- Initial bare version of TLS 1.2
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index bd2c939..69e7a06 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -34,6 +34,7 @@
#include "rsa.h"
#include "md5.h"
#include "sha1.h"
+#include "sha2.h"
#include "x509.h"
#include "config.h"
@@ -90,6 +91,7 @@
#define SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */
#define SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */
#define SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */
+#define SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */
#define SSL_IS_CLIENT 0
#define SSL_IS_SERVER 1
@@ -131,6 +133,19 @@
#define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88
/*
+ * Supported Signature and Hash algorithms (For TLS 1.2)
+ */
+#define SSL_HASH_NONE 0
+#define SSL_HASH_MD5 1
+#define SSL_HASH_SHA1 2
+#define SSL_HASH_SHA224 3
+#define SSL_HASH_SHA256 4
+#define SSL_HASH_SHA384 5
+#define SSL_HASH_SHA512 6
+
+#define SSL_SIG_RSA 1
+
+/*
* Message, alert and handshake types
*/
#define SSL_MSG_CHANGE_CIPHER_SPEC 20
@@ -310,6 +325,12 @@
dhm_context dhm_ctx; /*!< DHM key exchange */
md5_context fin_md5; /*!< Finished MD5 checksum */
sha1_context fin_sha1; /*!< Finished SHA-1 checksum */
+ sha2_context fin_sha2; /*!< Finished SHA-256 checksum */
+
+ void (*calc_finished)(ssl_context *, unsigned char *, int);
+ int (*tls_prf)(unsigned char *, size_t, char *,
+ unsigned char *, size_t,
+ unsigned char *, size_t);
int do_crypt; /*!< en(de)cryption flag */
int *ciphersuites; /*!< allowed ciphersuites */
@@ -578,7 +599,8 @@
* \param ssl SSL context
* \param major Major version number (only SSL_MAJOR_VERSION_3 supported)
* \param minor Minor version number (SSL_MINOR_VERSION_0,
- * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2 supported)
+ * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2,
+ * SSL_MINOR_VERSION_3 supported)
*/
void ssl_set_max_version( ssl_context *ssl, int major, int minor );