#include <ssl.h>
|
unsigned char | max_major_ver |
|
unsigned char | max_minor_ver |
|
unsigned char | min_major_ver |
|
unsigned char | min_minor_ver |
|
uint8_t | endpoint |
|
uint8_t | transport |
|
uint8_t | authmode |
|
uint8_t | allow_legacy_renegotiation |
|
uint8_t | arc4_disabled |
|
uint8_t | mfl_code |
|
uint8_t | encrypt_then_mac |
|
uint8_t | extended_ms |
|
uint8_t | anti_replay |
|
uint8_t | cbc_record_splitting |
|
uint8_t | disable_renegotiation |
|
uint8_t | trunc_hmac |
|
uint8_t | session_tickets |
|
uint8_t | fallback |
|
uint8_t | cert_req_ca_list |
|
uint8_t | dtls_srtp_mki_support |
|
uint32_t | read_timeout |
|
uint32_t | hs_timeout_min |
|
uint32_t | hs_timeout_max |
|
int | renego_max_records |
|
unsigned char | renego_period [8] |
|
unsigned int | badmac_limit |
|
unsigned int | dhm_min_bitlen |
|
const int * | ciphersuite_list [4] |
|
void(* | f_dbg )(void *, int, const char *, int, const char *) |
|
void * | p_dbg |
|
int(* | f_rng )(void *, unsigned char *, size_t) |
|
void * | p_rng |
|
int(* | f_get_cache )(void *, mbedtls_ssl_session *) |
|
int(* | f_set_cache )(void *, const mbedtls_ssl_session *) |
|
void * | p_cache |
|
int(* | f_sni )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | p_sni |
|
int(* | f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *) |
|
void * | p_vrfy |
|
int(* | f_psk )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | p_psk |
|
int(* | f_cookie_write )(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
|
int(* | f_cookie_check )(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
|
void * | p_cookie |
|
int(* | f_ticket_write )(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
|
int(* | f_ticket_parse )(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
|
void * | p_ticket |
|
int(* | f_export_keys )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
|
int(* | f_export_keys_ext )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t, const unsigned char[32], const unsigned char[32], mbedtls_tls_prf_types) |
|
void * | p_export_keys |
|
const mbedtls_x509_crt_profile * | cert_profile |
|
mbedtls_ssl_key_cert * | key_cert |
|
mbedtls_x509_crt * | ca_chain |
|
mbedtls_x509_crl * | ca_crl |
|
const int * | sig_hashes |
|
const mbedtls_ecp_group_id * | curve_list |
|
mbedtls_mpi | dhm_P |
|
mbedtls_mpi | dhm_G |
|
unsigned char * | psk |
|
size_t | psk_len |
|
unsigned char * | psk_identity |
|
size_t | psk_identity_len |
|
const char ** | alpn_list |
|
const mbedtls_ssl_srtp_profile * | dtls_srtp_profile_list |
|
size_t | dtls_srtp_profile_list_len |
|
SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
Definition at line 1044 of file ssl.h.
uint8_t mbedtls_ssl_config::allow_legacy_renegotiation |
MBEDTLS_LEGACY_XXX
Definition at line 1066 of file ssl.h.
const char** mbedtls_ssl_config::alpn_list |
ordered list of protocols
Definition at line 1281 of file ssl.h.
uint8_t mbedtls_ssl_config::anti_replay |
detect and prevent replay?
Definition at line 1080 of file ssl.h.
uint8_t mbedtls_ssl_config::arc4_disabled |
blacklist RC4 ciphersuites?
Definition at line 1068 of file ssl.h.
uint8_t mbedtls_ssl_config::authmode |
MBEDTLS_SSL_VERIFY_XXX
Definition at line 1064 of file ssl.h.
unsigned int mbedtls_ssl_config::badmac_limit |
limit of records with a bad MAC
Definition at line 1131 of file ssl.h.
trusted CAs
Definition at line 1215 of file ssl.h.
trusted CAs CRLs
Definition at line 1216 of file ssl.h.
uint8_t mbedtls_ssl_config::cbc_record_splitting |
do cbc record splitting
Definition at line 1083 of file ssl.h.
verification profile
Definition at line 1213 of file ssl.h.
uint8_t mbedtls_ssl_config::cert_req_ca_list |
enable sending CA list in Certificate Request messages?
Definition at line 1098 of file ssl.h.
const int* mbedtls_ssl_config::ciphersuite_list[4] |
allowed ciphersuites per version
Definition at line 1142 of file ssl.h.
allowed curves
Definition at line 1238 of file ssl.h.
generator for DHM
Definition at line 1243 of file ssl.h.
unsigned int mbedtls_ssl_config::dhm_min_bitlen |
min. bit length of the DHM prime
Definition at line 1135 of file ssl.h.
prime modulus for DHM
Definition at line 1242 of file ssl.h.
uint8_t mbedtls_ssl_config::disable_renegotiation |
disable renegotiation?
Definition at line 1086 of file ssl.h.
uint8_t mbedtls_ssl_config::dtls_srtp_mki_support |
support having mki_value in the use_srtp extension?
Definition at line 1107 of file ssl.h.
ordered list of supported srtp profile
Definition at line 1286 of file ssl.h.
size_t mbedtls_ssl_config::dtls_srtp_profile_list_len |
number of supported profiles
Definition at line 1288 of file ssl.h.
uint8_t mbedtls_ssl_config::encrypt_then_mac |
negotiate encrypt-then-mac?
Definition at line 1074 of file ssl.h.
uint8_t mbedtls_ssl_config::endpoint |
0: client, 1: server
Definition at line 1062 of file ssl.h.
uint8_t mbedtls_ssl_config::extended_ms |
negotiate extended master secret?
Definition at line 1077 of file ssl.h.
int(* mbedtls_ssl_config::f_cookie_check) (void *, const unsigned char *, size_t, const unsigned char *, size_t) |
Callback to verify validity of a ClientHello cookie
Definition at line 1181 of file ssl.h.
int(* mbedtls_ssl_config::f_cookie_write) (void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
Callback to create & write a cookie for ClientHello verification
Definition at line 1178 of file ssl.h.
void(* mbedtls_ssl_config::f_dbg) (void *, int, const char *, int, const char *) |
Callback for printing debug output
Definition at line 1145 of file ssl.h.
int(* mbedtls_ssl_config::f_export_keys) (void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
Callback to export key block and master secret
Definition at line 1197 of file ssl.h.
int(* mbedtls_ssl_config::f_export_keys_ext) (void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t, const unsigned char[32], const unsigned char[32], mbedtls_tls_prf_types) |
Callback to export key block, master secret, tls_prf and random bytes. Should replace f_export_keys
Definition at line 1201 of file ssl.h.
Callback to retrieve a session from the cache
Definition at line 1153 of file ssl.h.
int(* mbedtls_ssl_config::f_psk) (void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback to retrieve PSK key from identity
Definition at line 1172 of file ssl.h.
int(* mbedtls_ssl_config::f_rng) (void *, unsigned char *, size_t) |
Callback for getting (pseudo-)random numbers
Definition at line 1149 of file ssl.h.
Callback to store a session into the cache
Definition at line 1155 of file ssl.h.
int(* mbedtls_ssl_config::f_sni) (void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback for setting cert according to SNI extension
Definition at line 1160 of file ssl.h.
int(* mbedtls_ssl_config::f_ticket_parse) (void *, mbedtls_ssl_session *, unsigned char *, size_t) |
Callback to parse a session ticket into a session structure
Definition at line 1191 of file ssl.h.
int(* mbedtls_ssl_config::f_ticket_write) (void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
Callback to create & write a session ticket
Definition at line 1188 of file ssl.h.
Callback to customize X.509 certificate chain verification
Definition at line 1166 of file ssl.h.
uint8_t mbedtls_ssl_config::fallback |
is this a fallback?
Definition at line 1095 of file ssl.h.
uint32_t mbedtls_ssl_config::hs_timeout_max |
maximum value of the handshake retransmission timeout (ms)
Definition at line 1120 of file ssl.h.
uint32_t mbedtls_ssl_config::hs_timeout_min |
initial value of the handshake retransmission timeout (ms)
Definition at line 1118 of file ssl.h.
own certificate/key pair(s)
Definition at line 1214 of file ssl.h.
unsigned char mbedtls_ssl_config::max_major_ver |
max. major version used
Definition at line 1051 of file ssl.h.
unsigned char mbedtls_ssl_config::max_minor_ver |
max. minor version used
Definition at line 1052 of file ssl.h.
uint8_t mbedtls_ssl_config::mfl_code |
desired fragment length
Definition at line 1071 of file ssl.h.
unsigned char mbedtls_ssl_config::min_major_ver |
min. major version used
Definition at line 1053 of file ssl.h.
unsigned char mbedtls_ssl_config::min_minor_ver |
min. minor version used
Definition at line 1054 of file ssl.h.
void* mbedtls_ssl_config::p_cache |
context for cache callbacks
Definition at line 1156 of file ssl.h.
void* mbedtls_ssl_config::p_cookie |
context for the cookie callbacks
Definition at line 1183 of file ssl.h.
void* mbedtls_ssl_config::p_dbg |
context for the debug function
Definition at line 1146 of file ssl.h.
void* mbedtls_ssl_config::p_export_keys |
context for key export callback
Definition at line 1205 of file ssl.h.
void* mbedtls_ssl_config::p_psk |
context for PSK callback
Definition at line 1173 of file ssl.h.
void* mbedtls_ssl_config::p_rng |
context for the RNG function
Definition at line 1150 of file ssl.h.
void* mbedtls_ssl_config::p_sni |
context for SNI callback
Definition at line 1161 of file ssl.h.
void* mbedtls_ssl_config::p_ticket |
context for the ticket callbacks
Definition at line 1192 of file ssl.h.
void* mbedtls_ssl_config::p_vrfy |
context for X.509 verify calllback
Definition at line 1167 of file ssl.h.
unsigned char* mbedtls_ssl_config::psk |
The raw pre-shared key. This field should only be set via mbedtls_ssl_conf_psk(). If either no PSK or an opaque PSK have been configured, this has value NULL.
Definition at line 1257 of file ssl.h.
unsigned char* mbedtls_ssl_config::psk_identity |
The PSK identity for PSK negotiation. This field should only be set via mbedtls_ssl_conf_psk(). This is set if and only if either psk
or psk_opaque
are set.
Definition at line 1267 of file ssl.h.
size_t mbedtls_ssl_config::psk_identity_len |
The length of PSK identity. This field should only be set via mbedtls_ssl_conf_psk(). Its value is non-zero if and only if psk
is not NULL
or psk_opaque
is not 0
.
Definition at line 1272 of file ssl.h.
size_t mbedtls_ssl_config::psk_len |
The length of the raw pre-shared key. This field should only be set via mbedtls_ssl_conf_psk(). Its value is non-zero if and only if psk
is not NULL
.
Definition at line 1261 of file ssl.h.
uint32_t mbedtls_ssl_config::read_timeout |
timeout for mbedtls_ssl_read (ms)
Definition at line 1115 of file ssl.h.
int mbedtls_ssl_config::renego_max_records |
grace period for renegotiation
Definition at line 1125 of file ssl.h.
unsigned char mbedtls_ssl_config::renego_period[8] |
value of the record counters that triggers renegotiation
Definition at line 1126 of file ssl.h.
uint8_t mbedtls_ssl_config::session_tickets |
use session tickets?
Definition at line 1092 of file ssl.h.
const int* mbedtls_ssl_config::sig_hashes |
allowed signature hashes
Definition at line 1234 of file ssl.h.
uint8_t mbedtls_ssl_config::transport |
stream (TLS) or datagram (DTLS)
Definition at line 1063 of file ssl.h.
uint8_t mbedtls_ssl_config::trunc_hmac |
negotiate truncated hmac?
Definition at line 1089 of file ssl.h.
The documentation for this struct was generated from the following file: