Switch to the new code style
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index ac13275..661b23c 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -230,29 +230,29 @@
* mbedtls_ssl_conf_tls13_key_exchange_modes().
*/
-#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK ( 1u << 0 ) /*!< Pure-PSK TLS 1.3 key exchange,
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK (1u << 0) /*!< Pure-PSK TLS 1.3 key exchange,
* encompassing both externally agreed PSKs
* as well as resumption PSKs. */
-#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ( 1u << 1 ) /*!< Pure-Ephemeral TLS 1.3 key exchanges,
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL (1u << 1) /*!< Pure-Ephemeral TLS 1.3 key exchanges,
* including for example ECDHE and DHE
* key exchanges. */
-#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ( 1u << 2 ) /*!< PSK-Ephemeral TLS 1.3 key exchanges,
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL (1u << 2) /*!< PSK-Ephemeral TLS 1.3 key exchanges,
* using both a PSK and an ephemeral
* key exchange. */
/* Convenience macros for sets of key exchanges. */
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL \
- ( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL | \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ) /*!< All TLS 1.3 key exchanges */
+ (MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL) /*!< All TLS 1.3 key exchanges */
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL \
- ( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All PSK-based TLS 1.3 key exchanges */
+ (MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) /*!< All PSK-based TLS 1.3 key exchanges */
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL \
- ( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL | \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All ephemeral TLS 1.3 key exchanges */
+ (MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) /*!< All ephemeral TLS 1.3 key exchanges */
-#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE ( 0 )
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE (0)
/*
* Various constants
@@ -602,8 +602,7 @@
#endif
/* Dummy type used only for its size */
-union mbedtls_ssl_premaster_secret
-{
+union mbedtls_ssl_premaster_secret {
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */
#endif
@@ -621,21 +620,21 @@
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE
- + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */
+ + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
unsigned char _pms_rsa_psk[52 + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 4 */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES
- + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */
+ + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
unsigned char _pms_ecjpake[32]; /* Thread spec: SHA-256 output */
#endif
};
-#define MBEDTLS_PREMASTER_SIZE sizeof( union mbedtls_ssl_premaster_secret )
+#define MBEDTLS_PREMASTER_SIZE sizeof(union mbedtls_ssl_premaster_secret)
#define MBEDTLS_TLS1_3_MD_MAX_SIZE PSA_HASH_MAX_SIZE
@@ -650,8 +649,7 @@
/*
* SSL state machine
*/
-typedef enum
-{
+typedef enum {
MBEDTLS_SSL_HELLO_REQUEST,
MBEDTLS_SSL_CLIENT_HELLO,
MBEDTLS_SSL_SERVER_HELLO,
@@ -701,9 +699,9 @@
* \note The callback is allowed to send fewer bytes than requested.
* It must always return the number of bytes actually sent.
*/
-typedef int mbedtls_ssl_send_t( void *ctx,
- const unsigned char *buf,
- size_t len );
+typedef int mbedtls_ssl_send_t(void *ctx,
+ const unsigned char *buf,
+ size_t len);
/**
* \brief Callback type: receive data from the network.
@@ -725,9 +723,9 @@
* buffer. It must always return the number of bytes actually
* received and written to the buffer.
*/
-typedef int mbedtls_ssl_recv_t( void *ctx,
- unsigned char *buf,
- size_t len );
+typedef int mbedtls_ssl_recv_t(void *ctx,
+ unsigned char *buf,
+ size_t len);
/**
* \brief Callback type: receive data from the network, with timeout
@@ -751,10 +749,10 @@
* buffer. It must always return the number of bytes actually
* received and written to the buffer.
*/
-typedef int mbedtls_ssl_recv_timeout_t( void *ctx,
- unsigned char *buf,
- size_t len,
- uint32_t timeout );
+typedef int mbedtls_ssl_recv_timeout_t(void *ctx,
+ unsigned char *buf,
+ size_t len,
+ uint32_t timeout);
/**
* \brief Callback type: set a pair of timers/delays to watch
*
@@ -777,9 +775,9 @@
* function while a timer is running must cancel it. Cancelled
* timers must not generate any event.
*/
-typedef void mbedtls_ssl_set_timer_t( void * ctx,
- uint32_t int_ms,
- uint32_t fin_ms );
+typedef void mbedtls_ssl_set_timer_t(void *ctx,
+ uint32_t int_ms,
+ uint32_t fin_ms);
/**
* \brief Callback type: get status of timers/delays
@@ -792,7 +790,7 @@
* 1 if only the intermediate delay has passed,
* 2 if the final delay has passed.
*/
-typedef int mbedtls_ssl_get_timer_t( void * ctx );
+typedef int mbedtls_ssl_get_timer_t(void *ctx);
/* Defined below */
typedef struct mbedtls_ssl_session mbedtls_ssl_session;
@@ -814,15 +812,15 @@
typedef uint8_t mbedtls_ssl_tls13_ticket_flags;
#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK /* 1U << 0 */
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK /* 1U << 0 */
#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL /* 1U << 2 */
-#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA ( 1U << 3 )
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL /* 1U << 2 */
+#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA (1U << 3)
#define MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK \
- ( MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION | \
- MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION | \
- MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA )
+ (MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION | \
+ MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION | \
+ MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA)
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
/**
@@ -848,10 +846,10 @@
* \return A non-zero return value on failure.
*
*/
-typedef int mbedtls_ssl_cache_get_t( void *data,
- unsigned char const *session_id,
- size_t session_id_len,
- mbedtls_ssl_session *session );
+typedef int mbedtls_ssl_cache_get_t(void *data,
+ unsigned char const *session_id,
+ size_t session_id_len,
+ mbedtls_ssl_session *session);
/**
* \brief Callback type: server-side session cache setter
*
@@ -870,10 +868,10 @@
* \return \c 0 on success
* \return A non-zero return value on failure.
*/
-typedef int mbedtls_ssl_cache_set_t( void *data,
- unsigned char const *session_id,
- size_t session_id_len,
- const mbedtls_ssl_session *session );
+typedef int mbedtls_ssl_cache_set_t(void *data,
+ unsigned char const *session_id,
+ size_t session_id_len,
+ const mbedtls_ssl_session *session);
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -948,11 +946,11 @@
* use \c MBEDTLS_ERR_SSL_xxx error codes except as
* directed in the documentation of this callback.
*/
-typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl,
- mbedtls_x509_crt *cert,
- mbedtls_md_type_t md_alg,
- const unsigned char *hash,
- size_t hash_len );
+typedef int mbedtls_ssl_async_sign_t(mbedtls_ssl_context *ssl,
+ mbedtls_x509_crt *cert,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash,
+ size_t hash_len);
/**
* \brief Callback type: start external decryption operation.
@@ -1014,10 +1012,10 @@
* use \c MBEDTLS_ERR_SSL_xxx error codes except as
* directed in the documentation of this callback.
*/
-typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl,
- mbedtls_x509_crt *cert,
- const unsigned char *input,
- size_t input_len );
+typedef int mbedtls_ssl_async_decrypt_t(mbedtls_ssl_context *ssl,
+ mbedtls_x509_crt *cert,
+ const unsigned char *input,
+ size_t input_len);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/**
@@ -1062,10 +1060,10 @@
* use \c MBEDTLS_ERR_SSL_xxx error codes except as
* directed in the documentation of this callback.
*/
-typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl,
- unsigned char *output,
- size_t *output_len,
- size_t output_size );
+typedef int mbedtls_ssl_async_resume_t(mbedtls_ssl_context *ssl,
+ unsigned char *output,
+ size_t *output_len,
+ size_t output_size);
/**
* \brief Callback type: cancel external operation.
@@ -1084,7 +1082,7 @@
* \param ssl The SSL connection instance. It should not be
* modified.
*/
-typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
+typedef void mbedtls_ssl_async_cancel_t(mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
@@ -1106,12 +1104,11 @@
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED &&
!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-typedef struct
-{
- unsigned char client_application_traffic_secret_N[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
- unsigned char server_application_traffic_secret_N[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
- unsigned char exporter_master_secret [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
- unsigned char resumption_master_secret [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
+typedef struct {
+ unsigned char client_application_traffic_secret_N[MBEDTLS_TLS1_3_MD_MAX_SIZE];
+ unsigned char server_application_traffic_secret_N[MBEDTLS_TLS1_3_MD_MAX_SIZE];
+ unsigned char exporter_master_secret[MBEDTLS_TLS1_3_MD_MAX_SIZE];
+ unsigned char resumption_master_secret[MBEDTLS_TLS1_3_MD_MAX_SIZE];
} mbedtls_ssl_tls13_application_secrets;
#if defined(MBEDTLS_SSL_DTLS_SRTP)
@@ -1127,17 +1124,16 @@
* Reminder: if this list is expanded mbedtls_ssl_check_srtp_profile_value
* must be updated too.
*/
-#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 ( (uint16_t) 0x0001)
-#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 ( (uint16_t) 0x0002)
-#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 ( (uint16_t) 0x0005)
-#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 ( (uint16_t) 0x0006)
+#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 ((uint16_t) 0x0001)
+#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 ((uint16_t) 0x0002)
+#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 ((uint16_t) 0x0005)
+#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 ((uint16_t) 0x0006)
/* This one is not iana defined, but for code readability. */
-#define MBEDTLS_TLS_SRTP_UNSET ( (uint16_t) 0x0000)
+#define MBEDTLS_TLS_SRTP_UNSET ((uint16_t) 0x0000)
typedef uint16_t mbedtls_ssl_srtp_profile;
-typedef struct mbedtls_dtls_srtp_info_t
-{
+typedef struct mbedtls_dtls_srtp_info_t {
/*! The SRTP profile that was negotiated. */
mbedtls_ssl_srtp_profile MBEDTLS_PRIVATE(chosen_dtls_srtp_profile);
/*! The length of mki_value. */
@@ -1150,8 +1146,7 @@
#endif /* MBEDTLS_SSL_DTLS_SRTP */
/** Human-friendly representation of the (D)TLS protocol version. */
-typedef enum
-{
+typedef enum {
MBEDTLS_SSL_VERSION_UNKNOWN, /*!< Context not in use or version not yet negotiated. */
MBEDTLS_SSL_VERSION_TLS1_2 = 0x0303, /*!< (D)TLS 1.2 */
MBEDTLS_SSL_VERSION_TLS1_3 = 0x0304, /*!< (D)TLS 1.3 */
@@ -1168,8 +1163,7 @@
* mbedtls_ssl_session_save() and ssl_session_load()
* ssl_session_copy()
*/
-struct mbedtls_ssl_session
-{
+struct mbedtls_ssl_session {
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
@@ -1237,18 +1231,16 @@
/*
* Identifiers for PRFs used in various versions of TLS.
*/
-typedef enum
-{
- MBEDTLS_SSL_TLS_PRF_NONE,
- MBEDTLS_SSL_TLS_PRF_SHA384,
- MBEDTLS_SSL_TLS_PRF_SHA256,
- MBEDTLS_SSL_HKDF_EXPAND_SHA384,
- MBEDTLS_SSL_HKDF_EXPAND_SHA256
+typedef enum {
+ MBEDTLS_SSL_TLS_PRF_NONE,
+ MBEDTLS_SSL_TLS_PRF_SHA384,
+ MBEDTLS_SSL_TLS_PRF_SHA256,
+ MBEDTLS_SSL_HKDF_EXPAND_SHA384,
+ MBEDTLS_SSL_HKDF_EXPAND_SHA256
}
mbedtls_tls_prf_types;
-typedef enum
-{
+typedef enum {
MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET = 0,
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_EARLY_SECRET,
@@ -1275,13 +1267,13 @@
* \param tls_prf_type The identifier for the PRF used in the handshake
* to which the key belongs.
*/
-typedef void mbedtls_ssl_export_keys_t( void *p_expkey,
- mbedtls_ssl_key_export_type type,
- const unsigned char *secret,
- size_t secret_len,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type );
+typedef void mbedtls_ssl_export_keys_t(void *p_expkey,
+ mbedtls_ssl_key_export_type type,
+ const unsigned char *secret,
+ size_t secret_len,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type);
#if defined(MBEDTLS_SSL_SRV_C)
/**
@@ -1299,7 +1291,7 @@
* or a specific MBEDTLS_ERR_XXX code, which will cause
* the handshake to be aborted.
*/
-typedef int (*mbedtls_ssl_hs_cb_t)( mbedtls_ssl_context *ssl );
+typedef int (*mbedtls_ssl_hs_cb_t)(mbedtls_ssl_context *ssl);
#endif
/* A type for storing user data in a library structure.
@@ -1308,8 +1300,7 @@
* Only the behaviors guaranteed by documented accessor functions are
* guaranteed to remain stable.
*/
-typedef union
-{
+typedef union {
uintptr_t n; /* typically a handle to an associated object */
void *p; /* typically a pointer to extra data */
} mbedtls_ssl_user_data_t;
@@ -1317,8 +1308,7 @@
/**
* SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
*/
-struct mbedtls_ssl_config
-{
+struct mbedtls_ssl_config {
/* Group items mostly by size. This helps to reduce memory wasted to
* padding. It also helps to keep smaller fields early in the structure,
* so that elements tend to be in the 128-element direct access window
@@ -1395,11 +1385,11 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/** Callback for printing debug output */
- void (*MBEDTLS_PRIVATE(f_dbg))(void *, int, const char *, int, const char *);
+ void(*MBEDTLS_PRIVATE(f_dbg))(void *, int, const char *, int, const char *);
void *MBEDTLS_PRIVATE(p_dbg); /*!< context for the debug function */
/** Callback for getting (pseudo-)random numbers */
- int (*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
+ int(*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */
/** Callback to retrieve a session from the cache */
@@ -1410,40 +1400,41 @@
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
/** Callback for setting cert according to SNI extension */
- int (*MBEDTLS_PRIVATE(f_sni))(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
+ int(*MBEDTLS_PRIVATE(f_sni))(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_sni); /*!< context for SNI callback */
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/** Callback to customize X.509 certificate chain verification */
- int (*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *);
+ int(*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *);
void *MBEDTLS_PRIVATE(p_vrfy); /*!< context for X.509 verify calllback */
#endif
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#if defined(MBEDTLS_SSL_SRV_C)
/** Callback to retrieve PSK key from identity */
- int (*MBEDTLS_PRIVATE(f_psk))(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
+ int(*MBEDTLS_PRIVATE(f_psk))(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_psk); /*!< context for PSK callback */
#endif
#endif
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
/** Callback to create & write a cookie for ClientHello verification */
- int (*MBEDTLS_PRIVATE(f_cookie_write))( void *, unsigned char **, unsigned char *,
- const unsigned char *, size_t );
+ int(*MBEDTLS_PRIVATE(f_cookie_write))(void *, unsigned char **, unsigned char *,
+ const unsigned char *, size_t);
/** Callback to verify validity of a ClientHello cookie */
- int (*MBEDTLS_PRIVATE(f_cookie_check))( void *, const unsigned char *, size_t,
- const unsigned char *, size_t );
+ int(*MBEDTLS_PRIVATE(f_cookie_check))(void *, const unsigned char *, size_t,
+ const unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_cookie); /*!< context for the cookie callbacks */
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C)
/** Callback to create & write a session ticket */
- int (*MBEDTLS_PRIVATE(f_ticket_write))( void *, const mbedtls_ssl_session *,
- unsigned char *, const unsigned char *, size_t *, uint32_t * );
+ int(*MBEDTLS_PRIVATE(f_ticket_write))(void *, const mbedtls_ssl_session *,
+ unsigned char *, const unsigned char *, size_t *,
+ uint32_t *);
/** Callback to parse a session ticket into a session structure */
- int (*MBEDTLS_PRIVATE(f_ticket_parse))( void *, mbedtls_ssl_session *, unsigned char *, size_t);
+ int(*MBEDTLS_PRIVATE(f_ticket_parse))(void *, mbedtls_ssl_session *, unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_ticket); /*!< context for the ticket callbacks */
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
@@ -1494,33 +1485,33 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psk_opaque); /*!< PSA key slot holding opaque PSK. This field
- * should only be set via
- * mbedtls_ssl_conf_psk_opaque().
- * If either no PSK or a raw PSK have been
- * configured, this has value \c 0.
- */
+ * should only be set via
+ * mbedtls_ssl_conf_psk_opaque().
+ * If either no PSK or a raw PSK have been
+ * configured, this has value \c 0.
