377 // ssl_supports_version returns whether |hs| supports |version|.
378 bool ssl_supports_version(SSL_HANDSHAKE *hs, uint16_t version);
380 // ssl_add_supported_versions writes the supported versions of |hs| to |cbb|, in
382 bool ssl_add_supported_versions(SSL_HANDSHAKE *hs, CBB *cbb);
384 // ssl_negotiate_version negotiates a common version based on |hs|'s preferences
388 bool ssl_negotiate_version(SSL_HANDSHAKE *hs, uint8_t *out_alert,
868     SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len, size_t max_out,
871 enum ssl_private_key_result_t ssl_private_key_decrypt(SSL_HANDSHAKE *hs,
877 // ssl_private_key_supports_signature_algorithm returns whether |hs|'s private
879 bool ssl_private_key_supports_signature_algorithm(SSL_HANDSHAKE *hs,
911 int custom_ext_add_clienthello(SSL_HANDSHAKE *hs, CBB *extensions);
912 int custom_ext_parse_serverhello(SSL_HANDSHAKE *hs, int *out_alert,
914 int custom_ext_parse_clienthello(SSL_HANDSHAKE *hs, int *out_alert,
916 int custom_ext_add_serverhello(SSL_HANDSHAKE *hs, CBB *extensions);
1164 // a server's leaf certificate for |hs|. Otherwise, it returns zero and pushes
1166 int ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
1170 // It finalizes the certificate and initializes |hs->local_pubkey|. It returns
1172 int ssl_on_certificate_selected(SSL_HANDSHAKE *hs);
1180 int tls13_init_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
1186 int tls13_init_early_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
1191 int tls13_advance_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *in,
1202 int tls13_derive_early_secrets(SSL_HANDSHAKE *hs);
1206 int tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs);
1215 int tls13_derive_application_secrets(SSL_HANDSHAKE *hs);
1218 int tls13_derive_resumption_secret(SSL_HANDSHAKE *hs);
1231 int tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out,
1242 int tls13_write_psk_binder(SSL_HANDSHAKE *hs, uint8_t *msg, size_t len);
1247 int tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session,
1528 int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return);
1532 enum ssl_hs_wait_t ssl_client_handshake(SSL_HANDSHAKE *hs);
1533 enum ssl_hs_wait_t ssl_server_handshake(SSL_HANDSHAKE *hs);
1534 enum ssl_hs_wait_t tls13_client_handshake(SSL_HANDSHAKE *hs);
1535 enum ssl_hs_wait_t tls13_server_handshake(SSL_HANDSHAKE *hs);
1539 const char *ssl_client_handshake_state(SSL_HANDSHAKE *hs);
1540 const char *ssl_server_handshake_state(SSL_HANDSHAKE *hs);
1541 const char *tls13_client_handshake_state(SSL_HANDSHAKE *hs);
1542 const char *tls13_server_handshake_state(SSL_HANDSHAKE *hs);
1548 int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
1550 int tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg);
1554 // |hs->expected_client_finished| rather than computed fresh.
1555 int tls13_process_finished(SSL_HANDSHAKE *hs, const SSLMessage &msg,
1558 int tls13_add_certificate(SSL_HANDSHAKE *hs);
1563 enum ssl_private_key_result_t tls13_add_certificate_verify(SSL_HANDSHAKE *hs);
1565 int tls13_add_finished(SSL_HANDSHAKE *hs);
1568 bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
1571 bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
1574 bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
1576 bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
1580     SSL_HANDSHAKE *hs, CBS *out_ticket, CBS *out_binders,
1582 bool ssl_ext_pre_shared_key_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
1588 int ssl_write_client_hello(SSL_HANDSHAKE *hs);
1601     SSL_HANDSHAKE *hs, Array<uint8_t> *out,
1611 bool ssl_negotiate_alpn(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1629 // ssl_verify_peer_cert verifies the peer certificate for |hs|.
1630 enum ssl_verify_result_t ssl_verify_peer_cert(SSL_HANDSHAKE *hs);
1632 enum ssl_hs_wait_t ssl_get_finished(SSL_HANDSHAKE *hs);
1633 bool ssl_send_finished(SSL_HANDSHAKE *hs);
1659 // ssl_get_grease_value returns a GREASE value for |hs|. For a given
1663 uint16_t ssl_get_grease_value(SSL_HANDSHAKE *hs, enum ssl_grease_index_t index);
1669 // algorithms and saves them on |hs|. It returns true on success and false on
1671 bool tls1_parse_peer_sigalgs(SSL_HANDSHAKE *hs, const CBS *sigalgs);
1679 // with |hs|'s private key based on the peer's preferences and the algorithms
1681 bool tls1_choose_signature_algorithm(SSL_HANDSHAKE *hs, uint16_t *out);
2325   // hs is the handshake state for the current handshake or NULL if there isn't
2327   UniquePtr<SSL_HANDSHAKE> hs;
2529   enum ssl_hs_wait_t (*do_handshake)(SSL_HANDSHAKE *hs);
2700 int ssl_get_new_session(SSL_HANDSHAKE *hs, int is_server);
2727 // ssl_session_is_resumable returns one if |session| is resumable for |hs| and
2729 int ssl_session_is_resumable(const SSL_HANDSHAKE *hs,
2785 void ssl_update_cache(SSL_HANDSHAKE *hs, int mode);
2826 bool ssl_hash_message(SSL_HANDSHAKE *hs, const SSLMessage &msg);
2872 int tls1_change_cipher_state(SSL_HANDSHAKE *hs, evp_aead_direction_t direction);
2873 int tls1_generate_master_secret(SSL_HANDSHAKE *hs, uint8_t *out,
2886 int tls1_get_shared_group(SSL_HANDSHAKE *hs, uint16_t *out_group_id);
2906 int ssl_add_clienthello_tlsext(SSL_HANDSHAKE *hs, CBB *out, size_t header_len);
2908 int ssl_add_serverhello_tlsext(SSL_HANDSHAKE *hs, CBB *out);
2909 int ssl_parse_clienthello_tlsext(SSL_HANDSHAKE *hs,
2911 int ssl_parse_serverhello_tlsext(SSL_HANDSHAKE *hs, CBS *cbs);
2932 int tls1_verify_channel_id(SSL_HANDSHAKE *hs, const SSLMessage &msg);
2937 bool tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb);
2942 int tls1_channel_id_hash(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len);
2944 int tls1_record_handshake_hashes_for_channel_id(SSL_HANDSHAKE *hs);
3025   // hs_flush_cached_ca_names drops any cached |X509_NAME|s from |hs|.
3026   void (*hs_flush_cached_ca_names)(bssl::SSL_HANDSHAKE *hs);

Indexes created Sun Aug 12 02:23:12 CEST 2018