| line |
true |
false |
branch |
|
132
|
4125 |
0 |
if (ssl->flags & SSL_FLAGS_ERROR || ssl->hsState != SSL_HS_DONE || |
|
|
4125 |
0 |
if (ssl->flags & SSL_FLAGS_ERROR || ssl->hsState != SSL_HS_DONE || |
|
|
1 |
4124 |
if (ssl->flags & SSL_FLAGS_ERROR || ssl->hsState != SSL_HS_DONE || |
|
145
|
0 |
4124 |
if (ssl->bFlags & BFLAG_STOP_BEAST) |
|
148
|
0 |
0 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_APPLICATION_DATA, 0, |
|
151
|
0 |
0 |
if (rc == SSL_FULL) |
|
157
|
0 |
0 |
psAssert(encryptStart == buf + ssl->recordHeadLen); |
|
163
|
0 |
0 |
if ((rc = encryptRecord(ssl, SSL_RECORD_TYPE_APPLICATION_DATA, 0, |
|
180
|
0 |
4124 |
if (messageSize > SSL_MAX_BUF_SIZE) |
|
186
|
0 |
4124 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_APPLICATION_DATA, 0, |
|
189
|
0 |
0 |
if (rc == SSL_FULL) |
|
198
|
0 |
4124 |
if (ssl->bFlags & BFLAG_STOP_BEAST) |
|
214
|
0 |
4124 |
if ((rc = encryptRecord(ssl, SSL_RECORD_TYPE_APPLICATION_DATA, 0, |
|
223
|
0 |
4124 |
if (ssl->rehandshakeBytes >= BYTES_BEFORE_RH_CREDIT) |
|
225
|
0 |
0 |
if (ssl->rehandshakeCount < 0x8000) |
|
228
|
0 |
0 |
if (ssl->rehandshakeCount >= 0) |
|
247
|
4125 |
0 |
if (ssl->flags & SSL_FLAGS_WRITE_SECURE) |
|
257
|
4125 |
0 |
if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
|
4125 |
0 |
if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
258
|
1 |
4124 |
(ssl->flags & SSL_FLAGS_TLS_1_1) && (ssl->enBlockSize > 1)) |
|
262
|
4124 |
1 |
if (ssl->flags & SSL_FLAGS_AEAD_W) |
|
264
|
0 |
4124 |
len += AEAD_TAG_LEN(ssl) + AEAD_NONCE_LEN(ssl); |
|
|
4124 |
0 |
len += AEAD_TAG_LEN(ssl) + AEAD_NONCE_LEN(ssl); |
|
269
|
0 |
4125 |
if (ssl->bFlags & BFLAG_STOP_BEAST) |
|
272
|
0 |
0 |
len += psPadLenPwr2(len - 1 - ssl->recordHeadLen, ssl->enBlockSize); |
|
275
|
0 |
0 |
len += psPadLenPwr2(1 + ssl->enMacSize, ssl->enBlockSize); |
|
279
|
1 |
4124 |
len += psPadLenPwr2(len - ssl->recordHeadLen, ssl->enBlockSize); |
|
299
|
0 |
0 |
while (ssl->fragTotal > 0) |
|
301
|
0 |
0 |
if (ssl->fragIndex == 0) |
|
313
|
0 |
0 |
if (ssl->fragTotal > (uint32) ssl->maxPtFrag) |
|
345
|
0 |
0 |
if (real > pka->user) |
|
366
|
0 |
0 |
if (sigSizeChange > 12) |
|
376
|
0 |
0 |
while (flightMsg != NULL && flightMsg->hsMsg != hsMsg) |
|
|
0 |
0 |
while (flightMsg != NULL && flightMsg->hsMsg != hsMsg) |
|
380
|
0 |
0 |
if (flightMsg == NULL) |
|
385
|
0 |
0 |
if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && (ssl->enBlockSize > 1)) |
|
|
0 |
0 |
if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && (ssl->enBlockSize > 1)) |
|
390
|
0 |
0 |
if (addOrSub) |
|
398
|
0 |
0 |
newPadLen = psPadLenPwr2(msgLen, ssl->enBlockSize); |
|
402
|
0 |
0 |
if (flightMsg->messageSize >= msgLen) |
|
417
|
0 |
0 |
psAssert(howMuchToMove > 0); |
|
420
|
0 |
0 |
if (addOrSub) |
|
425
|
0 |
0 |
if (((out->start + out->size) - out->end) < howFarToMove) |
|
435
|
0 |
0 |
if (addOrSub) |
|
457
|
0 |
0 |
if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
|
0 |
0 |
if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
460
|
0 |
0 |
msgLenLoc -= AEAD_NONCE_LEN(ssl); |
|
471
|
0 |
0 |
if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
|
0 |
0 |
if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
472
|
0 |
0 |
(ssl->flags & SSL_FLAGS_TLS_1_1) && (ssl->enBlockSize > 1)) |
|
510
|
0 |
0 |
while (flightMsg != NULL) |
|
512
|
0 |
0 |
if (addOrSub) |
|
515
|
0 |
0 |
if (flightMsg->seqDelay) |
|
523
|
0 |
0 |
if (flightMsg->seqDelay) |
|
528
|
0 |
0 |
if (flightMsg->hsMsg == SSL_HS_FINISHED) |
|
531
|
0 |
0 |
if (addOrSub) |
|
577
|
0 |
1146 |
if (pka->type == PKA_AFTER_RSA_SIG_GEN_ELEMENT || |
|
|
0 |
0 |
if (pka->type == PKA_AFTER_RSA_SIG_GEN_ELEMENT || |
|
582
|
1146 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
584
|
0 |
1146 |
if ((rc = privRsaEncryptSignedElement(pkiPool, |
|
589
|
0 |
0 |
if (rc != PS_PENDING) |
|
606
|
0 |
0 |
if ((rc = psRsaEncryptPriv(pkiPool, &ssl->keys->privKey.key.rsa, pka->inbuf, |
|
610
|
0 |
0 |
if (rc != PS_PENDING) |
|
665
|
0 |
1146 |
if (pka->type == PKA_AFTER_ECDSA_SIG_GEN) |
|
676
|
0 |
0 |
if ((tmpEcdsa = psMalloc(ssl->hsPool, pka->user + 1)) == NULL) |
|
686
|
0 |
0 |
if ((err = psEccDsaSign(pkiPool, &ssl->keys->privKey.key.ecc, |
|
691
|
0 |
0 |
if (err != PS_PENDING) |
|
702
|
0 |
0 |
if (len != pka->user) |
|
705
|
0 |
0 |
if (accountForEcdsaSizeChange(ssl, pka, len, tmpEcdsa, out, |
|
793
|
1057 |
1 |
if (ssl->flags & SSL_FLAGS_DHE_KEY_EXCH) |
|
797
|
1057 |
0 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
800
|
0 |
1057 |
psAssert(pka->outbuf == ssl->sec.premaster); |
|
801
|
1057 |
0 |
if (pka->type == PKA_AFTER_ECDH_SECRET_GEN) |
|
803
|
0 |
1057 |
if ((rc = psEccGenSharedSecret(ssl->sec.eccDhKeyPool, |
|
808
|
0 |
0 |
if (rc != PS_PENDING) |
|
828
|
0 |
0 |
psAssert(pka->outbuf == ssl->sec.premaster); |
|
829
|
0 |
0 |
psAssert(pka->type == PKA_AFTER_DH_KEY_GEN); |
|
831
|
0 |
0 |
if ((rc = psDhGenSharedSecret(ssl->sec.dhKeyPool, |
|
837
|
0 |
0 |
if (rc != PS_PENDING) |
|
846
|
0 |
0 |
if (!(ssl->flags & SSL_FLAGS_PSK_CIPHER)) |
|
848
|
0 |
0 |
if (cleared == 0) |
|
870
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
886
|
0 |
0 |
if (pskKey == NULL) |
|
906
|
0 |
0 |
if (cleared == 0) |
|
931
|
1 |
0 |
if (ssl->cipher->type == CS_ECDH_ECDSA || |
|
|
0 |
1 |
if (ssl->cipher->type == CS_ECDH_ECDSA || |
|
939
|
0 |
0 |
if (pka->type == PKA_AFTER_ECDH_KEY_GEN) |
|
941
|
0 |
0 |
if (psEccNewKey(pka->pool, &ssl->sec.eccKeyPriv, |
|
946
|
0 |
0 |
if ((rc = matrixSslGenEphemeralEcKey(ssl->keys, |
|
952
|
0 |
0 |
if (rc == PS_PENDING) |
|
963
|
0 |
0 |
