#include <ssl.h>
|
const int * | ciphersuite_list [4] |
|
void(* | f_dbg )(void *, int, const char *, int, const char *) |
|
void * | p_dbg |
|
int(* | f_rng )(void *, unsigned char *, size_t) |
|
void * | p_rng |
|
int(* | f_get_cache )(void *, mbedtls_ssl_session *) |
|
int(* | f_set_cache )(void *, const mbedtls_ssl_session *) |
|
void * | p_cache |
|
int(* | f_sni )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | p_sni |
|
int(* | f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *) |
|
void * | p_vrfy |
|
int(* | f_psk )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | p_psk |
|
int(* | f_cookie_write )(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
|
int(* | f_cookie_check )(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
|
void * | p_cookie |
|
int(* | f_ticket_write )(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
|
int(* | f_ticket_parse )(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
|
void * | p_ticket |
|
int(* | f_export_keys )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
|
void * | p_export_keys |
|
const mbedtls_x509_crt_profile * | cert_profile |
|
mbedtls_ssl_key_cert * | key_cert |
|
mbedtls_x509_crt * | ca_chain |
|
mbedtls_x509_crl * | ca_crl |
|
const int * | sig_hashes |
|
const mbedtls_ecp_group_id * | curve_list |
|
mbedtls_mpi | dhm_P |
|
mbedtls_mpi | dhm_G |
|
unsigned char * | psk |
|
size_t | psk_len |
|
unsigned char * | psk_identity |
|
size_t | psk_identity_len |
|
const char ** | alpn_list |
|
uint32_t | read_timeout |
|
uint32_t | hs_timeout_min |
|
uint32_t | hs_timeout_max |
|
int | renego_max_records |
|
unsigned char | renego_period [8] |
|
unsigned int | badmac_limit |
|
unsigned int | dhm_min_bitlen |
|
unsigned char | max_major_ver |
|
unsigned char | max_minor_ver |
|
unsigned char | min_major_ver |
|
unsigned char | min_minor_ver |
|
unsigned int | endpoint: 1 |
|
unsigned int | transport: 1 |
|
unsigned int | authmode: 2 |
|
unsigned int | allow_legacy_renegotiation: 2 |
|
unsigned int | arc4_disabled: 1 |
|
unsigned int | mfl_code: 3 |
|
unsigned int | encrypt_then_mac: 1 |
|
unsigned int | extended_ms: 1 |
|
unsigned int | anti_replay: 1 |
|
unsigned int | cbc_record_splitting: 1 |
|
unsigned int | disable_renegotiation: 1 |
|
unsigned int | trunc_hmac: 1 |
|
unsigned int | session_tickets: 1 |
|
unsigned int | fallback: 1 |
|
unsigned int | cert_req_ca_list: 1 |
|
SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
Definition at line 827 of file ssl.h.
◆ allow_legacy_renegotiation
unsigned int mbedtls_ssl_config::allow_legacy_renegotiation |
MBEDTLS_LEGACY_XXX
Definition at line 984 of file ssl.h.
◆ alpn_list
const char** mbedtls_ssl_config::alpn_list |
ordered list of protocols
Definition at line 941 of file ssl.h.
◆ anti_replay
unsigned int mbedtls_ssl_config::anti_replay |
detect and prevent replay?
Definition at line 998 of file ssl.h.
◆ arc4_disabled
unsigned int mbedtls_ssl_config::arc4_disabled |
blacklist RC4 ciphersuites?
Definition at line 986 of file ssl.h.
◆ authmode
unsigned int mbedtls_ssl_config::authmode |
MBEDTLS_SSL_VERIFY_XXX
Definition at line 982 of file ssl.h.
◆ badmac_limit
unsigned int mbedtls_ssl_config::badmac_limit |
limit of records with a bad MAC
Definition at line 964 of file ssl.h.
◆ ca_chain
trusted CAs
Definition at line 898 of file ssl.h.
◆ ca_crl
trusted CAs CRLs
Definition at line 899 of file ssl.h.
◆ cbc_record_splitting
unsigned int mbedtls_ssl_config::cbc_record_splitting |
do cbc record splitting
Definition at line 1001 of file ssl.h.
◆ cert_profile
verification profile
Definition at line 896 of file ssl.h.
◆ cert_req_ca_list
unsigned int mbedtls_ssl_config::cert_req_ca_list |
enable sending CA list in Certificate Request messages?
Definition at line 1016 of file ssl.h.
◆ ciphersuite_list
const int* mbedtls_ssl_config::ciphersuite_list[4] |
allowed ciphersuites per version
Definition at line 835 of file ssl.h.
◆ curve_list
allowed curves
Definition at line 917 of file ssl.h.
◆ dhm_G
generator for DHM
Definition at line 922 of file ssl.h.
◆ dhm_min_bitlen
unsigned int mbedtls_ssl_config::dhm_min_bitlen |
min. bit length of the DHM prime
Definition at line 968 of file ssl.h.
◆ dhm_P
prime modulus for DHM
Definition at line 921 of file ssl.h.
◆ disable_renegotiation
unsigned int mbedtls_ssl_config::disable_renegotiation |
disable renegotiation?
Definition at line 1004 of file ssl.h.
◆ encrypt_then_mac
unsigned int mbedtls_ssl_config::encrypt_then_mac |
negotiate encrypt-then-mac?
Definition at line 992 of file ssl.h.
◆ endpoint
unsigned int mbedtls_ssl_config::endpoint |
0: client, 1: server
Definition at line 980 of file ssl.h.
◆ extended_ms
unsigned int mbedtls_ssl_config::extended_ms |
negotiate extended master secret?
Definition at line 995 of file ssl.h.
◆ f_cookie_check
int(* mbedtls_ssl_config::f_cookie_check) (void *, const unsigned char *, size_t, const unsigned char *, size_t) |
Callback to verify validity of a ClientHello cookie
Definition at line 874 of file ssl.h.
◆ f_cookie_write
int(* mbedtls_ssl_config::f_cookie_write) (void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
Callback to create & write a cookie for ClientHello veirifcation
Definition at line 871 of file ssl.h.
◆ f_dbg
void(* mbedtls_ssl_config::f_dbg) (void *, int, const char *, int, const char *) |
Callback for printing debug output
Definition at line 838 of file ssl.h.
◆ f_export_keys
int(* mbedtls_ssl_config::f_export_keys) (void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
Callback to export key block and master secret
Definition at line 890 of file ssl.h.
◆ f_get_cache
Callback to retrieve a session from the cache
Definition at line 846 of file ssl.h.
◆ f_psk
int(* mbedtls_ssl_config::f_psk) (void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback to retrieve PSK key from identity
Definition at line 865 of file ssl.h.
◆ f_rng
int(* mbedtls_ssl_config::f_rng) (void *, unsigned char *, size_t) |
Callback for getting (pseudo-)random numbers
Definition at line 842 of file ssl.h.
◆ f_set_cache
Callback to store a session into the cache
Definition at line 848 of file ssl.h.
◆ f_sni
int(* mbedtls_ssl_config::f_sni) (void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback for setting cert according to SNI extension
Definition at line 853 of file ssl.h.
◆ f_ticket_parse
int(* mbedtls_ssl_config::f_ticket_parse) (void *, mbedtls_ssl_session *, unsigned char *, size_t) |
Callback to parse a session ticket into a session structure
Definition at line 884 of file ssl.h.
◆ f_ticket_write
int(* mbedtls_ssl_config::f_ticket_write) (void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
Callback to create & write a session ticket
Definition at line 881 of file ssl.h.
◆ f_vrfy
Callback to customize X.509 certificate chain verification
Definition at line 859 of file ssl.h.
◆ fallback
unsigned int mbedtls_ssl_config::fallback |
is this a fallback?
Definition at line 1013 of file ssl.h.
◆ hs_timeout_max
uint32_t mbedtls_ssl_config::hs_timeout_max |
maximum value of the handshake retransmission timeout (ms)
Definition at line 953 of file ssl.h.
◆ hs_timeout_min
uint32_t mbedtls_ssl_config::hs_timeout_min |
initial value of the handshake retransmission timeout (ms)
Definition at line 951 of file ssl.h.
◆ key_cert
own certificate/key pair(s)
Definition at line 897 of file ssl.h.
◆ max_major_ver
unsigned char mbedtls_ssl_config::max_major_ver |
max. major version used
Definition at line 971 of file ssl.h.
◆ max_minor_ver
unsigned char mbedtls_ssl_config::max_minor_ver |
max. minor version used
Definition at line 972 of file ssl.h.
◆ mfl_code
unsigned int mbedtls_ssl_config::mfl_code |
desired fragment length
Definition at line 989 of file ssl.h.
◆ min_major_ver
unsigned char mbedtls_ssl_config::min_major_ver |
min. major version used
Definition at line 973 of file ssl.h.
◆ min_minor_ver
unsigned char mbedtls_ssl_config::min_minor_ver |
min. minor version used
Definition at line 974 of file ssl.h.
◆ p_cache
void* mbedtls_ssl_config::p_cache |
context for cache callbacks
Definition at line 849 of file ssl.h.
◆ p_cookie
void* mbedtls_ssl_config::p_cookie |
context for the cookie callbacks
Definition at line 876 of file ssl.h.
◆ p_dbg
void* mbedtls_ssl_config::p_dbg |
context for the debug function
Definition at line 839 of file ssl.h.
◆ p_export_keys
void* mbedtls_ssl_config::p_export_keys |
context for key export callback
Definition at line 892 of file ssl.h.
◆ p_psk
void* mbedtls_ssl_config::p_psk |
context for PSK callback
Definition at line 866 of file ssl.h.
◆ p_rng
void* mbedtls_ssl_config::p_rng |
context for the RNG function
Definition at line 843 of file ssl.h.
◆ p_sni
void* mbedtls_ssl_config::p_sni |
context for SNI callback
Definition at line 854 of file ssl.h.
◆ p_ticket
void* mbedtls_ssl_config::p_ticket |
context for the ticket callbacks
Definition at line 885 of file ssl.h.
◆ p_vrfy
void* mbedtls_ssl_config::p_vrfy |
context for X.509 verify calllback
Definition at line 860 of file ssl.h.
◆ psk
unsigned char* mbedtls_ssl_config::psk |
◆ psk_identity
unsigned char* mbedtls_ssl_config::psk_identity |
◆ psk_identity_len
size_t mbedtls_ssl_config::psk_identity_len |
◆ psk_len
size_t mbedtls_ssl_config::psk_len |
◆ read_timeout
uint32_t mbedtls_ssl_config::read_timeout |
timeout for mbedtls_ssl_read (ms)
Definition at line 948 of file ssl.h.
◆ renego_max_records
int mbedtls_ssl_config::renego_max_records |
grace period for renegotiation
Definition at line 958 of file ssl.h.
◆ renego_period
unsigned char mbedtls_ssl_config::renego_period[8] |
value of the record counters that triggers renegotiation
Definition at line 959 of file ssl.h.
◆ session_tickets
unsigned int mbedtls_ssl_config::session_tickets |
use session tickets?
Definition at line 1010 of file ssl.h.
◆ sig_hashes
const int* mbedtls_ssl_config::sig_hashes |
allowed signature hashes
Definition at line 913 of file ssl.h.
◆ transport
unsigned int mbedtls_ssl_config::transport |
stream (TLS) or datagram (DTLS)
Definition at line 981 of file ssl.h.
◆ trunc_hmac
unsigned int mbedtls_ssl_config::trunc_hmac |
negotiate truncated hmac?
Definition at line 1007 of file ssl.h.
The documentation for this struct was generated from the following file: