tls.h
Go to the documentation of this file.
1 /**
2  * @file tls.h
3  * @brief TLS (Transport Layer Security)
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneSSL Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.4.4
29  **/
30 
31 #ifndef _TLS_H
32 #define _TLS_H
33 
34 //Forward declaration of TlsContext structure
35 struct _TlsContext;
36 #define TlsContext struct _TlsContext
37 
38 //Forward declaration of TlsEncryptionEngine structure
39 struct _TlsEncryptionEngine;
40 #define TlsEncryptionEngine struct _TlsEncryptionEngine
41 
42 //Dependencies
43 #include "core/crypto.h"
44 #include "mac/hmac.h"
45 #include "aead/aead_algorithms.h"
46 #include "pkc/key_exch_algorithms.h"
47 #include "pkc/rsa.h"
48 #include "pkc/dsa.h"
49 #include "ecc/ecdsa.h"
50 #include "pkix/x509_common.h"
51 #include "tls_config.h"
52 #include "tls_legacy.h"
53 #include "tls13_misc.h"
54 #include "dtls_misc.h"
55 
56 
57 /*
58  * CycloneSSL Open is licensed under GPL version 2. In particular:
59  *
60  * - If you link your program to CycloneSSL Open, the result is a derivative
61  * work that can only be distributed under the same GPL license terms.
62  *
63  * - If additions or changes to CycloneSSL Open are made, the result is a
64  * derivative work that can only be distributed under the same license terms.
65  *
66  * - The GPL license requires that you make the source code available to
67  * whoever you make the binary available to.
68  *
69  * - If you sell or distribute a hardware product that runs CycloneSSL Open,
70  * the GPL license requires you to provide public and full access to all
71  * source code on a nondiscriminatory basis.
72  *
73  * If you fully understand and accept the terms of the GPL license, then edit
74  * the os_port_config.h header and add the following directive:
75  *
76  * #define GPL_LICENSE_TERMS_ACCEPTED
77  */
78 
79 #ifndef GPL_LICENSE_TERMS_ACCEPTED
80  #error Before compiling CycloneSSL Open, you must accept the terms of the GPL license
81 #endif
82 
83 //Version string
84 #define CYCLONE_SSL_VERSION_STRING "2.4.4"
85 //Major version
86 #define CYCLONE_SSL_MAJOR_VERSION 2
87 //Minor version
88 #define CYCLONE_SSL_MINOR_VERSION 4
89 //Revision number
90 #define CYCLONE_SSL_REV_NUMBER 4
91 
92 //TLS version numbers
93 #define SSL_VERSION_3_0 0x0300
94 #define TLS_VERSION_1_0 0x0301
95 #define TLS_VERSION_1_1 0x0302
96 #define TLS_VERSION_1_2 0x0303
97 #define TLS_VERSION_1_3 0x0304
98 
99 //TLS support
100 #ifndef TLS_SUPPORT
101  #define TLS_SUPPORT ENABLED
102 #elif (TLS_SUPPORT != ENABLED && TLS_SUPPORT != DISABLED)
103  #error TLS_SUPPORT parameter is not valid
104 #endif
105 
106 //Client mode of operation
107 #ifndef TLS_CLIENT_SUPPORT
108  #define TLS_CLIENT_SUPPORT ENABLED
109 #elif (TLS_CLIENT_SUPPORT != ENABLED && TLS_CLIENT_SUPPORT != DISABLED)
110  #error TLS_CLIENT_SUPPORT parameter is not valid
111 #endif
112 
113 //Server mode of operation
114 #ifndef TLS_SERVER_SUPPORT
115  #define TLS_SERVER_SUPPORT ENABLED
116 #elif (TLS_SERVER_SUPPORT != ENABLED && TLS_SERVER_SUPPORT != DISABLED)
117  #error TLS_SERVER_SUPPORT parameter is not valid
118 #endif
119 
120 //Minimum TLS version that can be negotiated
121 #ifndef TLS_MIN_VERSION
122  #define TLS_MIN_VERSION TLS_VERSION_1_2
123 #elif (TLS_MIN_VERSION < TLS_VERSION_1_0)
124  #error TLS_MIN_VERSION parameter is not valid
125 #endif
126 
127 //Maximum TLS version that can be negotiated
128 #ifndef TLS_MAX_VERSION
129  #define TLS_MAX_VERSION TLS_VERSION_1_3
130 #elif (TLS_MAX_VERSION > TLS_VERSION_1_3 || TLS_MAX_VERSION < TLS_MIN_VERSION)
131  #error TLS_MAX_VERSION parameter is not valid
132 #endif
133 
134 //Session resumption mechanism
135 #ifndef TLS_SESSION_RESUME_SUPPORT
136  #define TLS_SESSION_RESUME_SUPPORT ENABLED
137 #elif (TLS_SESSION_RESUME_SUPPORT != ENABLED && TLS_SESSION_RESUME_SUPPORT != DISABLED)
138  #error TLS_SESSION_RESUME_SUPPORT parameter is not valid
139 #endif
140 
141 //Lifetime of session cache entries
142 #ifndef TLS_SESSION_CACHE_LIFETIME
143  #define TLS_SESSION_CACHE_LIFETIME 3600000
144 #elif (TLS_SESSION_CACHE_LIFETIME < 1000)
145  #error TLS_SESSION_CACHE_LIFETIME parameter is not valid
146 #endif
147 
148 //Session ticket mechanism
149 #ifndef TLS_TICKET_SUPPORT
150  #define TLS_TICKET_SUPPORT DISABLED
151 #elif (TLS_TICKET_SUPPORT != ENABLED && TLS_TICKET_SUPPORT != DISABLED)
152  #error TLS_TICKET_SUPPORT parameter is not valid
153 #endif
154 
155 //Maximum size for session tickets
156 #ifndef TLS_MAX_TICKET_SIZE
157  #define TLS_MAX_TICKET_SIZE 1024
158 #elif (TLS_MAX_TICKET_SIZE < 32)
159  #error TLS_MAX_TICKET_SIZE parameter is not valid
160 #endif
161 
162 //Lifetime of session tickets
163 #ifndef TLS_TICKET_LIFETIME
164  #define TLS_TICKET_LIFETIME 3600000
165 #elif (TLS_TICKET_LIFETIME < 0)
166  #error TLS_TICKET_LIFETIME parameter is not valid
167 #endif
168 
169 //SNI (Server Name Indication) extension
170 #ifndef TLS_SNI_SUPPORT
171  #define TLS_SNI_SUPPORT ENABLED
172 #elif (TLS_SNI_SUPPORT != ENABLED && TLS_SNI_SUPPORT != DISABLED)
173  #error TLS_SNI_SUPPORT parameter is not valid
174 #endif
175 
176 //Maximum Fragment Length extension
177 #ifndef TLS_MAX_FRAG_LEN_SUPPORT
178  #define TLS_MAX_FRAG_LEN_SUPPORT DISABLED
179 #elif (TLS_MAX_FRAG_LEN_SUPPORT != ENABLED && TLS_MAX_FRAG_LEN_SUPPORT != DISABLED)
180  #error TLS_MAX_FRAG_LEN_SUPPORT parameter is not valid
181 #endif
182 
183 //Record Size Limit extension
184 #ifndef TLS_RECORD_SIZE_LIMIT_SUPPORT
185  #define TLS_RECORD_SIZE_LIMIT_SUPPORT ENABLED
186 #elif (TLS_RECORD_SIZE_LIMIT_SUPPORT != ENABLED && TLS_RECORD_SIZE_LIMIT_SUPPORT != DISABLED)
187  #error TLS_RECORD_SIZE_LIMIT_SUPPORT parameter is not valid
188 #endif
189 
190 //ALPN (Application-Layer Protocol Negotiation) extension
191 #ifndef TLS_ALPN_SUPPORT
192  #define TLS_ALPN_SUPPORT DISABLED
193 #elif (TLS_ALPN_SUPPORT != ENABLED && TLS_ALPN_SUPPORT != DISABLED)
194  #error TLS_ALPN_SUPPORT parameter is not valid
195 #endif
196 
197 //Encrypt-then-MAC extension
198 #ifndef TLS_ENCRYPT_THEN_MAC_SUPPORT
199  #define TLS_ENCRYPT_THEN_MAC_SUPPORT DISABLED
200 #elif (TLS_ENCRYPT_THEN_MAC_SUPPORT != ENABLED && TLS_ENCRYPT_THEN_MAC_SUPPORT != DISABLED)
201  #error TLS_ENCRYPT_THEN_MAC_SUPPORT parameter is not valid
202 #endif
203 
204 //Extended Master Secret extension
205 #ifndef TLS_EXT_MASTER_SECRET_SUPPORT
206  #define TLS_EXT_MASTER_SECRET_SUPPORT ENABLED
207 #elif (TLS_EXT_MASTER_SECRET_SUPPORT != ENABLED && TLS_EXT_MASTER_SECRET_SUPPORT != DISABLED)
208  #error TLS_EXT_MASTER_SECRET_SUPPORT parameter is not valid
209 #endif
210 
211 //ClientHello Padding extension
212 #ifndef TLS_CLIENT_HELLO_PADDING_SUPPORT
213  #define TLS_CLIENT_HELLO_PADDING_SUPPORT ENABLED
214 #elif (TLS_CLIENT_HELLO_PADDING_SUPPORT != ENABLED && TLS_CLIENT_HELLO_PADDING_SUPPORT != DISABLED)
215  #error TLS_CLIENT_HELLO_PADDING_SUPPORT parameter is not valid
216 #endif
217 
218 //Certificate Authorities extension
219 #ifndef TLS_CERT_AUTHORITIES_SUPPORT
220  #define TLS_CERT_AUTHORITIES_SUPPORT DISABLED
221 #elif (TLS_CERT_AUTHORITIES_SUPPORT != ENABLED && TLS_CERT_AUTHORITIES_SUPPORT != DISABLED)
222  #error TLS_CERT_AUTHORITIES_SUPPORT parameter is not valid
223 #endif
224 
225 //Signature Algorithms Certificate extension
226 #ifndef TLS_SIGN_ALGOS_CERT_SUPPORT
227  #define TLS_SIGN_ALGOS_CERT_SUPPORT DISABLED
228 #elif (TLS_SIGN_ALGOS_CERT_SUPPORT != ENABLED && TLS_SIGN_ALGOS_CERT_SUPPORT != DISABLED)
229  #error TLS_SIGN_ALGOS_CERT_SUPPORT parameter is not valid
230 #endif
231 
232 //RPK (Raw Public Key) support
233 #ifndef TLS_RAW_PUBLIC_KEY_SUPPORT
234  #define TLS_RAW_PUBLIC_KEY_SUPPORT DISABLED
235 #elif (TLS_RAW_PUBLIC_KEY_SUPPORT != ENABLED && TLS_RAW_PUBLIC_KEY_SUPPORT != DISABLED)
236  #error TLS_RAW_PUBLIC_KEY_SUPPORT parameter is not valid
237 #endif
238 
239 //Secure renegotiation support
240 #ifndef TLS_SECURE_RENEGOTIATION_SUPPORT
241  #define TLS_SECURE_RENEGOTIATION_SUPPORT ENABLED
242 #elif (TLS_SECURE_RENEGOTIATION_SUPPORT != ENABLED && TLS_SECURE_RENEGOTIATION_SUPPORT != DISABLED)
243  #error TLS_SECURE_RENEGOTIATION_SUPPORT parameter is not valid
244 #endif
245 
246 //Fallback SCSV support
247 #ifndef TLS_FALLBACK_SCSV_SUPPORT
248  #define TLS_FALLBACK_SCSV_SUPPORT DISABLED
249 #elif (TLS_FALLBACK_SCSV_SUPPORT != ENABLED && TLS_FALLBACK_SCSV_SUPPORT != DISABLED)
250  #error TLS_FALLBACK_SCSV_SUPPORT parameter is not valid
251 #endif
252 
253 //ECC callback functions
254 #ifndef TLS_ECC_CALLBACK_SUPPORT
255  #define TLS_ECC_CALLBACK_SUPPORT DISABLED
256 #elif (TLS_ECC_CALLBACK_SUPPORT != ENABLED && TLS_ECC_CALLBACK_SUPPORT != DISABLED)
257  #error TLS_ECC_CALLBACK_SUPPORT parameter is not valid
258 #endif
259 
260 //Maximum number of certificates the end entity can load
261 #ifndef TLS_MAX_CERTIFICATES
262  #define TLS_MAX_CERTIFICATES 3
263 #elif (TLS_MAX_CERTIFICATES < 1)
264  #error TLS_MAX_CERTIFICATES parameter is not valid
265 #endif
266 
267 //RSA key exchange support
268 #ifndef TLS_RSA_KE_SUPPORT
269  #define TLS_RSA_KE_SUPPORT ENABLED
270 #elif (TLS_RSA_KE_SUPPORT != ENABLED && TLS_RSA_KE_SUPPORT != DISABLED)
271  #error TLS_RSA_KE_SUPPORT parameter is not valid
272 #endif
273 
274 //DHE_RSA key exchange support
275 #ifndef TLS_DHE_RSA_KE_SUPPORT
276  #define TLS_DHE_RSA_KE_SUPPORT ENABLED
277 #elif (TLS_DHE_RSA_KE_SUPPORT != ENABLED && TLS_DHE_RSA_KE_SUPPORT != DISABLED)
278  #error TLS_DHE_RSA_KE_SUPPORT parameter is not valid
279 #endif
280 
281 //DHE_DSS key exchange support
282 #ifndef TLS_DHE_DSS_KE_SUPPORT
283  #define TLS_DHE_DSS_KE_SUPPORT DISABLED
284 #elif (TLS_DHE_DSS_KE_SUPPORT != ENABLED && TLS_DHE_DSS_KE_SUPPORT != DISABLED)
285  #error TLS_DHE_DSS_KE_SUPPORT parameter is not valid
286 #endif
287 
288 //DH_anon key exchange support (insecure)
289 #ifndef TLS_DH_ANON_KE_SUPPORT
290  #define TLS_DH_ANON_KE_SUPPORT DISABLED
291 #elif (TLS_DH_ANON_KE_SUPPORT != ENABLED && TLS_DH_ANON_KE_SUPPORT != DISABLED)
292  #error TLS_DH_ANON_KE_SUPPORT parameter is not valid
293 #endif
294 
295 //ECDHE_RSA key exchange support
296 #ifndef TLS_ECDHE_RSA_KE_SUPPORT
297  #define TLS_ECDHE_RSA_KE_SUPPORT ENABLED
298 #elif (TLS_ECDHE_RSA_KE_SUPPORT != ENABLED && TLS_ECDHE_RSA_KE_SUPPORT != DISABLED)
299  #error TLS_ECDHE_RSA_KE_SUPPORT parameter is not valid
300 #endif
301 
302 //ECDHE_ECDSA key exchange support
303 #ifndef TLS_ECDHE_ECDSA_KE_SUPPORT
304  #define TLS_ECDHE_ECDSA_KE_SUPPORT ENABLED
305 #elif (TLS_ECDHE_ECDSA_KE_SUPPORT != ENABLED && TLS_ECDHE_ECDSA_KE_SUPPORT != DISABLED)
306  #error TLS_ECDHE_ECDSA_KE_SUPPORT parameter is not valid
307 #endif
308 
309 //ECDH_anon key exchange support (insecure)
310 #ifndef TLS_ECDH_ANON_KE_SUPPORT
311  #define TLS_ECDH_ANON_KE_SUPPORT DISABLED
312 #elif (TLS_ECDH_ANON_KE_SUPPORT != ENABLED && TLS_ECDH_ANON_KE_SUPPORT != DISABLED)
313  #error TLS_ECDH_ANON_KE_SUPPORT parameter is not valid
314 #endif
315 
316 //PSK key exchange support
317 #ifndef TLS_PSK_KE_SUPPORT
318  #define TLS_PSK_KE_SUPPORT DISABLED
319 #elif (TLS_PSK_KE_SUPPORT != ENABLED && TLS_PSK_KE_SUPPORT != DISABLED)
320  #error TLS_PSK_KE_SUPPORT parameter is not valid
321 #endif
322 
323 //RSA_PSK key exchange support
324 #ifndef TLS_RSA_PSK_KE_SUPPORT
325  #define TLS_RSA_PSK_KE_SUPPORT DISABLED
326 #elif (TLS_RSA_PSK_KE_SUPPORT != ENABLED && TLS_RSA_PSK_KE_SUPPORT != DISABLED)
327  #error TLS_RSA_PSK_KE_SUPPORT parameter is not valid
328 #endif
329 
330 //DHE_PSK key exchange support
331 #ifndef TLS_DHE_PSK_KE_SUPPORT
332  #define TLS_DHE_PSK_KE_SUPPORT DISABLED
333 #elif (TLS_DHE_PSK_KE_SUPPORT != ENABLED && TLS_DHE_PSK_KE_SUPPORT != DISABLED)
334  #error TLS_DHE_PSK_KE_SUPPORT parameter is not valid
335 #endif
336 
337 //ECDHE_PSK key exchange support
338 #ifndef TLS_ECDHE_PSK_KE_SUPPORT
339  #define TLS_ECDHE_PSK_KE_SUPPORT DISABLED
340 #elif (TLS_ECDHE_PSK_KE_SUPPORT != ENABLED && TLS_ECDHE_PSK_KE_SUPPORT != DISABLED)
341  #error TLS_ECDHE_PSK_KE_SUPPORT parameter is not valid
342 #endif
343 
344 //RSA signature capability
345 #ifndef TLS_RSA_SIGN_SUPPORT
346  #define TLS_RSA_SIGN_SUPPORT ENABLED
347 #elif (TLS_RSA_SIGN_SUPPORT != ENABLED && TLS_RSA_SIGN_SUPPORT != DISABLED)
348  #error TLS_RSA_SIGN_SUPPORT parameter is not valid
349 #endif
350 
351 //RSA-PSS signature capability
352 #ifndef TLS_RSA_PSS_SIGN_SUPPORT
353  #define TLS_RSA_PSS_SIGN_SUPPORT ENABLED
354 #elif (TLS_RSA_PSS_SIGN_SUPPORT != ENABLED && TLS_RSA_PSS_SIGN_SUPPORT != DISABLED)
355  #error TLS_RSA_PSS_SIGN_SUPPORT parameter is not valid
356 #endif
357 
358 //DSA signature capability
359 #ifndef TLS_DSA_SIGN_SUPPORT
360  #define TLS_DSA_SIGN_SUPPORT DISABLED
361 #elif (TLS_DSA_SIGN_SUPPORT != ENABLED && TLS_DSA_SIGN_SUPPORT != DISABLED)
362  #error TLS_DSA_SIGN_SUPPORT parameter is not valid
363 #endif
364 
365 //ECDSA signature capability
366 #ifndef TLS_ECDSA_SIGN_SUPPORT
367  #define TLS_ECDSA_SIGN_SUPPORT ENABLED
368 #elif (TLS_ECDSA_SIGN_SUPPORT != ENABLED && TLS_ECDSA_SIGN_SUPPORT != DISABLED)
369  #error TLS_ECDSA_SIGN_SUPPORT parameter is not valid
370 #endif
371 
372 //SM2 signature capability (not recommended by the IETF)
373 #ifndef TLS_SM2_SIGN_SUPPORT
374  #define TLS_SM2_SIGN_SUPPORT DISABLED
375 #elif (TLS_SM2_SIGN_SUPPORT != ENABLED && TLS_SM2_SIGN_SUPPORT != DISABLED)
376  #error TLS_SM2_SIGN_SUPPORT parameter is not valid
377 #endif
378 
379 //Ed25519 signature capability
380 #ifndef TLS_ED25519_SIGN_SUPPORT
381  #define TLS_ED25519_SIGN_SUPPORT DISABLED
382 #elif (TLS_ED25519_SIGN_SUPPORT != ENABLED && TLS_ED25519_SIGN_SUPPORT != DISABLED)
383  #error TLS_ED25519_SIGN_SUPPORT parameter is not valid
384 #endif
385 
386 //Ed448 signature capability
387 #ifndef TLS_ED448_SIGN_SUPPORT
388  #define TLS_ED448_SIGN_SUPPORT DISABLED
389 #elif (TLS_ED448_SIGN_SUPPORT != ENABLED && TLS_ED448_SIGN_SUPPORT != DISABLED)
390  #error TLS_ED448_SIGN_SUPPORT parameter is not valid
391 #endif
392 
393 //NULL cipher support (insecure)
394 #ifndef TLS_NULL_CIPHER_SUPPORT
395  #define TLS_NULL_CIPHER_SUPPORT DISABLED
396 #elif (TLS_NULL_CIPHER_SUPPORT != ENABLED && TLS_NULL_CIPHER_SUPPORT != DISABLED)
397  #error TLS_NULL_CIPHER_SUPPORT parameter is not valid
398 #endif
399 
400 //Stream cipher support
401 #ifndef TLS_STREAM_CIPHER_SUPPORT
402  #define TLS_STREAM_CIPHER_SUPPORT DISABLED
403 #elif (TLS_STREAM_CIPHER_SUPPORT != ENABLED && TLS_STREAM_CIPHER_SUPPORT != DISABLED)
404  #error TLS_STREAM_CIPHER_SUPPORT parameter is not valid
405 #endif
406 
407 //CBC block cipher support
408 #ifndef TLS_CBC_CIPHER_SUPPORT
409  #define TLS_CBC_CIPHER_SUPPORT ENABLED
410 #elif (TLS_CBC_CIPHER_SUPPORT != ENABLED && TLS_CBC_CIPHER_SUPPORT != DISABLED)
411  #error TLS_CBC_CIPHER_SUPPORT parameter is not valid
412 #endif
413 
414 //CCM AEAD support
415 #ifndef TLS_CCM_CIPHER_SUPPORT
416  #define TLS_CCM_CIPHER_SUPPORT DISABLED
417 #elif (TLS_CCM_CIPHER_SUPPORT != ENABLED && TLS_CCM_CIPHER_SUPPORT != DISABLED)
418  #error TLS_CCM_CIPHER_SUPPORT parameter is not valid
419 #endif
420 
421 //CCM_8 AEAD support
422 #ifndef TLS_CCM_8_CIPHER_SUPPORT
423  #define TLS_CCM_8_CIPHER_SUPPORT DISABLED
424 #elif (TLS_CCM_8_CIPHER_SUPPORT != ENABLED && TLS_CCM_8_CIPHER_SUPPORT != DISABLED)
425  #error TLS_CCM_8_CIPHER_SUPPORT parameter is not valid
426 #endif
427 
428 //GCM AEAD support
429 #ifndef TLS_GCM_CIPHER_SUPPORT
430  #define TLS_GCM_CIPHER_SUPPORT ENABLED
431 #elif (TLS_GCM_CIPHER_SUPPORT != ENABLED && TLS_GCM_CIPHER_SUPPORT != DISABLED)
432  #error TLS_GCM_CIPHER_SUPPORT parameter is not valid
433 #endif
434 
435 //ChaCha20Poly1305 AEAD support
436 #ifndef TLS_CHACHA20_POLY1305_SUPPORT
437  #define TLS_CHACHA20_POLY1305_SUPPORT DISABLED
438 #elif (TLS_CHACHA20_POLY1305_SUPPORT != ENABLED && TLS_CHACHA20_POLY1305_SUPPORT != DISABLED)
439  #error TLS_CHACHA20_POLY1305_SUPPORT parameter is not valid
440 #endif
441 
442 //RC4 cipher support (insecure)
443 #ifndef TLS_RC4_SUPPORT
444  #define TLS_RC4_SUPPORT DISABLED
445 #elif (TLS_RC4_SUPPORT != ENABLED && TLS_RC4_SUPPORT != DISABLED)
446  #error TLS_RC4_SUPPORT parameter is not valid
447 #endif
448 
449 //IDEA cipher support (insecure)
450 #ifndef TLS_IDEA_SUPPORT
451  #define TLS_IDEA_SUPPORT DISABLED
452 #elif (TLS_IDEA_SUPPORT != ENABLED && TLS_IDEA_SUPPORT != DISABLED)
453  #error TLS_IDEA_SUPPORT parameter is not valid
454 #endif
455 
456 //DES cipher support (insecure)
457 #ifndef TLS_DES_SUPPORT
458  #define TLS_DES_SUPPORT DISABLED
459 #elif (TLS_DES_SUPPORT != ENABLED && TLS_DES_SUPPORT != DISABLED)
460  #error TLS_DES_SUPPORT parameter is not valid
461 #endif
462 
463 //Triple DES cipher support (weak)
464 #ifndef TLS_3DES_SUPPORT
465  #define TLS_3DES_SUPPORT DISABLED
466 #elif (TLS_3DES_SUPPORT != ENABLED && TLS_3DES_SUPPORT != DISABLED)
467  #error TLS_3DES_SUPPORT parameter is not valid
468 #endif
469 
470 //AES 128-bit cipher support
471 #ifndef TLS_AES_128_SUPPORT
472  #define TLS_AES_128_SUPPORT ENABLED
473 #elif (TLS_AES_128_SUPPORT != ENABLED && TLS_AES_128_SUPPORT != DISABLED)
474  #error TLS_AES_128_SUPPORT parameter is not valid
475 #endif
476 
477 //AES 256-bit cipher support
478 #ifndef TLS_AES_256_SUPPORT
479  #define TLS_AES_256_SUPPORT ENABLED
480 #elif (TLS_AES_256_SUPPORT != ENABLED && TLS_AES_256_SUPPORT != DISABLED)
481  #error TLS_AES_256_SUPPORT parameter is not valid
482 #endif
483 
484 //Camellia 128-bit cipher support
485 #ifndef TLS_CAMELLIA_128_SUPPORT
486  #define TLS_CAMELLIA_128_SUPPORT DISABLED
487 #elif (TLS_CAMELLIA_128_SUPPORT != ENABLED && TLS_CAMELLIA_128_SUPPORT != DISABLED)
488  #error TLS_CAMELLIA_128_SUPPORT parameter is not valid
489 #endif
490 
491 //Camellia 256-bit cipher support
492 #ifndef TLS_CAMELLIA_256_SUPPORT
493  #define TLS_CAMELLIA_256_SUPPORT DISABLED
494 #elif (TLS_CAMELLIA_256_SUPPORT != ENABLED && TLS_CAMELLIA_256_SUPPORT != DISABLED)
495  #error TLS_CAMELLIA_256_SUPPORT parameter is not valid
496 #endif
497 
498 //ARIA 128-bit cipher support
499 #ifndef TLS_ARIA_128_SUPPORT
500  #define TLS_ARIA_128_SUPPORT DISABLED
501 #elif (TLS_ARIA_128_SUPPORT != ENABLED && TLS_ARIA_128_SUPPORT != DISABLED)
502  #error TLS_ARIA_128_SUPPORT parameter is not valid
503 #endif
504 
505 //ARIA 256-bit cipher support
506 #ifndef TLS_ARIA_256_SUPPORT
507  #define TLS_ARIA_256_SUPPORT DISABLED
508 #elif (TLS_ARIA_256_SUPPORT != ENABLED && TLS_ARIA_256_SUPPORT != DISABLED)
509  #error TLS_ARIA_256_SUPPORT parameter is not valid
510 #endif
511 
512 //SEED cipher support
513 #ifndef TLS_SEED_SUPPORT
514  #define TLS_SEED_SUPPORT DISABLED
515 #elif (TLS_SEED_SUPPORT != ENABLED && TLS_SEED_SUPPORT != DISABLED)
516  #error TLS_SEED_SUPPORT parameter is not valid
517 #endif
518 
519 //SM4 cipher support (not recommended by the IETF)
520 #ifndef TLS_SM4_SUPPORT
521  #define TLS_SM4_SUPPORT DISABLED
522 #elif (TLS_SM4_SUPPORT != ENABLED && TLS_SM4_SUPPORT != DISABLED)
523  #error TLS_SM4_SUPPORT parameter is not valid
524 #endif
525 
526 //MD5 hash support (insecure)
527 #ifndef TLS_MD5_SUPPORT
528  #define TLS_MD5_SUPPORT DISABLED
529 #elif (TLS_MD5_SUPPORT != ENABLED && TLS_MD5_SUPPORT != DISABLED)
530  #error TLS_MD5_SUPPORT parameter is not valid
531 #endif
532 
533 //SHA-1 hash support (weak)
534 #ifndef TLS_SHA1_SUPPORT
535  #define TLS_SHA1_SUPPORT ENABLED
536 #elif (TLS_SHA1_SUPPORT != ENABLED && TLS_SHA1_SUPPORT != DISABLED)
537  #error TLS_SHA1_SUPPORT parameter is not valid
538 #endif
539 
540 //SHA-224 hash support (weak)
541 #ifndef TLS_SHA224_SUPPORT
542  #define TLS_SHA224_SUPPORT DISABLED
543 #elif (TLS_SHA224_SUPPORT != ENABLED && TLS_SHA224_SUPPORT != DISABLED)
544  #error TLS_SHA224_SUPPORT parameter is not valid
545 #endif
546 
547 //SHA-256 hash support
548 #ifndef TLS_SHA256_SUPPORT
549  #define TLS_SHA256_SUPPORT ENABLED
550 #elif (TLS_SHA256_SUPPORT != ENABLED && TLS_SHA256_SUPPORT != DISABLED)
551  #error TLS_SHA256_SUPPORT parameter is not valid
552 #endif
553 
554 //SHA-384 hash support
555 #ifndef TLS_SHA384_SUPPORT
556  #define TLS_SHA384_SUPPORT ENABLED
557 #elif (TLS_SHA384_SUPPORT != ENABLED && TLS_SHA384_SUPPORT != DISABLED)
558  #error TLS_SHA384_SUPPORT parameter is not valid
559 #endif
560 
561 //SHA-512 hash support
562 #ifndef TLS_SHA512_SUPPORT
563  #define TLS_SHA512_SUPPORT DISABLED
564 #elif (TLS_SHA512_SUPPORT != ENABLED && TLS_SHA512_SUPPORT != DISABLED)
565  #error TLS_SHA512_SUPPORT parameter is not valid
566 #endif
567 
568 //SM3 hash support (not recommended by the IETF)
569 #ifndef TLS_SM3_SUPPORT
570  #define TLS_SM3_SUPPORT DISABLED
571 #elif (TLS_SM3_SUPPORT != ENABLED && TLS_SM3_SUPPORT != DISABLED)
572  #error TLS_SM3_SUPPORT parameter is not valid
573 #endif
574 
575 //FFDHE key exchange mechanism
576 #ifndef TLS_FFDHE_SUPPORT
577  #define TLS_FFDHE_SUPPORT DISABLED
578 #elif (TLS_FFDHE_SUPPORT != ENABLED && TLS_FFDHE_SUPPORT != DISABLED)
579  #error TLS_FFDHE_SUPPORT parameter is not valid
580 #endif
581 
582 //ffdhe2048 group support
583 #ifndef TLS_FFDHE2048_SUPPORT
584  #define TLS_FFDHE2048_SUPPORT ENABLED
585 #elif (TLS_FFDHE2048_SUPPORT != ENABLED && TLS_FFDHE2048_SUPPORT != DISABLED)
586  #error TLS_FFDHE2048_SUPPORT parameter is not valid
587 #endif
588 
589 //ffdhe3072 group support
590 #ifndef TLS_FFDHE3072_SUPPORT
591  #define TLS_FFDHE3072_SUPPORT DISABLED
592 #elif (TLS_FFDHE3072_SUPPORT != ENABLED && TLS_FFDHE3072_SUPPORT != DISABLED)
593  #error TLS_FFDHE3072_SUPPORT parameter is not valid
594 #endif
595 
596 //ffdhe4096 group support
597 #ifndef TLS_FFDHE4096_SUPPORT
598  #define TLS_FFDHE4096_SUPPORT DISABLED
599 #elif (TLS_FFDHE4096_SUPPORT != ENABLED && TLS_FFDHE4096_SUPPORT != DISABLED)
600  #error TLS_FFDHE4096_SUPPORT parameter is not valid
601 #endif
602 
603 //secp160k1 elliptic curve support (weak)
604 #ifndef TLS_SECP160K1_SUPPORT
605  #define TLS_SECP160K1_SUPPORT DISABLED
606 #elif (TLS_SECP160K1_SUPPORT != ENABLED && TLS_SECP160K1_SUPPORT != DISABLED)
607  #error TLS_SECP160K1_SUPPORT parameter is not valid
608 #endif
609 
610 //secp160r1 elliptic curve support (weak)
611 #ifndef TLS_SECP160R1_SUPPORT
612  #define TLS_SECP160R1_SUPPORT DISABLED
613 #elif (TLS_SECP160R1_SUPPORT != ENABLED && TLS_SECP160R1_SUPPORT != DISABLED)
614  #error TLS_SECP160R1_SUPPORT parameter is not valid
615 #endif
616 
617 //secp160r2 elliptic curve support (weak)
618 #ifndef TLS_SECP160R2_SUPPORT
619  #define TLS_SECP160R2_SUPPORT DISABLED
620 #elif (TLS_SECP160R2_SUPPORT != ENABLED && TLS_SECP160R2_SUPPORT != DISABLED)
621  #error TLS_SECP160R2_SUPPORT parameter is not valid
622 #endif
623 
624 //secp192k1 elliptic curve support
625 #ifndef TLS_SECP192K1_SUPPORT
626  #define TLS_SECP192K1_SUPPORT DISABLED
627 #elif (TLS_SECP192K1_SUPPORT != ENABLED && TLS_SECP192K1_SUPPORT != DISABLED)
628  #error TLS_SECP192K1_SUPPORT parameter is not valid
629 #endif
630 
631 //secp192r1 elliptic curve support (NIST P-192)
632 #ifndef TLS_SECP192R1_SUPPORT
633  #define TLS_SECP192R1_SUPPORT DISABLED
634 #elif (TLS_SECP192R1_SUPPORT != ENABLED && TLS_SECP192R1_SUPPORT != DISABLED)
635  #error TLS_SECP192R1_SUPPORT parameter is not valid
636 #endif
637 
638 //secp224k1 elliptic curve support
639 #ifndef TLS_SECP224K1_SUPPORT
640  #define TLS_SECP224K1_SUPPORT DISABLED
641 #elif (TLS_SECP224K1_SUPPORT != ENABLED && TLS_SECP224K1_SUPPORT != DISABLED)
642  #error TLS_SECP224K1_SUPPORT parameter is not valid
643 #endif
644 
645 //secp224r1 elliptic curve support (NIST P-224)
646 #ifndef TLS_SECP224R1_SUPPORT
647  #define TLS_SECP224R1_SUPPORT DISABLED
648 #elif (TLS_SECP224R1_SUPPORT != ENABLED && TLS_SECP224R1_SUPPORT != DISABLED)
649  #error TLS_SECP224R1_SUPPORT parameter is not valid
650 #endif
651 
652 //secp256k1 elliptic curve support
653 #ifndef TLS_SECP256K1_SUPPORT
654  #define TLS_SECP256K1_SUPPORT DISABLED
655 #elif (TLS_SECP256K1_SUPPORT != ENABLED && TLS_SECP256K1_SUPPORT != DISABLED)
656  #error TLS_SECP256K1_SUPPORT parameter is not valid
657 #endif
658 
659 //secp256r1 elliptic curve support (NIST P-256)
660 #ifndef TLS_SECP256R1_SUPPORT
661  #define TLS_SECP256R1_SUPPORT ENABLED
662 #elif (TLS_SECP256R1_SUPPORT != ENABLED && TLS_SECP256R1_SUPPORT != DISABLED)
663  #error TLS_SECP256R1_SUPPORT parameter is not valid
664 #endif
665 
666 //secp384r1 elliptic curve support (NIST P-384)
667 #ifndef TLS_SECP384R1_SUPPORT
668  #define TLS_SECP384R1_SUPPORT ENABLED
669 #elif (TLS_SECP384R1_SUPPORT != ENABLED && TLS_SECP384R1_SUPPORT != DISABLED)
670  #error TLS_SECP384R1_SUPPORT parameter is not valid
671 #endif
672 
673 //secp521r1 elliptic curve support (NIST P-521)
674 #ifndef TLS_SECP521R1_SUPPORT
675  #define TLS_SECP521R1_SUPPORT DISABLED
676 #elif (TLS_SECP521R1_SUPPORT != ENABLED && TLS_SECP521R1_SUPPORT != DISABLED)
677  #error TLS_SECP521R1_SUPPORT parameter is not valid
678 #endif
679 
680 //brainpoolP256r1 elliptic curve support
681 #ifndef TLS_BRAINPOOLP256R1_SUPPORT
682  #define TLS_BRAINPOOLP256R1_SUPPORT DISABLED
683 #elif (TLS_BRAINPOOLP256R1_SUPPORT != ENABLED && TLS_BRAINPOOLP256R1_SUPPORT != DISABLED)
684  #error TLS_BRAINPOOLP256R1_SUPPORT parameter is not valid
685 #endif
686 
687 //brainpoolP384r1 elliptic curve support
688 #ifndef TLS_BRAINPOOLP384R1_SUPPORT
689  #define TLS_BRAINPOOLP384R1_SUPPORT DISABLED
690 #elif (TLS_BRAINPOOLP384R1_SUPPORT != ENABLED && TLS_BRAINPOOLP384R1_SUPPORT != DISABLED)
691  #error TLS_BRAINPOOLP384R1_SUPPORT parameter is not valid
692 #endif
693 
694 //brainpoolP512r1 elliptic curve support
695 #ifndef TLS_BRAINPOOLP512R1_SUPPORT
696  #define TLS_BRAINPOOLP512R1_SUPPORT DISABLED
697 #elif (TLS_BRAINPOOLP512R1_SUPPORT != ENABLED && TLS_BRAINPOOLP512R1_SUPPORT != DISABLED)
698  #error TLS_BRAINPOOLP512R1_SUPPORT parameter is not valid
699 #endif
700 
701 //SM2 elliptic curve support (not recommended by the IETF)
702 #ifndef TLS_SM2_SUPPORT
703  #define TLS_SM2_SUPPORT DISABLED
704 #elif (TLS_SM2_SUPPORT != ENABLED && TLS_SM2_SUPPORT != DISABLED)
705  #error TLS_SM2_SUPPORT parameter is not valid
706 #endif
707 
708 //Curve25519 elliptic curve support
709 #ifndef TLS_X25519_SUPPORT
710  #define TLS_X25519_SUPPORT DISABLED
711 #elif (TLS_X25519_SUPPORT != ENABLED && TLS_X25519_SUPPORT != DISABLED)
712  #error TLS_X25519_SUPPORT parameter is not valid
713 #endif
714 
715 //Curve448 elliptic curve support
716 #ifndef TLS_X448_SUPPORT
717  #define TLS_X448_SUPPORT DISABLED
718 #elif (TLS_X448_SUPPORT != ENABLED && TLS_X448_SUPPORT != DISABLED)
719  #error TLS_X448_SUPPORT parameter is not valid
720 #endif
721 
722 //ML-KEM-768 key encapsulation method
723 #ifndef TLS_MLKEM768_SUPPORT
724  #define TLS_MLKEM768_SUPPORT DISABLED
725 #elif (TLS_MLKEM768_SUPPORT != ENABLED && TLS_MLKEM768_SUPPORT != DISABLED)
726  #error TLS_MLKEM768_SUPPORT parameter is not valid
727 #endif
728 
729 //Certificate key usage verification
730 #ifndef TLS_CERT_KEY_USAGE_SUPPORT
731  #define TLS_CERT_KEY_USAGE_SUPPORT ENABLED
732 #elif (TLS_CERT_KEY_USAGE_SUPPORT != ENABLED && TLS_CERT_KEY_USAGE_SUPPORT != DISABLED)
733  #error TLS_CERT_KEY_USAGE_SUPPORT parameter is not valid
734 #endif
735 
736 //Key logging (for debugging purpose only)
737 #ifndef TLS_KEY_LOG_SUPPORT
738  #define TLS_KEY_LOG_SUPPORT DISABLED
739 #elif (TLS_KEY_LOG_SUPPORT != ENABLED && TLS_KEY_LOG_SUPPORT != DISABLED)
740  #error TLS_KEY_LOG_SUPPORT parameter is not valid
741 #endif
742 
743 //Maximum length of server name
744 #ifndef TLS_MAX_SERVER_NAME_LEN
745  #define TLS_MAX_SERVER_NAME_LEN 255
746 #elif (TLS_MAX_SERVER_NAME_LEN < 1)
747  #error TLS_MAX_SERVER_NAME_LEN parameter is not valid
748 #endif
749 
750 //Maximum length of password
751 #ifndef TLS_MAX_PASSWORD_LEN
752  #define TLS_MAX_PASSWORD_LEN 32
753 #elif (TLS_MAX_PASSWORD_LEN < 0)
754  #error TLS_MAX_PASSWORD_LEN parameter is not valid
755 #endif
756 
757 //Minimum acceptable size for Diffie-Hellman prime modulus
758 #ifndef TLS_MIN_DH_MODULUS_SIZE
759  #define TLS_MIN_DH_MODULUS_SIZE 1024
760 #elif (TLS_MIN_DH_MODULUS_SIZE < 512)
761  #error TLS_MIN_DH_MODULUS_SIZE parameter is not valid
762 #endif
763 
764 //Maximum acceptable size for Diffie-Hellman prime modulus
765 #ifndef TLS_MAX_DH_MODULUS_SIZE
766  #define TLS_MAX_DH_MODULUS_SIZE 2048
767 #elif (TLS_MAX_DH_MODULUS_SIZE < TLS_MIN_DH_MODULUS_SIZE)
768  #error TLS_MAX_DH_MODULUS_SIZE parameter is not valid
769 #endif
770 
771 //Minimum acceptable size for RSA modulus
772 #ifndef TLS_MIN_RSA_MODULUS_SIZE
773  #define TLS_MIN_RSA_MODULUS_SIZE 1024
774 #elif (TLS_MIN_RSA_MODULUS_SIZE < 512)
775  #error TLS_MIN_RSA_MODULUS_SIZE parameter is not valid
776 #endif
777 
778 //Maximum acceptable size for RSA modulus
779 #ifndef TLS_MAX_RSA_MODULUS_SIZE
780  #define TLS_MAX_RSA_MODULUS_SIZE 4096
781 #elif (TLS_MAX_RSA_MODULUS_SIZE < TLS_MIN_RSA_MODULUS_SIZE)
782  #error TLS_MAX_RSA_MODULUS_SIZE parameter is not valid
783 #endif
784 
785 //Minimum acceptable size for DSA prime modulus
786 #ifndef TLS_MIN_DSA_MODULUS_SIZE
787  #define TLS_MIN_DSA_MODULUS_SIZE 1024
788 #elif (TLS_MIN_DSA_MODULUS_SIZE < 512)
789  #error TLS_MIN_DSA_MODULUS_SIZE parameter is not valid
790 #endif
791 
792 //Maximum acceptable size for DSA prime modulus
793 #ifndef TLS_MAX_DSA_MODULUS_SIZE
794  #define TLS_MAX_DSA_MODULUS_SIZE 4096
795 #elif (TLS_MAX_DSA_MODULUS_SIZE < TLS_MIN_DSA_MODULUS_SIZE)
796  #error TLS_MAX_DSA_MODULUS_SIZE parameter is not valid
797 #endif
798 
799 //Master secret size
800 #ifndef TLS_MASTER_SECRET_SIZE
801  #define TLS_MASTER_SECRET_SIZE 48
802 #elif (TLS_MASTER_SECRET_SIZE < 48)
803  #error TLS_MASTER_SECRET_SIZE parameter is not valid
804 #endif
805 
806 //Maximum size for premaster secret
807 #ifndef TLS_PREMASTER_SECRET_SIZE
808  #define TLS_PREMASTER_SECRET_SIZE (TLS_MAX_DH_MODULUS_SIZE / 8)
809 #elif (TLS_PREMASTER_SECRET_SIZE < 48)
810  #error TLS_PREMASTER_SECRET_SIZE parameter is not valid
811 #endif
812 
813 //Maximum number of consecutive warning alerts
814 #ifndef TLS_MAX_WARNING_ALERTS
815  #define TLS_MAX_WARNING_ALERTS 5
816 #elif (TLS_MAX_WARNING_ALERTS < 0)
817  #error TLS_MAX_WARNING_ALERTS parameter is not valid
818 #endif
819 
820 //Maximum number of consecutive empty records
821 #ifndef TLS_MAX_EMPTY_RECORDS
822  #define TLS_MAX_EMPTY_RECORDS 10
823 #elif (TLS_MAX_EMPTY_RECORDS < 0)
824  #error TLS_MAX_EMPTY_RECORDS parameter is not valid
825 #endif
826 
827 //Maximum number of consecutive ChangeCipherSpec messages
828 #ifndef TLS_MAX_CHANGE_CIPHER_SPEC_MESSAGES
829  #define TLS_MAX_CHANGE_CIPHER_SPEC_MESSAGES 5
830 #elif (TLS_MAX_CHANGE_CIPHER_SPEC_MESSAGES < 0)
831  #error TLS_MAX_CHANGE_CIPHER_SPEC_MESSAGES parameter is not valid
832 #endif
833 
834 //Maximum number of consecutive KeyUpdate messages
835 #ifndef TLS_MAX_KEY_UPDATE_MESSAGES
836  #define TLS_MAX_KEY_UPDATE_MESSAGES 5
837 #elif (TLS_MAX_KEY_UPDATE_MESSAGES < 0)
838  #error TLS_MAX_KEY_UPDATE_MESSAGES parameter is not valid
839 #endif
840 
841 //Application specific context (TLS context)
842 #ifndef TLS_PRIVATE_CONTEXT
843  #define TLS_PRIVATE_CONTEXT
844 #endif
845 
846 //Application specific context (encryption engine)
847 #ifndef TLS_PRIVATE_ENCRYPTION_ENGINE
848  #define TLS_PRIVATE_ENCRYPTION_ENGINE
849 #endif
850 
851 //Allocate memory block
852 #ifndef tlsAllocMem
853  #define tlsAllocMem(size) osAllocMem(size)
854 #endif
855 
856 //Deallocate memory block
857 #ifndef tlsFreeMem
858  #define tlsFreeMem(p) osFreeMem(p)
859 #endif
860 
861 //Support for Diffie-Hellman key exchange?
862 #if ((TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2) && \
863  (TLS_DH_ANON_KE_SUPPORT == ENABLED || TLS_DHE_RSA_KE_SUPPORT == ENABLED || \
864  TLS_DHE_DSS_KE_SUPPORT == ENABLED || TLS_DHE_PSK_KE_SUPPORT == ENABLED))
865  #define TLS_DH_SUPPORT ENABLED
866 #elif ((TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3) && \
867  (TLS13_DHE_KE_SUPPORT == ENABLED || TLS13_PSK_DHE_KE_SUPPORT == ENABLED))
868  #define TLS_DH_SUPPORT ENABLED
869 #else
870  #define TLS_DH_SUPPORT DISABLED
871 #endif
872 
873 //Support for ECDH key exchange?
874 #if ((TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2) && \
875  (TLS_ECDH_ANON_KE_SUPPORT == ENABLED || TLS_ECDHE_RSA_KE_SUPPORT == ENABLED || \
876  TLS_ECDHE_ECDSA_KE_SUPPORT == ENABLED || TLS_ECDHE_PSK_KE_SUPPORT == ENABLED))
877  #define TLS_ECDH_SUPPORT ENABLED
878 #elif ((TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3) && \
879  (TLS13_ECDHE_KE_SUPPORT == ENABLED || TLS13_PSK_ECDHE_KE_SUPPORT == ENABLED))
880  #define TLS_ECDH_SUPPORT ENABLED
881 #else
882  #define TLS_ECDH_SUPPORT DISABLED
883 #endif
884 
885 //Support for hybrid key exchange?
886 #if ((TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3) && \
887  (TLS13_HYBRID_KE_SUPPORT == ENABLED || TLS13_PSK_HYBRID_KE_SUPPORT == ENABLED))
888  #define TLS_HYBRID_SUPPORT ENABLED
889 #else
890  #define TLS_HYBRID_SUPPORT DISABLED
891 #endif
892 
893 //Support for RSA?
894 #if ((TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2) && \
895  (TLS_RSA_SIGN_SUPPORT == ENABLED || TLS_RSA_PSS_SIGN_SUPPORT == ENABLED || \
896  TLS_RSA_KE_SUPPORT == ENABLED || TLS_DHE_RSA_KE_SUPPORT == ENABLED || \
897  TLS_ECDHE_RSA_KE_SUPPORT == ENABLED || TLS_RSA_PSK_KE_SUPPORT == ENABLED))
898  #define TLS_RSA_SUPPORT ENABLED
899 #elif ((TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3) && \
900  (TLS_RSA_SIGN_SUPPORT == ENABLED || TLS_RSA_PSS_SIGN_SUPPORT == ENABLED))
901  #define TLS_RSA_SUPPORT ENABLED
902 #else
903  #define TLS_RSA_SUPPORT DISABLED
904 #endif
905 
906 //Support for PSK?
907 #if ((TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2) && \
908  (TLS_PSK_KE_SUPPORT == ENABLED || TLS_RSA_PSK_KE_SUPPORT == ENABLED || \
909  TLS_DHE_PSK_KE_SUPPORT == ENABLED || TLS_ECDHE_PSK_KE_SUPPORT == ENABLED))
910  #define TLS_PSK_SUPPORT ENABLED
911 #elif ((TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3) && \
912  (TLS13_PSK_KE_SUPPORT == ENABLED || TLS13_PSK_DHE_KE_SUPPORT == ENABLED || \
913  TLS13_PSK_ECDHE_KE_SUPPORT == ENABLED || TLS13_PSK_HYBRID_KE_SUPPORT == ENABLED))
914  #define TLS_PSK_SUPPORT ENABLED
915 #else
916  #define TLS_PSK_SUPPORT DISABLED
917 #endif
918 
919 //Maximum size for HKDF digests
920 #if (TLS_SHA384_SUPPORT == ENABLED)
921  #define TLS_MAX_HKDF_DIGEST_SIZE 48
922 #else
923  #define TLS_MAX_HKDF_DIGEST_SIZE 32
924 #endif
925 
926 //Bind TLS to a particular socket
927 #define tlsSetSocket(context, socket) tlsSetSocketCallbacks(context, \
928  (TlsSocketSendCallback) socketSend, (TlsSocketReceiveCallback) socketReceive, \
929  (TlsSocketHandle) socket)
930 
931 //Minimum plaintext record length
932 #define TLS_MIN_RECORD_LENGTH 512
933 //Maximum plaintext record length
934 #define TLS_MAX_RECORD_LENGTH 16384
935 //Data overhead caused by record encryption
936 #define TLS_MAX_RECORD_OVERHEAD 512
937 //Size of client and server random values
938 #define TLS_RANDOM_SIZE 32
939 
940 //TLS signature scheme definition
941 #define TLS_SIGN_SCHEME(signAlgo, hashAlgo) \
942  ((TlsSignatureScheme) (((hashAlgo) << 8) | (signAlgo)))
943 
944 //C++ guard
945 #ifdef __cplusplus
946 extern "C" {
947 #endif
948 
949 
950 /**
951  * @brief TLS transport protocols
952  **/
953 
954 typedef enum
955 {
956  TLS_TRANSPORT_PROTOCOL_STREAM = 0,
957  TLS_TRANSPORT_PROTOCOL_DATAGRAM = 1,
958  TLS_TRANSPORT_PROTOCOL_EAP = 2
959 } TlsTransportProtocol;
960 
961 
962 /**
963  * @brief TLS connection end
964  **/
965 
966 typedef enum
967 {
968  TLS_CONNECTION_END_CLIENT = 0,
969  TLS_CONNECTION_END_SERVER = 1
970 } TlsConnectionEnd;
971 
972 
973 /**
974  * @brief Client authentication mode
975  **/
976 
977 typedef enum
978 {
979  TLS_CLIENT_AUTH_NONE = 0,
980  TLS_CLIENT_AUTH_OPTIONAL = 1,
981  TLS_CLIENT_AUTH_REQUIRED = 2
982 } TlsClientAuthMode;
983 
984 
985 /**
986  * @brief Early data status
987  **/
988 
989 typedef enum
990 {
991  TLS_EARLY_DATA_REJECTED = 0,
992  TLS_EARLY_DATA_ACCEPTED = 1
993 } TlsEarlyDataStatus;
994 
995 
996 /**
997  * @brief Flags used by read and write functions
998  **/
999 
1000 typedef enum
1001 {
1002  TLS_FLAG_PEEK = 0x0200,
1003  TLS_FLAG_WAIT_ALL = 0x0800,
1004  TLS_FLAG_BREAK_CHAR = 0x1000,
1005  TLS_FLAG_BREAK_CRLF = 0x100A,
1006  TLS_FLAG_WAIT_ACK = 0x2000,
1007  TLS_FLAG_NO_DELAY = 0x4000,
1008  TLS_FLAG_DELAY = 0x8000
1009 } TlsFlags;
1010 
1011 
1012 //The TLS_FLAG_BREAK macro causes the read function to stop reading
1013 //data whenever the specified break character is encountered
1014 #define TLS_FLAG_BREAK(c) (TLS_FLAG_BREAK_CHAR | LSB(c))
1015 
1016 
1017 /**
1018  * @brief Content type
1019  **/
1020 
1021 typedef enum
1022 {
1023  TLS_TYPE_NONE = 0,
1024  TLS_TYPE_CHANGE_CIPHER_SPEC = 20,
1025  TLS_TYPE_ALERT = 21,
1026  TLS_TYPE_HANDSHAKE = 22,
1027  TLS_TYPE_APPLICATION_DATA = 23,
1028  TLS_TYPE_HEARTBEAT = 24,
1029  TLS_TYPE_TLS12_CID = 25,
1030  TLS_TYPE_ACK = 26
1031 } TlsContentType;
1032 
1033 
1034 /**
1035  * @brief Handshake message type
1036  **/
1037 
1038 typedef enum
1039 {
1040  TLS_TYPE_HELLO_REQUEST = 0,
1041  TLS_TYPE_CLIENT_HELLO = 1,
1042  TLS_TYPE_SERVER_HELLO = 2,
1043  TLS_TYPE_HELLO_VERIFY_REQUEST = 3,
1044  TLS_TYPE_NEW_SESSION_TICKET = 4,
1045  TLS_TYPE_END_OF_EARLY_DATA = 5,
1046  TLS_TYPE_HELLO_RETRY_REQUEST = 6,
1047  TLS_TYPE_ENCRYPTED_EXTENSIONS = 8,
1048  TLS_TYPE_REQUEST_CONNECTION_ID = 9,
1049  TLS_TYPE_NEW_CONNECTION_ID = 10,
1050  TLS_TYPE_CERTIFICATE = 11,
1051  TLS_TYPE_SERVER_KEY_EXCHANGE = 12,
1052  TLS_TYPE_CERTIFICATE_REQUEST = 13,
1053  TLS_TYPE_SERVER_HELLO_DONE = 14,
1054  TLS_TYPE_CERTIFICATE_VERIFY = 15,
1055  TLS_TYPE_CLIENT_KEY_EXCHANGE = 16,
1056  TLS_TYPE_FINISHED = 20,
1057  TLS_TYPE_CERTIFICATE_URL = 21,
1058  TLS_TYPE_CERTIFICATE_STATUS = 22,
1059  TLS_TYPE_SUPPLEMENTAL_DATA = 23,
1060  TLS_TYPE_KEY_UPDATE = 24,
1061  TLS_TYPE_COMPRESSED_CERTIFICATE = 25,
1062  TLS_TYPE_EKT_KEY = 26,
1063  TLS_TYPE_MESSAGE_HASH = 254
1064 } TlsMessageType;
1065 
1066 
1067 /**
1068  * @brief Alert level
1069  **/
1070 
1071 typedef enum
1072 {
1073  TLS_ALERT_LEVEL_WARNING = 1,
1074  TLS_ALERT_LEVEL_FATAL = 2,
1075 } TlsAlertLevel;
1076 
1077 
1078 /**
1079  * @brief Alert description
1080  **/
1081 
1082 typedef enum
1083 {
1084  TLS_ALERT_CLOSE_NOTIFY = 0,
1085  TLS_ALERT_UNEXPECTED_MESSAGE = 10,
1086  TLS_ALERT_BAD_RECORD_MAC = 20,
1087  TLS_ALERT_DECRYPTION_FAILED = 21,
1088  TLS_ALERT_RECORD_OVERFLOW = 22,
1089  TLS_ALERT_DECOMPRESSION_FAILURE = 30,
1090  TLS_ALERT_HANDSHAKE_FAILURE = 40,
1091  TLS_ALERT_NO_CERTIFICATE = 41,
1092  TLS_ALERT_BAD_CERTIFICATE = 42,
1093  TLS_ALERT_UNSUPPORTED_CERTIFICATE = 43,
1094  TLS_ALERT_CERTIFICATE_REVOKED = 44,
1095  TLS_ALERT_CERTIFICATE_EXPIRED = 45,
1096  TLS_ALERT_CERTIFICATE_UNKNOWN = 46,
1097  TLS_ALERT_ILLEGAL_PARAMETER = 47,
1098  TLS_ALERT_UNKNOWN_CA = 48,
1099  TLS_ALERT_ACCESS_DENIED = 49,
1100  TLS_ALERT_DECODE_ERROR = 50,
1101  TLS_ALERT_DECRYPT_ERROR = 51,
1102  TLS_ALERT_TOO_MANY_CIDS_REQUESTED = 52,
1103  TLS_ALERT_EXPORT_RESTRICTION = 60,
1104  TLS_ALERT_PROTOCOL_VERSION = 70,
1105  TLS_ALERT_INSUFFICIENT_SECURITY = 71,
1106  TLS_ALERT_INTERNAL_ERROR = 80,
1107  TLS_ALERT_INAPPROPRIATE_FALLBACK = 86,
1108  TLS_ALERT_USER_CANCELED = 90,
1109  TLS_ALERT_NO_RENEGOTIATION = 100,
1110  TLS_ALERT_MISSING_EXTENSION = 109,
1111  TLS_ALERT_UNSUPPORTED_EXTENSION = 110,
1112  TLS_ALERT_CERTIFICATE_UNOBTAINABLE = 111,
1113  TLS_ALERT_UNRECOGNIZED_NAME = 112,
1114  TLS_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE = 113,
1115  TLS_ALERT_BAD_CERTIFICATE_HASH_VALUE = 114,
1116  TLS_ALERT_UNKNOWN_PSK_IDENTITY = 115,
1117  TLS_ALERT_CERTIFICATE_REQUIRED = 116,
1118  TLS_ALERT_NO_APPLICATION_PROTOCOL = 120
1119 } TlsAlertDescription;
1120 
1121 
1122 /**
1123  * @brief Compression methods
1124  **/
1125 
1126 typedef enum
1127 {
1128  TLS_COMPRESSION_METHOD_NULL = 0,
1129  TLS_COMPRESSION_METHOD_DEFLATE = 1
1130 } TlsCompressMethod;
1131 
1132 
1133 /**
1134  * @brief Key exchange methods
1135  **/
1136 
1137 typedef enum
1138 {
1139  TLS_KEY_EXCH_NONE = 0,
1140  TLS_KEY_EXCH_RSA = 1,
1141  TLS_KEY_EXCH_DH_RSA = 2,
1142  TLS_KEY_EXCH_DHE_RSA = 3,
1143  TLS_KEY_EXCH_DH_DSS = 4,
1144  TLS_KEY_EXCH_DHE_DSS = 5,
1145  TLS_KEY_EXCH_DH_ANON = 6,
1146  TLS_KEY_EXCH_ECDH_RSA = 7,
1147  TLS_KEY_EXCH_ECDHE_RSA = 8,
1148  TLS_KEY_EXCH_ECDH_ECDSA = 9,
1149  TLS_KEY_EXCH_ECDHE_ECDSA = 10,
1150  TLS_KEY_EXCH_ECDH_ANON = 11,
1151  TLS_KEY_EXCH_PSK = 12,
1152  TLS_KEY_EXCH_RSA_PSK = 13,
1153  TLS_KEY_EXCH_DHE_PSK = 14,
1154  TLS_KEY_EXCH_ECDHE_PSK = 15,
1155  TLS_KEY_EXCH_SRP_SHA = 16,
1156  TLS_KEY_EXCH_SRP_SHA_RSA = 17,
1157  TLS_KEY_EXCH_SRP_SHA_DSS = 18,
1158  TLS13_KEY_EXCH_DHE = 19,
1159  TLS13_KEY_EXCH_ECDHE = 20,
1160  TLS13_KEY_EXCH_HYBRID = 21,
1161  TLS13_KEY_EXCH_PSK = 22,
1162  TLS13_KEY_EXCH_PSK_DHE = 23,
1163  TLS13_KEY_EXCH_PSK_ECDHE = 24,
1164  TLS13_KEY_EXCH_PSK_HYBRID = 25
1165 } TlsKeyExchMethod;
1166 
1167 
1168 /**
1169  * @brief Certificate formats
1170  **/
1171 
1172 typedef enum
1173 {
1174  TLS_CERT_FORMAT_X509 = 0,
1175  TLS_CERT_FORMAT_OPENPGP = 1,
1176  TLS_CERT_FORMAT_RAW_PUBLIC_KEY = 2,
1177  TLS_CERT_FORMAT_1609DOT2 = 3
1178 } TlsCertificateFormat;
1179 
1180 
1181 /**
1182  * @brief Certificate types
1183  **/
1184 
1185 typedef enum
1186 {
1187  TLS_CERT_NONE = 0,
1188  TLS_CERT_RSA_SIGN = 1,
1189  TLS_CERT_DSS_SIGN = 2,
1190  TLS_CERT_RSA_FIXED_DH = 3,
1191  TLS_CERT_DSS_FIXED_DH = 4,
1192  TLS_CERT_RSA_EPHEMERAL_DH = 5,
1193  TLS_CERT_DSS_EPHEMERAL_DH = 6,
1194  TLS_CERT_FORTEZZA_DMS = 20,
1195  TLS_CERT_ECDSA_SIGN = 64,
1196  TLS_CERT_RSA_FIXED_ECDH = 65,
1197  TLS_CERT_ECDSA_FIXED_ECDH = 66,
1198  TLS_CERT_GOST_SIGN256 = 67,
1199  TLS_CERT_GOST_SIGN512 = 68,
1200  TLS_CERT_RSA_PSS_SIGN = 256, //For internal use only
1201  TLS_CERT_SM2_SIGN = 257, //For internal use only
1202  TLS_CERT_ED25519_SIGN = 258, //For internal use only
1203  TLS_CERT_ED448_SIGN = 259 //For internal use only
1204 } TlsCertificateType;
1205 
1206 
1207 /**
1208  * @brief Hash algorithms
1209  **/
1210 
1211 typedef enum
1212 {
1213  TLS_HASH_ALGO_NONE = 0,
1214  TLS_HASH_ALGO_MD5 = 1,
1215  TLS_HASH_ALGO_SHA1 = 2,
1216  TLS_HASH_ALGO_SHA224 = 3,
1217  TLS_HASH_ALGO_SHA256 = 4,
1218  TLS_HASH_ALGO_SHA384 = 5,
1219  TLS_HASH_ALGO_SHA512 = 6,
1220  TLS_HASH_ALGO_INTRINSIC = 8,
1221  TLS_HASH_ALGO_SM3 = 256 //For internal use only
1222 } TlsHashAlgo;
1223 
1224 
1225 /**
1226  * @brief Signature algorithms
1227  **/
1228 
1229 typedef enum
1230 {
1231  TLS_SIGN_ALGO_ANONYMOUS = 0,
1232  TLS_SIGN_ALGO_RSA = 1,
1233  TLS_SIGN_ALGO_DSA = 2,
1234  TLS_SIGN_ALGO_ECDSA = 3,
1235  TLS_SIGN_ALGO_ED25519 = 7,
1236  TLS_SIGN_ALGO_ED448 = 8,
1237  TLS_SIGN_ALGO_GOSTR34102012_256 = 64,
1238  TLS_SIGN_ALGO_GOSTR34102012_512 = 65
1239 } TlsSignatureAlgo;
1240 
1241 
1242 /**
1243  * @brief Signature schemes
1244  **/
1245 
1246 typedef enum
1247 {
1248  TLS_SIGN_SCHEME_NONE = 0x0000,
1249  TLS_SIGN_SCHEME_RSA_PKCS1_SHA1 = 0x0201,
1250  TLS_SIGN_SCHEME_RSA_PKCS1_SHA256 = 0x0401,
1251  TLS_SIGN_SCHEME_RSA_PKCS1_SHA384 = 0x0501,
1252  TLS_SIGN_SCHEME_RSA_PKCS1_SHA512 = 0x0601,
1253  TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA256 = 0x0804,
1254  TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA384 = 0x0805,
1255  TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA512 = 0x0806,
1256  TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA256 = 0x0809,
1257  TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA384 = 0x080A,
1258  TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA512 = 0x080B,
1259  TLS_SIGN_SCHEME_ECDSA_SHA1 = 0x0203,
1260  TLS_SIGN_SCHEME_ECDSA_SECP256R1_SHA256 = 0x0403,
1261  TLS_SIGN_SCHEME_ECDSA_SECP384R1_SHA384 = 0x0503,
1262  TLS_SIGN_SCHEME_ECDSA_SECP521R1_SHA512 = 0x0603,
1263  TLS_SIGN_SCHEME_ECDSA_BP256R1_TLS13_SHA256 = 0x081A,
1264  TLS_SIGN_SCHEME_ECDSA_BP384R1_TLS13_SHA384 = 0x081B,
1265  TLS_SIGN_SCHEME_ECDSA_BP512R1_TLS13_SHA512 = 0x081C,
1266  TLS_SIGN_SCHEME_SM2SIG_SM3 = 0x0708,
1267  TLS_SIGN_SCHEME_ED25519 = 0x0807,
1268  TLS_SIGN_SCHEME_ED448 = 0x0808,
1269  TLS_SIGN_SCHEME_GOSTR34102012_256A = 0x0709,
1270  TLS_SIGN_SCHEME_GOSTR34102012_256B = 0x070A,
1271  TLS_SIGN_SCHEME_GOSTR34102012_256C = 0x070B,
1272  TLS_SIGN_SCHEME_GOSTR34102012_256D = 0x070C,
1273  TLS_SIGN_SCHEME_GOSTR34102012_512A = 0x070D,
1274  TLS_SIGN_SCHEME_GOSTR34102012_512B = 0x070E,
1275  TLS_SIGN_SCHEME_GOSTR34102012_512C = 0x070F
1276 } TlsSignatureScheme;
1277 
1278 
1279 /**
1280  * @brief TLS extension types
1281  **/
1282 
1283 typedef enum
1284 {
1285  TLS_EXT_SERVER_NAME = 0,
1286  TLS_EXT_MAX_FRAGMENT_LENGTH = 1,
1287  TLS_EXT_CLIENT_CERTIFICATE_URL = 2,
1288  TLS_EXT_TRUSTED_CA_KEYS = 3,
1289  TLS_EXT_TRUNCATED_HMAC = 4,
1290  TLS_EXT_STATUS_REQUEST = 5,
1291  TLS_EXT_USER_MAPPING = 6,
1292  TLS_EXT_CLIENT_AUTHZ = 7,
1293  TLS_EXT_SERVER_AUTHZ = 8,
1294  TLS_EXT_CERT_TYPE = 9,
1295  TLS_EXT_SUPPORTED_GROUPS = 10,
1296  TLS_EXT_EC_POINT_FORMATS = 11,
1297  TLS_EXT_SRP = 12,
1298  TLS_EXT_SIGNATURE_ALGORITHMS = 13,
1299  TLS_EXT_USE_SRTP = 14,
1300  TLS_EXT_HEARTBEAT = 15,
1301  TLS_EXT_ALPN = 16,
1302  TLS_EXT_STATUS_REQUEST_V2 = 17,
1303  TLS_EXT_SIGNED_CERT_TIMESTAMP = 18,
1304  TLS_EXT_CLIENT_CERT_TYPE = 19,
1305  TLS_EXT_SERVER_CERT_TYPE = 20,
1306  TLS_EXT_PADDING = 21,
1307  TLS_EXT_ENCRYPT_THEN_MAC = 22,
1308  TLS_EXT_EXTENDED_MASTER_SECRET = 23,
1309  TLS_EXT_TOKEN_BINDING = 24,
1310  TLS_EXT_CACHED_INFO = 25,
1311  TLS_EXT_COMPRESS_CERTIFICATE = 27,
1312  TLS_EXT_RECORD_SIZE_LIMIT = 28,
1313  TLS_EXT_PWD_PROTECT = 29,
1314  TLS_EXT_PWD_CLEAR = 30,
1315  TLS_EXT_PASSWORD_SALT = 31,
1316  TLS_EXT_TICKET_PINNING = 32,
1317  TLS_EXT_TLS_CERT_WITH_EXTERN_PSK = 33,
1318  TLS_EXT_SESSION_TICKET = 35,
1319  TLS_EXT_SUPPORTED_EKT_CIPHERS = 39,
1320  TLS_EXT_PRE_SHARED_KEY = 41,
1321  TLS_EXT_EARLY_DATA = 42,
1322  TLS_EXT_SUPPORTED_VERSIONS = 43,
1323  TLS_EXT_COOKIE = 44,
1324  TLS_EXT_PSK_KEY_EXCHANGE_MODES = 45,
1325  TLS_EXT_CERTIFICATE_AUTHORITIES = 47,
1326  TLS_EXT_OID_FILTERS = 48,
1327  TLS_EXT_POST_HANDSHAKE_AUTH = 49,
1328  TLS_EXT_SIGNATURE_ALGORITHMS_CERT = 50,
1329  TLS_EXT_KEY_SHARE = 51,
1330  TLS_EXT_TRANSPARENCY_INFO = 52,
1331  TLS_EXT_CONNECTION_ID = 54,
1332  TLS_EXT_EXTERNAL_ID_HASH = 55,
1333  TLS_EXT_EXTERNAL_SESSION_ID = 56,
1334  TLS_EXT_QUIC_TRANSPORT_PARAMETERS = 57,
1335  TLS_EXT_TICKET_REQUEST = 58,
1336  TLS_EXT_DNSSEC_CHAIN = 59,
1337  TLS_EXT_RENEGOTIATION_INFO = 65281
1338 } TlsExtensionType;
1339 
1340 
1341 /**
1342  * @brief Name type
1343  **/
1344 
1345 typedef enum
1346 {
1347  TLS_NAME_TYPE_HOSTNAME = 0
1348 } TlsNameType;
1349 
1350 
1351 /**
1352  * @brief Maximum fragment length
1353  **/
1354 
1355 typedef enum
1356 {
1357  TLS_MAX_FRAGMENT_LENGTH_512 = 1,
1358  TLS_MAX_FRAGMENT_LENGTH_1024 = 2,
1359  TLS_MAX_FRAGMENT_LENGTH_2048 = 3,
1360  TLS_MAX_FRAGMENT_LENGTH_4096 = 4
1361 } TlsMaxFragmentLength;
1362 
1363 
1364 /**
1365  * @brief Named groups
1366  **/
1367 
1368 typedef enum
1369 {
1370  TLS_GROUP_NONE = 0,
1371  TLS_GROUP_SECT163K1 = 1, //RFC 4492
1372  TLS_GROUP_SECT163R1 = 2, //RFC 4492
1373  TLS_GROUP_SECT163R2 = 3, //RFC 4492
1374  TLS_GROUP_SECT193R1 = 4, //RFC 4492
1375  TLS_GROUP_SECT193R2 = 5, //RFC 4492
1376  TLS_GROUP_SECT233K1 = 6, //RFC 4492
1377  TLS_GROUP_SECT233R1 = 7, //RFC 4492
1378  TLS_GROUP_SECT239K1 = 8, //RFC 4492
1379  TLS_GROUP_SECT283K1 = 9, //RFC 4492
1380  TLS_GROUP_SECT283R1 = 10, //RFC 4492
1381  TLS_GROUP_SECT409K1 = 11, //RFC 4492
1382  TLS_GROUP_SECT409R1 = 12, //RFC 4492
1383  TLS_GROUP_SECT571K1 = 13, //RFC 4492
1384  TLS_GROUP_SECT571R1 = 14, //RFC 4492
1385  TLS_GROUP_SECP160K1 = 15, //RFC 4492
1386  TLS_GROUP_SECP160R1 = 16, //RFC 4492
1387  TLS_GROUP_SECP160R2 = 17, //RFC 4492
1388  TLS_GROUP_SECP192K1 = 18, //RFC 4492
1389  TLS_GROUP_SECP192R1 = 19, //RFC 4492
1390  TLS_GROUP_SECP224K1 = 20, //RFC 4492
1391  TLS_GROUP_SECP224R1 = 21, //RFC 4492
1392  TLS_GROUP_SECP256K1 = 22, //RFC 4492
1393  TLS_GROUP_SECP256R1 = 23, //RFC 4492
1394  TLS_GROUP_SECP384R1 = 24, //RFC 4492
1395  TLS_GROUP_SECP521R1 = 25, //RFC 4492
1396  TLS_GROUP_BRAINPOOLP256R1 = 26, //RFC 7027
1397  TLS_GROUP_BRAINPOOLP384R1 = 27, //RFC 7027
1398  TLS_GROUP_BRAINPOOLP512R1 = 28, //RFC 7027
1399  TLS_GROUP_X25519 = 29, //RFC 8422
1400  TLS_GROUP_X448 = 30, //RFC 8422
1401  TLS_GROUP_BRAINPOOLP256R1_TLS13 = 31, //RFC 8734
1402  TLS_GROUP_BRAINPOOLP384R1_TLS13 = 32, //RFC 8734
1403  TLS_GROUP_BRAINPOOLP512R1_TLS13 = 33, //RFC 8734
1404  TLS_GROUP_GC256A = 34, //RFC 9189
1405  TLS_GROUP_GC256B = 35, //RFC 9189
1406  TLS_GROUP_GC256C = 36, //RFC 9189
1407  TLS_GROUP_GC256D = 37, //RFC 9189
1408  TLS_GROUP_GC512A = 38, //RFC 9189
1409  TLS_GROUP_GC512B = 39, //RFC 9189
1410  TLS_GROUP_GC512C = 40, //RFC 9189
1411  TLS_GROUP_CURVE_SM2 = 41, //RFC 8998
1412  TLS_GROUP_FFDHE2048 = 256, //RFC 7919
1413  TLS_GROUP_FFDHE3072 = 257, //RFC 7919
1414  TLS_GROUP_FFDHE4096 = 258, //RFC 7919
1415  TLS_GROUP_FFDHE6144 = 259, //RFC 7919
1416  TLS_GROUP_FFDHE8192 = 260, //RFC 7919
1417  TLS_GROUP_FFDHE_MAX = 511, //RFC 7919
1418  TLS_GROUP_X25519_KYBER768_DRAFT00 = 25497, //Experimental
1419  TLS_GROUP_SECP256R1_KYBER768_DRAFT00 = 25498, //Experimental
1420  TLS_GROUP_EXPLICIT_PRIME_CURVE = 65281, //RFC 4492
1421  TLS_GROUP_EXPLICIT_CHAR2_CURVE = 65282 //RFC 4492
1422 } TlsNamedGroup;
1423 
1424 
1425 /**
1426  * @brief EC point formats
1427  **/
1428 
1429 typedef enum
1430 {
1431  TLS_EC_POINT_FORMAT_UNCOMPRESSED = 0,
1432  TLS_EC_POINT_FORMAT_ANSI_X962_COMPRESSED_PRIME = 1,
1433  TLS_EC_POINT_FORMAT_ANSI_X962_COMPRESSED_CHAR2 = 2
1434 } TlsEcPointFormat;
1435 
1436 
1437 /**
1438  * @brief EC curve types
1439  **/
1440 
1441 typedef enum
1442 {
1443  TLS_EC_CURVE_TYPE_EXPLICIT_PRIME = 1,
1444  TLS_EC_CURVE_TYPE_EXPLICIT_CHAR2 = 2,
1445  TLS_EC_CURVE_TYPE_NAMED_CURVE = 3
1446 } TlsEcCurveType;
1447 
1448 
1449 /**
1450  * @brief TLS FSM states
1451  **/
1452 
1453 typedef enum
1454 {
1455  TLS_STATE_INIT = 0,
1456  TLS_STATE_CLIENT_HELLO = 1,
1457  TLS_STATE_CLIENT_HELLO_2 = 2,
1458  TLS_STATE_EARLY_DATA = 3,
1459  TLS_STATE_HELLO_VERIFY_REQUEST = 4,
1460  TLS_STATE_HELLO_RETRY_REQUEST = 5,
1461  TLS_STATE_SERVER_HELLO = 6,
1462  TLS_STATE_SERVER_HELLO_2 = 7,
1463  TLS_STATE_SERVER_HELLO_3 = 8,
1464  TLS_STATE_HANDSHAKE_TRAFFIC_KEYS = 9,
1465  TLS_STATE_ENCRYPTED_EXTENSIONS = 10,
1466  TLS_STATE_SERVER_CERTIFICATE = 11,
1467  TLS_STATE_SERVER_KEY_EXCHANGE = 12,
1468  TLS_STATE_SERVER_CERTIFICATE_VERIFY = 13,
1469  TLS_STATE_CERTIFICATE_REQUEST = 14,
1470  TLS_STATE_SERVER_HELLO_DONE = 15,
1471  TLS_STATE_CLIENT_CERTIFICATE = 16,
1472  TLS_STATE_CLIENT_KEY_EXCHANGE = 17,
1473  TLS_STATE_CLIENT_CERTIFICATE_VERIFY = 18,
1474  TLS_STATE_CLIENT_CHANGE_CIPHER_SPEC = 19,
1475  TLS_STATE_CLIENT_CHANGE_CIPHER_SPEC_2 = 20,
1476  TLS_STATE_CLIENT_FINISHED = 21,
1477  TLS_STATE_CLIENT_APP_TRAFFIC_KEYS = 22,
1478  TLS_STATE_SERVER_CHANGE_CIPHER_SPEC = 23,
1479  TLS_STATE_SERVER_CHANGE_CIPHER_SPEC_2 = 24,
1480  TLS_STATE_SERVER_FINISHED = 25,
1481  TLS_STATE_END_OF_EARLY_DATA = 26,
1482  TLS_STATE_SERVER_APP_TRAFFIC_KEYS = 27,
1483  TLS_STATE_NEW_SESSION_TICKET = 28,
1484  TLS_STATE_KEY_UPDATE = 29,
1485  TLS_STATE_APPLICATION_DATA = 30,
1486  TLS_STATE_CLOSING = 31,
1487  TLS_STATE_CLOSED = 32
1488 } TlsState;
1489 
1490 
1491 //CC-RX, CodeWarrior or Win32 compiler?
1492 #if defined(__CCRX__)
1493  #pragma pack
1494 #elif defined(__CWCC__) || defined(_WIN32)
1495  #pragma pack(push, 1)
1496 #endif
1497 
1498 
1499 /**
1500  * @brief Sequence number
1501  **/
1502 
1503 typedef __packed_struct
1504 {
1505  uint8_t b[8];
1506 } TlsSequenceNumber;
1507 
1508 
1509 /**
1510  * @brief Cipher suites
1511  **/
1512 
1513 typedef __packed_struct
1514 {
1515  uint16_t length; //0-1
1516  uint16_t value[]; //2
1517 } TlsCipherSuites;
1518 
1519 
1520 /**
1521  * @brief Compression methods
1522  **/
1523 
1524 typedef __packed_struct
1525 {
1526  uint8_t length; //0
1527  uint8_t value[]; //1
1528 } TlsCompressMethods;
1529 
1530 
1531 /**
1532  * @brief List of signature schemes
1533  **/
1534 
1535 typedef __packed_struct
1536 {
1537  uint16_t length; //0-1
1538  uint16_t value[]; //2
1539 } TlsSignSchemeList;
1540 
1541 
1542 /**
1543  * @brief List of certificates
1544  **/
1545 
1546 typedef __packed_struct
1547 {
1548  uint8_t length[3]; //0-2
1549  uint8_t value[]; //3
1550 } TlsCertList;
1551 
1552 
1553 /**
1554  * @brief List of certificate authorities
1555  **/
1556 
1557 typedef __packed_struct
1558 {
1559  uint16_t length; //0-1
1560  uint8_t value[]; //2
1561 } TlsCertAuthorities;
1562 
1563 
1564 /**
1565  * @brief TLS extension
1566  **/
1567 
1568 typedef __packed_struct
1569 {
1570  uint16_t type; //0-1
1571  uint16_t length; //2-3
1572  uint8_t value[]; //4
1573 } TlsExtension;
1574 
1575 
1576 /**
1577  * @brief List of TLS extensions
1578  **/
1579 
1580 typedef __packed_struct
1581 {
1582  uint16_t length; //0-1
1583  uint8_t value[]; //2
1584 } TlsExtensionList;
1585 
1586 
1587 /**
1588  * @brief List of supported versions
1589  **/
1590 
1591 typedef __packed_struct
1592 {
1593  uint8_t length; //0
1594  uint16_t value[]; //1
1595 } TlsSupportedVersionList;
1596 
1597 
1598 /**
1599  * @brief Server name
1600  **/
1601 
1602 typedef __packed_struct
1603 {
1604  uint8_t type; //0
1605  uint16_t length; //1-2
1606  char_t hostname[]; //2
1607 } TlsServerName;
1608 
1609 
1610 /**
1611  * @brief List of server names
1612  **/
1613 
1614 typedef __packed_struct
1615 {
1616  uint16_t length; //0-1
1617  uint8_t value[]; //2
1618 } TlsServerNameList;
1619 
1620 
1621 /**
1622  * @brief Protocol name
1623  **/
1624 
1625 typedef __packed_struct
1626 {
1627  uint8_t length; //0
1628  char_t value[]; //1
1629 } TlsProtocolName;
1630 
1631 
1632 /**
1633  * @brief List of protocol names
1634  **/
1635 
1636 typedef __packed_struct
1637 {
1638  uint16_t length; //0-1
1639  uint8_t value[]; //2
1640 } TlsProtocolNameList;
1641 
1642 
1643 /**
1644  * @brief List of supported groups
1645  **/
1646 
1647 typedef __packed_struct
1648 {
1649  uint16_t length; //0-1
1650  uint16_t value[]; //2
1651 } TlsSupportedGroupList;
1652 
1653 
1654 /**
1655  * @brief List of supported EC point formats
1656  **/
1657 
1658 typedef __packed_struct
1659 {
1660  uint8_t length; //0
1661  uint8_t value[]; //1
1662 } TlsEcPointFormatList;
1663 
1664 
1665 /**
1666  * @brief List of supported certificate types
1667  **/
1668 
1669 typedef __packed_struct
1670 {
1671  uint8_t length; //0
1672  uint8_t value[]; //1
1673 } TlsCertTypeList;
1674 
1675 
1676 /**
1677  * @brief Renegotiated connection
1678  **/
1679 
1680 typedef __packed_struct
1681 {
1682  uint8_t length; //0
1683  uint8_t value[]; //1
1684 } TlsRenegoInfo;
1685 
1686 
1687 /**
1688  * @brief PSK identity
1689  **/
1690 
1691 typedef __packed_struct
1692 {
1693  uint16_t length; //0-1
1694  uint8_t value[]; //2
1695 } TlsPskIdentity;
1696 
1697 
1698 /**
1699  * @brief PSK identity hint
1700  **/
1701 
1702 typedef __packed_struct
1703 {
1704  uint16_t length; //0-1
1705  uint8_t value[]; //2
1706 } TlsPskIdentityHint;
1707 
1708 
1709 /**
1710  * @brief Digitally-signed element (TLS 1.0 and TLS 1.1)
1711  **/
1712 
1713 typedef __packed_struct
1714 {
1715  uint16_t length; //0-1
1716  uint8_t value[]; //2
1717 } TlsDigitalSignature;
1718 
1719 
1720 /**
1721  * @brief Digitally-signed element (TLS 1.2)
1722  **/
1723 
1724 typedef __packed_struct
1725 {
1726  uint16_t algorithm; //0-1
1727  uint16_t length; //2-3
1728  uint8_t value[]; //4
1729 } Tls12DigitalSignature;
1730 
1731 
1732 /**
1733  * @brief TLS record
1734  **/
1735 
1736 typedef __packed_struct
1737 {
1738  uint8_t type; //0
1739  uint16_t version; //1-2
1740  uint16_t length; //3-4
1741  uint8_t data[]; //5
1742 } TlsRecord;
1743 
1744 
1745 /**
1746  * @brief TLS handshake message
1747  **/
1748 
1749 typedef __packed_struct
1750 {
1751  uint8_t msgType; //0
1752  uint8_t length[3]; //1-3
1753  uint8_t data[]; //4
1754 } TlsHandshake;
1755 
1756 
1757 /**
1758  * @brief HelloRequest message
1759  **/
1760 
1761 typedef void TlsHelloRequest;
1762 
1763 
1764 /**
1765  * @brief ClientHello message
1766  **/
1767 
1768 typedef __packed_struct
1769 {
1770  uint16_t clientVersion; //0-1
1771  uint8_t random[32]; //2-33
1772  uint8_t sessionIdLen; //34
1773  uint8_t sessionId[]; //35
1774 } TlsClientHello;
1775 
1776 
1777 /**
1778  * @brief ServerHello message
1779  **/
1780 
1781 typedef __packed_struct
1782 {
1783  uint16_t serverVersion; //0-1
1784  uint8_t random[32]; //2-33
1785  uint8_t sessionIdLen; //34
1786  uint8_t sessionId[]; //35
1787 } TlsServerHello;
1788 
1789 
1790 /**
1791  * @brief Certificate message
1792  **/
1793 
1794 typedef void TlsCertificate;
1795 
1796 
1797 /**
1798  * @brief ServerKeyExchange message
1799  **/
1800 
1801 typedef void TlsServerKeyExchange;
1802 
1803 
1804 /**
1805  * @brief CertificateRequest message
1806  **/
1807 
1808 typedef __packed_struct
1809 {
1810  uint8_t certificateTypesLen; //0
1811  uint8_t certificateTypes[]; //1
1812 } TlsCertificateRequest;
1813 
1814 
1815 /**
1816  * @brief ServerHelloDone message
1817  **/
1818 
1819 typedef void TlsServerHelloDone;
1820 
1821 
1822 /**
1823  * @brief ClientKeyExchange message
1824  **/
1825 
1826 typedef void TlsClientKeyExchange;
1827 
1828 
1829 /**
1830  * @brief CertificateVerify message
1831  **/
1832 
1833 typedef void TlsCertificateVerify;
1834 
1835 
1836 /**
1837  * @brief NewSessionTicket message
1838  **/
1839 
1840 typedef __packed_struct
1841 {
1842  uint32_t ticketLifetimeHint; //0-3
1843  uint16_t ticketLen; //4-5
1844  uint8_t ticket[]; //6
1845 } TlsNewSessionTicket;
1846 
1847 
1848 /**
1849  * @brief Finished message
1850  **/
1851 
1852 typedef void TlsFinished;
1853 
1854 
1855 /**
1856  * @brief ChangeCipherSpec message
1857  **/
1858 
1859 typedef __packed_struct
1860 {
1861  uint8_t type; //0
1862 } TlsChangeCipherSpec;
1863 
1864 
1865 /**
1866  * @brief Alert message
1867  **/
1868 
1869 typedef __packed_struct
1870 {
1871  uint8_t level; //0
1872  uint8_t description; //1
1873 } TlsAlert;
1874 
1875 
1876 /**
1877  * @brief Session state information
1878  **/
1879 
1880 typedef __packed_struct
1881 {
1882  uint16_t version; ///<Protocol version
1883  uint16_t cipherSuite; ///<Cipher suite identifier
1884  uint8_t secret[TLS_MASTER_SECRET_SIZE]; ///<Master secret
1885  systime_t ticketTimestamp; ///<Timestamp to manage ticket lifetime
1886  uint32_t ticketLifetime; ///<Lifetime of the ticket
1887 #if (TLS_EXT_MASTER_SECRET_SUPPORT == ENABLED)
1888  bool_t extendedMasterSecret; ///<Extended master secret computation
1889 #endif
1890 } TlsPlaintextSessionState;
1891 
1892 
1893 //CC-RX, CodeWarrior or Win32 compiler?
1894 #if defined(__CCRX__)
1895  #pragma unpack
1896 #elif defined(__CWCC__) || defined(_WIN32)
1897  #pragma pack(pop)
1898 #endif
1899 
1900 
1901 /**
1902  * @brief Socket handle
1903  **/
1904 
1905 typedef void *TlsSocketHandle;
1906 
1907 
1908 /**
1909  * @brief TLS state change callback
1910  **/
1911 
1912 typedef void (*TlsStateChangeCallback)(TlsContext *context, TlsState state);
1913 
1914 
1915 /**
1916  * @brief Socket send callback function
1917  **/
1918 
1919 typedef error_t (*TlsSocketSendCallback)(TlsSocketHandle handle,
1920  const void *data, size_t length, size_t *written, uint_t flags);
1921 
1922 
1923 /**
1924  * @brief Socket receive callback function
1925  **/
1926 
1927 typedef error_t (*TlsSocketReceiveCallback)(TlsSocketHandle handle,
1928  void *data, size_t size, size_t *received, uint_t flags);
1929 
1930 
1931 /**
1932  * @brief ALPN callback function
1933  **/
1934 
1935 typedef error_t (*TlsAlpnCallback)(TlsContext *context,
1936  const char_t *selectedProtocol);
1937 
1938 
1939 /**
1940  * @brief Pre-shared key callback function
1941  **/
1942 
1943 typedef error_t (*TlsPskCallback)(TlsContext *context,
1944  const uint8_t *pskIdentity, size_t pskIdentityLen);
1945 
1946 
1947 /**
1948  * @brief Certificate verification callback function
1949  **/
1950 
1951 typedef error_t (*TlsCertVerifyCallback)(TlsContext *context,
1952  const X509CertInfo *certInfo, uint_t pathLen, void *param);
1953 
1954 
1955 /**
1956  * @brief Raw public key verification callback function
1957  **/
1958 
1959 typedef error_t (*TlsRpkVerifyCallback)(TlsContext *context,
1960  const uint8_t *rawPublicKey, size_t rawPublicKeyLen);
1961 
1962 
1963 /**
1964  * @brief Ticket encryption callback function
1965  **/
1966 
1967 typedef error_t (*TlsTicketEncryptCallback)(TlsContext *context,
1968  const uint8_t *plaintext, size_t plaintextLen, uint8_t *ciphertext,
1969  size_t *ciphertextLen, void *param);
1970 
1971 
1972 /**
1973  * @brief Ticket decryption callback function
1974  **/
1975 
1976 typedef error_t (*TlsTicketDecryptCallback)(TlsContext *context,
1977  const uint8_t *ciphertext, size_t ciphertextLen, uint8_t *plaintext,
1978  size_t *plaintextLen, void *param);
1979 
1980 
1981 /**
1982  * @brief ECDH key agreement callback function
1983  **/
1984 
1985 typedef error_t (*TlsEcdhCallback)(TlsContext *context);
1986 
1987 
1988 /**
1989  * @brief ECDSA signature generation callback function
1990  **/
1991 
1992 typedef error_t (*TlsEcdsaSignCallback)(TlsContext *context,
1993  const uint8_t *digest, size_t digestLen, EcdsaSignature *signature);
1994 
1995 
1996 /**
1997  * @brief ECDSA signature verification callback function
1998  **/
1999 
2000 typedef error_t (*TlsEcdsaVerifyCallback)(TlsContext *context,
2001  const uint8_t *digest, size_t digestLen, EcdsaSignature *signature);
2002 
2003 
2004 /**
2005  * @brief Key logging callback function (for debugging purpose only)
2006  **/
2007 
2008 typedef void (*TlsKeyLogCallback)(TlsContext *context, const char_t *key);
2009 
2010 
2011 /**
2012  * @brief Structure describing a cipher suite
2013  **/
2014 
2015 typedef struct
2016 {
2017  uint16_t identifier;
2018  const char_t *name;
2019  TlsKeyExchMethod keyExchMethod;
2020  const CipherAlgo *cipherAlgo;
2021  CipherMode cipherMode;
2022  const HashAlgo *hashAlgo;
2023  const HashAlgo *prfHashAlgo;
2024  uint8_t macKeyLen;
2025  uint8_t encKeyLen;
2026  uint8_t fixedIvLen;
2027  uint8_t recordIvLen;
2028  uint8_t authTagLen;
2029  uint8_t verifyDataLen;
2030 } TlsCipherSuiteInfo;
2031 
2032 
2033 /**
2034  * @brief TLS session state
2035  **/
2036 
2037 typedef struct
2038 {
2039  uint16_t version; ///<TLS protocol version
2040  uint16_t cipherSuite; ///<Cipher suite identifier
2041  systime_t timestamp; ///<Time stamp to manage entry lifetime
2042  uint8_t secret[TLS_MASTER_SECRET_SIZE]; ///<Master secret (TLS 1.2) or ticket PSK (TLS 1.3)
2043 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2)
2044  uint8_t sessionId[32]; ///<Session identifier
2045  size_t sessionIdLen; ///<Length of the session identifier
2046  bool_t extendedMasterSecret; ///<Extended master secret computation
2047 #endif
2048  uint8_t *ticket; ///<Session ticket
2049  size_t ticketLen; ///<Length of the session ticket
2050 #if (TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
2051  systime_t ticketTimestamp; ///<Timestamp to manage ticket lifetime
2052  uint32_t ticketLifetime; ///<Lifetime of the ticket
2053  uint32_t ticketAgeAdd; ///<Random value used to obscure the age of the ticket
2054  TlsHashAlgo ticketHashAlgo; ///<Hash algorithm associated with the ticket
2055  char_t *ticketAlpn; ///<ALPN protocol associated with the ticket
2056  uint32_t maxEarlyDataSize; ///<Maximum amount of 0-RTT data that the client is allowed to send
2057 #endif
2058 #if (TLS_SNI_SUPPORT == ENABLED)
2059  char_t *serverName; ///<ServerName extension
2060 #endif
2061 } TlsSessionState;
2062 
2063 
2064 /**
2065  * @brief Session cache
2066  **/
2067 
2068 typedef struct
2069 {
2070  OsMutex mutex; ///<Mutex preventing simultaneous access to the cache
2071  uint_t size; ///<Maximum number of entries
2072  TlsSessionState sessions[]; ///<Cache entries
2073 } TlsCache;
2074 
2075 
2076 /**
2077  * @brief Certificate descriptor
2078  **/
2079 
2080 typedef struct
2081 {
2082  const char_t *certChain; ///<End entity certificate chain (PEM format)
2083  size_t certChainLen; ///<Length of the certificate chain
2084  const char_t *privateKey; ///<Private key (PEM format)
2085  size_t privateKeyLen; ///<Length of the private key
2086  char_t password[TLS_MAX_PASSWORD_LEN + 1]; ///<Password used to decrypt the private key
2087  TlsCertificateType type; ///<End entity certificate type
2088  TlsSignatureScheme signScheme; ///<Signature scheme used to sign the end entity certificate
2089  TlsNamedGroup namedCurve; ///<Named curve used to generate the EC public key
2090 } TlsCertDesc;
2091 
2092 
2093 /**
2094  * @brief Hello extensions
2095  **/
2096 
2097 typedef struct
2098 {
2099  const TlsSupportedVersionList *supportedVersionList; ///<SupportedVersions extension (ClientHello)
2100  const TlsExtension *selectedVersion; ///<SupportedVersions extension (ServerHello)
2101  const TlsServerNameList *serverNameList; ///<ServerName extension
2102  const TlsSupportedGroupList *supportedGroupList; ///<SupportedGroups extension
2103  const TlsEcPointFormatList *ecPointFormatList; ///<EcPointFormats extension
2104  const TlsSignSchemeList *signAlgoList; ///<SignatureAlgorithms extension
2105  const TlsSignSchemeList *certSignAlgoList; ///<SignatureAlgorithmsCert extension
2106 #if (TLS_MAX_FRAG_LEN_SUPPORT == ENABLED)
2107  const TlsExtension *maxFragLen; ///<MaxFragmentLength extension
2108 #endif
2109 #if (TLS_RECORD_SIZE_LIMIT_SUPPORT == ENABLED)
2110  const TlsExtension *recordSizeLimit; ///<RecordSizeLimit extension
2111 #endif
2112 #if (TLS_ALPN_SUPPORT == ENABLED)
2113  const TlsProtocolNameList *protocolNameList; ///<ALPN extension
2114 #endif
2115 #if (TLS_RAW_PUBLIC_KEY_SUPPORT == ENABLED)
2116  const TlsCertTypeList *clientCertTypeList; ///<ClientCertType extension
2117  const TlsExtension *clientCertType;
2118  const TlsCertTypeList *serverCertTypeList; ///<ServerCertType extension
2119  const TlsExtension *serverCertType;
2120 #endif
2121 #if (TLS_ENCRYPT_THEN_MAC_SUPPORT == ENABLED)
2122  const TlsExtension *encryptThenMac; ///<EncryptThenMac extension
2123 #endif
2124 #if (TLS_EXT_MASTER_SECRET_SUPPORT == ENABLED)
2125  const TlsExtension *extendedMasterSecret; ///<ExtendedMasterSecret extension
2126 #endif
2127 #if (TLS_TICKET_SUPPORT == ENABLED)
2128  const TlsExtension *sessionTicket; ///<SessionTicket extension
2129 #endif
2130 #if (TLS_SECURE_RENEGOTIATION_SUPPORT == ENABLED)
2131  const TlsRenegoInfo *renegoInfo; ///<RenegotiationInfo extension
2132 #endif
2133 #if (TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
2134  const Tls13Cookie *cookie; ///<Cookie extension
2135  const TlsCertAuthorities *certAuthorities; ///<CertificateAuthorities extension
2136  const Tls13KeyShareList *keyShareList; ///<KeyShare extension (ClientHello)
2137  const TlsExtension *selectedGroup; ///<KeyShare extension (HelloRetryRequest)
2138  const Tls13KeyShareEntry *serverShare; ///<KeyShare extension (ServerHello)
2139  const Tls13PskKeModeList *pskKeModeList; ///<PskKeyExchangeModes extension
2140  const Tls13PskIdentityList *identityList; ///<PreSharedKey extension (ClientHello)
2141  const Tls13PskBinderList *binderList;
2142  const TlsExtension *selectedIdentity; ///<PreSharedKey extension (ServerHello)
2143  const TlsExtension *earlyDataIndication; ///<EarlyData extension
2144 #endif
2145 } TlsHelloExtensions;
2146 
2147 
2148 /**
2149  * @brief Encryption engine
2150  **/
2151 
2152 struct _TlsEncryptionEngine
2153 {
2154  uint16_t version; ///<Negotiated TLS version
2155  uint8_t macKey[48]; ///<MAC key
2156  size_t macKeyLen; ///<Length of the MAC key
2157  uint8_t encKey[48]; ///<Encryption key
2158  size_t encKeyLen; ///<Length of the encryption key
2159  uint8_t iv[16]; ///<Initialization vector
2160  size_t fixedIvLen; ///<Length of the fixed part of the IV
2161  size_t recordIvLen; ///<Length of the IV
2162  size_t authTagLen; ///<Length of the authentication tag
2163  const CipherAlgo *cipherAlgo; ///<Cipher algorithm
2164  void *cipherContext; ///<Cipher context
2165  CipherMode cipherMode; ///<Cipher mode of operation
2166  const HashAlgo *hashAlgo; ///<Hash algorithm for MAC operations
2167  HmacContext *hmacContext; ///<HMAC context
2168 #if (TLS_GCM_CIPHER_SUPPORT == ENABLED)
2169  GcmContext *gcmContext; ///<GCM context
2170 #endif
2171  TlsSequenceNumber seqNum; ///<TLS sequence number
2172 #if (DTLS_SUPPORT == ENABLED)
2173  uint16_t epoch; ///<Counter value incremented on every cipher state change
2174  DtlsSequenceNumber dtlsSeqNum; ///<Record sequence number
2175 #endif
2176 #if (TLS_RECORD_SIZE_LIMIT_SUPPORT == ENABLED)
2177  size_t recordSizeLimit; ///<Maximum size of record in octets
2178 #endif
2179 #if (TLS_ENCRYPT_THEN_MAC_SUPPORT == ENABLED)
2180  bool_t encryptThenMac; ///<Encrypt-then-MAC construction
2181 #endif
2182  TLS_PRIVATE_ENCRYPTION_ENGINE ///<Application specific context
2183 };
2184 
2185 
2186 /**
2187  * @brief TLS context
2188  *
2189  * An opaque data structure that represents a TLS connection
2190  *
2191  **/
2192 
2193 struct _TlsContext
2194 {
2195  TlsState state; ///<TLS handshake finite state machine
2196  TlsTransportProtocol transportProtocol; ///<Transport protocol (stream or datagram)
2197  TlsConnectionEnd entity; ///<Client or server operation
2198 
2199  TlsStateChangeCallback stateChangeCallback; ///<TLS state change callback function
2200 
2201  TlsSocketHandle socketHandle; ///<Socket handle
2202  TlsSocketSendCallback socketSendCallback; ///<Socket send callback function
2203  TlsSocketReceiveCallback socketReceiveCallback; ///<Socket receive callback function
2204 
2205  const PrngAlgo *prngAlgo; ///<Pseudo-random number generator to be used
2206  void *prngContext; ///<Pseudo-random number generator context
2207 
2208  const uint16_t *cipherSuites; ///<List of supported cipher suites
2209  uint_t numCipherSuites; ///<Number of cipher suites in the list
2210 
2211  const uint16_t *supportedGroups; ///<List of supported named groups
2212  uint_t numSupportedGroups; ///<Number of named groups in the list
2213 
2214  char_t *serverName; ///<Fully qualified DNS hostname of the server
2215 
2216 #if (TLS_ECC_CALLBACK_SUPPORT == ENABLED)
2217  TlsEcdhCallback ecdhCallback;
2218  TlsEcdsaSignCallback ecdsaSignCallback;
2219  TlsEcdsaVerifyCallback ecdsaVerifyCallback;
2220 #endif
2221 
2222  TlsCertDesc certs[TLS_MAX_CERTIFICATES]; ///<End entity certificates (PEM format)
2223  uint_t numCerts; ///<Number of certificates available
2224  const char_t *trustedCaList; ///<Trusted CA list (PEM format)
2225  size_t trustedCaListLen; ///<Total length of the trusted CA list
2226  TlsCertVerifyCallback certVerifyCallback; ///<Certificate verification callback function
2227  void *certVerifyParam; ///<Opaque pointer passed to the certificate verification callback
2228  TlsCertDesc *cert; ///<Pointer to the currently selected certificate
2229 
2230  TlsCache *cache; ///<TLS session cache
2231  uint8_t sessionId[32]; ///<Session identifier
2232  size_t sessionIdLen; ///<Length of the session identifier
2233 
2234  uint16_t clientVersion; ///<Latest version supported by the client
2235  uint16_t version; ///<Negotiated TLS version
2236  uint16_t versionMin; ///<Minimum version accepted by the implementation
2237  uint16_t versionMax; ///<Maximum version accepted by the implementation
2238 
2239  uint8_t *cookie; ///<Cookie
2240  size_t cookieLen; ///<Length of the cookie
2241 
2242  uint8_t *ticket; ///<Session ticket
2243  size_t ticketLen; ///<Length of the session ticket
2244  systime_t ticketTimestamp; ///<Timestamp to manage ticket lifetime
2245  uint32_t ticketLifetime; ///<Lifetime of the ticket
2246 
2247  uint_t cipherSuiteTypes; ///<Types of cipher suites proposed by the client
2248  TlsCipherSuiteInfo cipherSuite; ///<Negotiated cipher suite
2249  TlsKeyExchMethod keyExchMethod; ///<Key exchange method
2250  TlsSignatureScheme signScheme; ///<Signature scheme to be used
2251  uint16_t namedGroup; ///<ECDHE or FFDHE named group
2252 
2253  TlsCertificateType peerCertType; ///<Peer's certificate type
2254  TlsClientAuthMode clientAuthMode; ///<Client authentication mode
2255  bool_t clientCertRequested; ///<This flag tells whether the client certificate is requested
2256 
2257  bool_t resume; ///<The connection is established by resuming a session
2258  bool_t fatalAlertSent; ///<A fatal alert message has been sent
2259  bool_t fatalAlertReceived; ///<A fatal alert message has been received from the peer
2260  bool_t closeNotifySent; ///<A closure alert has been sent
2261  bool_t closeNotifyReceived; ///<A closure alert has been received from the peer
2262 
2263  uint8_t *txBuffer; ///<TX buffer
2264  size_t txBufferSize; ///<TX buffer size
2265  size_t txBufferMaxLen; ///<Maximum number of plaintext data the TX buffer can hold
2266  TlsContentType txBufferType; ///<Type of data that resides in the TX buffer
2267  size_t txBufferLen; ///<Number of bytes that are pending to be sent
2268  size_t txBufferPos; ///<Current position in TX buffer
2269  size_t txRecordLen; ///<Length of the TLS record
2270  size_t txRecordPos; ///<Current position in the TLS record
2271 
2272  uint8_t *rxBuffer; ///<RX buffer
2273  size_t rxBufferSize; ///<RX buffer size
2274  size_t rxBufferMaxLen; ///<Maximum number of plaintext data the RX buffer can hold
2275  TlsContentType rxBufferType; ///<Type of data that resides in the RX buffer
2276  size_t rxBufferLen; ///<Number of bytes available for reading
2277  size_t rxBufferPos; ///<Current position in RX buffer
2278  size_t rxRecordLen; ///<Length of the TLS record
2279  size_t rxRecordPos; ///<Current position in the TLS record
2280 
2281  uint8_t clientRandom[TLS_RANDOM_SIZE]; ///<Client random value
2282  uint8_t serverRandom[TLS_RANDOM_SIZE]; ///<Server random value
2283  uint8_t premasterSecret[TLS_PREMASTER_SECRET_SIZE]; ///<Premaster secret
2284  size_t premasterSecretLen; ///<Length of the premaster secret
2285  uint8_t clientVerifyData[64]; ///<Client verify data
2286  size_t clientVerifyDataLen; ///<Length of the client verify data
2287  uint8_t serverVerifyData[64]; ///<Server verify data
2288  size_t serverVerifyDataLen; ///<Length of the server verify data
2289 
2290  TlsEncryptionEngine encryptionEngine; ///<Encryption engine
2291  TlsEncryptionEngine decryptionEngine; ///<Decryption engine
2292 
2293 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_0)
2294  size_t txLastRecordLen; ///<Length of the previous TLS record
2295 #endif
2296 
2297 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_1)
2298  Md5Context *transcriptMd5Context; ///<MD5 context used to compute verify data
2299 #endif
2300 
2301 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2)
2302  uint8_t masterSecret[TLS_MASTER_SECRET_SIZE]; ///<Master secret
2303  uint8_t keyBlock[192]; ///<Key material
2304  HmacContext hmacContext; ///<HMAC context
2305  Sha1Context *transcriptSha1Context; ///<SHA-1 context used to compute verify data
2306 #endif
2307 
2308 #if (TLS_MAX_VERSION >= TLS_VERSION_1_2 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
2309  const uint16_t *supportedSignAlgos; ///<List of supported signature algorithms
2310  uint_t numSupportedSignAlgos; ///<Number of signature algorithms in the list
2311 
2312  HashContext *transcriptHashContext; ///<Hash context used to compute verify data
2313 #endif
2314 
2315 #if (TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
2316  uint16_t preferredGroup; ///<Preferred ECDHE or FFDHE named group
2317  systime_t clientHelloTimestamp; ///<Time at which the ClientHello message was sent
2318  bool_t updatedClientHelloReceived; ///<An updated ClientHello message has been received
2319  uint8_t *certRequestContext; ///<Certificate request context
2320  size_t certRequestContextLen; ///<Length of the certificate request context
2321  int_t selectedIdentity; ///<Selected PSK identity
2322  bool_t pskKeModeSupported; ///<PSK key establishment supported by the client
2323 
2324  uint8_t secret[TLS_MAX_HKDF_DIGEST_SIZE];
2325  uint8_t clientEarlyTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE];
2326  uint8_t clientHsTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE];
2327  uint8_t serverHsTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE];
2328  uint8_t clientAppTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE];
2329  uint8_t serverAppTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE];
2330  uint8_t exporterMasterSecret[TLS_MAX_HKDF_DIGEST_SIZE];
2331  uint8_t resumptionMasterSecret[TLS_MAX_HKDF_DIGEST_SIZE];
2332 
2333  uint_t newSessionTicketCount; ///<Number of NewSessionTicket messages that have been sent
2334 
2335  uint8_t ticketPsk[TLS_MAX_HKDF_DIGEST_SIZE]; ///<PSK associated with the ticket
2336  size_t ticketPskLen; ///<Length of the PSK associated with the ticket
2337  uint32_t ticketAgeAdd; ///<Random value used to obscure the age of the ticket
2338  uint32_t ticketNonce; ///<A per-ticket value that is unique across all tickets issued
2339  uint16_t ticketCipherSuite; ///<Cipher suite associated with the ticket
2340  TlsHashAlgo ticketHashAlgo; ///<Hash algorithm associated with the ticket
2341  char_t *ticketAlpn; ///<ALPN protocol associated with the ticket
2342 
2343  size_t maxEarlyDataSize; ///<Maximum amount of 0-RTT data that the client is allowed to send
2344  size_t earlyDataLen; ///<Total amount of 0-RTT data that have been sent by the client
2345  bool_t earlyDataEnabled; ///<EarlyData is enabled
2346  bool_t earlyDataRejected; ///<The 0-RTT data have been rejected by the server
2347  bool_t earlyDataExtReceived; ///<The EarlyData extension has been received
2348  TlsSequenceNumber earlyDataSeqNum; ///<Early data sequence number
2349 #endif
2350 
2351 #if (TLS_DH_SUPPORT == ENABLED)
2352  DhContext dhContext; ///<Diffie-Hellman context
2353 #endif
2354 
2355 #if (TLS_ECDH_SUPPORT == ENABLED || TLS_HYBRID_SUPPORT == ENABLED)
2356  EcdhContext ecdhContext; ///<ECDH context
2357  bool_t ecPointFormatsExtReceived; ///<The EcPointFormats extension has been received
2358 #endif
2359 
2360 #if (TLS_HYBRID_SUPPORT == ENABLED)
2361  KemContext kemContext; ///<KEM context
2362 #endif
2363 
2364 #if (TLS_RSA_SUPPORT == ENABLED)
2365  RsaPublicKey peerRsaPublicKey; ///<Peer's RSA public key
2366 #endif
2367 
2368 #if (TLS_DSA_SIGN_SUPPORT == ENABLED)
2369  DsaPublicKey peerDsaPublicKey; ///<Peer's DSA public key
2370 #endif
2371 
2372 #if (TLS_ECDSA_SIGN_SUPPORT == ENABLED || TLS_SM2_SIGN_SUPPORT == ENABLED || \
2373  TLS_ED25519_SIGN_SUPPORT == ENABLED || TLS_ED448_SIGN_SUPPORT == ENABLED)
2374  EcDomainParameters peerEcParams; ///<Peer's EC domain parameters
2375  EcPublicKey peerEcPublicKey; ///<Peer's EC public key
2376 #endif
2377 
2378 #if (TLS_PSK_SUPPORT == ENABLED)
2379  uint8_t *psk; ///<Pre-shared key
2380  size_t pskLen; ///<Length of the pre-shared key, in bytes
2381  char_t *pskIdentity; ///<PSK identity
2382  char_t *pskIdentityHint; ///<PSK identity hint
2383  TlsPskCallback pskCallback; ///<PSK callback function
2384  uint16_t pskCipherSuite; ///<Cipher suite associated with the PSK
2385  TlsHashAlgo pskHashAlgo; ///<Hash algorithm associated with the PSK
2386 #endif
2387 
2388 #if (TLS_MAX_FRAG_LEN_SUPPORT == ENABLED)
2389  size_t maxFragLen; ///<Maximum plaintext fragment length
2390  bool_t maxFragLenExtReceived; ///<The MaxFragmentLength extension has been received
2391 #endif
2392 
2393 #if (TLS_RECORD_SIZE_LIMIT_SUPPORT == ENABLED)
2394  size_t recordSizeLimit; ///<Maximum record size the peer is willing to receive
2395  bool_t recordSizeLimitExtReceived; ///<The RecordSizeLimit extension has been received
2396 #endif
2397 
2398 #if (TLS_ALPN_SUPPORT == ENABLED)
2399  bool_t unknownProtocolsAllowed; ///<Unknown ALPN protocols allowed
2400  char_t *protocolList; ///<List of supported ALPN protocols
2401  char_t *selectedProtocol; ///<Selected ALPN protocol
2402  TlsAlpnCallback alpnCallback; ///<ALPN callback function
2403 #endif
2404 
2405 #if (TLS_ENCRYPT_THEN_MAC_SUPPORT == ENABLED)
2406  bool_t etmExtReceived; ///<The EncryptThenMac extension has been received
2407 #endif
2408 
2409 #if (TLS_EXT_MASTER_SECRET_SUPPORT == ENABLED)
2410  bool_t emsExtReceived; ///<The ExtendedMasterSecret extension has been received
2411 #endif
2412 
2413 #if (TLS_RAW_PUBLIC_KEY_SUPPORT == ENABLED)
2414  TlsCertificateFormat certFormat; ///<Certificate format
2415  TlsCertificateFormat peerCertFormat; ///<Peer's certificate format
2416  TlsRpkVerifyCallback rpkVerifyCallback; ///<Raw public key verification callback function
2417  bool_t clientCertTypeExtReceived; ///<The ClientCertType extension has been received
2418  bool_t serverCertTypeExtReceived; ///<The ServerCertType extension has been received
2419 #endif
2420 
2421 #if (TLS_TICKET_SUPPORT == ENABLED)
2422  bool_t sessionTicketEnabled; ///<Session ticket mechanism enabled
2423  bool_t sessionTicketExtReceived; ///<The SessionTicket extension has been received
2424  bool_t sessionTicketExtSent; ///<The SessionTicket extension has been sent
2425  TlsTicketEncryptCallback ticketEncryptCallback; ///<Ticket encryption callback function
2426  TlsTicketDecryptCallback ticketDecryptCallback; ///<Ticket decryption callback function
2427  void *ticketParam; ///<Opaque pointer passed to the ticket callbacks
2428 #endif
2429 
2430 #if (TLS_SECURE_RENEGOTIATION_SUPPORT == ENABLED)
2431  bool_t secureRenegoEnabled; ///<Secure renegotiation enabled
2432  bool_t secureRenegoFlag; ///<Secure renegotiation flag
2433 #endif
2434 
2435 #if (TLS_FALLBACK_SCSV_SUPPORT == ENABLED)
2436  bool_t fallbackScsvEnabled; ///<Support for FALLBACK_SCSV
2437 #endif
2438 
2439 #if (TLS_KEY_LOG_SUPPORT == ENABLED)
2440  TlsKeyLogCallback keyLogCallback; ///<Key logging callback (for debugging purpose only)
2441 #endif
2442 
2443 #if (TLS_MAX_WARNING_ALERTS > 0)
2444  uint_t alertCount; ///<Count of consecutive warning alerts
2445 #endif
2446 
2447 #if (TLS_MAX_EMPTY_RECORDS > 0)
2448  uint_t emptyRecordCount; ///<Count of consecutive empty records
2449 #endif
2450 
2451 #if (TLS_MAX_CHANGE_CIPHER_SPEC_MESSAGES > 0)
2452  uint_t changeCipherSpecCount; ///<Count of consecutive ChangeCipherSpec messages
2453 #endif
2454 
2455 #if (TLS_MAX_KEY_UPDATE_MESSAGES > 0)
2456  uint_t keyUpdateCount; ///<Count of consecutive KeyUpdate messages
2457 #endif
2458 
2459 #if (DTLS_SUPPORT == ENABLED)
2460  size_t pmtu; ///<PMTU value
2461  systime_t timeout; ///<Timeout for blocking calls
2462  systime_t startTime;
2463 
2464  DtlsCookieGenerateCallback cookieGenerateCallback; ///<Cookie generation callback function
2465  DtlsCookieVerifyCallback cookieVerifyCallback; ///<Cookie verification callback function
2466  void *cookieParam; ///<Opaque pointer passed to the cookie callbacks
2467 
2468  uint_t retransmitCount; ///<Retransmission counter
2469  systime_t retransmitTimestamp; ///<Time at which the datagram was sent
2470  systime_t retransmitTimeout; ///<Retransmission timeout
2471 
2472  uint16_t txMsgSeq; ///<Send sequence number
2473  size_t txDatagramLen; ///<Length of the outgoing datagram, in bytes
2474 
2475  uint16_t rxMsgSeq; ///<Next receive sequence number
2476  size_t rxFragQueueLen; ///<Length of the reassembly queue
2477  size_t rxDatagramLen; ///<Length of the incoming datagram, in bytes
2478  size_t rxDatagramPos;
2479  uint16_t rxRecordVersion; ///<Version of the incoming record
2480 
2481  TlsEncryptionEngine prevEncryptionEngine;
2482 #endif
2483 
2484 #if (DTLS_SUPPORT == ENABLED && DTLS_REPLAY_DETECTION_SUPPORT == ENABLED)
2485  bool_t replayDetectionEnabled; ///<Anti-replay mechanism enabled
2486  uint32_t replayWindow[(DTLS_REPLAY_WINDOW_SIZE + 31) / 32];
2487 #endif
2488 
2489  TLS_PRIVATE_CONTEXT ///<Application specific context
2490 };
2491 
2492 
2493 //TLS application programming interface (API)
2494 TlsContext *tlsInit(void);
2495 TlsState tlsGetState(TlsContext *context);
2496 
2497 error_t tlsSetStateChangeCallback(TlsContext *context,
2498  TlsStateChangeCallback stateChangeCallback);
2499 
2500 error_t tlsSetSocketCallbacks(TlsContext *context,
2501  TlsSocketSendCallback socketSendCallback,
2502  TlsSocketReceiveCallback socketReceiveCallback, TlsSocketHandle handle);
2503 
2504 error_t tlsSetVersion(TlsContext *context, uint16_t versionMin,
2505  uint16_t versionMax);
2506 
2507 error_t tlsSetTransportProtocol(TlsContext *context,
2508  TlsTransportProtocol transportProtocol);
2509 
2510 error_t tlsSetConnectionEnd(TlsContext *context, TlsConnectionEnd entity);
2511 
2512 error_t tlsSetPrng(TlsContext *context, const PrngAlgo *prngAlgo,
2513  void *prngContext);
2514 
2515 error_t tlsSetServerName(TlsContext *context, const char_t *serverName);
2516 const char_t *tlsGetServerName(TlsContext *context);
2517 
2518 error_t tlsSetCache(TlsContext *context, TlsCache *cache);
2519 error_t tlsSetClientAuthMode(TlsContext *context, TlsClientAuthMode mode);
2520 
2521 error_t tlsSetBufferSize(TlsContext *context, size_t txBufferSize,
2522  size_t rxBufferSize);
2523 
2524 error_t tlsSetMaxFragmentLength(TlsContext *context, size_t maxFragLen);
2525 
2526 error_t tlsSetCipherSuites(TlsContext *context, const uint16_t *cipherSuites,
2527  uint_t length);
2528 
2529 error_t tlsSetSupportedGroups(TlsContext *context, const uint16_t *groups,
2530  uint_t length);
2531 
2532 error_t tlsSetPreferredGroup(TlsContext *context, uint16_t group);
2533 
2534 error_t tlsSetSupportedSignAlgos(TlsContext *context,
2535  const uint16_t *signAlgos, uint_t length);
2536 
2537 error_t tlsSetDhParameters(TlsContext *context, const char_t *params,
2538  size_t length);
2539 
2540 error_t tlsSetEcdhCallback(TlsContext *context, TlsEcdhCallback ecdhCallback);
2541 
2542 error_t tlsSetEcdsaSignCallback(TlsContext *context,
2543  TlsEcdsaSignCallback ecdsaSignCallback);
2544 
2545 error_t tlsSetEcdsaVerifyCallback(TlsContext *context,
2546  TlsEcdsaVerifyCallback ecdsaVerifyCallback);
2547 
2548 error_t tlsSetKeyLogCallback(TlsContext *context,
2549  TlsKeyLogCallback keyLogCallback);
2550 
2551 error_t tlsAllowUnknownAlpnProtocols(TlsContext *context, bool_t allowed);
2552 error_t tlsSetAlpnProtocolList(TlsContext *context, const char_t *protocolList);
2553 error_t tlsSetAlpnCallback(TlsContext *context, TlsAlpnCallback alpnCallback);
2554 const char_t *tlsGetAlpnProtocol(TlsContext *context);
2555 
2556 error_t tlsSetPsk(TlsContext *context, const uint8_t *psk, size_t length);
2557 error_t tlsSetPskIdentity(TlsContext *context, const char_t *pskIdentity);
2558 error_t tlsSetPskIdentityHint(TlsContext *context, const char_t *pskIdentityHint);
2559 error_t tlsSetPskCallback(TlsContext *context, TlsPskCallback pskCallback);
2560 
2561 error_t tlsSetRpkVerifyCallback(TlsContext *context,
2562  TlsRpkVerifyCallback rpkVerifyCallback);
2563 
2564 error_t tlsSetTrustedCaList(TlsContext *context, const char_t *trustedCaList,
2565  size_t length);
2566 
2567 error_t tlsAddCertificate(TlsContext *context, const char_t *certChain,
2568  size_t certChainLen, const char_t *privateKey, size_t privateKeyLen);
2569 
2570 error_t tlsLoadCertificate(TlsContext *context, uint_t index,
2571  const char_t *certChain, size_t certChainLen, const char_t *privateKey,
2572  size_t privateKeyLen, const char_t *password);
2573 
2574 error_t tlsSetCertificateVerifyCallback(TlsContext *context,
2575  TlsCertVerifyCallback certVerifyCallback, void *param);
2576 
2577 error_t tlsEnableSessionTickets(TlsContext *context, bool_t enabled);
2578 error_t tlsEnableSecureRenegotiation(TlsContext *context, bool_t enabled);
2579 error_t tlsEnableFallbackScsv(TlsContext *context, bool_t enabled);
2580 
2581 error_t tlsSetTicketCallbacks(TlsContext *context,
2582  TlsTicketEncryptCallback ticketEncryptCallback,
2583  TlsTicketDecryptCallback ticketDecryptCallback, void *param);
2584 
2585 error_t tlsSetPmtu(TlsContext *context, size_t pmtu);
2586 error_t tlsSetTimeout(TlsContext *context, systime_t timeout);
2587 
2588 error_t tlsSetCookieCallbacks(TlsContext *context,
2589  DtlsCookieGenerateCallback cookieGenerateCallback,
2590  DtlsCookieVerifyCallback cookieVerifyCallback, void *param);
2591 
2592 error_t tlsEnableReplayDetection(TlsContext *context, bool_t enabled);
2593 
2594 error_t tlsSetMaxEarlyDataSize(TlsContext *context, size_t maxEarlyDataSize);
2595 
2596 error_t tlsWriteEarlyData(TlsContext *context, const void *data,
2597  size_t length, size_t *written, uint_t flags);
2598 
2599 error_t tlsConnect(TlsContext *context);
2600 
2601 TlsEarlyDataStatus tlsGetEarlyDataStatus(TlsContext *context);
2602 
2603 error_t tlsWrite(TlsContext *context, const void *data, size_t length,
2604  size_t *written, uint_t flags);
2605 
2606 error_t tlsRead(TlsContext *context, void *data, size_t size, size_t *received,
2607  uint_t flags);
2608 
2609 bool_t tlsIsTxReady(TlsContext *context);
2610 bool_t tlsIsRxReady(TlsContext *context);
2611 
2612 error_t tlsShutdown(TlsContext *context);
2613 error_t tlsShutdownEx(TlsContext *context, bool_t waitForCloseNotify);
2614 
2615 void tlsFree(TlsContext *context);
2616 
2617 error_t tlsInitSessionState(TlsSessionState *session);
2618 
2619 error_t tlsSaveSessionState(const TlsContext *context,
2620  TlsSessionState *session);
2621 
2622 error_t tlsRestoreSessionState(TlsContext *context,
2623  const TlsSessionState *session);
2624 
2625 void tlsFreeSessionState(TlsSessionState *session);
2626 
2627 TlsCache *tlsInitCache(uint_t size);
2628 void tlsFreeCache(TlsCache *cache);
2629 
2630 //C++ guard
2631 #ifdef __cplusplus
2632 }
2633 #endif
2634 
2635 #endif
TLS_CERT_ECDSA_FIXED_ECDH
@ TLS_CERT_ECDSA_FIXED_ECDH
Definition: tls.h:1197
tlsSetCertificateVerifyCallback
error_t tlsSetCertificateVerifyCallback(TlsContext *context, TlsCertVerifyCallback certVerifyCallback, void *param)
Register certificate verification callback function.
Definition: tls.c:1413
TLS13_KEY_EXCH_PSK
@ TLS13_KEY_EXCH_PSK
Definition: tls.h:1161
_TlsContext::rpkVerifyCallback
TlsRpkVerifyCallback rpkVerifyCallback
Raw public key verification callback function.
Definition: tls.h:2416
TLS_EXT_PSK_KEY_EXCHANGE_MODES
@ TLS_EXT_PSK_KEY_EXCHANGE_MODES
Definition: tls.h:1324
TLS_GROUP_BRAINPOOLP512R1_TLS13
@ TLS_GROUP_BRAINPOOLP512R1_TLS13
Definition: tls.h:1403
TlsSessionState::ticketLen
size_t ticketLen
Length of the session ticket.
Definition: tls.h:2049
TLS_TYPE_MESSAGE_HASH
@ TLS_TYPE_MESSAGE_HASH
Definition: tls.h:1063
TLS_EXT_MAX_FRAGMENT_LENGTH
@ TLS_EXT_MAX_FRAGMENT_LENGTH
Definition: tls.h:1286
dtls_misc.h
DTLS (Datagram Transport Layer Security)
EcdsaSignature
ECDSA signature.
Definition: ecdsa.h:49
TLS_SIGN_ALGO_DSA
@ TLS_SIGN_ALGO_DSA
Definition: tls.h:1233
_TlsContext::sessionId
uint8_t sessionId[32]
Session identifier.
Definition: tls.h:2231
TLS_CERT_FORMAT_RAW_PUBLIC_KEY
@ TLS_CERT_FORMAT_RAW_PUBLIC_KEY
Definition: tls.h:1176
x509_common.h
X.509 common definitions.
_TlsContext::masterSecret
uint8_t masterSecret[TLS_MASTER_SECRET_SIZE]
Master secret.
Definition: tls.h:2302
TLS_SIGN_SCHEME_ECDSA_BP256R1_TLS13_SHA256
@ TLS_SIGN_SCHEME_ECDSA_BP256R1_TLS13_SHA256
Definition: tls.h:1263
TlsServerName
TlsServerName
Definition: tls.h:1607
TLS_ALERT_DECODE_ERROR
@ TLS_ALERT_DECODE_ERROR
Definition: tls.h:1100
TLS_GROUP_SECT163R2
@ TLS_GROUP_SECT163R2
Definition: tls.h:1373
TLS_GROUP_SECP256R1_KYBER768_DRAFT00
@ TLS_GROUP_SECP256R1_KYBER768_DRAFT00
Definition: tls.h:1419
_TlsContext::sessionIdLen
size_t sessionIdLen
Length of the session identifier.
Definition: tls.h:2232
TLS_ALERT_UNEXPECTED_MESSAGE
@ TLS_ALERT_UNEXPECTED_MESSAGE
Definition: tls.h:1085
_TlsContext::peerEcPublicKey
EcPublicKey peerEcPublicKey
Peer's EC public key.
Definition: tls.h:2375
key_exch_algorithms.h
Collection of key exchange algorithms.
TLS_GROUP_BRAINPOOLP256R1_TLS13
@ TLS_GROUP_BRAINPOOLP256R1_TLS13
Definition: tls.h:1401
_TlsContext::ecPointFormatsExtReceived
bool_t ecPointFormatsExtReceived
The EcPointFormats extension has been received.
Definition: tls.h:2357
HashContext
Generic hash algorithm context.
Definition: hash_algorithms.h:297
length
uint16_t length
Definition: tls.h:1571
_TlsContext::ticketHashAlgo
TlsHashAlgo ticketHashAlgo
Hash algorithm associated with the ticket.
Definition: tls.h:2340
Tls13PskBinderList
Tls13PskBinderList
Definition: tls13_misc.h:261
_TlsContext::secret
uint8_t secret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2324
TLS_STATE_HELLO_RETRY_REQUEST
@ TLS_STATE_HELLO_RETRY_REQUEST
Definition: tls.h:1460
bool_t
int bool_t
Definition: compiler_port.h:53
sessionId
uint8_t sessionId[]
Definition: tls.h:1773
b
uint8_t b
Definition: nbns_common.h:104
TLS_GROUP_SECP160R2
@ TLS_GROUP_SECP160R2
Definition: tls.h:1387
HmacContext
HMAC algorithm context.
Definition: hmac.h:59
_TlsContext::numSupportedGroups
uint_t numSupportedGroups
Number of named groups in the list.
Definition: tls.h:2212
_TlsEncryptionEngine::encKey
uint8_t encKey[48]
Encryption key.
Definition: tls.h:2157
cipherSuite
uint16_t cipherSuite
Cipher suite identifier.
Definition: tls.h:1883
TLS_EXT_OID_FILTERS
@ TLS_EXT_OID_FILTERS
Definition: tls.h:1326
TLS_TYPE_NEW_CONNECTION_ID
@ TLS_TYPE_NEW_CONNECTION_ID
Definition: tls.h:1049
TLS_ALERT_CERTIFICATE_REQUIRED
@ TLS_ALERT_CERTIFICATE_REQUIRED
Definition: tls.h:1117
TlsTicketEncryptCallback
error_t(* TlsTicketEncryptCallback)(TlsContext *context, const uint8_t *plaintext, size_t plaintextLen, uint8_t *ciphertext, size_t *ciphertextLen, void *param)
Ticket encryption callback function.
Definition: tls.h:1967
_TlsContext::cookie
uint8_t * cookie
Cookie.
Definition: tls.h:2239
_TlsContext::pskIdentity
char_t * pskIdentity
PSK identity.
Definition: tls.h:2381
TlsHelloExtensions::pskKeModeList
const Tls13PskKeModeList * pskKeModeList
PskKeyExchangeModes extension.
Definition: tls.h:2139
TLS_ALERT_CLOSE_NOTIFY
@ TLS_ALERT_CLOSE_NOTIFY
Definition: tls.h:1084
tlsConnect
error_t tlsConnect(TlsContext *context)
Initiate the TLS handshake.
Definition: tls.c:1763
TlsDigitalSignature
TlsDigitalSignature
Definition: tls.h:1717
TLS_ALERT_NO_RENEGOTIATION
@ TLS_ALERT_NO_RENEGOTIATION
Definition: tls.h:1109
TLS_SIGN_ALGO_ANONYMOUS
@ TLS_SIGN_ALGO_ANONYMOUS
Definition: tls.h:1231
TlsSessionState::ticketTimestamp
systime_t ticketTimestamp
Timestamp to manage ticket lifetime.
Definition: tls.h:2051
TlsServerHelloDone
void TlsServerHelloDone
ServerHelloDone message.
Definition: tls.h:1819
_TlsContext::secureRenegoFlag
bool_t secureRenegoFlag
Secure renegotiation flag.
Definition: tls.h:2432
TLS13_KEY_EXCH_PSK_DHE
@ TLS13_KEY_EXCH_PSK_DHE
Definition: tls.h:1162
TlsEcdsaVerifyCallback
error_t(* TlsEcdsaVerifyCallback)(TlsContext *context, const uint8_t *digest, size_t digestLen, EcdsaSignature *signature)
ECDSA signature verification callback function.
Definition: tls.h:2000
Tls13Cookie
Tls13Cookie
Definition: tls13_misc.h:183
TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA256
@ TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA256
Definition: tls.h:1253
tlsSetEcdsaSignCallback
error_t tlsSetEcdsaSignCallback(TlsContext *context, TlsEcdsaSignCallback ecdsaSignCallback)
Register ECDSA signature generation callback function.
Definition: tls.c:777
int_t
signed int int_t
Definition: compiler_port.h:49
_TlsEncryptionEngine::dtlsSeqNum
DtlsSequenceNumber dtlsSeqNum
Record sequence number.
Definition: tls.h:2174
TLS_MAX_PASSWORD_LEN
#define TLS_MAX_PASSWORD_LEN
Definition: tls.h:752
TLS_CERT_FORMAT_OPENPGP
@ TLS_CERT_FORMAT_OPENPGP
Definition: tls.h:1175
TLS_STATE_SERVER_KEY_EXCHANGE
@ TLS_STATE_SERVER_KEY_EXCHANGE
Definition: tls.h:1467
TlsHelloExtensions::sessionTicket
const TlsExtension * sessionTicket
SessionTicket extension.
Definition: tls.h:2128
TLS_TYPE_SERVER_HELLO_DONE
@ TLS_TYPE_SERVER_HELLO_DONE
Definition: tls.h:1053
_TlsContext::premasterSecretLen
size_t premasterSecretLen
Length of the premaster secret.
Definition: tls.h:2284
TLS_COMPRESSION_METHOD_NULL
@ TLS_COMPRESSION_METHOD_NULL
Definition: tls.h:1128
TLS_SIGN_ALGO_GOSTR34102012_256
@ TLS_SIGN_ALGO_GOSTR34102012_256
Definition: tls.h:1237
TLS_ALERT_ILLEGAL_PARAMETER
@ TLS_ALERT_ILLEGAL_PARAMETER
Definition: tls.h:1097
TLS_GROUP_SECT571K1
@ TLS_GROUP_SECT571K1
Definition: tls.h:1383
_TlsContext::keyExchMethod
TlsKeyExchMethod keyExchMethod
Key exchange method.
Definition: tls.h:2249
TlsEcPointFormat
TlsEcPointFormat
EC point formats.
Definition: tls.h:1430
TlsSessionState::ticket
uint8_t * ticket
Session ticket.
Definition: tls.h:2048
PrngAlgo
#define PrngAlgo
Definition: crypto.h:938
TLS_EXT_CLIENT_AUTHZ
@ TLS_EXT_CLIENT_AUTHZ
Definition: tls.h:1292
TLS_EARLY_DATA_REJECTED
@ TLS_EARLY_DATA_REJECTED
Definition: tls.h:991
_TlsContext::ticketLifetime
uint32_t ticketLifetime
Lifetime of the ticket.
Definition: tls.h:2245
TLS_EXT_PWD_PROTECT
@ TLS_EXT_PWD_PROTECT
Definition: tls.h:1313
tlsInitCache
TlsCache * tlsInitCache(uint_t size)
Session cache initialization.
Definition: tls_cache.c:50
tlsShutdownEx
error_t tlsShutdownEx(TlsContext *context, bool_t waitForCloseNotify)
Gracefully close TLS session.
Definition: tls.c:2320
TLS_ALERT_UNSUPPORTED_EXTENSION
@ TLS_ALERT_UNSUPPORTED_EXTENSION
Definition: tls.h:1111
TlsState
TlsState
TLS FSM states.
Definition: tls.h:1454
algorithm
uint8_t algorithm
Definition: dhcpv6_common.h:317
TLS_TYPE_CERTIFICATE_STATUS
@ TLS_TYPE_CERTIFICATE_STATUS
Definition: tls.h:1058
TlsHelloExtensions::binderList
const Tls13PskBinderList * binderList
Definition: tls.h:2141
_TlsContext::clientRandom
uint8_t clientRandom[TLS_RANDOM_SIZE]
Client random value.
Definition: tls.h:2281
_TlsContext::rxBufferSize
size_t rxBufferSize
RX buffer size.
Definition: tls.h:2273
_TlsContext::closeNotifySent
bool_t closeNotifySent
A closure alert has been sent.
Definition: tls.h:2260
TLS_EXT_SUPPORTED_VERSIONS
@ TLS_EXT_SUPPORTED_VERSIONS
Definition: tls.h:1322
ecdsa.h
ECDSA (Elliptic Curve Digital Signature Algorithm)
_TlsContext::versionMin
uint16_t versionMin
Minimum version accepted by the implementation.
Definition: tls.h:2236
_TlsContext::maxFragLenExtReceived
bool_t maxFragLenExtReceived
The MaxFragmentLength extension has been received.
Definition: tls.h:2390
tlsGetState
TlsState tlsGetState(TlsContext *context)
Retrieve current TLS state.
Definition: tls.c:203
TlsCertificateRequest
TlsCertificateRequest
Definition: tls.h:1812
TLS_ALERT_RECORD_OVERFLOW
@ TLS_ALERT_RECORD_OVERFLOW
Definition: tls.h:1088
version
uint16_t version
Definition: tls.h:1739
TLS_PRIVATE_CONTEXT
#define TLS_PRIVATE_CONTEXT
Definition: tls.h:843
_TlsContext::transportProtocol
TlsTransportProtocol transportProtocol
Transport protocol (stream or datagram)
Definition: tls.h:2196
_TlsContext::txRecordPos
size_t txRecordPos
Current position in the TLS record.
Definition: tls.h:2270
TLS_EXT_EXTERNAL_ID_HASH
@ TLS_EXT_EXTERNAL_ID_HASH
Definition: tls.h:1332
TlsHelloExtensions::signAlgoList
const TlsSignSchemeList * signAlgoList
SignatureAlgorithms extension.
Definition: tls.h:2104
TlsConnectionEnd
TlsConnectionEnd
TLS connection end.
Definition: tls.h:967
_TlsContext::rxDatagramPos
size_t rxDatagramPos
Definition: tls.h:2478
TlsHelloExtensions::selectedGroup
const TlsExtension * selectedGroup
KeyShare extension (HelloRetryRequest)
Definition: tls.h:2137
TlsSessionState::timestamp
systime_t timestamp
Time stamp to manage entry lifetime.
Definition: tls.h:2041
TLS_GROUP_SECP256K1
@ TLS_GROUP_SECP256K1
Definition: tls.h:1392
_TlsContext::txBuffer
uint8_t * txBuffer
TX buffer.
Definition: tls.h:2263
tlsInit
TlsContext * tlsInit(void)
TLS context initialization.
Definition: tls.c:65
tlsSetStateChangeCallback
error_t tlsSetStateChangeCallback(TlsContext *context, TlsStateChangeCallback stateChangeCallback)
Register TLS state change callback.
Definition: tls.c:229
_TlsContext::fatalAlertSent
bool_t fatalAlertSent
A fatal alert message has been sent.
Definition: tls.h:2258
_TlsContext::transcriptHashContext
HashContext * transcriptHashContext
Hash context used to compute verify data.
Definition: tls.h:2312
_TlsContext::clientHsTrafficSecret
uint8_t clientHsTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2326
TLS_GROUP_EXPLICIT_CHAR2_CURVE
@ TLS_GROUP_EXPLICIT_CHAR2_CURVE
Definition: tls.h:1421
DtlsCookieGenerateCallback
error_t(* DtlsCookieGenerateCallback)(TlsContext *context, const DtlsClientParameters *clientParams, uint8_t *cookie, size_t *length, void *param)
DTLS cookie generation callback function.
Definition: dtls_misc.h:240
_TlsContext::entity
TlsConnectionEnd entity
Client or server operation.
Definition: tls.h:2197
TLS_EXT_PWD_CLEAR
@ TLS_EXT_PWD_CLEAR
Definition: tls.h:1314
_TlsContext::peerCertFormat
TlsCertificateFormat peerCertFormat
Peer's certificate format.
Definition: tls.h:2415
TLS_STATE_CERTIFICATE_REQUEST
@ TLS_STATE_CERTIFICATE_REQUEST
Definition: tls.h:1469
_TlsContext::cookieParam
void * cookieParam
Opaque pointer passed to the cookie callbacks.
Definition: tls.h:2466
TLS_TYPE_CHANGE_CIPHER_SPEC
@ TLS_TYPE_CHANGE_CIPHER_SPEC
Definition: tls.h:1024
_TlsContext::maxFragLen
size_t maxFragLen
Maximum plaintext fragment length.
Definition: tls.h:2389
TlsHelloExtensions::protocolNameList
const TlsProtocolNameList * protocolNameList
ALPN extension.
Definition: tls.h:2113
TLS_GROUP_SECP256R1
@ TLS_GROUP_SECP256R1
Definition: tls.h:1393
TlsHelloExtensions::earlyDataIndication
const TlsExtension * earlyDataIndication
EarlyData extension.
Definition: tls.h:2143
tlsRestoreSessionState
error_t tlsRestoreSessionState(TlsContext *context, const TlsSessionState *session)
Restore TLS session.
Definition: tls.c:2700
tlsSetSupportedSignAlgos
error_t tlsSetSupportedSignAlgos(TlsContext *context, const uint16_t *signAlgos, uint_t length)
Specify the list of allowed signature algorithms.
Definition: tls.c:689
TLS_TYPE_HANDSHAKE
@ TLS_TYPE_HANDSHAKE
Definition: tls.h:1026
TlsEcPointFormatList
TlsEcPointFormatList
Definition: tls.h:1662
TLS_GROUP_CURVE_SM2
@ TLS_GROUP_CURVE_SM2
Definition: tls.h:1411
tlsSetAlpnCallback
error_t tlsSetAlpnCallback(TlsContext *context, TlsAlpnCallback alpnCallback)
Register ALPN callback function.
Definition: tls.c:933
TLS_PRIVATE_ENCRYPTION_ENGINE
#define TLS_PRIVATE_ENCRYPTION_ENGINE
Definition: tls.h:848
TlsSocketReceiveCallback
error_t(* TlsSocketReceiveCallback)(TlsSocketHandle handle, void *data, size_t size, size_t *received, uint_t flags)
Socket receive callback function.
Definition: tls.h:1927
TLS_GROUP_SECP224K1
@ TLS_GROUP_SECP224K1
Definition: tls.h:1390
TLS_EXT_CONNECTION_ID
@ TLS_EXT_CONNECTION_ID
Definition: tls.h:1331
_TlsContext::ticketDecryptCallback
TlsTicketDecryptCallback ticketDecryptCallback
Ticket decryption callback function.
Definition: tls.h:2426
TlsCertDesc::type
TlsCertificateType type
End entity certificate type.
Definition: tls.h:2087
TLS_SIGN_SCHEME_GOSTR34102012_256A
@ TLS_SIGN_SCHEME_GOSTR34102012_256A
Definition: tls.h:1269
TLS_GROUP_SECT239K1
@ TLS_GROUP_SECT239K1
Definition: tls.h:1378
_TlsContext::clientCertTypeExtReceived
bool_t clientCertTypeExtReceived
The ClientCertType extension has been received.
Definition: tls.h:2417
_TlsContext::pmtu
size_t pmtu
PMTU value.
Definition: tls.h:2460
TLS_TRANSPORT_PROTOCOL_DATAGRAM
@ TLS_TRANSPORT_PROTOCOL_DATAGRAM
Definition: tls.h:957
TLS_TYPE_COMPRESSED_CERTIFICATE
@ TLS_TYPE_COMPRESSED_CERTIFICATE
Definition: tls.h:1061
TLS_ALERT_ACCESS_DENIED
@ TLS_ALERT_ACCESS_DENIED
Definition: tls.h:1099
TlsRenegoInfo
TlsRenegoInfo
Definition: tls.h:1684
TLS_KEY_EXCH_SRP_SHA_RSA
@ TLS_KEY_EXCH_SRP_SHA_RSA
Definition: tls.h:1156
TLS_ALERT_INSUFFICIENT_SECURITY
@ TLS_ALERT_INSUFFICIENT_SECURITY
Definition: tls.h:1105
DTLS_REPLAY_WINDOW_SIZE
#define DTLS_REPLAY_WINDOW_SIZE
Definition: dtls_misc.h:69
TlsPskIdentity
TlsPskIdentity
Definition: tls.h:1695
TLS_CERT_FORTEZZA_DMS
@ TLS_CERT_FORTEZZA_DMS
Definition: tls.h:1194
_TlsEncryptionEngine::hmacContext
HmacContext * hmacContext
HMAC context.
Definition: tls.h:2167
TlsMessageType
TlsMessageType
Handshake message type.
Definition: tls.h:1039
TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA512
@ TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA512
Definition: tls.h:1258
_TlsContext::socketHandle
TlsSocketHandle socketHandle
Socket handle.
Definition: tls.h:2201
TlsCipherSuiteInfo::name
const char_t * name
Definition: tls.h:2018
TlsCipherSuiteInfo
Structure describing a cipher suite.
Definition: tls.h:2016
TLS_ALERT_BAD_CERTIFICATE_HASH_VALUE
@ TLS_ALERT_BAD_CERTIFICATE_HASH_VALUE
Definition: tls.h:1115
TLS_HASH_ALGO_SHA1
@ TLS_HASH_ALGO_SHA1
Definition: tls.h:1215
TLS_STATE_APPLICATION_DATA
@ TLS_STATE_APPLICATION_DATA
Definition: tls.h:1485
TLS_COMPRESSION_METHOD_DEFLATE
@ TLS_COMPRESSION_METHOD_DEFLATE
Definition: tls.h:1129
_TlsContext::txDatagramLen
size_t txDatagramLen
Length of the outgoing datagram, in bytes.
Definition: tls.h:2473
TlsSessionState::sessionIdLen
size_t sessionIdLen
Length of the session identifier.
Definition: tls.h:2045
_TlsEncryptionEngine::authTagLen
size_t authTagLen
Length of the authentication tag.
Definition: tls.h:2162
TLS_GROUP_GC512A
@ TLS_GROUP_GC512A
Definition: tls.h:1408
TLS_ALERT_DECOMPRESSION_FAILURE
@ TLS_ALERT_DECOMPRESSION_FAILURE
Definition: tls.h:1089
TlsHelloExtensions::clientCertTypeList
const TlsCertTypeList * clientCertTypeList
ClientCertType extension.
Definition: tls.h:2116
_TlsContext::secureRenegoEnabled
bool_t secureRenegoEnabled
Secure renegotiation enabled.
Definition: tls.h:2431
type
uint8_t type
Definition: coap_common.h:176
TLS_GROUP_GC256D
@ TLS_GROUP_GC256D
Definition: tls.h:1407
tlsSetVersion
error_t tlsSetVersion(TlsContext *context, uint16_t versionMin, uint16_t versionMax)
Set minimum and maximum versions permitted.
Definition: tls.c:285
TLS_KEY_EXCH_DH_DSS
@ TLS_KEY_EXCH_DH_DSS
Definition: tls.h:1143
TlsHashAlgo
TlsHashAlgo
Hash algorithms.
Definition: tls.h:1212
_TlsContext::closeNotifyReceived
bool_t closeNotifyReceived
A closure alert has been received from the peer.
Definition: tls.h:2261
tlsSetMaxFragmentLength
error_t tlsSetMaxFragmentLength(TlsContext *context, size_t maxFragLen)
Set maximum fragment length.
Definition: tls.c:569
TLS_ALERT_CERTIFICATE_UNOBTAINABLE
@ TLS_ALERT_CERTIFICATE_UNOBTAINABLE
Definition: tls.h:1112
_TlsEncryptionEngine::hashAlgo
const HashAlgo * hashAlgo
Hash algorithm for MAC operations.
Definition: tls.h:2166
TLS_ALERT_NO_CERTIFICATE
@ TLS_ALERT_NO_CERTIFICATE
Definition: tls.h:1091
TLS_TYPE_ACK
@ TLS_TYPE_ACK
Definition: tls.h:1030
_TlsContext::prevEncryptionEngine
TlsEncryptionEngine prevEncryptionEngine
Definition: tls.h:2481
_TlsContext::alpnCallback
TlsAlpnCallback alpnCallback
ALPN callback function.
Definition: tls.h:2402
_TlsContext::stateChangeCallback
TlsStateChangeCallback stateChangeCallback
TLS state change callback function.
Definition: tls.h:2199
TLS13_KEY_EXCH_ECDHE
@ TLS13_KEY_EXCH_ECDHE
Definition: tls.h:1159
TLS_STATE_SERVER_APP_TRAFFIC_KEYS
@ TLS_STATE_SERVER_APP_TRAFFIC_KEYS
Definition: tls.h:1482
TLS_CERT_DSS_SIGN
@ TLS_CERT_DSS_SIGN
Definition: tls.h:1189
TLS_KEY_EXCH_SRP_SHA_DSS
@ TLS_KEY_EXCH_SRP_SHA_DSS
Definition: tls.h:1157
TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA512
@ TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA512
Definition: tls.h:1255
TLS_SIGN_SCHEME_NONE
@ TLS_SIGN_SCHEME_NONE
Definition: tls.h:1248
_TlsContext::prngContext
void * prngContext
Pseudo-random number generator context.
Definition: tls.h:2206
TlsAlertDescription
TlsAlertDescription
Alert description.
Definition: tls.h:1083
TlsCipherSuiteInfo::cipherMode
CipherMode cipherMode
Definition: tls.h:2021
tlsSetAlpnProtocolList
error_t tlsSetAlpnProtocolList(TlsContext *context, const char_t *protocolList)
Set the list of supported ALPN protocols.
Definition: tls.c:884
value
uint16_t value[]
Definition: tls.h:1516
TLS_SIGN_SCHEME_ED25519
@ TLS_SIGN_SCHEME_ED25519
Definition: tls.h:1267
TlsCache::mutex
OsMutex mutex
Mutex preventing simultaneous access to the cache.
Definition: tls.h:2070
TLS_EXT_TICKET_PINNING
@ TLS_EXT_TICKET_PINNING
Definition: tls.h:1316
_TlsContext::clientVerifyData
uint8_t clientVerifyData[64]
Client verify data.
Definition: tls.h:2285
_TlsContext::dhContext
DhContext dhContext
Diffie-Hellman context.
Definition: tls.h:2352
TLS_EXT_SERVER_AUTHZ
@ TLS_EXT_SERVER_AUTHZ
Definition: tls.h:1293
TlsProtocolNameList
TlsProtocolNameList
Definition: tls.h:1640
Tls13KeyShareEntry
Tls13KeyShareEntry
Definition: tls13_misc.h:195
TLS_ALERT_DECRYPT_ERROR
@ TLS_ALERT_DECRYPT_ERROR
Definition: tls.h:1101
TLS_KEY_EXCH_ECDH_RSA
@ TLS_KEY_EXCH_ECDH_RSA
Definition: tls.h:1146
_TlsContext::ticketAlpn
char_t * ticketAlpn
ALPN protocol associated with the ticket.
Definition: tls.h:2341
_TlsContext::txBufferType
TlsContentType txBufferType
Type of data that resides in the TX buffer.
Definition: tls.h:2266
TlsCache
Session cache.
Definition: tls.h:2069
_TlsContext::ticketEncryptCallback
TlsTicketEncryptCallback ticketEncryptCallback
Ticket encryption callback function.
Definition: tls.h:2425
EcDomainParameters
EC domain parameters.
Definition: ec.h:76
TlsChangeCipherSpec
TlsChangeCipherSpec
Definition: tls.h:1862
_TlsContext::rxDatagramLen
size_t rxDatagramLen
Length of the incoming datagram, in bytes.
Definition: tls.h:2477
TlsHelloExtensions::supportedVersionList
const TlsSupportedVersionList * supportedVersionList
SupportedVersions extension (ClientHello)
Definition: tls.h:2099
TlsExtension
TlsExtension
Definition: tls.h:1573
_TlsContext::retransmitTimeout
systime_t retransmitTimeout
Retransmission timeout.
Definition: tls.h:2470
_TlsContext::pskLen
size_t pskLen
Length of the pre-shared key, in bytes.
Definition: tls.h:2380
_TlsContext::rxMsgSeq
uint16_t rxMsgSeq
Next receive sequence number.
Definition: tls.h:2475
_TlsContext::cipherSuiteTypes
uint_t cipherSuiteTypes
Types of cipher suites proposed by the client.
Definition: tls.h:2247
certificateTypes
uint8_t certificateTypes[]
Definition: tls.h:1811
_TlsContext::psk
uint8_t * psk
Pre-shared key.
Definition: tls.h:2379
_TlsContext::emptyRecordCount
uint_t emptyRecordCount
Count of consecutive empty records.
Definition: tls.h:2448
_TlsContext::earlyDataLen
size_t earlyDataLen
Total amount of 0-RTT data that have been sent by the client.
Definition: tls.h:2344
TLS_RANDOM_SIZE
#define TLS_RANDOM_SIZE
Definition: tls.h:938
TLS_GROUP_BRAINPOOLP256R1
@ TLS_GROUP_BRAINPOOLP256R1
Definition: tls.h:1396
TLS_SIGN_SCHEME_GOSTR34102012_256B
@ TLS_SIGN_SCHEME_GOSTR34102012_256B
Definition: tls.h:1270
TLS_EXT_COMPRESS_CERTIFICATE
@ TLS_EXT_COMPRESS_CERTIFICATE
Definition: tls.h:1311
_TlsEncryptionEngine::fixedIvLen
size_t fixedIvLen
Length of the fixed part of the IV.
Definition: tls.h:2160
TLS_EXT_EARLY_DATA
@ TLS_EXT_EARLY_DATA
Definition: tls.h:1321
TLS_EXT_TRUNCATED_HMAC
@ TLS_EXT_TRUNCATED_HMAC
Definition: tls.h:1289
TLS_EXT_SESSION_TICKET
@ TLS_EXT_SESSION_TICKET
Definition: tls.h:1318
TLS_TYPE_END_OF_EARLY_DATA
@ TLS_TYPE_END_OF_EARLY_DATA
Definition: tls.h:1045
TlsCipherSuiteInfo::authTagLen
uint8_t authTagLen
Definition: tls.h:2028
TLS_GROUP_X448
@ TLS_GROUP_X448
Definition: tls.h:1400
TlsSocketSendCallback
error_t(* TlsSocketSendCallback)(TlsSocketHandle handle, const void *data, size_t length, size_t *written, uint_t flags)
Socket send callback function.
Definition: tls.h:1919
TLS13_KEY_EXCH_PSK_HYBRID
@ TLS13_KEY_EXCH_PSK_HYBRID
Definition: tls.h:1164
TLS_GROUP_FFDHE6144
@ TLS_GROUP_FFDHE6144
Definition: tls.h:1415
TlsPskIdentityHint
TlsPskIdentityHint
Definition: tls.h:1706
TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA384
@ TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA384
Definition: tls.h:1257
tlsAllowUnknownAlpnProtocols
error_t tlsAllowUnknownAlpnProtocols(TlsContext *context, bool_t allowed)
Allow unknown ALPN protocols.
Definition: tls.c:858
TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA384
@ TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA384
Definition: tls.h:1254
TLS_SIGN_ALGO_ED448
@ TLS_SIGN_ALGO_ED448
Definition: tls.h:1236
TLS_MAX_FRAGMENT_LENGTH_4096
@ TLS_MAX_FRAGMENT_LENGTH_4096
Definition: tls.h:1360
TLS_HASH_ALGO_NONE
@ TLS_HASH_ALGO_NONE
Definition: tls.h:1213
tlsSetTimeout
error_t tlsSetTimeout(TlsContext *context, systime_t timeout)
Set timeout for blocking calls (for DTLS only)
Definition: tls.c:1579
_TlsContext::preferredGroup
uint16_t preferredGroup
Preferred ECDHE or FFDHE named group.
Definition: tls.h:2316
_TlsContext::maxEarlyDataSize
size_t maxEarlyDataSize
Maximum amount of 0-RTT data that the client is allowed to send.
Definition: tls.h:2343
TlsHelloExtensions::cookie
const Tls13Cookie * cookie
Cookie extension.
Definition: tls.h:2134
TLS_EXT_QUIC_TRANSPORT_PARAMETERS
@ TLS_EXT_QUIC_TRANSPORT_PARAMETERS
Definition: tls.h:1334
TlsCipherSuiteInfo::keyExchMethod
TlsKeyExchMethod keyExchMethod
Definition: tls.h:2019
tlsSetCache
error_t tlsSetCache(TlsContext *context, TlsCache *cache)
Set session cache.
Definition: tls.c:478
sessionIdLen
uint8_t sessionIdLen
Definition: tls.h:1772
_TlsContext::serverVerifyData
uint8_t serverVerifyData[64]
Server verify data.
Definition: tls.h:2287
TLS_STATE_CLIENT_HELLO
@ TLS_STATE_CLIENT_HELLO
Definition: tls.h:1456
extendedMasterSecret
bool_t extendedMasterSecret
Extended master secret computation.
Definition: tls.h:1888
TLS_ALERT_EXPORT_RESTRICTION
@ TLS_ALERT_EXPORT_RESTRICTION
Definition: tls.h:1103
tlsSetPsk
error_t tlsSetPsk(TlsContext *context, const uint8_t *psk, size_t length)
Set the pre-shared key to be used.
Definition: tls.c:986
_TlsContext::rxBuffer
uint8_t * rxBuffer
RX buffer.
Definition: tls.h:2272
tls13_misc.h
TLS 1.3 helper functions.
TlsHelloExtensions::serverShare
const Tls13KeyShareEntry * serverShare
KeyShare extension (ServerHello)
Definition: tls.h:2138
TLS_EXT_SERVER_NAME
@ TLS_EXT_SERVER_NAME
Definition: tls.h:1285
TLS_EXT_SIGNATURE_ALGORITHMS_CERT
@ TLS_EXT_SIGNATURE_ALGORITHMS_CERT
Definition: tls.h:1328
TLS_HASH_ALGO_SHA224
@ TLS_HASH_ALGO_SHA224
Definition: tls.h:1216
TLS_KEY_EXCH_RSA
@ TLS_KEY_EXCH_RSA
Definition: tls.h:1140
TlsHelloExtensions::keyShareList
const Tls13KeyShareList * keyShareList
KeyShare extension (ClientHello)
Definition: tls.h:2136
_TlsContext::resumptionMasterSecret
uint8_t resumptionMasterSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2331
_TlsEncryptionEngine::cipherMode
CipherMode cipherMode
Cipher mode of operation.
Definition: tls.h:2165
TLS_EXT_CERT_TYPE
@ TLS_EXT_CERT_TYPE
Definition: tls.h:1294
TlsAlpnCallback
error_t(* TlsAlpnCallback)(TlsContext *context, const char_t *selectedProtocol)
ALPN callback function.
Definition: tls.h:1935
TLS_EXT_SUPPORTED_EKT_CIPHERS
@ TLS_EXT_SUPPORTED_EKT_CIPHERS
Definition: tls.h:1319
TLS_TYPE_CERTIFICATE
@ TLS_TYPE_CERTIFICATE
Definition: tls.h:1050
_TlsEncryptionEngine
Encryption engine.
Definition: tls.h:2153
TlsExtensionList
TlsExtensionList
Definition: tls.h:1584
TLS_CERT_RSA_EPHEMERAL_DH
@ TLS_CERT_RSA_EPHEMERAL_DH
Definition: tls.h:1192
TLS_ALERT_UNKNOWN_CA
@ TLS_ALERT_UNKNOWN_CA
Definition: tls.h:1098
TlsFinished
void TlsFinished
Finished message.
Definition: tls.h:1852
TlsCipherSuites
TlsCipherSuites
Definition: tls.h:1517
TLS_STATE_SERVER_HELLO
@ TLS_STATE_SERVER_HELLO
Definition: tls.h:1461
TLS_STATE_HELLO_VERIFY_REQUEST
@ TLS_STATE_HELLO_VERIFY_REQUEST
Definition: tls.h:1459
TLS_EXT_TRUSTED_CA_KEYS
@ TLS_EXT_TRUSTED_CA_KEYS
Definition: tls.h:1288
TlsRpkVerifyCallback
error_t(* TlsRpkVerifyCallback)(TlsContext *context, const uint8_t *rawPublicKey, size_t rawPublicKeyLen)
Raw public key verification callback function.
Definition: tls.h:1959
_TlsContext::ticketNonce
uint32_t ticketNonce
A per-ticket value that is unique across all tickets issued.
Definition: tls.h:2338
_TlsContext::kemContext
KemContext kemContext
KEM context.
Definition: tls.h:2361
TlsHelloExtensions::serverCertTypeList
const TlsCertTypeList * serverCertTypeList
ServerCertType extension.
Definition: tls.h:2118
_TlsContext::recordSizeLimit
size_t recordSizeLimit
Maximum record size the peer is willing to receive.
Definition: tls.h:2394
TLS_ALERT_LEVEL_WARNING
@ TLS_ALERT_LEVEL_WARNING
Definition: tls.h:1073
_TlsContext::txBufferSize
size_t txBufferSize
TX buffer size.
Definition: tls.h:2264
TLS_HASH_ALGO_SHA512
@ TLS_HASH_ALGO_SHA512
Definition: tls.h:1219
TlsSessionState::cipherSuite
uint16_t cipherSuite
Cipher suite identifier.
Definition: tls.h:2040
TLS_ALERT_UNKNOWN_PSK_IDENTITY
@ TLS_ALERT_UNKNOWN_PSK_IDENTITY
Definition: tls.h:1116
TlsHelloExtensions::maxFragLen
const TlsExtension * maxFragLen
MaxFragmentLength extension.
Definition: tls.h:2107
TLS_KEY_EXCH_ECDHE_ECDSA
@ TLS_KEY_EXCH_ECDHE_ECDSA
Definition: tls.h:1149
tlsSetSocketCallbacks
error_t tlsSetSocketCallbacks(TlsContext *context, TlsSocketSendCallback socketSendCallback, TlsSocketReceiveCallback socketReceiveCallback, TlsSocketHandle handle)
Set socket send and receive callbacks.
Definition: tls.c:253
_TlsContext::keyLogCallback
TlsKeyLogCallback keyLogCallback
Key logging callback (for debugging purpose only)
Definition: tls.h:2440
TLS_STATE_KEY_UPDATE
@ TLS_STATE_KEY_UPDATE
Definition: tls.h:1484
TLS_CERT_FORMAT_1609DOT2
@ TLS_CERT_FORMAT_1609DOT2
Definition: tls.h:1177
TLS_KEY_EXCH_ECDHE_RSA
@ TLS_KEY_EXCH_ECDHE_RSA
Definition: tls.h:1147
TlsHelloExtensions::ecPointFormatList
const TlsEcPointFormatList * ecPointFormatList
EcPointFormats extension.
Definition: tls.h:2103
_TlsContext::version
uint16_t version
Negotiated TLS version.
Definition: tls.h:2235
TLS_SIGN_SCHEME_RSA_PKCS1_SHA1
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA1
Definition: tls.h:1249
TlsCertDesc::certChainLen
size_t certChainLen
Length of the certificate chain.
Definition: tls.h:2083
DhContext
Diffie-Hellman context.
Definition: dh.h:60
TlsHandshake
TlsHandshake
Definition: tls.h:1754
TLS_KEY_EXCH_ECDH_ANON
@ TLS_KEY_EXCH_ECDH_ANON
Definition: tls.h:1150
_TlsContext::premasterSecret
uint8_t premasterSecret[TLS_PREMASTER_SECRET_SIZE]
Premaster secret.
Definition: tls.h:2283
_TlsContext::rxRecordLen
size_t rxRecordLen
Length of the TLS record.
Definition: tls.h:2278
DsaPublicKey
DSA public key.
Definition: dsa.h:61
_TlsContext::hmacContext
HmacContext hmacContext
HMAC context.
Definition: tls.h:2304
_TlsContext::serverHsTrafficSecret
uint8_t serverHsTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2327
TLS_FLAG_PEEK
@ TLS_FLAG_PEEK
Definition: tls.h:1002
_TlsContext::trustedCaList
const char_t * trustedCaList
Trusted CA list (PEM format)
Definition: tls.h:2224
_TlsContext::ticketAgeAdd
uint32_t ticketAgeAdd
Random value used to obscure the age of the ticket.
Definition: tls.h:2337
TlsCertAuthorities
TlsCertAuthorities
Definition: tls.h:1561
_TlsContext::ticket
uint8_t * ticket
Session ticket.
Definition: tls.h:2242
TLS_GROUP_GC256B
@ TLS_GROUP_GC256B
Definition: tls.h:1405
_TlsContext::clientVerifyDataLen
size_t clientVerifyDataLen
Length of the client verify data.
Definition: tls.h:2286
X509CertInfo
X.509 certificate.
Definition: x509_common.h:1071
TlsCertificateFormat
TlsCertificateFormat
Certificate formats.
Definition: tls.h:1173
TLS_EXT_CLIENT_CERT_TYPE
@ TLS_EXT_CLIENT_CERT_TYPE
Definition: tls.h:1304
TLS_HASH_ALGO_SM3
@ TLS_HASH_ALGO_SM3
Definition: tls.h:1221
TlsContext
#define TlsContext
Definition: tls.h:36
error_t
error_t
Error codes.
Definition: error.h:43
TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA256
@ TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA256
Definition: tls.h:1256
TLS_ALERT_BAD_RECORD_MAC
@ TLS_ALERT_BAD_RECORD_MAC
Definition: tls.h:1086
tlsShutdown
error_t tlsShutdown(TlsContext *context)
Gracefully close TLS session.
Definition: tls.c:2307
TLS_SIGN_SCHEME_ECDSA_SECP521R1_SHA512
@ TLS_SIGN_SCHEME_ECDSA_SECP521R1_SHA512
Definition: tls.h:1262
_TlsContext::txRecordLen
size_t txRecordLen
Length of the TLS record.
Definition: tls.h:2269
TLS_EXT_EXTENDED_MASTER_SECRET
@ TLS_EXT_EXTENDED_MASTER_SECRET
Definition: tls.h:1308
KemContext
KEM context.
Definition: kem.h:68
TLS_CERT_ED25519_SIGN
@ TLS_CERT_ED25519_SIGN
Definition: tls.h:1202
TLS_CONNECTION_END_SERVER
@ TLS_CONNECTION_END_SERVER
Definition: tls.h:969
_TlsContext::cookieLen
size_t cookieLen
Length of the cookie.
Definition: tls.h:2240
tlsFreeSessionState
void tlsFreeSessionState(TlsSessionState *session)
Properly dispose a session state.
Definition: tls.c:2753
TLS_EXT_TOKEN_BINDING
@ TLS_EXT_TOKEN_BINDING
Definition: tls.h:1309
TlsStateChangeCallback
void(* TlsStateChangeCallback)(TlsContext *context, TlsState state)
TLS state change callback.
Definition: tls.h:1912
TlsClientAuthMode
TlsClientAuthMode
Client authentication mode.
Definition: tls.h:978
TlsKeyExchMethod
TlsKeyExchMethod
Key exchange methods.
Definition: tls.h:1138
TLS_EXT_SUPPORTED_GROUPS
@ TLS_EXT_SUPPORTED_GROUPS
Definition: tls.h:1295
_TlsContext::fallbackScsvEnabled
bool_t fallbackScsvEnabled
Support for FALLBACK_SCSV.
Definition: tls.h:2436
tlsSetSupportedGroups
error_t tlsSetSupportedGroups(TlsContext *context, const uint16_t *groups, uint_t length)
Specify the list of allowed ECDHE and FFDHE groups.
Definition: tls.c:634
tlsAddCertificate
error_t tlsAddCertificate(TlsContext *context, const char_t *certChain, size_t certChainLen, const char_t *privateKey, size_t privateKeyLen)
Add a certificate and the corresponding private key (deprecated)
Definition: tls.c:1231
TLS_EXT_HEARTBEAT
@ TLS_EXT_HEARTBEAT
Definition: tls.h:1300
TLS_FLAG_WAIT_ALL
@ TLS_FLAG_WAIT_ALL
Definition: tls.h:1003
TLS_PREMASTER_SECRET_SIZE
#define TLS_PREMASTER_SECRET_SIZE
Definition: tls.h:808
TLS_GROUP_NONE
@ TLS_GROUP_NONE
Definition: tls.h:1370
TLS_GROUP_GC512B
@ TLS_GROUP_GC512B
Definition: tls.h:1409
TlsCertificateVerify
void TlsCertificateVerify
CertificateVerify message.
Definition: tls.h:1833
_TlsContext::keyBlock
uint8_t keyBlock[192]
Key material.
Definition: tls.h:2303
TLS_KEY_EXCH_DH_ANON
@ TLS_KEY_EXCH_DH_ANON
Definition: tls.h:1145
TlsEcdhCallback
error_t(* TlsEcdhCallback)(TlsContext *context)
ECDH key agreement callback function.
Definition: tls.h:1985
TlsCipherSuiteInfo::cipherAlgo
const CipherAlgo * cipherAlgo
Definition: tls.h:2020
_TlsContext::rxBufferPos
size_t rxBufferPos
Current position in RX buffer.
Definition: tls.h:2277
TLS_EXT_RENEGOTIATION_INFO
@ TLS_EXT_RENEGOTIATION_INFO
Definition: tls.h:1337
TLS_GROUP_SECT283K1
@ TLS_GROUP_SECT283K1
Definition: tls.h:1379
TLS_GROUP_SECT409K1
@ TLS_GROUP_SECT409K1
Definition: tls.h:1381
TLS_GROUP_EXPLICIT_PRIME_CURVE
@ TLS_GROUP_EXPLICIT_PRIME_CURVE
Definition: tls.h:1420
tlsSetClientAuthMode
error_t tlsSetClientAuthMode(TlsContext *context, TlsClientAuthMode mode)
Set client authentication mode (for servers only)
Definition: tls.c:499
TLS13_KEY_EXCH_DHE
@ TLS13_KEY_EXCH_DHE
Definition: tls.h:1158
_TlsEncryptionEngine::encryptThenMac
bool_t encryptThenMac
Encrypt-then-MAC construction.
Definition: tls.h:2180
TlsAlert
TlsAlert
Definition: tls.h:1873
_TlsContext::certFormat
TlsCertificateFormat certFormat
Certificate format.
Definition: tls.h:2414
TLS_HASH_ALGO_INTRINSIC
@ TLS_HASH_ALGO_INTRINSIC
Definition: tls.h:1220
_TlsContext::decryptionEngine
TlsEncryptionEngine decryptionEngine
Decryption engine.
Definition: tls.h:2291
TLS_KEY_EXCH_ECDH_ECDSA
@ TLS_KEY_EXCH_ECDH_ECDSA
Definition: tls.h:1148
tlsGetAlpnProtocol
const char_t * tlsGetAlpnProtocol(TlsContext *context)
Get the name of the selected ALPN protocol.
Definition: tls.c:958
TLS_EXT_ENCRYPT_THEN_MAC
@ TLS_EXT_ENCRYPT_THEN_MAC
Definition: tls.h:1307
TLS_GROUP_FFDHE4096
@ TLS_GROUP_FFDHE4096
Definition: tls.h:1414
RsaPublicKey
RSA public key.
Definition: rsa.h:57
TLS_TYPE_APPLICATION_DATA
@ TLS_TYPE_APPLICATION_DATA
Definition: tls.h:1027
TLS_TYPE_CLIENT_HELLO
@ TLS_TYPE_CLIENT_HELLO
Definition: tls.h:1041
TlsCipherSuiteInfo::fixedIvLen
uint8_t fixedIvLen
Definition: tls.h:2026
TLS_CERT_GOST_SIGN256
@ TLS_CERT_GOST_SIGN256
Definition: tls.h:1198
TLS_STATE_SERVER_FINISHED
@ TLS_STATE_SERVER_FINISHED
Definition: tls.h:1480
TLS_EXT_KEY_SHARE
@ TLS_EXT_KEY_SHARE
Definition: tls.h:1329
Tls12DigitalSignature
Tls12DigitalSignature
Definition: tls.h:1729
TlsCipherSuiteInfo::identifier
uint16_t identifier
Definition: tls.h:2017
tlsEnableReplayDetection
error_t tlsEnableReplayDetection(TlsContext *context, bool_t enabled)
Enable anti-replay mechanism (for DTLS only)
Definition: tls.c:1643
TLS_GROUP_SECT163K1
@ TLS_GROUP_SECT163K1
Definition: tls.h:1371
TLS_SIGN_SCHEME_GOSTR34102012_512B
@ TLS_SIGN_SCHEME_GOSTR34102012_512B
Definition: tls.h:1274
tlsSetBufferSize
error_t tlsSetBufferSize(TlsContext *context, size_t txBufferSize, size_t rxBufferSize)
Set TLS buffer size.
Definition: tls.c:521
TLS_EC_CURVE_TYPE_EXPLICIT_PRIME
@ TLS_EC_CURVE_TYPE_EXPLICIT_PRIME
Definition: tls.h:1443
TLS_ALERT_UNSUPPORTED_CERTIFICATE
@ TLS_ALERT_UNSUPPORTED_CERTIFICATE
Definition: tls.h:1093
_TlsContext::serverVerifyDataLen
size_t serverVerifyDataLen
Length of the server verify data.
Definition: tls.h:2288
tlsSetServerName
error_t tlsSetServerName(TlsContext *context, const char_t *serverName)
Set the server name.
Definition: tls.c:403
TLS_TYPE_REQUEST_CONNECTION_ID
@ TLS_TYPE_REQUEST_CONNECTION_ID
Definition: tls.h:1048
_TlsEncryptionEngine::epoch
uint16_t epoch
Counter value incremented on every cipher state change.
Definition: tls.h:2173
_TlsContext::fatalAlertReceived
bool_t fatalAlertReceived
A fatal alert message has been received from the peer.
Definition: tls.h:2259
TLS_TYPE_ALERT
@ TLS_TYPE_ALERT
Definition: tls.h:1025
tlsSetCookieCallbacks
error_t tlsSetCookieCallbacks(TlsContext *context, DtlsCookieGenerateCallback cookieGenerateCallback, DtlsCookieVerifyCallback cookieVerifyCallback, void *param)
Set cookie generation/verification callbacks (for DTLS only)
Definition: tls.c:1607
TLS_STATE_EARLY_DATA
@ TLS_STATE_EARLY_DATA
Definition: tls.h:1458
_TlsContext::txBufferPos
size_t txBufferPos
Current position in TX buffer.
Definition: tls.h:2268
TLS_TYPE_SERVER_HELLO
@ TLS_TYPE_SERVER_HELLO
Definition: tls.h:1042
TLS_HASH_ALGO_SHA384
@ TLS_HASH_ALGO_SHA384
Definition: tls.h:1218
TlsServerNameList
TlsServerNameList
Definition: tls.h:1618
_TlsContext::clientAuthMode
TlsClientAuthMode clientAuthMode
Client authentication mode.
Definition: tls.h:2254
ticketLifetime
uint32_t ticketLifetime
Lifetime of the ticket.
Definition: tls.h:1886
TLS_CERT_RSA_PSS_SIGN
@ TLS_CERT_RSA_PSS_SIGN
Definition: tls.h:1200
TLS_SIGN_SCHEME_ECDSA_SHA1
@ TLS_SIGN_SCHEME_ECDSA_SHA1
Definition: tls.h:1259
_TlsContext::ticketPsk
uint8_t ticketPsk[TLS_MAX_HKDF_DIGEST_SIZE]
PSK associated with the ticket.
Definition: tls.h:2335
TLS_GROUP_GC256C
@ TLS_GROUP_GC256C
Definition: tls.h:1406
tlsSetPrng
error_t tlsSetPrng(TlsContext *context, const PrngAlgo *prngAlgo, void *prngContext)
Set the pseudo-random number generator to be used.
Definition: tls.c:375
TlsCertDesc::signScheme
TlsSignatureScheme signScheme
Signature scheme used to sign the end entity certificate.
Definition: tls.h:2088
tlsGetServerName
const char_t * tlsGetServerName(TlsContext *context)
Get the server name.
Definition: tls.c:453
TLS_TYPE_ENCRYPTED_EXTENSIONS
@ TLS_TYPE_ENCRYPTED_EXTENSIONS
Definition: tls.h:1047
TLS_GROUP_SECT233K1
@ TLS_GROUP_SECT233K1
Definition: tls.h:1376
_TlsContext::earlyDataSeqNum
TlsSequenceNumber earlyDataSeqNum
Early data sequence number.
Definition: tls.h:2348
TLS_MAX_FRAGMENT_LENGTH_2048
@ TLS_MAX_FRAGMENT_LENGTH_2048
Definition: tls.h:1359
tlsSetPmtu
error_t tlsSetPmtu(TlsContext *context, size_t pmtu)
Set PMTU value (for DTLS only)
Definition: tls.c:1549
TLS_SIGN_SCHEME_RSA_PKCS1_SHA256
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA256
Definition: tls.h:1250
TLS_CERT_DSS_EPHEMERAL_DH
@ TLS_CERT_DSS_EPHEMERAL_DH
Definition: tls.h:1193
_TlsContext::ticketLen
size_t ticketLen
Length of the session ticket.
Definition: tls.h:2243
TLS_GROUP_SECP384R1
@ TLS_GROUP_SECP384R1
Definition: tls.h:1394
crypto.h
General definitions for cryptographic algorithms.
TLS_GROUP_SECP192K1
@ TLS_GROUP_SECP192K1
Definition: tls.h:1388
_TlsContext::exporterMasterSecret
uint8_t exporterMasterSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2330
rsa.h
RSA public-key cryptography standard.
_TlsContext::rxBufferMaxLen
size_t rxBufferMaxLen
Maximum number of plaintext data the RX buffer can hold.
Definition: tls.h:2274
_TlsContext::clientVersion
uint16_t clientVersion
Latest version supported by the client.
Definition: tls.h:2234
TLS_FLAG_WAIT_ACK
@ TLS_FLAG_WAIT_ACK
Definition: tls.h:1006
TLS_ALERT_UNRECOGNIZED_NAME
@ TLS_ALERT_UNRECOGNIZED_NAME
Definition: tls.h:1113
TLS_EXT_COOKIE
@ TLS_EXT_COOKIE
Definition: tls.h:1323
tlsSaveSessionState
error_t tlsSaveSessionState(const TlsContext *context, TlsSessionState *session)
Save TLS session.
Definition: tls.c:2631
TLS_STATE_CLIENT_CERTIFICATE_VERIFY
@ TLS_STATE_CLIENT_CERTIFICATE_VERIFY
Definition: tls.h:1473
TLS_SIGN_SCHEME_ECDSA_BP512R1_TLS13_SHA512
@ TLS_SIGN_SCHEME_ECDSA_BP512R1_TLS13_SHA512
Definition: tls.h:1265
TLS_TYPE_CERTIFICATE_VERIFY
@ TLS_TYPE_CERTIFICATE_VERIFY
Definition: tls.h:1054
TLS_STATE_SERVER_CHANGE_CIPHER_SPEC
@ TLS_STATE_SERVER_CHANGE_CIPHER_SPEC
Definition: tls.h:1478
_TlsContext::ecdhContext
EcdhContext ecdhContext
ECDH context.
Definition: tls.h:2356
TlsHelloExtensions::renegoInfo
const TlsRenegoInfo * renegoInfo
RenegotiationInfo extension.
Definition: tls.h:2131
TLS_EXT_CLIENT_CERTIFICATE_URL
@ TLS_EXT_CLIENT_CERTIFICATE_URL
Definition: tls.h:1287
TLS_ALERT_MISSING_EXTENSION
@ TLS_ALERT_MISSING_EXTENSION
Definition: tls.h:1110
TLS_MAX_CERTIFICATES
#define TLS_MAX_CERTIFICATES
Definition: tls.h:262
_TlsContext::peerEcParams
EcDomainParameters peerEcParams
Peer's EC domain parameters.
Definition: tls.h:2374
_TlsContext::peerDsaPublicKey
DsaPublicKey peerDsaPublicKey
Peer's DSA public key.
Definition: tls.h:2369
_TlsEncryptionEngine::recordSizeLimit
size_t recordSizeLimit
Maximum size of record in octets.
Definition: tls.h:2177
TlsSignSchemeList
TlsSignSchemeList
Definition: tls.h:1539
TlsCipherSuiteInfo::recordIvLen
uint8_t recordIvLen
Definition: tls.h:2027
TLS_SIGN_ALGO_ED25519
@ TLS_SIGN_ALGO_ED25519
Definition: tls.h:1235
__packed_struct
typedef __packed_struct
Sequence number.
Definition: tls.h:1504
Md5Context
MD5 algorithm context.
Definition: md5.h:62
dsa.h
DSA (Digital Signature Algorithm)
TLS_TRANSPORT_PROTOCOL_EAP
@ TLS_TRANSPORT_PROTOCOL_EAP
Definition: tls.h:958
TLS_GROUP_SECT283R1
@ TLS_GROUP_SECT283R1
Definition: tls.h:1380
_TlsContext::numCipherSuites
uint_t numCipherSuites
Number of cipher suites in the list.
Definition: tls.h:2209
TlsProtocolName
TlsProtocolName
Definition: tls.h:1629
TLS_STATE_SERVER_HELLO_3
@ TLS_STATE_SERVER_HELLO_3
Definition: tls.h:1463
TLS_HASH_ALGO_SHA256
@ TLS_HASH_ALGO_SHA256
Definition: tls.h:1217
TlsExtensionType
TlsExtensionType
TLS extension types.
Definition: tls.h:1284
_TlsContext::numSupportedSignAlgos
uint_t numSupportedSignAlgos
Number of signature algorithms in the list.
Definition: tls.h:2310
TLS_ALERT_USER_CANCELED
@ TLS_ALERT_USER_CANCELED
Definition: tls.h:1108
TLS_CERT_ED448_SIGN
@ TLS_CERT_ED448_SIGN
Definition: tls.h:1203
_TlsContext::ticketTimestamp
systime_t ticketTimestamp
Timestamp to manage ticket lifetime.
Definition: tls.h:2244
TLS_EXT_CERTIFICATE_AUTHORITIES
@ TLS_EXT_CERTIFICATE_AUTHORITIES
Definition: tls.h:1325
TLS_STATE_END_OF_EARLY_DATA
@ TLS_STATE_END_OF_EARLY_DATA
Definition: tls.h:1481
TLS_FLAG_NO_DELAY
@ TLS_FLAG_NO_DELAY
Definition: tls.h:1007
_TlsContext::supportedSignAlgos
const uint16_t * supportedSignAlgos
List of supported signature algorithms.
Definition: tls.h:2309
tlsSetEcdhCallback
error_t tlsSetEcdhCallback(TlsContext *context, TlsEcdhCallback ecdhCallback)
Register ECDH key agreement callback function.
Definition: tls.c:751
_TlsContext::pskKeModeSupported
bool_t pskKeModeSupported
PSK key establishment supported by the client.
Definition: tls.h:2322
TLS_EXT_TICKET_REQUEST
@ TLS_EXT_TICKET_REQUEST
Definition: tls.h:1335
TLS_EC_CURVE_TYPE_EXPLICIT_CHAR2
@ TLS_EC_CURVE_TYPE_EXPLICIT_CHAR2
Definition: tls.h:1444
TLS_CERT_RSA_SIGN
@ TLS_CERT_RSA_SIGN
Definition: tls.h:1188
TLS_EC_POINT_FORMAT_UNCOMPRESSED
@ TLS_EC_POINT_FORMAT_UNCOMPRESSED
Definition: tls.h:1431
TLS_EXT_DNSSEC_CHAIN
@ TLS_EXT_DNSSEC_CHAIN
Definition: tls.h:1336
TLS_KEY_EXCH_SRP_SHA
@ TLS_KEY_EXCH_SRP_SHA
Definition: tls.h:1155
tlsSetTicketCallbacks
error_t tlsSetTicketCallbacks(TlsContext *context, TlsTicketEncryptCallback ticketEncryptCallback, TlsTicketDecryptCallback ticketDecryptCallback, void *param)
Set ticket encryption/decryption callbacks.
Definition: tls.c:1517
TLS_GROUP_SECT409R1
@ TLS_GROUP_SECT409R1
Definition: tls.h:1382
TLS_FLAG_BREAK_CRLF
@ TLS_FLAG_BREAK_CRLF
Definition: tls.h:1005
TLS_SIGN_SCHEME_GOSTR34102012_512C
@ TLS_SIGN_SCHEME_GOSTR34102012_512C
Definition: tls.h:1275
_TlsContext::numCerts
uint_t numCerts
Number of certificates available.
Definition: tls.h:2223
TLS_GROUP_BRAINPOOLP512R1
@ TLS_GROUP_BRAINPOOLP512R1
Definition: tls.h:1398
_TlsContext::socketReceiveCallback
TlsSocketReceiveCallback socketReceiveCallback
Socket receive callback function.
Definition: tls.h:2203
TLS_GROUP_FFDHE2048
@ TLS_GROUP_FFDHE2048
Definition: tls.h:1412
tlsWrite
error_t tlsWrite(TlsContext *context, const void *data, size_t length, size_t *written, uint_t flags)
Send application data to the remote host using TLS.
Definition: tls.c:1854
TLS_STATE_CLIENT_APP_TRAFFIC_KEYS
@ TLS_STATE_CLIENT_APP_TRAFFIC_KEYS
Definition: tls.h:1477
_TlsContext::sessionTicketEnabled
bool_t sessionTicketEnabled
Session ticket mechanism enabled.
Definition: tls.h:2422
TlsHelloExtensions::extendedMasterSecret
const TlsExtension * extendedMasterSecret
ExtendedMasterSecret extension.
Definition: tls.h:2125
TLS_CLIENT_AUTH_NONE
@ TLS_CLIENT_AUTH_NONE
Definition: tls.h:979
TLS_TYPE_HELLO_VERIFY_REQUEST
@ TLS_TYPE_HELLO_VERIFY_REQUEST
Definition: tls.h:1043
TLS_GROUP_SECP160K1
@ TLS_GROUP_SECP160K1
Definition: tls.h:1385
TLS_TYPE_CLIENT_KEY_EXCHANGE
@ TLS_TYPE_CLIENT_KEY_EXCHANGE
Definition: tls.h:1055
TLS_KEY_EXCH_DHE_PSK
@ TLS_KEY_EXCH_DHE_PSK
Definition: tls.h:1153
_TlsContext::keyUpdateCount
uint_t keyUpdateCount
Count of consecutive KeyUpdate messages.
Definition: tls.h:2456
TLS_STATE_NEW_SESSION_TICKET
@ TLS_STATE_NEW_SESSION_TICKET
Definition: tls.h:1483
_TlsContext::resume
bool_t resume
The connection is established by resuming a session.
Definition: tls.h:2257
TlsSessionState::ticketAgeAdd
uint32_t ticketAgeAdd
Random value used to obscure the age of the ticket.
Definition: tls.h:2053
CipherMode
CipherMode
Cipher operation modes.
Definition: crypto.h:962
TLS_CERT_SM2_SIGN
@ TLS_CERT_SM2_SIGN
Definition: tls.h:1201
TLS_FLAG_DELAY
@ TLS_FLAG_DELAY
Definition: tls.h:1008
TlsCompressMethods
TlsCompressMethods
Definition: tls.h:1528
ticketTimestamp
systime_t ticketTimestamp
Timestamp to manage ticket lifetime.
Definition: tls.h:1885
TLS_EXT_TRANSPARENCY_INFO
@ TLS_EXT_TRANSPARENCY_INFO
Definition: tls.h:1330
TLS_EXT_STATUS_REQUEST_V2
@ TLS_EXT_STATUS_REQUEST_V2
Definition: tls.h:1302
_TlsContext::txBufferMaxLen
size_t txBufferMaxLen
Maximum number of plaintext data the TX buffer can hold.
Definition: tls.h:2265
TlsMaxFragmentLength
TlsMaxFragmentLength
Maximum fragment length.
Definition: tls.h:1356
TLS_STATE_CLIENT_CHANGE_CIPHER_SPEC
@ TLS_STATE_CLIENT_CHANGE_CIPHER_SPEC
Definition: tls.h:1474
TlsCertVerifyCallback
error_t(* TlsCertVerifyCallback)(TlsContext *context, const X509CertInfo *certInfo, uint_t pathLen, void *param)
Certificate verification callback function.
Definition: tls.h:1951
TLS_ALERT_TOO_MANY_CIDS_REQUESTED
@ TLS_ALERT_TOO_MANY_CIDS_REQUESTED
Definition: tls.h:1102
TlsCertList
TlsCertList
Definition: tls.h:1550
TLS_EXT_EC_POINT_FORMATS
@ TLS_EXT_EC_POINT_FORMATS
Definition: tls.h:1296
TlsCompressMethod
TlsCompressMethod
Compression methods.
Definition: tls.h:1127
_TlsContext::ticketParam
void * ticketParam
Opaque pointer passed to the ticket callbacks.
Definition: tls.h:2427
TLS_EXT_TLS_CERT_WITH_EXTERN_PSK
@ TLS_EXT_TLS_CERT_WITH_EXTERN_PSK
Definition: tls.h:1317
TLS_SIGN_ALGO_GOSTR34102012_512
@ TLS_SIGN_ALGO_GOSTR34102012_512
Definition: tls.h:1238
TLS_GROUP_SECP521R1
@ TLS_GROUP_SECP521R1
Definition: tls.h:1395
TLS_GROUP_SECP192R1
@ TLS_GROUP_SECP192R1
Definition: tls.h:1389
TLS_CERT_GOST_SIGN512
@ TLS_CERT_GOST_SIGN512
Definition: tls.h:1199
TLS_EXT_ALPN
@ TLS_EXT_ALPN
Definition: tls.h:1301
TLS_GROUP_FFDHE3072
@ TLS_GROUP_FFDHE3072
Definition: tls.h:1413
TLS_ALERT_PROTOCOL_VERSION
@ TLS_ALERT_PROTOCOL_VERSION
Definition: tls.h:1104
TlsHelloExtensions
Hello extensions.
Definition: tls.h:2098
Tls13KeyShareList
Tls13KeyShareList
Definition: tls13_misc.h:206
TLS_GROUP_SECP160R1
@ TLS_GROUP_SECP160R1
Definition: tls.h:1386
TLS_ALERT_DECRYPTION_FAILED
@ TLS_ALERT_DECRYPTION_FAILED
Definition: tls.h:1087
TlsCertificateType
TlsCertificateType
Certificate types.
Definition: tls.h:1186
_TlsContext::cert
TlsCertDesc * cert
Pointer to the currently selected certificate.
Definition: tls.h:2228
_TlsEncryptionEngine::encKeyLen
size_t encKeyLen
Length of the encryption key.
Definition: tls.h:2158
_TlsContext::encryptionEngine
TlsEncryptionEngine encryptionEngine
Encryption engine.
Definition: tls.h:2290
TLS_MASTER_SECRET_SIZE
#define TLS_MASTER_SECRET_SIZE
Definition: tls.h:801
TlsCertDesc::privateKeyLen
size_t privateKeyLen
Length of the private key.
Definition: tls.h:2085
TLS_GROUP_BRAINPOOLP384R1_TLS13
@ TLS_GROUP_BRAINPOOLP384R1_TLS13
Definition: tls.h:1402
TLS_HASH_ALGO_MD5
@ TLS_HASH_ALGO_MD5
Definition: tls.h:1214
TlsCertDesc
Certificate descriptor.
Definition: tls.h:2081
secret
uint8_t secret[TLS_MASTER_SECRET_SIZE]
Master secret.
Definition: tls.h:1884
TlsCache::size
uint_t size
Maximum number of entries.
Definition: tls.h:2071
TLS_SIGN_SCHEME_GOSTR34102012_256C
@ TLS_SIGN_SCHEME_GOSTR34102012_256C
Definition: tls.h:1271
_TlsContext::pskHashAlgo
TlsHashAlgo pskHashAlgo
Hash algorithm associated with the PSK.
Definition: tls.h:2385
random
uint8_t random[32]
Definition: tls.h:1771
TLS_STATE_HANDSHAKE_TRAFFIC_KEYS
@ TLS_STATE_HANDSHAKE_TRAFFIC_KEYS
Definition: tls.h:1464
TLS_KEY_EXCH_RSA_PSK
@ TLS_KEY_EXCH_RSA_PSK
Definition: tls.h:1152
TLS_FLAG_BREAK_CHAR
@ TLS_FLAG_BREAK_CHAR
Definition: tls.h:1004
OsMutex
Mutex object.
Definition: os_port_cmsis_rtos.h:136
TLS_EXT_USER_MAPPING
@ TLS_EXT_USER_MAPPING
Definition: tls.h:1291
_TlsContext::transcriptSha1Context
Sha1Context * transcriptSha1Context
SHA-1 context used to compute verify data.
Definition: tls.h:2305
TlsSessionState::serverName
char_t * serverName
ServerName extension.
Definition: tls.h:2059
tlsSetConnectionEnd
error_t tlsSetConnectionEnd(TlsContext *context, TlsConnectionEnd entity)
Set operation mode (client or server)
Definition: tls.c:349
systime_t
uint32_t systime_t
System time.
Definition: os_port_chibios.h:101
TLS_CLIENT_AUTH_OPTIONAL
@ TLS_CLIENT_AUTH_OPTIONAL
Definition: tls.h:980
tlsSetMaxEarlyDataSize
error_t tlsSetMaxEarlyDataSize(TlsContext *context, size_t maxEarlyDataSize)
Send the maximum amount of 0-RTT data the server can accept.
Definition: tls.c:1671
aead_algorithms.h
EcPublicKey
EC public key.
Definition: ec.h:94
_TlsContext::ticketPskLen
size_t ticketPskLen
Length of the PSK associated with the ticket.
Definition: tls.h:2336
TlsRecord
TlsRecord
Definition: tls.h:1742
TLS_TYPE_SERVER_KEY_EXCHANGE
@ TLS_TYPE_SERVER_KEY_EXCHANGE
Definition: tls.h:1051
TLS_GROUP_GC512C
@ TLS_GROUP_GC512C
Definition: tls.h:1410
_TlsContext::cookieGenerateCallback
DtlsCookieGenerateCallback cookieGenerateCallback
Cookie generation callback function.
Definition: tls.h:2464
_TlsContext::pskCallback
TlsPskCallback pskCallback
PSK callback function.
Definition: tls.h:2383
TLS_EC_CURVE_TYPE_NAMED_CURVE
@ TLS_EC_CURVE_TYPE_NAMED_CURVE
Definition: tls.h:1445
flags
uint8_t flags
Definition: tcp.h:351
TLS_TYPE_NONE
@ TLS_TYPE_NONE
Definition: tls.h:1023
TlsSessionState::maxEarlyDataSize
uint32_t maxEarlyDataSize
Maximum amount of 0-RTT data that the client is allowed to send.
Definition: tls.h:2056
TlsHelloExtensions::selectedIdentity
const TlsExtension * selectedIdentity
PreSharedKey extension (ServerHello)
Definition: tls.h:2142
TLS_TYPE_EKT_KEY
@ TLS_TYPE_EKT_KEY
Definition: tls.h:1062
_TlsContext::namedGroup
uint16_t namedGroup
ECDHE or FFDHE named group.
Definition: tls.h:2251
TlsEcdsaSignCallback
error_t(* TlsEcdsaSignCallback)(TlsContext *context, const uint8_t *digest, size_t digestLen, EcdsaSignature *signature)
ECDSA signature generation callback function.
Definition: tls.h:1992
_TlsContext::cipherSuites
const uint16_t * cipherSuites
List of supported cipher suites.
Definition: tls.h:2208
char_t
char char_t
Definition: compiler_port.h:48
_TlsContext::ticketCipherSuite
uint16_t ticketCipherSuite
Cipher suite associated with the ticket.
Definition: tls.h:2339
_TlsContext::txMsgSeq
uint16_t txMsgSeq
Send sequence number.
Definition: tls.h:2472
TLS_GROUP_SECP224R1
@ TLS_GROUP_SECP224R1
Definition: tls.h:1391
_TlsEncryptionEngine::iv
uint8_t iv[16]
Initialization vector.
Definition: tls.h:2159
GcmContext
GCM context.
Definition: gcm.h:64
ticket
uint8_t ticket[]
Definition: tls.h:1844
TLS_KEY_EXCH_NONE
@ TLS_KEY_EXCH_NONE
Definition: tls.h:1139
TlsNameType
TlsNameType
Name type.
Definition: tls.h:1346
TlsHelloExtensions::clientCertType
const TlsExtension * clientCertType
Definition: tls.h:2117
TLS13_KEY_EXCH_PSK_ECDHE
@ TLS13_KEY_EXCH_PSK_ECDHE
Definition: tls.h:1163
TLS_STATE_CLIENT_HELLO_2
@ TLS_STATE_CLIENT_HELLO_2
Definition: tls.h:1457
TLS_ALERT_BAD_CERTIFICATE
@ TLS_ALERT_BAD_CERTIFICATE
Definition: tls.h:1092
_TlsContext::replayDetectionEnabled
bool_t replayDetectionEnabled
Anti-replay mechanism enabled.
Definition: tls.h:2485
TlsCipherSuiteInfo::hashAlgo
const HashAlgo * hashAlgo
Definition: tls.h:2022
TlsContentType
TlsContentType
Content type.
Definition: tls.h:1022
TLS_STATE_CLOSING
@ TLS_STATE_CLOSING
Definition: tls.h:1486
TLS_STATE_SERVER_CERTIFICATE_VERIFY
@ TLS_STATE_SERVER_CERTIFICATE_VERIFY
Definition: tls.h:1468
_TlsContext::rxBufferLen
size_t rxBufferLen
Number of bytes available for reading.
Definition: tls.h:2276
TLS_EXT_EXTERNAL_SESSION_ID
@ TLS_EXT_EXTERNAL_SESSION_ID
Definition: tls.h:1333
TLS_ALERT_INAPPROPRIATE_FALLBACK
@ TLS_ALERT_INAPPROPRIATE_FALLBACK
Definition: tls.h:1107
msgType
uint8_t msgType
Definition: mqtt_sn_common.h:183
TLS_EARLY_DATA_ACCEPTED
@ TLS_EARLY_DATA_ACCEPTED
Definition: tls.h:992
tlsSetRpkVerifyCallback
error_t tlsSetRpkVerifyCallback(TlsContext *context, TlsRpkVerifyCallback rpkVerifyCallback)
Register the raw public key verification callback function.
Definition: tls.c:1171
_TlsEncryptionEngine::macKey
uint8_t macKey[48]
MAC key.
Definition: tls.h:2155
TlsServerHello
TlsServerHello
Definition: tls.h:1787
TlsClientKeyExchange
void TlsClientKeyExchange
ClientKeyExchange message.
Definition: tls.h:1826
TLS_STATE_SERVER_CERTIFICATE
@ TLS_STATE_SERVER_CERTIFICATE
Definition: tls.h:1466
TlsEcCurveType
TlsEcCurveType
EC curve types.
Definition: tls.h:1442
TlsPlaintextSessionState
TlsPlaintextSessionState
Definition: tls.h:1890
TLS_CLIENT_AUTH_REQUIRED
@ TLS_CLIENT_AUTH_REQUIRED
Definition: tls.h:981
TLS_EXT_PADDING
@ TLS_EXT_PADDING
Definition: tls.h:1306
TLS_ALERT_LEVEL_FATAL
@ TLS_ALERT_LEVEL_FATAL
Definition: tls.h:1074
TlsSessionState
TLS session state.
Definition: tls.h:2038
tlsInitSessionState
error_t tlsInitSessionState(TlsSessionState *session)
Initialize session state.
Definition: tls.c:2610
_TlsContext::rxFragQueueLen
size_t rxFragQueueLen
Length of the reassembly queue.
Definition: tls.h:2476
TLS_GROUP_SECT193R2
@ TLS_GROUP_SECT193R2
Definition: tls.h:1375
_TlsContext::versionMax
uint16_t versionMax
Maximum version accepted by the implementation.
Definition: tls.h:2237
TlsHelloExtensions::certSignAlgoList
const TlsSignSchemeList * certSignAlgoList
SignatureAlgorithmsCert extension.
Definition: tls.h:2105
_TlsContext::replayWindow
uint32_t replayWindow[(DTLS_REPLAY_WINDOW_SIZE+31)/32]
Definition: tls.h:2486
TLS_STATE_CLIENT_KEY_EXCHANGE
@ TLS_STATE_CLIENT_KEY_EXCHANGE
Definition: tls.h:1472
_TlsEncryptionEngine::cipherAlgo
const CipherAlgo * cipherAlgo
Cipher algorithm.
Definition: tls.h:2163
TlsCipherSuiteInfo::verifyDataLen
uint8_t verifyDataLen
Definition: tls.h:2029
tlsSetCipherSuites
error_t tlsSetCipherSuites(TlsContext *context, const uint16_t *cipherSuites, uint_t length)
Specify the list of allowed cipher suites.
Definition: tls.c:605
TlsTransportProtocol
TlsTransportProtocol
TLS transport protocols.
Definition: tls.h:955
DtlsCookieVerifyCallback
error_t(* DtlsCookieVerifyCallback)(TlsContext *context, const DtlsClientParameters *clientParams, const uint8_t *cookie, size_t length, void *param)
DTLS cookie verification callback function.
Definition: dtls_misc.h:249
TLS_SIGN_SCHEME_SM2SIG_SM3
@ TLS_SIGN_SCHEME_SM2SIG_SM3
Definition: tls.h:1266
TLS_TYPE_FINISHED
@ TLS_TYPE_FINISHED
Definition: tls.h:1056
TlsHelloRequest
void TlsHelloRequest
HelloRequest message.
Definition: tls.h:1761
TLS_GROUP_SECT193R1
@ TLS_GROUP_SECT193R1
Definition: tls.h:1374
TLS_SIGN_SCHEME_RSA_PKCS1_SHA512
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA512
Definition: tls.h:1252
_TlsContext::serverCertTypeExtReceived
bool_t serverCertTypeExtReceived
The ServerCertType extension has been received.
Definition: tls.h:2418
TLS_STATE_CLIENT_CERTIFICATE
@ TLS_STATE_CLIENT_CERTIFICATE
Definition: tls.h:1471
TLS_SIGN_SCHEME_ECDSA_BP384R1_TLS13_SHA384
@ TLS_SIGN_SCHEME_ECDSA_BP384R1_TLS13_SHA384
Definition: tls.h:1264
_TlsContext::certVerifyCallback
TlsCertVerifyCallback certVerifyCallback
Certificate verification callback function.
Definition: tls.h:2226
_TlsContext::certVerifyParam
void * certVerifyParam
Opaque pointer passed to the certificate verification callback.
Definition: tls.h:2227
TLS_SIGN_SCHEME_ED448
@ TLS_SIGN_SCHEME_ED448
Definition: tls.h:1268
tlsWriteEarlyData
error_t tlsWriteEarlyData(TlsContext *context, const void *data, size_t length, size_t *written, uint_t flags)
Send early data to the remote TLS server.
Definition: tls.c:1700
TLS_STATE_CLIENT_CHANGE_CIPHER_SPEC_2
@ TLS_STATE_CLIENT_CHANGE_CIPHER_SPEC_2
Definition: tls.h:1475
TLS13_KEY_EXCH_HYBRID
@ TLS13_KEY_EXCH_HYBRID
Definition: tls.h:1160
TlsSessionState::ticketHashAlgo
TlsHashAlgo ticketHashAlgo
Hash algorithm associated with the ticket.
Definition: tls.h:2054
_TlsContext::alertCount
uint_t alertCount
Count of consecutive warning alerts.
Definition: tls.h:2444
tlsSetDhParameters
error_t tlsSetDhParameters(TlsContext *context, const char_t *params, size_t length)
Import Diffie-Hellman parameters.
Definition: tls.c:723
TLS_ALERT_CERTIFICATE_EXPIRED
@ TLS_ALERT_CERTIFICATE_EXPIRED
Definition: tls.h:1095
TLS_STATE_ENCRYPTED_EXTENSIONS
@ TLS_STATE_ENCRYPTED_EXTENSIONS
Definition: tls.h:1465
TLS_EXT_SERVER_CERT_TYPE
@ TLS_EXT_SERVER_CERT_TYPE
Definition: tls.h:1305
TLS_KEY_EXCH_PSK
@ TLS_KEY_EXCH_PSK
Definition: tls.h:1151
TLS_STATE_INIT
@ TLS_STATE_INIT
Definition: tls.h:1455
_TlsContext::certRequestContext
uint8_t * certRequestContext
Certificate request context.
Definition: tls.h:2319
TLS_EXT_PASSWORD_SALT
@ TLS_EXT_PASSWORD_SALT
Definition: tls.h:1315
TLS_KEY_EXCH_ECDHE_PSK
@ TLS_KEY_EXCH_ECDHE_PSK
Definition: tls.h:1154
TLS_SIGN_SCHEME_RSA_PKCS1_SHA384
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA384
Definition: tls.h:1251
TLS_NAME_TYPE_HOSTNAME
@ TLS_NAME_TYPE_HOSTNAME
Definition: tls.h:1347
_TlsContext::socketSendCallback
TlsSocketSendCallback socketSendCallback
Socket send callback function.
Definition: tls.h:2202
TLS_ALERT_NO_APPLICATION_PROTOCOL
@ TLS_ALERT_NO_APPLICATION_PROTOCOL
Definition: tls.h:1118
_TlsContext::prngAlgo
const PrngAlgo * prngAlgo
Pseudo-random number generator to be used.
Definition: tls.h:2205
TLS_CERT_RSA_FIXED_ECDH
@ TLS_CERT_RSA_FIXED_ECDH
Definition: tls.h:1196
TlsClientHello
TlsClientHello
Definition: tls.h:1774
TLS_MAX_HKDF_DIGEST_SIZE
#define TLS_MAX_HKDF_DIGEST_SIZE
Definition: tls.h:921
TLS_TYPE_HEARTBEAT
@ TLS_TYPE_HEARTBEAT
Definition: tls.h:1028
TLS_SIGN_SCHEME_ECDSA_SECP384R1_SHA384
@ TLS_SIGN_SCHEME_ECDSA_SECP384R1_SHA384
Definition: tls.h:1261
_TlsContext::clientHelloTimestamp
systime_t clientHelloTimestamp
Time at which the ClientHello message was sent.
Definition: tls.h:2317
TlsSignatureAlgo
TlsSignatureAlgo
Signature algorithms.
Definition: tls.h:1230
_TlsContext::serverRandom
uint8_t serverRandom[TLS_RANDOM_SIZE]
Server random value.
Definition: tls.h:2282
_TlsContext::certRequestContextLen
size_t certRequestContextLen
Length of the certificate request context.
Definition: tls.h:2320
Tls13PskKeModeList
Tls13PskKeModeList
Definition: tls13_misc.h:217
TLS_EXT_SRP
@ TLS_EXT_SRP
Definition: tls.h:1297
tlsSetEcdsaVerifyCallback
error_t tlsSetEcdsaVerifyCallback(TlsContext *context, TlsEcdsaVerifyCallback ecdsaVerifyCallback)
Register ECDSA signature verification callback function.
Definition: tls.c:804
TLS_CONNECTION_END_CLIENT
@ TLS_CONNECTION_END_CLIENT
Definition: tls.h:968
_TlsContext::pskIdentityHint
char_t * pskIdentityHint
PSK identity hint.
Definition: tls.h:2382
_TlsContext::cipherSuite
TlsCipherSuiteInfo cipherSuite
Negotiated cipher suite.
Definition: tls.h:2248
tlsIsRxReady
bool_t tlsIsRxReady(TlsContext *context)
Check whether some data is available in the receive buffer.
Definition: tls.c:2262
_TlsContext::clientAppTrafficSecret
uint8_t clientAppTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2328
TLS_MAX_FRAGMENT_LENGTH_1024
@ TLS_MAX_FRAGMENT_LENGTH_1024
Definition: tls.h:1358
TlsAlertLevel
TlsAlertLevel
Alert level.
Definition: tls.h:1072
TLS_EXT_CACHED_INFO
@ TLS_EXT_CACHED_INFO
Definition: tls.h:1310
_TlsContext::changeCipherSpecCount
uint_t changeCipherSpecCount
Count of consecutive ChangeCipherSpec messages.
Definition: tls.h:2452
CipherAlgo
Common interface for encryption algorithms.
Definition: crypto.h:1068
TLS_TYPE_CERTIFICATE_REQUEST
@ TLS_TYPE_CERTIFICATE_REQUEST
Definition: tls.h:1052
TlsCipherSuiteInfo::encKeyLen
uint8_t encKeyLen
Definition: tls.h:2025
TLS_EXT_PRE_SHARED_KEY
@ TLS_EXT_PRE_SHARED_KEY
Definition: tls.h:1320
TLS_EC_POINT_FORMAT_ANSI_X962_COMPRESSED_PRIME
@ TLS_EC_POINT_FORMAT_ANSI_X962_COMPRESSED_PRIME
Definition: tls.h:1432
tlsFree
void tlsFree(TlsContext *context)
Release TLS context.
Definition: tls.c:2469
TLS_GROUP_SECT571R1
@ TLS_GROUP_SECT571R1
Definition: tls.h:1384
tlsRead
error_t tlsRead(TlsContext *context, void *data, size_t size, size_t *received, uint_t flags)
Receive application data from a the remote host using TLS.
Definition: tls.c:1989
DtlsSequenceNumber
DtlsSequenceNumber
Definition: dtls_misc.h:143
TLS_GROUP_FFDHE_MAX
@ TLS_GROUP_FFDHE_MAX
Definition: tls.h:1417
_TlsContext::cache
TlsCache * cache
TLS session cache.
Definition: tls.h:2230
_TlsContext::state
TlsState state
TLS handshake finite state machine.
Definition: tls.h:2195
_TlsContext::rxBufferType
TlsContentType rxBufferType
Type of data that resides in the RX buffer.
Definition: tls.h:2275
_TlsContext::serverName
char_t * serverName
Fully qualified DNS hostname of the server.
Definition: tls.h:2214
TLS_SIGN_ALGO_RSA
@ TLS_SIGN_ALGO_RSA
Definition: tls.h:1232
_TlsContext::rxRecordPos
size_t rxRecordPos
Current position in the TLS record.
Definition: tls.h:2279
hostname
char_t hostname[]
Definition: tls.h:1606
TLS_TYPE_TLS12_CID
@ TLS_TYPE_TLS12_CID
Definition: tls.h:1029
tlsSetPskIdentity
error_t tlsSetPskIdentity(TlsContext *context, const char_t *pskIdentity)
Set the PSK identity to be used by the client.
Definition: tls.c:1047
TlsSessionState::version
uint16_t version
TLS protocol version.
Definition: tls.h:2039
TLS_TYPE_SUPPLEMENTAL_DATA
@ TLS_TYPE_SUPPLEMENTAL_DATA
Definition: tls.h:1059
_TlsContext::sessionTicketExtSent
bool_t sessionTicketExtSent
The SessionTicket extension has been sent.
Definition: tls.h:2424
Sha1Context
SHA-1 algorithm context.
Definition: sha1.h:62
_TlsContext::etmExtReceived
bool_t etmExtReceived
The EncryptThenMac extension has been received.
Definition: tls.h:2406
TLS_CERT_ECDSA_SIGN
@ TLS_CERT_ECDSA_SIGN
Definition: tls.h:1195
TLS_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE
@ TLS_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE
Definition: tls.h:1114
TlsHelloExtensions::recordSizeLimit
const TlsExtension * recordSizeLimit
RecordSizeLimit extension.
Definition: tls.h:2110
TLS_GROUP_X25519
@ TLS_GROUP_X25519
Definition: tls.h:1399
_TlsContext::startTime
systime_t startTime
Definition: tls.h:2462
TLS_KEY_EXCH_DHE_DSS
@ TLS_KEY_EXCH_DHE_DSS
Definition: tls.h:1144
_TlsContext::clientCertRequested
bool_t clientCertRequested
This flag tells whether the client certificate is requested.
Definition: tls.h:2255
TLS_TRANSPORT_PROTOCOL_STREAM
@ TLS_TRANSPORT_PROTOCOL_STREAM
Definition: tls.h:956
_TlsEncryptionEngine::version
uint16_t version
Negotiated TLS version.
Definition: tls.h:2154
TLS_SIGN_SCHEME_GOSTR34102012_256D
@ TLS_SIGN_SCHEME_GOSTR34102012_256D
Definition: tls.h:1272
_TlsContext::newSessionTicketCount
uint_t newSessionTicketCount
Number of NewSessionTicket messages that have been sent.
Definition: tls.h:2333
tlsSetTransportProtocol
error_t tlsSetTransportProtocol(TlsContext *context, TlsTransportProtocol transportProtocol)
Set the transport protocol to be used.
Definition: tls.c:319
_TlsContext::ecdhCallback
TlsEcdhCallback ecdhCallback
Definition: tls.h:2217
_TlsContext::earlyDataEnabled
bool_t earlyDataEnabled
EarlyData is enabled.
Definition: tls.h:2345
TlsCertDesc::certChain
const char_t * certChain
End entity certificate chain (PEM format)
Definition: tls.h:2082
_TlsContext::recordSizeLimitExtReceived
bool_t recordSizeLimitExtReceived
The RecordSizeLimit extension has been received.
Definition: tls.h:2395
_TlsContext::peerRsaPublicKey
RsaPublicKey peerRsaPublicKey
Peer's RSA public key.
Definition: tls.h:2365
_TlsContext::unknownProtocolsAllowed
bool_t unknownProtocolsAllowed
Unknown ALPN protocols allowed.
Definition: tls.h:2399
TLS_EXT_SIGNATURE_ALGORITHMS
@ TLS_EXT_SIGNATURE_ALGORITHMS
Definition: tls.h:1298
TlsSessionState::ticketLifetime
uint32_t ticketLifetime
Lifetime of the ticket.
Definition: tls.h:2052
HashAlgo
Common interface for hash algorithms.
Definition: crypto.h:1046
TLS_CERT_NONE
@ TLS_CERT_NONE
Definition: tls.h:1187
_TlsContext::selectedProtocol
char_t * selectedProtocol
Selected ALPN protocol.
Definition: tls.h:2401
TlsPskCallback
error_t(* TlsPskCallback)(TlsContext *context, const uint8_t *pskIdentity, size_t pskIdentityLen)
Pre-shared key callback function.
Definition: tls.h:1943
TlsHelloExtensions::serverNameList
const TlsServerNameList * serverNameList
ServerName extension.
Definition: tls.h:2101
tlsGetEarlyDataStatus
TlsEarlyDataStatus tlsGetEarlyDataStatus(TlsContext *context)
Check whether the server has accepted or rejected the early data.
Definition: tls.c:1811
TLS_GROUP_GC256A
@ TLS_GROUP_GC256A
Definition: tls.h:1404
_TlsContext::trustedCaListLen
size_t trustedCaListLen
Total length of the trusted CA list.
Definition: tls.h:2225
_TlsContext::retransmitTimestamp
systime_t retransmitTimestamp
Time at which the datagram was sent.
Definition: tls.h:2469
TlsHelloExtensions::selectedVersion
const TlsExtension * selectedVersion
SupportedVersions extension (ServerHello)
Definition: tls.h:2100
TLS_EXT_POST_HANDSHAKE_AUTH
@ TLS_EXT_POST_HANDSHAKE_AUTH
Definition: tls.h:1327
_TlsEncryptionEngine::seqNum
TlsSequenceNumber seqNum
TLS sequence number.
Definition: tls.h:2171
tlsLoadCertificate
error_t tlsLoadCertificate(TlsContext *context, uint_t index, const char_t *certChain, size_t certChainLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
Load entity's certificate.
Definition: tls.c:1275
_TlsContext::clientEarlyTrafficSecret
uint8_t clientEarlyTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2325
TLS_SIGN_SCHEME_ECDSA_SECP256R1_SHA256
@ TLS_SIGN_SCHEME_ECDSA_SECP256R1_SHA256
Definition: tls.h:1260
TLS_STATE_SERVER_CHANGE_CIPHER_SPEC_2
@ TLS_STATE_SERVER_CHANGE_CIPHER_SPEC_2
Definition: tls.h:1479
TLS_GROUP_SECT233R1
@ TLS_GROUP_SECT233R1
Definition: tls.h:1377
_TlsEncryptionEngine::cipherContext
void * cipherContext
Cipher context.
Definition: tls.h:2164
TLS_TYPE_NEW_SESSION_TICKET
@ TLS_TYPE_NEW_SESSION_TICKET
Definition: tls.h:1044
_TlsContext::ecdsaSignCallback
TlsEcdsaSignCallback ecdsaSignCallback
Definition: tls.h:2218
TlsNamedGroup
TlsNamedGroup
Named groups.
Definition: tls.h:1369
TLS_TYPE_HELLO_REQUEST
@ TLS_TYPE_HELLO_REQUEST
Definition: tls.h:1040
_TlsContext::earlyDataRejected
bool_t earlyDataRejected
The 0-RTT data have been rejected by the server.
Definition: tls.h:2346
ticketLen
uint16_t ticketLen
Definition: tls.h:1843
TlsCertDesc::privateKey
const char_t * privateKey
Private key (PEM format)
Definition: tls.h:2084
TlsSignatureScheme
TlsSignatureScheme
Signature schemes.
Definition: tls.h:1247
tlsSetPskIdentityHint
error_t tlsSetPskIdentityHint(TlsContext *context, const char_t *pskIdentityHint)
Set the PSK identity hint to be used by the server.
Definition: tls.c:1096
TLS_EXT_STATUS_REQUEST
@ TLS_EXT_STATUS_REQUEST
Definition: tls.h:1290
TlsKeyLogCallback
void(* TlsKeyLogCallback)(TlsContext *context, const char_t *key)
Key logging callback function (for debugging purpose only)
Definition: tls.h:2008
_TlsEncryptionEngine::macKeyLen
size_t macKeyLen
Length of the MAC key.
Definition: tls.h:2156
Tls13PskIdentityList
Tls13PskIdentityList
Definition: tls13_misc.h:239
TLS_TYPE_HELLO_RETRY_REQUEST
@ TLS_TYPE_HELLO_RETRY_REQUEST
Definition: tls.h:1046
_TlsContext::updatedClientHelloReceived
bool_t updatedClientHelloReceived
An updated ClientHello message has been received.
Definition: tls.h:2318
tlsIsTxReady
bool_t tlsIsTxReady(TlsContext *context)
Check whether some data is ready for transmission.
Definition: tls.c:2228
uint_t
unsigned int uint_t
Definition: compiler_port.h:50
_TlsEncryptionEngine::gcmContext
GcmContext * gcmContext
GCM context.
Definition: tls.h:2169
tlsSetPreferredGroup
error_t tlsSetPreferredGroup(TlsContext *context, uint16_t group)
Specify the preferred ECDHE or FFDHE group.
Definition: tls.c:661
TlsFlags
TlsFlags
Flags used by read and write functions.
Definition: tls.h:1001
TLS_GROUP_SECT163R1
@ TLS_GROUP_SECT163R1
Definition: tls.h:1372
TLS_ALERT_CERTIFICATE_REVOKED
@ TLS_ALERT_CERTIFICATE_REVOKED
Definition: tls.h:1094
tlsEnableSecureRenegotiation
error_t tlsEnableSecureRenegotiation(TlsContext *context, bool_t enabled)
Enable secure renegotiation.
Definition: tls.c:1463
_TlsContext::txBufferLen
size_t txBufferLen
Number of bytes that are pending to be sent.
Definition: tls.h:2267
TlsSupportedGroupList
TlsSupportedGroupList
Definition: tls.h:1651
_TlsContext::retransmitCount
uint_t retransmitCount
Retransmission counter.
Definition: tls.h:2468
_TlsContext::rxRecordVersion
uint16_t rxRecordVersion
Version of the incoming record.
Definition: tls.h:2479
TLS_STATE_SERVER_HELLO_DONE
@ TLS_STATE_SERVER_HELLO_DONE
Definition: tls.h:1470
TLS_GROUP_X25519_KYBER768_DRAFT00
@ TLS_GROUP_X25519_KYBER768_DRAFT00
Definition: tls.h:1418
_TlsEncryptionEngine::recordIvLen
size_t recordIvLen
Length of the IV.
Definition: tls.h:2161
TLS_STATE_SERVER_HELLO_2
@ TLS_STATE_SERVER_HELLO_2
Definition: tls.h:1462
TLS_EXT_USE_SRTP
@ TLS_EXT_USE_SRTP
Definition: tls.h:1299
TLS_ALERT_HANDSHAKE_FAILURE
@ TLS_ALERT_HANDSHAKE_FAILURE
Definition: tls.h:1090
TLS_STATE_CLIENT_FINISHED
@ TLS_STATE_CLIENT_FINISHED
Definition: tls.h:1476
_TlsContext::selectedIdentity
int_t selectedIdentity
Selected PSK identity.
Definition: tls.h:2321
TlsCipherSuiteInfo::macKeyLen
uint8_t macKeyLen
Definition: tls.h:2024
TLS_CERT_DSS_FIXED_DH
@ TLS_CERT_DSS_FIXED_DH
Definition: tls.h:1191
_TlsContext::cookieVerifyCallback
DtlsCookieVerifyCallback cookieVerifyCallback
Cookie verification callback function.
Definition: tls.h:2465
TlsSupportedVersionList
TlsSupportedVersionList
Definition: tls.h:1595
tls_legacy.h
Legacy definitions.
TLS_ALERT_INTERNAL_ERROR
@ TLS_ALERT_INTERNAL_ERROR
Definition: tls.h:1106
TLS_CERT_RSA_FIXED_DH
@ TLS_CERT_RSA_FIXED_DH
Definition: tls.h:1190
_TlsContext::supportedGroups
const uint16_t * supportedGroups
List of supported named groups.
Definition: tls.h:2211
tlsEnableFallbackScsv
error_t tlsEnableFallbackScsv(TlsContext *context, bool_t enabled)
Perform fallback retry (for clients only)
Definition: tls.c:1489
TLS_TYPE_KEY_UPDATE
@ TLS_TYPE_KEY_UPDATE
Definition: tls.h:1060
TLS_SIGN_ALGO_ECDSA
@ TLS_SIGN_ALGO_ECDSA
Definition: tls.h:1234
TlsHelloExtensions::encryptThenMac
const TlsExtension * encryptThenMac
EncryptThenMac extension.
Definition: tls.h:2122
_TlsContext::certs
TlsCertDesc certs[TLS_MAX_CERTIFICATES]
End entity certificates (PEM format)
Definition: tls.h:2222
TlsTicketDecryptCallback
error_t(* TlsTicketDecryptCallback)(TlsContext *context, const uint8_t *ciphertext, size_t ciphertextLen, uint8_t *plaintext, size_t *plaintextLen, void *param)
Ticket decryption callback function.
Definition: tls.h:1976
TlsNewSessionTicket
TlsNewSessionTicket
Definition: tls.h:1845
_TlsContext::signScheme
TlsSignatureScheme signScheme
Signature scheme to be used.
Definition: tls.h:2250
TLS_KEY_EXCH_DHE_RSA
@ TLS_KEY_EXCH_DHE_RSA
Definition: tls.h:1142
tlsEnableSessionTickets
error_t tlsEnableSessionTickets(TlsContext *context, bool_t enabled)
Enable session ticket mechanism.
Definition: tls.c:1437
TlsEncryptionEngine
#define TlsEncryptionEngine
Definition: tls.h:40
_TlsContext::pskCipherSuite
uint16_t pskCipherSuite
Cipher suite associated with the PSK.
Definition: tls.h:2384
TlsSessionState::extendedMasterSecret
bool_t extendedMasterSecret
Extended master secret computation.
Definition: tls.h:2046
tlsSetTrustedCaList
error_t tlsSetTrustedCaList(TlsContext *context, const char_t *trustedCaList, size_t length)
Import a trusted CA list.
Definition: tls.c:1199
TlsServerKeyExchange
void TlsServerKeyExchange
ServerKeyExchange message.
Definition: tls.h:1801
_TlsContext::earlyDataExtReceived
bool_t earlyDataExtReceived
The EarlyData extension has been received.
Definition: tls.h:2347
TlsCipherSuiteInfo::prfHashAlgo
const HashAlgo * prfHashAlgo
Definition: tls.h:2023
TLS_GROUP_FFDHE8192
@ TLS_GROUP_FFDHE8192
Definition: tls.h:1416
TlsCertTypeList
TlsCertTypeList
Definition: tls.h:1673
_TlsContext::serverAppTrafficSecret
uint8_t serverAppTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2329
TlsHelloExtensions::supportedGroupList
const TlsSupportedGroupList * supportedGroupList
SupportedGroups extension.
Definition: tls.h:2102
TlsCertDesc::namedCurve
TlsNamedGroup namedCurve
Named curve used to generate the EC public key.
Definition: tls.h:2089
EcdhContext
ECDH context.
Definition: ecdh.h:59
_TlsContext::timeout
systime_t timeout
Timeout for blocking calls.
Definition: tls.h:2461
_TlsContext::ecdsaVerifyCallback
TlsEcdsaVerifyCallback ecdsaVerifyCallback
Definition: tls.h:2219
TlsHelloExtensions::serverCertType
const TlsExtension * serverCertType
Definition: tls.h:2119
_TlsContext::peerCertType
TlsCertificateType peerCertType
Peer's certificate type.
Definition: tls.h:2253
TLS_EXT_RECORD_SIZE_LIMIT
@ TLS_EXT_RECORD_SIZE_LIMIT
Definition: tls.h:1312
hmac.h
HMAC (Keyed-Hashing for Message Authentication)
tlsSetPskCallback
error_t tlsSetPskCallback(TlsContext *context, TlsPskCallback pskCallback)
Register PSK callback function.
Definition: tls.c:1145
_TlsContext::sessionTicketExtReceived
bool_t sessionTicketExtReceived
The SessionTicket extension has been received.
Definition: tls.h:2423
TLS_KEY_EXCH_DH_RSA
@ TLS_KEY_EXCH_DH_RSA
Definition: tls.h:1141
TLS_CERT_FORMAT_X509
@ TLS_CERT_FORMAT_X509
Definition: tls.h:1174
TLS_SIGN_SCHEME_GOSTR34102012_512A
@ TLS_SIGN_SCHEME_GOSTR34102012_512A
Definition: tls.h:1273
TlsSequenceNumber
TlsSequenceNumber
Definition: tls.h:1506
TlsSocketHandle
void * TlsSocketHandle
Socket handle.
Definition: tls.h:1905
TlsEarlyDataStatus
TlsEarlyDataStatus
Early data status.
Definition: tls.h:990
TLS_GROUP_BRAINPOOLP384R1
@ TLS_GROUP_BRAINPOOLP384R1
Definition: tls.h:1397
TLS_EXT_SIGNED_CERT_TIMESTAMP
@ TLS_EXT_SIGNED_CERT_TIMESTAMP
Definition: tls.h:1303
TlsSessionState::ticketAlpn
char_t * ticketAlpn
ALPN protocol associated with the ticket.
Definition: tls.h:2055
TLS_MAX_FRAGMENT_LENGTH_512
@ TLS_MAX_FRAGMENT_LENGTH_512
Definition: tls.h:1357
tlsSetKeyLogCallback
error_t tlsSetKeyLogCallback(TlsContext *context, TlsKeyLogCallback keyLogCallback)
Register key logging callback function (for debugging purpose only)
Definition: tls.c:831
TLS_ALERT_CERTIFICATE_UNKNOWN
@ TLS_ALERT_CERTIFICATE_UNKNOWN
Definition: tls.h:1096
_TlsContext::emsExtReceived
bool_t emsExtReceived
The ExtendedMasterSecret extension has been received.
Definition: tls.h:2410
TlsCertificate
void TlsCertificate
Certificate message.
Definition: tls.h:1794
TLS_EC_POINT_FORMAT_ANSI_X962_COMPRESSED_CHAR2
@ TLS_EC_POINT_FORMAT_ANSI_X962_COMPRESSED_CHAR2
Definition: tls.h:1433
TlsHelloExtensions::certAuthorities
const TlsCertAuthorities * certAuthorities
CertificateAuthorities extension.
Definition: tls.h:2135
description
uint8_t description
Definition: tls.h:1872
TlsHelloExtensions::identityList
const Tls13PskIdentityList * identityList
PreSharedKey extension (ClientHello)
Definition: tls.h:2140
_TlsContext
TLS context.
Definition: tls.h:2194
_TlsContext::protocolList
char_t * protocolList
List of supported ALPN protocols.
Definition: tls.h:2400
TLS_TYPE_CERTIFICATE_URL
@ TLS_TYPE_CERTIFICATE_URL
Definition: tls.h:1057
tlsFreeCache
void tlsFreeCache(TlsCache *cache)
Properly dispose a session cache.
Definition: tls_cache.c:319
data
uint8_t data[]
Definition: tls.h:1741
TLS_STATE_CLOSED
@ TLS_STATE_CLOSED
Definition: tls.h:1487