if (psEccX963ExportKey(ssl->hsPool, ssl->sec.eccKeyPriv, |
|
970
|
0 |
0 |
psAssert(pka->user == (int32) * (pka->outbuf - 1)); |
|
997
|
0 |
0 |
if (pka->type == PKA_AFTER_ECDH_SECRET_GEN) |
|
1000
|
0 |
0 |
if ((rc = psEccGenSharedSecret(pka->pool, |
|
1005
|
0 |
0 |
if (rc == PS_PENDING) |
|
1026
|
0 |
1 |
psAssert(pka->type == PKA_AFTER_RSA_ENCRYPT); |
|
1049
|
0 |
1 |
if ((rc = psRsaEncryptPub(pka->pool, |
|
1054
|
0 |
0 |
if (rc == PS_PENDING) |
|
1124
|
0 |
1058 |
if (ssl->extFlags.extended_master_secret == 0) |
|
1126
|
0 |
0 |
if ((rc = sslCreateKeys(ssl)) < 0) |
|
1143
|
1058 |
0 |
if (!(ssl->bFlags & BFLAG_KEEP_PEER_CERTS)) |
|
1145
|
1058 |
0 |
if (ssl->sec.cert) |
|
1207
|
90 |
3270 |
if (ssl->err != SSL_ALERT_NONE) |
|
1211
|
0 |
90 |
if (rc == MATRIXSSL_ERROR) |
|
1226
|
0 |
90 |
if (ssl->flags & SSL_FLAGS_SERVER) |
|
1288
|
0 |
1151 |
if (ssl->flags & SSL_FLAGS_CLIENT_AUTH) |
|
1293
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
1314
|
0 |
0 |
if (CAcert) |
|
1320
|
0 |
0 |
while (CAcert) |
|
1357
|
1150 |
1 |
if (ssl->flags & SSL_FLAGS_DHE_KEY_EXCH) |
|
1360
|
0 |
1150 |
if (!(ssl->flags & SSL_FLAGS_ECC_CIPHER)) |
|
1371
|
0 |
0 |
if (ssl->sec.dhPLen == 0 && ssl->sec.dhP == NULL) |
|
|
0 |
0 |
if (ssl->sec.dhPLen == 0 && ssl->sec.dhP == NULL) |
|
1373
|
0 |
0 |
if (psDhExportParameters(ssl->hsPool, &ssl->keys->dhParams, |
|
1385
|
0 |
1150 |
if (ssl->flags & SSL_FLAGS_ANON_CIPHER) |
|
1398
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
1429
|
1150 |
0 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
1431
|
1150 |
0 |
if (ssl->flags & SSL_FLAGS_DHE_WITH_RSA) |
|
1441
|
0 |
0 |
else if (ssl->flags & SSL_FLAGS_DHE_WITH_DSA) |
|
1447
|
0 |
0 |
if (ssl->keys->privKey.keysize >= 128) |
|
1457
|
1150 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
1478
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
1491
|
1150 |
1150 |
for (i = 0; cert != NULL; i++) |
|
1497
|
0 |
1150 |
if ((stotalCertLen + 3 + (i * 3) + ssl->hshakeHeadLen) > |
|
1512
|
0 |
1150 |
if (ssl->flags & SSL_FLAGS_CLIENT_AUTH) |
|
1516
|
0 |
0 |
if (certReqLen + CAcertLen > ssl->maxPtFrag) |
|
1541
|
0 |
1 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
1569
|
1 |
1 |
for (i = 0; cert != NULL; i++) |
|
1571
|
0 |
1 |
psAssert(cert->unparsedBin != NULL); |
|
1576
|
0 |
1 |
if ((stotalCertLen + 3 + (i * 3) + ssl->hshakeHeadLen) > |
|
1594
|
0 |
1 |
if (ssl->flags & SSL_FLAGS_CLIENT_AUTH) |
|
1598
|
0 |
0 |
if (certReqLen + CAcertLen > ssl->maxPtFrag) |
|
1650
|
0 |
1151 |
if (ssl->maxPtFrag < SSL_MAX_PLAINTEXT_LEN) |
|
1656
|
0 |
1151 |
if (ssl->extFlags.truncated_hmac) |
|
1662
|
1151 |
0 |
if (ssl->extFlags.extended_master_secret) |
|
1671
|
0 |
1151 |
if (ssl->extFlags.status_request) |
|
1686
|
0 |
1151 |
if (ssl->extFlags.signed_certificate_timestamp) { |
|
1693
|
0 |
1151 |
if (ssl->sid && |
|
|
0 |
0 |
if (ssl->sid && |
|
1700
|
0 |
1151 |
if (ssl->extFlags.sni) |
|
1707
|
0 |
1151 |
if (ssl->alpnLen) |
|
1718
|
1151 |
0 |
if (ssl->secureRenegotiationFlag == PS_TRUE && |
|
|
1142 |
9 |
if (ssl->secureRenegotiationFlag == PS_TRUE && |
|
1724
|
9 |
0 |
else if (ssl->secureRenegotiationFlag == PS_TRUE && |
|
|
9 |
0 |
else if (ssl->secureRenegotiationFlag == PS_TRUE && |
|
1737
|
1150 |
1 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
1749
|
4 |
1147 |
if ((out->buf + out->size) - out->end < messageSize) |
|
1760
|
1146 |
1 |
if (ssl->flags & SSL_FLAGS_DHE_KEY_EXCH) |
|
1763
|
0 |
1146 |
if (ssl->flags & SSL_FLAGS_DHE_WITH_RSA || |
|
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_DHE_WITH_RSA || |
|
1766
|
1146 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
1771
|
1146 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
1778
|
1146 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
1781
|
1146 |
0 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
1801
|
0 |
1 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
1803
|
0 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
1812
|
1 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
1817
|
1 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
1832
|
0 |
1147 |
if (ssl->flags & SSL_FLAGS_CLIENT_AUTH) |
|
1834
|
0 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
1842
|
1147 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
1846
|
0 |
1147 |
if (rc == SSL_FULL) |
|
1895
|
1057 |
2 |
if (ssl->flags & SSL_FLAGS_SERVER) |
|
1897
|
0 |
1057 |
if (ssl->sid && |
|
|
0 |
0 |
if (ssl->sid && |
|
1910
|
1059 |
0 |
if (ssl->flags & SSL_FLAGS_TLS) |
|
1920
|
1059 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_1) |
|
1922
|
7 |
1052 |
if (ssl->flags & SSL_FLAGS_AEAD_W) |
|
1926
|
0 |
7 |
messageSize += AEAD_TAG_LEN(ssl) + AEAD_NONCE_LEN(ssl) + 1; |
|
|
7 |
0 |
messageSize += AEAD_TAG_LEN(ssl) + AEAD_NONCE_LEN(ssl) + 1; |
|
1942
|
0 |
1059 |
if ((out->buf + out->size) - out->end < messageSize) |
|
1950
|
1057 |
2 |
if (ssl->flags & SSL_FLAGS_SERVER) |
|
1952
|
0 |
1057 |
if (ssl->sid && |
|
|
0 |
0 |
if (ssl->sid && |
|
1959
|
1059 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
1963
|
1059 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
1968
|
0 |
1059 |
if (rc == SSL_FULL) |
|
1985
|
2 |
1058 |
if (ssl->flags & SSL_FLAGS_SERVER) |
|
2005
|
2 |
0 |
if (ssl->secureRenegotiationFlag == PS_TRUE && |
|
|
0 |
2 |
if (ssl->secureRenegotiationFlag == PS_TRUE && |
|
2010
|
2 |
0 |
else if (ssl->secureRenegotiationFlag == PS_TRUE && |
|
|
2 |
0 |
else if (ssl->secureRenegotiationFlag == PS_TRUE && |
|
2019
|
2 |
0 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
2034
|
2 |
