The definitions for the TLS library. More...
Include dependency graph for tls1.h:
This graph shows which files directly or indirectly include this file:
Go to the source code of this file.
Classes | |
| struct | cipher_info_t |
| struct | _SSLObjLoader |
| struct | SSL_SESSION |
| struct | _SSL_CERT |
| struct | DISPOSABLE_CTX |
| struct | _SSL |
| struct | _SSL_CTX |
Macros | |
| #define | SSL_PROTOCOL_MIN_VERSION 0x31 /* TLS v1.0 */ |
| #define | SSL_PROTOCOL_MINOR_VERSION 0x02 /* TLS v1.1 */ |
| #define | SSL_PROTOCOL_VERSION_MAX 0x32 /* TLS v1.1 */ |
| #define | SSL_PROTOCOL_VERSION1_1 0x32 /* TLS v1.1 */ |
| #define | SSL_RANDOM_SIZE 32 |
| #define | SSL_SECRET_SIZE 48 |
| #define | SSL_FINISHED_HASH_SIZE 12 |
| #define | SSL_RECORD_SIZE 5 |
| #define | SSL_SERVER_READ 0 |
| #define | SSL_SERVER_WRITE 1 |
| #define | SSL_CLIENT_READ 2 |
| #define | SSL_CLIENT_WRITE 3 |
| #define | SSL_HS_HDR_SIZE 4 |
| #define | SSL_NEED_RECORD 0x0001 |
| #define | SSL_TX_ENCRYPTED 0x0002 |
| #define | SSL_RX_ENCRYPTED 0x0004 |
| #define | SSL_SESSION_RESUME 0x0008 |
| #define | SSL_IS_CLIENT 0x0010 |
| #define | SSL_HAS_CERT_REQ 0x0020 |
| #define | SSL_SENT_CLOSE_NOTIFY 0x0040 |
| #define | SET_SSL_FLAG(A) (ssl->flag |= A) |
| #define | CLR_SSL_FLAG(A) (ssl->flag &= ~A) |
| #define | IS_SET_SSL_FLAG(A) (ssl->flag & A) |
| #define | MAX_KEY_BYTE_SIZE 512 /* for a 4096 bit key */ |
| #define | RT_MAX_PLAIN_LENGTH 16384 |
| #define | RT_EXTRA 1024 |
| #define | BM_RECORD_OFFSET 5 |
| #define | NUM_PROTOCOLS 4 |
| #define | PARANOIA_CHECK(A, B) |
| #define | DISPLAY_STATE(A, B, C, D) |
| #define | DISPLAY_CERT(A, B) |
| #define | DISPLAY_RSA(A, B) |
| #define | DISPLAY_ALERT(A, B) |
Typedefs | |
| typedef struct _SSLObjLoader | SSLObjLoader |
| typedef struct _SSL_CERT | SSL_CERT |
| typedef X509_CTX | SSL_X509_CERT |
| typedef struct _SSL | SSL |
| typedef struct _SSL_CTX | SSL_CTX |
| typedef struct _SSL_CTX | SSLCTX |
Functions | |
| SSL * | ssl_new (SSL_CTX *ssl_ctx, void *client_fd) |
| void | disposable_new (SSL *ssl) |
| Create a blob of memory that we'll get rid of once the handshake is complete. | |
| void | disposable_free (SSL *ssl) |
| Remove the temporary blob of memory. | |
| int | send_packet (SSL *ssl, uint8_t protocol, const uint8_t *in, int length) |
| Send an encrypted packet with padding bytes if necessary. | |
| int | do_svr_handshake (SSL *ssl, int handshake_type, uint8_t *buf, int hs_len) |
| int | do_clnt_handshake (SSL *ssl, int handshake_type, uint8_t *buf, int hs_len) |
| int | process_finished (SSL *ssl, uint8_t *buf, int hs_len) |
| Process a client finished message. | |
| int | process_sslv23_client_hello (SSL *ssl) |
| int | send_alert (SSL *ssl, int error_code) |
| Send an alert message. More... | |
| int | send_finished (SSL *ssl) |
| Send a "finished" message. | |
| int | send_certificate (SSL *ssl) |
| Send a certificate. | |
| int | basic_read (SSL *ssl, uint8_t **in_data) |
| Read the SSL connection. | |
| int | send_change_cipher_spec (SSL *ssl) |
| Sends the change cipher spec message. More... | |
| void | finished_digest (SSL *ssl, const char *label, uint8_t *digest) |
| Calculate the digest used in the finished message. More... | |
| void | generate_master_secret (SSL *ssl, const uint8_t *premaster_secret) |
| Generate a master secret based on the client/server random data and the premaster secret. | |
| void | add_packet (SSL *ssl, const uint8_t *pkt, int len) |
| Add a packet to the end of our sent and received packets, so that we may use it to calculate the hash at the end. | |
| int | add_cert (SSL_CTX *ssl_ctx, const uint8_t *buf, int len) |
| Add a certificate to the certificate chain. | |
| int | add_private_key (SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj) |
| void | ssl_obj_free (SSLObjLoader *ssl_obj) |
| int | pkcs8_decode (SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password) |
| int | pkcs12_decode (SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password) |
| int | load_key_certs (SSL_CTX *ssl_ctx) |
| void | DISPLAY_BYTES (SSL *ssl, const char *format, const uint8_t *data, int size,...) |
| SSL_SESSION * | ssl_session_update (int max_sessions, SSL_SESSION *ssl_sessions[], SSL *ssl, const uint8_t *session_id) |
| Find if an existing session has the same session id. More... | |
| void | kill_ssl_session (SSL_SESSION **ssl_sessions, SSL *ssl) |
| This ssl object doesn't want this session anymore. | |
Variables | |
| const uint8_t | ssl_prot_prefs [NUM_PROTOCOLS] |
Detailed Description
The definitions for the TLS library.
Macro Definition Documentation
◆ PARANOIA_CHECK
| #define PARANOIA_CHECK | ( | A, | |
| B | |||
| ) |
Function Documentation
◆ finished_digest()
| void finished_digest | ( | SSL * | ssl, |
| const char * | label, | ||
| uint8_t * | digest | ||
| ) |
Calculate the digest used in the finished message.
This function also doubles up as a certificate verify function.
◆ send_alert()
| int send_alert | ( | SSL * | ssl, |
| int | error_code | ||
| ) |
Send an alert message.
Return 1 if the alert was an "error".
◆ send_change_cipher_spec()
| int send_change_cipher_spec | ( | SSL * | ssl | ) |
Sends the change cipher spec message.
We have just read a finished message from the client.
◆ ssl_session_update()
| SSL_SESSION* ssl_session_update | ( | int | max_sessions, |
| SSL_SESSION * | ssl_sessions[], | ||
| SSL * | ssl, | ||
| const uint8_t * | session_id | ||
| ) |
Find if an existing session has the same session id.
If so, use the master secret from this session for session resumption.
