tls.h
Go to the documentation of this file.
1 /**
2  * @file tls.h
3  * @brief TLS (Transport Layer Security)
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneSSL Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.4.0
29  **/
30 
31 #ifndef _TLS_H
32 #define _TLS_H
33 
34 //Forward declaration of TlsContext structure
35 struct _TlsContext;
36 #define TlsContext struct _TlsContext
37 
38 //Forward declaration of TlsEncryptionEngine structure
40 #define TlsEncryptionEngine struct _TlsEncryptionEngine
41 
42 //Dependencies
43 #include "core/crypto.h"
44 #include "tls_config.h"
45 #include "tls_legacy.h"
46 #include "tls13_misc.h"
47 #include "dtls_misc.h"
48 #include "mac/hmac.h"
49 #include "aead/aead_algorithms.h"
51 #include "pkc/rsa.h"
52 #include "pkc/dsa.h"
53 #include "ecc/ecdsa.h"
54 #include "pkix/x509_common.h"
55 
56 
57 /*
58  * CycloneSSL Open is licensed under GPL version 2. In particular:
59  *
60  * - If you link your program to CycloneSSL Open, the result is a derivative
61  * work that can only be distributed under the same GPL license terms.
62  *
63  * - If additions or changes to CycloneSSL Open are made, the result is a
64  * derivative work that can only be distributed under the same license terms.
65  *
66  * - The GPL license requires that you make the source code available to
67  * whoever you make the binary available to.
68  *
69  * - If you sell or distribute a hardware product that runs CycloneSSL Open,
70  * the GPL license requires you to provide public and full access to all
71  * source code on a nondiscriminatory basis.
72  *
73  * If you fully understand and accept the terms of the GPL license, then edit
74  * the os_port_config.h header and add the following directive:
75  *
76  * #define GPL_LICENSE_TERMS_ACCEPTED
77  */
78 
79 #ifndef GPL_LICENSE_TERMS_ACCEPTED
80  #error Before compiling CycloneSSL Open, you must accept the terms of the GPL license
81 #endif
82 
83 //Version string
84 #define CYCLONE_SSL_VERSION_STRING "2.4.0"
85 //Major version
86 #define CYCLONE_SSL_MAJOR_VERSION 2
87 //Minor version
88 #define CYCLONE_SSL_MINOR_VERSION 4
89 //Revision number
90 #define CYCLONE_SSL_REV_NUMBER 0
91 
92 //TLS version numbers
93 #define SSL_VERSION_3_0 0x0300
94 #define TLS_VERSION_1_0 0x0301
95 #define TLS_VERSION_1_1 0x0302
96 #define TLS_VERSION_1_2 0x0303
97 #define TLS_VERSION_1_3 0x0304
98 
99 //TLS support
100 #ifndef TLS_SUPPORT
101  #define TLS_SUPPORT ENABLED
102 #elif (TLS_SUPPORT != ENABLED && TLS_SUPPORT != DISABLED)
103  #error TLS_SUPPORT parameter is not valid
104 #endif
105 
106 //Client mode of operation
107 #ifndef TLS_CLIENT_SUPPORT
108  #define TLS_CLIENT_SUPPORT ENABLED
109 #elif (TLS_CLIENT_SUPPORT != ENABLED && TLS_CLIENT_SUPPORT != DISABLED)
110  #error TLS_CLIENT_SUPPORT parameter is not valid
111 #endif
112 
113 //Server mode of operation
114 #ifndef TLS_SERVER_SUPPORT
115  #define TLS_SERVER_SUPPORT ENABLED
116 #elif (TLS_SERVER_SUPPORT != ENABLED && TLS_SERVER_SUPPORT != DISABLED)
117  #error TLS_SERVER_SUPPORT parameter is not valid
118 #endif
119 
120 //Minimum TLS version that can be negotiated
121 #ifndef TLS_MIN_VERSION
122  #define TLS_MIN_VERSION TLS_VERSION_1_2
123 #elif (TLS_MIN_VERSION < TLS_VERSION_1_0)
124  #error TLS_MIN_VERSION parameter is not valid
125 #endif
126 
127 //Maximum TLS version that can be negotiated
128 #ifndef TLS_MAX_VERSION
129  #define TLS_MAX_VERSION TLS_VERSION_1_3
130 #elif (TLS_MAX_VERSION > TLS_VERSION_1_3 || TLS_MAX_VERSION < TLS_MIN_VERSION)
131  #error TLS_MAX_VERSION parameter is not valid
132 #endif
133 
134 //Session resumption mechanism
135 #ifndef TLS_SESSION_RESUME_SUPPORT
136  #define TLS_SESSION_RESUME_SUPPORT ENABLED
137 #elif (TLS_SESSION_RESUME_SUPPORT != ENABLED && TLS_SESSION_RESUME_SUPPORT != DISABLED)
138  #error TLS_SESSION_RESUME_SUPPORT parameter is not valid
139 #endif
140 
141 //Lifetime of session cache entries
142 #ifndef TLS_SESSION_CACHE_LIFETIME
143  #define TLS_SESSION_CACHE_LIFETIME 3600000
144 #elif (TLS_SESSION_CACHE_LIFETIME < 1000)
145  #error TLS_SESSION_CACHE_LIFETIME parameter is not valid
146 #endif
147 
148 //Session ticket mechanism
149 #ifndef TLS_TICKET_SUPPORT
150  #define TLS_TICKET_SUPPORT DISABLED
151 #elif (TLS_TICKET_SUPPORT != ENABLED && TLS_TICKET_SUPPORT != DISABLED)
152  #error TLS_TICKET_SUPPORT parameter is not valid
153 #endif
154 
155 //Maximum size for session tickets
156 #ifndef TLS_MAX_TICKET_SIZE
157  #define TLS_MAX_TICKET_SIZE 1024
158 #elif (TLS_MAX_TICKET_SIZE < 32)
159  #error TLS_MAX_TICKET_SIZE parameter is not valid
160 #endif
161 
162 //Lifetime of session tickets
163 #ifndef TLS_TICKET_LIFETIME
164  #define TLS_TICKET_LIFETIME 3600000
165 #elif (TLS_TICKET_LIFETIME < 0)
166  #error TLS_TICKET_LIFETIME parameter is not valid
167 #endif
168 
169 //SNI (Server Name Indication) extension
170 #ifndef TLS_SNI_SUPPORT
171  #define TLS_SNI_SUPPORT ENABLED
172 #elif (TLS_SNI_SUPPORT != ENABLED && TLS_SNI_SUPPORT != DISABLED)
173  #error TLS_SNI_SUPPORT parameter is not valid
174 #endif
175 
176 //Maximum Fragment Length extension
177 #ifndef TLS_MAX_FRAG_LEN_SUPPORT
178  #define TLS_MAX_FRAG_LEN_SUPPORT DISABLED
179 #elif (TLS_MAX_FRAG_LEN_SUPPORT != ENABLED && TLS_MAX_FRAG_LEN_SUPPORT != DISABLED)
180  #error TLS_MAX_FRAG_LEN_SUPPORT parameter is not valid
181 #endif
182 
183 //Record Size Limit extension
184 #ifndef TLS_RECORD_SIZE_LIMIT_SUPPORT
185  #define TLS_RECORD_SIZE_LIMIT_SUPPORT ENABLED
186 #elif (TLS_RECORD_SIZE_LIMIT_SUPPORT != ENABLED && TLS_RECORD_SIZE_LIMIT_SUPPORT != DISABLED)
187  #error TLS_RECORD_SIZE_LIMIT_SUPPORT parameter is not valid
188 #endif
189 
190 //ALPN (Application-Layer Protocol Negotiation) extension
191 #ifndef TLS_ALPN_SUPPORT
192  #define TLS_ALPN_SUPPORT DISABLED
193 #elif (TLS_ALPN_SUPPORT != ENABLED && TLS_ALPN_SUPPORT != DISABLED)
194  #error TLS_ALPN_SUPPORT parameter is not valid
195 #endif
196 
197 //Encrypt-then-MAC extension
198 #ifndef TLS_ENCRYPT_THEN_MAC_SUPPORT
199  #define TLS_ENCRYPT_THEN_MAC_SUPPORT DISABLED
200 #elif (TLS_ENCRYPT_THEN_MAC_SUPPORT != ENABLED && TLS_ENCRYPT_THEN_MAC_SUPPORT != DISABLED)
201  #error TLS_ENCRYPT_THEN_MAC_SUPPORT parameter is not valid
202 #endif
203 
204 //Extended Master Secret extension
205 #ifndef TLS_EXT_MASTER_SECRET_SUPPORT
206  #define TLS_EXT_MASTER_SECRET_SUPPORT ENABLED
207 #elif (TLS_EXT_MASTER_SECRET_SUPPORT != ENABLED && TLS_EXT_MASTER_SECRET_SUPPORT != DISABLED)
208  #error TLS_EXT_MASTER_SECRET_SUPPORT parameter is not valid
209 #endif
210 
211 //ClientHello Padding extension
212 #ifndef TLS_CLIENT_HELLO_PADDING_SUPPORT
213  #define TLS_CLIENT_HELLO_PADDING_SUPPORT ENABLED
214 #elif (TLS_CLIENT_HELLO_PADDING_SUPPORT != ENABLED && TLS_CLIENT_HELLO_PADDING_SUPPORT != DISABLED)
215  #error TLS_CLIENT_HELLO_PADDING_SUPPORT parameter is not valid
216 #endif
217 
218 //Certificate Authorities extension
219 #ifndef TLS_CERT_AUTHORITIES_SUPPORT
220  #define TLS_CERT_AUTHORITIES_SUPPORT DISABLED
221 #elif (TLS_CERT_AUTHORITIES_SUPPORT != ENABLED && TLS_CERT_AUTHORITIES_SUPPORT != DISABLED)
222  #error TLS_CERT_AUTHORITIES_SUPPORT parameter is not valid
223 #endif
224 
225 //Signature Algorithms Certificate extension
226 #ifndef TLS_SIGN_ALGOS_CERT_SUPPORT
227  #define TLS_SIGN_ALGOS_CERT_SUPPORT DISABLED
228 #elif (TLS_SIGN_ALGOS_CERT_SUPPORT != ENABLED && TLS_SIGN_ALGOS_CERT_SUPPORT != DISABLED)
229  #error TLS_SIGN_ALGOS_CERT_SUPPORT parameter is not valid
230 #endif
231 
232 //RPK (Raw Public Key) support
233 #ifndef TLS_RAW_PUBLIC_KEY_SUPPORT
234  #define TLS_RAW_PUBLIC_KEY_SUPPORT DISABLED
235 #elif (TLS_RAW_PUBLIC_KEY_SUPPORT != ENABLED && TLS_RAW_PUBLIC_KEY_SUPPORT != DISABLED)
236  #error TLS_RAW_PUBLIC_KEY_SUPPORT parameter is not valid
237 #endif
238 
239 //Secure renegotiation support
240 #ifndef TLS_SECURE_RENEGOTIATION_SUPPORT
241  #define TLS_SECURE_RENEGOTIATION_SUPPORT ENABLED
242 #elif (TLS_SECURE_RENEGOTIATION_SUPPORT != ENABLED && TLS_SECURE_RENEGOTIATION_SUPPORT != DISABLED)
243  #error TLS_SECURE_RENEGOTIATION_SUPPORT parameter is not valid
244 #endif
245 
246 //Fallback SCSV support
247 #ifndef TLS_FALLBACK_SCSV_SUPPORT
248  #define TLS_FALLBACK_SCSV_SUPPORT DISABLED
249 #elif (TLS_FALLBACK_SCSV_SUPPORT != ENABLED && TLS_FALLBACK_SCSV_SUPPORT != DISABLED)
250  #error TLS_FALLBACK_SCSV_SUPPORT parameter is not valid
251 #endif
252 
253 //ECC callback functions
254 #ifndef TLS_ECC_CALLBACK_SUPPORT
255  #define TLS_ECC_CALLBACK_SUPPORT DISABLED
256 #elif (TLS_ECC_CALLBACK_SUPPORT != ENABLED && TLS_ECC_CALLBACK_SUPPORT != DISABLED)
257  #error TLS_ECC_CALLBACK_SUPPORT parameter is not valid
258 #endif
259 
260 //Maximum number of certificates the end entity can load
261 #ifndef TLS_MAX_CERTIFICATES
262  #define TLS_MAX_CERTIFICATES 3
263 #elif (TLS_MAX_CERTIFICATES < 1)
264  #error TLS_MAX_CERTIFICATES parameter is not valid
265 #endif
266 
267 //RSA key exchange support
268 #ifndef TLS_RSA_KE_SUPPORT
269  #define TLS_RSA_KE_SUPPORT ENABLED
270 #elif (TLS_RSA_KE_SUPPORT != ENABLED && TLS_RSA_KE_SUPPORT != DISABLED)
271  #error TLS_RSA_KE_SUPPORT parameter is not valid
272 #endif
273 
274 //DHE_RSA key exchange support
275 #ifndef TLS_DHE_RSA_KE_SUPPORT
276  #define TLS_DHE_RSA_KE_SUPPORT ENABLED
277 #elif (TLS_DHE_RSA_KE_SUPPORT != ENABLED && TLS_DHE_RSA_KE_SUPPORT != DISABLED)
278  #error TLS_DHE_RSA_KE_SUPPORT parameter is not valid
279 #endif
280 
281 //DHE_DSS key exchange support
282 #ifndef TLS_DHE_DSS_KE_SUPPORT
283  #define TLS_DHE_DSS_KE_SUPPORT DISABLED
284 #elif (TLS_DHE_DSS_KE_SUPPORT != ENABLED && TLS_DHE_DSS_KE_SUPPORT != DISABLED)
285  #error TLS_DHE_DSS_KE_SUPPORT parameter is not valid
286 #endif
287 
288 //DH_anon key exchange support (insecure)
289 #ifndef TLS_DH_ANON_KE_SUPPORT
290  #define TLS_DH_ANON_KE_SUPPORT DISABLED
291 #elif (TLS_DH_ANON_KE_SUPPORT != ENABLED && TLS_DH_ANON_KE_SUPPORT != DISABLED)
292  #error TLS_DH_ANON_KE_SUPPORT parameter is not valid
293 #endif
294 
295 //ECDHE_RSA key exchange support
296 #ifndef TLS_ECDHE_RSA_KE_SUPPORT
297  #define TLS_ECDHE_RSA_KE_SUPPORT ENABLED
298 #elif (TLS_ECDHE_RSA_KE_SUPPORT != ENABLED && TLS_ECDHE_RSA_KE_SUPPORT != DISABLED)
299  #error TLS_ECDHE_RSA_KE_SUPPORT parameter is not valid
300 #endif
301 
302 //ECDHE_ECDSA key exchange support
303 #ifndef TLS_ECDHE_ECDSA_KE_SUPPORT
304  #define TLS_ECDHE_ECDSA_KE_SUPPORT ENABLED
305 #elif (TLS_ECDHE_ECDSA_KE_SUPPORT != ENABLED && TLS_ECDHE_ECDSA_KE_SUPPORT != DISABLED)
306  #error TLS_ECDHE_ECDSA_KE_SUPPORT parameter is not valid
307 #endif
308 
309 //ECDH_anon key exchange support (insecure)
310 #ifndef TLS_ECDH_ANON_KE_SUPPORT
311  #define TLS_ECDH_ANON_KE_SUPPORT DISABLED
312 #elif (TLS_ECDH_ANON_KE_SUPPORT != ENABLED && TLS_ECDH_ANON_KE_SUPPORT != DISABLED)
313  #error TLS_ECDH_ANON_KE_SUPPORT parameter is not valid
314 #endif
315 
316 //PSK key exchange support
317 #ifndef TLS_PSK_KE_SUPPORT
318  #define TLS_PSK_KE_SUPPORT DISABLED
319 #elif (TLS_PSK_KE_SUPPORT != ENABLED && TLS_PSK_KE_SUPPORT != DISABLED)
320  #error TLS_PSK_KE_SUPPORT parameter is not valid
321 #endif
322 
323 //RSA_PSK key exchange support
324 #ifndef TLS_RSA_PSK_KE_SUPPORT
325  #define TLS_RSA_PSK_KE_SUPPORT DISABLED
326 #elif (TLS_RSA_PSK_KE_SUPPORT != ENABLED && TLS_RSA_PSK_KE_SUPPORT != DISABLED)
327  #error TLS_RSA_PSK_KE_SUPPORT parameter is not valid
328 #endif
329 
330 //DHE_PSK key exchange support
331 #ifndef TLS_DHE_PSK_KE_SUPPORT
332  #define TLS_DHE_PSK_KE_SUPPORT DISABLED
333 #elif (TLS_DHE_PSK_KE_SUPPORT != ENABLED && TLS_DHE_PSK_KE_SUPPORT != DISABLED)
334  #error TLS_DHE_PSK_KE_SUPPORT parameter is not valid
335 #endif
336 
337 //ECDHE_PSK key exchange support
338 #ifndef TLS_ECDHE_PSK_KE_SUPPORT
339  #define TLS_ECDHE_PSK_KE_SUPPORT DISABLED
340 #elif (TLS_ECDHE_PSK_KE_SUPPORT != ENABLED && TLS_ECDHE_PSK_KE_SUPPORT != DISABLED)
341  #error TLS_ECDHE_PSK_KE_SUPPORT parameter is not valid
342 #endif
343 
344 //RSA signature capability
345 #ifndef TLS_RSA_SIGN_SUPPORT
346  #define TLS_RSA_SIGN_SUPPORT ENABLED
347 #elif (TLS_RSA_SIGN_SUPPORT != ENABLED && TLS_RSA_SIGN_SUPPORT != DISABLED)
348  #error TLS_RSA_SIGN_SUPPORT parameter is not valid
349 #endif
350 
351 //RSA-PSS signature capability
352 #ifndef TLS_RSA_PSS_SIGN_SUPPORT
353  #define TLS_RSA_PSS_SIGN_SUPPORT ENABLED
354 #elif (TLS_RSA_PSS_SIGN_SUPPORT != ENABLED && TLS_RSA_PSS_SIGN_SUPPORT != DISABLED)
355  #error TLS_RSA_PSS_SIGN_SUPPORT parameter is not valid
356 #endif
357 
358 //DSA signature capability
359 #ifndef TLS_DSA_SIGN_SUPPORT
360  #define TLS_DSA_SIGN_SUPPORT DISABLED
361 #elif (TLS_DSA_SIGN_SUPPORT != ENABLED && TLS_DSA_SIGN_SUPPORT != DISABLED)
362  #error TLS_DSA_SIGN_SUPPORT parameter is not valid
363 #endif
364 
365 //ECDSA signature capability
366 #ifndef TLS_ECDSA_SIGN_SUPPORT
367  #define TLS_ECDSA_SIGN_SUPPORT ENABLED
368 #elif (TLS_ECDSA_SIGN_SUPPORT != ENABLED && TLS_ECDSA_SIGN_SUPPORT != DISABLED)
369  #error TLS_ECDSA_SIGN_SUPPORT parameter is not valid
370 #endif
371 
372 //SM2 signature capability (not recommended by the IETF)
373 #ifndef TLS_SM2_SIGN_SUPPORT
374  #define TLS_SM2_SIGN_SUPPORT DISABLED
375 #elif (TLS_SM2_SIGN_SUPPORT != ENABLED && TLS_SM2_SIGN_SUPPORT != DISABLED)
376  #error TLS_SM2_SIGN_SUPPORT parameter is not valid
377 #endif
378 
379 //Ed25519 signature capability
380 #ifndef TLS_ED25519_SIGN_SUPPORT
381  #define TLS_ED25519_SIGN_SUPPORT DISABLED
382 #elif (TLS_ED25519_SIGN_SUPPORT != ENABLED && TLS_ED25519_SIGN_SUPPORT != DISABLED)
383  #error TLS_ED25519_SIGN_SUPPORT parameter is not valid
384 #endif
385 
386 //Ed448 signature capability
387 #ifndef TLS_ED448_SIGN_SUPPORT
388  #define TLS_ED448_SIGN_SUPPORT DISABLED
389 #elif (TLS_ED448_SIGN_SUPPORT != ENABLED && TLS_ED448_SIGN_SUPPORT != DISABLED)
390  #error TLS_ED448_SIGN_SUPPORT parameter is not valid
391 #endif
392 
393 //NULL cipher support (insecure)
394 #ifndef TLS_NULL_CIPHER_SUPPORT
395  #define TLS_NULL_CIPHER_SUPPORT DISABLED
396 #elif (TLS_NULL_CIPHER_SUPPORT != ENABLED && TLS_NULL_CIPHER_SUPPORT != DISABLED)
397  #error TLS_NULL_CIPHER_SUPPORT parameter is not valid
398 #endif
399 
400 //Stream cipher support
401 #ifndef TLS_STREAM_CIPHER_SUPPORT
402  #define TLS_STREAM_CIPHER_SUPPORT DISABLED
403 #elif (TLS_STREAM_CIPHER_SUPPORT != ENABLED && TLS_STREAM_CIPHER_SUPPORT != DISABLED)
404  #error TLS_STREAM_CIPHER_SUPPORT parameter is not valid
405 #endif
406 
407 //CBC block cipher support
408 #ifndef TLS_CBC_CIPHER_SUPPORT
409  #define TLS_CBC_CIPHER_SUPPORT ENABLED
410 #elif (TLS_CBC_CIPHER_SUPPORT != ENABLED && TLS_CBC_CIPHER_SUPPORT != DISABLED)
411  #error TLS_CBC_CIPHER_SUPPORT parameter is not valid
412 #endif
413 
414 //CCM AEAD support
415 #ifndef TLS_CCM_CIPHER_SUPPORT
416  #define TLS_CCM_CIPHER_SUPPORT DISABLED
417 #elif (TLS_CCM_CIPHER_SUPPORT != ENABLED && TLS_CCM_CIPHER_SUPPORT != DISABLED)
418  #error TLS_CCM_CIPHER_SUPPORT parameter is not valid
419 #endif
420 
421 //CCM_8 AEAD support
422 #ifndef TLS_CCM_8_CIPHER_SUPPORT
423  #define TLS_CCM_8_CIPHER_SUPPORT DISABLED
424 #elif (TLS_CCM_8_CIPHER_SUPPORT != ENABLED && TLS_CCM_8_CIPHER_SUPPORT != DISABLED)
425  #error TLS_CCM_8_CIPHER_SUPPORT parameter is not valid
426 #endif
427 
428 //GCM AEAD support
429 #ifndef TLS_GCM_CIPHER_SUPPORT
430  #define TLS_GCM_CIPHER_SUPPORT ENABLED
431 #elif (TLS_GCM_CIPHER_SUPPORT != ENABLED && TLS_GCM_CIPHER_SUPPORT != DISABLED)
432  #error TLS_GCM_CIPHER_SUPPORT parameter is not valid
433 #endif
434 
435 //ChaCha20Poly1305 AEAD support
436 #ifndef TLS_CHACHA20_POLY1305_SUPPORT
437  #define TLS_CHACHA20_POLY1305_SUPPORT DISABLED
438 #elif (TLS_CHACHA20_POLY1305_SUPPORT != ENABLED && TLS_CHACHA20_POLY1305_SUPPORT != DISABLED)
439  #error TLS_CHACHA20_POLY1305_SUPPORT parameter is not valid
440 #endif
441 
442 //RC4 cipher support (insecure)
443 #ifndef TLS_RC4_SUPPORT
444  #define TLS_RC4_SUPPORT DISABLED
445 #elif (TLS_RC4_SUPPORT != ENABLED && TLS_RC4_SUPPORT != DISABLED)
446  #error TLS_RC4_SUPPORT parameter is not valid
447 #endif
448 
449 //IDEA cipher support (insecure)
450 #ifndef TLS_IDEA_SUPPORT
451  #define TLS_IDEA_SUPPORT DISABLED
452 #elif (TLS_IDEA_SUPPORT != ENABLED && TLS_IDEA_SUPPORT != DISABLED)
453  #error TLS_IDEA_SUPPORT parameter is not valid
454 #endif
455 
456 //DES cipher support (insecure)
457 #ifndef TLS_DES_SUPPORT
458  #define TLS_DES_SUPPORT DISABLED
459 #elif (TLS_DES_SUPPORT != ENABLED && TLS_DES_SUPPORT != DISABLED)
460  #error TLS_DES_SUPPORT parameter is not valid
461 #endif
462 
463 //Triple DES cipher support (weak)
464 #ifndef TLS_3DES_SUPPORT
465  #define TLS_3DES_SUPPORT DISABLED
466 #elif (TLS_3DES_SUPPORT != ENABLED && TLS_3DES_SUPPORT != DISABLED)
467  #error TLS_3DES_SUPPORT parameter is not valid
468 #endif
469 
470 //AES 128-bit cipher support
471 #ifndef TLS_AES_128_SUPPORT
472  #define TLS_AES_128_SUPPORT ENABLED
473 #elif (TLS_AES_128_SUPPORT != ENABLED && TLS_AES_128_SUPPORT != DISABLED)
474  #error TLS_AES_128_SUPPORT parameter is not valid
475 #endif
476 
477 //AES 256-bit cipher support
478 #ifndef TLS_AES_256_SUPPORT
479  #define TLS_AES_256_SUPPORT ENABLED
480 #elif (TLS_AES_256_SUPPORT != ENABLED && TLS_AES_256_SUPPORT != DISABLED)
481  #error TLS_AES_256_SUPPORT parameter is not valid
482 #endif
483 
484 //Camellia 128-bit cipher support
485 #ifndef TLS_CAMELLIA_128_SUPPORT
486  #define TLS_CAMELLIA_128_SUPPORT DISABLED
487 #elif (TLS_CAMELLIA_128_SUPPORT != ENABLED && TLS_CAMELLIA_128_SUPPORT != DISABLED)
488  #error TLS_CAMELLIA_128_SUPPORT parameter is not valid
489 #endif
490 
491 //Camellia 256-bit cipher support
492 #ifndef TLS_CAMELLIA_256_SUPPORT
493  #define TLS_CAMELLIA_256_SUPPORT DISABLED
494 #elif (TLS_CAMELLIA_256_SUPPORT != ENABLED && TLS_CAMELLIA_256_SUPPORT != DISABLED)
495  #error TLS_CAMELLIA_256_SUPPORT parameter is not valid
496 #endif
497 
498 //ARIA 128-bit cipher support
499 #ifndef TLS_ARIA_128_SUPPORT
500  #define TLS_ARIA_128_SUPPORT DISABLED
501 #elif (TLS_ARIA_128_SUPPORT != ENABLED && TLS_ARIA_128_SUPPORT != DISABLED)
502  #error TLS_ARIA_128_SUPPORT parameter is not valid
503 #endif
504 
505 //ARIA 256-bit cipher support
506 #ifndef TLS_ARIA_256_SUPPORT
507  #define TLS_ARIA_256_SUPPORT DISABLED
508 #elif (TLS_ARIA_256_SUPPORT != ENABLED && TLS_ARIA_256_SUPPORT != DISABLED)
509  #error TLS_ARIA_256_SUPPORT parameter is not valid
510 #endif
511 
512 //SEED cipher support
513 #ifndef TLS_SEED_SUPPORT
514  #define TLS_SEED_SUPPORT DISABLED
515 #elif (TLS_SEED_SUPPORT != ENABLED && TLS_SEED_SUPPORT != DISABLED)
516  #error TLS_SEED_SUPPORT parameter is not valid
517 #endif
518 
519 //SM4 cipher support (not recommended by the IETF)
520 #ifndef TLS_SM4_SUPPORT
521  #define TLS_SM4_SUPPORT DISABLED
522 #elif (TLS_SM4_SUPPORT != ENABLED && TLS_SM4_SUPPORT != DISABLED)
523  #error TLS_SM4_SUPPORT parameter is not valid
524 #endif
525 
526 //MD5 hash support (insecure)
527 #ifndef TLS_MD5_SUPPORT
528  #define TLS_MD5_SUPPORT DISABLED
529 #elif (TLS_MD5_SUPPORT != ENABLED && TLS_MD5_SUPPORT != DISABLED)
530  #error TLS_MD5_SUPPORT parameter is not valid
531 #endif
532 
533 //SHA-1 hash support (weak)
534 #ifndef TLS_SHA1_SUPPORT
535  #define TLS_SHA1_SUPPORT ENABLED
536 #elif (TLS_SHA1_SUPPORT != ENABLED && TLS_SHA1_SUPPORT != DISABLED)
537  #error TLS_SHA1_SUPPORT parameter is not valid
538 #endif
539 
540 //SHA-224 hash support (weak)
541 #ifndef TLS_SHA224_SUPPORT
542  #define TLS_SHA224_SUPPORT DISABLED
543 #elif (TLS_SHA224_SUPPORT != ENABLED && TLS_SHA224_SUPPORT != DISABLED)
544  #error TLS_SHA224_SUPPORT parameter is not valid
545 #endif
546 
547 //SHA-256 hash support
548 #ifndef TLS_SHA256_SUPPORT
549  #define TLS_SHA256_SUPPORT ENABLED
550 #elif (TLS_SHA256_SUPPORT != ENABLED && TLS_SHA256_SUPPORT != DISABLED)
551  #error TLS_SHA256_SUPPORT parameter is not valid
552 #endif
553 
554 //SHA-384 hash support
555 #ifndef TLS_SHA384_SUPPORT
556  #define TLS_SHA384_SUPPORT ENABLED
557 #elif (TLS_SHA384_SUPPORT != ENABLED && TLS_SHA384_SUPPORT != DISABLED)
558  #error TLS_SHA384_SUPPORT parameter is not valid
559 #endif
560 
561 //SHA-512 hash support
562 #ifndef TLS_SHA512_SUPPORT
563  #define TLS_SHA512_SUPPORT DISABLED
564 #elif (TLS_SHA512_SUPPORT != ENABLED && TLS_SHA512_SUPPORT != DISABLED)
565  #error TLS_SHA512_SUPPORT parameter is not valid
566 #endif
567 
568 //SM3 hash support (not recommended by the IETF)
569 #ifndef TLS_SM3_SUPPORT
570  #define TLS_SM3_SUPPORT DISABLED
571 #elif (TLS_SM3_SUPPORT != ENABLED && TLS_SM3_SUPPORT != DISABLED)
572  #error TLS_SM3_SUPPORT parameter is not valid
573 #endif
574 
575 //FFDHE key exchange mechanism
576 #ifndef TLS_FFDHE_SUPPORT
577  #define TLS_FFDHE_SUPPORT DISABLED
578 #elif (TLS_FFDHE_SUPPORT != ENABLED && TLS_FFDHE_SUPPORT != DISABLED)
579  #error TLS_FFDHE_SUPPORT parameter is not valid
580 #endif
581 
582 //ffdhe2048 group support
583 #ifndef TLS_FFDHE2048_SUPPORT
584  #define TLS_FFDHE2048_SUPPORT ENABLED
585 #elif (TLS_FFDHE2048_SUPPORT != ENABLED && TLS_FFDHE2048_SUPPORT != DISABLED)
586  #error TLS_FFDHE2048_SUPPORT parameter is not valid
587 #endif
588 
589 //ffdhe3072 group support
590 #ifndef TLS_FFDHE3072_SUPPORT
591  #define TLS_FFDHE3072_SUPPORT DISABLED
592 #elif (TLS_FFDHE3072_SUPPORT != ENABLED && TLS_FFDHE3072_SUPPORT != DISABLED)
593  #error TLS_FFDHE3072_SUPPORT parameter is not valid
594 #endif
595 
596 //ffdhe4096 group support
597 #ifndef TLS_FFDHE4096_SUPPORT
598  #define TLS_FFDHE4096_SUPPORT DISABLED
599 #elif (TLS_FFDHE4096_SUPPORT != ENABLED && TLS_FFDHE4096_SUPPORT != DISABLED)
600  #error TLS_FFDHE4096_SUPPORT parameter is not valid
601 #endif
602 
603 //secp160k1 elliptic curve support (weak)
604 #ifndef TLS_SECP160K1_SUPPORT
605  #define TLS_SECP160K1_SUPPORT DISABLED
606 #elif (TLS_SECP160K1_SUPPORT != ENABLED && TLS_SECP160K1_SUPPORT != DISABLED)
607  #error TLS_SECP160K1_SUPPORT parameter is not valid
608 #endif
609 
610 //secp160r1 elliptic curve support (weak)
611 #ifndef TLS_SECP160R1_SUPPORT
612  #define TLS_SECP160R1_SUPPORT DISABLED
613 #elif (TLS_SECP160R1_SUPPORT != ENABLED && TLS_SECP160R1_SUPPORT != DISABLED)
614  #error TLS_SECP160R1_SUPPORT parameter is not valid
615 #endif
616 
617 //secp160r2 elliptic curve support (weak)
618 #ifndef TLS_SECP160R2_SUPPORT
619  #define TLS_SECP160R2_SUPPORT DISABLED
620 #elif (TLS_SECP160R2_SUPPORT != ENABLED && TLS_SECP160R2_SUPPORT != DISABLED)
621  #error TLS_SECP160R2_SUPPORT parameter is not valid
622 #endif
623 
624 //secp192k1 elliptic curve support
625 #ifndef TLS_SECP192K1_SUPPORT
626  #define TLS_SECP192K1_SUPPORT DISABLED
627 #elif (TLS_SECP192K1_SUPPORT != ENABLED && TLS_SECP192K1_SUPPORT != DISABLED)
628  #error TLS_SECP192K1_SUPPORT parameter is not valid
629 #endif
630 
631 //secp192r1 elliptic curve support (NIST P-192)
632 #ifndef TLS_SECP192R1_SUPPORT
633  #define TLS_SECP192R1_SUPPORT DISABLED
634 #elif (TLS_SECP192R1_SUPPORT != ENABLED && TLS_SECP192R1_SUPPORT != DISABLED)
635  #error TLS_SECP192R1_SUPPORT parameter is not valid
636 #endif
637 
638 //secp224k1 elliptic curve support
639 #ifndef TLS_SECP224K1_SUPPORT
640  #define TLS_SECP224K1_SUPPORT DISABLED
641 #elif (TLS_SECP224K1_SUPPORT != ENABLED && TLS_SECP224K1_SUPPORT != DISABLED)
642  #error TLS_SECP224K1_SUPPORT parameter is not valid
643 #endif
644 
645 //secp224r1 elliptic curve support (NIST P-224)
646 #ifndef TLS_SECP224R1_SUPPORT
647  #define TLS_SECP224R1_SUPPORT DISABLED
648 #elif (TLS_SECP224R1_SUPPORT != ENABLED && TLS_SECP224R1_SUPPORT != DISABLED)
649  #error TLS_SECP224R1_SUPPORT parameter is not valid
650 #endif
651 
652 //secp256k1 elliptic curve support
653 #ifndef TLS_SECP256K1_SUPPORT
654  #define TLS_SECP256K1_SUPPORT DISABLED
655 #elif (TLS_SECP256K1_SUPPORT != ENABLED && TLS_SECP256K1_SUPPORT != DISABLED)
656  #error TLS_SECP256K1_SUPPORT parameter is not valid
657 #endif
658 
659 //secp256r1 elliptic curve support (NIST P-256)
660 #ifndef TLS_SECP256R1_SUPPORT
661  #define TLS_SECP256R1_SUPPORT ENABLED
662 #elif (TLS_SECP256R1_SUPPORT != ENABLED && TLS_SECP256R1_SUPPORT != DISABLED)
663  #error TLS_SECP256R1_SUPPORT parameter is not valid
664 #endif
665 
666 //secp384r1 elliptic curve support (NIST P-384)
667 #ifndef TLS_SECP384R1_SUPPORT
668  #define TLS_SECP384R1_SUPPORT ENABLED
669 #elif (TLS_SECP384R1_SUPPORT != ENABLED && TLS_SECP384R1_SUPPORT != DISABLED)
670  #error TLS_SECP384R1_SUPPORT parameter is not valid
671 #endif
672 
673 //secp521r1 elliptic curve support (NIST P-521)
674 #ifndef TLS_SECP521R1_SUPPORT
675  #define TLS_SECP521R1_SUPPORT DISABLED
676 #elif (TLS_SECP521R1_SUPPORT != ENABLED && TLS_SECP521R1_SUPPORT != DISABLED)
677  #error TLS_SECP521R1_SUPPORT parameter is not valid
678 #endif
679 
680 //brainpoolP256r1 elliptic curve support
681 #ifndef TLS_BRAINPOOLP256R1_SUPPORT
682  #define TLS_BRAINPOOLP256R1_SUPPORT DISABLED
683 #elif (TLS_BRAINPOOLP256R1_SUPPORT != ENABLED && TLS_BRAINPOOLP256R1_SUPPORT != DISABLED)
684  #error TLS_BRAINPOOLP256R1_SUPPORT parameter is not valid
685 #endif
686 
687 //brainpoolP384r1 elliptic curve support
688 #ifndef TLS_BRAINPOOLP384R1_SUPPORT
689  #define TLS_BRAINPOOLP384R1_SUPPORT DISABLED
690 #elif (TLS_BRAINPOOLP384R1_SUPPORT != ENABLED && TLS_BRAINPOOLP384R1_SUPPORT != DISABLED)
691  #error TLS_BRAINPOOLP384R1_SUPPORT parameter is not valid
692 #endif
693 
694 //brainpoolP512r1 elliptic curve support
695 #ifndef TLS_BRAINPOOLP512R1_SUPPORT
696  #define TLS_BRAINPOOLP512R1_SUPPORT DISABLED
697 #elif (TLS_BRAINPOOLP512R1_SUPPORT != ENABLED && TLS_BRAINPOOLP512R1_SUPPORT != DISABLED)
698  #error TLS_BRAINPOOLP512R1_SUPPORT parameter is not valid
699 #endif
700 
701 //SM2 elliptic curve support (not recommended by the IETF)
702 #ifndef TLS_SM2_SUPPORT
703  #define TLS_SM2_SUPPORT DISABLED
704 #elif (TLS_SM2_SUPPORT != ENABLED && TLS_SM2_SUPPORT != DISABLED)
705  #error TLS_SM2_SUPPORT parameter is not valid
706 #endif
707 
708 //Curve25519 elliptic curve support
709 #ifndef TLS_X25519_SUPPORT
710  #define TLS_X25519_SUPPORT DISABLED
711 #elif (TLS_X25519_SUPPORT != ENABLED && TLS_X25519_SUPPORT != DISABLED)
712  #error TLS_X25519_SUPPORT parameter is not valid
713 #endif
714 
715 //Curve448 elliptic curve support
716 #ifndef TLS_X448_SUPPORT
717  #define TLS_X448_SUPPORT DISABLED
718 #elif (TLS_X448_SUPPORT != ENABLED && TLS_X448_SUPPORT != DISABLED)
719  #error TLS_X448_SUPPORT parameter is not valid
720 #endif
721 
722 //Certificate key usage verification
723 #ifndef TLS_CERT_KEY_USAGE_SUPPORT
724  #define TLS_CERT_KEY_USAGE_SUPPORT ENABLED
725 #elif (TLS_CERT_KEY_USAGE_SUPPORT != ENABLED && TLS_CERT_KEY_USAGE_SUPPORT != DISABLED)
726  #error TLS_CERT_KEY_USAGE_SUPPORT parameter is not valid
727 #endif
728 
729 //Key logging (for debugging purpose only)
730 #ifndef TLS_KEY_LOG_SUPPORT
731  #define TLS_KEY_LOG_SUPPORT DISABLED
732 #elif (TLS_KEY_LOG_SUPPORT != ENABLED && TLS_KEY_LOG_SUPPORT != DISABLED)
733  #error TLS_KEY_LOG_SUPPORT parameter is not valid
734 #endif
735 
736 //Maximum length of server name
737 #ifndef TLS_MAX_SERVER_NAME_LEN
738  #define TLS_MAX_SERVER_NAME_LEN 255
739 #elif (TLS_MAX_SERVER_NAME_LEN < 1)
740  #error TLS_MAX_SERVER_NAME_LEN parameter is not valid
741 #endif
742 
743 //Maximum length of password
744 #ifndef TLS_MAX_PASSWORD_LEN
745  #define TLS_MAX_PASSWORD_LEN 32
746 #elif (TLS_MAX_PASSWORD_LEN < 0)
747  #error TLS_MAX_PASSWORD_LEN parameter is not valid
748 #endif
749 
750 //Minimum acceptable size for Diffie-Hellman prime modulus
751 #ifndef TLS_MIN_DH_MODULUS_SIZE
752  #define TLS_MIN_DH_MODULUS_SIZE 1024
753 #elif (TLS_MIN_DH_MODULUS_SIZE < 512)
754  #error TLS_MIN_DH_MODULUS_SIZE parameter is not valid
755 #endif
756 
757 //Maximum acceptable size for Diffie-Hellman prime modulus
758 #ifndef TLS_MAX_DH_MODULUS_SIZE
759  #define TLS_MAX_DH_MODULUS_SIZE 2048
760 #elif (TLS_MAX_DH_MODULUS_SIZE < TLS_MIN_DH_MODULUS_SIZE)
761  #error TLS_MAX_DH_MODULUS_SIZE parameter is not valid
762 #endif
763 
764 //Minimum acceptable size for RSA modulus
765 #ifndef TLS_MIN_RSA_MODULUS_SIZE
766  #define TLS_MIN_RSA_MODULUS_SIZE 1024
767 #elif (TLS_MIN_RSA_MODULUS_SIZE < 512)
768  #error TLS_MIN_RSA_MODULUS_SIZE parameter is not valid
769 #endif
770 
771 //Maximum acceptable size for RSA modulus
772 #ifndef TLS_MAX_RSA_MODULUS_SIZE
773  #define TLS_MAX_RSA_MODULUS_SIZE 4096
774 #elif (TLS_MAX_RSA_MODULUS_SIZE < TLS_MIN_RSA_MODULUS_SIZE)
775  #error TLS_MAX_RSA_MODULUS_SIZE parameter is not valid
776 #endif
777 
778 //Minimum acceptable size for DSA prime modulus
779 #ifndef TLS_MIN_DSA_MODULUS_SIZE
780  #define TLS_MIN_DSA_MODULUS_SIZE 1024
781 #elif (TLS_MIN_DSA_MODULUS_SIZE < 512)
782  #error TLS_MIN_DSA_MODULUS_SIZE parameter is not valid
783 #endif
784 
785 //Maximum acceptable size for DSA prime modulus
786 #ifndef TLS_MAX_DSA_MODULUS_SIZE
787  #define TLS_MAX_DSA_MODULUS_SIZE 4096
788 #elif (TLS_MAX_DSA_MODULUS_SIZE < TLS_MIN_DSA_MODULUS_SIZE)
789  #error TLS_MAX_DSA_MODULUS_SIZE parameter is not valid
790 #endif
791 
792 //Master secret size
793 #ifndef TLS_MASTER_SECRET_SIZE
794  #define TLS_MASTER_SECRET_SIZE 48
795 #elif (TLS_MASTER_SECRET_SIZE < 48)
796  #error TLS_MASTER_SECRET_SIZE parameter is not valid
797 #endif
798 
799 //Maximum size for premaster secret
800 #ifndef TLS_PREMASTER_SECRET_SIZE
801  #define TLS_PREMASTER_SECRET_SIZE (TLS_MAX_DH_MODULUS_SIZE / 8)
802 #elif (TLS_PREMASTER_SECRET_SIZE < 48)
803  #error TLS_PREMASTER_SECRET_SIZE parameter is not valid
804 #endif
805 
806 //Maximum number of consecutive warning alerts
807 #ifndef TLS_MAX_WARNING_ALERTS
808  #define TLS_MAX_WARNING_ALERTS 5
809 #elif (TLS_MAX_WARNING_ALERTS < 0)
810  #error TLS_MAX_WARNING_ALERTS parameter is not valid
811 #endif
812 
813 //Maximum number of consecutive empty records
814 #ifndef TLS_MAX_EMPTY_RECORDS
815  #define TLS_MAX_EMPTY_RECORDS 10
816 #elif (TLS_MAX_EMPTY_RECORDS < 0)
817  #error TLS_MAX_EMPTY_RECORDS parameter is not valid
818 #endif
819 
820 //Maximum number of consecutive ChangeCipherSpec messages
821 #ifndef TLS_MAX_CHANGE_CIPHER_SPEC_MESSAGES
822  #define TLS_MAX_CHANGE_CIPHER_SPEC_MESSAGES 5
823 #elif (TLS_MAX_CHANGE_CIPHER_SPEC_MESSAGES < 0)
824  #error TLS_MAX_CHANGE_CIPHER_SPEC_MESSAGES parameter is not valid
825 #endif
826 
827 //Maximum number of consecutive KeyUpdate messages
828 #ifndef TLS_MAX_KEY_UPDATE_MESSAGES
829  #define TLS_MAX_KEY_UPDATE_MESSAGES 5
830 #elif (TLS_MAX_KEY_UPDATE_MESSAGES < 0)
831  #error TLS_MAX_KEY_UPDATE_MESSAGES parameter is not valid
832 #endif
833 
834 //Application specific context (TLS context)
835 #ifndef TLS_PRIVATE_CONTEXT
836  #define TLS_PRIVATE_CONTEXT
837 #endif
838 
839 //Application specific context (encryption engine)
840 #ifndef TLS_PRIVATE_ENCRYPTION_ENGINE
841  #define TLS_PRIVATE_ENCRYPTION_ENGINE
842 #endif
843 
844 //Allocate memory block
845 #ifndef tlsAllocMem
846  #define tlsAllocMem(size) osAllocMem(size)
847 #endif
848 
849 //Deallocate memory block
850 #ifndef tlsFreeMem
851  #define tlsFreeMem(p) osFreeMem(p)
852 #endif
853 
854 //Support for Diffie-Hellman?
855 #if ((TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2) && \
856  (TLS_DH_ANON_KE_SUPPORT == ENABLED || TLS_DHE_RSA_KE_SUPPORT == ENABLED || \
857  TLS_DHE_DSS_KE_SUPPORT == ENABLED || TLS_DHE_PSK_KE_SUPPORT == ENABLED))
858  #define TLS_DH_SUPPORT ENABLED
859 #elif ((TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3) && \
860  (TLS13_DHE_KE_SUPPORT == ENABLED || TLS13_PSK_DHE_KE_SUPPORT == ENABLED))
861  #define TLS_DH_SUPPORT ENABLED
862 #else
863  #define TLS_DH_SUPPORT DISABLED
864 #endif
865 
866 //Support for ECDH?
867 #if ((TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2) && \
868  (TLS_ECDH_ANON_KE_SUPPORT == ENABLED || TLS_ECDHE_RSA_KE_SUPPORT == ENABLED || \
869  TLS_ECDHE_ECDSA_KE_SUPPORT == ENABLED || TLS_ECDHE_PSK_KE_SUPPORT == ENABLED))
870  #define TLS_ECDH_SUPPORT ENABLED
871 #elif ((TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3) && \
872  (TLS13_ECDHE_KE_SUPPORT == ENABLED || TLS13_PSK_ECDHE_KE_SUPPORT == ENABLED))
873  #define TLS_ECDH_SUPPORT ENABLED
874 #else
875  #define TLS_ECDH_SUPPORT DISABLED
876 #endif
877 
878 //Support for RSA?
879 #if ((TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2) && \
880  (TLS_RSA_SIGN_SUPPORT == ENABLED || TLS_RSA_PSS_SIGN_SUPPORT == ENABLED || \
881  TLS_RSA_KE_SUPPORT == ENABLED || TLS_DHE_RSA_KE_SUPPORT == ENABLED || \
882  TLS_ECDHE_RSA_KE_SUPPORT == ENABLED || TLS_RSA_PSK_KE_SUPPORT == ENABLED))
883  #define TLS_RSA_SUPPORT ENABLED
884 #elif ((TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3) && \
885  (TLS_RSA_SIGN_SUPPORT == ENABLED || TLS_RSA_PSS_SIGN_SUPPORT == ENABLED))
886  #define TLS_RSA_SUPPORT ENABLED
887 #else
888  #define TLS_RSA_SUPPORT DISABLED
889 #endif
890 
891 //Support for PSK?
892 #if ((TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2) && \
893  (TLS_PSK_KE_SUPPORT == ENABLED || TLS_RSA_PSK_KE_SUPPORT == ENABLED || \
894  TLS_DHE_PSK_KE_SUPPORT == ENABLED || TLS_ECDHE_PSK_KE_SUPPORT == ENABLED))
895  #define TLS_PSK_SUPPORT ENABLED
896 #elif ((TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3) && \
897  (TLS13_PSK_KE_SUPPORT == ENABLED || TLS13_PSK_DHE_KE_SUPPORT == ENABLED || \
898  TLS13_PSK_ECDHE_KE_SUPPORT == ENABLED))
899  #define TLS_PSK_SUPPORT ENABLED
900 #else
901  #define TLS_PSK_SUPPORT DISABLED
902 #endif
903 
904 //Maximum size for HKDF digests
905 #if (TLS_SHA384_SUPPORT == ENABLED)
906  #define TLS_MAX_HKDF_DIGEST_SIZE 48
907 #else
908  #define TLS_MAX_HKDF_DIGEST_SIZE 32
909 #endif
910 
911 //Bind TLS to a particular socket
912 #define tlsSetSocket(context, socket) tlsSetSocketCallbacks(context, \
913  (TlsSocketSendCallback) socketSend, (TlsSocketReceiveCallback) socketReceive, \
914  (TlsSocketHandle) socket)
915 
916 //Minimum plaintext record length
917 #define TLS_MIN_RECORD_LENGTH 512
918 //Maximum plaintext record length
919 #define TLS_MAX_RECORD_LENGTH 16384
920 //Data overhead caused by record encryption
921 #define TLS_MAX_RECORD_OVERHEAD 512
922 //Size of client and server random values
923 #define TLS_RANDOM_SIZE 32
924 
925 //TLS signature scheme definition
926 #define TLS_SIGN_SCHEME(signAlgo, hashAlgo) \
927  ((TlsSignatureScheme) (((hashAlgo) << 8) | (signAlgo)))
928 
929 //C++ guard
930 #ifdef __cplusplus
931 extern "C" {
932 #endif
933 
934 
935 /**
936  * @brief TLS transport protocols
937  **/
938 
939 typedef enum
940 {
945 
946 
947 /**
948  * @brief TLS connection end
949  **/
950 
951 typedef enum
952 {
956 
957 
958 /**
959  * @brief Client authentication mode
960  **/
961 
962 typedef enum
963 {
968 
969 
970 /**
971  * @brief Early data status
972  **/
973 
974 typedef enum
975 {
979 
980 
981 /**
982  * @brief Flags used by read and write functions
983  **/
984 
985 typedef enum
986 {
987  TLS_FLAG_PEEK = 0x0200,
993  TLS_FLAG_DELAY = 0x8000
995 
996 
997 //The TLS_FLAG_BREAK macro causes the read function to stop reading
998 //data whenever the specified break character is encountered
999 #define TLS_FLAG_BREAK(c) (TLS_FLAG_BREAK_CHAR | LSB(c))
1000 
1001 
1002 /**
1003  * @brief Content type
1004  **/
1005 
1006 typedef enum
1007 {
1015  TLS_TYPE_ACK = 26
1017 
1018 
1019 /**
1020  * @brief Handshake message type
1021  **/
1022 
1023 typedef enum
1024 {
1048  TLS_TYPE_MESSAGE_HASH = 254
1050 
1051 
1052 /**
1053  * @brief Alert level
1054  **/
1055 
1056 typedef enum
1057 {
1060 } TlsAlertLevel;
1061 
1062 
1063 /**
1064  * @brief Alert description
1065  **/
1066 
1067 typedef enum
1068 {
1105 
1106 
1107 /**
1108  * @brief Compression methods
1109  **/
1110 
1111 typedef enum
1112 {
1116 
1117 
1118 /**
1119  * @brief Key exchange methods
1120  **/
1121 
1122 typedef enum
1123 {
1149 
1150 
1151 /**
1152  * @brief Certificate formats
1153  **/
1154 
1155 typedef enum
1156 {
1162 
1163 
1164 /**
1165  * @brief Certificate types
1166  **/
1167 
1168 typedef enum
1169 {
1183  TLS_CERT_RSA_PSS_SIGN = 256, //For internal use only
1184  TLS_CERT_SM2_SIGN = 257, //For internal use only
1185  TLS_CERT_ED25519_SIGN = 258, //For internal use only
1186  TLS_CERT_ED448_SIGN = 259 //For internal use only
1188 
1189 
1190 /**
1191  * @brief Hash algorithms
1192  **/
1193 
1194 typedef enum
1195 {
1204  TLS_HASH_ALGO_SM3 = 256 //For internal use only
1206 
1207 
1208 /**
1209  * @brief Signature algorithms
1210  **/
1211 
1212 typedef enum
1213 {
1223 
1224 
1225 /**
1226  * @brief Signature schemes
1227  **/
1228 
1229 typedef enum
1230 {
1260 
1261 
1262 /**
1263  * @brief TLS extension types
1264  **/
1265 
1266 typedef enum
1267 {
1322 
1323 
1324 /**
1325  * @brief Name type
1326  **/
1327 
1328 typedef enum
1329 {
1332 
1333 
1334 /**
1335  * @brief Maximum fragment length
1336  **/
1337 
1338 typedef enum
1339 {
1345 
1346 
1347 /**
1348  * @brief Named groups
1349  **/
1350 
1351 typedef enum
1352 {
1354  TLS_GROUP_SECT163K1 = 1, //RFC 4492
1355  TLS_GROUP_SECT163R1 = 2, //RFC 4492
1356  TLS_GROUP_SECT163R2 = 3, //RFC 4492
1357  TLS_GROUP_SECT193R1 = 4, //RFC 4492
1358  TLS_GROUP_SECT193R2 = 5, //RFC 4492
1359  TLS_GROUP_SECT233K1 = 6, //RFC 4492
1360  TLS_GROUP_SECT233R1 = 7, //RFC 4492
1361  TLS_GROUP_SECT239K1 = 8, //RFC 4492
1362  TLS_GROUP_SECT283K1 = 9, //RFC 4492
1363  TLS_GROUP_SECT283R1 = 10, //RFC 4492
1364  TLS_GROUP_SECT409K1 = 11, //RFC 4492
1365  TLS_GROUP_SECT409R1 = 12, //RFC 4492
1366  TLS_GROUP_SECT571K1 = 13, //RFC 4492
1367  TLS_GROUP_SECT571R1 = 14, //RFC 4492
1368  TLS_GROUP_SECP160K1 = 15, //RFC 4492
1369  TLS_GROUP_SECP160R1 = 16, //RFC 4492
1370  TLS_GROUP_SECP160R2 = 17, //RFC 4492
1371  TLS_GROUP_SECP192K1 = 18, //RFC 4492
1372  TLS_GROUP_SECP192R1 = 19, //RFC 4492
1373  TLS_GROUP_SECP224K1 = 20, //RFC 4492
1374  TLS_GROUP_SECP224R1 = 21, //RFC 4492
1375  TLS_GROUP_SECP256K1 = 22, //RFC 4492
1376  TLS_GROUP_SECP256R1 = 23, //RFC 4492
1377  TLS_GROUP_SECP384R1 = 24, //RFC 4492
1378  TLS_GROUP_SECP521R1 = 25, //RFC 4492
1379  TLS_GROUP_BRAINPOOLP256R1 = 26, //RFC 7027
1380  TLS_GROUP_BRAINPOOLP384R1 = 27, //RFC 7027
1381  TLS_GROUP_BRAINPOOLP512R1 = 28, //RFC 7027
1382  TLS_GROUP_ECDH_X25519 = 29, //RFC 8422
1383  TLS_GROUP_ECDH_X448 = 30, //RFC 8422
1387  TLS_GROUP_GC256A = 34, //RFC 9189
1388  TLS_GROUP_GC256B = 35, //RFC 9189
1389  TLS_GROUP_GC256C = 36, //RFC 9189
1390  TLS_GROUP_GC256D = 37, //RFC 9189
1391  TLS_GROUP_GC512A = 38, //RFC 9189
1392  TLS_GROUP_GC512B = 39, //RFC 9189
1393  TLS_GROUP_GC512C = 40, //RFC 9189
1394  TLS_GROUP_SM2 = 41, //RFC 8998
1395  TLS_GROUP_FFDHE2048 = 256, //RFC 7919
1396  TLS_GROUP_FFDHE3072 = 257, //RFC 7919
1397  TLS_GROUP_FFDHE4096 = 258, //RFC 7919
1398  TLS_GROUP_FFDHE6144 = 259, //RFC 7919
1399  TLS_GROUP_FFDHE8192 = 260, //RFC 7919
1400  TLS_GROUP_FFDHE_MAX = 511, //RFC 7919
1401  TLS_GROUP_X25519_KYBER768_DRAFT00 = 25497, //Experimental
1404  TLS_GROUP_EXPLICIT_CHAR2_CURVE = 65282 //RFC 4492
1406 
1407 
1408 /**
1409  * @brief EC point formats
1410  **/
1411 
1412 typedef enum
1413 {
1418 
1419 
1420 /**
1421  * @brief EC curve types
1422  **/
1423 
1424 typedef enum
1425 {
1430 
1431 
1432 /**
1433  * @brief TLS FSM states
1434  **/
1435 
1436 typedef enum
1437 {
1470  TLS_STATE_CLOSED = 32
1472 
1473 
1474 //CC-RX, CodeWarrior or Win32 compiler?
1475 #if defined(__CCRX__)
1476  #pragma pack
1477 #elif defined(__CWCC__) || defined(_WIN32)
1478  #pragma pack(push, 1)
1479 #endif
1480 
1481 
1482 /**
1483  * @brief Sequence number
1484  **/
1485 
1487 {
1488  uint8_t b[8];
1490 
1491 
1492 /**
1493  * @brief Cipher suites
1494  **/
1495 
1496 typedef __packed_struct
1497 {
1498  uint16_t length; //0-1
1499  uint16_t value[]; //2
1501 
1502 
1503 /**
1504  * @brief Compression methods
1505  **/
1506 
1507 typedef __packed_struct
1508 {
1509  uint8_t length; //0
1510  uint8_t value[]; //1
1512 
1513 
1514 /**
1515  * @brief List of signature schemes
1516  **/
1517 
1518 typedef __packed_struct
1519 {
1520  uint16_t length; //0-1
1521  uint16_t value[]; //2
1523 
1524 
1525 /**
1526  * @brief List of certificates
1527  **/
1528 
1529 typedef __packed_struct
1530 {
1531  uint8_t length[3]; //0-2
1532  uint8_t value[]; //3
1534 
1535 
1536 /**
1537  * @brief List of certificate authorities
1538  **/
1539 
1540 typedef __packed_struct
1541 {
1542  uint16_t length; //0-1
1543  uint8_t value[]; //2
1545 
1546 
1547 /**
1548  * @brief TLS extension
1549  **/
1550 
1551 typedef __packed_struct
1552 {
1553  uint16_t type; //0-1
1554  uint16_t length; //2-3
1555  uint8_t value[]; //4
1557 
1558 
1559 /**
1560  * @brief List of TLS extensions
1561  **/
1562 
1563 typedef __packed_struct
1564 {
1565  uint16_t length; //0-1
1566  uint8_t value[]; //2
1568 
1569 
1570 /**
1571  * @brief List of supported versions
1572  **/
1573 
1574 typedef __packed_struct
1575 {
1576  uint8_t length; //0
1577  uint16_t value[]; //1
1579 
1580 
1581 /**
1582  * @brief Server name
1583  **/
1584 
1585 typedef __packed_struct
1586 {
1587  uint8_t type; //0
1588  uint16_t length; //1-2
1591 
1592 
1593 /**
1594  * @brief List of server names
1595  **/
1596 
1597 typedef __packed_struct
1598 {
1599  uint16_t length; //0-1
1600  uint8_t value[]; //2
1602 
1603 
1604 /**
1605  * @brief Protocol name
1606  **/
1607 
1608 typedef __packed_struct
1609 {
1610  uint8_t length; //0
1611  char_t value[]; //1
1613 
1614 
1615 /**
1616  * @brief List of protocol names
1617  **/
1618 
1619 typedef __packed_struct
1620 {
1621  uint16_t length; //0-1
1622  uint8_t value[]; //2
1624 
1625 
1626 /**
1627  * @brief List of supported groups
1628  **/
1629 
1630 typedef __packed_struct
1631 {
1632  uint16_t length; //0-1
1633  uint16_t value[]; //2
1635 
1636 
1637 /**
1638  * @brief List of supported EC point formats
1639  **/
1640 
1641 typedef __packed_struct
1642 {
1643  uint8_t length; //0
1644  uint8_t value[]; //1
1646 
1647 
1648 /**
1649  * @brief List of supported certificate types
1650  **/
1651 
1652 typedef __packed_struct
1653 {
1654  uint8_t length; //0
1655  uint8_t value[]; //1
1657 
1658 
1659 /**
1660  * @brief Renegotiated connection
1661  **/
1662 
1663 typedef __packed_struct
1664 {
1665  uint8_t length; //0
1666  uint8_t value[]; //1
1668 
1669 
1670 /**
1671  * @brief PSK identity
1672  **/
1673 
1674 typedef __packed_struct
1675 {
1676  uint16_t length; //0-1
1677  uint8_t value[]; //2
1679 
1680 
1681 /**
1682  * @brief PSK identity hint
1683  **/
1684 
1685 typedef __packed_struct
1686 {
1687  uint16_t length; //0-1
1688  uint8_t value[]; //2
1690 
1691 
1692 /**
1693  * @brief Digitally-signed element (TLS 1.0 and TLS 1.1)
1694  **/
1695 
1696 typedef __packed_struct
1697 {
1698  uint16_t length; //0-1
1699  uint8_t value[]; //2
1701 
1702 
1703 /**
1704  * @brief Digitally-signed element (TLS 1.2)
1705  **/
1706 
1707 typedef __packed_struct
1708 {
1709  uint16_t algorithm; //0-1
1710  uint16_t length; //2-3
1711  uint8_t value[]; //4
1713 
1714 
1715 /**
1716  * @brief TLS record
1717  **/
1718 
1719 typedef __packed_struct
1720 {
1721  uint8_t type; //0
1722  uint16_t version; //1-2
1723  uint16_t length; //3-4
1724  uint8_t data[]; //5
1726 
1727 
1728 /**
1729  * @brief TLS handshake message
1730  **/
1731 
1732 typedef __packed_struct
1733 {
1734  uint8_t msgType; //0
1735  uint8_t length[3]; //1-3
1736  uint8_t data[]; //4
1738 
1739 
1740 /**
1741  * @brief HelloRequest message
1742  **/
1743 
1744 typedef void TlsHelloRequest;
1745 
1746 
1747 /**
1748  * @brief ClientHello message
1749  **/
1750 
1751 typedef __packed_struct
1752 {
1753  uint16_t clientVersion; //0-1
1754  uint8_t random[32]; //2-33
1755  uint8_t sessionIdLen; //34
1756  uint8_t sessionId[]; //35
1758 
1759 
1760 /**
1761  * @brief ServerHello message
1762  **/
1763 
1764 typedef __packed_struct
1765 {
1766  uint16_t serverVersion; //0-1
1767  uint8_t random[32]; //2-33
1768  uint8_t sessionIdLen; //34
1769  uint8_t sessionId[]; //35
1771 
1772 
1773 /**
1774  * @brief Certificate message
1775  **/
1776 
1777 typedef void TlsCertificate;
1778 
1779 
1780 /**
1781  * @brief ServerKeyExchange message
1782  **/
1783 
1785 
1786 
1787 /**
1788  * @brief CertificateRequest message
1789  **/
1790 
1791 typedef __packed_struct
1792 {
1793  uint8_t certificateTypesLen; //0
1794  uint8_t certificateTypes[]; //1
1796 
1797 
1798 /**
1799  * @brief ServerHelloDone message
1800  **/
1801 
1802 typedef void TlsServerHelloDone;
1803 
1804 
1805 /**
1806  * @brief ClientKeyExchange message
1807  **/
1808 
1810 
1811 
1812 /**
1813  * @brief CertificateVerify message
1814  **/
1815 
1817 
1818 
1819 /**
1820  * @brief NewSessionTicket message
1821  **/
1822 
1823 typedef __packed_struct
1824 {
1825  uint32_t ticketLifetimeHint; //0-3
1826  uint16_t ticketLen; //4-5
1827  uint8_t ticket[]; //6
1829 
1830 
1831 /**
1832  * @brief Finished message
1833  **/
1834 
1835 typedef void TlsFinished;
1836 
1837 
1838 /**
1839  * @brief ChangeCipherSpec message
1840  **/
1841 
1842 typedef __packed_struct
1843 {
1844  uint8_t type; //0
1846 
1847 
1848 /**
1849  * @brief Alert message
1850  **/
1851 
1852 typedef __packed_struct
1853 {
1854  uint8_t level; //0
1855  uint8_t description; //1
1857 
1858 
1859 /**
1860  * @brief Session state information
1861  **/
1862 
1863 typedef __packed_struct
1864 {
1865  uint16_t version; ///<Protocol version
1866  uint16_t cipherSuite; ///<Cipher suite identifier
1867  uint8_t secret[TLS_MASTER_SECRET_SIZE]; ///<Master secret
1868  systime_t ticketTimestamp; ///<Timestamp to manage ticket lifetime
1869  uint32_t ticketLifetime; ///<Lifetime of the ticket
1870 #if (TLS_EXT_MASTER_SECRET_SUPPORT == ENABLED)
1871  bool_t extendedMasterSecret; ///<Extended master secret computation
1872 #endif
1874 
1875 
1876 //CC-RX, CodeWarrior or Win32 compiler?
1877 #if defined(__CCRX__)
1878  #pragma unpack
1879 #elif defined(__CWCC__) || defined(_WIN32)
1880  #pragma pack(pop)
1881 #endif
1882 
1883 
1884 /**
1885  * @brief Socket handle
1886  **/
1887 
1888 typedef void *TlsSocketHandle;
1889 
1890 
1891 /**
1892  * @brief TLS state change callback
1893  **/
1894 
1895 typedef void (*TlsStateChangeCallback)(TlsContext *context, TlsState state);
1896 
1897 
1898 /**
1899  * @brief Socket send callback function
1900  **/
1901 
1903  const void *data, size_t length, size_t *written, uint_t flags);
1904 
1905 
1906 /**
1907  * @brief Socket receive callback function
1908  **/
1909 
1911  void *data, size_t size, size_t *received, uint_t flags);
1912 
1913 
1914 /**
1915  * @brief ALPN callback function
1916  **/
1917 
1918 typedef error_t (*TlsAlpnCallback)(TlsContext *context,
1919  const char_t *selectedProtocol);
1920 
1921 
1922 /**
1923  * @brief Pre-shared key callback function
1924  **/
1925 
1926 typedef error_t (*TlsPskCallback)(TlsContext *context,
1927  const uint8_t *pskIdentity, size_t pskIdentityLen);
1928 
1929 
1930 /**
1931  * @brief Certificate verification callback function
1932  **/
1933 
1935  const X509CertInfo *certInfo, uint_t pathLen, void *param);
1936 
1937 
1938 /**
1939  * @brief Raw public key verification callback function
1940  **/
1941 
1943  const uint8_t *rawPublicKey, size_t rawPublicKeyLen);
1944 
1945 
1946 /**
1947  * @brief Ticket encryption callback function
1948  **/
1949 
1951  const uint8_t *plaintext, size_t plaintextLen, uint8_t *ciphertext,
1952  size_t *ciphertextLen, void *param);
1953 
1954 
1955 /**
1956  * @brief Ticket decryption callback function
1957  **/
1958 
1960  const uint8_t *ciphertext, size_t ciphertextLen, uint8_t *plaintext,
1961  size_t *plaintextLen, void *param);
1962 
1963 
1964 /**
1965  * @brief ECDH key agreement callback function
1966  **/
1967 
1968 typedef error_t (*TlsEcdhCallback)(TlsContext *context);
1969 
1970 
1971 /**
1972  * @brief ECDSA signature generation callback function
1973  **/
1974 
1976  const uint8_t *digest, size_t digestLen, EcdsaSignature *signature);
1977 
1978 
1979 /**
1980  * @brief ECDSA signature verification callback function
1981  **/
1982 
1984  const uint8_t *digest, size_t digestLen, EcdsaSignature *signature);
1985 
1986 
1987 /**
1988  * @brief Key logging callback function (for debugging purpose only)
1989  **/
1990 
1991 typedef void (*TlsKeyLogCallback)(TlsContext *context, const char_t *key);
1992 
1993 
1994 /**
1995  * @brief Structure describing a cipher suite
1996  **/
1997 
1998 typedef struct
1999 {
2000  uint16_t identifier;
2001  const char_t *name;
2007  uint8_t macKeyLen;
2008  uint8_t encKeyLen;
2009  uint8_t fixedIvLen;
2010  uint8_t recordIvLen;
2011  uint8_t authTagLen;
2012  uint8_t verifyDataLen;
2014 
2015 
2016 /**
2017  * @brief TLS session state
2018  **/
2019 
2020 typedef struct
2021 {
2022  uint16_t version; ///<TLS protocol version
2023  uint16_t cipherSuite; ///<Cipher suite identifier
2024  systime_t timestamp; ///<Time stamp to manage entry lifetime
2025  uint8_t secret[TLS_MASTER_SECRET_SIZE]; ///<Master secret (TLS 1.2) or ticket PSK (TLS 1.3)
2026 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2)
2027  uint8_t sessionId[32]; ///<Session identifier
2028  size_t sessionIdLen; ///<Length of the session identifier
2029  bool_t extendedMasterSecret; ///<Extended master secret computation
2030 #endif
2031  uint8_t *ticket; ///<Session ticket
2032  size_t ticketLen; ///<Length of the session ticket
2033 #if (TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
2034  systime_t ticketTimestamp; ///<Timestamp to manage ticket lifetime
2035  uint32_t ticketLifetime; ///<Lifetime of the ticket
2036  uint32_t ticketAgeAdd; ///<Random value used to obscure the age of the ticket
2037  TlsHashAlgo ticketHashAlgo; ///<Hash algorithm associated with the ticket
2038  char_t *ticketAlpn; ///<ALPN protocol associated with the ticket
2039  uint32_t maxEarlyDataSize; ///<Maximum amount of 0-RTT data that the client is allowed to send
2040 #endif
2041 #if (TLS_SNI_SUPPORT == ENABLED)
2042  char_t *serverName; ///<ServerName extension
2043 #endif
2044 } TlsSessionState;
2045 
2046 
2047 /**
2048  * @brief Session cache
2049  **/
2050 
2051 typedef struct
2052 {
2053  OsMutex mutex; ///<Mutex preventing simultaneous access to the cache
2054  uint_t size; ///<Maximum number of entries
2055  TlsSessionState sessions[]; ///<Cache entries
2056 } TlsCache;
2057 
2058 
2059 /**
2060  * @brief Certificate descriptor
2061  **/
2062 
2063 typedef struct
2064 {
2065  const char_t *certChain; ///<End entity certificate chain (PEM format)
2066  size_t certChainLen; ///<Length of the certificate chain
2067  const char_t *privateKey; ///<Private key (PEM format)
2068  size_t privateKeyLen; ///<Length of the private key
2069  char_t password[TLS_MAX_PASSWORD_LEN + 1]; ///<Password used to decrypt the private key
2070  TlsCertificateType type; ///<End entity certificate type
2071  TlsSignatureScheme signScheme; ///<Signature scheme used to sign the end entity certificate
2072  TlsNamedGroup namedCurve; ///<Named curve used to generate the EC public key
2073 } TlsCertDesc;
2074 
2075 
2076 /**
2077  * @brief Hello extensions
2078  **/
2079 
2080 typedef struct
2081 {
2082  const TlsSupportedVersionList *supportedVersionList; ///<SupportedVersions extension (ClientHello)
2083  const TlsExtension *selectedVersion; ///<SupportedVersions extension (ServerHello)
2084  const TlsServerNameList *serverNameList; ///<ServerName extension
2085  const TlsSupportedGroupList *supportedGroupList; ///<SupportedGroups extension
2086  const TlsEcPointFormatList *ecPointFormatList; ///<EcPointFormats extension
2087  const TlsSignSchemeList *signAlgoList; ///<SignatureAlgorithms extension
2088  const TlsSignSchemeList *certSignAlgoList; ///<SignatureAlgorithmsCert extension
2089 #if (TLS_MAX_FRAG_LEN_SUPPORT == ENABLED)
2090  const TlsExtension *maxFragLen; ///<MaxFragmentLength extension
2091 #endif
2092 #if (TLS_RECORD_SIZE_LIMIT_SUPPORT == ENABLED)
2093  const TlsExtension *recordSizeLimit; ///<RecordSizeLimit extension
2094 #endif
2095 #if (TLS_ALPN_SUPPORT == ENABLED)
2096  const TlsProtocolNameList *protocolNameList; ///<ALPN extension
2097 #endif
2098 #if (TLS_RAW_PUBLIC_KEY_SUPPORT == ENABLED)
2099  const TlsCertTypeList *clientCertTypeList; ///<ClientCertType extension
2101  const TlsCertTypeList *serverCertTypeList; ///<ServerCertType extension
2103 #endif
2104 #if (TLS_ENCRYPT_THEN_MAC_SUPPORT == ENABLED)
2105  const TlsExtension *encryptThenMac; ///<EncryptThenMac extension
2106 #endif
2107 #if (TLS_EXT_MASTER_SECRET_SUPPORT == ENABLED)
2108  const TlsExtension *extendedMasterSecret; ///<ExtendedMasterSecret extension
2109 #endif
2110 #if (TLS_TICKET_SUPPORT == ENABLED)
2111  const TlsExtension *sessionTicket; ///<SessionTicket extension
2112 #endif
2113 #if (TLS_SECURE_RENEGOTIATION_SUPPORT == ENABLED)
2114  const TlsRenegoInfo *renegoInfo; ///<RenegotiationInfo extension
2115 #endif
2116 #if (TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
2117  const Tls13Cookie *cookie; ///<Cookie extension
2118  const TlsCertAuthorities *certAuthorities; ///<CertificateAuthorities extension
2119  const Tls13KeyShareList *keyShareList; ///<KeyShare extension (ClientHello)
2120  const TlsExtension *selectedGroup; ///<KeyShare extension (HelloRetryRequest)
2121  const Tls13KeyShareEntry *serverShare; ///<KeyShare extension (ServerHello)
2122  const Tls13PskKeModeList *pskKeModeList; ///<PskKeyExchangeModes extension
2123  const Tls13PskIdentityList *identityList; ///<PreSharedKey extension (ClientHello)
2125  const TlsExtension *selectedIdentity; ///<PreSharedKey extension (ServerHello)
2126  const TlsExtension *earlyDataIndication; ///<EarlyData extension
2127 #endif
2129 
2130 
2131 /**
2132  * @brief Encryption engine
2133  **/
2134 
2136 {
2137  uint16_t version; ///<Negotiated TLS version
2138  uint8_t macKey[48]; ///<MAC key
2139  size_t macKeyLen; ///<Length of the MAC key
2140  uint8_t encKey[48]; ///<Encryption key
2141  size_t encKeyLen; ///<Length of the encryption key
2142  uint8_t iv[16]; ///<Initialization vector
2143  size_t fixedIvLen; ///<Length of the fixed part of the IV
2144  size_t recordIvLen; ///<Length of the IV
2145  size_t authTagLen; ///<Length of the authentication tag
2146  const CipherAlgo *cipherAlgo; ///<Cipher algorithm
2147  void *cipherContext; ///<Cipher context
2148  CipherMode cipherMode; ///<Cipher mode of operation
2149  const HashAlgo *hashAlgo; ///<Hash algorithm for MAC operations
2150  HmacContext *hmacContext; ///<HMAC context
2151 #if (TLS_GCM_CIPHER_SUPPORT == ENABLED)
2152  GcmContext *gcmContext; ///<GCM context
2153 #endif
2154  TlsSequenceNumber seqNum; ///<TLS sequence number
2155 #if (DTLS_SUPPORT == ENABLED)
2156  uint16_t epoch; ///<Counter value incremented on every cipher state change
2157  DtlsSequenceNumber dtlsSeqNum; ///<Record sequence number
2158 #endif
2159 #if (TLS_RECORD_SIZE_LIMIT_SUPPORT == ENABLED)
2160  size_t recordSizeLimit; ///<Maximum size of record in octets
2161 #endif
2162 #if (TLS_ENCRYPT_THEN_MAC_SUPPORT == ENABLED)
2163  bool_t encryptThenMac; ///<Encrypt-then-MAC construction
2164 #endif
2165  TLS_PRIVATE_ENCRYPTION_ENGINE ///<Application specific context
2166 };
2167 
2168 
2169 /**
2170  * @brief TLS context
2171  *
2172  * An opaque data structure that represents a TLS connection
2173  *
2174  **/
2175 
2177 {
2178  TlsState state; ///<TLS handshake finite state machine
2179  TlsTransportProtocol transportProtocol; ///<Transport protocol (stream or datagram)
2180  TlsConnectionEnd entity; ///<Client or server operation
2181 
2182  TlsStateChangeCallback stateChangeCallback; ///<TLS state change callback function
2183 
2184  TlsSocketHandle socketHandle; ///<Socket handle
2185  TlsSocketSendCallback socketSendCallback; ///<Socket send callback function
2186  TlsSocketReceiveCallback socketReceiveCallback; ///<Socket receive callback function
2187 
2188  const PrngAlgo *prngAlgo; ///<Pseudo-random number generator to be used
2189  void *prngContext; ///<Pseudo-random number generator context
2190 
2191  const uint16_t *cipherSuites; ///<List of supported cipher suites
2192  uint_t numCipherSuites; ///<Number of cipher suites in the list
2193 
2194  const uint16_t *supportedGroups; ///<List of supported named groups
2195  uint_t numSupportedGroups; ///<Number of named groups in the list
2196 
2197  char_t *serverName; ///<Fully qualified DNS hostname of the server
2198 
2199 #if (TLS_ECC_CALLBACK_SUPPORT == ENABLED)
2203 #endif
2204 
2205  TlsCertDesc certs[TLS_MAX_CERTIFICATES]; ///<End entity certificates (PEM format)
2206  uint_t numCerts; ///<Number of certificates available
2207  const char_t *trustedCaList; ///<Trusted CA list (PEM format)
2208  size_t trustedCaListLen; ///<Total length of the trusted CA list
2209  TlsCertVerifyCallback certVerifyCallback; ///<Certificate verification callback function
2210  void *certVerifyParam; ///<Opaque pointer passed to the certificate verification callback
2211  TlsCertDesc *cert; ///<Pointer to the currently selected certificate
2212 
2213  TlsCache *cache; ///<TLS session cache
2214  uint8_t sessionId[32]; ///<Session identifier
2215  size_t sessionIdLen; ///<Length of the session identifier
2216 
2217  uint16_t clientVersion; ///<Latest version supported by the client
2218  uint16_t version; ///<Negotiated TLS version
2219  uint16_t versionMin; ///<Minimum version accepted by the implementation
2220  uint16_t versionMax; ///<Maximum version accepted by the implementation
2221 
2222  uint8_t *cookie; ///<Cookie
2223  size_t cookieLen; ///<Length of the cookie
2224 
2225  uint8_t *ticket; ///<Session ticket
2226  size_t ticketLen; ///<Length of the session ticket
2227  systime_t ticketTimestamp; ///<Timestamp to manage ticket lifetime
2228  uint32_t ticketLifetime; ///<Lifetime of the ticket
2229 
2230  uint_t cipherSuiteTypes; ///<Types of cipher suites proposed by the client
2231  TlsCipherSuiteInfo cipherSuite; ///<Negotiated cipher suite
2232  TlsKeyExchMethod keyExchMethod; ///<Key exchange method
2233  TlsSignatureScheme signScheme; ///<Signature scheme to be used
2234  uint16_t namedGroup; ///<ECDHE or FFDHE named group
2235 
2236  TlsCertificateType peerCertType; ///<Peer's certificate type
2237  TlsClientAuthMode clientAuthMode; ///<Client authentication mode
2238  bool_t clientCertRequested; ///<This flag tells whether the client certificate is requested
2239 
2240  bool_t resume; ///<The connection is established by resuming a session
2241  bool_t fatalAlertSent; ///<A fatal alert message has been sent
2242  bool_t fatalAlertReceived; ///<A fatal alert message has been received from the peer
2243  bool_t closeNotifySent; ///<A closure alert has been sent
2244  bool_t closeNotifyReceived; ///<A closure alert has been received from the peer
2245 
2246  uint8_t *txBuffer; ///<TX buffer
2247  size_t txBufferSize; ///<TX buffer size
2248  size_t txBufferMaxLen; ///<Maximum number of plaintext data the TX buffer can hold
2249  TlsContentType txBufferType; ///<Type of data that resides in the TX buffer
2250  size_t txBufferLen; ///<Number of bytes that are pending to be sent
2251  size_t txBufferPos; ///<Current position in TX buffer
2252  size_t txRecordLen; ///<Length of the TLS record
2253  size_t txRecordPos; ///<Current position in the TLS record
2254 
2255  uint8_t *rxBuffer; ///<RX buffer
2256  size_t rxBufferSize; ///<RX buffer size
2257  size_t rxBufferMaxLen; ///<Maximum number of plaintext data the RX buffer can hold
2258  TlsContentType rxBufferType; ///<Type of data that resides in the RX buffer
2259  size_t rxBufferLen; ///<Number of bytes available for reading
2260  size_t rxBufferPos; ///<Current position in RX buffer
2261  size_t rxRecordLen; ///<Length of the TLS record
2262  size_t rxRecordPos; ///<Current position in the TLS record
2263 
2264  uint8_t clientRandom[TLS_RANDOM_SIZE]; ///<Client random value
2265  uint8_t serverRandom[TLS_RANDOM_SIZE]; ///<Server random value
2266  uint8_t premasterSecret[TLS_PREMASTER_SECRET_SIZE]; ///<Premaster secret
2267  size_t premasterSecretLen; ///<Length of the premaster secret
2268  uint8_t clientVerifyData[64]; ///<Client verify data
2269  size_t clientVerifyDataLen; ///<Length of the client verify data
2270  uint8_t serverVerifyData[64]; ///<Server verify data
2271  size_t serverVerifyDataLen; ///<Length of the server verify data
2272 
2273  TlsEncryptionEngine encryptionEngine; ///<Encryption engine
2274  TlsEncryptionEngine decryptionEngine; ///<Decryption engine
2275 
2276 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_0)
2277  size_t txLastRecordLen; ///<Length of the previous TLS record
2278 #endif
2279 
2280 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_1)
2281  Md5Context *transcriptMd5Context; ///<MD5 context used to compute verify data
2282 #endif
2283 
2284 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2)
2285  uint8_t masterSecret[TLS_MASTER_SECRET_SIZE]; ///<Master secret
2286  uint8_t keyBlock[192]; ///<Key material
2287  HmacContext hmacContext; ///<HMAC context
2288  Sha1Context *transcriptSha1Context; ///<SHA-1 context used to compute verify data
2289 #endif
2290 
2291 #if (TLS_MAX_VERSION >= TLS_VERSION_1_2 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
2292  const uint16_t *supportedSignAlgos; ///<List of supported signature algorithms
2293  uint_t numSupportedSignAlgos; ///<Number of signature algorithms in the list
2294 
2295  HashContext *transcriptHashContext; ///<Hash context used to compute verify data
2296 #endif
2297 
2298 #if (TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
2299  uint16_t preferredGroup; ///<Preferred ECDHE or FFDHE named group
2300  systime_t clientHelloTimestamp; ///<Time at which the ClientHello message was sent
2301  bool_t updatedClientHelloReceived; ///<An updated ClientHello message has been received
2302  uint8_t *certRequestContext; ///<Certificate request context
2303  size_t certRequestContextLen; ///<Length of the certificate request context
2304  int_t selectedIdentity; ///<Selected PSK identity
2305  bool_t pskKeModeSupported; ///<PSK key establishment supported by the client
2306 
2315 
2316  uint_t newSessionTicketCount; ///<Number of NewSessionTicket messages that have been sent
2317 
2318  uint8_t ticketPsk[TLS_MAX_HKDF_DIGEST_SIZE]; ///<PSK associated with the ticket
2319  size_t ticketPskLen; ///<Length of the PSK associated with the ticket
2320  uint32_t ticketAgeAdd; ///<Random value used to obscure the age of the ticket
2321  uint32_t ticketNonce; ///<A per-ticket value that is unique across all tickets issued
2322  uint16_t ticketCipherSuite; ///<Cipher suite associated with the ticket
2323  TlsHashAlgo ticketHashAlgo; ///<Hash algorithm associated with the ticket
2324  char_t *ticketAlpn; ///<ALPN protocol associated with the ticket
2325 
2326  size_t maxEarlyDataSize; ///<Maximum amount of 0-RTT data that the client is allowed to send
2327  size_t earlyDataLen; ///<Total amount of 0-RTT data that have been sent by the client
2328  bool_t earlyDataEnabled; ///<EarlyData is enabled
2329  bool_t earlyDataRejected; ///<The 0-RTT data have been rejected by the server
2330  bool_t earlyDataExtReceived; ///<The EarlyData extension has been received
2331  TlsSequenceNumber earlyDataSeqNum; ///<Early data sequence number
2332 #endif
2333 
2334 #if (TLS_DH_SUPPORT == ENABLED)
2335  DhContext dhContext; ///<Diffie-Hellman context
2336 #endif
2337 
2338 #if (TLS_ECDH_SUPPORT == ENABLED)
2339  EcdhContext ecdhContext; ///<ECDH context
2340  bool_t ecPointFormatsExtReceived; ///<The EcPointFormats extension has been received
2341 #endif
2342 
2343 #if (TLS_RSA_SUPPORT == ENABLED)
2344  RsaPublicKey peerRsaPublicKey; ///<Peer's RSA public key
2345 #endif
2346 
2347 #if (TLS_DSA_SIGN_SUPPORT == ENABLED)
2348  DsaPublicKey peerDsaPublicKey; ///<Peer's DSA public key
2349 #endif
2350 
2351 #if (TLS_ECDSA_SIGN_SUPPORT == ENABLED || TLS_SM2_SIGN_SUPPORT == ENABLED || \
2352  TLS_ED25519_SIGN_SUPPORT == ENABLED || TLS_ED448_SIGN_SUPPORT == ENABLED)
2353  EcDomainParameters peerEcParams; ///<Peer's EC domain parameters
2354  EcPublicKey peerEcPublicKey; ///<Peer's EC public key
2355 #endif
2356 
2357 #if (TLS_PSK_SUPPORT == ENABLED)
2358  uint8_t *psk; ///<Pre-shared key
2359  size_t pskLen; ///<Length of the pre-shared key, in bytes
2360  char_t *pskIdentity; ///<PSK identity
2361  char_t *pskIdentityHint; ///<PSK identity hint
2362  TlsPskCallback pskCallback; ///<PSK callback function
2363  uint16_t pskCipherSuite; ///<Cipher suite associated with the PSK
2364  TlsHashAlgo pskHashAlgo; ///<Hash algorithm associated with the PSK
2365 #endif
2366 
2367 #if (TLS_MAX_FRAG_LEN_SUPPORT == ENABLED)
2368  size_t maxFragLen; ///<Maximum plaintext fragment length
2369  bool_t maxFragLenExtReceived; ///<The MaxFragmentLength extension has been received
2370 #endif
2371 
2372 #if (TLS_RECORD_SIZE_LIMIT_SUPPORT == ENABLED)
2373  size_t recordSizeLimit; ///<Maximum record size the peer is willing to receive
2374  bool_t recordSizeLimitExtReceived; ///<The RecordSizeLimit extension has been received
2375 #endif
2376 
2377 #if (TLS_ALPN_SUPPORT == ENABLED)
2378  bool_t unknownProtocolsAllowed; ///<Unknown ALPN protocols allowed
2379  char_t *protocolList; ///<List of supported ALPN protocols
2380  char_t *selectedProtocol; ///<Selected ALPN protocol
2381  TlsAlpnCallback alpnCallback; ///<ALPN callback function
2382 #endif
2383 
2384 #if (TLS_ENCRYPT_THEN_MAC_SUPPORT == ENABLED)
2385  bool_t etmExtReceived; ///<The EncryptThenMac extension has been received
2386 #endif
2387 
2388 #if (TLS_EXT_MASTER_SECRET_SUPPORT == ENABLED)
2389  bool_t emsExtReceived; ///<The ExtendedMasterSecret extension has been received
2390 #endif
2391 
2392 #if (TLS_RAW_PUBLIC_KEY_SUPPORT == ENABLED)
2393  TlsCertificateFormat certFormat; ///<Certificate format
2394  TlsCertificateFormat peerCertFormat; ///<Peer's certificate format
2395  TlsRpkVerifyCallback rpkVerifyCallback; ///<Raw public key verification callback function
2396  bool_t clientCertTypeExtReceived; ///<The ClientCertType extension has been received
2397  bool_t serverCertTypeExtReceived; ///<The ServerCertType extension has been received
2398 #endif
2399 
2400 #if (TLS_TICKET_SUPPORT == ENABLED)
2401  bool_t sessionTicketEnabled; ///<Session ticket mechanism enabled
2402  bool_t sessionTicketExtReceived; ///<The SessionTicket extension has been received
2403  bool_t sessionTicketExtSent; ///<The SessionTicket extension has been sent
2404  TlsTicketEncryptCallback ticketEncryptCallback; ///<Ticket encryption callback function
2405  TlsTicketDecryptCallback ticketDecryptCallback; ///<Ticket decryption callback function
2406  void *ticketParam; ///<Opaque pointer passed to the ticket callbacks
2407 #endif
2408 
2409 #if (TLS_SECURE_RENEGOTIATION_SUPPORT == ENABLED)
2410  bool_t secureRenegoEnabled; ///<Secure renegotiation enabled
2411  bool_t secureRenegoFlag; ///<Secure renegotiation flag
2412 #endif
2413 
2414 #if (TLS_FALLBACK_SCSV_SUPPORT == ENABLED)
2415  bool_t fallbackScsvEnabled; ///<Support for FALLBACK_SCSV
2416 #endif
2417 
2418 #if (TLS_KEY_LOG_SUPPORT == ENABLED)
2419  TlsKeyLogCallback keyLogCallback; ///<Key logging callback (for debugging purpose only)
2420 #endif
2421 
2422 #if (TLS_MAX_WARNING_ALERTS > 0)
2423  uint_t alertCount; ///<Count of consecutive warning alerts
2424 #endif
2425 
2426 #if (TLS_MAX_EMPTY_RECORDS > 0)
2427  uint_t emptyRecordCount; ///<Count of consecutive empty records
2428 #endif
2429 
2430 #if (TLS_MAX_CHANGE_CIPHER_SPEC_MESSAGES > 0)
2431  uint_t changeCipherSpecCount; ///<Count of consecutive ChangeCipherSpec messages
2432 #endif
2433 
2434 #if (TLS_MAX_KEY_UPDATE_MESSAGES > 0)
2435  uint_t keyUpdateCount; ///<Count of consecutive KeyUpdate messages
2436 #endif
2437 
2438 #if (DTLS_SUPPORT == ENABLED)
2439  size_t pmtu; ///<PMTU value
2440  systime_t timeout; ///<Timeout for blocking calls
2442 
2443  DtlsCookieGenerateCallback cookieGenerateCallback; ///<Cookie generation callback function
2444  DtlsCookieVerifyCallback cookieVerifyCallback; ///<Cookie verification callback function
2445  void *cookieParam; ///<Opaque pointer passed to the cookie callbacks
2446 
2447  uint_t retransmitCount; ///<Retransmission counter
2448  systime_t retransmitTimestamp; ///<Time at which the datagram was sent
2449  systime_t retransmitTimeout; ///<Retransmission timeout
2450 
2451  uint16_t txMsgSeq; ///<Send sequence number
2452  size_t txDatagramLen; ///<Length of the outgoing datagram, in bytes
2453 
2454  uint16_t rxMsgSeq; ///<Next receive sequence number
2455  size_t rxFragQueueLen; ///<Length of the reassembly queue
2456  size_t rxDatagramLen; ///<Length of the incoming datagram, in bytes
2458  uint16_t rxRecordVersion; ///<Version of the incoming record
2459 
2461 #endif
2462 
2463 #if (DTLS_SUPPORT == ENABLED && DTLS_REPLAY_DETECTION_SUPPORT == ENABLED)
2464  bool_t replayDetectionEnabled; ///<Anti-replay mechanism enabled
2465  uint32_t replayWindow[(DTLS_REPLAY_WINDOW_SIZE + 31) / 32];
2466 #endif
2467 
2468  TLS_PRIVATE_CONTEXT ///<Application specific context
2469 };
2470 
2471 
2472 //TLS application programming interface (API)
2473 TlsContext *tlsInit(void);
2474 TlsState tlsGetState(TlsContext *context);
2475 
2477  TlsStateChangeCallback stateChangeCallback);
2478 
2480  TlsSocketSendCallback socketSendCallback,
2481  TlsSocketReceiveCallback socketReceiveCallback, TlsSocketHandle handle);
2482 
2483 error_t tlsSetVersion(TlsContext *context, uint16_t versionMin,
2484  uint16_t versionMax);
2485 
2487  TlsTransportProtocol transportProtocol);
2488 
2490 
2491 error_t tlsSetPrng(TlsContext *context, const PrngAlgo *prngAlgo,
2492  void *prngContext);
2493 
2494 error_t tlsSetServerName(TlsContext *context, const char_t *serverName);
2495 const char_t *tlsGetServerName(TlsContext *context);
2496 
2497 error_t tlsSetCache(TlsContext *context, TlsCache *cache);
2499 
2500 error_t tlsSetBufferSize(TlsContext *context, size_t txBufferSize,
2501  size_t rxBufferSize);
2502 
2503 error_t tlsSetMaxFragmentLength(TlsContext *context, size_t maxFragLen);
2504 
2505 error_t tlsSetCipherSuites(TlsContext *context, const uint16_t *cipherSuites,
2506  uint_t length);
2507 
2508 error_t tlsSetSupportedGroups(TlsContext *context, const uint16_t *groups,
2509  uint_t length);
2510 
2511 error_t tlsSetPreferredGroup(TlsContext *context, uint16_t group);
2512 
2514  const uint16_t *signAlgos, uint_t length);
2515 
2516 error_t tlsSetDhParameters(TlsContext *context, const char_t *params,
2517  size_t length);
2518 
2519 error_t tlsSetEcdhCallback(TlsContext *context, TlsEcdhCallback ecdhCallback);
2520 
2522  TlsEcdsaSignCallback ecdsaSignCallback);
2523 
2525  TlsEcdsaVerifyCallback ecdsaVerifyCallback);
2526 
2528  TlsKeyLogCallback keyLogCallback);
2529 
2531 error_t tlsSetAlpnProtocolList(TlsContext *context, const char_t *protocolList);
2532 error_t tlsSetAlpnCallback(TlsContext *context, TlsAlpnCallback alpnCallback);
2533 const char_t *tlsGetAlpnProtocol(TlsContext *context);
2534 
2535 error_t tlsSetPsk(TlsContext *context, const uint8_t *psk, size_t length);
2536 error_t tlsSetPskIdentity(TlsContext *context, const char_t *pskIdentity);
2537 error_t tlsSetPskIdentityHint(TlsContext *context, const char_t *pskIdentityHint);
2538 error_t tlsSetPskCallback(TlsContext *context, TlsPskCallback pskCallback);
2539 
2541  TlsRpkVerifyCallback rpkVerifyCallback);
2542 
2543 error_t tlsSetTrustedCaList(TlsContext *context, const char_t *trustedCaList,
2544  size_t length);
2545 
2546 error_t tlsAddCertificate(TlsContext *context, const char_t *certChain,
2547  size_t certChainLen, const char_t *privateKey, size_t privateKeyLen);
2548 
2550  const char_t *certChain, size_t certChainLen, const char_t *privateKey,
2551  size_t privateKeyLen, const char_t *password);
2552 
2554  TlsCertVerifyCallback certVerifyCallback, void *param);
2555 
2558 error_t tlsEnableFallbackScsv(TlsContext *context, bool_t enabled);
2559 
2561  TlsTicketEncryptCallback ticketEncryptCallback,
2562  TlsTicketDecryptCallback ticketDecryptCallback, void *param);
2563 
2564 error_t tlsSetPmtu(TlsContext *context, size_t pmtu);
2565 error_t tlsSetTimeout(TlsContext *context, systime_t timeout);
2566 
2568  DtlsCookieGenerateCallback cookieGenerateCallback,
2569  DtlsCookieVerifyCallback cookieVerifyCallback, void *param);
2570 
2572 
2573 error_t tlsSetMaxEarlyDataSize(TlsContext *context, size_t maxEarlyDataSize);
2574 
2575 error_t tlsWriteEarlyData(TlsContext *context, const void *data,
2576  size_t length, size_t *written, uint_t flags);
2577 
2578 error_t tlsConnect(TlsContext *context);
2579 
2581 
2582 error_t tlsWrite(TlsContext *context, const void *data, size_t length,
2583  size_t *written, uint_t flags);
2584 
2585 error_t tlsRead(TlsContext *context, void *data, size_t size, size_t *received,
2586  uint_t flags);
2587 
2588 bool_t tlsIsTxReady(TlsContext *context);
2589 bool_t tlsIsRxReady(TlsContext *context);
2590 
2591 error_t tlsShutdown(TlsContext *context);
2592 error_t tlsShutdownEx(TlsContext *context, bool_t waitForCloseNotify);
2593 
2594 void tlsFree(TlsContext *context);
2595 
2597 
2598 error_t tlsSaveSessionState(const TlsContext *context,
2599  TlsSessionState *session);
2600 
2602  const TlsSessionState *session);
2603 
2604 void tlsFreeSessionState(TlsSessionState *session);
2605 
2607 void tlsFreeCache(TlsCache *cache);
2608 
2609 //C++ guard
2610 #ifdef __cplusplus
2611 }
2612 #endif
2613 
2614 #endif
uint8_t type
Definition: coap_common.h:176
signed int int_t
Definition: compiler_port.h:49
unsigned int uint_t
Definition: compiler_port.h:50
char char_t
Definition: compiler_port.h:48
int bool_t
Definition: compiler_port.h:53
General definitions for cryptographic algorithms.
CipherMode
Cipher operation modes.
Definition: crypto.h:941
#define PrngAlgo
Definition: crypto.h:917
uint8_t algorithm
DSA (Digital Signature Algorithm)
DTLS (Datagram Transport Layer Security)
error_t(* DtlsCookieGenerateCallback)(TlsContext *context, const DtlsClientParameters *clientParams, uint8_t *cookie, size_t *length, void *param)
DTLS cookie generation callback function.
Definition: dtls_misc.h:240
DtlsSequenceNumber
Definition: dtls_misc.h:143
error_t(* DtlsCookieVerifyCallback)(TlsContext *context, const DtlsClientParameters *clientParams, const uint8_t *cookie, size_t length, void *param)
DTLS cookie verification callback function.
Definition: dtls_misc.h:249
#define DTLS_REPLAY_WINDOW_SIZE
Definition: dtls_misc.h:69
ECDSA (Elliptic Curve Digital Signature Algorithm)
error_t
Error codes.
Definition: error.h:43
HMAC (Keyed-Hashing for Message Authentication)
Collection of key exchange algorithms.
uint8_t msgType
uint8_t b
Definition: nbns_common.h:104
uint32_t systime_t
System time.
RSA public-key cryptography standard.
TLS context.
Definition: tls.h:2177
systime_t ticketTimestamp
Timestamp to manage ticket lifetime.
Definition: tls.h:2227
bool_t resume
The connection is established by resuming a session.
Definition: tls.h:2240
bool_t sessionTicketEnabled
Session ticket mechanism enabled.
Definition: tls.h:2401
size_t maxEarlyDataSize
Maximum amount of 0-RTT data that the client is allowed to send.
Definition: tls.h:2326
size_t rxFragQueueLen
Length of the reassembly queue.
Definition: tls.h:2455
size_t maxFragLen
Maximum plaintext fragment length.
Definition: tls.h:2368
uint_t cipherSuiteTypes
Types of cipher suites proposed by the client.
Definition: tls.h:2230
size_t trustedCaListLen
Total length of the trusted CA list.
Definition: tls.h:2208
void * ticketParam
Opaque pointer passed to the ticket callbacks.
Definition: tls.h:2406
TlsStateChangeCallback stateChangeCallback
TLS state change callback function.
Definition: tls.h:2182
TlsPskCallback pskCallback
PSK callback function.
Definition: tls.h:2362
TlsKeyExchMethod keyExchMethod
Key exchange method.
Definition: tls.h:2232
uint_t keyUpdateCount
Count of consecutive KeyUpdate messages.
Definition: tls.h:2435
HashContext * transcriptHashContext
Hash context used to compute verify data.
Definition: tls.h:2295
uint_t numCerts
Number of certificates available.
Definition: tls.h:2206
TlsRpkVerifyCallback rpkVerifyCallback
Raw public key verification callback function.
Definition: tls.h:2395
bool_t ecPointFormatsExtReceived
The EcPointFormats extension has been received.
Definition: tls.h:2340
uint8_t serverHsTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2310
TlsSocketHandle socketHandle
Socket handle.
Definition: tls.h:2184
bool_t sessionTicketExtReceived
The SessionTicket extension has been received.
Definition: tls.h:2402
bool_t earlyDataEnabled
EarlyData is enabled.
Definition: tls.h:2328
bool_t unknownProtocolsAllowed
Unknown ALPN protocols allowed.
Definition: tls.h:2378
bool_t etmExtReceived
The EncryptThenMac extension has been received.
Definition: tls.h:2385
uint16_t rxRecordVersion
Version of the incoming record.
Definition: tls.h:2458
TlsSignatureScheme signScheme
Signature scheme to be used.
Definition: tls.h:2233
bool_t sessionTicketExtSent
The SessionTicket extension has been sent.
Definition: tls.h:2403
TlsCertVerifyCallback certVerifyCallback
Certificate verification callback function.
Definition: tls.h:2209
TlsAlpnCallback alpnCallback
ALPN callback function.
Definition: tls.h:2381
uint16_t versionMax
Maximum version accepted by the implementation.
Definition: tls.h:2220
size_t ticketPskLen
Length of the PSK associated with the ticket.
Definition: tls.h:2319
void * cookieParam
Opaque pointer passed to the cookie callbacks.
Definition: tls.h:2445
size_t recordSizeLimit
Maximum record size the peer is willing to receive.
Definition: tls.h:2373
bool_t maxFragLenExtReceived
The MaxFragmentLength extension has been received.
Definition: tls.h:2369
bool_t earlyDataExtReceived
The EarlyData extension has been received.
Definition: tls.h:2330
bool_t updatedClientHelloReceived
An updated ClientHello message has been received.
Definition: tls.h:2301
uint32_t replayWindow[(DTLS_REPLAY_WINDOW_SIZE+31)/32]
Definition: tls.h:2465
uint16_t namedGroup
ECDHE or FFDHE named group.
Definition: tls.h:2234
uint16_t txMsgSeq
Send sequence number.
Definition: tls.h:2451
uint8_t clientAppTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2311
DhContext dhContext
Diffie-Hellman context.
Definition: tls.h:2335
const uint16_t * supportedSignAlgos
List of supported signature algorithms.
Definition: tls.h:2292
uint8_t sessionId[32]
Session identifier.
Definition: tls.h:2214
bool_t fatalAlertSent
A fatal alert message has been sent.
Definition: tls.h:2241
char_t * pskIdentityHint
PSK identity hint.
Definition: tls.h:2361
TlsTransportProtocol transportProtocol
Transport protocol (stream or datagram)
Definition: tls.h:2179
TlsClientAuthMode clientAuthMode
Client authentication mode.
Definition: tls.h:2237
uint8_t serverAppTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2312
systime_t retransmitTimeout
Retransmission timeout.
Definition: tls.h:2449
TlsCipherSuiteInfo cipherSuite
Negotiated cipher suite.
Definition: tls.h:2231
int_t selectedIdentity
Selected PSK identity.
Definition: tls.h:2304
size_t sessionIdLen
Length of the session identifier.
Definition: tls.h:2215
TlsEcdsaSignCallback ecdsaSignCallback
Definition: tls.h:2201
TlsCache * cache
TLS session cache.
Definition: tls.h:2213
size_t pskLen
Length of the pre-shared key, in bytes.
Definition: tls.h:2359
Sha1Context * transcriptSha1Context
SHA-1 context used to compute verify data.
Definition: tls.h:2288
size_t txBufferMaxLen
Maximum number of plaintext data the TX buffer can hold.
Definition: tls.h:2248
const PrngAlgo * prngAlgo
Pseudo-random number generator to be used.
Definition: tls.h:2188
bool_t secureRenegoFlag
Secure renegotiation flag.
Definition: tls.h:2411
EcDomainParameters peerEcParams
Peer's EC domain parameters.
Definition: tls.h:2353
bool_t closeNotifyReceived
A closure alert has been received from the peer.
Definition: tls.h:2244
size_t txBufferPos
Current position in TX buffer.
Definition: tls.h:2251
uint8_t masterSecret[TLS_MASTER_SECRET_SIZE]
Master secret.
Definition: tls.h:2285
size_t certRequestContextLen
Length of the certificate request context.
Definition: tls.h:2303
TlsCertificateFormat certFormat
Certificate format.
Definition: tls.h:2393
uint16_t pskCipherSuite
Cipher suite associated with the PSK.
Definition: tls.h:2363
size_t txBufferSize
TX buffer size.
Definition: tls.h:2247
TlsEncryptionEngine decryptionEngine
Decryption engine.
Definition: tls.h:2274
size_t txBufferLen
Number of bytes that are pending to be sent.
Definition: tls.h:2250
bool_t clientCertRequested
This flag tells whether the client certificate is requested.
Definition: tls.h:2238
TlsContentType txBufferType
Type of data that resides in the TX buffer.
Definition: tls.h:2249
TlsCertificateType peerCertType
Peer's certificate type.
Definition: tls.h:2236
RsaPublicKey peerRsaPublicKey
Peer's RSA public key.
Definition: tls.h:2344
TlsContentType rxBufferType
Type of data that resides in the RX buffer.
Definition: tls.h:2258
uint16_t ticketCipherSuite
Cipher suite associated with the ticket.
Definition: tls.h:2322
uint8_t * rxBuffer
RX buffer.
Definition: tls.h:2255
uint_t alertCount
Count of consecutive warning alerts.
Definition: tls.h:2423
bool_t recordSizeLimitExtReceived
The RecordSizeLimit extension has been received.
Definition: tls.h:2374
uint8_t * cookie
Cookie.
Definition: tls.h:2222
bool_t fallbackScsvEnabled
Support for FALLBACK_SCSV.
Definition: tls.h:2415
uint_t numSupportedGroups
Number of named groups in the list.
Definition: tls.h:2195
size_t ticketLen
Length of the session ticket.
Definition: tls.h:2226
char_t * pskIdentity
PSK identity.
Definition: tls.h:2360
size_t earlyDataLen
Total amount of 0-RTT data that have been sent by the client.
Definition: tls.h:2327
TlsEncryptionEngine encryptionEngine
Encryption engine.
Definition: tls.h:2273
uint8_t serverRandom[TLS_RANDOM_SIZE]
Server random value.
Definition: tls.h:2265
uint8_t exporterMasterSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2313
TlsKeyLogCallback keyLogCallback
Key logging callback (for debugging purpose only)
Definition: tls.h:2419
uint16_t preferredGroup
Preferred ECDHE or FFDHE named group.
Definition: tls.h:2299
uint8_t premasterSecret[TLS_PREMASTER_SECRET_SIZE]
Premaster secret.
Definition: tls.h:2266
bool_t replayDetectionEnabled
Anti-replay mechanism enabled.
Definition: tls.h:2464
uint16_t clientVersion
Latest version supported by the client.
Definition: tls.h:2217
uint_t retransmitCount
Retransmission counter.
Definition: tls.h:2447
char_t * selectedProtocol
Selected ALPN protocol.
Definition: tls.h:2380
TlsCertDesc * cert
Pointer to the currently selected certificate.
Definition: tls.h:2211
char_t * protocolList
List of supported ALPN protocols.
Definition: tls.h:2379
bool_t emsExtReceived
The ExtendedMasterSecret extension has been received.
Definition: tls.h:2389
uint16_t versionMin
Minimum version accepted by the implementation.
Definition: tls.h:2219
DsaPublicKey peerDsaPublicKey
Peer's DSA public key.
Definition: tls.h:2348
const char_t * trustedCaList
Trusted CA list (PEM format)
Definition: tls.h:2207
TlsCertDesc certs[TLS_MAX_CERTIFICATES]
End entity certificates (PEM format)
Definition: tls.h:2205
uint32_t ticketNonce
A per-ticket value that is unique across all tickets issued.
Definition: tls.h:2321
TlsTicketDecryptCallback ticketDecryptCallback
Ticket decryption callback function.
Definition: tls.h:2405
uint8_t serverVerifyData[64]
Server verify data.
Definition: tls.h:2270
uint8_t * txBuffer
TX buffer.
Definition: tls.h:2246
size_t txRecordLen
Length of the TLS record.
Definition: tls.h:2252
bool_t clientCertTypeExtReceived
The ClientCertType extension has been received.
Definition: tls.h:2396
uint_t changeCipherSpecCount
Count of consecutive ChangeCipherSpec messages.
Definition: tls.h:2431
size_t pmtu
PMTU value.
Definition: tls.h:2439
size_t txDatagramLen
Length of the outgoing datagram, in bytes.
Definition: tls.h:2452
uint8_t clientVerifyData[64]
Client verify data.
Definition: tls.h:2268
size_t rxBufferLen
Number of bytes available for reading.
Definition: tls.h:2259
TlsCertificateFormat peerCertFormat
Peer's certificate format.
Definition: tls.h:2394
uint8_t ticketPsk[TLS_MAX_HKDF_DIGEST_SIZE]
PSK associated with the ticket.
Definition: tls.h:2318
size_t rxBufferSize
RX buffer size.
Definition: tls.h:2256
size_t rxDatagramPos
Definition: tls.h:2457
TlsEcdsaVerifyCallback ecdsaVerifyCallback
Definition: tls.h:2202
TlsConnectionEnd entity
Client or server operation.
Definition: tls.h:2180
DtlsCookieVerifyCallback cookieVerifyCallback
Cookie verification callback function.
Definition: tls.h:2444
size_t txRecordPos
Current position in the TLS record.
Definition: tls.h:2253
TlsState state
TLS handshake finite state machine.
Definition: tls.h:2178
uint16_t version
Negotiated TLS version.
Definition: tls.h:2218
void * certVerifyParam
Opaque pointer passed to the certificate verification callback.
Definition: tls.h:2210
systime_t retransmitTimestamp
Time at which the datagram was sent.
Definition: tls.h:2448
bool_t fatalAlertReceived
A fatal alert message has been received from the peer.
Definition: tls.h:2242
systime_t timeout
Timeout for blocking calls.
Definition: tls.h:2440
size_t rxBufferPos
Current position in RX buffer.
Definition: tls.h:2260
uint8_t * ticket
Session ticket.
Definition: tls.h:2225
uint_t emptyRecordCount
Count of consecutive empty records.
Definition: tls.h:2427
bool_t earlyDataRejected
The 0-RTT data have been rejected by the server.
Definition: tls.h:2329
uint8_t clientEarlyTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2308
uint8_t clientRandom[TLS_RANDOM_SIZE]
Client random value.
Definition: tls.h:2264
bool_t closeNotifySent
A closure alert has been sent.
Definition: tls.h:2243
size_t rxDatagramLen
Length of the incoming datagram, in bytes.
Definition: tls.h:2456
HmacContext hmacContext
HMAC context.
Definition: tls.h:2287
systime_t startTime
Definition: tls.h:2441
size_t serverVerifyDataLen
Length of the server verify data.
Definition: tls.h:2271
uint8_t secret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2307
const uint16_t * cipherSuites
List of supported cipher suites.
Definition: tls.h:2191
uint32_t ticketAgeAdd
Random value used to obscure the age of the ticket.
Definition: tls.h:2320
bool_t serverCertTypeExtReceived
The ServerCertType extension has been received.
Definition: tls.h:2397
size_t cookieLen
Length of the cookie.
Definition: tls.h:2223
EcdhContext ecdhContext
ECDH context.
Definition: tls.h:2339
char_t * ticketAlpn
ALPN protocol associated with the ticket.
Definition: tls.h:2324
size_t rxRecordLen
Length of the TLS record.
Definition: tls.h:2261
TlsEcdhCallback ecdhCallback
Definition: tls.h:2200
TlsEncryptionEngine prevEncryptionEngine
Definition: tls.h:2460
bool_t secureRenegoEnabled
Secure renegotiation enabled.
Definition: tls.h:2410
TlsSocketReceiveCallback socketReceiveCallback
Socket receive callback function.
Definition: tls.h:2186
TlsTicketEncryptCallback ticketEncryptCallback
Ticket encryption callback function.
Definition: tls.h:2404
char_t * serverName
Fully qualified DNS hostname of the server.
Definition: tls.h:2197
TlsHashAlgo ticketHashAlgo
Hash algorithm associated with the ticket.
Definition: tls.h:2323
uint_t numSupportedSignAlgos
Number of signature algorithms in the list.
Definition: tls.h:2293
size_t clientVerifyDataLen
Length of the client verify data.
Definition: tls.h:2269
uint8_t resumptionMasterSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2314
uint32_t ticketLifetime
Lifetime of the ticket.
Definition: tls.h:2228
bool_t pskKeModeSupported
PSK key establishment supported by the client.
Definition: tls.h:2305
uint16_t rxMsgSeq
Next receive sequence number.
Definition: tls.h:2454
TlsHashAlgo pskHashAlgo
Hash algorithm associated with the PSK.
Definition: tls.h:2364
size_t premasterSecretLen
Length of the premaster secret.
Definition: tls.h:2267
uint_t numCipherSuites
Number of cipher suites in the list.
Definition: tls.h:2192
size_t rxBufferMaxLen
Maximum number of plaintext data the RX buffer can hold.
Definition: tls.h:2257
DtlsCookieGenerateCallback cookieGenerateCallback
Cookie generation callback function.
Definition: tls.h:2443
TlsSequenceNumber earlyDataSeqNum
Early data sequence number.
Definition: tls.h:2331
EcPublicKey peerEcPublicKey
Peer's EC public key.
Definition: tls.h:2354
uint8_t * psk
Pre-shared key.
Definition: tls.h:2358
uint8_t * certRequestContext
Certificate request context.
Definition: tls.h:2302
const uint16_t * supportedGroups
List of supported named groups.
Definition: tls.h:2194
TlsSocketSendCallback socketSendCallback
Socket send callback function.
Definition: tls.h:2185
systime_t clientHelloTimestamp
Time at which the ClientHello message was sent.
Definition: tls.h:2300
void * prngContext
Pseudo-random number generator context.
Definition: tls.h:2189
size_t rxRecordPos
Current position in the TLS record.
Definition: tls.h:2262
uint8_t keyBlock[192]
Key material.
Definition: tls.h:2286
uint8_t clientHsTrafficSecret[TLS_MAX_HKDF_DIGEST_SIZE]
Definition: tls.h:2309
uint_t newSessionTicketCount
Number of NewSessionTicket messages that have been sent.
Definition: tls.h:2316
Encryption engine.
Definition: tls.h:2136
CipherMode cipherMode
Cipher mode of operation.
Definition: tls.h:2148
bool_t encryptThenMac
Encrypt-then-MAC construction.
Definition: tls.h:2163
GcmContext * gcmContext
GCM context.
Definition: tls.h:2152
size_t macKeyLen
Length of the MAC key.
Definition: tls.h:2139
HmacContext * hmacContext
HMAC context.
Definition: tls.h:2150
size_t recordSizeLimit
Maximum size of record in octets.
Definition: tls.h:2160
const HashAlgo * hashAlgo
Hash algorithm for MAC operations.
Definition: tls.h:2149
size_t fixedIvLen
Length of the fixed part of the IV.
Definition: tls.h:2143
uint8_t encKey[48]
Encryption key.
Definition: tls.h:2140
uint8_t iv[16]
Initialization vector.
Definition: tls.h:2142
const CipherAlgo * cipherAlgo
Cipher algorithm.
Definition: tls.h:2146
DtlsSequenceNumber dtlsSeqNum
Record sequence number.
Definition: tls.h:2157
size_t authTagLen
Length of the authentication tag.
Definition: tls.h:2145
uint16_t version
Negotiated TLS version.
Definition: tls.h:2137
TlsSequenceNumber seqNum
TLS sequence number.
Definition: tls.h:2154
void * cipherContext
Cipher context.
Definition: tls.h:2147
size_t encKeyLen
Length of the encryption key.
Definition: tls.h:2141
uint8_t macKey[48]
MAC key.
Definition: tls.h:2138
size_t recordIvLen
Length of the IV.
Definition: tls.h:2144
uint16_t epoch
Counter value incremented on every cipher state change.
Definition: tls.h:2156
Common interface for encryption algorithms.
Definition: crypto.h:1036
Diffie-Hellman context.
Definition: dh.h:60
DSA public key.
Definition: dsa.h:61
EC domain parameters.
Definition: ec.h:76
EC public key.
Definition: ec.h:94
ECDH context.
Definition: ecdh.h:59
ECDSA signature.
Definition: ecdsa.h:49
GCM context.
Definition: gcm.h:64
Common interface for hash algorithms.
Definition: crypto.h:1014
HMAC algorithm context.
Definition: hmac.h:59
MD5 algorithm context.
Definition: md5.h:62
Mutex object.
RSA public key.
Definition: rsa.h:57
SHA-1 algorithm context.
Definition: sha1.h:62
Session cache.
Definition: tls.h:2052
uint_t size
Maximum number of entries.
Definition: tls.h:2054
OsMutex mutex
Mutex preventing simultaneous access to the cache.
Definition: tls.h:2053
Certificate descriptor.
Definition: tls.h:2064
const char_t * privateKey
Private key (PEM format)
Definition: tls.h:2067
TlsSignatureScheme signScheme
Signature scheme used to sign the end entity certificate.
Definition: tls.h:2071
TlsNamedGroup namedCurve
Named curve used to generate the EC public key.
Definition: tls.h:2072
size_t privateKeyLen
Length of the private key.
Definition: tls.h:2068
size_t certChainLen
Length of the certificate chain.
Definition: tls.h:2066
const char_t * certChain
End entity certificate chain (PEM format)
Definition: tls.h:2065
TlsCertificateType type
End entity certificate type.
Definition: tls.h:2070
Structure describing a cipher suite.
Definition: tls.h:1999
CipherMode cipherMode
Definition: tls.h:2004
TlsKeyExchMethod keyExchMethod
Definition: tls.h:2002
uint8_t recordIvLen
Definition: tls.h:2010
uint8_t verifyDataLen
Definition: tls.h:2012
uint8_t fixedIvLen
Definition: tls.h:2009
const char_t * name
Definition: tls.h:2001
const HashAlgo * hashAlgo
Definition: tls.h:2005
uint8_t macKeyLen
Definition: tls.h:2007
uint16_t identifier
Definition: tls.h:2000
const CipherAlgo * cipherAlgo
Definition: tls.h:2003
uint8_t authTagLen
Definition: tls.h:2011
uint8_t encKeyLen
Definition: tls.h:2008
const HashAlgo * prfHashAlgo
Definition: tls.h:2006
Hello extensions.
Definition: tls.h:2081
const TlsExtension * serverCertType
Definition: tls.h:2102
const TlsSupportedGroupList * supportedGroupList
SupportedGroups extension.
Definition: tls.h:2085
const Tls13KeyShareEntry * serverShare
KeyShare extension (ServerHello)
Definition: tls.h:2121
const TlsSignSchemeList * signAlgoList
SignatureAlgorithms extension.
Definition: tls.h:2087
const TlsExtension * clientCertType
Definition: tls.h:2100
const TlsExtension * recordSizeLimit
RecordSizeLimit extension.
Definition: tls.h:2093
const TlsCertTypeList * serverCertTypeList
ServerCertType extension.
Definition: tls.h:2101
const TlsExtension * selectedGroup
KeyShare extension (HelloRetryRequest)
Definition: tls.h:2120
const TlsExtension * sessionTicket
SessionTicket extension.
Definition: tls.h:2111
const Tls13PskIdentityList * identityList
PreSharedKey extension (ClientHello)
Definition: tls.h:2123
const Tls13PskKeModeList * pskKeModeList
PskKeyExchangeModes extension.
Definition: tls.h:2122
const Tls13KeyShareList * keyShareList
KeyShare extension (ClientHello)
Definition: tls.h:2119
const TlsExtension * encryptThenMac
EncryptThenMac extension.
Definition: tls.h:2105
const TlsSupportedVersionList * supportedVersionList
SupportedVersions extension (ClientHello)
Definition: tls.h:2082
const Tls13PskBinderList * binderList
Definition: tls.h:2124
const TlsSignSchemeList * certSignAlgoList
SignatureAlgorithmsCert extension.
Definition: tls.h:2088
const Tls13Cookie * cookie
Cookie extension.
Definition: tls.h:2117
const TlsExtension * extendedMasterSecret
ExtendedMasterSecret extension.
Definition: tls.h:2108
const TlsServerNameList * serverNameList
ServerName extension.
Definition: tls.h:2084
const TlsCertAuthorities * certAuthorities
CertificateAuthorities extension.
Definition: tls.h:2118
const TlsExtension * earlyDataIndication
EarlyData extension.
Definition: tls.h:2126
const TlsExtension * maxFragLen
MaxFragmentLength extension.
Definition: tls.h:2090
const TlsProtocolNameList * protocolNameList
ALPN extension.
Definition: tls.h:2096
const TlsEcPointFormatList * ecPointFormatList
EcPointFormats extension.
Definition: tls.h:2086
const TlsCertTypeList * clientCertTypeList
ClientCertType extension.
Definition: tls.h:2099
const TlsExtension * selectedVersion
SupportedVersions extension (ServerHello)
Definition: tls.h:2083
const TlsRenegoInfo * renegoInfo
RenegotiationInfo extension.
Definition: tls.h:2114
const TlsExtension * selectedIdentity
PreSharedKey extension (ServerHello)
Definition: tls.h:2125
TLS session state.
Definition: tls.h:2021
systime_t ticketTimestamp
Timestamp to manage ticket lifetime.
Definition: tls.h:2034
systime_t timestamp
Time stamp to manage entry lifetime.
Definition: tls.h:2024
size_t sessionIdLen
Length of the session identifier.
Definition: tls.h:2028
size_t ticketLen
Length of the session ticket.
Definition: tls.h:2032
uint32_t maxEarlyDataSize
Maximum amount of 0-RTT data that the client is allowed to send.
Definition: tls.h:2039
uint16_t version
TLS protocol version.
Definition: tls.h:2022
uint8_t * ticket
Session ticket.
Definition: tls.h:2031
uint16_t cipherSuite
Cipher suite identifier.
Definition: tls.h:2023
uint32_t ticketAgeAdd
Random value used to obscure the age of the ticket.
Definition: tls.h:2036
char_t * ticketAlpn
ALPN protocol associated with the ticket.
Definition: tls.h:2038
char_t * serverName
ServerName extension.
Definition: tls.h:2042
TlsHashAlgo ticketHashAlgo
Hash algorithm associated with the ticket.
Definition: tls.h:2037
uint32_t ticketLifetime
Lifetime of the ticket.
Definition: tls.h:2035
bool_t extendedMasterSecret
Extended master secret computation.
Definition: tls.h:2029
X.509 certificate.
Definition: x509_common.h:1064
uint8_t flags
Definition: tcp.h:351
TLS 1.3 helper functions.
Tls13PskBinderList
Definition: tls13_misc.h:247
Tls13KeyShareList
Definition: tls13_misc.h:192
Tls13KeyShareEntry
Definition: tls13_misc.h:181
Tls13Cookie
Definition: tls13_misc.h:169
Tls13PskIdentityList
Definition: tls13_misc.h:225
Tls13PskKeModeList
Definition: tls13_misc.h:203
systime_t ticketTimestamp
Timestamp to manage ticket lifetime.
Definition: tls.h:1868
TlsClientHello
Definition: tls.h:1757
TlsCertAuthorities
Definition: tls.h:1544
TlsState
TLS FSM states.
Definition: tls.h:1437
@ TLS_STATE_SERVER_CHANGE_CIPHER_SPEC
Definition: tls.h:1461
@ TLS_STATE_SERVER_CERTIFICATE
Definition: tls.h:1449
@ TLS_STATE_CLIENT_CERTIFICATE_VERIFY
Definition: tls.h:1456
@ TLS_STATE_CLOSED
Definition: tls.h:1470
@ TLS_STATE_SERVER_CHANGE_CIPHER_SPEC_2
Definition: tls.h:1462
@ TLS_STATE_SERVER_CERTIFICATE_VERIFY
Definition: tls.h:1451
@ TLS_STATE_SERVER_HELLO_2
Definition: tls.h:1445
@ TLS_STATE_HELLO_VERIFY_REQUEST
Definition: tls.h:1442
@ TLS_STATE_CLIENT_FINISHED
Definition: tls.h:1459
@ TLS_STATE_CLIENT_APP_TRAFFIC_KEYS
Definition: tls.h:1460
@ TLS_STATE_SERVER_APP_TRAFFIC_KEYS
Definition: tls.h:1465
@ TLS_STATE_SERVER_FINISHED
Definition: tls.h:1463
@ TLS_STATE_CLIENT_HELLO_2
Definition: tls.h:1440
@ TLS_STATE_KEY_UPDATE
Definition: tls.h:1467
@ TLS_STATE_SERVER_HELLO
Definition: tls.h:1444
@ TLS_STATE_EARLY_DATA
Definition: tls.h:1441
@ TLS_STATE_APPLICATION_DATA
Definition: tls.h:1468
@ TLS_STATE_SERVER_KEY_EXCHANGE
Definition: tls.h:1450
@ TLS_STATE_INIT
Definition: tls.h:1438
@ TLS_STATE_NEW_SESSION_TICKET
Definition: tls.h:1466
@ TLS_STATE_CLIENT_CHANGE_CIPHER_SPEC_2
Definition: tls.h:1458
@ TLS_STATE_HELLO_RETRY_REQUEST
Definition: tls.h:1443
@ TLS_STATE_END_OF_EARLY_DATA
Definition: tls.h:1464
@ TLS_STATE_CLOSING
Definition: tls.h:1469
@ TLS_STATE_SERVER_HELLO_3
Definition: tls.h:1446
@ TLS_STATE_SERVER_HELLO_DONE
Definition: tls.h:1453
@ TLS_STATE_CLIENT_HELLO
Definition: tls.h:1439
@ TLS_STATE_CERTIFICATE_REQUEST
Definition: tls.h:1452
@ TLS_STATE_HANDSHAKE_TRAFFIC_KEYS
Definition: tls.h:1447
@ TLS_STATE_CLIENT_KEY_EXCHANGE
Definition: tls.h:1455
@ TLS_STATE_CLIENT_CERTIFICATE
Definition: tls.h:1454
@ TLS_STATE_CLIENT_CHANGE_CIPHER_SPEC
Definition: tls.h:1457
@ TLS_STATE_ENCRYPTED_EXTENSIONS
Definition: tls.h:1448
error_t tlsSetEcdsaSignCallback(TlsContext *context, TlsEcdsaSignCallback ecdsaSignCallback)
Register ECDSA signature generation callback function.
Definition: tls.c:772
error_t tlsRestoreSessionState(TlsContext *context, const TlsSessionState *session)
Restore TLS session.
Definition: tls.c:2690
error_t tlsSetPskIdentity(TlsContext *context, const char_t *pskIdentity)
Set the PSK identity to be used by the client.
Definition: tls.c:1042
TlsSupportedVersionList
Definition: tls.h:1578
error_t tlsSetTicketCallbacks(TlsContext *context, TlsTicketEncryptCallback ticketEncryptCallback, TlsTicketDecryptCallback ticketDecryptCallback, void *param)
Set ticket encryption/decryption callbacks.
Definition: tls.c:1512
error_t tlsConnect(TlsContext *context)
Initiate the TLS handshake.
Definition: tls.c:1758
TlsNameType
Name type.
Definition: tls.h:1329
@ TLS_NAME_TYPE_HOSTNAME
Definition: tls.h:1330
TlsKeyExchMethod
Key exchange methods.
Definition: tls.h:1123
@ TLS_KEY_EXCH_DHE_RSA
Definition: tls.h:1127
@ TLS_KEY_EXCH_RSA
Definition: tls.h:1125
@ TLS_KEY_EXCH_SRP_SHA
Definition: tls.h:1140
@ TLS_KEY_EXCH_ECDHE_ECDSA
Definition: tls.h:1134
@ TLS13_KEY_EXCH_PSK_DHE
Definition: tls.h:1146
@ TLS_KEY_EXCH_DHE_PSK
Definition: tls.h:1138
@ TLS_KEY_EXCH_DH_ANON
Definition: tls.h:1130
@ TLS_KEY_EXCH_DH_DSS
Definition: tls.h:1128
@ TLS_KEY_EXCH_RSA_PSK
Definition: tls.h:1137
@ TLS13_KEY_EXCH_ECDHE
Definition: tls.h:1144
@ TLS13_KEY_EXCH_PSK
Definition: tls.h:1145
@ TLS_KEY_EXCH_DH_RSA
Definition: tls.h:1126
@ TLS_KEY_EXCH_SRP_SHA_DSS
Definition: tls.h:1142
@ TLS_KEY_EXCH_SRP_SHA_RSA
Definition: tls.h:1141
@ TLS13_KEY_EXCH_DHE
Definition: tls.h:1143
@ TLS_KEY_EXCH_ECDH_ANON
Definition: tls.h:1135
@ TLS_KEY_EXCH_ECDH_ECDSA
Definition: tls.h:1133
@ TLS13_KEY_EXCH_PSK_ECDHE
Definition: tls.h:1147
@ TLS_KEY_EXCH_DHE_DSS
Definition: tls.h:1129
@ TLS_KEY_EXCH_NONE
Definition: tls.h:1124
@ TLS_KEY_EXCH_ECDHE_RSA
Definition: tls.h:1132
@ TLS_KEY_EXCH_ECDHE_PSK
Definition: tls.h:1139
@ TLS_KEY_EXCH_PSK
Definition: tls.h:1136
@ TLS_KEY_EXCH_ECDH_RSA
Definition: tls.h:1131
TlsEarlyDataStatus tlsGetEarlyDataStatus(TlsContext *context)
Check whether the server has accepted or rejected the early data.
Definition: tls.c:1806
TlsCertificateFormat
Certificate formats.
Definition: tls.h:1156
@ TLS_CERT_FORMAT_RAW_PUBLIC_KEY
Definition: tls.h:1159
@ TLS_CERT_FORMAT_OPENPGP
Definition: tls.h:1158
@ TLS_CERT_FORMAT_1609DOT2
Definition: tls.h:1160
@ TLS_CERT_FORMAT_X509
Definition: tls.h:1157
TlsPskIdentityHint
Definition: tls.h:1689
error_t tlsSaveSessionState(const TlsContext *context, TlsSessionState *session)
Save TLS session.
Definition: tls.c:2621
uint8_t sessionIdLen
Definition: tls.h:1755
error_t tlsWrite(TlsContext *context, const void *data, size_t length, size_t *written, uint_t flags)
Send application data to the remote host using TLS.
Definition: tls.c:1849
TlsEcPointFormatList
Definition: tls.h:1645
TlsAlertDescription
Alert description.
Definition: tls.h:1068
@ TLS_ALERT_CERTIFICATE_REVOKED
Definition: tls.h:1079
@ TLS_ALERT_ACCESS_DENIED
Definition: tls.h:1084
@ TLS_ALERT_BAD_CERTIFICATE
Definition: tls.h:1077
@ TLS_ALERT_UNSUPPORTED_EXTENSION
Definition: tls.h:1096
@ TLS_ALERT_UNEXPECTED_MESSAGE
Definition: tls.h:1070
@ TLS_ALERT_NO_RENEGOTIATION
Definition: tls.h:1094
@ TLS_ALERT_USER_CANCELED
Definition: tls.h:1093
@ TLS_ALERT_BAD_CERTIFICATE_HASH_VALUE
Definition: tls.h:1100
@ TLS_ALERT_MISSING_EXTENSION
Definition: tls.h:1095
@ TLS_ALERT_DECODE_ERROR
Definition: tls.h:1085
@ TLS_ALERT_NO_CERTIFICATE
Definition: tls.h:1076
@ TLS_ALERT_NO_APPLICATION_PROTOCOL
Definition: tls.h:1103
@ TLS_ALERT_CLOSE_NOTIFY
Definition: tls.h:1069
@ TLS_ALERT_CERTIFICATE_UNKNOWN
Definition: tls.h:1081
@ TLS_ALERT_UNKNOWN_CA
Definition: tls.h:1083
@ TLS_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE
Definition: tls.h:1099
@ TLS_ALERT_INAPPROPRIATE_FALLBACK
Definition: tls.h:1092
@ TLS_ALERT_CERTIFICATE_REQUIRED
Definition: tls.h:1102
@ TLS_ALERT_PROTOCOL_VERSION
Definition: tls.h:1089
@ TLS_ALERT_BAD_RECORD_MAC
Definition: tls.h:1071
@ TLS_ALERT_EXPORT_RESTRICTION
Definition: tls.h:1088
@ TLS_ALERT_TOO_MANY_CIDS_REQUESTED
Definition: tls.h:1087
@ TLS_ALERT_CERTIFICATE_EXPIRED
Definition: tls.h:1080
@ TLS_ALERT_DECOMPRESSION_FAILURE
Definition: tls.h:1074
@ TLS_ALERT_ILLEGAL_PARAMETER
Definition: tls.h:1082
@ TLS_ALERT_HANDSHAKE_FAILURE
Definition: tls.h:1075
@ TLS_ALERT_DECRYPTION_FAILED
Definition: tls.h:1072
@ TLS_ALERT_RECORD_OVERFLOW
Definition: tls.h:1073
@ TLS_ALERT_CERTIFICATE_UNOBTAINABLE
Definition: tls.h:1097
@ TLS_ALERT_INSUFFICIENT_SECURITY
Definition: tls.h:1090
@ TLS_ALERT_UNKNOWN_PSK_IDENTITY
Definition: tls.h:1101
@ TLS_ALERT_UNSUPPORTED_CERTIFICATE
Definition: tls.h:1078
@ TLS_ALERT_INTERNAL_ERROR
Definition: tls.h:1091
@ TLS_ALERT_UNRECOGNIZED_NAME
Definition: tls.h:1098
@ TLS_ALERT_DECRYPT_ERROR
Definition: tls.h:1086
error_t(* TlsEcdsaVerifyCallback)(TlsContext *context, const uint8_t *digest, size_t digestLen, EcdsaSignature *signature)
ECDSA signature verification callback function.
Definition: tls.h:1983
uint8_t certificateTypes[]
Definition: tls.h:1794
error_t tlsSetEcdhCallback(TlsContext *context, TlsEcdhCallback ecdhCallback)
Register ECDH key agreement callback function.
Definition: tls.c:746
#define TLS_MAX_CERTIFICATES
Definition: tls.h:262
uint8_t sessionId[]
Definition: tls.h:1756
void TlsCertificateVerify
CertificateVerify message.
Definition: tls.h:1816
TlsTransportProtocol
TLS transport protocols.
Definition: tls.h:940
@ TLS_TRANSPORT_PROTOCOL_STREAM
Definition: tls.h:941
@ TLS_TRANSPORT_PROTOCOL_DATAGRAM
Definition: tls.h:942
@ TLS_TRANSPORT_PROTOCOL_EAP
Definition: tls.h:943
error_t tlsAddCertificate(TlsContext *context, const char_t *certChain, size_t certChainLen, const char_t *privateKey, size_t privateKeyLen)
Add a certificate and the corresponding private key (deprecated)
Definition: tls.c:1226
TlsChangeCipherSpec
Definition: tls.h:1845
TlsCompressMethod
Compression methods.
Definition: tls.h:1112
@ TLS_COMPRESSION_METHOD_DEFLATE
Definition: tls.h:1114
@ TLS_COMPRESSION_METHOD_NULL
Definition: tls.h:1113
error_t(* TlsTicketEncryptCallback)(TlsContext *context, const uint8_t *plaintext, size_t plaintextLen, uint8_t *ciphertext, size_t *ciphertextLen, void *param)
Ticket encryption callback function.
Definition: tls.h:1950
TlsCache * tlsInitCache(uint_t size)
Session cache initialization.
Definition: tls_cache.c:50
error_t(* TlsAlpnCallback)(TlsContext *context, const char_t *selectedProtocol)
ALPN callback function.
Definition: tls.h:1918
error_t(* TlsSocketSendCallback)(TlsSocketHandle handle, const void *data, size_t length, size_t *written, uint_t flags)
Socket send callback function.
Definition: tls.h:1902
uint8_t secret[TLS_MASTER_SECRET_SIZE]
Master secret.
Definition: tls.h:1867
TlsEarlyDataStatus
Early data status.
Definition: tls.h:975
@ TLS_EARLY_DATA_REJECTED
Definition: tls.h:976
@ TLS_EARLY_DATA_ACCEPTED
Definition: tls.h:977
void tlsFreeCache(TlsCache *cache)
Properly dispose a session cache.
Definition: tls_cache.c:319
error_t tlsEnableSessionTickets(TlsContext *context, bool_t enabled)
Enable session ticket mechanism.
Definition: tls.c:1432
error_t(* TlsPskCallback)(TlsContext *context, const uint8_t *pskIdentity, size_t pskIdentityLen)
Pre-shared key callback function.
Definition: tls.h:1926
error_t tlsEnableReplayDetection(TlsContext *context, bool_t enabled)
Enable anti-replay mechanism (for DTLS only)
Definition: tls.c:1638
error_t tlsLoadCertificate(TlsContext *context, uint_t index, const char_t *certChain, size_t certChainLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
Load entity's certificate.
Definition: tls.c:1270
TlsProtocolNameList
Definition: tls.h:1623
error_t tlsSetSupportedGroups(TlsContext *context, const uint16_t *groups, uint_t length)
Specify the list of allowed ECDHE and FFDHE groups.
Definition: tls.c:629
TlsExtension
Definition: tls.h:1556
TlsServerName
Definition: tls.h:1590
error_t(* TlsSocketReceiveCallback)(TlsSocketHandle handle, void *data, size_t size, size_t *received, uint_t flags)
Socket receive callback function.
Definition: tls.h:1910
TlsEcPointFormat
EC point formats.
Definition: tls.h:1413
@ TLS_EC_POINT_FORMAT_UNCOMPRESSED
Definition: tls.h:1414
@ TLS_EC_POINT_FORMAT_ANSI_X962_COMPRESSED_CHAR2
Definition: tls.h:1416
@ TLS_EC_POINT_FORMAT_ANSI_X962_COMPRESSED_PRIME
Definition: tls.h:1415
error_t tlsSetPrng(TlsContext *context, const PrngAlgo *prngAlgo, void *prngContext)
Set the pseudo-random number generator to be used.
Definition: tls.c:370
TlsServerHello
Definition: tls.h:1770
error_t tlsSetCertificateVerifyCallback(TlsContext *context, TlsCertVerifyCallback certVerifyCallback, void *param)
Register certificate verification callback function.
Definition: tls.c:1408
Tls12DigitalSignature
Definition: tls.h:1712
TlsServerNameList
Definition: tls.h:1601
error_t tlsSetKeyLogCallback(TlsContext *context, TlsKeyLogCallback keyLogCallback)
Register key logging callback function (for debugging purpose only)
Definition: tls.c:826
#define TLS_MAX_PASSWORD_LEN
Definition: tls.h:745
bool_t tlsIsTxReady(TlsContext *context)
Check whether some data is ready for transmission.
Definition: tls.c:2223
void TlsCertificate
Certificate message.
Definition: tls.h:1777
void * TlsSocketHandle
Socket handle.
Definition: tls.h:1888
void(* TlsKeyLogCallback)(TlsContext *context, const char_t *key)
Key logging callback function (for debugging purpose only)
Definition: tls.h:1991
TlsCipherSuites
Definition: tls.h:1500
void TlsHelloRequest
HelloRequest message.
Definition: tls.h:1744
uint8_t data[]
Definition: tls.h:1724
TlsContext * tlsInit(void)
TLS context initialization.
Definition: tls.c:65
void TlsFinished
Finished message.
Definition: tls.h:1835
uint8_t ticket[]
Definition: tls.h:1827
TlsClientAuthMode
Client authentication mode.
Definition: tls.h:963
@ TLS_CLIENT_AUTH_REQUIRED
Definition: tls.h:966
@ TLS_CLIENT_AUTH_OPTIONAL
Definition: tls.h:965
@ TLS_CLIENT_AUTH_NONE
Definition: tls.h:964
TlsCertList
Definition: tls.h:1533
error_t tlsSetRpkVerifyCallback(TlsContext *context, TlsRpkVerifyCallback rpkVerifyCallback)
Register the raw public key verification callback function.
Definition: tls.c:1166
void TlsServerKeyExchange
ServerKeyExchange message.
Definition: tls.h:1784
error_t tlsRead(TlsContext *context, void *data, size_t size, size_t *received, uint_t flags)
Receive application data from a the remote host using TLS.
Definition: tls.c:1984
TlsDigitalSignature
Definition: tls.h:1700
error_t tlsAllowUnknownAlpnProtocols(TlsContext *context, bool_t allowed)
Allow unknown ALPN protocols.
Definition: tls.c:853
void tlsFreeSessionState(TlsSessionState *session)
Properly dispose a session state.
Definition: tls.c:2743
error_t(* TlsEcdsaSignCallback)(TlsContext *context, const uint8_t *digest, size_t digestLen, EcdsaSignature *signature)
ECDSA signature generation callback function.
Definition: tls.h:1975
TlsContentType
Content type.
Definition: tls.h:1007
@ TLS_TYPE_CHANGE_CIPHER_SPEC
Definition: tls.h:1009
@ TLS_TYPE_HANDSHAKE
Definition: tls.h:1011
@ TLS_TYPE_NONE
Definition: tls.h:1008
@ TLS_TYPE_ACK
Definition: tls.h:1015
@ TLS_TYPE_APPLICATION_DATA
Definition: tls.h:1012
@ TLS_TYPE_ALERT
Definition: tls.h:1010
@ TLS_TYPE_HEARTBEAT
Definition: tls.h:1013
@ TLS_TYPE_TLS12_CID
Definition: tls.h:1014
#define TLS_PRIVATE_ENCRYPTION_ENGINE
Definition: tls.h:841
char_t hostname[]
Definition: tls.h:1589
TlsExtensionList
Definition: tls.h:1567
void TlsServerHelloDone
ServerHelloDone message.
Definition: tls.h:1802
TlsProtocolName
Definition: tls.h:1612
TlsPskIdentity
Definition: tls.h:1678
TlsSignatureScheme
Signature schemes.
Definition: tls.h:1230
@ TLS_SIGN_SCHEME_GOSTR34102012_512A
Definition: tls.h:1256
@ TLS_SIGN_SCHEME_ECDSA_SHA1
Definition: tls.h:1242
@ TLS_SIGN_SCHEME_ECDSA_BP384R1_TLS13_SHA384
Definition: tls.h:1247
@ TLS_SIGN_SCHEME_GOSTR34102012_256D
Definition: tls.h:1255
@ TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA256
Definition: tls.h:1239
@ TLS_SIGN_SCHEME_ECDSA_SECP521R1_SHA512
Definition: tls.h:1245
@ TLS_SIGN_SCHEME_GOSTR34102012_256C
Definition: tls.h:1254
@ TLS_SIGN_SCHEME_ECDSA_SECP384R1_SHA384
Definition: tls.h:1244
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA512
Definition: tls.h:1235
@ TLS_SIGN_SCHEME_ECDSA_BP256R1_TLS13_SHA256
Definition: tls.h:1246
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA384
Definition: tls.h:1234
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA1
Definition: tls.h:1232
@ TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA384
Definition: tls.h:1237
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA256
Definition: tls.h:1233
@ TLS_SIGN_SCHEME_GOSTR34102012_512C
Definition: tls.h:1258
@ TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA512
Definition: tls.h:1238
@ TLS_SIGN_SCHEME_ECDSA_SECP256R1_SHA256
Definition: tls.h:1243
@ TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA384
Definition: tls.h:1240
@ TLS_SIGN_SCHEME_SM2SIG_SM3
Definition: tls.h:1249
@ TLS_SIGN_SCHEME_ED25519
Definition: tls.h:1250
@ TLS_SIGN_SCHEME_ED448
Definition: tls.h:1251
@ TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA512
Definition: tls.h:1241
@ TLS_SIGN_SCHEME_GOSTR34102012_512B
Definition: tls.h:1257
@ TLS_SIGN_SCHEME_GOSTR34102012_256B
Definition: tls.h:1253
@ TLS_SIGN_SCHEME_GOSTR34102012_256A
Definition: tls.h:1252
@ TLS_SIGN_SCHEME_NONE
Definition: tls.h:1231
@ TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA256
Definition: tls.h:1236
@ TLS_SIGN_SCHEME_ECDSA_BP512R1_TLS13_SHA512
Definition: tls.h:1248
error_t tlsSetPskIdentityHint(TlsContext *context, const char_t *pskIdentityHint)
Set the PSK identity hint to be used by the server.
Definition: tls.c:1091
TlsCertTypeList
Definition: tls.h:1656
uint8_t description
Definition: tls.h:1855
error_t tlsSetVersion(TlsContext *context, uint16_t versionMin, uint16_t versionMax)
Set minimum and maximum versions permitted.
Definition: tls.c:280
error_t tlsEnableSecureRenegotiation(TlsContext *context, bool_t enabled)
Enable secure renegotiation.
Definition: tls.c:1458
error_t tlsSetConnectionEnd(TlsContext *context, TlsConnectionEnd entity)
Set operation mode (client or server)
Definition: tls.c:344
void(* TlsStateChangeCallback)(TlsContext *context, TlsState state)
TLS state change callback.
Definition: tls.h:1895
void TlsClientKeyExchange
ClientKeyExchange message.
Definition: tls.h:1809
error_t tlsSetMaxFragmentLength(TlsContext *context, size_t maxFragLen)
Set maximum fragment length.
Definition: tls.c:564
TlsExtensionType
TLS extension types.
Definition: tls.h:1267
@ TLS_EXT_PADDING
Definition: tls.h:1289
@ TLS_EXT_PWD_PROTECT
Definition: tls.h:1296
@ TLS_EXT_RENEGOTIATION_INFO
Definition: tls.h:1320
@ TLS_EXT_SIGNATURE_ALGORITHMS_CERT
Definition: tls.h:1311
@ TLS_EXT_SRP
Definition: tls.h:1280
@ TLS_EXT_HEARTBEAT
Definition: tls.h:1283
@ TLS_EXT_USE_SRTP
Definition: tls.h:1282
@ TLS_EXT_TICKET_REQUEST
Definition: tls.h:1318
@ TLS_EXT_EARLY_DATA
Definition: tls.h:1304
@ TLS_EXT_TRUNCATED_HMAC
Definition: tls.h:1272
@ TLS_EXT_TRUSTED_CA_KEYS
Definition: tls.h:1271
@ TLS_EXT_CLIENT_CERTIFICATE_URL
Definition: tls.h:1270
@ TLS_EXT_DNSSEC_CHAIN
Definition: tls.h:1319
@ TLS_EXT_USER_MAPPING
Definition: tls.h:1274
@ TLS_EXT_PRE_SHARED_KEY
Definition: tls.h:1303
@ TLS_EXT_MAX_FRAGMENT_LENGTH
Definition: tls.h:1269
@ TLS_EXT_CERTIFICATE_AUTHORITIES
Definition: tls.h:1308
@ TLS_EXT_POST_HANDSHAKE_AUTH
Definition: tls.h:1310
@ TLS_EXT_OID_FILTERS
Definition: tls.h:1309
@ TLS_EXT_QUIC_TRANSPORT_PARAMETERS
Definition: tls.h:1317
@ TLS_EXT_SERVER_CERT_TYPE
Definition: tls.h:1288
@ TLS_EXT_EXTERNAL_SESSION_ID
Definition: tls.h:1316
@ TLS_EXT_CLIENT_CERT_TYPE
Definition: tls.h:1287
@ TLS_EXT_KEY_SHARE
Definition: tls.h:1312
@ TLS_EXT_PASSWORD_SALT
Definition: tls.h:1298
@ TLS_EXT_EXTERNAL_ID_HASH
Definition: tls.h:1315
@ TLS_EXT_ENCRYPT_THEN_MAC
Definition: tls.h:1290
@ TLS_EXT_SIGNATURE_ALGORITHMS
Definition: tls.h:1281
@ TLS_EXT_SUPPORTED_VERSIONS
Definition: tls.h:1305
@ TLS_EXT_STATUS_REQUEST
Definition: tls.h:1273
@ TLS_EXT_CLIENT_AUTHZ
Definition: tls.h:1275
@ TLS_EXT_CERT_TYPE
Definition: tls.h:1277
@ TLS_EXT_EC_POINT_FORMATS
Definition: tls.h:1279
@ TLS_EXT_TLS_CERT_WITH_EXTERN_PSK
Definition: tls.h:1300
@ TLS_EXT_RECORD_SIZE_LIMIT
Definition: tls.h:1295
@ TLS_EXT_TRANSPARENCY_INFO
Definition: tls.h:1313
@ TLS_EXT_SESSION_TICKET
Definition: tls.h:1301
@ TLS_EXT_CACHED_INFO
Definition: tls.h:1293
@ TLS_EXT_SUPPORTED_EKT_CIPHERS
Definition: tls.h:1302
@ TLS_EXT_TICKET_PINNING
Definition: tls.h:1299
@ TLS_EXT_COMPRESS_CERTIFICATE
Definition: tls.h:1294
@ TLS_EXT_SUPPORTED_GROUPS
Definition: tls.h:1278
@ TLS_EXT_STATUS_REQUEST_V2
Definition: tls.h:1285
@ TLS_EXT_COOKIE
Definition: tls.h:1306
@ TLS_EXT_PSK_KEY_EXCHANGE_MODES
Definition: tls.h:1307
@ TLS_EXT_ALPN
Definition: tls.h:1284
@ TLS_EXT_SERVER_NAME
Definition: tls.h:1268
@ TLS_EXT_SIGNED_CERT_TIMESTAMP
Definition: tls.h:1286
@ TLS_EXT_PWD_CLEAR
Definition: tls.h:1297
@ TLS_EXT_CONNECTION_ID
Definition: tls.h:1314
@ TLS_EXT_EXTENDED_MASTER_SECRET
Definition: tls.h:1291
@ TLS_EXT_TOKEN_BINDING
Definition: tls.h:1292
@ TLS_EXT_SERVER_AUTHZ
Definition: tls.h:1276
const char_t * tlsGetServerName(TlsContext *context)
Get the server name.
Definition: tls.c:448
error_t tlsSetSocketCallbacks(TlsContext *context, TlsSocketSendCallback socketSendCallback, TlsSocketReceiveCallback socketReceiveCallback, TlsSocketHandle handle)
Set socket send and receive callbacks.
Definition: tls.c:248
uint8_t random[32]
Definition: tls.h:1754
#define TLS_MAX_HKDF_DIGEST_SIZE
Definition: tls.h:906
error_t tlsSetPsk(TlsContext *context, const uint8_t *psk, size_t length)
Set the pre-shared key to be used.
Definition: tls.c:981
error_t tlsSetDhParameters(TlsContext *context, const char_t *params, size_t length)
Import Diffie-Hellman parameters.
Definition: tls.c:718
TlsHashAlgo
Hash algorithms.
Definition: tls.h:1195
@ TLS_HASH_ALGO_SHA224
Definition: tls.h:1199
@ TLS_HASH_ALGO_SHA384
Definition: tls.h:1201
@ TLS_HASH_ALGO_NONE
Definition: tls.h:1196
@ TLS_HASH_ALGO_SHA256
Definition: tls.h:1200
@ TLS_HASH_ALGO_SHA512
Definition: tls.h:1202
@ TLS_HASH_ALGO_SM3
Definition: tls.h:1204
@ TLS_HASH_ALGO_MD5
Definition: tls.h:1197
@ TLS_HASH_ALGO_INTRINSIC
Definition: tls.h:1203
@ TLS_HASH_ALGO_SHA1
Definition: tls.h:1198
TlsSupportedGroupList
Definition: tls.h:1634
TlsCertificateType
Certificate types.
Definition: tls.h:1169
@ TLS_CERT_ED448_SIGN
Definition: tls.h:1186
@ TLS_CERT_DSS_EPHEMERAL_DH
Definition: tls.h:1176
@ TLS_CERT_RSA_FIXED_DH
Definition: tls.h:1173
@ TLS_CERT_ECDSA_FIXED_ECDH
Definition: tls.h:1180
@ TLS_CERT_RSA_SIGN
Definition: tls.h:1171
@ TLS_CERT_SM2_SIGN
Definition: tls.h:1184
@ TLS_CERT_DSS_FIXED_DH
Definition: tls.h:1174
@ TLS_CERT_DSS_SIGN
Definition: tls.h:1172
@ TLS_CERT_ED25519_SIGN
Definition: tls.h:1185
@ TLS_CERT_RSA_PSS_SIGN
Definition: tls.h:1183
@ TLS_CERT_ECDSA_SIGN
Definition: tls.h:1178
@ TLS_CERT_RSA_EPHEMERAL_DH
Definition: tls.h:1175
@ TLS_CERT_RSA_FIXED_ECDH
Definition: tls.h:1179
@ TLS_CERT_FORTEZZA_DMS
Definition: tls.h:1177
@ TLS_CERT_GOST_SIGN512
Definition: tls.h:1182
@ TLS_CERT_GOST_SIGN256
Definition: tls.h:1181
@ TLS_CERT_NONE
Definition: tls.h:1170
TlsMaxFragmentLength
Maximum fragment length.
Definition: tls.h:1339
@ TLS_MAX_FRAGMENT_LENGTH_512
Definition: tls.h:1340
@ TLS_MAX_FRAGMENT_LENGTH_4096
Definition: tls.h:1343
@ TLS_MAX_FRAGMENT_LENGTH_2048
Definition: tls.h:1342
@ TLS_MAX_FRAGMENT_LENGTH_1024
Definition: tls.h:1341
const char_t * tlsGetAlpnProtocol(TlsContext *context)
Get the name of the selected ALPN protocol.
Definition: tls.c:953
uint16_t ticketLen
Definition: tls.h:1826
error_t tlsSetStateChangeCallback(TlsContext *context, TlsStateChangeCallback stateChangeCallback)
Register TLS state change callback.
Definition: tls.c:224
error_t tlsSetPmtu(TlsContext *context, size_t pmtu)
Set PMTU value (for DTLS only)
Definition: tls.c:1544
TlsSignSchemeList
Definition: tls.h:1522
error_t tlsShutdownEx(TlsContext *context, bool_t waitForCloseNotify)
Gracefully close TLS session.
Definition: tls.c:2315
error_t tlsEnableFallbackScsv(TlsContext *context, bool_t enabled)
Perform fallback retry (for clients only)
Definition: tls.c:1484
error_t(* TlsTicketDecryptCallback)(TlsContext *context, const uint8_t *ciphertext, size_t ciphertextLen, uint8_t *plaintext, size_t *plaintextLen, void *param)
Ticket decryption callback function.
Definition: tls.h:1959
error_t tlsSetTrustedCaList(TlsContext *context, const char_t *trustedCaList, size_t length)
Import a trusted CA list.
Definition: tls.c:1194
error_t tlsSetEcdsaVerifyCallback(TlsContext *context, TlsEcdsaVerifyCallback ecdsaVerifyCallback)
Register ECDSA signature verification callback function.
Definition: tls.c:799
TlsAlert
Definition: tls.h:1856
#define TLS_RANDOM_SIZE
Definition: tls.h:923
TlsFlags
Flags used by read and write functions.
Definition: tls.h:986
@ TLS_FLAG_BREAK_CRLF
Definition: tls.h:990
@ TLS_FLAG_WAIT_ALL
Definition: tls.h:988
@ TLS_FLAG_WAIT_ACK
Definition: tls.h:991
@ TLS_FLAG_NO_DELAY
Definition: tls.h:992
@ TLS_FLAG_DELAY
Definition: tls.h:993
@ TLS_FLAG_PEEK
Definition: tls.h:987
@ TLS_FLAG_BREAK_CHAR
Definition: tls.h:989
error_t tlsSetServerName(TlsContext *context, const char_t *serverName)
Set the server name.
Definition: tls.c:398
error_t(* TlsRpkVerifyCallback)(TlsContext *context, const uint8_t *rawPublicKey, size_t rawPublicKeyLen)
Raw public key verification callback function.
Definition: tls.h:1942
TlsRenegoInfo
Definition: tls.h:1667
uint16_t length
Definition: tls.h:1554
#define TLS_PREMASTER_SECRET_SIZE
Definition: tls.h:801
uint16_t version
Definition: tls.h:1722
TlsState tlsGetState(TlsContext *context)
Retrieve current TLS state.
Definition: tls.c:198
TlsSignatureAlgo
Signature algorithms.
Definition: tls.h:1213
@ TLS_SIGN_ALGO_GOSTR34102012_512
Definition: tls.h:1221
@ TLS_SIGN_ALGO_ECDSA
Definition: tls.h:1217
@ TLS_SIGN_ALGO_ED448
Definition: tls.h:1219
@ TLS_SIGN_ALGO_RSA
Definition: tls.h:1215
@ TLS_SIGN_ALGO_DSA
Definition: tls.h:1216
@ TLS_SIGN_ALGO_ANONYMOUS
Definition: tls.h:1214
@ TLS_SIGN_ALGO_ED25519
Definition: tls.h:1218
@ TLS_SIGN_ALGO_GOSTR34102012_256
Definition: tls.h:1220
error_t tlsWriteEarlyData(TlsContext *context, const void *data, size_t length, size_t *written, uint_t flags)
Send early data to the remote TLS server.
Definition: tls.c:1695
#define TlsContext
Definition: tls.h:36
error_t tlsSetBufferSize(TlsContext *context, size_t txBufferSize, size_t rxBufferSize)
Set TLS buffer size.
Definition: tls.c:516
error_t tlsSetPreferredGroup(TlsContext *context, uint16_t group)
Specify the preferred ECDHE or FFDHE group.
Definition: tls.c:656
TlsCertificateRequest
Definition: tls.h:1795
uint16_t cipherSuite
Cipher suite identifier.
Definition: tls.h:1866
error_t tlsSetCookieCallbacks(TlsContext *context, DtlsCookieGenerateCallback cookieGenerateCallback, DtlsCookieVerifyCallback cookieVerifyCallback, void *param)
Set cookie generation/verification callbacks (for DTLS only)
Definition: tls.c:1602
typedef __packed_struct
Sequence number.
Definition: tls.h:1487
TlsAlertLevel
Alert level.
Definition: tls.h:1057
@ TLS_ALERT_LEVEL_WARNING
Definition: tls.h:1058
@ TLS_ALERT_LEVEL_FATAL
Definition: tls.h:1059
TlsSequenceNumber
Definition: tls.h:1489
TlsConnectionEnd
TLS connection end.
Definition: tls.h:952
@ TLS_CONNECTION_END_SERVER
Definition: tls.h:954
@ TLS_CONNECTION_END_CLIENT
Definition: tls.h:953
TlsPlaintextSessionState
Definition: tls.h:1873
TlsNewSessionTicket
Definition: tls.h:1828
error_t(* TlsEcdhCallback)(TlsContext *context)
ECDH key agreement callback function.
Definition: tls.h:1968
error_t tlsSetSupportedSignAlgos(TlsContext *context, const uint16_t *signAlgos, uint_t length)
Specify the list of allowed signature algorithms.
Definition: tls.c:684
uint16_t value[]
Definition: tls.h:1499
#define TlsEncryptionEngine
Definition: tls.h:40
error_t tlsSetCipherSuites(TlsContext *context, const uint16_t *cipherSuites, uint_t length)
Specify the list of allowed cipher suites.
Definition: tls.c:600
#define TLS_MASTER_SECRET_SIZE
Definition: tls.h:794
bool_t tlsIsRxReady(TlsContext *context)
Check whether some data is available in the receive buffer.
Definition: tls.c:2257
TlsHandshake
Definition: tls.h:1737
TlsRecord
Definition: tls.h:1725
TlsNamedGroup
Named groups.
Definition: tls.h:1352
@ TLS_GROUP_FFDHE6144
Definition: tls.h:1398
@ TLS_GROUP_SECT233K1
Definition: tls.h:1359
@ TLS_GROUP_BRAINPOOLP384R1_TLS13
Definition: tls.h:1385
@ TLS_GROUP_FFDHE4096
Definition: tls.h:1397
@ TLS_GROUP_SECP192R1
Definition: tls.h:1372
@ TLS_GROUP_SECP521R1
Definition: tls.h:1378
@ TLS_GROUP_SECP160R2
Definition: tls.h:1370
@ TLS_GROUP_SECT163K1
Definition: tls.h:1354
@ TLS_GROUP_SECP256R1_KYBER768_DRAFT00
Definition: tls.h:1402
@ TLS_GROUP_GC512C
Definition: tls.h:1393
@ TLS_GROUP_BRAINPOOLP512R1_TLS13
Definition: tls.h:1386
@ TLS_GROUP_GC256D
Definition: tls.h:1390
@ TLS_GROUP_SECT283K1
Definition: tls.h:1362
@ TLS_GROUP_GC256A
Definition: tls.h:1387
@ TLS_GROUP_SECT193R2
Definition: tls.h:1358
@ TLS_GROUP_SECT193R1
Definition: tls.h:1357
@ TLS_GROUP_SECP256R1
Definition: tls.h:1376
@ TLS_GROUP_SECP384R1
Definition: tls.h:1377
@ TLS_GROUP_SECP160R1
Definition: tls.h:1369
@ TLS_GROUP_SECP256K1
Definition: tls.h:1375
@ TLS_GROUP_SECT283R1
Definition: tls.h:1363
@ TLS_GROUP_BRAINPOOLP512R1
Definition: tls.h:1381
@ TLS_GROUP_SECT409R1
Definition: tls.h:1365
@ TLS_GROUP_SECT233R1
Definition: tls.h:1360
@ TLS_GROUP_GC512A
Definition: tls.h:1391
@ TLS_GROUP_FFDHE8192
Definition: tls.h:1399
@ TLS_GROUP_FFDHE2048
Definition: tls.h:1395
@ TLS_GROUP_SECT163R1
Definition: tls.h:1355
@ TLS_GROUP_SECT239K1
Definition: tls.h:1361
@ TLS_GROUP_FFDHE3072
Definition: tls.h:1396
@ TLS_GROUP_BRAINPOOLP256R1_TLS13
Definition: tls.h:1384
@ TLS_GROUP_ECDH_X448
Definition: tls.h:1383
@ TLS_GROUP_BRAINPOOLP256R1
Definition: tls.h:1379
@ TLS_GROUP_X25519_KYBER768_DRAFT00
Definition: tls.h:1401
@ TLS_GROUP_EXPLICIT_CHAR2_CURVE
Definition: tls.h:1404
@ TLS_GROUP_SECT571R1
Definition: tls.h:1367
@ TLS_GROUP_SECP160K1
Definition: tls.h:1368
@ TLS_GROUP_SECP224K1
Definition: tls.h:1373
@ TLS_GROUP_ECDH_X25519
Definition: tls.h:1382
@ TLS_GROUP_SECT163R2
Definition: tls.h:1356
@ TLS_GROUP_SECT571K1
Definition: tls.h:1366
@ TLS_GROUP_GC512B
Definition: tls.h:1392
@ TLS_GROUP_EXPLICIT_PRIME_CURVE
Definition: tls.h:1403
@ TLS_GROUP_GC256B
Definition: tls.h:1388
@ TLS_GROUP_SECP192K1
Definition: tls.h:1371
@ TLS_GROUP_FFDHE_MAX
Definition: tls.h:1400
@ TLS_GROUP_NONE
Definition: tls.h:1353
@ TLS_GROUP_SECT409K1
Definition: tls.h:1364
@ TLS_GROUP_BRAINPOOLP384R1
Definition: tls.h:1380
@ TLS_GROUP_SECP224R1
Definition: tls.h:1374
@ TLS_GROUP_GC256C
Definition: tls.h:1389
@ TLS_GROUP_SM2
Definition: tls.h:1394
error_t tlsSetClientAuthMode(TlsContext *context, TlsClientAuthMode mode)
Set client authentication mode (for servers only)
Definition: tls.c:494
error_t tlsShutdown(TlsContext *context)
Gracefully close TLS session.
Definition: tls.c:2302
error_t(* TlsCertVerifyCallback)(TlsContext *context, const X509CertInfo *certInfo, uint_t pathLen, void *param)
Certificate verification callback function.
Definition: tls.h:1934
error_t tlsSetCache(TlsContext *context, TlsCache *cache)
Set session cache.
Definition: tls.c:473
uint32_t ticketLifetime
Lifetime of the ticket.
Definition: tls.h:1869
TlsMessageType
Handshake message type.
Definition: tls.h:1024
@ TLS_TYPE_REQUEST_CONNECTION_ID
Definition: tls.h:1033
@ TLS_TYPE_SERVER_HELLO
Definition: tls.h:1027
@ TLS_TYPE_CLIENT_HELLO
Definition: tls.h:1026
@ TLS_TYPE_CERTIFICATE_VERIFY
Definition: tls.h:1039
@ TLS_TYPE_SUPPLEMENTAL_DATA
Definition: tls.h:1044
@ TLS_TYPE_MESSAGE_HASH
Definition: tls.h:1048
@ TLS_TYPE_END_OF_EARLY_DATA
Definition: tls.h:1030
@ TLS_TYPE_NEW_CONNECTION_ID
Definition: tls.h:1034
@ TLS_TYPE_SERVER_HELLO_DONE
Definition: tls.h:1038
@ TLS_TYPE_SERVER_KEY_EXCHANGE
Definition: tls.h:1036
@ TLS_TYPE_FINISHED
Definition: tls.h:1041
@ TLS_TYPE_HELLO_REQUEST
Definition: tls.h:1025
@ TLS_TYPE_CERTIFICATE_URL
Definition: tls.h:1042
@ TLS_TYPE_CERTIFICATE
Definition: tls.h:1035
@ TLS_TYPE_KEY_UPDATE
Definition: tls.h:1045
@ TLS_TYPE_CERTIFICATE_STATUS
Definition: tls.h:1043
@ TLS_TYPE_CLIENT_KEY_EXCHANGE
Definition: tls.h:1040
@ TLS_TYPE_COMPRESSED_CERTIFICATE
Definition: tls.h:1046
@ TLS_TYPE_ENCRYPTED_EXTENSIONS
Definition: tls.h:1032
@ TLS_TYPE_HELLO_VERIFY_REQUEST
Definition: tls.h:1028
@ TLS_TYPE_NEW_SESSION_TICKET
Definition: tls.h:1029
@ TLS_TYPE_CERTIFICATE_REQUEST
Definition: tls.h:1037
@ TLS_TYPE_EKT_KEY
Definition: tls.h:1047
@ TLS_TYPE_HELLO_RETRY_REQUEST
Definition: tls.h:1031
error_t tlsInitSessionState(TlsSessionState *session)
Initialize session state.
Definition: tls.c:2600
#define TLS_PRIVATE_CONTEXT
Definition: tls.h:836
void tlsFree(TlsContext *context)
Release TLS context.
Definition: tls.c:2464
error_t tlsSetTimeout(TlsContext *context, systime_t timeout)
Set timeout for blocking calls (for DTLS only)
Definition: tls.c:1574
TlsCompressMethods
Definition: tls.h:1511
bool_t extendedMasterSecret
Extended master secret computation.
Definition: tls.h:1871
TlsEcCurveType
EC curve types.
Definition: tls.h:1425
@ TLS_EC_CURVE_TYPE_NAMED_CURVE
Definition: tls.h:1428
@ TLS_EC_CURVE_TYPE_EXPLICIT_PRIME
Definition: tls.h:1426
@ TLS_EC_CURVE_TYPE_EXPLICIT_CHAR2
Definition: tls.h:1427
error_t tlsSetAlpnProtocolList(TlsContext *context, const char_t *protocolList)
Set the list of supported ALPN protocols.
Definition: tls.c:879
error_t tlsSetMaxEarlyDataSize(TlsContext *context, size_t maxEarlyDataSize)
Send the maximum amount of 0-RTT data the server can accept.
Definition: tls.c:1666
error_t tlsSetPskCallback(TlsContext *context, TlsPskCallback pskCallback)
Register PSK callback function.
Definition: tls.c:1140
error_t tlsSetTransportProtocol(TlsContext *context, TlsTransportProtocol transportProtocol)
Set the transport protocol to be used.
Definition: tls.c:314
error_t tlsSetAlpnCallback(TlsContext *context, TlsAlpnCallback alpnCallback)
Register ALPN callback function.
Definition: tls.c:928
Legacy definitions.
Generic hash algorithm context.
X.509 common definitions.