0 |
if (ssl->flags & SSL_FLAGS_TLS) |
|
2045
|
2 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_1) |
|
2047
|
2 |
0 |
if (ssl->cipher->flags & |
|
2052
|
0 |
2 |
messageSize += AEAD_TAG_LEN(ssl) + TLS_EXPLICIT_NONCE_LEN + 1; |
|
2054
|
0 |
0 |
else if (ssl->cipher->flags & CRYPTO_FLAGS_CHACHA) |
|
2056
|
0 |
0 |
messageSize += AEAD_TAG_LEN(ssl) + 1; |
|
2072
|
0 |
2 |
if ((out->buf + out->size) - out->end < messageSize) |
|
2078
|
2 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
2082
|
2 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
2093
|
1058 |
2 |
if (!(ssl->flags & SSL_FLAGS_SERVER)) |
|
2097
|
1057 |
1 |
if (ssl->flags & SSL_FLAGS_DHE_KEY_EXCH) |
|
2108
|
1057 |
0 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
2129
|
0 |
1057 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
2143
|
0 |
1 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
2152
|
1 |
0 |
if (ssl->cipher->type == CS_ECDH_ECDSA || |
|
|
0 |
1 |
if (ssl->cipher->type == CS_ECDH_ECDSA || |
|
2164
|
0 |
1 |
if (ssl->sec.cert == NULL) |
|
2184
|
0 |
1058 |
if (ssl->flags & SSL_FLAGS_CLIENT_AUTH) |
|
2194
|
0 |
0 |
if (ssl->sec.certMatch > 0) |
|
2201
|
0 |
0 |
for (i = 0; cert != NULL; i++) |
|
2207
|
0 |
0 |
if ((ctotalCertLen + 3 + (i * 3) + ssl->hshakeHeadLen) > |
|
2219
|
0 |
0 |
if (ssl->keys->cert->pubKeyAlgorithm == OID_ECDSA_KEY_ALG) |
|
2225
|
0 |
0 |
if (ssl->keys->privKey.keysize >= 128) |
|
2238
|
0 |
0 |
if (ssl->majVer == SSL3_MAJ_VER |
|
2239
|
0 |
0 |
&& ssl->minVer == SSL3_MIN_VER) |
|
2277
|
1058 |
0 |
if (ssl->flags & SSL_FLAGS_TLS) |
|
2283
|
0 |
1058 |
if (ssl->flags & SSL_FLAGS_CLIENT_AUTH) |
|
2292
|
0 |
0 |
if (ssl->sec.certMatch > 0) |
|
2295
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
2334
|
1058 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_1) |
|
2336
|
1057 |
1 |
if (ssl->cipher->flags & |
|
2341
|
0 |
1057 |
messageSize += AEAD_TAG_LEN(ssl) + TLS_EXPLICIT_NONCE_LEN + 1; |
|
2343
|
0 |
1 |
else if (ssl->cipher->flags & CRYPTO_FLAGS_CHACHA) |
|
2345
|
0 |
0 |
messageSize += AEAD_TAG_LEN(ssl) + 1; |
|
2363
|
0 |
1058 |
if ((out->buf + out->size) - out->end < messageSize) |
|
2371
|
0 |
1058 |
if (ssl->flags & SSL_FLAGS_CLIENT_AUTH) |
|
2378
|
0 |
0 |
if (ssl->sec.certMatch == 0 && ssl->majVer == SSL3_MAJ_VER |
|
|
0 |
0 |
if (ssl->sec.certMatch == 0 && ssl->majVer == SSL3_MAJ_VER |
|
2379
|
0 |
0 |
&& ssl->minVer == SSL3_MIN_VER) |
|
2391
|
1058 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
2397
|
0 |
1058 |
if (ssl->flags & SSL_FLAGS_CLIENT_AUTH) |
|
2399
|
0 |
0 |
if (rc == MATRIXSSL_SUCCESS && ssl->sec.certMatch > 0) |
|
|
0 |
0 |
if (rc == MATRIXSSL_SUCCESS && ssl->sec.certMatch > 0) |
|
2407
|
1058 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
2411
|
1058 |
0 |
if (rc == MATRIXSSL_SUCCESS) |
|
2417
|
0 |
1060 |
if (rc == SSL_FULL) |
|
2442
|
0 |
3266 |
if (rc < MATRIXSSL_SUCCESS && rc != SSL_FULL) |
|
|
0 |
0 |
if (rc < MATRIXSSL_SUCCESS && rc != SSL_FULL) |
|
2450
|
0 |
0 |
if (rc == PS_UNSUPPORTED_FAIL) |
|
2478
|
2206 |
1060 |
if (ssl->flags & SSL_FLAGS_SERVER) |
|
2480
|
1146 |
1060 |
if (ssl->pkaAfter[0].type > 0) |
|
2482
|
0 |
1146 |
if ((rc = nowDoSkePka(ssl, out)) < 0) |
|
2492
|
1060 |
2206 |
if (!(ssl->flags & SSL_FLAGS_SERVER)) |
|
2514
|
1058 |
2 |
if (ssl->pkaAfter[0].type > 0) |
|
2516
|
0 |
1058 |
if ((rc = nowDoCkePka(ssl)) < 0) |
|
2525
|
3266 |
0 |
if (ssl->flightEncode) |
|
2527
|
0 |
3266 |
if ((rc = encryptFlight(ssl, &out->end)) < 0) |
|
2541
|
0 |
25580 |
while (msg) |
|
2572
|
9885 |
3266 |
while (msg) |
|
2600
|
2119 |
7766 |
if (msg->hsMsg == SSL_HS_FINISHED) |
|
2604
|
0 |
2119 |
if ((rc = sslActivateWriteCipher(ssl)) < 0) |
|
2617
|
0 |
2119 |
if (rc <= 0) |
|
2642
|
2157 |
7728 |
if (ssl->flags & SSL_FLAGS_NONCE_W |
|
2685
|
0 |
9885 |
if (msg->hsMsg == SSL_HS_CERTIFICATE_VERIFY) |
|
2714
|
0 |
0 |
if (rc < 0) |
|
2719
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_AEAD_W) |
|
2722
|
0 |
0 |
= (msg->start - ssl->recordHeadLen) - AEAD_NONCE_LEN(ssl); |
|
2752
|
0 |
9885 |
if (rc == PS_PENDING) |
|
2757
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_AEAD_W) |
|
2759
|
0 |
0 |
*end -= AEAD_NONCE_LEN(ssl); |
|
2765
|
0 |
9885 |
if (rc < 0) |
|
2782
|
2204 |
0 |
if (ssl->pkaAfter[0].type == 0) |
|
2786
|
0 |
0 |
else if (ssl->pkaAfter[1].type == 0) |
|
2802
|
0 |
0 |
for (i = 0; i < 2; i++) |
|
2804
|
0 |
0 |
if (ssl->pkaAfter[i].type == PKA_AFTER_RSA_SIG_GEN_ELEMENT |
|
2805
|
0 |
0 |
|| ssl->pkaAfter[i].type == PKA_AFTER_ECDSA_SIG_GEN |
|
2806
|
0 |
0 |
|| ssl->pkaAfter[i].type == PKA_AFTER_RSA_SIG_GEN) |
|
2826
|
1146 |
45686 |
if (ssl->pkaAfter[0].inbuf) |
|
2830
|
0 |
1146 |
if (ssl->pkaAfter[0].pool) |
|
2849
|
0 |
46832 |
if (ssl->pkaAfter[1].type != 0) |
|
2882
|
23 |
3247 |
if (ssl->flags & SSL_FLAGS_WRITE_SECURE) |
|
2890
|
23 |
0 |
if ((ssl->flags & SSL_FLAGS_TLS_1_1) && (ssl->enBlockSize > 1)) |
|
|
0 |
23 |
if ((ssl->flags & SSL_FLAGS_TLS_1_1) && (ssl->enBlockSize > 1)) |
|
2895
|
23 |
0 |
if (ssl->flags & SSL_FLAGS_AEAD_W) |
|
2897
|
0 |
23 |
add += (numRecs * (AEAD_TAG_LEN(ssl) + AEAD_NONCE_LEN(ssl))); |
|
|
23 |
0 |
add += (numRecs * (AEAD_TAG_LEN(ssl) + AEAD_NONCE_LEN(ssl))); |
|
2915
|
0 |
1 |
if (ssl->flags & SSL_FLAGS_ERROR) |
|
2946
|
18929 |
6334 |
if (type == SSL_RECORD_TYPE_HANDSHAKE) |
|
2950
|
0 |
25263 |
if (type == SSL_RECORD_TYPE_HANDSHAKE_FIRST_FRAG) |
|
2963
|
2119 |
23144 |
if (hsType == SSL_HS_FINISHED && (ssl->flags & SSL_FLAGS_TLS_1_1)) |
|
|
2119 |
0 |
if (hsType == SSL_HS_FINISHED && (ssl->flags & SSL_FLAGS_TLS_1_1)) |
|
2965
|
2 |
2117 |
if (ssl->cipher->blockSize > 1) |
|
2970
|
4172 |
18972 |
else if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
|
4172 |
0 |
else if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
2971
|
1 |
4171 |
(ssl->flags & SSL_FLAGS_TLS_1_1) && (ssl->enBlockSize > 1)) |
|
2978
|
2119 |
23144 |
if (hsType == SSL_HS_FINISHED) |
|
2980
|
2117 |
2 |
if (ssl->cipher->flags & |
|
2983
|
0 |
2117 |
*messageSize += AEAD_TAG_LEN(ssl) + TLS_EXPLICIT_NONCE_LEN; |
|
2985
|
0 |
2 |
else if (ssl->cipher->flags & CRYPTO_FLAGS_CHACHA) |
|
2987
|
0 |
0 |
*messageSize += AEAD_TAG_LEN(ssl); |
|
2990
|
4171 |
18973 |
else if (ssl->flags & SSL_FLAGS_AEAD_W) |
|
2992
|
0 |
4171 |
*messageSize += (AEAD_TAG_LEN(ssl) + AEAD_NONCE_LEN(ssl)); |
|
|
4171 |
0 |
*messageSize += (AEAD_TAG_LEN(ssl) + AEAD_NONCE_LEN(ssl)); |
|
3001
|
2119 |
23144 |
if (hsType == SSL_HS_FINISHED) |
|
3003
|
2 |
2117 |
if (ssl->cipher->macSize > 0) |
|
3005
|
0 |
2 |
if (ssl->extFlags.truncated_hmac) |
|
3014
|
2 |
2117 |
*padLen = psPadLenPwr2(*messageSize - ssl->recordHeadLen, |
|
3018
|
4172 |
18972 |
else if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
|
1 |
4171 |
else if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
3022
|
1 |
0 |
*padLen = psPadLenPwr2(*messageSize - ssl->recordHeadLen, |
|
3027
|
0 |
25263 |
if (end - *c < *messageSize) |
|
3081
|
2119 |
23144 |
if (hsType == SSL_HS_FINISHED) |
|
3083
|
2119 |
0 |
if ((ssl->flags & SSL_FLAGS_TLS_1_1) && (ssl->cipher->blockSize > 1)) |
|
|
2 |
2117 |
if ((ssl->flags & SSL_FLAGS_TLS_1_1) && (ssl->cipher->blockSize > 1)) |
|
3093
|
4172 |
18972 |
else if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
|
4172 |
0 |
else if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
3094
|
1 |
4171 |
(ssl->flags & SSL_FLAGS_TLS_1_1) && |
|
3108
|
18929 |
6334 |
if (type == SSL_RECORD_TYPE_HANDSHAKE) |
|
3372
|
0 |
9885 |
if ((flight = psMalloc(ssl->flightPool, sizeof(flightEncode_t))) == NULL) |
|
3377
|
3266 |
6619 |
if (ssl->flightEncode == NULL) |
|
3384
|
4499 |
6619 |
while (prev->next) |
|
3392
|
2119 |
7766 |
if (hsMsg == SSL_HS_FINISHED) |
|
3394
|
2117 |
2 |
if (ssl->cipher->flags & (CRYPTO_FLAGS_GCM | CRYPTO_FLAGS_CCM)) |
|
3399
|
40 |
7726 |
else if (ssl->flags & SSL_FLAGS_AEAD_W) |
|
3401
|
40 |
0 |
encryptStart += AEAD_NONCE_LEN(ssl); /* Move past the plaintext nonce */ |
|
3414
|
2119 |
7766 |
if (hsMsg == SSL_HS_FINISHED) |
|
3416
|
2 |
2117 |
if (!(ssl->cipher->flags & |
|
3419
|
0 |
2 |
if (ssl->extFlags.truncated_hmac) |
|
3439
|
2119 |
7766 |
if (hsMsg == SSL_HS_FINISHED) |
|
3441
|
2117 |
2 |
if (ssl->cipher->flags & |
|
3444
|
0 |
2117 |
*c += AEAD_TAG_LEN(ssl); |
|
3447
|
40 |
7726 |
else if (ssl->flags & SSL_FLAGS_AEAD_W) |
|
3449
|
0 |
40 |
*c += AEAD_TAG_LEN(ssl); /* c is tracking end of record here and the |
|
3456
|
0 |
9885 |
if (*c - out->end != messageSize) |
|
3503
|
6288 |
18975 |
if (ssl->flags & SSL_FLAGS_AEAD_W) |
|
3505
|
6288 |
0 |
encryptStart += AEAD_NONCE_LEN(ssl); /* Move past the plaintext nonce */ |
|
3512
|
6291 |
18972 |
if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
|
6291 |
0 |
if ((ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
3513
|
3 |
6288 |
(ssl->flags & SSL_FLAGS_TLS_1_1) && (ssl->enBlockSize > 1)) |
|
3519
|
2 |
1 |
if (type == SSL_RECORD_TYPE_HANDSHAKE) |
|
3523
|
0 |
2 |
if (hsMsgType == SSL_HS_CLIENT_KEY_EXCHANGE && |
|
|
0 |
0 |
if (hsMsgType == SSL_HS_CLIENT_KEY_EXCHANGE && |
|
3526
|
0 |
0 |
if (tlsExtendedDeriveKeys(ssl) < 0) |
|
3532
|
1 |
2 |
if (type == SSL_RECORD_TYPE_APPLICATION_DATA) |
|
3539
|
0 |
1 |
if (encryptStart + ssl->enBlockSize == pt) |
|
3546
|
0 |
1 |
if ((rc = ssl->encrypt(ssl, encryptStart, |
|
3567
|
18927 |
6333 |
if (type == SSL_RECORD_TYPE_HANDSHAKE) |
|
3569
|
0 |
18927 |
if ((rc = sslUpdateHSHash(ssl, pt, ptLen)) < 0) |
|
3577
|
1058 |
17869 |
if (hsMsgType == SSL_HS_CLIENT_KEY_EXCHANGE && |
|
|
1058 |
0 |
if (hsMsgType == SSL_HS_CLIENT_KEY_EXCHANGE && |
|
3580
|
0 |
1058 |
if (tlsExtendedDeriveKeys(ssl) < 0) |
|
3586
|
18972 |
6288 |
if (ssl->generateMac) |
|
3604
|
6288 |
18975 |
if (ssl->flags & SSL_FLAGS_AEAD_W) |
|
3606
|
0 |
6288 |
*c += AEAD_TAG_LEN(ssl); /* c is tracking end of record here and the |
|
3610
|
21139 |
4124 |
if (pt == encryptStart) |
|
3613
|
21139 |
0 |
if ((rc = ssl->encrypt(ssl, pt, encryptStart, |
|
3614
|
0 |
21139 |
(uint32) (*c - encryptStart))) < 0 || |
|
3630
|
4124 |
0 |
if (ssl->flags & SSL_FLAGS_WRITE_SECURE) |
|
3632
|
1 |
4123 |
if (ssl->cipher->blockSize > 1) |
|
3639
|
4123 |
0 |
if (ssl->flags & SSL_FLAGS_AEAD_W) |
|
3641
|
0 |
4123 |
divLen = ptLen + AEAD_TAG_LEN(ssl); |
|
3650
|
4124 |
0 |
if (divLen > 0) |
|
3653
|
0 |
4124 |
if (rc < 0) |
|
3659
|
1 |
4123 |
if (modLen > 0) |
|
3671
|
4124 |
0 |
if (rc < 0 || (*c - out->end != messageSize)) |
|
|
0 |
4124 |
if (rc < 0 || (*c - out->end != messageSize)) |
|
3688
|
0 |
25263 |
if (*c - out->end != messageSize) |
|
3742
|
1149 |
0 |
if (ssl->secureRenegotiationFlag == PS_TRUE && ssl->myVerifyDataLen == 0) |
|
|
1142 |
7 |
if (ssl->secureRenegotiationFlag == PS_TRUE && ssl->myVerifyDataLen == 0) |
|
3746
|
7 |
0 |
else if (ssl->secureRenegotiationFlag == PS_TRUE && |
|
|
7 |
0 |
else if (ssl->secureRenegotiationFlag == PS_TRUE && |
|
3754
|
1148 |
1 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
3756
|
0 |
1148 |
if (extLen == 0) |
|
3765
|
0 |
1149 |
if (ssl->maxPtFrag < SSL_MAX_PLAINTEXT_LEN) |
|
3767
|
0 |
0 |
if (extLen == 0) |
|
3774
|
0 |
1149 |
if (ssl->extFlags.truncated_hmac) |
|
3776
|
0 |
0 |
if (extLen == 0) |
|
3783
|
1149 |
0 |
if (ssl->extFlags.extended_master_secret) |
|
3785
|
0 |
1149 |
if (extLen == 0) |
|
3793
|
0 |
1149 |
if (ssl->sid && ssl->sid->sessionTicketState == SESS_TICKET_STATE_RECVD_EXT) |
|
|
0 |
0 |
if (ssl->sid && ssl->sid->sessionTicketState == SESS_TICKET_STATE_RECVD_EXT) |
|
3795
|
0 |
0 |
if (extLen == 0) |
|
3803
|
0 |
1149 |
if (ssl->extFlags.sni) |
|
3805
|
0 |
0 |
if (extLen == 0) |
|
3812
|
0 |
1149 |
if (ssl->extFlags.status_request) |
|
3814
|
0 |
0 |
if (extLen == 0) |
|
3823
|
0 |
1149 |
if (ssl->extFlags.signed_certificate_timestamp) { |
|
3824
|
0 |
0 |
if (extLen == 0) { |
|
3832
|
0 |
1149 |
if (ssl->alpnLen) |
|
3834
|
0 |
0 |
if (extLen == 0) |
|
3856
|
1149 |
0 |
if (t) |
|
3876
|
0 |
1149 |
if (psGetPrngLocked(ssl->sec.serverRandom, |
|
3890
|
1147 |
2 |
if (!(ssl->flags & SSL_FLAGS_RESUMED)) |
|
3896
|
0 |
1149 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
3922
|
1149 |
0 |
if (ssl->sessionIdLen > 0) |
|
3947
|
1149 |
0 |
if (extLen != 0) |
|
3953
|
0 |
1149 |
if (ssl->maxPtFrag < SSL_MAX_PLAINTEXT_LEN) |
|
3960
|
0 |
0 |
if (ssl->maxPtFrag == 0x200) |
|
3964
|
0 |
0 |
if (ssl->maxPtFrag == 0x400) |
|
3968
|
0 |
0 |
if (ssl->maxPtFrag == 0x800) |
|
3972
|
0 |
0 |
if (ssl->maxPtFrag == 0x1000) |
|
3977
|
0 |
1149 |
if (ssl->extFlags.truncated_hmac) |
|
3984
|
1149 |
0 |
if (ssl->extFlags.extended_master_secret) |
|
3993
|
0 |
1149 |
if (ssl->sid && |
|
|
0 |
0 |
if (ssl->sid && |
|
4005
|
0 |
1149 |
if (ssl->extFlags.sni) |
|
4013
|
0 |
1149 |
if (ssl->extFlags.status_request) |
|
4023
|
0 |
1149 |
if (ssl->extFlags.signed_certificate_timestamp) |
|
4037
|
0 |
1149 |
if (ssl->alpnLen) |
|
4056
|
1149 |
0 |
if (ssl->secureRenegotiationFlag == PS_TRUE) |
|
4061
|
1142 |
7 |
if (ssl->myVerifyDataLen == 0) |
|
4083
|
1148 |
1 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
4095
|
0 |
1149 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
4105
|
2 |
1147 |
if (ssl->flags & SSL_FLAGS_RESUMED) |
|
4107
|
0 |
2 |
if ((rc = sslCreateKeys(ssl)) < 0) |
|
4138
|
0 |
1147 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
4145
|
0 |
1147 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
4178
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_DHE_KEY_EXCH) |
|
4184
|
0 |
0 |
if (matrixPskGetHint(ssl, &hint, &hintLen) < 0) |
|
4188
|
0 |
0 |
if (hint == NULL || hintLen == 0) |
|
|
0 |
0 |
if (hint == NULL || hintLen == 0) |
|
4198
|
0 |
0 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
4210
|
0 |
0 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
4237
|
0 |
0 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
4245
|
0 |
0 |
if (matrixCreateSessionTicket(ssl, c, &rc) < 0) |
|
4252
|
0 |
0 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
4303
|
0 |
1146 |
if (ssl->flags & SSL_FLAGS_ANON_CIPHER) |
|
4308
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
4315
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
4317
|
0 |
0 |
if (matrixPskGetHint(ssl, &hint, &hintLen) < 0) |
|
4334
|
0 |
0 |
if (hintLen != 0 && hint != NULL) |
|
|
0 |
0 |
if (hintLen != 0 && hint != NULL) |
|
4345
|
1146 |
0 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
4350
|
1146 |
0 |
if (ssl->flags & SSL_FLAGS_DHE_WITH_RSA) |
|
4355
|
0 |
0 |
else if (ssl->flags & SSL_FLAGS_DHE_WITH_DSA) |
|
4368
|
0 |
0 |
if (ssl->keys->privKey.keysize != 132) |
|
4380
|
0 |
0 |
if (ssl->keys->privKey.keysize + 4 >= 128) |
|
4408
|
0 |
1146 |
if (messageSize == 0) |
|
4414
|
1146 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
4419
|
0 |
1146 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
4431
|
0 |
1146 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
4435
|
0 |
0 |
if (hintLen != 0 && hint != NULL) |
|
|
0 |
0 |
if (hintLen != 0 && hint != NULL) |
|
4444
|
1146 |
0 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
4454
|
0 |
1146 |
if (psEccX963ExportKey(ssl->hsPool, ssl->sec.eccKeyPriv, c, |
|
4484
|
0 |
0 |
if (psDhExportPubKey(ssl->hsPool, ssl->sec.dhKeyPriv, c, &dhLen) < 0) |
|
4488
|
0 |
0 |
psAssert(dhLen == ssl->sec.dhKeyPriv->size); |
|
4506
|
1146 |
0 |
if (ssl->flags & SSL_FLAGS_DHE_WITH_RSA) |
|
4510
|
0 |
1146 |
if ((hsMsgHash = psMalloc(ssl->hsPool, SHA384_HASH_SIZE)) == NULL) |
|
4516
|
1146 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
4519
|
1146 |
0 |
if (ssl->keys->cert->sigAlgorithm == OID_SHA256_RSA_SIG) |
|
4535
|
0 |
0 |
else if (ssl->keys->cert->sigAlgorithm == OID_SHA384_RSA_SIG) |
|
4554
|
0 |
0 |
else if (ssl->keys->cert->sigAlgorithm == OID_SHA1_RSA_SIG || |
|
|
0 |
0 |
else if (ssl->keys->cert->sigAlgorithm == OID_SHA1_RSA_SIG || |
|
4636
|
1146 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
4660
|
0 |
1146 |
if (ssl->flags & SSL_FLAGS_DHE_WITH_DSA) |
|
4664
|
0 |
0 |
if ((hsMsgHash = psMalloc(ssl->hsPool, SHA384_HASH_SIZE)) == NULL) |
|
4670
|
0 |
0 |
if ((ssl->flags & SSL_FLAGS_TLS_1_2) && |
|
|
0 |
0 |
if ((ssl->flags & SSL_FLAGS_TLS_1_2) && |
|
4686
|
0 |
0 |
else if ((ssl->flags & SSL_FLAGS_TLS_1_2) && |
|
|
0 |
0 |
else if ((ssl->flags & SSL_FLAGS_TLS_1_2) && |
|
4703
|
0 |
0 |
else if (ssl->minVer < TLS_1_2_MIN_VER || |
|
|
0 |
0 |
else if (ssl->minVer < TLS_1_2_MIN_VER || |
|
4708
|
0 |
0 |
((ssl->flags & SSL_FLAGS_TLS_1_2) && |
|
4720
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
4760
|
0 |
0 |
if ((pkaAfter = getPkaAfter(ssl)) == NULL) |
|
4773
|
0 |
0 |
if (ssl->keys->privKey.keysize != 132) |
|
4780
|
0 |
0 |
if (rc - 3 >= 128) |
|
4792
|
0 |
1146 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
4817
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_ERROR || ssl->flags & SSL_FLAGS_CLOSED) |
|
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_ERROR || ssl->flags & SSL_FLAGS_CLOSED) |
|
4822
|
0 |
0 |
if (!(ssl->flags & SSL_FLAGS_SERVER) || (ssl->hsState != SSL_HS_DONE)) |
|
|
0 |
0 |
if (!(ssl->flags & SSL_FLAGS_SERVER) || (ssl->hsState != SSL_HS_DONE)) |
|
4831
|
0 |
0 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
4839
|
0 |
0 |
if ((rc = encryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, 0, messageSize, |
|
4883
|
0 |
0 |
while (totalClen > 0) |
|
4885
|
0 |
0 |
if (firstOne) |
|
4890
|
0 |
0 |
if ((rc = writeRecordHeader(ssl, |
|
4903
|
0 |
0 |
if (notEmpty) |
|
4906
|
0 |
0 |
while (cert) |
|
4908
|
0 |
0 |
psAssert(cert->unparsedBin != NULL); |
|
4911
|
0 |
0 |
if (certLen > 0) |
|
4913
|
0 |
0 |
if (countDown <= 3) |
|
4921
|
0 |
0 |
if (countDown != 0) |
|
4925
|
0 |
0 |
if (countDown != 0) |
|
4947
|
0 |
0 |
if (countDown == 0) |
|
4955
|
0 |
0 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
4966
|
0 |
0 |
if (!cert) |
|
4970
|
0 |
0 |
if (midSizeWrite > 0) |
|
4978
|
0 |
0 |
if ((certLen + messageSize) > ssl->maxPtFrag) |
|
4985
|
0 |
0 |
if (cert->next != NULL) |
|
4988
|
0 |
0 |
while (future != NULL) |
|
4990
|
0 |
0 |
if (messageSize + future->binLen + 3 > |
|
5009
|
0 |
0 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE_FRAG, |
|
5016
|
0 |
0 |
if (midSizeWrite > 0) |
|
5018
|
0 |
0 |
if (midSizeWrite == 2) |
|
5032
|
0 |
0 |
if (countDown < certLen) |
|
5050
|
0 |
0 |
while (countDown > 0) |
|
5053
|
0 |
0 |
if (!cert) |
|
5059
|
0 |
0 |
if (countDown <= 3) |
|
5065
|
0 |
0 |
if (countDown != 0) |
|
5069
|
0 |
0 |
if (countDown != 0) |
|
5091
|
0 |
0 |
if (countDown == 0) |
|
5097
|
0 |
0 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
5124
|
1147 |
0 |
if (ssl->extFlags.status_request == 0) |
|
5137
|
0 |
0 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
5157
|
0 |
0 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
5210
|
0 |
1147 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
5223
|
1147 |
0 |
if (notEmpty) |
|
5227
|
1147 |
1147 |
for (; cert != NULL; i++) |
|
5229
|
0 |
1147 |
psAssert(cert->unparsedBin != NULL); |
|
5245
|
0 |
1147 |
if ((totalCertLen + lsize + ssl->hshakeHeadLen) > ssl->maxPtFrag) |
|
5259
|
0 |
1147 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
5294
|
1147 |
0 |
if (notEmpty) |
|
5297
|
1147 |
1147 |
while (cert) |
|
5299
|
0 |
1147 |
psAssert(cert->unparsedBin != NULL); |
|
5301
|
1147 |
0 |
if (certLen > 0) |
|
5314
|
0 |
1147 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
5346
|
0 |
2119 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_CHANGE_CIPHER_SPEC, 0, |
|
5353
|
0 |
2119 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_CHANGE_CIPHER_SPEC, |
|
5367
|
2119 |
0 |
if (ssl->flags & SSL_FLAGS_TLS) |
|
5402
|
2119 |
0 |
if (ssl->flags & SSL_FLAGS_TLS) |
|
5409
|
0 |
2119 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, SSL_HS_FINISHED, |
|
5419
|
0 |
2119 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
5444
|
1061 |
1058 |
if (ssl->pkaAfter[0].type == 0) |
|
5446
|
1061 |
0 |
if (!(ssl->bFlags & BFLAG_KEEP_PEER_CERTS)) |
|
5448
|
0 |
1061 |
if (ssl->sec.cert) |
|
5498
|
0 |
91 |
if (description == (unsigned char) SSL_ALERT_NO_RENEGOTIATION) |
|
5504
|
0 |
91 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_ALERT, 0, &messageSize, |
|
5513
|
0 |
91 |
if ((rc = encryptRecord(ssl, SSL_RECORD_TYPE_ALERT, 0, messageSize, |
|
5598
|
11164 |
0 |
if (out == NULL || out->buf == NULL || ssl == NULL || options == NULL) |
|
|
11164 |
0 |
if (out == NULL || out->buf == NULL || ssl == NULL || options == NULL) |
|
|
11164 |
0 |
if (out == NULL || out->buf == NULL || ssl == NULL || options == NULL) |
|
|
0 |
11164 |
if (out == NULL || out->buf == NULL || ssl == NULL || options == NULL) |
|
5602
|
2 |
11162 |
if (cipherSpecLen > 0 && (cipherSpecs == NULL || cipherSpecs[0] == 0)) |
|
|
2 |
0 |
if (cipherSpecLen > 0 && (cipherSpecs == NULL || cipherSpecs[0] == 0)) |
|
|
0 |
2 |
if (cipherSpecLen > 0 && (cipherSpecs == NULL || cipherSpecs[0] == 0)) |
|
5606
|
11164 |
0 |
if (ssl->flags & SSL_FLAGS_ERROR || ssl->flags & SSL_FLAGS_CLOSED) |
|
|
0 |
11164 |
if (ssl->flags & SSL_FLAGS_ERROR || ssl->flags & SSL_FLAGS_CLOSED) |
|
5611
|
11164 |
0 |
if (ssl->flags & SSL_FLAGS_SERVER || (ssl->hsState != SSL_HS_SERVER_HELLO && |
|
|
8 |
11156 |
if (ssl->flags & SSL_FLAGS_SERVER || (ssl->hsState != SSL_HS_SERVER_HELLO && |
|
|
0 |
8 |
if (ssl->flags & SSL_FLAGS_SERVER || (ssl->hsState != SSL_HS_SERVER_HELLO && |
|
5612
|
0 |
0 |
ssl->hsState != SSL_HS_DONE && |
|
5644
|
11162 |
2 |
if (ssl->sessionIdLen <= 0) |
|
5649
|
2 |
11162 |
if (cipherSpecLen == 0 || cipherSpecs == NULL || cipherSpecs[0] == 0) |
|
|
2 |
0 |
if (cipherSpecLen == 0 || cipherSpecs == NULL || cipherSpecs[0] == 0) |
|
|
0 |
2 |
if (cipherSpecLen == 0 || cipherSpecs == NULL || cipherSpecs[0] == 0) |
|
5651
|
0 |
11162 |
if ((cipherLen = sslGetCipherSpecListLen(ssl)) == 2) |
|
5661
|
2 |
1 |
for (i = 0; i < cipherSpecLen; i++) |
|
5663
|
1 |
1 |
if ((cipherDetails = sslGetCipherSpec(ssl, cipherSpecs[i])) |
|
5677
|
11156 |
7 |
if (ssl->myVerifyDataLen == 0) |
|
5683
|
0 |
11163 |
if (options->fallbackScsv) |
|
5685
|
0 |
0 |
if (ssl->minVer == TLS_HIGHEST_MINOR) |
|
5693
|
0 |
0 |
if (ssl->sessionIdLen > 0) |
|
5736
|
11163 |
0 |
if (ssl->minVer > 0 && (options->maxFragLen > 0) && |
|
|
0 |
11163 |
if (ssl->minVer > 0 && (options->maxFragLen > 0) && |
|
|
0 |
0 |
if (ssl->minVer > 0 && (options->maxFragLen > 0) && |
|
5739
|
0 |
0 |
if (options->maxFragLen == 0x200 || |
