#include <ssl.h>
|
const int * | ciphersuite_list [4] |
|
void(* | f_dbg )(void *, int, const char *, int, const char *) |
|
void * | p_dbg |
|
int(* | f_rng )(void *, unsigned char *, size_t) |
|
void * | p_rng |
|
int(* | f_get_cache )(void *, mbedtls_ssl_session *) |
|
int(* | f_set_cache )(void *, const mbedtls_ssl_session *) |
|
void * | p_cache |
|
int(* | f_sni )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | p_sni |
|
int(* | f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *) |
|
void * | p_vrfy |
|
int(* | f_psk )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | p_psk |
|
int(* | f_cookie_write )(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
|
int(* | f_cookie_check )(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
|
void * | p_cookie |
|
int(* | f_ticket_write )(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
|
int(* | f_ticket_parse )(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
|
void * | p_ticket |
|
int(* | f_export_keys )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
|
void * | p_export_keys |
|
const mbedtls_x509_crt_profile * | cert_profile |
|
mbedtls_ssl_key_cert * | key_cert |
|
mbedtls_x509_crt * | ca_chain |
|
mbedtls_x509_crl * | ca_crl |
|
const int * | sig_hashes |
|
const mbedtls_ecp_group_id * | curve_list |
|
mbedtls_mpi | dhm_P |
|
mbedtls_mpi | dhm_G |
|
unsigned char * | psk |
|
size_t | psk_len |
|
unsigned char * | psk_identity |
|
size_t | psk_identity_len |
|
const char ** | alpn_list |
|
uint32_t | read_timeout |
|
uint32_t | hs_timeout_min |
|
uint32_t | hs_timeout_max |
|
int | renego_max_records |
|
unsigned char | renego_period [8] |
|
unsigned int | badmac_limit |
|
unsigned int | dhm_min_bitlen |
|
unsigned char | max_major_ver |
|
unsigned char | max_minor_ver |
|
unsigned char | min_major_ver |
|
unsigned char | min_minor_ver |
|
unsigned int | endpoint: 1 |
|
unsigned int | transport: 1 |
|
unsigned int | authmode: 2 |
|
unsigned int | allow_legacy_renegotiation: 2 |
|
unsigned int | arc4_disabled: 1 |
|
unsigned int | mfl_code: 3 |
|
unsigned int | encrypt_then_mac: 1 |
|
unsigned int | extended_ms: 1 |
|
unsigned int | anti_replay: 1 |
|
unsigned int | cbc_record_splitting: 1 |
|
unsigned int | disable_renegotiation: 1 |
|
unsigned int | trunc_hmac: 1 |
|
unsigned int | session_tickets: 1 |
|
unsigned int | fallback: 1 |
|
unsigned int | cert_req_ca_list: 1 |
|
SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
Definition at line 587 of file ssl.h.
◆ allow_legacy_renegotiation
unsigned int mbedtls_ssl_config::allow_legacy_renegotiation |
MBEDTLS_LEGACY_XXX
Definition at line 726 of file ssl.h.
◆ alpn_list
const char** mbedtls_ssl_config::alpn_list |
ordered list of protocols
Definition at line 683 of file ssl.h.
◆ anti_replay
unsigned int mbedtls_ssl_config::anti_replay |
detect and prevent replay?
Definition at line 740 of file ssl.h.
◆ arc4_disabled
unsigned int mbedtls_ssl_config::arc4_disabled |
blacklist RC4 ciphersuites?
Definition at line 728 of file ssl.h.
◆ authmode
unsigned int mbedtls_ssl_config::authmode |
MBEDTLS_SSL_VERIFY_XXX
Definition at line 724 of file ssl.h.
◆ badmac_limit
unsigned int mbedtls_ssl_config::badmac_limit |
limit of records with a bad MAC
Definition at line 706 of file ssl.h.
◆ ca_chain
trusted CAs
Definition at line 658 of file ssl.h.
◆ ca_crl
trusted CAs CRLs
Definition at line 659 of file ssl.h.
◆ cbc_record_splitting
unsigned int mbedtls_ssl_config::cbc_record_splitting |
do cbc record splitting
Definition at line 743 of file ssl.h.
◆ cert_profile
verification profile
Definition at line 656 of file ssl.h.
◆ cert_req_ca_list
unsigned int mbedtls_ssl_config::cert_req_ca_list |
enable sending CA list in Certificate Request messages?
Definition at line 758 of file ssl.h.
◆ ciphersuite_list
const int* mbedtls_ssl_config::ciphersuite_list[4] |
allowed ciphersuites per version
Definition at line 595 of file ssl.h.
◆ curve_list
allowed curves
Definition at line 667 of file ssl.h.
◆ dhm_G
generator for DHM
Definition at line 672 of file ssl.h.
◆ dhm_min_bitlen
unsigned int mbedtls_ssl_config::dhm_min_bitlen |
min. bit length of the DHM prime
Definition at line 710 of file ssl.h.
◆ dhm_P
prime modulus for DHM
Definition at line 671 of file ssl.h.
◆ disable_renegotiation
unsigned int mbedtls_ssl_config::disable_renegotiation |
disable renegotiation?
Definition at line 746 of file ssl.h.
◆ encrypt_then_mac
unsigned int mbedtls_ssl_config::encrypt_then_mac |
negotiate encrypt-then-mac?
Definition at line 734 of file ssl.h.
◆ endpoint
unsigned int mbedtls_ssl_config::endpoint |
0: client, 1: server
Definition at line 722 of file ssl.h.
◆ extended_ms
unsigned int mbedtls_ssl_config::extended_ms |
negotiate extended master secret?
Definition at line 737 of file ssl.h.
◆ f_cookie_check
int(* mbedtls_ssl_config::f_cookie_check) (void *, const unsigned char *, size_t, const unsigned char *, size_t) |
Callback to verify validity of a ClientHello cookie
Definition at line 634 of file ssl.h.
◆ f_cookie_write
int(* mbedtls_ssl_config::f_cookie_write) (void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
Callback to create & write a cookie for ClientHello veirifcation
Definition at line 631 of file ssl.h.
◆ f_dbg
void(* mbedtls_ssl_config::f_dbg) (void *, int, const char *, int, const char *) |
Callback for printing debug output
Definition at line 598 of file ssl.h.
◆ f_export_keys
int(* mbedtls_ssl_config::f_export_keys) (void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
Callback to export key block and master secret
Definition at line 650 of file ssl.h.
◆ f_get_cache
Callback to retrieve a session from the cache
Definition at line 606 of file ssl.h.
◆ f_psk
int(* mbedtls_ssl_config::f_psk) (void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback to retrieve PSK key from identity
Definition at line 625 of file ssl.h.
◆ f_rng
int(* mbedtls_ssl_config::f_rng) (void *, unsigned char *, size_t) |
Callback for getting (pseudo-)random numbers
Definition at line 602 of file ssl.h.
◆ f_set_cache
Callback to store a session into the cache
Definition at line 608 of file ssl.h.
◆ f_sni
int(* mbedtls_ssl_config::f_sni) (void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback for setting cert according to SNI extension
Definition at line 613 of file ssl.h.
◆ f_ticket_parse
int(* mbedtls_ssl_config::f_ticket_parse) (void *, mbedtls_ssl_session *, unsigned char *, size_t) |
Callback to parse a session ticket into a session structure
Definition at line 644 of file ssl.h.
◆ f_ticket_write
int(* mbedtls_ssl_config::f_ticket_write) (void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
Callback to create & write a session ticket
Definition at line 641 of file ssl.h.
◆ f_vrfy
Callback to customize X.509 certificate chain verification
Definition at line 619 of file ssl.h.
◆ fallback
unsigned int mbedtls_ssl_config::fallback |
is this a fallback?
Definition at line 755 of file ssl.h.
◆ hs_timeout_max
uint32_t mbedtls_ssl_config::hs_timeout_max |
maximum value of the handshake retransmission timeout (ms)
Definition at line 695 of file ssl.h.
◆ hs_timeout_min
uint32_t mbedtls_ssl_config::hs_timeout_min |
initial value of the handshake retransmission timeout (ms)
Definition at line 693 of file ssl.h.
◆ key_cert
own certificate/key pair(s)
Definition at line 657 of file ssl.h.
◆ max_major_ver
unsigned char mbedtls_ssl_config::max_major_ver |
max. major version used
Definition at line 713 of file ssl.h.
◆ max_minor_ver
unsigned char mbedtls_ssl_config::max_minor_ver |
max. minor version used
Definition at line 714 of file ssl.h.
◆ mfl_code
unsigned int mbedtls_ssl_config::mfl_code |
desired fragment length
Definition at line 731 of file ssl.h.
◆ min_major_ver
unsigned char mbedtls_ssl_config::min_major_ver |
min. major version used
Definition at line 715 of file ssl.h.
◆ min_minor_ver
unsigned char mbedtls_ssl_config::min_minor_ver |
min. minor version used
Definition at line 716 of file ssl.h.
◆ p_cache
void* mbedtls_ssl_config::p_cache |
context for cache callbacks
Definition at line 609 of file ssl.h.
◆ p_cookie
void* mbedtls_ssl_config::p_cookie |
context for the cookie callbacks
Definition at line 636 of file ssl.h.
◆ p_dbg
void* mbedtls_ssl_config::p_dbg |
context for the debug function
Definition at line 599 of file ssl.h.
◆ p_export_keys
void* mbedtls_ssl_config::p_export_keys |
context for key export callback
Definition at line 652 of file ssl.h.
◆ p_psk
void* mbedtls_ssl_config::p_psk |
context for PSK callback
Definition at line 626 of file ssl.h.
◆ p_rng
void* mbedtls_ssl_config::p_rng |
context for the RNG function
Definition at line 603 of file ssl.h.
◆ p_sni
void* mbedtls_ssl_config::p_sni |
context for SNI callback
Definition at line 614 of file ssl.h.
◆ p_ticket
void* mbedtls_ssl_config::p_ticket |
context for the ticket callbacks
Definition at line 645 of file ssl.h.
◆ p_vrfy
void* mbedtls_ssl_config::p_vrfy |
context for X.509 verify calllback
Definition at line 620 of file ssl.h.
◆ psk
unsigned char* mbedtls_ssl_config::psk |
pre-shared key
Definition at line 676 of file ssl.h.
◆ psk_identity
unsigned char* mbedtls_ssl_config::psk_identity |
identity for PSK negotiation
Definition at line 678 of file ssl.h.
◆ psk_identity_len
size_t mbedtls_ssl_config::psk_identity_len |
length of identity
Definition at line 679 of file ssl.h.
◆ psk_len
size_t mbedtls_ssl_config::psk_len |
length of the pre-shared key
Definition at line 677 of file ssl.h.
◆ read_timeout
uint32_t mbedtls_ssl_config::read_timeout |
timeout for mbedtls_ssl_read (ms)
Definition at line 690 of file ssl.h.
◆ renego_max_records
int mbedtls_ssl_config::renego_max_records |
grace period for renegotiation
Definition at line 700 of file ssl.h.
◆ renego_period
unsigned char mbedtls_ssl_config::renego_period[8] |
value of the record counters that triggers renegotiation
Definition at line 701 of file ssl.h.
◆ session_tickets
unsigned int mbedtls_ssl_config::session_tickets |
use session tickets?
Definition at line 752 of file ssl.h.
◆ sig_hashes
const int* mbedtls_ssl_config::sig_hashes |
allowed signature hashes
Definition at line 663 of file ssl.h.
◆ transport
unsigned int mbedtls_ssl_config::transport |
stream (TLS) or datagram (DTLS)
Definition at line 723 of file ssl.h.
◆ trunc_hmac
unsigned int mbedtls_ssl_config::trunc_hmac |
negotiate truncated hmac?
Definition at line 749 of file ssl.h.
The documentation for this struct was generated from the following file: