#include <ssl.h>
|
unsigned char | max_major_ver |
|
unsigned char | max_minor_ver |
|
unsigned char | min_major_ver |
|
unsigned char | min_minor_ver |
|
uint8_t | endpoint |
|
uint8_t | transport |
|
uint8_t | authmode |
|
uint8_t | allow_legacy_renegotiation |
|
uint8_t | arc4_disabled |
|
uint8_t | mfl_code |
|
uint8_t | encrypt_then_mac |
|
uint8_t | extended_ms |
|
uint8_t | anti_replay |
|
uint8_t | cbc_record_splitting |
|
uint8_t | disable_renegotiation |
|
uint8_t | trunc_hmac |
|
uint8_t | session_tickets |
|
uint8_t | fallback |
|
uint8_t | cert_req_ca_list |
|
uint32_t | read_timeout |
|
uint32_t | hs_timeout_min |
|
uint32_t | hs_timeout_max |
|
int | renego_max_records |
|
unsigned char | renego_period [8] |
|
unsigned int | badmac_limit |
|
unsigned int | dhm_min_bitlen |
|
const int * | ciphersuite_list [4] |
|
void(* | f_dbg )(void *, int, const char *, int, const char *) |
|
void * | p_dbg |
|
int(* | f_rng )(void *, unsigned char *, size_t) |
|
void * | p_rng |
|
int(* | f_get_cache )(void *, mbedtls_ssl_session *) |
|
int(* | f_set_cache )(void *, const mbedtls_ssl_session *) |
|
void * | p_cache |
|
int(* | f_sni )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | p_sni |
|
int(* | f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *) |
|
void * | p_vrfy |
|
int(* | f_psk )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | p_psk |
|
int(* | f_cookie_write )(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
|
int(* | f_cookie_check )(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
|
void * | p_cookie |
|
int(* | f_ticket_write )(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
|
int(* | f_ticket_parse )(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
|
void * | p_ticket |
|
int(* | f_export_keys )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
|
int(* | f_export_keys_ext )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t, const unsigned char[32], const unsigned char[32], mbedtls_tls_prf_types) |
|
void * | p_export_keys |
|
const mbedtls_x509_crt_profile * | cert_profile |
|
mbedtls_ssl_key_cert * | key_cert |
|
mbedtls_x509_crt * | ca_chain |
|
mbedtls_x509_crl * | ca_crl |
|
const int * | sig_hashes |
|
const mbedtls_ecp_group_id * | curve_list |
|
mbedtls_mpi | dhm_P |
|
mbedtls_mpi | dhm_G |
|
unsigned char * | psk |
|
size_t | psk_len |
|
unsigned char * | psk_identity |
|
size_t | psk_identity_len |
|
const char ** | alpn_list |
|
SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
Definition at line 1009 of file ssl.h.
◆ allow_legacy_renegotiation
uint8_t mbedtls_ssl_config::allow_legacy_renegotiation |
MBEDTLS_LEGACY_XXX
Definition at line 1031 of file ssl.h.
◆ alpn_list
const char** mbedtls_ssl_config::alpn_list |
ordered list of protocols
Definition at line 1246 of file ssl.h.
◆ anti_replay
uint8_t mbedtls_ssl_config::anti_replay |
detect and prevent replay?
Definition at line 1045 of file ssl.h.
◆ arc4_disabled
uint8_t mbedtls_ssl_config::arc4_disabled |
blacklist RC4 ciphersuites?
Definition at line 1033 of file ssl.h.
◆ authmode
uint8_t mbedtls_ssl_config::authmode |
MBEDTLS_SSL_VERIFY_XXX
Definition at line 1029 of file ssl.h.
◆ badmac_limit
unsigned int mbedtls_ssl_config::badmac_limit |
limit of records with a bad MAC
Definition at line 1096 of file ssl.h.
◆ ca_chain
trusted CAs
Definition at line 1180 of file ssl.h.
◆ ca_crl
trusted CAs CRLs
Definition at line 1181 of file ssl.h.
◆ cbc_record_splitting
uint8_t mbedtls_ssl_config::cbc_record_splitting |
do cbc record splitting
Definition at line 1048 of file ssl.h.
◆ cert_profile
verification profile
Definition at line 1178 of file ssl.h.
◆ cert_req_ca_list
uint8_t mbedtls_ssl_config::cert_req_ca_list |
enable sending CA list in Certificate Request messages?