+ */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
unsigned char *MBEDTLS_PRIVATE(psk); /*!< The raw pre-shared key. This field should
- * only be set via mbedtls_ssl_conf_psk().
- * If either no PSK or an opaque PSK
- * have been configured, this has value NULL. */
+ * only be set via mbedtls_ssl_conf_psk().
+ * If either no PSK or an opaque PSK
+ * have been configured, this has value NULL. */
size_t MBEDTLS_PRIVATE(psk_len); /*!< The length of the raw pre-shared key.
- * This field should only be set via
- * mbedtls_ssl_conf_psk().
- * Its value is non-zero if and only if
- * \c psk is not \c NULL. */
+ * This field should only be set via
+ * mbedtls_ssl_conf_psk().
+ * Its value is non-zero if and only if
+ * \c psk is not \c NULL. */
unsigned char *MBEDTLS_PRIVATE(psk_identity); /*!< The PSK identity for PSK negotiation.
- * This field should only be set via
- * mbedtls_ssl_conf_psk().
- * This is set if and only if either
- * \c psk or \c psk_opaque are set. */
+ * This field should only be set via
+ * mbedtls_ssl_conf_psk().
+ * This is set if and only if either
+ * \c psk or \c psk_opaque are set. */
size_t MBEDTLS_PRIVATE(psk_identity_len);/*!< The length of PSK identity.
- * This field should only be set via
- * mbedtls_ssl_conf_psk().
- * Its value is non-zero if and only if
- * \c psk is not \c NULL or \c psk_opaque
- * is not \c 0. */
+ * This field should only be set via
+ * mbedtls_ssl_conf_psk().
+ * Its value is non-zero if and only if
+ * \c psk is not \c NULL or \c psk_opaque
+ * is not \c 0. */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_SSL_EARLY_DATA)
@@ -1554,15 +1545,15 @@
#if defined(MBEDTLS_SSL_PROTO_DTLS)
uint32_t MBEDTLS_PRIVATE(hs_timeout_min); /*!< initial value of the handshake
- retransmission timeout (ms) */
+ retransmission timeout (ms) */
uint32_t MBEDTLS_PRIVATE(hs_timeout_max); /*!< maximum value of the handshake
- retransmission timeout (ms) */
+ retransmission timeout (ms) */
#endif
#if defined(MBEDTLS_SSL_RENEGOTIATION)
int MBEDTLS_PRIVATE(renego_max_records); /*!< grace period for renegotiation */
unsigned char MBEDTLS_PRIVATE(renego_period)[8]; /*!< value of the record counters
- that triggers renegotiation */
+ that triggers renegotiation */
#endif
unsigned int MBEDTLS_PRIVATE(badmac_limit); /*!< limit of records with a bad MAC */
@@ -1587,8 +1578,7 @@
#endif
};
-struct mbedtls_ssl_context
-{
+struct mbedtls_ssl_context {
const mbedtls_ssl_config *MBEDTLS_PRIVATE(conf); /*!< configuration information */
/*
@@ -1598,8 +1588,8 @@
#if defined(MBEDTLS_SSL_RENEGOTIATION)
int MBEDTLS_PRIVATE(renego_status); /*!< Initial, in progress, pending? */
int MBEDTLS_PRIVATE(renego_records_seen); /*!< Records since renego request, or with DTLS,
- number of retransmissions of request if
- renego_max_records is < 0 */
+ number of retransmissions of request if
+ renego_max_records is < 0 */
#endif /* MBEDTLS_SSL_RENEGOTIATION */
/** Server: Negotiated TLS protocol version.
@@ -1622,14 +1612,14 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/** Callback to customize X.509 certificate chain verification */
- int (*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *);
+ int(*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *);
void *MBEDTLS_PRIVATE(p_vrfy); /*!< context for X.509 verify callback */
#endif
mbedtls_ssl_send_t *MBEDTLS_PRIVATE(f_send); /*!< Callback for network send */
mbedtls_ssl_recv_t *MBEDTLS_PRIVATE(f_recv); /*!< Callback for network receive */
mbedtls_ssl_recv_timeout_t *MBEDTLS_PRIVATE(f_recv_timeout);
- /*!< Callback for network receive with timeout */
+ /*!< Callback for network receive with timeout */
void *MBEDTLS_PRIVATE(p_bio); /*!< context for I/O operations */
@@ -1642,7 +1632,7 @@
mbedtls_ssl_session *MBEDTLS_PRIVATE(session_negotiate); /*!< session data in negotiation */
mbedtls_ssl_handshake_params *MBEDTLS_PRIVATE(handshake); /*!< params required only during
- the handshake process */
+ the handshake process */
/*
* Record layer transformations
@@ -1681,12 +1671,12 @@
*/
unsigned char *MBEDTLS_PRIVATE(in_buf); /*!< input buffer */
unsigned char *MBEDTLS_PRIVATE(in_ctr); /*!< 64-bit incoming message counter
- TLS: maintained by us
- DTLS: read from peer */
+ TLS: maintained by us
+ DTLS: read from peer */
unsigned char *MBEDTLS_PRIVATE(in_hdr); /*!< start of record header */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
unsigned char *MBEDTLS_PRIVATE(in_cid); /*!< The start of the CID;
- * (the end is marked by in_len). */
+ * (the end is marked by in_len). */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
unsigned char *MBEDTLS_PRIVATE(in_len); /*!< two-bytes message length field */
unsigned char *MBEDTLS_PRIVATE(in_iv); /*!< ivlen-byte IV */
@@ -1702,7 +1692,7 @@
#if defined(MBEDTLS_SSL_PROTO_DTLS)
uint16_t MBEDTLS_PRIVATE(in_epoch); /*!< DTLS epoch for incoming records */
size_t MBEDTLS_PRIVATE(next_record_offset); /*!< offset of the next record in datagram
- (equal to in_left if none) */
+ (equal to in_left if none) */
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
uint64_t MBEDTLS_PRIVATE(in_window_top); /*!< last validated record seq_num */
@@ -1710,28 +1700,28 @@
#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
size_t MBEDTLS_PRIVATE(in_hslen); /*!< current handshake message length,
- including the handshake header */
+ including the handshake header */
int MBEDTLS_PRIVATE(nb_zero); /*!< # of 0-length encrypted messages */
int MBEDTLS_PRIVATE(keep_current_message); /*!< drop or reuse current message
- on next call to record layer? */
+ on next call to record layer? */
/* The following three variables indicate if and, if yes,
* what kind of alert is pending to be sent.
*/
unsigned char MBEDTLS_PRIVATE(send_alert); /*!< Determines if a fatal alert
- should be sent. Values:
- - \c 0 , no alert is to be sent.
- - \c 1 , alert is to be sent. */
+ should be sent. Values:
+ - \c 0 , no alert is to be sent.
+ - \c 1 , alert is to be sent. */
unsigned char MBEDTLS_PRIVATE(alert_type); /*!< Type of alert if send_alert
- != 0 */
+ != 0 */
int MBEDTLS_PRIVATE(alert_reason); /*!< The error code to be returned
- to the user once the fatal alert
- has been sent. */
+ to the user once the fatal alert
+ has been sent. */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
uint8_t MBEDTLS_PRIVATE(disable_datagram_packing); /*!< Disable packing multiple records
- * within a single datagram. */
+ * within a single datagram. */
#endif /* MBEDTLS_SSL_PROTO_DTLS */
/*
@@ -1742,7 +1732,7 @@
unsigned char *MBEDTLS_PRIVATE(out_hdr); /*!< start of record header */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
unsigned char *MBEDTLS_PRIVATE(out_cid); /*!< The start of the CID;
- * (the end is marked by in_len). */
+ * (the end is marked by in_len). */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
unsigned char *MBEDTLS_PRIVATE(out_len); /*!< two-bytes message length field */
unsigned char *MBEDTLS_PRIVATE(out_iv); /*!< ivlen-byte IV */
@@ -1766,7 +1756,7 @@
*/
#if defined(MBEDTLS_X509_CRT_PARSE_C)
char *MBEDTLS_PRIVATE(hostname); /*!< expected peer CN for verification
- (and SNI if available) */
+ (and SNI if available) */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_ALPN)
@@ -1793,7 +1783,7 @@
*/
/* needed to know when to send extension on server */
int MBEDTLS_PRIVATE(secure_renegotiation); /*!< does peer support legacy or
- secure renegotiation */
+ secure renegotiation */
#if defined(MBEDTLS_SSL_RENEGOTIATION)
size_t MBEDTLS_PRIVATE(verify_data_len); /*!< length of verify data stored */
char MBEDTLS_PRIVATE(own_verify_data)[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */
@@ -1807,12 +1797,12 @@
* all subsequent handshakes. This may be different from the
* CID currently used in case the user has re-configured the CID
* after an initial handshake. */
- unsigned char MBEDTLS_PRIVATE(own_cid)[ MBEDTLS_SSL_CID_IN_LEN_MAX ];
+ unsigned char MBEDTLS_PRIVATE(own_cid)[MBEDTLS_SSL_CID_IN_LEN_MAX];
uint8_t MBEDTLS_PRIVATE(own_cid_len); /*!< The length of \c own_cid. */
uint8_t MBEDTLS_PRIVATE(negotiate_cid); /*!< This indicates whether the CID extension should
- * be negotiated in the next handshake or not.
- * Possible values are #MBEDTLS_SSL_CID_ENABLED
- * and #MBEDTLS_SSL_CID_DISABLED. */
+ * be negotiated in the next handshake or not.
+ * Possible values are #MBEDTLS_SSL_CID_ENABLED
+ * and #MBEDTLS_SSL_CID_DISABLED. */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C)
@@ -1843,7 +1833,7 @@
*
* \return a string containing the ciphersuite name
*/
-const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id );
+const char *mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id);
/**
* \brief Return the ID of the ciphersuite associated with the
@@ -1853,7 +1843,7 @@
*
* \return the ID with the ciphersuite or 0 if not found
*/
-int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name );
+int mbedtls_ssl_get_ciphersuite_id(const char *ciphersuite_name);
/**
* \brief Initialize an SSL context
@@ -1862,7 +1852,7 @@
*
* \param ssl SSL context
*/
-void mbedtls_ssl_init( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_init(mbedtls_ssl_context *ssl);
/**
* \brief Set up an SSL context for use
@@ -1884,8 +1874,8 @@
* \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED if
* memory allocation failed
*/
-int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
- const mbedtls_ssl_config *conf );
+int mbedtls_ssl_setup(mbedtls_ssl_context *ssl,
+ const mbedtls_ssl_config *conf);
/**
* \brief Reset an already initialized SSL context for re-use
@@ -1896,7 +1886,7 @@
* \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED or
MBEDTLS_ERR_SSL_HW_ACCEL_FAILED
*/
-int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl);
/**
* \brief Set the current endpoint type
@@ -1904,7 +1894,7 @@
* \param conf SSL configuration
* \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
*/
-void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint );
+void mbedtls_ssl_conf_endpoint(mbedtls_ssl_config *conf, int endpoint);
/**
* \brief Set the transport type (TLS or DTLS).
@@ -1920,7 +1910,7 @@
* MBEDTLS_SSL_TRANSPORT_STREAM for TLS,
* MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS.
*/
-void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
+void mbedtls_ssl_conf_transport(mbedtls_ssl_config *conf, int transport);
/**
* \brief Set the certificate verification mode
@@ -1948,30 +1938,30 @@
* the verification as soon as possible. For example, REQUIRED was protecting
* against the "triple handshake" attack even before it was found.
*/
-void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
+void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA)
/**
-* \brief Set the early data mode
-* Default: disabled on server and client
-*
-* \param conf The SSL configuration to use.
-* \param early_data_enabled can be:
-*
-* MBEDTLS_SSL_EARLY_DATA_DISABLED: early data functionality is disabled
-* This is the default on client and server.
-*
-* MBEDTLS_SSL_EARLY_DATA_ENABLED: early data functionality is enabled and
-* may be negotiated in the handshake. Application using
-* early data functionality needs to be aware of the
-* lack of replay protection of the early data application
-* payloads.
-*
-* \warning This interface is experimental and may change without notice.
-*
-*/
-void mbedtls_ssl_tls13_conf_early_data( mbedtls_ssl_config *conf,
- int early_data_enabled );
+ * \brief Set the early data mode
+ * Default: disabled on server and client
+ *
+ * \param conf The SSL configuration to use.
+ * \param early_data_enabled can be:
+ *
+ * MBEDTLS_SSL_EARLY_DATA_DISABLED: early data functionality is disabled
+ * This is the default on client and server.
+ *
+ * MBEDTLS_SSL_EARLY_DATA_ENABLED: early data functionality is enabled and
+ * may be negotiated in the handshake. Application using
+ * early data functionality needs to be aware of the
+ * lack of replay protection of the early data application
+ * payloads.
+ *
+ * \warning This interface is experimental and may change without notice.
+ *
+ */
+void mbedtls_ssl_tls13_conf_early_data(mbedtls_ssl_config *conf,
+ int early_data_enabled);
#if defined(MBEDTLS_SSL_SRV_C)
/**
@@ -1998,7 +1988,7 @@
*
*/
void mbedtls_ssl_tls13_conf_max_early_data_size(
- mbedtls_ssl_config *conf, uint32_t max_early_data_size );
+ mbedtls_ssl_config *conf, uint32_t max_early_data_size);
#endif /* MBEDTLS_SSL_SRV_C */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA */
@@ -2019,9 +2009,9 @@
* \param f_vrfy The verification callback to use during CRT verification.
* \param p_vrfy The opaque context to be passed to the callback.
*/
-void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
- void *p_vrfy );
+void mbedtls_ssl_conf_verify(mbedtls_ssl_config *conf,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+ void *p_vrfy);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/**
@@ -2031,9 +2021,9 @@
* \param f_rng RNG function (mandatory)
* \param p_rng RNG parameter
*/
-void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief Set the debug callback
@@ -2049,9 +2039,9 @@
* \param f_dbg debug function
* \param p_dbg debug parameter
*/
-void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
- void (*f_dbg)(void *, int, const char *, int, const char *),
- void *p_dbg );
+void mbedtls_ssl_conf_dbg(mbedtls_ssl_config *conf,
+ void (*f_dbg)(void *, int, const char *, int, const char *),
+ void *p_dbg);
/**
* \brief Return the SSL configuration structure associated
@@ -2064,9 +2054,9 @@
* \return Pointer to the SSL configuration associated with \p ssl.
*/
static inline const mbedtls_ssl_config *mbedtls_ssl_context_get_config(
- const mbedtls_ssl_context *ssl )
+ const mbedtls_ssl_context *ssl)
{
- return( ssl->MBEDTLS_PRIVATE( conf ) );
+ return ssl->MBEDTLS_PRIVATE(conf);
}
/**
@@ -2099,11 +2089,11 @@
* \c mbedtls_net_recv_timeout() that are suitable to be used
* here.
*/
-void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
- void *p_bio,
- mbedtls_ssl_send_t *f_send,
- mbedtls_ssl_recv_t *f_recv,
- mbedtls_ssl_recv_timeout_t *f_recv_timeout );
+void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl,
+ void *p_bio,
+ mbedtls_ssl_send_t *f_send,
+ mbedtls_ssl_recv_t *f_recv,
+ mbedtls_ssl_recv_timeout_t *f_recv_timeout);
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -2194,10 +2184,10 @@
* applies to the next handshake.
* \return A negative error code on failure.
*/
-int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
- int enable,
- unsigned char const *own_cid,
- size_t own_cid_len );
+int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl,
+ int enable,
+ unsigned char const *own_cid,
+ size_t own_cid_len);
/**
* \brief Get information about our request for usage of the CID
@@ -2228,10 +2218,10 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_ssl_get_own_cid( mbedtls_ssl_context *ssl,
+int mbedtls_ssl_get_own_cid(mbedtls_ssl_context *ssl,
int *enabled,
unsigned char own_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX],
- size_t *own_cid_len );
+ size_t *own_cid_len);
/**
* \brief Get information about the use of the CID extension
@@ -2270,10 +2260,10 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
- int *enabled,
- unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ],
- size_t *peer_cid_len );
+int mbedtls_ssl_get_peer_cid(mbedtls_ssl_context *ssl,
+ int *enabled,
+ unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX],
+ size_t *peer_cid_len);
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
@@ -2316,7 +2306,7 @@
* \param ssl SSL context
* \param mtu Value of the path MTU in bytes
*/
-void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu );
+void mbedtls_ssl_set_mtu(mbedtls_ssl_context *ssl, uint16_t mtu);
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -2338,9 +2328,9 @@
* \param f_vrfy The verification callback to use during CRT verification.
* \param p_vrfy The opaque context to be passed to the callback.
*/
-void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
- void *p_vrfy );
+void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+ void *p_vrfy);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/**
@@ -2359,7 +2349,7 @@
* \note With non-blocking I/O, you may also skip this function
* altogether and handle timeouts at the application layer.
*/
-void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
+void mbedtls_ssl_conf_read_timeout(mbedtls_ssl_config *conf, uint32_t timeout);
/**
* \brief Check whether a buffer contains a valid and authentic record
@@ -2405,9 +2395,9 @@
* In this case, the SSL context becomes unusable and needs
* to be freed or reset before reuse.
*/
-int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
- unsigned char *buf,
- size_t buflen );
+int mbedtls_ssl_check_record(mbedtls_ssl_context const *ssl,
+ unsigned char *buf,
+ size_t buflen);
/**
* \brief Set the timer callbacks (Mandatory for DTLS.)
@@ -2429,10 +2419,10 @@
* \note See also the "DTLS tutorial" article in our knowledge base.
* https://mbed-tls.readthedocs.io/en/latest/kb/how-to/dtls-tutorial
*/
-void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
- void *p_timer,
- mbedtls_ssl_set_timer_t *f_set_timer,
- mbedtls_ssl_get_timer_t *f_get_timer );
+void mbedtls_ssl_set_timer_cb(mbedtls_ssl_context *ssl,
+ void *p_timer,
+ mbedtls_ssl_set_timer_t *f_set_timer,
+ mbedtls_ssl_get_timer_t *f_get_timer);
#if defined(MBEDTLS_SSL_SRV_C)
/**
@@ -2445,8 +2435,8 @@
* \param f_cert_cb The callback for selecting server certificate after
* `ClientHello` processing has finished.
*/
-static inline void mbedtls_ssl_conf_cert_cb( mbedtls_ssl_config *conf,
- mbedtls_ssl_hs_cb_t f_cert_cb )
+static inline void mbedtls_ssl_conf_cert_cb(mbedtls_ssl_config *conf,
+ mbedtls_ssl_hs_cb_t f_cert_cb)
{
conf->MBEDTLS_PRIVATE(f_cert_cb) = f_cert_cb;
}
@@ -2471,12 +2461,12 @@
* \return 0 if successful, or
* a specific MBEDTLS_ERR_XXX code.
*/
-typedef int mbedtls_ssl_ticket_write_t( void *p_ticket,
- const mbedtls_ssl_session *session,
- unsigned char *start,
- const unsigned char *end,
- size_t *tlen,
- uint32_t *lifetime );
+typedef int mbedtls_ssl_ticket_write_t(void *p_ticket,
+ const mbedtls_ssl_session *session,
+ unsigned char *start,
+ const unsigned char *end,
+ size_t *tlen,
+ uint32_t *lifetime);
/**
* \brief Callback type: parse and load session ticket
@@ -2501,10 +2491,10 @@
* MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED if expired, or
* any other non-zero code for other failures.
*/
-typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket,
- mbedtls_ssl_session *session,
- unsigned char *buf,
- size_t len );
+typedef int mbedtls_ssl_ticket_parse_t(void *p_ticket,
+ mbedtls_ssl_session *session,
+ unsigned char *buf,
+ size_t len);
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C)
/**
@@ -2521,10 +2511,10 @@
* \param f_ticket_parse Callback for parsing a ticket
* \param p_ticket Context shared by the two callbacks
*/
-void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf,
- mbedtls_ssl_ticket_write_t *f_ticket_write,
- mbedtls_ssl_ticket_parse_t *f_ticket_parse,
- void *p_ticket );
+void mbedtls_ssl_conf_session_tickets_cb(mbedtls_ssl_config *conf,
+ mbedtls_ssl_ticket_write_t *f_ticket_write,
+ mbedtls_ssl_ticket_parse_t *f_ticket_parse,
+ void *p_ticket);
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */
/**
@@ -2545,9 +2535,9 @@
* \param p_export_keys The opaque context pointer to be passed to the
* callback \p f_export_keys.
*/
-void mbedtls_ssl_set_export_keys_cb( mbedtls_ssl_context *ssl,
- mbedtls_ssl_export_keys_t *f_export_keys,
- void *p_export_keys );
+void mbedtls_ssl_set_export_keys_cb(mbedtls_ssl_context *ssl,
+ mbedtls_ssl_export_keys_t *f_export_keys,
+ void *p_export_keys);
/** \brief Set the user data in an SSL configuration to a pointer.
*
@@ -2561,7 +2551,7 @@
*/
static inline void mbedtls_ssl_conf_set_user_data_p(
mbedtls_ssl_config *conf,
- void *p )
+ void *p)
{
conf->MBEDTLS_PRIVATE(user_data).p = p;
}
@@ -2575,7 +2565,7 @@
*/
static inline void mbedtls_ssl_conf_set_user_data_n(
mbedtls_ssl_config *conf,
- uintptr_t n )
+ uintptr_t n)
{
conf->MBEDTLS_PRIVATE(user_data).n = n;
}
@@ -2591,9 +2581,9 @@
* \return The current value of the user data.
*/
static inline void *mbedtls_ssl_conf_get_user_data_p(
- mbedtls_ssl_config *conf )
+ mbedtls_ssl_config *conf)
{
- return( conf->MBEDTLS_PRIVATE(user_data).p );
+ return conf->MBEDTLS_PRIVATE(user_data).p;
}
/** \brief Retrieve the user data in an SSL configuration as an integer.
@@ -2607,9 +2597,9 @@
* \return The current value of the user data.
*/
static inline uintptr_t mbedtls_ssl_conf_get_user_data_n(
- mbedtls_ssl_config *conf )
+ mbedtls_ssl_config *conf)
{
- return( conf->MBEDTLS_PRIVATE(user_data).n );
+ return conf->MBEDTLS_PRIVATE(user_data).n;
}
/** \brief Set the user data in an SSL context to a pointer.
@@ -2624,7 +2614,7 @@
*/
static inline void mbedtls_ssl_set_user_data_p(
mbedtls_ssl_context *ssl,
- void *p )
+ void *p)
{
ssl->MBEDTLS_PRIVATE(user_data).p = p;
}
@@ -2638,7 +2628,7 @@
*/
static inline void mbedtls_ssl_set_user_data_n(
mbedtls_ssl_context *ssl,
- uintptr_t n )
+ uintptr_t n)
{
ssl->MBEDTLS_PRIVATE(user_data).n = n;
}
@@ -2654,9 +2644,9 @@
* \return The current value of the user data.
*/
static inline void *mbedtls_ssl_get_user_data_p(
- mbedtls_ssl_context *ssl )
+ mbedtls_ssl_context *ssl)
{
- return( ssl->MBEDTLS_PRIVATE(user_data).p );
+ return ssl->MBEDTLS_PRIVATE(user_data).p;
}
/** \brief Retrieve the user data in an SSL context as an integer.
@@ -2670,9 +2660,9 @@
* \return The current value of the user data.
*/
static inline uintptr_t mbedtls_ssl_get_user_data_n(
- mbedtls_ssl_context *ssl )
+ mbedtls_ssl_context *ssl)
{
- return( ssl->MBEDTLS_PRIVATE(user_data).n );
+ return ssl->MBEDTLS_PRIVATE(user_data).n;
}
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
@@ -2706,12 +2696,12 @@
* mbedtls_ssl_conf_get_async_config_data(). The
* library stores this value without dereferencing it.
*/
-void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf,
- mbedtls_ssl_async_sign_t *f_async_sign,
- mbedtls_ssl_async_decrypt_t *f_async_decrypt,
- mbedtls_ssl_async_resume_t *f_async_resume,
- mbedtls_ssl_async_cancel_t *f_async_cancel,
- void *config_data );
+void mbedtls_ssl_conf_async_private_cb(mbedtls_ssl_config *conf,
+ mbedtls_ssl_async_sign_t *f_async_sign,
+ mbedtls_ssl_async_decrypt_t *f_async_decrypt,
+ mbedtls_ssl_async_resume_t *f_async_resume,
+ mbedtls_ssl_async_cancel_t *f_async_cancel,
+ void *config_data);
/**
* \brief Retrieve the configuration data set by
@@ -2721,7 +2711,7 @@
* \return The configuration data set by
* mbedtls_ssl_conf_async_private_cb().
