mbed TLS v1.3.21
ssl.h
Go to the documentation of this file.
1 
24 #ifndef POLARSSL_SSL_H
25 #define POLARSSL_SSL_H
26 
27 #if !defined(POLARSSL_CONFIG_FILE)
28 #include "config.h"
29 #else
30 #include POLARSSL_CONFIG_FILE
31 #endif
32 
33 /* Temporary compatibility trick for the current stable branch */
34 #if !defined(POLARSSL_SSL_DISABLE_RENEGOTIATION)
35 #define POLARSSL_SSL_RENEGOTIATION
36 #endif
37 
38 #include "net.h"
39 #include "bignum.h"
40 #include "ecp.h"
41 
42 #include "ssl_ciphersuites.h"
43 
44 #if defined(POLARSSL_MD5_C)
45 #include "md5.h"
46 #endif
47 
48 #if defined(POLARSSL_SHA1_C)
49 #include "sha1.h"
50 #endif
51 
52 #if defined(POLARSSL_SHA256_C)
53 #include "sha256.h"
54 #endif
55 
56 #if defined(POLARSSL_SHA512_C)
57 #include "sha512.h"
58 #endif
59 
60 // for session tickets
61 #if defined(POLARSSL_AES_C)
62 #include "aes.h"
63 #endif
64 
65 #if defined(POLARSSL_X509_CRT_PARSE_C)
66 #include "x509_crt.h"
67 #include "x509_crl.h"
68 #endif
69 
70 #if defined(POLARSSL_DHM_C)
71 #include "dhm.h"
72 #endif
73 
74 #if defined(POLARSSL_ECDH_C)
75 #include "ecdh.h"
76 #endif
77 
78 #if defined(POLARSSL_ZLIB_SUPPORT)
79 #include "zlib.h"
80 #endif
81 
82 #if defined(POLARSSL_HAVE_TIME)
83 #include <time.h>
84 #endif
85 
86 /* For convenience below and in programs */
87 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
88  defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
89  defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
90  defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
91 #define POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED
92 #endif
93 
94 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
95  defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
96  defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
97 #define POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED
98 #endif
99 
100 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
101  !defined(inline) && !defined(__cplusplus)
102 #define inline __inline
103 #endif
104 
105 /*
106  * SSL Error codes
107  */
108 #define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x7080
109 #define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x7100
110 #define POLARSSL_ERR_SSL_INVALID_MAC -0x7180
111 #define POLARSSL_ERR_SSL_INVALID_RECORD -0x7200
112 #define POLARSSL_ERR_SSL_CONN_EOF -0x7280
113 #define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x7300
114 #define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x7380
115 #define POLARSSL_ERR_SSL_NO_RNG -0x7400
116 #define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480
117 #define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500
118 #define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED -0x7580
119 #define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600
120 #define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED -0x7680
121 #define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE -0x7700
122 #define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780
123 #define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED -0x7800
124 #define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880
125 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900
126 #define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980
127 #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00
128 #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80
129 #define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00
130 #define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80
131 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00
132 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80
133 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00
134 #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80
135 #define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00
136 #define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0x7E80
137 #define POLARSSL_ERR_SSL_MALLOC_FAILED -0x7F00
138 #define POLARSSL_ERR_SSL_HW_ACCEL_FAILED -0x7F80
139 #define POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80
140 #define POLARSSL_ERR_SSL_COMPRESSION_FAILED -0x6F00
141 #define POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80
142 #define POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00
143 #define POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80
144 #define POLARSSL_ERR_SSL_PK_TYPE_MISMATCH -0x6D00
145 #define POLARSSL_ERR_SSL_UNKNOWN_IDENTITY -0x6C80
146 #define POLARSSL_ERR_SSL_INTERNAL_ERROR -0x6C00
147 #define POLARSSL_ERR_SSL_COUNTER_WRAPPING -0x6B80
148 #define POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00
149 #define POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6A80
151 /*
152  * Various constants
153  */
154 #define SSL_MAJOR_VERSION_3 3
155 #define SSL_MINOR_VERSION_0 0
156 #define SSL_MINOR_VERSION_1 1
157 #define SSL_MINOR_VERSION_2 2
158 #define SSL_MINOR_VERSION_3 3
160 /* Determine minimum supported version */
161 #define SSL_MIN_MAJOR_VERSION SSL_MAJOR_VERSION_3
162 
163 #if defined(POLARSSL_SSL_PROTO_SSL3)
164 #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_0
165 #else
166 #if defined(POLARSSL_SSL_PROTO_TLS1)
167 #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_1
168 #else
169 #if defined(POLARSSL_SSL_PROTO_TLS1_1)
170 #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_2
171 #else
172 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
173 #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_3
174 #endif /* POLARSSL_SSL_PROTO_TLS1_2 */
175 #endif /* POLARSSL_SSL_PROTO_TLS1_1 */
176 #endif /* POLARSSL_SSL_PROTO_TLS1 */
177 #endif /* POLARSSL_SSL_PROTO_SSL3 */
178 
179 /* Determine maximum supported version */
180 #define SSL_MAX_MAJOR_VERSION SSL_MAJOR_VERSION_3
181 
182 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
183 #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_3
184 #else
185 #if defined(POLARSSL_SSL_PROTO_TLS1_1)
186 #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_2
187 #else
188 #if defined(POLARSSL_SSL_PROTO_TLS1)
189 #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_1
190 #else
191 #if defined(POLARSSL_SSL_PROTO_SSL3)
192 #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_0
193 #endif /* POLARSSL_SSL_PROTO_SSL3 */
194 #endif /* POLARSSL_SSL_PROTO_TLS1 */
195 #endif /* POLARSSL_SSL_PROTO_TLS1_1 */
196 #endif /* POLARSSL_SSL_PROTO_TLS1_2 */
197 
198 #define SSL_MAX_HOST_NAME_LEN 255
200 /* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c
201  * NONE must be zero so that memset()ing structure to zero works */
202 #define SSL_MAX_FRAG_LEN_NONE 0
203 #define SSL_MAX_FRAG_LEN_512 1
204 #define SSL_MAX_FRAG_LEN_1024 2
205 #define SSL_MAX_FRAG_LEN_2048 3
206 #define SSL_MAX_FRAG_LEN_4096 4
207 #define SSL_MAX_FRAG_LEN_INVALID 5
209 #define SSL_IS_CLIENT 0
210 #define SSL_IS_SERVER 1
211 
212 #define SSL_IS_NOT_FALLBACK 0
213 #define SSL_IS_FALLBACK 1
214 
215 #define SSL_EXTENDED_MS_DISABLED 0
216 #define SSL_EXTENDED_MS_ENABLED 1
217 
218 #define SSL_ETM_DISABLED 0
219 #define SSL_ETM_ENABLED 1
220 
221 #define SSL_COMPRESS_NULL 0
222 #define SSL_COMPRESS_DEFLATE 1
223 
224 #define SSL_VERIFY_NONE 0
225 #define SSL_VERIFY_OPTIONAL 1
226 #define SSL_VERIFY_REQUIRED 2
227 
228 #define SSL_INITIAL_HANDSHAKE 0
229 #define SSL_RENEGOTIATION 1 /* In progress */
230 #define SSL_RENEGOTIATION_DONE 2 /* Done */
231 #define SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */
232 
233 #define SSL_LEGACY_RENEGOTIATION 0
234 #define SSL_SECURE_RENEGOTIATION 1
235 
236 #define SSL_RENEGOTIATION_DISABLED 0
237 #define SSL_RENEGOTIATION_ENABLED 1
238 
239 #define SSL_RENEGOTIATION_NOT_ENFORCED -1
240 #define SSL_RENEGO_MAX_RECORDS_DEFAULT 16
241 
242 #define SSL_LEGACY_NO_RENEGOTIATION 0
243 #define SSL_LEGACY_ALLOW_RENEGOTIATION 1
244 #define SSL_LEGACY_BREAK_HANDSHAKE 2
245 
246 #define SSL_TRUNC_HMAC_DISABLED 0
247 #define SSL_TRUNC_HMAC_ENABLED 1
248 #define SSL_TRUNCATED_HMAC_LEN 10 /* 80 bits, rfc 6066 section 7 */
249 
250 #define SSL_SESSION_TICKETS_DISABLED 0
251 #define SSL_SESSION_TICKETS_ENABLED 1
252 
253 #define SSL_CBC_RECORD_SPLITTING_DISABLED -1
254 #define SSL_CBC_RECORD_SPLITTING_ENABLED 0
255 
256 #define SSL_ARC4_ENABLED 0
257 #define SSL_ARC4_DISABLED 1
258 
267 #if !defined(SSL_DEFAULT_TICKET_LIFETIME)
268 #define SSL_DEFAULT_TICKET_LIFETIME 86400
269 #endif
270 
271 /*
272  * Size of the input / output buffer.
273  * Note: the RFC defines the default size of SSL / TLS messages. If you
274  * change the value here, other clients / servers may not be able to
275  * communicate with you anymore. Only change this value if you control
276  * both sides of the connection and have it reduced at both sides, or
277  * if you're using the Max Fragment Length extension and you know all your
278  * peers are using it too!
279  */
280 #if !defined(SSL_MAX_CONTENT_LEN)
281 #define SSL_MAX_CONTENT_LEN 16384
282 #endif
283 
284 /*
285  * Minimum size of the Diffie-Hellman parameters to accept from a server.
286  * The default is 1024 bits (128 bytes) for compatibility reasons.
287  * From a purely security perspective, 2048 bits would be better.
288  */
289 #if !defined(SSL_MIN_DHM_BYTES)
290 #define SSL_MIN_DHM_BYTES 128
291 #endif
292 /* \} name SECTION: Module settings */
293 
294 /*
295  * Allow extra bytes for record, authentication and encryption overhead:
296  * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256)
297  * and allow for a maximum of 1024 of compression expansion if
298  * enabled.
299  */
300 #if defined(POLARSSL_ZLIB_SUPPORT)
301 #define SSL_COMPRESSION_ADD 1024
302 #else
303 #define SSL_COMPRESSION_ADD 0
304 #endif
305 
306 #if defined(POLARSSL_RC4_C) || defined(POLARSSL_CIPHER_MODE_CBC)
307 /* Ciphersuites using HMAC */
308 #if defined(POLARSSL_SHA512_C)
309 #define SSL_MAC_ADD 48 /* SHA-384 used for HMAC */
310 #elif defined(POLARSSL_SHA256_C)
311 #define SSL_MAC_ADD 32 /* SHA-256 used for HMAC */
312 #else
313 #define SSL_MAC_ADD 20 /* SHA-1 used for HMAC */
314 #endif
315 #else
316 /* AEAD ciphersuites: GCM and CCM use a 128 bits tag */
317 #define SSL_MAC_ADD 16
318 #endif
319 
320 #if defined(POLARSSL_CIPHER_MODE_CBC)
321 #define SSL_PADDING_ADD 256
322 #else
323 #define SSL_PADDING_ADD 0
324 #endif
325 
326 #define SSL_BUFFER_LEN ( SSL_MAX_CONTENT_LEN \
327  + SSL_COMPRESSION_ADD \
328  + 29 /* counter + header + IV */ \
329  + SSL_MAC_ADD \
330  + SSL_PADDING_ADD \
331  )
332 
333 /*
334  * Length of the verify data for secure renegotiation
335  */
336 #if defined(POLARSSL_SSL_PROTO_SSL3)
337 #define SSL_VERIFY_DATA_MAX_LEN 36
338 #else
339 #define SSL_VERIFY_DATA_MAX_LEN 12
340 #endif
341 
342 /*
343  * Signaling ciphersuite values (SCSV)
344  */
345 #define SSL_EMPTY_RENEGOTIATION_INFO 0xFF
346 #define SSL_FALLBACK_SCSV 0x5600
348 /*
349  * Supported Signature and Hash algorithms (For TLS 1.2)
350  * RFC 5246 section 7.4.1.4.1
351  */
352 #define SSL_HASH_NONE 0
353 #define SSL_HASH_MD5 1
354 #define SSL_HASH_SHA1 2
355 #define SSL_HASH_SHA224 3
356 #define SSL_HASH_SHA256 4
357 #define SSL_HASH_SHA384 5
358 #define SSL_HASH_SHA512 6
359 
360 #define SSL_SIG_ANON 0
361 #define SSL_SIG_RSA 1
362 #define SSL_SIG_ECDSA 3
363 
364 /*
365  * Client Certificate Types
366  * RFC 5246 section 7.4.4 plus RFC 4492 section 5.5
367  */
368 #define SSL_CERT_TYPE_RSA_SIGN 1
369 #define SSL_CERT_TYPE_ECDSA_SIGN 64
370 
371 /*
372  * Message, alert and handshake types
373  */
374 #define SSL_MSG_CHANGE_CIPHER_SPEC 20
375 #define SSL_MSG_ALERT 21
376 #define SSL_MSG_HANDSHAKE 22
377 #define SSL_MSG_APPLICATION_DATA 23
378 
379 #define SSL_ALERT_LEVEL_WARNING 1
380 #define SSL_ALERT_LEVEL_FATAL 2
381 
382 #define SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */
383 #define SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */
384 #define SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */
385 #define SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */
386 #define SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */
387 #define SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */
388 #define SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */
389 #define SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */
390 #define SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */
391 #define SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */
392 #define SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */
393 #define SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */
394 #define SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */
395 #define SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */
396 #define SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */
397 #define SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */
398 #define SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */
399 #define SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */
400 #define SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */
401 #define SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */
402 #define SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */
403 #define SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */
404 #define SSL_ALERT_MSG_INAPROPRIATE_FALLBACK 86 /* 0x56 */
405 #define SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */
406 #define SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */
407 #define SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */
408 #define SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */
409 #define SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY 115 /* 0x73 */
410 #define SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL 120 /* 0x78 */
411 
412 #define SSL_HS_HELLO_REQUEST 0
413 #define SSL_HS_CLIENT_HELLO 1
414 #define SSL_HS_SERVER_HELLO 2
415 #define SSL_HS_NEW_SESSION_TICKET 4
416 #define SSL_HS_CERTIFICATE 11
417 #define SSL_HS_SERVER_KEY_EXCHANGE 12
418 #define SSL_HS_CERTIFICATE_REQUEST 13
419 #define SSL_HS_SERVER_HELLO_DONE 14
420 #define SSL_HS_CERTIFICATE_VERIFY 15
421 #define SSL_HS_CLIENT_KEY_EXCHANGE 16
422 #define SSL_HS_FINISHED 20
423 
424 /*
425  * TLS extensions
426  */
427 #define TLS_EXT_SERVERNAME 0
428 #define TLS_EXT_SERVERNAME_HOSTNAME 0
429 
430 #define TLS_EXT_MAX_FRAGMENT_LENGTH 1
431 
432 #define TLS_EXT_TRUNCATED_HMAC 4
433 
434 #define TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10
435 #define TLS_EXT_SUPPORTED_POINT_FORMATS 11
436 
437 #define TLS_EXT_SIG_ALG 13
438 
439 #define TLS_EXT_ALPN 16
440 
441 #define TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */
442 #define TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */
443 
444 #define TLS_EXT_SESSION_TICKET 35
445 
446 #define TLS_EXT_RENEGOTIATION_INFO 0xFF01
447 
448 /*
449  * TLS extension flags (for extensions with outgoing ServerHello content
450  * that need it (e.g. for RENEGOTIATION_INFO the server already knows because
451  * of state of the renegotiation flag, so no indicator is required)
452  */
453 #define TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0)
454 
455 /*
456  * Size defines
457  */
458 #if !defined(POLARSSL_PSK_MAX_LEN)
459 #define POLARSSL_PSK_MAX_LEN 32 /* 256 bits */
460 #endif
461 
462 /* Dummy type used only for its size */
464 {
465 #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
466  unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */
467 #endif
468 #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
469  unsigned char _pms_dhm[POLARSSL_MPI_MAX_SIZE]; /* RFC 5246 8.1.2 */
470 #endif
471 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
472  defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
473  defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
474  defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
475  unsigned char _pms_ecdh[POLARSSL_ECP_MAX_BYTES]; /* RFC 4492 5.10 */
476 #endif
477 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
478  unsigned char _pms_psk[4 + 2 * POLARSSL_PSK_MAX_LEN]; /* RFC 4279 2 */
479 #endif
480 #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
481  unsigned char _pms_dhe_psk[4 + POLARSSL_MPI_MAX_SIZE
482  + POLARSSL_PSK_MAX_LEN]; /* RFC 4279 3 */
483 #endif
484 #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
485  unsigned char _pms_rsa_psk[52 + POLARSSL_PSK_MAX_LEN]; /* RFC 4279 4 */
486 #endif
487 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
488  unsigned char _pms_ecdhe_psk[4 + POLARSSL_ECP_MAX_BYTES
489  + POLARSSL_PSK_MAX_LEN]; /* RFC 5489 2 */
490 #endif
491 };
492 
493 #define POLARSSL_PREMASTER_SIZE sizeof( union _ssl_premaster_secret )
494 
495 #ifdef __cplusplus
496 extern "C" {
497 #endif
498 
499 /*
500  * Generic function pointers for allowing external RSA private key
501  * implementations.
502  */
503 typedef int (*rsa_decrypt_func)( void *ctx, int mode, size_t *olen,
504  const unsigned char *input, unsigned char *output,
505  size_t output_max_len );
506 typedef int (*rsa_sign_func)( void *ctx,
507  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
508  int mode, md_type_t md_alg, unsigned int hashlen,
509  const unsigned char *hash, unsigned char *sig );
510 typedef size_t (*rsa_key_len_func)( void *ctx );
511 
512 /*
513  * SSL state machine
514  */
515 typedef enum
516 {
535 }
536 ssl_states;
537 
538 typedef struct _ssl_session ssl_session;
539 typedef struct _ssl_context ssl_context;
543 #if defined(POLARSSL_SSL_SESSION_TICKETS)
545 #endif
546 #if defined(POLARSSL_X509_CRT_PARSE_C)
548 #endif
549 
550 /*
551  * This structure is used for storing current session data.
552  */
554 {
555 #if defined(POLARSSL_HAVE_TIME)
556  time_t start;
557 #endif
560  size_t length;
561  unsigned char id[32];
562  unsigned char master[48];
564 #if defined(POLARSSL_X509_CRT_PARSE_C)
566 #endif /* POLARSSL_X509_CRT_PARSE_C */
569 #if defined(POLARSSL_SSL_SESSION_TICKETS)
570  unsigned char *ticket;
571  size_t ticket_len;
572  uint32_t ticket_lifetime;
573 #endif /* POLARSSL_SSL_SESSION_TICKETS */
574 
575 #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
576  unsigned char mfl_code;
577 #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
578 
579 #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
581 #endif /* POLARSSL_SSL_TRUNCATED_HMAC */
582 
583 #if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
585 #endif
586 };
587 
588 /*
589  * This structure contains a full set of runtime transform parameters
590  * either in negotiation or active.
591  */
593 {
594  /*
595  * Session specific crypto layer
596  */
599  unsigned int keylen;
600  size_t minlen;
601  size_t ivlen;
602  size_t fixed_ivlen;
603  size_t maclen;
605  unsigned char iv_enc[16];
606  unsigned char iv_dec[16];
608 #if defined(POLARSSL_SSL_PROTO_SSL3)
609  /* Needed only for SSL v3.0 secret */
610  unsigned char mac_enc[20];
611  unsigned char mac_dec[20];
612 #endif /* POLARSSL_SSL_PROTO_SSL3 */
613 
620  /*
621  * Session specific compression layer
622  */
623 #if defined(POLARSSL_ZLIB_SUPPORT)
624  z_stream ctx_deflate;
625  z_stream ctx_inflate;
626 #endif
627 };
628 
629 #if defined(POLARSSL_SSL_PROTO_TLS1_2) && \
630  defined(POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED)
631 /*
632  * Abstraction for a grid of allowed signature-hash-algorithm pairs.
633  */
635 {
636  /* At the moment, we only need to remember a single suitable
637  * hash algorithm per signature algorithm. As long as that's
638  * the case - and we don't need a general lookup function -
639  * we can implement the sig-hash-set as a map from signatures
640  * to hash algorithms. */
643 };
644 #endif /* POLARSSL_SSL_PROTO_TLS1_2) &&
645  POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED */
646 
647 /*
648  * This structure contains the parameters only needed during handshake.
649  */
651 {
652  /*
653  * Handshake specific crypto variables
654  */
655 #if defined(POLARSSL_SSL_PROTO_TLS1_2) && \
656  defined(POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED)
658 #endif
659  int cert_type;
661 #if defined(POLARSSL_DHM_C)
663 #endif
664 #if defined(POLARSSL_ECDH_C)
666 #endif
667 #if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
669 #endif
670 #if defined(POLARSSL_X509_CRT_PARSE_C)
671 
678 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
680 #endif
681 #endif /* POLARSSL_X509_CRT_PARSE_C */
682 
683  /*
684  * Checksum contexts
685  */
686 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
687  defined(POLARSSL_SSL_PROTO_TLS1_1)
690 #endif
691 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
692 #if defined(POLARSSL_SHA256_C)
694 #endif
695 #if defined(POLARSSL_SHA512_C)
697 #endif
698 #endif /* POLARSSL_SSL_PROTO_TLS1_2 */
699 
700  void (*update_checksum)(ssl_context *, const unsigned char *, size_t);
701  void (*calc_verify)(ssl_context *, unsigned char *);
702  void (*calc_finished)(ssl_context *, unsigned char *, int);
703  int (*tls_prf)(const unsigned char *, size_t, const char *,
704  const unsigned char *, size_t,
705  unsigned char *, size_t);
706 
707  size_t pmslen;
709  unsigned char randbytes[64];
713  int resume;
716  int cli_exts;
718 #if defined(POLARSSL_SSL_SESSION_TICKETS)
720 #endif /* POLARSSL_SSL_SESSION_TICKETS */
721 #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
723 #endif
724 };
725 
726 #if defined(POLARSSL_SSL_SESSION_TICKETS)
727 /*
728  * Parameters needed to secure session tickets
729  */
731 {
732  unsigned char key_name[16];
735  unsigned char mac_key[16];
736 };
737 #endif /* POLARSSL_SSL_SESSION_TICKETS */
738 
739 #if defined(POLARSSL_X509_CRT_PARSE_C)
740 /*
741  * List of certificate + private key pairs
742  */
744 {
749 };
750 #endif /* POLARSSL_X509_CRT_PARSE_C */
751 
753 {
754  /*
755  * Miscellaneous
756  */
757  int state;
759 #if defined(POLARSSL_SSL_RENEGOTIATION)
761 #endif
762 
763  int major_ver;
764  int minor_ver;
771 #if defined(POLARSSL_SSL_FALLBACK_SCSV) && defined(POLARSSL_SSL_CLI_C)
772  char fallback;
773 #endif
774 #if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
776 #endif
777 #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
778  char extended_ms;
779 #endif
782  /*
783  * Callbacks (RNG, debug, I/O, verification)
784  */
785  int (*f_rng)(void *, unsigned char *, size_t);
786  void (*f_dbg)(void *, int, const char *);
787  int (*f_recv)(void *, unsigned char *, size_t);
788  int (*f_send)(void *, const unsigned char *, size_t);
789  int (*f_get_cache)(void *, ssl_session *);
790  int (*f_set_cache)(void *, const ssl_session *);
791 
792  void *p_rng;
793  void *p_dbg;
794  void *p_recv;
795  void *p_send;
796  void *p_get_cache;
797  void *p_set_cache;
798  void *p_hw_data;
800 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
801  int (*f_sni)(void *, ssl_context *, const unsigned char *, size_t);
802  void *p_sni;
803 #endif
804 
805 #if defined(POLARSSL_X509_CRT_PARSE_C)
806  int (*f_vrfy)(void *, x509_crt *, int, int *);
807  void *p_vrfy;
808 #endif
809 
810 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
811  int (*f_psk)(void *, ssl_context *, const unsigned char *, size_t);
812  void *p_psk;
813 #endif
814 
815  /*
816  * Session layer
817  */
826  /*
827  * Record layer transformations
828  */
834  /*
835  * Record layer (incoming data)
836  */
837  unsigned char *in_ctr;
838  unsigned char *in_hdr;
839  unsigned char *in_iv;
840  unsigned char *in_msg;
841  unsigned char *in_offt;
844  size_t in_msglen;
845  size_t in_left;
847  size_t in_hslen;
848  int nb_zero;
853  /*
854  * Record layer (outgoing data)
855  */
856  unsigned char *out_ctr;
857  unsigned char *out_hdr;
858  unsigned char *out_iv;
859  unsigned char *out_msg;
862  size_t out_msglen;
863  size_t out_left;
865 #if defined(POLARSSL_ZLIB_SUPPORT)
866  unsigned char *compress_buf;
867 #endif
868 #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
869  unsigned char mfl_code;
870 #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
871 #if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING)
872  signed char split_done;
874 #endif
875 
876  /*
877  * PKI layer
878  */
879 #if defined(POLARSSL_X509_CRT_PARSE_C)
882  x509_crt *ca_chain;
884  const char *peer_cn;
885 #endif /* POLARSSL_X509_CRT_PARSE_C */
886 
887  /*
888  * Support for generating and checking session tickets
889  */
890 #if defined(POLARSSL_SSL_SESSION_TICKETS)
892 #endif /* POLARSSL_SSL_SESSION_TICKETS */
893 
894  /*
895  * User settings
896  */
897  int endpoint;
898  int authmode;
901 #if defined(POLARSSL_SSL_RENEGOTIATION)
904  unsigned char renego_period[8];
906 #endif
908  const int *ciphersuite_list[4];
909 #if defined(POLARSSL_SSL_SET_CURVES)
910  const ecp_group_id *curve_list;
911 #endif
912 #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
914 #endif
915 #if defined(POLARSSL_SSL_SESSION_TICKETS)
918 #endif
919 
920 #if defined(POLARSSL_DHM_C)
923 #endif
924 
925 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
926  /*
927  * PSK values
928  */
929  unsigned char *psk;
930  size_t psk_len;
931  unsigned char *psk_identity;
933 #endif
934 
935 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
936  /*
937  * SNI extension
938  */
939  unsigned char *hostname;
940  size_t hostname_len;
941 #endif
942 
943 #if defined(POLARSSL_SSL_ALPN)
944  /*
945  * ALPN extension
946  */
947  const char **alpn_list;
948  const char *alpn_chosen;
949 #endif
950 
951  /*
952  * Secure renegotiation
953  */
956 #if defined(POLARSSL_SSL_RENEGOTIATION)
960 #endif
961 };
962 
963 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
964 
965 #define SSL_CHANNEL_OUTBOUND 0
966 #define SSL_CHANNEL_INBOUND 1
967 
968 extern int (*ssl_hw_record_init)(ssl_context *ssl,
969  const unsigned char *key_enc, const unsigned char *key_dec,
970  size_t keylen,
971  const unsigned char *iv_enc, const unsigned char *iv_dec,
972  size_t ivlen,
973  const unsigned char *mac_enc, const unsigned char *mac_dec,
974  size_t maclen);
975 extern int (*ssl_hw_record_activate)(ssl_context *ssl, int direction);
976 extern int (*ssl_hw_record_reset)(ssl_context *ssl);
977 extern int (*ssl_hw_record_write)(ssl_context *ssl);
978 extern int (*ssl_hw_record_read)(ssl_context *ssl);
979 extern int (*ssl_hw_record_finish)(ssl_context *ssl);
980 #endif /* POLARSSL_SSL_HW_RECORD_ACCEL */
981 
988 const int *ssl_list_ciphersuites( void );
989 
998 const char *ssl_get_ciphersuite_name( const int ciphersuite_id );
999 
1008 int ssl_get_ciphersuite_id( const char *ciphersuite_name );
1009 
1019 int ssl_init( ssl_context *ssl );
1020 
1031 int ssl_session_reset( ssl_context *ssl );
1032 
1042 void ssl_set_endpoint( ssl_context *ssl, int endpoint );
1043 
1067 void ssl_set_authmode( ssl_context *ssl, int authmode );
1068 
1069 #if defined(POLARSSL_X509_CRT_PARSE_C)
1070 
1081 void ssl_set_verify( ssl_context *ssl,
1082  int (*f_vrfy)(void *, x509_crt *, int, int *),
1083  void *p_vrfy );
1084 #endif /* POLARSSL_X509_CRT_PARSE_C */
1085 
1093 void ssl_set_rng( ssl_context *ssl,
1094  int (*f_rng)(void *, unsigned char *, size_t),
1095  void *p_rng );
1096 
1104 void ssl_set_dbg( ssl_context *ssl,
1105  void (*f_dbg)(void *, int, const char *),
1106  void *p_dbg );
1107 
1117 void ssl_set_bio( ssl_context *ssl,
1118  int (*f_recv)(void *, unsigned char *, size_t), void *p_recv,
1119  int (*f_send)(void *, const unsigned char *, size_t), void *p_send );
1120 
1121 #if defined(POLARSSL_SSL_SRV_C)
1122 
1161  int (*f_get_cache)(void *, ssl_session *), void *p_get_cache,
1162  int (*f_set_cache)(void *, const ssl_session *), void *p_set_cache );
1163 #endif /* POLARSSL_SSL_SRV_C */
1164 
1165 #if defined(POLARSSL_SSL_CLI_C)
1166 
1180 int ssl_set_session( ssl_context *ssl, const ssl_session *session );
1181 #endif /* POLARSSL_SSL_CLI_C */
1182 
1198 void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites );
1199 
1214  const int *ciphersuites,
1215  int major, int minor );
1216 
1217 #if defined(POLARSSL_X509_CRT_PARSE_C)
1218 
1226 void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain,
1227  x509_crl *ca_crl, const char *peer_cn );
1228 
1247 int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert,
1248  pk_context *pk_key );
1249 
1250 #if ! defined(POLARSSL_DEPRECATED_REMOVED)
1251 #if defined(POLARSSL_DEPRECATED_WARNING)
1252 #define DEPRECATED __attribute__((deprecated))
1253 #else
1254 #define DEPRECATED
1255 #endif
1256 #if defined(POLARSSL_RSA_C)
1257 
1272 int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert,
1273  rsa_context *rsa_key ) DEPRECATED;
1274 #endif /* POLARSSL_RSA_C */
1275 
1300 int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert,
1301  void *rsa_key,
1302  rsa_decrypt_func rsa_decrypt,
1303  rsa_sign_func rsa_sign,
1304  rsa_key_len_func rsa_key_len ) DEPRECATED;
1305 #undef DEPRECATED
1306 #endif /* POLARSSL_DEPRECATED_REMOVED */
1307 #endif /* POLARSSL_X509_CRT_PARSE_C */
1308 
1309 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
1310 
1322 int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len,
1323  const unsigned char *psk_identity, size_t psk_identity_len );
1324 
1345 void ssl_set_psk_cb( ssl_context *ssl,
1346  int (*f_psk)(void *, ssl_context *, const unsigned char *,
1347  size_t),
1348  void *p_psk );
1349 #endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
1350 
1351 #if defined(POLARSSL_DHM_C)
1352 
1363 int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G );
1364 
1374 int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx );
1375 #endif /* POLARSSL_DHM_C */
1376 
1377 #if defined(POLARSSL_SSL_SET_CURVES)
1378 
1396 void ssl_set_curves( ssl_context *ssl, const ecp_group_id *curves );
1397 #endif /* POLARSSL_SSL_SET_CURVES */
1398 
1399 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
1400 
1410 int ssl_set_hostname( ssl_context *ssl, const char *hostname );
1411 
1431 void ssl_set_sni( ssl_context *ssl,
1432  int (*f_sni)(void *, ssl_context *, const unsigned char *,
1433  size_t),
1434  void *p_sni );
1435 #endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */
1436 
1437 #if defined(POLARSSL_SSL_ALPN)
1438 
1447 int ssl_set_alpn_protocols( ssl_context *ssl, const char **protos );
1448 
1458 const char *ssl_get_alpn_protocol( const ssl_context *ssl );
1459 #endif /* POLARSSL_SSL_ALPN */
1460 
1476 void ssl_set_max_version( ssl_context *ssl, int major, int minor );
1477 
1493 void ssl_set_min_version( ssl_context *ssl, int major, int minor );
1494 
1495 #if defined(POLARSSL_SSL_FALLBACK_SCSV) && defined(POLARSSL_SSL_CLI_C)
1496 
1515 void ssl_set_fallback( ssl_context *ssl, char fallback );
1516 #endif /* POLARSSL_SSL_FALLBACK_SCSV && POLARSSL_SSL_CLI_C */
1517 
1518 #if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
1519 
1530 void ssl_set_encrypt_then_mac( ssl_context *ssl, char etm );
1531 #endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */
1532 
1533 #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
1534 
1545 void ssl_set_extended_master_secret( ssl_context *ssl, char ems );
1546 #endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */
1547 
1561 void ssl_set_arc4_support( ssl_context *ssl, char arc4 );
1562 
1563 #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
1564 
1579 int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code );
1580 #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
1581 
1582 #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
1583 
1594 int ssl_set_truncated_hmac( ssl_context *ssl, int truncate );
1595 #endif /* POLARSSL_SSL_TRUNCATED_HMAC */
1596 
1597 #if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING)
1598 
1609 void ssl_set_cbc_record_splitting( ssl_context *ssl, char split );
1610 #endif /* POLARSSL_SSL_CBC_RECORD_SPLITTING */
1611 
1612 #if defined(POLARSSL_SSL_SESSION_TICKETS)
1613 
1629 int ssl_set_session_tickets( ssl_context *ssl, int use_tickets );
1630 
1638 void ssl_set_session_ticket_lifetime( ssl_context *ssl, int lifetime );
1639 #endif /* POLARSSL_SSL_SESSION_TICKETS */
1640 
1641 #if defined(POLARSSL_SSL_RENEGOTIATION)
1642 
1655 void ssl_set_renegotiation( ssl_context *ssl, int renegotiation );
1656 #endif /* POLARSSL_SSL_RENEGOTIATION */
1657 
1685 void ssl_legacy_renegotiation( ssl_context *ssl, int allow_legacy );
1686 
1687 #if defined(POLARSSL_SSL_RENEGOTIATION)
1688 
1716 void ssl_set_renegotiation_enforced( ssl_context *ssl, int max_records );
1717 
1736  const unsigned char period[8] );
1737 #endif /* POLARSSL_SSL_RENEGOTIATION */
1738 
1746 size_t ssl_get_bytes_avail( const ssl_context *ssl );
1747 
1759 int ssl_get_verify_result( const ssl_context *ssl );
1760 
1768 const char *ssl_get_ciphersuite( const ssl_context *ssl );
1769 
1777 const char *ssl_get_version( const ssl_context *ssl );
1778 
1779 #if defined(POLARSSL_X509_CRT_PARSE_C)
1780 
1794 const x509_crt *ssl_get_peer_cert( const ssl_context *ssl );
1795 #endif /* POLARSSL_X509_CRT_PARSE_C */
1796 
1797 #if defined(POLARSSL_SSL_CLI_C)
1798 
1814 int ssl_get_session( const ssl_context *ssl, ssl_session *session );
1815 #endif /* POLARSSL_SSL_CLI_C */
1816 
1825 int ssl_handshake( ssl_context *ssl );
1826 
1839 int ssl_handshake_step( ssl_context *ssl );
1840 
1841 #if defined(POLARSSL_SSL_RENEGOTIATION)
1842 
1852 int ssl_renegotiate( ssl_context *ssl );
1853 #endif /* POLARSSL_SSL_RENEGOTIATION */
1854 
1865 int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len );
1866 
1885 int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len );
1886 
1898  unsigned char level,
1899  unsigned char message );
1905 int ssl_close_notify( ssl_context *ssl );
1906 
1912 void ssl_free( ssl_context *ssl );
1913 
1919 void ssl_session_init( ssl_session *session );
1920 
1927 void ssl_session_free( ssl_session *session );
1928 
1935 void ssl_transform_free( ssl_transform *transform );
1936 
1943 void ssl_handshake_free( ssl_handshake_params *handshake );
1944 
1945 /*
1946  * Internal functions (do not call directly)
1947  */
1950 void ssl_handshake_wrapup( ssl_context *ssl );
1951 
1953 
1954 int ssl_derive_keys( ssl_context *ssl );
1955 
1956 int ssl_read_record( ssl_context *ssl );
1961 int ssl_fetch_input( ssl_context *ssl, size_t nb_want );
1962 
1963 int ssl_write_record( ssl_context *ssl );
1964 int ssl_flush_output( ssl_context *ssl );
1965 
1968 
1971 
1972 int ssl_parse_finished( ssl_context *ssl );
1973 int ssl_write_finished( ssl_context *ssl );
1974 
1976  const ssl_ciphersuite_t *ciphersuite_info );
1977 
1978 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
1980 #endif
1981 
1982 #if defined(POLARSSL_PK_C)
1983 unsigned char ssl_sig_from_pk( pk_context *pk );
1984 unsigned char ssl_sig_from_pk_alg( pk_type_t type );
1985 pk_type_t ssl_pk_alg_from_sig( unsigned char sig );
1986 #endif
1987 
1988 md_type_t ssl_md_alg_from_hash( unsigned char hash );
1989 unsigned char ssl_hash_from_md_alg( md_type_t md );
1990 
1991 #if defined(POLARSSL_SSL_SET_CURVES)
1992 int ssl_curve_is_acceptable( const ssl_context *ssl, ecp_group_id grp_id );
1993 #endif
1994 
1995 #if defined(POLARSSL_SSL_PROTO_TLS1_2) && \
1996  defined(POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED)
1997 
1998 /* Find an entry in a signature-hash set matching a given hash algorithm. */
2000  pk_type_t sig_alg );
2001 /* Add a signature-hash-pair to a signature-hash set */
2003  pk_type_t sig_alg,
2004  md_type_t md_alg );
2005 /* Allow exactly one hash algorithm for each signature. */
2007  md_type_t md_alg );
2008 
2009 /* Setup an empty signature-hash set */
2010 static inline void ssl_sig_hash_set_init( ssl_sig_hash_set_t *set )
2011 {
2013 }
2014 
2015 #endif /* POLARSSL_SSL_PROTO_TLS1_2) &&
2016  POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED */
2017 
2018 #if defined(POLARSSL_X509_CRT_PARSE_C)
2019 static inline pk_context *ssl_own_key( ssl_context *ssl )
2020 {
2021  return( ssl->handshake->key_cert == NULL ? NULL
2022  : ssl->handshake->key_cert->key );
2023 }
2024 
2025 static inline x509_crt *ssl_own_cert( ssl_context *ssl )
2026 {
2027  return( ssl->handshake->key_cert == NULL ? NULL
2028  : ssl->handshake->key_cert->cert );
2029 }
2030 
2031 /*
2032  * Check if a hash proposed by the peer is in our list.
2033  * Return 0 if we're willing to use it, -1 otherwise.
2034  */
2036 
2037 /*
2038  * Check usage of a certificate wrt extensions:
2039  * keyUsage, extendedKeyUsage (later), and nSCertType (later).
2040  *
2041  * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we
2042  * check a cert we received from them)!
2043  *
2044  * Return 0 if everything is OK, -1 if not.
2045  */
2046 int ssl_check_cert_usage( const x509_crt *cert,
2047  const ssl_ciphersuite_t *ciphersuite,
2048  int cert_endpoint,
2049  int *flags );
2050 #endif /* POLARSSL_X509_CRT_PARSE_C */
2051 
2052 /* constant-time buffer comparison */
2053 static inline int safer_memcmp( const void *a, const void *b, size_t n )
2054 {
2055  size_t i;
2056  const unsigned char *A = (const unsigned char *) a;
2057  const unsigned char *B = (const unsigned char *) b;
2058  unsigned char diff = 0;
2059 
2060  for( i = 0; i < n; i++ )
2061  diff |= A[i] ^ B[i];
2062 
2063  return( diff );
2064 }
2065 
2066 #ifdef __cplusplus
2067 }
2068 #endif
2069 
2070 #endif /* ssl.h */
int md(const md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output)
Output = message_digest( input buffer )
const ecp_curve_info ** curves
Definition: ssl.h:668
unsigned char * hostname
Definition: ssl.h:939
ssl_session * session_in
Definition: ssl.h:818
unsigned char mfl_code
Definition: ssl.h:869
size_t length
Definition: ssl.h:560
void * p_set_cache
Definition: ssl.h:797
md_context_t md_ctx_dec
Definition: ssl.h:615
int ciphersuite
Definition: ssl.h:558
int trunc_hmac
Definition: ssl.h:913
ssl_sig_hash_set_t hash_algs
Definition: ssl.h:657
size_t in_hslen
Definition: ssl.h:847
int ssl_send_alert_message(ssl_context *ssl, unsigned char level, unsigned char message)
Send an alert message.
void(* f_dbg)(void *, int, const char *)
Definition: ssl.h:786
int(* f_rng)(void *, unsigned char *, size_t)
Definition: ssl.h:785
sha256_context fin_sha256
Definition: ssl.h:693
size_t ivlen
Definition: ssl.h:601
int major_ver
Definition: ssl.h:763
int renego_records_seen
Definition: ssl.h:760
Generic cipher context.
Definition: cipher.h:264
#define POLARSSL_PREMASTER_SIZE
Definition: ssl.h:493
SHA-1 context structure.
Definition: sha1.h:55
char extended_ms
Definition: ssl.h:778
sha1_context fin_sha1
Definition: ssl.h:689
int compression
Definition: ssl.h:559
pk_type_t ssl_pk_alg_from_sig(unsigned char sig)
Network communication functions.
int state
Definition: ssl.h:757
const char * peer_cn
Definition: ssl.h:884
#define POLARSSL_MPI_MAX_SIZE
Maximum number of bytes for usable MPIs.
Definition: bignum.h:93
unsigned char master[48]
Definition: ssl.h:562
int ssl_set_truncated_hmac(ssl_context *ssl, int truncate)
Activate negotiation of truncated HMAC (Default: SSL_TRUNC_HMAC_DISABLED on client, SSL_TRUNC_HMAC_ENABLED on server.)
ssl_transform * transform_out
Definition: ssl.h:830
void ssl_sig_hash_set_const_hash(ssl_sig_hash_set_t *set, md_type_t md_alg)
void ssl_set_cbc_record_splitting(ssl_context *ssl, char split)
Enable / Disable 1/n-1 record splitting (Default: SSL_CBC_RECORD_SPLITTING_ENABLED) ...
int(* f_sni)(void *, ssl_context *, const unsigned char *, size_t)
Definition: ssl.h:801
int nb_zero
Definition: ssl.h:848
void(* calc_verify)(ssl_context *, unsigned char *)
Definition: ssl.h:701
int ssl_check_cert_usage(const x509_crt *cert, const ssl_ciphersuite_t *ciphersuite, int cert_endpoint, int *flags)
DHM context structure.
Definition: dhm.h:153
void ssl_set_extended_master_secret(ssl_context *ssl, char ems)
Enable or disable Extended Master Secret negotiation.
void * p_psk
Definition: ssl.h:812
Elliptic curves over GF(p)
size_t ticket_len
Definition: ssl.h:571
ssl_session * session_negotiate
Definition: ssl.h:821
ssl_session * session
Definition: ssl.h:820
void ssl_legacy_renegotiation(ssl_context *ssl, int allow_legacy)
Prevent or allow legacy renegotiation.
int ssl_parse_certificate(ssl_context *ssl)
void ssl_set_dbg(ssl_context *ssl, void(*f_dbg)(void *, int, const char *), void *p_dbg)
Set the debug callback.
char fallback
Definition: ssl.h:772
ssl_key_cert * key_cert
Definition: ssl.h:880
ssl_key_cert * sni_key_cert
Definition: ssl.h:679
int ssl_set_session_tickets(ssl_context *ssl, int use_tickets)
Enable / Disable session tickets (Default: SSL_SESSION_TICKETS_ENABLED on client, SSL_SESSION_TICKETS...
unsigned char iv_enc[16]
Definition: ssl.h:605
size_t out_msglen
Definition: ssl.h:862
void ssl_set_verify(ssl_context *ssl, int(*f_vrfy)(void *, x509_crt *, int, int *), void *p_vrfy)
Set the verification callback (Optional).
int ticket_lifetime
Definition: ssl.h:917
ssl_transform * transform_in
Definition: ssl.h:829
cipher_context_t cipher_ctx_enc
Definition: ssl.h:617
md_type_t ssl_sig_hash_set_find(ssl_sig_hash_set_t *set, pk_type_t sig_alg)
const int * ciphersuite_list[4]
Definition: ssl.h:908
int ssl_parse_finished(ssl_context *ssl)
void * p_rng
Definition: ssl.h:792
static void ssl_sig_hash_set_init(ssl_sig_hash_set_t *set)
Definition: ssl.h:2010
mpi dhm_P
Definition: ssl.h:921
ssl_states
Definition: ssl.h:515
unsigned char premaster[POLARSSL_PREMASTER_SIZE]
Definition: ssl.h:710
void ssl_session_free(ssl_session *session)
Free referenced items in an SSL session including the peer certificate and clear memory.
AES context structure.
Definition: aes.h:65
int ssl_write_finished(ssl_context *ssl)
Configuration options (set of defines)
unsigned char _pms_dhe_psk[4+POLARSSL_MPI_MAX_SIZE+POLARSSL_PSK_MAX_LEN]
Definition: ssl.h:482
ssl_transform * transform
Definition: ssl.h:831
x509_crt * cert
Definition: ssl.h:745
size_t psk_identity_len
Definition: ssl.h:932
unsigned char * out_ctr
Definition: ssl.h:856
void ssl_handshake_wrapup(ssl_context *ssl)
int(* f_send)(void *, const unsigned char *, size_t)
Definition: ssl.h:788
size_t in_msglen
Definition: ssl.h:844
int ssl_set_dh_param_ctx(ssl_context *ssl, dhm_context *dhm_ctx)
Set the Diffie-Hellman public P and G values, read from existing context (server-side only) ...
unsigned char * in_hdr
Definition: ssl.h:838
int secure_renegotiation
Definition: ssl.h:954
time_t start
Definition: ssl.h:556
MPI structure.
Definition: bignum.h:183
sha512_context fin_sha512
Definition: ssl.h:696
int ssl_handshake_server_step(ssl_context *ssl)
SSL Ciphersuites for mbed TLS.
int(* tls_prf)(const unsigned char *, size_t, const char *, const unsigned char *, size_t, unsigned char *, size_t)
Definition: ssl.h:703
unsigned char mac_key[16]
Definition: ssl.h:735
void * p_vrfy
Definition: ssl.h:807
size_t psk_len
Definition: ssl.h:930
void ssl_set_max_version(ssl_context *ssl, int major, int minor)
Set the maximum supported version sent from the client side and/or accepted at the server side (Defau...
const ssl_ciphersuite_t * ciphersuite_info
Definition: ssl.h:597
void * p_recv
Definition: ssl.h:794
unsigned char * psk
Definition: ssl.h:929
int renego_max_records
Definition: ssl.h:903
Multi-precision integer library.
void ssl_set_ciphersuites_for_version(ssl_context *ssl, const int *ciphersuites, int major, int minor)
Set the list of allowed ciphersuites and the preference order for a specific version of the protocol...
void ssl_set_encrypt_then_mac(ssl_context *ssl, char etm)
Enable or disable Encrypt-then-MAC (Default: SSL_ETM_ENABLED)
int ssl_init(ssl_context *ssl)
Initialize an SSL context (An individual SSL context is not thread-safe)
int max_major_ver
Definition: ssl.h:766
int keep_current_message
Definition: ssl.h:850
int ssl_get_ciphersuite_id(const char *ciphersuite_name)
Return the ID of the ciphersuite associated with the given name.
int ssl_set_psk(ssl_context *ssl, const unsigned char *psk, size_t psk_len, const unsigned char *psk_identity, size_t psk_identity_len)
Set the Pre Shared Key (PSK) and the identity name connected to it.
char peer_verify_data[SSL_VERIFY_DATA_MAX_LEN]
Definition: ssl.h:959
void ssl_set_psk_cb(ssl_context *ssl, int(*f_psk)(void *, ssl_context *, const unsigned char *, size_t), void *p_psk)
Set the PSK callback (server-side only) (Optional).
unsigned int keylen
Definition: ssl.h:599
int ssl_get_session(const ssl_context *ssl, ssl_session *session)
Save session in order to resume it later (client-side only) Session data is copied to presented sessi...
md_type_t
Definition: md.h:45
int verify_result
Definition: ssl.h:567
const char * ssl_get_alpn_protocol(const ssl_context *ssl)
Get the name of the negotiated Application Layer Protocol.
const char ** alpn_list
Definition: ssl.h:947
int max_minor_ver
Definition: ssl.h:767
const char * alpn_chosen
Definition: ssl.h:948
md_type_t rsa
Definition: ssl.h:641
void * p_hw_data
Definition: ssl.h:798
char arc4_disabled
Definition: ssl.h:780
unsigned char * in_ctr
Definition: ssl.h:837
ssl_handshake_params * handshake
Definition: ssl.h:823
void(* update_checksum)(ssl_context *, const unsigned char *, size_t)
Definition: ssl.h:700
size_t fixed_ivlen
Definition: ssl.h:602
int ssl_write_certificate(ssl_context *ssl)
size_t(* rsa_key_len_func)(void *ctx)
Definition: ssl.h:510
RSA context structure.
Definition: rsa.h:80
cipher_context_t cipher_ctx_dec
Definition: ssl.h:618
signed char split_done
Definition: ssl.h:872
#define POLARSSL_PSK_MAX_LEN
Definition: ssl.h:459
int in_msgtype
Definition: ssl.h:843
Container for an X.509 certificate.
Definition: x509_crt.h:53
unsigned char renego_period[8]
Definition: ssl.h:904
size_t verify_data_len
Definition: ssl.h:957
const char * ssl_get_ciphersuite(const ssl_context *ssl)
Return the name of the current ciphersuite.
mpi dhm_G
Definition: ssl.h:922
const char * ssl_get_version(const ssl_context *ssl)
Return the current SSL version (SSLv3/TLSv1/etc)
void ssl_set_renegotiation(ssl_context *ssl, int renegotiation)
Enable / Disable renegotiation support for connection when initiated by peer (Default: SSL_RENEGOTIAT...
int min_minor_ver
Definition: ssl.h:769
unsigned char * out_msg
Definition: ssl.h:859
unsigned char _pms_dhm[POLARSSL_MPI_MAX_SIZE]
Definition: ssl.h:469
int client_auth
Definition: ssl.h:899
void * p_dbg
Definition: ssl.h:793
ssl_key_cert * key_cert
Current key/cert or key/cert list.
Definition: ssl.h:677
void * p_send
Definition: ssl.h:795
ecdh_context ecdh_ctx
Definition: ssl.h:665
x509_crl * ca_crl
Definition: ssl.h:883
static x509_crt * ssl_own_cert(ssl_context *ssl)
Definition: ssl.h:2025
int ssl_set_max_frag_len(ssl_context *ssl, unsigned char mfl_code)
Set the maximum fragment length to emit and/or negotiate (Default: SSL_MAX_CONTENT_LEN, usually 2^14 bytes) (Server: set maximum fragment length to emit, usually negotiated by the client during handshake (Client: set maximum fragment length to emit and negotiate with the server during handshake)
SHA-512 context structure.
Definition: sha512.h:54
int ssl_handshake_client_step(ssl_context *ssl)
unsigned char _pms_ecdhe_psk[4+POLARSSL_ECP_MAX_BYTES+POLARSSL_PSK_MAX_LEN]
Definition: ssl.h:489
unsigned char * ticket
Definition: ssl.h:570
size_t maclen
Definition: ssl.h:603
int new_session_ticket
Definition: ssl.h:719
void ssl_set_fallback(ssl_context *ssl, char fallback)
Set the fallback flag (client-side only).
unsigned char * out_hdr
Definition: ssl.h:857
AES block cipher.
int ssl_set_own_cert(ssl_context *ssl, x509_crt *own_cert, pk_context *pk_key)
Set own certificate chain and private key.
int trunc_hmac
Definition: ssl.h:580
void ssl_set_endpoint(ssl_context *ssl, int endpoint)
Set the current endpoint type.
md_type_t ecdsa
Definition: ssl.h:642
#define DEPRECATED
Definition: ssl.h:1254
void ssl_set_ciphersuites(ssl_context *ssl, const int *ciphersuites)
Set the list of allowed ciphersuites and the preference order.
Curve information for use by other modules.
Definition: ecp.h:84
int ssl_set_own_cert_alt(ssl_context *ssl, x509_crt *own_cert, void *rsa_key, rsa_decrypt_func rsa_decrypt, rsa_sign_func rsa_sign, rsa_key_len_func rsa_key_len) DEPRECATED
Set own certificate and external RSA private key and handling callbacks, such as the PKCS#11 wrappers...
int encrypt_then_mac
Definition: ssl.h:584
void ssl_set_rng(ssl_context *ssl, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Set the random number generator callback.
void * p_get_cache
Definition: ssl.h:796
void ssl_set_bio(ssl_context *ssl, int(*f_recv)(void *, unsigned char *, size_t), void *p_recv, int(*f_send)(void *, const unsigned char *, size_t), void *p_send)
Set the underlying BIO read and write callbacks.
void ssl_free(ssl_context *ssl)
Free referenced items in an SSL context and clear memory.
unsigned char _pms_rsa[48]
Definition: ssl.h:466
unsigned char ssl_sig_from_pk(pk_context *pk)
void ssl_handshake_free(ssl_handshake_params *handshake)
Free referenced items in an SSL handshake context and clear memory.
int authmode
Definition: ssl.h:898
int ssl_flush_output(ssl_context *ssl)
int ssl_handshake(ssl_context *ssl)
Perform the SSL handshake.
unsigned char * in_offt
Definition: ssl.h:841
void ssl_set_min_version(ssl_context *ssl, int major, int minor)
Set the minimum accepted SSL/TLS protocol version (Default: SSL_MIN_MAJOR_VERSION, SSL_MIN_MINOR_VERSION)
char encrypt_then_mac
Definition: ssl.h:775
Diffie-Hellman-Merkle key exchange.
X.509 certificate parsing and writing.
unsigned char ssl_hash_from_md_alg(md_type_t md)
int(* rsa_sign_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Definition: ssl.h:506
unsigned char * in_msg
Definition: ssl.h:840
int ssl_set_hostname(ssl_context *ssl, const char *hostname)
Set hostname for ServerName TLS extension (client-side only)
aes_context dec
Definition: ssl.h:734
int ssl_handshake_step(ssl_context *ssl)
Perform a single step of the SSL handshake.
MD5 context structure.
Definition: md5.h:55
pk_type_t
Public key types.
Definition: pk.h:92
aes_context enc
Definition: ssl.h:733
unsigned char iv_dec[16]
Definition: ssl.h:606
unsigned char _pms_ecdh[POLARSSL_ECP_MAX_BYTES]
Definition: ssl.h:475
int ssl_parse_change_cipher_spec(ssl_context *ssl)
size_t hostname_len
Definition: ssl.h:940
Elliptic curve Diffie-Hellman.
int minor_ver
Definition: ssl.h:764
#define POLARSSL_ECP_MAX_BYTES
Definition: ecp.h:183
ECDH context structure.
Definition: ecdh.h:45
This structure is used for storing ciphersuite information.
int ssl_close_notify(ssl_context *ssl)
Notify the peer that the connection is being closed.
const x509_crt * ssl_get_peer_cert(const ssl_context *ssl)
Return the peer certificate from the current connection.
void ssl_set_session_cache(ssl_context *ssl, int(*f_get_cache)(void *, ssl_session *), void *p_get_cache, int(*f_set_cache)(void *, const ssl_session *), void *p_set_cache)
Set the session cache callbacks (server-side only) If not set, no session resuming is done (except if...
size_t ssl_get_bytes_avail(const ssl_context *ssl)
Return the number of data bytes available to read.
void ssl_set_arc4_support(ssl_context *ssl, char arc4)
Disable or enable support for RC4 (Default: SSL_ARC4_ENABLED)
int ssl_set_session(ssl_context *ssl, const ssl_session *session)
Request resumption of session (client-side only) Session data is copied from presented session struct...
size_t in_left
Definition: ssl.h:845
int session_tickets
Definition: ssl.h:916
pk_context * key
Definition: ssl.h:746
int allow_legacy_renegotiation
Definition: ssl.h:907
ssl_session * session_out
Definition: ssl.h:819
void ssl_set_renegotiation_period(ssl_context *ssl, const unsigned char period[8])
Set record counter threshold for periodic renegotiation.
unsigned char _pms_psk[4+2 *POLARSSL_PSK_MAX_LEN]
Definition: ssl.h:478
void(* calc_finished)(ssl_context *, unsigned char *, int)
Definition: ssl.h:702
int ssl_read_record(ssl_context *ssl)
ecp_group_id
Domain parameters (curve, subgroup and generator) identifiers.
Definition: ecp.h:54
int ssl_set_dh_param(ssl_context *ssl, const char *dhm_P, const char *dhm_G)
Set the Diffie-Hellman public P and G values, read as hexadecimal strings (server-side only) (Default...
int(* f_vrfy)(void *, x509_crt *, int, int *)
Definition: ssl.h:806
int out_msgtype
Definition: ssl.h:861
void ssl_set_session_ticket_lifetime(ssl_context *ssl, int lifetime)
Set session ticket lifetime (server only) (Default: SSL_DEFAULT_TICKET_LIFETIME (86400 secs / 1 day))...
size_t out_left
Definition: ssl.h:863
SHA-1 cryptographic hash function.
md_context_t md_ctx_enc
Definition: ssl.h:614
int ssl_get_verify_result(const ssl_context *ssl)
Return the result of the certificate verification.
X.509 certificate revocation list parsing.
int ssl_session_reset(ssl_context *ssl)
Reset an already initialized SSL context for re-use while retaining application-set variables...
void ssl_session_init(ssl_session *session)
Initialize SSL session structure.
unsigned char ssl_sig_from_pk_alg(pk_type_t type)
int min_major_ver
Definition: ssl.h:768
Certificate revocation list structure.
Definition: x509_crl.h:70
const int * ssl_list_ciphersuites(void)
Returns the list of ciphersuites supported by the SSL/TLS module.
SHA-384 and SHA-512 cryptographic hash function.
ssl_transform * transform_negotiate
Definition: ssl.h:832
int ssl_set_alpn_protocols(ssl_context *ssl, const char **protos)
Set the supported Application Layer Protocols.
unsigned char _pms_rsa_psk[52+POLARSSL_PSK_MAX_LEN]
Definition: ssl.h:485
uint32_t ticket_lifetime
Definition: ssl.h:572
void ssl_set_renegotiation_enforced(ssl_context *ssl, int max_records)
Enforce requested renegotiation.
unsigned char * in_iv
Definition: ssl.h:839
int disable_renegotiation
Definition: ssl.h:902
int verify_result
Definition: ssl.h:900
int ssl_write_change_cipher_spec(ssl_context *ssl)
int(* f_get_cache)(void *, ssl_session *)
Definition: ssl.h:789
int ssl_derive_keys(ssl_context *ssl)
void ssl_set_authmode(ssl_context *ssl, int authmode)
Set the certificate verification mode.
static pk_context * ssl_own_key(ssl_context *ssl)
Definition: ssl.h:2019
int(* f_set_cache)(void *, const ssl_session *)
Definition: ssl.h:790
SHA-256 context structure.
Definition: sha256.h:55
key_exchange_type_t
unsigned char mfl_code
Definition: ssl.h:576
int ssl_psk_derive_premaster(ssl_context *ssl, key_exchange_type_t key_ex)
int renegotiation
Definition: ssl.h:758
dhm_context dhm_ctx
Definition: ssl.h:662
static int safer_memcmp(const void *a, const void *b, size_t n)
Definition: ssl.h:2053
int ssl_send_fatal_handshake_failure(ssl_context *ssl)
ssl_ticket_keys * ticket_keys
Definition: ssl.h:891
size_t minlen
Definition: ssl.h:600
int ssl_read(ssl_context *ssl, unsigned char *buf, size_t len)
Read at most 'len' application data bytes.
void ssl_transform_free(ssl_transform *transform)
Free referenced items in an SSL transform context and clear memory.
unsigned char * psk_identity
Definition: ssl.h:931
const char * ssl_get_ciphersuite_name(const int ciphersuite_id)
Return the name of the ciphersuite associated with the given ID.
int ssl_check_sig_hash(md_type_t md)
MD5 message digest algorithm (hash function)
int ssl_renegotiate(ssl_context *ssl)
Initiate an SSL renegotiation on the running connection.
SHA-224 and SHA-256 cryptographic hash function.
int(* f_recv)(void *, unsigned char *, size_t)
Definition: ssl.h:787
unsigned char key_name[16]
Definition: ssl.h:732
int key_own_alloc
Definition: ssl.h:747
int ssl_write(ssl_context *ssl, const unsigned char *buf, size_t len)
Write exactly 'len' application data bytes.
ssl_key_cert * next
Definition: ssl.h:748
#define SSL_VERIFY_DATA_MAX_LEN
Definition: ssl.h:339
void ssl_set_ca_chain(ssl_context *ssl, x509_crt *ca_chain, x509_crl *ca_crl, const char *peer_cn)
Set the data required to verify peer certificate.
x509_crt * ca_chain
Definition: ssl.h:882
md5_context fin_md5
Definition: ssl.h:688
int endpoint
Definition: ssl.h:897
void ssl_sig_hash_set_add(ssl_sig_hash_set_t *set, pk_type_t sig_alg, md_type_t md_alg)
void ssl_set_sni(ssl_context *ssl, int(*f_sni)(void *, ssl_context *, const unsigned char *, size_t), void *p_sni)
Set server side ServerName TLS extension callback (optional, server-side only).
int ssl_fetch_input(ssl_context *ssl, size_t nb_want)
int(* f_psk)(void *, ssl_context *, const unsigned char *, size_t)
Definition: ssl.h:811
int ssl_write_record(ssl_context *ssl)
Public key container.
Definition: pk.h:194
unsigned char * out_iv
Definition: ssl.h:858
unsigned char randbytes[64]
Definition: ssl.h:709
char own_verify_data[SSL_VERIFY_DATA_MAX_LEN]
Definition: ssl.h:958
int(* rsa_decrypt_func)(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Definition: ssl.h:503
Generic message digest context.
Definition: md.h:126
void ssl_optimize_checksum(ssl_context *ssl, const ssl_ciphersuite_t *ciphersuite_info)
int ssl_set_own_cert_rsa(ssl_context *ssl, x509_crt *own_cert, rsa_context *rsa_key) DEPRECATED
Set own certificate chain and private RSA key.
x509_crt * peer_cert
Definition: ssl.h:565
md_type_t ssl_md_alg_from_hash(unsigned char hash)
void * p_sni
Definition: ssl.h:802