssl->sid.master_secret))); in kssl_generate_tls_ms()
1250 kssl_generate_ssl_ms(ssl_t *ssl, uchar_t *pms, size_t pmslen) in kssl_generate_ssl_ms() argument
1256 ms = ssl->sid.master_secret; in kssl_generate_ssl_ms()
1259 if (IS_BAD_PRE_MASTER_SECRET(pms, pmslen, ssl)) { in kssl_generate_ssl_ms()
1261 FAKE_PRE_MASTER_SECRET(pms, pmslen, ssl, buf); in kssl_generate_ssl_ms()
1264 kssl_ssl3_key_material_derive_step(ssl, pms, pmslen, 1, ms, 0); in kssl_generate_ssl_ms()
1265 kssl_ssl3_key_material_derive_step(ssl, pms, pmslen, 2, ms + hlen, 0); in kssl_generate_ssl_ms()
1266 kssl_ssl3_key_material_derive_step(ssl, pms, pmslen, 3, ms + 2 * hlen, in kssl_generate_ssl_ms()
1271 kssl_generate_tls_keyblock(ssl_t *ssl) in kssl_generate_tls_keyblock() argument
1275 bcopy(ssl->server_random, seed, SSL3_RANDOM_LENGTH); in kssl_generate_tls_keyblock()
1276 bcopy(ssl->client_random, seed + SSL3_RANDOM_LENGTH, in kssl_generate_tls_keyblock()
1279 return (kssl_tls_PRF(ssl, ssl->sid.master_secret, in kssl_generate_tls_keyblock()
1284 ssl->pending_keyblock, in kssl_generate_tls_keyblock()
1285 (size_t)ssl->pending_keyblksz)); in kssl_generate_tls_keyblock()
1290 kssl_generate_keyblock(ssl_t *ssl) in kssl_generate_keyblock() argument
1295 uchar_t *keys = ssl->pending_keyblock; in kssl_generate_keyblock()
1296 int steps = howmany(ssl->pending_keyblksz, hlen); in kssl_generate_keyblock()
1299 ms = ssl->sid.master_secret; in kssl_generate_keyblock()
1304 kssl_ssl3_key_material_derive_step(ssl, ms, mslen, i, keys, 1); in kssl_generate_keyblock()
1314 ssl_t *ssl, in kssl_ssl3_key_material_derive_step() argument
1338 SHA1Update(sha1ctx, ssl->server_random, SSL3_RANDOM_LENGTH); in kssl_ssl3_key_material_derive_step()
1339 SHA1Update(sha1ctx, ssl->client_random, SSL3_RANDOM_LENGTH); in kssl_ssl3_key_material_derive_step()
1341 SHA1Update(sha1ctx, ssl->client_random, SSL3_RANDOM_LENGTH); in kssl_ssl3_key_material_derive_step()
1342 SHA1Update(sha1ctx, ssl->server_random, SSL3_RANDOM_LENGTH); in kssl_ssl3_key_material_derive_step()
1353 kssl_send_certificate_and_server_hello_done(ssl_t *ssl) in kssl_send_certificate_and_server_hello_done() argument
1365 cert = ssl->kssl_entry->ke_server_certificate; in kssl_send_certificate_and_server_hello_done()
1372 if (ssl->secure_renegotiation) in kssl_send_certificate_and_server_hello_done()
1375 mp = ssl->handshake_sendbuf; in kssl_send_certificate_and_server_hello_done()
1376 mss = ssl->tcp_mss; in kssl_send_certificate_and_server_hello_done()
1409 freemsg(ssl->handshake_sendbuf); in kssl_send_certificate_and_server_hello_done()
1410 ssl->handshake_sendbuf = NULL; in kssl_send_certificate_and_server_hello_done()
1416 mp->b_wptr[1] = ssl->major_version; in kssl_send_certificate_and_server_hello_done()
1417 mp->b_wptr[2] = ssl->minor_version; in kssl_send_certificate_and_server_hello_done()
1428 mp = ssl->handshake_sendbuf; in kssl_send_certificate_and_server_hello_done()