*/
-void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf );
+void *mbedtls_ssl_conf_get_async_config_data(const mbedtls_ssl_config *conf);
/**
* \brief Retrieve the asynchronous operation user context.
@@ -2737,7 +2727,7 @@
* called during the current handshake, this function returns
* \c NULL.
*/
-void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl );
+void *mbedtls_ssl_get_async_operation_data(const mbedtls_ssl_context *ssl);
/**
* \brief Retrieve the asynchronous operation user context.
@@ -2750,8 +2740,8 @@
* Call mbedtls_ssl_get_async_operation_data() later during the
* same handshake to retrieve this value.
*/
-void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl,
- void *ctx );
+void mbedtls_ssl_set_async_operation_data(mbedtls_ssl_context *ssl,
+ void *ctx);
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
/**
@@ -2768,9 +2758,9 @@
* \return The callback must return 0 on success,
* or a negative error code.
*/
-typedef int mbedtls_ssl_cookie_write_t( void *ctx,
- unsigned char **p, unsigned char *end,
- const unsigned char *info, size_t ilen );
+typedef int mbedtls_ssl_cookie_write_t(void *ctx,
+ unsigned char **p, unsigned char *end,
+ const unsigned char *info, size_t ilen);
/**
* \brief Callback type: verify a cookie
@@ -2785,9 +2775,9 @@
* \return The callback must return 0 if cookie is valid,
* or a negative error code.
*/
-typedef int mbedtls_ssl_cookie_check_t( void *ctx,
- const unsigned char *cookie, size_t clen,
- const unsigned char *info, size_t ilen );
+typedef int mbedtls_ssl_cookie_check_t(void *ctx,
+ const unsigned char *cookie, size_t clen,
+ const unsigned char *info, size_t ilen);
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
/**
@@ -2818,10 +2808,10 @@
* \param f_cookie_check Cookie check callback
* \param p_cookie Context for both callbacks
*/
-void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
- mbedtls_ssl_cookie_write_t *f_cookie_write,
- mbedtls_ssl_cookie_check_t *f_cookie_check,
- void *p_cookie );
+void mbedtls_ssl_conf_dtls_cookies(mbedtls_ssl_config *conf,
+ mbedtls_ssl_cookie_write_t *f_cookie_write,
+ mbedtls_ssl_cookie_check_t *f_cookie_check,
+ void *p_cookie);
/**
* \brief Set client's transport-level identification info.
@@ -2842,9 +2832,9 @@
* MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used on client,
* MBEDTLS_ERR_SSL_ALLOC_FAILED if out of memory.
*/
-int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl,
- const unsigned char *info,
- size_t ilen );
+int mbedtls_ssl_set_client_transport_id(mbedtls_ssl_context *ssl,
+ const unsigned char *info,
+ size_t ilen);
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */
@@ -2864,7 +2854,7 @@
* packets and needs information about them to adjust its
* transmission strategy, then you'll want to disable this.
*/
-void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
+void mbedtls_ssl_conf_dtls_anti_replay(mbedtls_ssl_config *conf, char mode);
#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
/**
@@ -2890,7 +2880,7 @@
* might make us waste resources checking authentication on
* many bogus packets.
*/
-void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit );
+void mbedtls_ssl_conf_dtls_badmac_limit(mbedtls_ssl_config *conf, unsigned limit);
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -2922,8 +2912,8 @@
* are currently always sent in separate datagrams.
*
*/
-void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl,
- unsigned allow_packing );
+void mbedtls_ssl_set_datagram_packing(mbedtls_ssl_context *ssl,
+ unsigned allow_packing);
/**
* \brief Set retransmit timeout values for the DTLS handshake.
@@ -2956,7 +2946,7 @@
* goes: send ... 1s -> resend ... 2s -> resend ... 4s ->
* resend ... 5s -> give up and return a timeout error.
*/
-void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max );
+void mbedtls_ssl_conf_handshake_timeout(mbedtls_ssl_config *conf, uint32_t min, uint32_t max);
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_SRV_C)
@@ -2997,10 +2987,10 @@
* \param f_get_cache session get callback
* \param f_set_cache session set callback
*/
-void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
- void *p_cache,
- mbedtls_ssl_cache_get_t *f_get_cache,
- mbedtls_ssl_cache_set_t *f_set_cache );
+void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf,
+ void *p_cache,
+ mbedtls_ssl_cache_get_t *f_get_cache,
+ mbedtls_ssl_cache_set_t *f_set_cache);
#endif /* MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_CLI_C)
@@ -3049,7 +3039,7 @@
* \sa mbedtls_ssl_get_session()
* \sa mbedtls_ssl_session_load()
*/
-int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session );
+int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session);
#endif /* MBEDTLS_SSL_CLI_C */
/**
@@ -3084,9 +3074,9 @@
* \return Another negative value for other kinds of errors (for
* example, unsupported features in the embedded certificate).
*/
-int mbedtls_ssl_session_load( mbedtls_ssl_session *session,
- const unsigned char *buf,
- size_t len );
+int mbedtls_ssl_session_load(mbedtls_ssl_session *session,
+ const unsigned char *buf,
+ size_t len);
/**
* \brief Save session structure as serialized data in a buffer.
@@ -3113,10 +3103,10 @@
* \return \c 0 if successful.
* \return #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small.
*/
-int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
- unsigned char *buf,
- size_t buf_len,
- size_t *olen );
+int mbedtls_ssl_session_save(const mbedtls_ssl_session *session,
+ unsigned char *buf,
+ size_t buf_len,
+ size_t *olen);
/**
* \brief Set the list of allowed ciphersuites and the preference
@@ -3159,8 +3149,8 @@
* and \c MBEDTLS_TLS1_3_XXX macros defined in
* ssl_ciphersuites.h.
*/
-void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
- const int *ciphersuites );
+void mbedtls_ssl_conf_ciphersuites(mbedtls_ssl_config *conf,
+ const int *ciphersuites);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/**
@@ -3205,8 +3195,8 @@
*
*/
-void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config* conf,
- const int kex_modes );
+void mbedtls_ssl_conf_tls13_key_exchange_modes(mbedtls_ssl_config *conf,
+ const int kex_modes);
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
@@ -3244,8 +3234,8 @@
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p own_cid_len
* is too large.
*/
-int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len,
- int ignore_other_cids );
+int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, size_t len,
+ int ignore_other_cids);
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -3259,8 +3249,8 @@
* \param conf SSL configuration
* \param profile Profile to use
*/
-void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
- const mbedtls_x509_crt_profile *profile );
+void mbedtls_ssl_conf_cert_profile(mbedtls_ssl_config *conf,
+ const mbedtls_x509_crt_profile *profile);
/**
* \brief Set the data required to verify peer certificate
@@ -3273,9 +3263,9 @@
* \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
* \param ca_crl trusted CA CRLs
*/
-void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ca_chain(mbedtls_ssl_config *conf,
mbedtls_x509_crt *ca_chain,
- mbedtls_x509_crl *ca_crl );
+ mbedtls_x509_crl *ca_crl);
#if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
/**
@@ -3290,8 +3280,8 @@
* from which the client should select client peer certificate.
*/
static inline
-void mbedtls_ssl_conf_dn_hints( mbedtls_ssl_config *conf,
- const mbedtls_x509_crt *crt )
+void mbedtls_ssl_conf_dn_hints(mbedtls_ssl_config *conf,
+ const mbedtls_x509_crt *crt)
{
conf->MBEDTLS_PRIVATE(dn_hints) = crt;
}
@@ -3349,9 +3339,9 @@
* to guarantee this (for example through a mutex
* contained in the callback context pointed to by \p p_ca_cb).
*/
-void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf,
- mbedtls_x509_crt_ca_cb_t f_ca_cb,
- void *p_ca_cb );
+void mbedtls_ssl_conf_ca_cb(mbedtls_ssl_config *conf,
+ mbedtls_x509_crt_ca_cb_t f_ca_cb,
+ void *p_ca_cb);
#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
/**
@@ -3390,9 +3380,9 @@
*
* \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED
*/
-int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
+int mbedtls_ssl_conf_own_cert(mbedtls_ssl_config *conf,
mbedtls_x509_crt *own_cert,
- mbedtls_pk_context *pk_key );
+ mbedtls_pk_context *pk_key);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
@@ -3428,9 +3418,9 @@
* can be configured. In this case, the old PSK(s) remain intact.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
- const unsigned char *psk, size_t psk_len,
- const unsigned char *psk_identity, size_t psk_identity_len );
+int mbedtls_ssl_conf_psk(mbedtls_ssl_config *conf,
+ const unsigned char *psk, size_t psk_len,
+ const unsigned char *psk_identity, size_t psk_identity_len);
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/**
@@ -3470,10 +3460,10 @@
* can be configured. In this case, the old PSK(s) remain intact.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
- mbedtls_svc_key_id_t psk,
- const unsigned char *psk_identity,
- size_t psk_identity_len );
+int mbedtls_ssl_conf_psk_opaque(mbedtls_ssl_config *conf,
+ mbedtls_svc_key_id_t psk,
+ const unsigned char *psk_identity,
+ size_t psk_identity_len);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/**
@@ -3492,8 +3482,8 @@
* \return \c 0 if successful.
* \return An \c MBEDTLS_ERR_SSL_XXX error code on failure.
*/
-int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
- const unsigned char *psk, size_t psk_len );
+int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl,
+ const unsigned char *psk, size_t psk_len);
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/**
@@ -3512,12 +3502,12 @@
* PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its
* use for the key derivation algorithm
* applied in the handshake.
- *
+ *
* \return \c 0 if successful.
* \return An \c MBEDTLS_ERR_SSL_XXX error code on failure.
*/
-int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
- mbedtls_svc_key_id_t psk );
+int mbedtls_ssl_set_hs_psk_opaque(mbedtls_ssl_context *ssl,
+ mbedtls_svc_key_id_t psk);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_SSL_SRV_C)
@@ -3559,10 +3549,10 @@
* \param p_psk A pointer to an opaque structure to be passed to
* the callback, for example a PSK store.
*/
-void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
- int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
- size_t),
- void *p_psk );
+void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf,
+ int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
+ size_t),
+ void *p_psk);
#endif /* MBEDTLS_SSL_SRV_C */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
@@ -3580,9 +3570,9 @@
*
* \return 0 if successful
*/
-int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
- const unsigned char *dhm_P, size_t P_len,
- const unsigned char *dhm_G, size_t G_len );
+int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf,
+ const unsigned char *dhm_P, size_t P_len,
+ const unsigned char *dhm_G, size_t G_len);
/**
* \brief Set the Diffie-Hellman public P and G values,
@@ -3593,7 +3583,7 @@
*
* \return 0 if successful
*/
-int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
+int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx);
#endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
@@ -3605,8 +3595,8 @@
* \param conf SSL configuration
* \param bitlen Minimum bit length of the DHM prime
*/
-void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
- unsigned int bitlen );
+void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf,
+ unsigned int bitlen);
#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_ECP_C)
@@ -3652,8 +3642,8 @@
* \param curves Ordered list of allowed curves,
* terminated by MBEDTLS_ECP_DP_NONE.
*/
-void MBEDTLS_DEPRECATED mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
- const mbedtls_ecp_group_id *curves );
+void MBEDTLS_DEPRECATED mbedtls_ssl_conf_curves(mbedtls_ssl_config *conf,
+ const mbedtls_ecp_group_id *curves);
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_ECP_C */
@@ -3694,8 +3684,8 @@
* Must contain valid IANA NamedGroup IDs (provided via either an integer
* or using MBEDTLS_TLS1_3_NAMED_GROUP_XXX macros).
*/
-void mbedtls_ssl_conf_groups( mbedtls_ssl_config *conf,
- const uint16_t *groups );
+void mbedtls_ssl_conf_groups(mbedtls_ssl_config *conf,
+ const uint16_t *groups);
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED) && defined(MBEDTLS_SSL_PROTO_TLS1_2)
@@ -3728,8 +3718,8 @@
* \param hashes Ordered list of allowed signature hashes,
* terminated by \c MBEDTLS_MD_NONE.
*/
-void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
- const int *hashes );
+void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf,
+ const int *hashes);
#endif /* !MBEDTLS_DEPRECATED_REMOVED && MBEDTLS_SSL_PROTO_TLS1_2 */
/**
@@ -3741,8 +3731,8 @@
* available throughout the lifetime of the conf object. Supported
* values are available as \c MBEDTLS_TLS1_3_SIG_XXXX
*/
-void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf,
- const uint16_t* sig_algs );
+void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf,
+ const uint16_t *sig_algs);
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -3764,7 +3754,7 @@
* when NULL). On allocation failure hostname is cleared.
* On too long input failure, old hostname is unchanged.
*/
-int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname );
+int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
@@ -3786,8 +3776,8 @@
* - value is not '\0'-terminated. Use \c name_len for len.
* - value must not be freed.
*/
-const unsigned char *mbedtls_ssl_get_hs_sni( mbedtls_ssl_context *ssl,
- size_t *name_len );
+const unsigned char *mbedtls_ssl_get_hs_sni(mbedtls_ssl_context *ssl,
+ size_t *name_len);
/**
* \brief Set own certificate and key for the current handshake
@@ -3804,9 +3794,9 @@
*
* \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED
*/
-int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl,
- mbedtls_x509_crt *own_cert,
- mbedtls_pk_context *pk_key );
+int mbedtls_ssl_set_hs_own_cert(mbedtls_ssl_context *ssl,
+ mbedtls_x509_crt *own_cert,
+ mbedtls_pk_context *pk_key);
/**
* \brief Set the data required to verify peer certificate for the
@@ -3819,9 +3809,9 @@
* \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
* \param ca_crl trusted CA CRLs
*/
-void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl,
- mbedtls_x509_crt *ca_chain,
- mbedtls_x509_crl *ca_crl );
+void mbedtls_ssl_set_hs_ca_chain(mbedtls_ssl_context *ssl,
+ mbedtls_x509_crt *ca_chain,
+ mbedtls_x509_crl *ca_crl);
#if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
/**
@@ -3834,8 +3824,8 @@
* \param crt crt chain whose subject DNs are issuer DNs of client certs
* from which the client should select client peer certificate.
*/
-void mbedtls_ssl_set_hs_dn_hints( mbedtls_ssl_context *ssl,
- const mbedtls_x509_crt *crt );
+void mbedtls_ssl_set_hs_dn_hints(mbedtls_ssl_context *ssl,
+ const mbedtls_x509_crt *crt);
#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
/**
@@ -3848,8 +3838,8 @@
* \param authmode MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL or
* MBEDTLS_SSL_VERIFY_REQUIRED
*/
-void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl,
- int authmode );
+void mbedtls_ssl_set_hs_authmode(mbedtls_ssl_context *ssl,
+ int authmode);
/**
* \brief Set server side ServerName TLS extension callback
@@ -3873,10 +3863,10 @@
* \param f_sni verification function
* \param p_sni verification parameter
*/
-void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
- int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *,
- size_t),
- void *p_sni );
+void mbedtls_ssl_conf_sni(mbedtls_ssl_config *conf,
+ int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *,
+ size_t),
+ void *p_sni);
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
@@ -3898,9 +3888,9 @@
*
* \return 0 on success, or a negative error code.
*/
-int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
- const unsigned char *pw,
- size_t pw_len );
+int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl,
+ const unsigned char *pw,
+ size_t pw_len);
/**
* \brief Set the EC J-PAKE opaque password for current handshake.
@@ -3916,8 +3906,8 @@
*
* \return 0 on success, or a negative error code.
*/
-int mbedtls_ssl_set_hs_ecjpake_password_opaque( mbedtls_ssl_context *ssl,
- mbedtls_svc_key_id_t pwd );
+int mbedtls_ssl_set_hs_ecjpake_password_opaque(mbedtls_ssl_context *ssl,
+ mbedtls_svc_key_id_t pwd);
#endif /*MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
#if defined(MBEDTLS_SSL_ALPN)
@@ -3933,7 +3923,7 @@
*
* \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
*/
-int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos );
+int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf, const char **protos);
/**
* \brief Get the name of the negotiated Application Layer Protocol.