Definition at line 1063 of file ssl.h.
◆ ciphersuite_list
const int* mbedtls_ssl_config::ciphersuite_list[4] |
allowed ciphersuites per version
Definition at line 1107 of file ssl.h.
◆ curve_list
allowed curves
Definition at line 1203 of file ssl.h.
◆ dhm_G
generator for DHM
Definition at line 1208 of file ssl.h.
◆ dhm_min_bitlen
unsigned int mbedtls_ssl_config::dhm_min_bitlen |
min. bit length of the DHM prime
Definition at line 1100 of file ssl.h.
◆ dhm_P
prime modulus for DHM
Definition at line 1207 of file ssl.h.
◆ disable_renegotiation
uint8_t mbedtls_ssl_config::disable_renegotiation |
disable renegotiation?
Definition at line 1051 of file ssl.h.
◆ encrypt_then_mac
uint8_t mbedtls_ssl_config::encrypt_then_mac |
negotiate encrypt-then-mac?
Definition at line 1039 of file ssl.h.
◆ endpoint
uint8_t mbedtls_ssl_config::endpoint |
0: client, 1: server
Definition at line 1027 of file ssl.h.
◆ extended_ms
uint8_t mbedtls_ssl_config::extended_ms |
negotiate extended master secret?
Definition at line 1042 of file ssl.h.
◆ f_cookie_check
int(* mbedtls_ssl_config::f_cookie_check) (void *, const unsigned char *, size_t, const unsigned char *, size_t) |
Callback to verify validity of a ClientHello cookie
Definition at line 1146 of file ssl.h.
◆ f_cookie_write
int(* mbedtls_ssl_config::f_cookie_write) (void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
Callback to create & write a cookie for ClientHello verification
Definition at line 1143 of file ssl.h.
◆ f_dbg
void(* mbedtls_ssl_config::f_dbg) (void *, int, const char *, int, const char *) |
Callback for printing debug output
Definition at line 1110 of file ssl.h.
◆ f_export_keys
int(* mbedtls_ssl_config::f_export_keys) (void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
Callback to export key block and master secret
Definition at line 1162 of file ssl.h.
◆ f_export_keys_ext
int(* mbedtls_ssl_config::f_export_keys_ext) (void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t, const unsigned char[32], const unsigned char[32], mbedtls_tls_prf_types) |
Callback to export key block, master secret, tls_prf and random bytes. Should replace f_export_keys
Definition at line 1166 of file ssl.h.
◆ f_get_cache
Callback to retrieve a session from the cache
Definition at line 1118 of file ssl.h.
◆ f_psk
int(* mbedtls_ssl_config::f_psk) (void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback to retrieve PSK key from identity
Definition at line 1137 of file ssl.h.
◆ f_rng
int(* mbedtls_ssl_config::f_rng) (void *, unsigned char *, size_t) |
Callback for getting (pseudo-)random numbers
Definition at line 1114 of file ssl.h.
◆ f_set_cache
Callback to store a session into the cache
Definition at line 1120 of file ssl.h.
◆ f_sni
int(* mbedtls_ssl_config::f_sni) (void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback for setting cert according to SNI extension
Definition at line 1125 of file ssl.h.
◆ f_ticket_parse
int(* mbedtls_ssl_config::f_ticket_parse) (void *, mbedtls_ssl_session *, unsigned char *, size_t) |
Callback to parse a session ticket into a session structure
Definition at line 1156 of file ssl.h.
◆ f_ticket_write
int(* mbedtls_ssl_config::f_ticket_write) (void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
Callback to create & write a session ticket
Definition at line 1153 of file ssl.h.
◆ f_vrfy
Callback to customize X.509 certificate chain verification
Definition at line 1131 of file ssl.h.
◆ fallback
uint8_t mbedtls_ssl_config::fallback |
is this a fallback?
Definition at line 1060 of file ssl.h.
◆ hs_timeout_max
uint32_t mbedtls_ssl_config::hs_timeout_max |
maximum value of the handshake retransmission timeout (ms)
Definition at line 1085 of file ssl.h.
◆ hs_timeout_min
uint32_t mbedtls_ssl_config::hs_timeout_min |
initial value of the handshake retransmission timeout (ms)
Definition at line 1083 of file ssl.h.
◆ key_cert
own certificate/key pair(s)
Definition at line 1179 of file ssl.h.
◆ max_major_ver
unsigned char mbedtls_ssl_config::max_major_ver |
max. major version used
Definition at line 1016 of file ssl.h.
◆ max_minor_ver
unsigned char mbedtls_ssl_config::max_minor_ver |
max. minor version used
Definition at line 1017 of file ssl.h.
◆ mfl_code
uint8_t mbedtls_ssl_config::mfl_code |
desired fragment length
Definition at line 1036 of file ssl.h.
◆ min_major_ver
unsigned char mbedtls_ssl_config::min_major_ver |
min. major version used
Definition at line 1018 of file ssl.h.
◆ min_minor_ver
unsigned char mbedtls_ssl_config::min_minor_ver |
min. minor version used
Definition at line 1019 of file ssl.h.
◆ p_cache
void* mbedtls_ssl_config::p_cache |
context for cache callbacks
Definition at line 1121 of file ssl.h.
◆ p_cookie
void* mbedtls_ssl_config::p_cookie |
context for the cookie callbacks
Definition at line 1148 of file ssl.h.
◆ p_dbg
void* mbedtls_ssl_config::p_dbg |
context for the debug function
Definition at line 1111 of file ssl.h.
◆ p_export_keys
void* mbedtls_ssl_config::p_export_keys |
context for key export callback
Definition at line 1170 of file ssl.h.
◆ p_psk
void* mbedtls_ssl_config::p_psk |
context for PSK callback
Definition at line 1138 of file ssl.h.
◆ p_rng
void* mbedtls_ssl_config::p_rng |
context for the RNG function
Definition at line 1115 of file ssl.h.
◆ p_sni
void* mbedtls_ssl_config::p_sni |
context for SNI callback
Definition at line 1126 of file ssl.h.
◆ p_ticket
void* mbedtls_ssl_config::p_ticket |
context for the ticket callbacks
Definition at line 1157 of file ssl.h.
◆ p_vrfy
void* mbedtls_ssl_config::p_vrfy |
context for X.509 verify calllback
Definition at line 1132 of file ssl.h.
◆ psk
unsigned char* mbedtls_ssl_config::psk |
The raw pre-shared key. This field should only be set via mbedtls_ssl_conf_psk(). If either no PSK or an opaque PSK have been configured, this has value NULL.
Definition at line 1222 of file ssl.h.
◆ psk_identity
unsigned char* mbedtls_ssl_config::psk_identity |
The PSK identity for PSK negotiation. This field should only be set via mbedtls_ssl_conf_psk(). This is set if and only if either psk
or psk_opaque
are set.
Definition at line 1232 of file ssl.h.
◆ psk_identity_len
size_t mbedtls_ssl_config::psk_identity_len |
The length of PSK identity. This field should only be set via mbedtls_ssl_conf_psk(). Its value is non-zero if and only if psk
is not NULL
or psk_opaque
is not 0
.
Definition at line 1237 of file ssl.h.
◆ psk_len
size_t mbedtls_ssl_config::psk_len |
The length of the raw pre-shared key. This field should only be set via mbedtls_ssl_conf_psk(). Its value is non-zero if and only if psk
is not NULL
.
Definition at line 1226 of file ssl.h.
◆ read_timeout
uint32_t mbedtls_ssl_config::read_timeout |
timeout for mbedtls_ssl_read (ms)
Definition at line 1080 of file ssl.h.
◆ renego_max_records
int mbedtls_ssl_config::renego_max_records |
grace period for renegotiation
Definition at line 1090 of file ssl.h.
◆ renego_period
unsigned char mbedtls_ssl_config::renego_period[8] |
value of the record counters that triggers renegotiation
Definition at line 1091 of file ssl.h.
◆ session_tickets
uint8_t mbedtls_ssl_config::session_tickets |
use session tickets?
Definition at line 1057 of file ssl.h.
◆ sig_hashes
const int* mbedtls_ssl_config::sig_hashes |
allowed signature hashes
Definition at line 1199 of file ssl.h.
◆ transport
uint8_t mbedtls_ssl_config::transport |
stream (TLS) or datagram (DTLS)
Definition at line 1028 of file ssl.h.
◆ trunc_hmac
uint8_t mbedtls_ssl_config::trunc_hmac |
negotiate truncated hmac?
Definition at line 1054 of file ssl.h.
The documentation for this struct was generated from the following file: