#include <ssl.h>
|
const int * | ciphersuite_list [4] |
|
void(* | f_dbg )(void *, int, const char *, int, const char *) |
|
void * | p_dbg |
|
int(* | f_rng )(void *, unsigned char *, size_t) |
|
void * | p_rng |
|
int(* | f_get_cache )(void *, mbedtls_ssl_session *) |
|
int(* | f_set_cache )(void *, const mbedtls_ssl_session *) |
|
void * | p_cache |
|
int(* | f_sni )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | p_sni |
|
int(* | f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *) |
|
void * | p_vrfy |
|
int(* | f_psk )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | p_psk |
|
int(* | f_cookie_write )(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
|
int(* | f_cookie_check )(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
|
void * | p_cookie |
|
int(* | f_ticket_write )(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
|
int(* | f_ticket_parse )(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
|
void * | p_ticket |
|
int(* | f_export_keys )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
|
void * | p_export_keys |
|
const mbedtls_x509_crt_profile * | cert_profile |
|
mbedtls_ssl_key_cert * | key_cert |
|
mbedtls_x509_crt * | ca_chain |
|
mbedtls_x509_crl * | ca_crl |
|
const int * | sig_hashes |
|
const mbedtls_ecp_group_id * | curve_list |
|
mbedtls_mpi | dhm_P |
|
mbedtls_mpi | dhm_G |
|
unsigned char * | psk |
|
size_t | psk_len |
|
unsigned char * | psk_identity |
|
size_t | psk_identity_len |
|
const char ** | alpn_list |
|
uint32_t | read_timeout |
|
uint32_t | hs_timeout_min |
|
uint32_t | hs_timeout_max |
|
int | renego_max_records |
|
unsigned char | renego_period [8] |
|
unsigned int | badmac_limit |
|
unsigned int | dhm_min_bitlen |
|
unsigned char | max_major_ver |
|
unsigned char | max_minor_ver |
|
unsigned char | min_major_ver |
|
unsigned char | min_minor_ver |
|
unsigned int | endpoint: 1 |
|
unsigned int | transport: 1 |
|
unsigned int | authmode: 2 |
|
unsigned int | allow_legacy_renegotiation: 2 |
|
unsigned int | arc4_disabled: 1 |
|
unsigned int | mfl_code: 3 |
|
unsigned int | encrypt_then_mac: 1 |
|
unsigned int | extended_ms: 1 |
|
unsigned int | anti_replay: 1 |
|
unsigned int | cbc_record_splitting: 1 |
|
unsigned int | disable_renegotiation: 1 |
|
unsigned int | trunc_hmac: 1 |
|
unsigned int | session_tickets: 1 |
|
unsigned int | fallback: 1 |
|
unsigned int | cert_req_ca_list: 1 |
|
SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
Definition at line 616 of file ssl.h.
unsigned int mbedtls_ssl_config::allow_legacy_renegotiation |
MBEDTLS_LEGACY_XXX
Definition at line 755 of file ssl.h.
const char** mbedtls_ssl_config::alpn_list |
ordered list of protocols
Definition at line 712 of file ssl.h.
unsigned int mbedtls_ssl_config::anti_replay |
detect and prevent replay?
Definition at line 769 of file ssl.h.
unsigned int mbedtls_ssl_config::arc4_disabled |
blacklist RC4 ciphersuites?
Definition at line 757 of file ssl.h.
unsigned int mbedtls_ssl_config::authmode |
MBEDTLS_SSL_VERIFY_XXX
Definition at line 753 of file ssl.h.
unsigned int mbedtls_ssl_config::badmac_limit |
limit of records with a bad MAC
Definition at line 735 of file ssl.h.
trusted CAs
Definition at line 687 of file ssl.h.
trusted CAs CRLs
Definition at line 688 of file ssl.h.
unsigned int mbedtls_ssl_config::cbc_record_splitting |
do cbc record splitting
Definition at line 772 of file ssl.h.
verification profile
Definition at line 685 of file ssl.h.
unsigned int mbedtls_ssl_config::cert_req_ca_list |
enable sending CA list in Certificate Request messages?
Definition at line 787 of file ssl.h.
const int* mbedtls_ssl_config::ciphersuite_list[4] |
allowed ciphersuites per version
Definition at line 624 of file ssl.h.
allowed curves
Definition at line 696 of file ssl.h.
generator for DHM
Definition at line 701 of file ssl.h.
unsigned int mbedtls_ssl_config::dhm_min_bitlen |
min. bit length of the DHM prime
Definition at line 739 of file ssl.h.
prime modulus for DHM
Definition at line 700 of file ssl.h.
unsigned int mbedtls_ssl_config::disable_renegotiation |
disable renegotiation?
Definition at line 775 of file ssl.h.
unsigned int mbedtls_ssl_config::encrypt_then_mac |
negotiate encrypt-then-mac?
Definition at line 763 of file ssl.h.
unsigned int mbedtls_ssl_config::endpoint |
0: client, 1: server
Definition at line 751 of file ssl.h.
unsigned int mbedtls_ssl_config::extended_ms |
negotiate extended master secret?
Definition at line 766 of file ssl.h.
int(* mbedtls_ssl_config::f_cookie_check)(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
Callback to verify validity of a ClientHello cookie
Definition at line 663 of file ssl.h.
int(* mbedtls_ssl_config::f_cookie_write)(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
Callback to create & write a cookie for ClientHello veirifcation
Definition at line 660 of file ssl.h.
void(* mbedtls_ssl_config::f_dbg)(void *, int, const char *, int, const char *) |
Callback for printing debug output
Definition at line 627 of file ssl.h.
int(* mbedtls_ssl_config::f_export_keys)(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
Callback to export key block and master secret
Definition at line 679 of file ssl.h.
Callback to retrieve a session from the cache
Definition at line 635 of file ssl.h.
Callback to retrieve PSK key from identity
Definition at line 654 of file ssl.h.
int(* mbedtls_ssl_config::f_rng)(void *, unsigned char *, size_t) |
Callback for getting (pseudo-)random numbers
Definition at line 631 of file ssl.h.
Callback to store a session into the cache
Definition at line 637 of file ssl.h.
Callback for setting cert according to SNI extension
Definition at line 642 of file ssl.h.
int(* mbedtls_ssl_config::f_ticket_parse)(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
Callback to parse a session ticket into a session structure
Definition at line 673 of file ssl.h.
int(* mbedtls_ssl_config::f_ticket_write)(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
Callback to create & write a session ticket
Definition at line 670 of file ssl.h.
Callback to customize X.509 certificate chain verification
Definition at line 648 of file ssl.h.
unsigned int mbedtls_ssl_config::fallback |
is this a fallback?
Definition at line 784 of file ssl.h.
uint32_t mbedtls_ssl_config::hs_timeout_max |
maximum value of the handshake retransmission timeout (ms)
Definition at line 724 of file ssl.h.
uint32_t mbedtls_ssl_config::hs_timeout_min |
initial value of the handshake retransmission timeout (ms)
Definition at line 722 of file ssl.h.
own certificate/key pair(s)
Definition at line 686 of file ssl.h.
unsigned char mbedtls_ssl_config::max_major_ver |
max. major version used
Definition at line 742 of file ssl.h.
unsigned char mbedtls_ssl_config::max_minor_ver |
max. minor version used
Definition at line 743 of file ssl.h.
unsigned int mbedtls_ssl_config::mfl_code |
desired fragment length
Definition at line 760 of file ssl.h.
unsigned char mbedtls_ssl_config::min_major_ver |
min. major version used
Definition at line 744 of file ssl.h.
unsigned char mbedtls_ssl_config::min_minor_ver |
min. minor version used
Definition at line 745 of file ssl.h.
void* mbedtls_ssl_config::p_cache |
context for cache callbacks
Definition at line 638 of file ssl.h.
void* mbedtls_ssl_config::p_cookie |
context for the cookie callbacks
Definition at line 665 of file ssl.h.
void* mbedtls_ssl_config::p_dbg |
context for the debug function
Definition at line 628 of file ssl.h.
void* mbedtls_ssl_config::p_export_keys |
context for key export callback
Definition at line 681 of file ssl.h.
void* mbedtls_ssl_config::p_psk |
context for PSK callback
Definition at line 655 of file ssl.h.
void* mbedtls_ssl_config::p_rng |
context for the RNG function
Definition at line 632 of file ssl.h.
void* mbedtls_ssl_config::p_sni |
context for SNI callback
Definition at line 643 of file ssl.h.
void* mbedtls_ssl_config::p_ticket |
context for the ticket callbacks
Definition at line 674 of file ssl.h.
void* mbedtls_ssl_config::p_vrfy |
context for X.509 verify calllback
Definition at line 649 of file ssl.h.
unsigned char* mbedtls_ssl_config::psk |
pre-shared key
Definition at line 705 of file ssl.h.
unsigned char* mbedtls_ssl_config::psk_identity |
identity for PSK negotiation
Definition at line 707 of file ssl.h.
size_t mbedtls_ssl_config::psk_identity_len |
length of identity
Definition at line 708 of file ssl.h.
size_t mbedtls_ssl_config::psk_len |
length of the pre-shared key
Definition at line 706 of file ssl.h.
uint32_t mbedtls_ssl_config::read_timeout |
timeout for mbedtls_ssl_read (ms)
Definition at line 719 of file ssl.h.
int mbedtls_ssl_config::renego_max_records |
grace period for renegotiation
Definition at line 729 of file ssl.h.
unsigned char mbedtls_ssl_config::renego_period[8] |
value of the record counters that triggers renegotiation
Definition at line 730 of file ssl.h.
unsigned int mbedtls_ssl_config::session_tickets |
use session tickets?
Definition at line 781 of file ssl.h.
const int* mbedtls_ssl_config::sig_hashes |
allowed signature hashes
Definition at line 692 of file ssl.h.
unsigned int mbedtls_ssl_config::transport |
stream (TLS) or datagram (DTLS)
Definition at line 752 of file ssl.h.
unsigned int mbedtls_ssl_config::trunc_hmac |
negotiate truncated hmac?
Definition at line 778 of file ssl.h.
The documentation for this struct was generated from the following file: