| Paul Bakker | 37ca75d | 2011-01-06 12:28:03 +0000 | [diff] [blame] | 1 | /** |
| Jaeden Amero | 25facdd | 2018-01-23 15:36:58 +0000 | [diff] [blame] | 2 | * \file doc_ssltls.h |
| 3 | * |
| 4 | * \brief SSL/TLS communication module documentation file. |
| 5 | */ |
| 6 | /* |
| Manuel Pégourié-Gonnard | 8119dad | 2015-08-06 10:59:26 +0200 | [diff] [blame] | 7 | * |
| Bence Szépkúti | 1e14827 | 2020-08-07 13:07:28 +0200 | [diff] [blame] | 8 | * Copyright The Mbed TLS Contributors |
| Dave Rodgman | 16799db | 2023-11-02 19:47:20 +0000 | [diff] [blame] | 9 | * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later |
| Paul Bakker | 37ca75d | 2011-01-06 12:28:03 +0000 | [diff] [blame] | 10 | */ |
| 11 | |
| 12 | /** |
| 13 | * @addtogroup ssltls_communication_module SSL/TLS communication module |
| Paul Bakker | dcbfdcc | 2013-09-10 16:16:50 +0200 | [diff] [blame] | 14 | * |
| Paul Bakker | 37ca75d | 2011-01-06 12:28:03 +0000 | [diff] [blame] | 15 | * The SSL/TLS communication module provides the means to create an SSL/TLS |
| Paul Bakker | dcbfdcc | 2013-09-10 16:16:50 +0200 | [diff] [blame] | 16 | * communication channel. |
| 17 | * |
| Paul Bakker | 37ca75d | 2011-01-06 12:28:03 +0000 | [diff] [blame] | 18 | * The basic provisions are: |
| Manuel Pégourié-Gonnard | 151dc77 | 2015-05-14 13:55:51 +0200 | [diff] [blame] | 19 | * - initialise an SSL/TLS context (see \c mbedtls_ssl_init()). |
| 20 | * - perform an SSL/TLS handshake (see \c mbedtls_ssl_handshake()). |
| 21 | * - read/write (see \c mbedtls_ssl_read() and \c mbedtls_ssl_write()). |
| 22 | * - notify a peer that connection is being closed (see \c mbedtls_ssl_close_notify()). |
| Paul Bakker | 37ca75d | 2011-01-06 12:28:03 +0000 | [diff] [blame] | 23 | * |
| Paul Bakker | 37ca75d | 2011-01-06 12:28:03 +0000 | [diff] [blame] | 24 | * Many aspects of such a channel are set through parameters and callback |
| 25 | * functions: |
| 26 | * - the endpoint role: client or server. |
| 27 | * - the authentication mode. Should verification take place. |
| 28 | * - the Host-to-host communication channel. A TCP/IP module is provided. |
| 29 | * - the random number generator (RNG). |
| 30 | * - the ciphers to use for encryption/decryption. |
| 31 | * - session control functions. |
| 32 | * - X.509 parameters for certificate-handling and key exchange. |
| Paul Bakker | 37ca75d | 2011-01-06 12:28:03 +0000 | [diff] [blame] | 33 | * |
| 34 | * This module can be used to create an SSL/TLS server and client and to provide a basic |
| 35 | * framework to setup and communicate through an SSL/TLS communication channel.\n |
| 36 | * Note that you need to provide for several aspects yourself as mentioned above. |
| 37 | */ |