1433 kssl_update_handshake_hashes(ssl, cert_buf, cert_len); in kssl_send_certificate_and_server_hello_done()
1439 kssl_send_change_cipher_specs(ssl_t *ssl) in kssl_send_change_cipher_specs() argument
1444 mp = ssl->handshake_sendbuf; in kssl_send_change_cipher_specs()
1457 ssl->handshake_sendbuf = newmp; in kssl_send_change_cipher_specs()
1459 linkb(ssl->handshake_sendbuf, newmp); in kssl_send_change_cipher_specs()
1467 buf[1] = ssl->major_version; in kssl_send_change_cipher_specs()
1468 buf[2] = ssl->minor_version; in kssl_send_change_cipher_specs()
1478 ssl->seq_num[KSSL_WRITE] = 0; in kssl_send_change_cipher_specs()
1479 return (kssl_spec_init(ssl, KSSL_WRITE)); in kssl_send_change_cipher_specs()
1483 kssl_spec_init(ssl_t *ssl, int dir) in kssl_spec_init() argument
1486 KSSLCipherSpec *spec = &ssl->spec[dir]; in kssl_spec_init()
1489 spec->mac_hashsz = mac_defs[ssl->pending_malg].hashsz; in kssl_spec_init()
1490 spec->mac_padsz = mac_defs[ssl->pending_malg].padsz; in kssl_spec_init()
1492 spec->MAC_HashInit = mac_defs[ssl->pending_malg].HashInit; in kssl_spec_init()
1493 spec->MAC_HashUpdate = mac_defs[ssl->pending_malg].HashUpdate; in kssl_spec_init()
1494 spec->MAC_HashFinal = mac_defs[ssl->pending_malg].HashFinal; in kssl_spec_init()
1497 bcopy(ssl->pending_keyblock, ssl->mac_secret[dir], in kssl_spec_init()
1500 bcopy(&(ssl->pending_keyblock[spec->mac_hashsz]), in kssl_spec_init()
1501 ssl->mac_secret[dir], spec->mac_hashsz); in kssl_spec_init()
1505 if (!IS_TLS(ssl)) { in kssl_spec_init()
1506 ctx = &ssl->mac_ctx[dir][0]; in kssl_spec_init()
1508 spec->MAC_HashUpdate((void *)ctx, ssl->mac_secret[dir], in kssl_spec_init()
1513 ctx = &ssl->mac_ctx[dir][1]; in kssl_spec_init()
1515 spec->MAC_HashUpdate((void *)ctx, ssl->mac_secret[dir], in kssl_spec_init()
1521 spec->cipher_type = cipher_defs[ssl->pending_calg].type; in kssl_spec_init()
1522 spec->cipher_mech.cm_type = cipher_defs[ssl->pending_calg].mech_type; in kssl_spec_init()
1523 spec->cipher_bsize = cipher_defs[ssl->pending_calg].bsize; in kssl_spec_init()
1524 spec->cipher_keysz = cipher_defs[ssl->pending_calg].keysz; in kssl_spec_init()
1535 if (IS_TLS(ssl)) { in kssl_spec_init()
1536 if (ssl->pending_malg == mac_md5) { in kssl_spec_init()
1538 } else if (ssl->pending_malg == mac_sha) { in kssl_spec_init()
1543 spec->hmac_key.ck_data = ssl->mac_secret[dir]; in kssl_spec_init()
1551 if (ssl->pending_malg == mac_md5) { in kssl_spec_init()
1555 } else if (ssl->pending_malg == mac_sha) { in kssl_spec_init()
1562 spec->hmac_key.ck_data = ssl->mac_secret[dir]; in kssl_spec_init()
1575 if (cipher_defs[ssl->pending_calg].bsize > 0) { in kssl_spec_init()
1578 (caddr_t)&(ssl->pending_keyblock[2 * spec->mac_hashsz + in kssl_spec_init()
1585 cipher_defs[ssl->pending_calg].bsize; in kssl_spec_init()
1589 &(ssl->pending_keyblock[2 * spec->mac_hashsz]); in kssl_spec_init()
1598 if (cipher_defs[ssl->pending_calg].bsize > 0) { in kssl_spec_init()
1605 &(ssl->pending_keyblock[2 * spec->mac_hashsz + in kssl_spec_init()
1618 kssl_send_finished(ssl_t *ssl, int update_hsh) in kssl_send_finished() argument
1629 mp = ssl->handshake_sendbuf; in kssl_send_finished()
1632 if (ssl->secure_renegotiation) in kssl_send_finished()
1644 if (IS_TLS(ssl)) in kssl_send_finished()
1651 buf[1] = ssl->major_version; in kssl_send_finished()
1652 buf[2] = ssl->minor_version; in kssl_send_finished()
1667 if (IS_TLS(ssl)) { in kssl_send_finished()
1668 bcopy(ssl->hs_hashes.md5, ssl3hashes.md5, in kssl_send_finished()
1670 bcopy(ssl->hs_hashes.sha1, ssl3hashes.sha1, in kssl_send_finished()
1675 ret = kssl_compute_handshake_hashes(ssl, &ssl3hashes, sender_server); in kssl_send_finished()
1679 if (IS_TLS(ssl)) { in kssl_send_finished()
1687 kssl_update_handshake_hashes(ssl, buf - 4, finish_len + 4); in kssl_send_finished()
1692 ret = kssl_mac_encrypt_record(ssl, content_handshake, versionp, in kssl_send_finished()
1700 kssl_mac_encrypt_record(ssl_t *ssl, in kssl_mac_encrypt_record() argument
1713 ASSERT(ssl != NULL); in kssl_mac_encrypt_record()
1717 spec = &ssl->spec[KSSL_WRITE]; in kssl_mac_encrypt_record()
1725 ret = kssl_compute_record_mac(ssl, KSSL_WRITE, in kssl_mac_encrypt_record()
1726 ssl->seq_num[KSSL_WRITE], ct, versionp, in kssl_mac_encrypt_record()
1729 ssl->seq_num[KSSL_WRITE]++; in kssl_mac_encrypt_record()
1773 kssl_send_alert(ssl_t *ssl, SSL3AlertLevel level, SSL3AlertDescription desc) in kssl_send_alert() argument
1780 ASSERT(ssl != NULL); in kssl_send_alert()
1782 ssl->sendalert_level = level; in kssl_send_alert()
1783 ssl->sendalert_desc = desc; in kssl_send_alert()
1788 if (ssl->sid.cached == B_TRUE) { in kssl_send_alert()
1789 kssl_uncache_sid(&ssl->sid, ssl->kssl_entry); in kssl_send_alert()
1791 ssl->fatal_alert = B_TRUE; in kssl_send_alert()
1796 spec = &ssl->spec[KSSL_WRITE]; in kssl_send_alert()
1798 ASSERT(ssl->alert_sendbuf == NULL); in kssl_send_alert()
1799 if (ssl->major_version == 0x03) { in kssl_send_alert()
1805 ssl->alert_sendbuf = mp = allocb(len + spec->mac_hashsz + in kssl_send_alert()
1814 if (ssl->major_version == 0x03) { in kssl_send_alert()
1817 buf[1] = ssl->major_version; in kssl_send_alert()
1818 buf[2] = ssl->minor_version; in kssl_send_alert()
1847 kssl_handle_client_key_exchange(ssl_t *ssl, mblk_t *mp, int msglen, in kssl_handle_client_key_exchange() argument
1860 ep = ssl->kssl_entry; in kssl_handle_client_key_exchange()
1866 ASSERT(ssl->msg.type == client_key_exchange); in kssl_handle_client_key_exchange()
1867 ASSERT(ssl->hs_waitstate == wait_client_key); in kssl_handle_client_key_exchange()
1872 if (IS_TLS(ssl)) { in kssl_handle_client_key_exchange()
1908 ssl->cke_callback_func = cbfn; in kssl_handle_client_key_exchange()
1909 ssl->cke_callback_arg = arg; in kssl_handle_client_key_exchange()
1912 creq.cr_callback_arg = ssl; in kssl_handle_client_key_exchange()