|
|
0 |
0 |
if (options->maxFragLen == 0x200 || |
|
5740
|
0 |
0 |
options->maxFragLen == 0x400 || |
|
5741
|
0 |
0 |
options->maxFragLen == 0x800 || |
|
5756
|
0 |
11163 |
if (options->truncHmac) |
|
5758
|
0 |
0 |
if (extLen == 0) |
|
5765
|
11163 |
0 |
if (options->extendedMasterSecret >= 0) |
|
5767
|
11163 |
0 |
if (extLen == 0) |
|
5788
|
7 |
11156 |
if (ssl->myVerifyDataLen != 0) |
|
5790
|
0 |
7 |
if (extLen == 0) |
|
5800
|
11162 |
1 |
if (eccSuitesSupported(ssl, cipherSpecs, cipherSpecLen)) |
|
5804
|
6 |
11156 |
if (options->ecFlags) |
|
5813
|
11162 |
0 |
if (curveListLen > 0) |
|
5815
|
0 |
11162 |
if (extLen == 0) |
|
5829
|
11163 |
0 |
if (options && options->ticketResumption == 1) |
|
|
0 |
11163 |
if (options && options->ticketResumption == 1) |
|
5833
|
0 |
11163 |
if (useTicket && ssl->sid) |
|
|
0 |
0 |
if (useTicket && ssl->sid) |
|
5835
|
0 |
0 |
if (extLen == 0) |
|
5840
|
0 |
0 |
if (ssl->sid->sessionTicketLen > 0 && |
|
|
0 |
0 |
if (ssl->sid->sessionTicketLen > 0 && |
|
5849
|
11163 |
0 |
if (options && options->OCSPstapling == 1) |
|
|
0 |
11163 |
if (options && options->OCSPstapling == 1) |
|
5851
|
0 |
0 |
if (extLen == 0) |
|
5927
|
0 |
11163 |
if (extLen == 0) |
|
5940
|
0 |
11163 |
if (ext && extLen == 0) |
|
|
0 |
0 |
if (ext && extLen == 0) |
|
5944
|
0 |
11163 |
while (ext) |
|
5965
|
0 |
11163 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
6001
|
11163 |
0 |
if (t) |
|
6021
|
0 |
11163 |
if ((rc = psGetPrngLocked(ssl->sec.clientRandom, |
|
6048
|
2 |
11161 |
if (ssl->sessionIdLen > 0) |
|
6077
|
1 |
11162 |
if (cipherSpecLen == 0 || cipherSpecs == NULL || cipherSpecs[0] == 0) |
|
|
1 |
0 |
if (cipherSpecLen == 0 || cipherSpecs == NULL || cipherSpecs[0] == 0) |
|
|
0 |
1 |
if (cipherSpecLen == 0 || cipherSpecs == NULL || cipherSpecs[0] == 0) |
|
6079
|
0 |
11162 |
if ((rc = sslGetCipherSpecList(ssl, c, (int32) (end - c), addRenegotiationScsv)) < 0) |
|
6087
|
0 |
1 |
if ((int32) (end - c) < cipherLen) |
|
6096
|
1 |
1 |
for (i = 0; i < cipherSpecLen; i++) |
|
6102
|
0 |
1 |
if (addRenegotiationScsv == 1) |
|
6109
|
0 |
1 |
if (ssl->extFlags.req_fallback_scsv) |
|
6138
|
11163 |
0 |
if (extLen > 0) |
|
6147
|
0 |
11163 |
if (userExt) |
|
6150
|
0 |
0 |
while (ext) |
|
6175
|
0 |
0 |
if (ext->extLen == 1 && ext->extData == NULL) |
|
|
0 |
0 |
if (ext->extLen == 1 && ext->extData == NULL) |
|
6189
|
0 |
11163 |
if (ssl->maxPtFrag & 0x10000) |
|
6196
|
0 |
0 |
if (options->maxFragLen == 0x200) |
|
6200
|
0 |
0 |
else if (options->maxFragLen == 0x400) |
|
6204
|
0 |
0 |
else if (options->maxFragLen == 0x800) |
|
6208
|
0 |
0 |
else if (options->maxFragLen == 0x1000) |
|
6217
|
7 |
11156 |
if (ssl->myVerifyDataLen > 0) |
|
6231
|
11162 |
1 |
if (curveListLen > 0) |
|
6266
|
0 |
11163 |
if (useTicket && ssl->sid) |
|
|
0 |
0 |
if (useTicket && ssl->sid) |
|
6268
|
0 |
0 |
if (ssl->sid->sessionTicketLen == 0 || |
|
|
0 |
0 |
if (ssl->sid->sessionTicketLen == 0 || |
|
6297
|
0 |
11163 |
if (options->OCSPstapling) |
|
6320
|
0 |
11163 |
if (options->truncHmac) |
|
6329
|
11163 |
0 |
if (options->extendedMasterSecret >= 0) |
|
6331
|
7 |
11156 |
if (options->extendedMasterSecret > 0) |
|
6368
|
0 |
11163 |
if ((rc = encryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, 0, messageSize, |
|
6379
|
7 |
11156 |
if (ssl->hsState == SSL_HS_DONE) |
|
6428
|
0 |
1058 |
if ((pkaAfter = getPkaAfter(ssl)) == NULL) |
|
6434
|
0 |
1058 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
6437
|
0 |
0 |
if (matrixSslPskGetKeyId(ssl, &pskId, &pskIdLen, |
|
6460
|
1057 |
1 |
if (ssl->flags & SSL_FLAGS_DHE_KEY_EXCH) |
|
6471
|
1057 |
0 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
6494
|
0 |
1057 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
6505
|
0 |
1 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
6514
|
1 |
0 |
if (ssl->cipher->type == CS_ECDH_ECDSA || |
|
|
0 |
1 |
if (ssl->cipher->type == CS_ECDH_ECDSA || |
|
6539
|
1058 |
0 |
if (ssl->flags & SSL_FLAGS_TLS) |
|
6548
|
1057 |
1 |
if (ssl->flags & SSL_FLAGS_DHE_KEY_EXCH) |
|
6550
|
0 |
1057 |
if (explicitLen == 0) |
|
6560
|
0 |
1058 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
6562
|
0 |
0 |
if (explicitLen == 0) |
|
6571
|
1057 |
1 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
6573
|
1057 |
0 |
if (explicitLen == 1) |
|
6581
|
0 |
1058 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
6595
|
1 |
1057 |
if (explicitLen == 1) |
|
6598
|
0 |
1 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
6613
|
1 |
0 |
if (keyLen > 0) |
|
6635
|
1057 |
1 |
if (ssl->flags & SSL_FLAGS_DHE_KEY_EXCH) |
|
6642
|
1057 |
0 |
if (ssl->flags & SSL_FLAGS_ECC_CIPHER) |
|
6646
|
0 |
1057 |
if (psEccX963ExportKey(ssl->hsPool, ssl->sec.eccKeyPriv, c, |
|
6651
|
0 |
1057 |
psAssert(keyLen == (uint32) * (c - 1)); |
|
6673
|
0 |
1057 |
if (ssl->sec.premaster == NULL) |
|
6693
|
0 |
0 |
if (psDhExportPubKey(ssl->hsPool, ssl->sec.dhKeyPriv, c, &dhLen) < 0) |
|
6697
|
0 |
0 |
psAssert(dhLen == keyLen); |
|
6722
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
6725
|
0 |
0 |
if ((pkaAfter->inbuf = psMalloc(ssl->hsPool, pskIdLen)) == NULL) |
|
6749
|
0 |
1 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
6758
|
0 |
0 |
if (pskKey == NULL) |
|
6764
|
0 |
0 |
if (ssl->sec.premaster == NULL) |
|
6783
|
0 |
0 |
if (ssl->extFlags.extended_master_secret == 0) |
|
6785
|
0 |
0 |
if ((rc = sslCreateKeys(ssl)) < 0) |
|
6798
|
1 |
0 |
if (ssl->cipher->type == CS_ECDH_ECDSA || |
|
|
0 |
1 |
if (ssl->cipher->type == CS_ECDH_ECDSA || |
|
6824
|
0 |
0 |
if (ssl->sec.premaster == NULL) |
|
6840
|
0 |
1 |
if (ssl->sec.premaster == NULL) |
|
6847
|
0 |
1 |
if (psGetPrngLocked(ssl->sec.premaster + 2, |
|
6881
|
0 |
1058 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
7001
|
0 |
0 |
if (sslSnapshotHSHash(ssl, msgHash, -1) <= 0) |
|
7008
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
7075
|
0 |
0 |
if ((tmpEcdsa = psMalloc(ssl->hsPool, pka->user + 1)) == NULL) |
|
7081
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
7124
|
0 |
0 |
if (rc != PS_SUCCESS) |
|
7139
|
0 |
0 |
if (len == pka->user) |
|
7182
|
0 |
0 |
if (rc < 0) |
|
7257
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
7283
|
0 |
0 |
psAssert(using_tls_1_2 == 0 || using_tls_1_2 == 1); |
|
|
0 |
0 |
psAssert(using_tls_1_2 == 0 || using_tls_1_2 == 1); |
|
7292
|
0 |
0 |
if (using_tls_1_2) |
|
7300
|
0 |
0 |
if (!using_tls_1_2) |
|
7307
|
0 |
0 |
if (rc < 0) |
|
7367
|
0 |
0 |
if (getSnapshotHSHash(ssl, msgHash, pka) < 0) |
|
7398
|
0 |
0 |
if (rc < 0) |
|
7426
|
0 |
0 |
if ((pkaAfter = getPkaAfterCv(ssl)) == NULL) |
|
7437
|
0 |
0 |
if (ssl->keys->cert->pubKeyAlgorithm == OID_ECDSA_KEY_ALG) |
|
7449
|
0 |
0 |
if (ssl->keys->privKey.keysize != 132) |
|
7458
|
0 |
0 |
if (ssl->keys->privKey.keysize + 4 >= 128) |
|
7487
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
7492
|
0 |
0 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
7504
|
0 |
0 |
if (ssl->keys->cert->pubKeyAlgorithm == OID_ECDSA_KEY_ALG) |
|
7508
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
7524
|
0 |
0 |
if ((ssl->keys->cert->sigAlgorithm == OID_SHA1_ECDSA_SIG) || |
|
|
0 |
0 |
if ((ssl->keys->cert->sigAlgorithm == OID_SHA1_ECDSA_SIG) || |
|
7531
|
0 |
0 |
else if ((ssl->keys->cert->sigAlgorithm == |
|
7532
|
0 |
0 |
OID_SHA256_ECDSA_SIG) || (ssl->keys->cert->sigAlgorithm |
|
7540
|
0 |
0 |
else if ((ssl->keys->cert->sigAlgorithm == |
|
7541
|
0 |
0 |
OID_SHA384_ECDSA_SIG) || (ssl->keys->cert->sigAlgorithm |
|
7550
|
0 |
0 |
else if ((ssl->keys->cert->sigAlgorithm == |
|
7551
|
0 |
0 |
OID_SHA512_ECDSA_SIG) || (ssl->keys->cert->sigAlgorithm |
|
7585
|
0 |
0 |
if (ssl->keys->privKey.keysize != 132) |
|
7592
|
0 |
0 |
if (rc - 3 >= 128) |
|
7609
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
7625
|
0 |
0 |
if (ssl->keys->cert->sigAlgorithm == OID_SHA1_RSA_SIG || |
|
|
0 |
0 |
if (ssl->keys->cert->sigAlgorithm == OID_SHA1_RSA_SIG || |
|
7626
|
0 |
0 |
ssl->keys->cert->sigAlgorithm == OID_MD5_RSA_SIG || |
|
7633
|
0 |
0 |
else if (ssl->keys->cert->sigAlgorithm == OID_SHA256_RSA_SIG || |
|
|
0 |
0 |
else if (ssl->keys->cert->sigAlgorithm == OID_SHA256_RSA_SIG || |
|
7642
|
0 |
0 |
else if (ssl->keys->cert->sigAlgorithm == OID_SHA384_RSA_SIG || |
|
|
0 |
0 |
else if (ssl->keys->cert->sigAlgorithm == OID_SHA384_RSA_SIG || |
|
7651
|
0 |
0 |
else if (ssl->keys->cert->sigAlgorithm == OID_SHA512_RSA_SIG || |
|
|
0 |
0 |
else if (ssl->keys->cert->sigAlgorithm == OID_SHA512_RSA_SIG || |
|
7660
|
0 |
0 |
else if (ssl->keys->cert->sigAlgorithm == OID_RSASSA_PSS) |
|
7662
|
0 |
0 |
if (ssl->keys->cert->pssHash == PKCS1_SHA1_ID || |
|
|
0 |
0 |
if (ssl->keys->cert->pssHash == PKCS1_SHA1_ID || |
|
7668
|
0 |
0 |
else if (ssl->keys->cert->pssHash == PKCS1_SHA256_ID) |
|
7674
|
0 |
0 |
else if (ssl->keys->cert->pssHash == PKCS1_SHA384_ID) |
|
7681
|
0 |
0 |
else if (ssl->keys->cert->pssHash == PKCS1_SHA512_ID) |
|
7740
|
0 |
0 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
7796
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
7818
|
0 |
0 |
if ((messageSize - ssl->recordHeadLen) > ssl->maxPtFrag) |
|
7824
|
0 |
0 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
7861
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
7919
|
0 |
0 |
if (cert) |
|
7923
|
0 |
0 |
while (cert) |
|
7925
|
0 |
0 |
if (cert->subject.dnenc == NULL) |
|
7941
|
0 |
0 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
7969
|
0 |
0 |
while (certLen > 0) |
|
7971
|
0 |
0 |
if (firstOne) |
|
7980
|
0 |
0 |
if ((rc = writeRecordHeader(ssl, |
|
7998
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_2) |
|
8040
|
0 |
0 |
while (cert) |
|
8042
|
0 |
0 |
if (cert->subject.dnenc == NULL) |
|
8048
|
0 |
0 |
if (dnencLen > 0) |
|
8050
|
0 |
0 |
if (countDown < 2) |
|
8071
|
0 |
0 |
if (countDown == 0) |
|
8078
|
0 |
0 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
8088
|
0 |
0 |
if (cert == NULL || cert->subject.dnenc == NULL) |
|
|
0 |
0 |
if (cert == NULL || cert->subject.dnenc == NULL) |
|
8093
|
0 |
0 |
if (midSizeWrite > 0) |
|
8101
|
0 |
0 |
if ((certLen + messageSize) > ssl->maxPtFrag) |
|
8108
|
0 |
0 |
if (cert->next != NULL) |
|
8111
|
0 |
0 |
while (future != NULL) |
|
8113
|
0 |
0 |
if (messageSize + future->subject.dnencLen + 2 > |
|
8131
|
0 |
0 |
if ((rc = writeRecordHeader(ssl, SSL_RECORD_TYPE_HANDSHAKE_FRAG, |
|
8137
|
0 |
0 |
if (midSizeWrite > 0) |
|
8143
|
0 |
0 |
if (countDown < dnencLen) |
|
8160
|
0 |
0 |
while (countDown > 0) |
|
8163
|
0 |
0 |
if (cert == NULL || cert->subject.dnenc == NULL) |
|
|
0 |
0 |
if (cert == NULL || cert->subject.dnenc == NULL) |
|
8169
|
0 |
0 |
if (countDown < 2) |
|
8189
|
0 |
0 |
if (countDown == 0) |
|
8194
|
0 |
0 |
if ((rc = postponeEncryptRecord(ssl, SSL_RECORD_TYPE_HANDSHAKE, |
|
8283
|
0 |
25263 |
if (type == SSL_RECORD_TYPE_HANDSHAKE_FRAG) |
|
8307
|
2119 |
23144 |
if (hsType == SSL_HS_FINISHED) |
|
8309
|
2117 |
2 |
if (ssl->cipher->flags & (CRYPTO_FLAGS_GCM | CRYPTO_FLAGS_CCM)) |
|
8314
|
4171 |
18973 |
else if (ssl->flags & SSL_FLAGS_NONCE_W) |
|
8318
|
6288 |
18975 |
if (explicitNonce) |
|
8425
|
34 |
25263 |
while (c > 0) |