1974 ssl->job.kjob = creq.cr_reqid; in kssl_handle_client_key_exchange()
1975 ssl->job.buf = buf; in kssl_handle_client_key_exchange()
1976 ssl->job.buflen = allocated; in kssl_handle_client_key_exchange()
1977 ssl->hs_waitstate = wait_client_key_done; in kssl_handle_client_key_exchange()
1989 if (IS_TLS(ssl)) { in kssl_handle_client_key_exchange()
1990 err = kssl_generate_tls_ms(ssl, pms, pmslen); in kssl_handle_client_key_exchange()
1992 err = kssl_generate_tls_keyblock(ssl); in kssl_handle_client_key_exchange()
1994 kssl_generate_ssl_ms(ssl, pms, pmslen); in kssl_handle_client_key_exchange()
1995 kssl_generate_keyblock(ssl); in kssl_handle_client_key_exchange()
1999 ssl->hs_waitstate = wait_change_cipher; in kssl_handle_client_key_exchange()
2001 ssl->activeinput = B_FALSE; in kssl_handle_client_key_exchange()
2009 kssl_handle_finished(ssl_t *ssl, mblk_t *mp, int msglen) in kssl_handle_finished() argument
2015 ASSERT(ssl->msg.type == finished); in kssl_handle_finished()
2016 ASSERT(ssl->hs_waitstate == wait_finished); in kssl_handle_finished()
2018 if (IS_TLS(ssl)) in kssl_handle_finished()
2024 kssl_send_alert(ssl, alert_fatal, illegal_parameter); in kssl_handle_finished()
2028 if (IS_TLS(ssl)) { in kssl_handle_finished()
2029 hashcompare = bcmp(mp->b_rptr, ssl->hs_hashes.tlshash, in kssl_handle_finished()
2032 hashcompare = bcmp(mp->b_rptr, &ssl->hs_hashes, finish_len); in kssl_handle_finished()
2037 kssl_send_alert(ssl, alert_fatal, handshake_failure); in kssl_handle_finished()
2043 ssl->hs_waitstate = idle_handshake; in kssl_handle_finished()
2045 if (ssl->resumed == B_TRUE) { in kssl_handle_finished()
2046 ssl->activeinput = B_FALSE; in kssl_handle_finished()
2050 err = kssl_send_change_cipher_specs(ssl); in kssl_handle_finished()
2054 err = kssl_send_finished(ssl, 0); in kssl_handle_finished()
2059 kssl_cache_sid(&ssl->sid, ssl->kssl_entry); in kssl_handle_finished()
2060 ssl->activeinput = B_FALSE; in kssl_handle_finished()
2074 kssl_handle_v2client_hello(ssl_t *ssl, mblk_t *mp, int recsz) in kssl_handle_v2client_hello() argument
2090 ASSERT(ssl->hs_waitstate == wait_client_hello); in kssl_handle_v2client_hello()
2091 ASSERT(ssl->resumed == B_FALSE); in kssl_handle_v2client_hello()
2099 MD5Init(&ssl->hs_md5); in kssl_handle_v2client_hello()
2100 SHA1Init(&ssl->hs_sha1); in kssl_handle_v2client_hello()
2102 kssl_update_handshake_hashes(ssl, mp->b_rptr, recsz); in kssl_handle_v2client_hello()
2135 bzero(ssl->client_random, SSL3_RANDOM_LENGTH); in kssl_handle_v2client_hello()
2137 bcopy(rand, &ssl->client_random[SSL3_RANDOM_LENGTH - randlen], in kssl_handle_v2client_hello()
2140 for (i = 0; i < ssl->kssl_entry->kssl_cipherSuites_nentries; i++) { in kssl_handle_v2client_hello()
2141 suite = ssl->kssl_entry->kssl_cipherSuites[i]; in kssl_handle_v2client_hello()
2164 ssl->secure_renegotiation = B_TRUE; in kssl_handle_v2client_hello()
2173 (ssl->secure_renegotiation || (i > 0))) in kssl_handle_v2client_hello()
2181 ssl->activeinput = B_FALSE; in kssl_handle_v2client_hello()
2186 if (ssl->kssl_entry->ke_fallback_head == NULL) { in kssl_handle_v2client_hello()
2205 ssl->pending_cipher_suite = selected_suite; in kssl_handle_v2client_hello()
2206 ssl->pending_malg = cipher_suite_defs[i].malg; in kssl_handle_v2client_hello()
2207 ssl->pending_calg = cipher_suite_defs[i].calg; in kssl_handle_v2client_hello()
2208 ssl->pending_keyblksz = cipher_suite_defs[i].keyblksz; in kssl_handle_v2client_hello()
2210 ASSERT(ssl->sid.cached == B_FALSE); in kssl_handle_v2client_hello()
2212 (void) random_get_pseudo_bytes(ssl->sid.session_id, in kssl_handle_v2client_hello()
2214 ssl->sid.client_addr = ssl->faddr; in kssl_handle_v2client_hello()
2215 ssl->sid.cipher_suite = selected_suite; in kssl_handle_v2client_hello()
2217 err = kssl_send_server_hello(ssl); in kssl_handle_v2client_hello()
2221 err = kssl_send_certificate_and_server_hello_done(ssl); in kssl_handle_v2client_hello()
2226 ssl->hs_waitstate = wait_client_key; in kssl_handle_v2client_hello()
2227 ssl->activeinput = B_FALSE; in kssl_handle_v2client_hello()
2231 kssl_send_alert(ssl, alert_fatal, desc); in kssl_handle_v2client_hello()
2232 ssl->activeinput = B_FALSE; in kssl_handle_v2client_hello()
2249 ssl_t *ssl = (ssl_t *)arg; in kssl_cke_done() local
2254 mutex_enter(&ssl->kssl_lock); in kssl_cke_done()
2256 ASSERT(ssl->msg.type == client_key_exchange); in kssl_cke_done()
2257 ASSERT(ssl->hs_waitstate == wait_client_key_done); in kssl_cke_done()
2260 kssl_send_alert(ssl, alert_fatal, decrypt_error); in kssl_cke_done()
2265 pms_data = (crypto_data_t *)(ssl->job.buf); in kssl_cke_done()
2273 if (IS_TLS(ssl)) { in kssl_cke_done()
2274 ret = kssl_generate_tls_ms(ssl, pms, pmslen); in kssl_cke_done()
2276 ret = kssl_generate_tls_keyblock(ssl); in kssl_cke_done()
2278 kssl_generate_ssl_ms(ssl, pms, pmslen); in kssl_cke_done()
2279 kssl_generate_keyblock(ssl); in kssl_cke_done()
2283 ssl->hs_waitstate = wait_change_cipher; in kssl_cke_done()
2286 kmem_free(ssl->job.buf, ssl->job.buflen); in kssl_cke_done()
2288 ssl->job.kjob = 0; in kssl_cke_done()
2289 ssl->job.buf = NULL; in kssl_cke_done()
2290 ssl->job.buflen = 0; in kssl_cke_done()
2292 ssl->activeinput = B_FALSE; in kssl_cke_done()
2294 cbfn = ssl->cke_callback_func; in kssl_cke_done()
2295 cbarg = ssl->cke_callback_arg; in kssl_cke_done()
2296 alertmp = ssl->alert_sendbuf; in kssl_cke_done()
2297 ssl->alert_sendbuf = NULL; in kssl_cke_done()
2300 ssl->async_ops_pending++; in kssl_cke_done()
2301 mutex_exit(&ssl->kssl_lock); in kssl_cke_done()
2321 kssl_get_next_record(ssl_t *ssl) in kssl_get_next_record() argument
2329 ASSERT(MUTEX_HELD(&ssl->kssl_lock)); in kssl_get_next_record()
2331 mp = ssl->rec_ass_head; in kssl_get_next_record()
2345 kssl_send_alert(ssl, alert_fatal, internal_error); in kssl_get_next_record()
2347 ssl->rec_ass_head = ssl->rec_ass_tail = NULL; in kssl_get_next_record()
2382 kssl_send_alert(ssl, alert_fatal, internal_error); in kssl_get_next_record()
2384 ssl->rec_ass_head = ssl->rec_ass_tail = NULL; in kssl_get_next_record()
2395 kssl_send_alert(ssl, alert_fatal, internal_error); in kssl_get_next_record()
2397 ssl->rec_ass_head = ssl->rec_ass_tail = NULL; in kssl_get_next_record()
2403 ssl->rec_ass_head = mp; in kssl_get_next_record()
2408 ssl->rec_ass_head = mp->b_cont; in kssl_get_next_record()
2413 if ((mp = ssl->rec_ass_tail = ssl->rec_ass_head) != NULL) { in kssl_get_next_record()
2415 ssl->rec_ass_tail = mp->b_cont; in kssl_get_next_record()
2424 kssl_mblksfree(ssl_t *ssl) in kssl_mblksfree() argument
2427 ASSERT(ssl != NULL); in kssl_mblksfree()
2429 if (ssl->rec_ass_head != NULL) { in kssl_mblksfree()
2430 freemsg(ssl->rec_ass_head); in kssl_mblksfree()
2432 ssl->rec_ass_head = NULL; in kssl_mblksfree()
2433 ssl->rec_ass_tail = NULL; in kssl_mblksfree()
2435 if (ssl->msg.head != NULL) { in kssl_mblksfree()
2436 freemsg(ssl->msg.head); in kssl_mblksfree()
2438 ssl->msg.head = NULL; in kssl_mblksfree()
2439 ssl->msg.tail = NULL; in kssl_mblksfree()
2441 if (ssl->handshake_sendbuf != NULL) { in kssl_mblksfree()
2442 freemsg(ssl->handshake_sendbuf); in kssl_mblksfree()
2443 ssl->handshake_sendbuf = NULL; in kssl_mblksfree()
2445 if (ssl->alert_sendbuf != NULL) { in kssl_mblksfree()
2446 freemsg(ssl->alert_sendbuf); in kssl_mblksfree()
2447 ssl->alert_sendbuf = NULL; in kssl_mblksfree()
2452 kssl_specsfree(ssl_t *ssl) in kssl_specsfree() argument
2454 KSSLCipherSpec *spec = &ssl->spec[KSSL_READ]; in kssl_specsfree()
2461 spec = &ssl->spec[KSSL_WRITE]; in kssl_specsfree()
2475 kssl_free_context(ssl_t *ssl) in kssl_free_context() argument
2479 ASSERT(ssl != NULL); in kssl_free_context()
2480 if (!(MUTEX_HELD(&ssl->kssl_lock))) { in kssl_free_context()
2482 mutex_enter(&ssl->kssl_lock); in kssl_free_context()
2491 if (ssl->job.kjob != NULL) { in kssl_free_context()
2497 reqid = ssl->job.kjob; in kssl_free_context()
2498 mutex_exit(&ssl->kssl_lock); in kssl_free_context()
2500 mutex_enter(&ssl->kssl_lock); in kssl_free_context()
2503 if (ssl->job.kjob != NULL) { in kssl_free_context()
2504 kmem_free(ssl->job.buf, ssl->job.buflen); in kssl_free_context()
2505 ssl->job.kjob = 0; in kssl_free_context()
2506 ssl->job.buf = NULL; in kssl_free_context()
2507 ssl->job.buflen = 0; in kssl_free_context()
2510 while (ssl->async_ops_pending > 0) in kssl_free_context()
2511 cv_wait(&ssl->async_cv, &ssl->kssl_lock); in kssl_free_context()
2512 } while (ssl->job.kjob != NULL); in kssl_free_context()
2514 kssl_mblksfree(ssl); in kssl_free_context()
2515 kssl_specsfree(ssl); in kssl_free_context()
2517 KSSL_ENTRY_REFRELE(ssl->kssl_entry); in kssl_free_context()
2518 ssl->kssl_entry = NULL; in kssl_free_context()
2520 mutex_exit(&ssl->kssl_lock); in kssl_free_context()
2522 kmem_cache_free(kssl_cache, ssl); in kssl_free_context()