@@ -3944,26 +3934,25 @@
*
* \return Protocol name, or NULL if no protocol was negotiated.
*/
-const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
+const char *mbedtls_ssl_get_alpn_protocol(const mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_SSL_ALPN */
#if defined(MBEDTLS_SSL_DTLS_SRTP)
#if defined(MBEDTLS_DEBUG_C)
-static inline const char *mbedtls_ssl_get_srtp_profile_as_string( mbedtls_ssl_srtp_profile profile )
+static inline const char *mbedtls_ssl_get_srtp_profile_as_string(mbedtls_ssl_srtp_profile profile)
{
- switch( profile )
- {
+ switch (profile) {
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
- return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" );
+ return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80";
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
- return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" );
+ return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32";
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
- return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" );
+ return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80";
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
- return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" );
+ return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32";
default: break;
}
- return( "" );
+ return "";
}
#endif /* MBEDTLS_DEBUG_C */
/**
@@ -3979,8 +3968,8 @@
* #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED
* or #MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED.
*/
-void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
- int support_mki_value );
+void mbedtls_ssl_conf_srtp_mki_value_supported(mbedtls_ssl_config *conf,
+ int support_mki_value);
/**
* \brief Set the supported DTLS-SRTP protection profiles.
@@ -4002,8 +3991,8 @@
* protection profiles is incorrect.
*/
int mbedtls_ssl_conf_dtls_srtp_protection_profiles
- ( mbedtls_ssl_config *conf,
- const mbedtls_ssl_srtp_profile *profiles );
+ (mbedtls_ssl_config *conf,
+ const mbedtls_ssl_srtp_profile *profiles);
/**
* \brief Set the mki_value for the current DTLS-SRTP session.
@@ -4021,9 +4010,9 @@
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA
* \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
*/
-int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
- unsigned char *mki_value,
- uint16_t mki_len );
+int mbedtls_ssl_dtls_srtp_set_mki_value(mbedtls_ssl_context *ssl,
+ unsigned char *mki_value,
+ uint16_t mki_len);
/**
* \brief Get the negotiated DTLS-SRTP information:
* Protection profile and MKI value.
@@ -4042,8 +4031,8 @@
* or peer's Hello packet was not parsed yet.
* - mki size and value( if size is > 0 ).
*/
-void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl,
- mbedtls_dtls_srtp_info *dtls_srtp_info );
+void mbedtls_ssl_get_dtls_srtp_negotiation_result(const mbedtls_ssl_context *ssl,
+ mbedtls_dtls_srtp_info *dtls_srtp_info);
#endif /* MBEDTLS_SSL_DTLS_SRTP */
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
@@ -4064,7 +4053,8 @@
* (#MBEDTLS_SSL_MINOR_VERSION_3 for (D)TLS 1.2,
* #MBEDTLS_SSL_MINOR_VERSION_4 for TLS 1.3)
*/
-void MBEDTLS_DEPRECATED mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor );
+void MBEDTLS_DEPRECATED mbedtls_ssl_conf_max_version(mbedtls_ssl_config *conf, int major,
+ int minor);
#endif /* MBEDTLS_DEPRECATED_REMOVED */
/**
@@ -4079,8 +4069,8 @@
* \param tls_version TLS protocol version number (\p mbedtls_ssl_protocol_version)
* (#MBEDTLS_SSL_VERSION_UNKNOWN is not valid)
*/
-static inline void mbedtls_ssl_conf_max_tls_version( mbedtls_ssl_config *conf,
- mbedtls_ssl_protocol_version tls_version )
+static inline void mbedtls_ssl_conf_max_tls_version(mbedtls_ssl_config *conf,
+ mbedtls_ssl_protocol_version tls_version)
{
conf->MBEDTLS_PRIVATE(max_tls_version) = tls_version;
}
@@ -4120,7 +4110,8 @@
* (#MBEDTLS_SSL_MINOR_VERSION_3 for (D)TLS 1.2,
* #MBEDTLS_SSL_MINOR_VERSION_4 for TLS 1.3)
*/
-void MBEDTLS_DEPRECATED mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor );
+void MBEDTLS_DEPRECATED mbedtls_ssl_conf_min_version(mbedtls_ssl_config *conf, int major,
+ int minor);
#endif /* MBEDTLS_DEPRECATED_REMOVED */
/**
@@ -4135,8 +4126,8 @@
* \param tls_version TLS protocol version number (\p mbedtls_ssl_protocol_version)
* (#MBEDTLS_SSL_VERSION_UNKNOWN is not valid)
*/
-static inline void mbedtls_ssl_conf_min_tls_version( mbedtls_ssl_config *conf,
- mbedtls_ssl_protocol_version tls_version )
+static inline void mbedtls_ssl_conf_min_tls_version(mbedtls_ssl_config *conf,
+ mbedtls_ssl_protocol_version tls_version)
{
conf->MBEDTLS_PRIVATE(min_tls_version) = tls_version;
}
@@ -4153,7 +4144,7 @@
* \param conf SSL configuration
* \param etm MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED
*/
-void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
+void mbedtls_ssl_conf_encrypt_then_mac(mbedtls_ssl_config *conf, char etm);
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
@@ -4168,7 +4159,7 @@
* \param conf SSL configuration
* \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED
*/
-void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems );
+void mbedtls_ssl_conf_extended_master_secret(mbedtls_ssl_config *conf, char ems);
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
#if defined(MBEDTLS_SSL_SRV_C)
@@ -4181,8 +4172,8 @@
* \param cert_req_ca_list MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED or
* MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED
*/
-void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
- char cert_req_ca_list );
+void mbedtls_ssl_conf_cert_req_ca_list(mbedtls_ssl_config *conf,
+ char cert_req_ca_list);
#endif /* MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
@@ -4220,7 +4211,7 @@
*
* \return 0 if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA
*/
-int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code );
+int mbedtls_ssl_conf_max_frag_len(mbedtls_ssl_config *conf, unsigned char mfl_code);
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_SRV_C)
@@ -4233,7 +4224,7 @@
* \param order Server or client (MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_SERVER
* or MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_CLIENT)
*/
-void mbedtls_ssl_conf_preference_order( mbedtls_ssl_config *conf, int order );
+void mbedtls_ssl_conf_preference_order(mbedtls_ssl_config *conf, int order);
#endif /* MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
@@ -4248,7 +4239,7 @@
* \param use_tickets Enable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or
* MBEDTLS_SSL_SESSION_TICKETS_DISABLED)
*/
-void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
+void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets);
#endif /* MBEDTLS_SSL_SESSION_TICKETS &&
MBEDTLS_SSL_CLI_C */
@@ -4272,8 +4263,8 @@
* \param num_tickets Number of NewSessionTicket.
*
*/
-void mbedtls_ssl_conf_new_session_tickets( mbedtls_ssl_config *conf,
- uint16_t num_tickets );
+void mbedtls_ssl_conf_new_session_tickets(mbedtls_ssl_config *conf,
+ uint16_t num_tickets);
#endif /* MBEDTLS_SSL_SESSION_TICKETS &&
MBEDTLS_SSL_SRV_C &&
MBEDTLS_SSL_PROTO_TLS1_3*/
@@ -4296,7 +4287,7 @@
* \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or
* MBEDTLS_SSL_RENEGOTIATION_DISABLED)
*/
-void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation );
+void mbedtls_ssl_conf_renegotiation(mbedtls_ssl_config *conf, int renegotiation);
#endif /* MBEDTLS_SSL_RENEGOTIATION */
/**
@@ -4326,7 +4317,7 @@
* SSL_ALLOW_LEGACY_RENEGOTIATION or
* MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE)
*/
-void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy );
+void mbedtls_ssl_conf_legacy_renegotiation(mbedtls_ssl_config *conf, int allow_legacy);
#if defined(MBEDTLS_SSL_RENEGOTIATION)
/**
@@ -4366,7 +4357,7 @@
* enforce renegotiation, or a non-negative value to enforce
* it but allow for a grace period of max_records records.
*/
-void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records );
+void mbedtls_ssl_conf_renegotiation_enforced(mbedtls_ssl_config *conf, int max_records);
/**
* \brief Set record counter threshold for periodic renegotiation.
@@ -4393,8 +4384,8 @@
* \param conf SSL configuration
* \param period The threshold value: a big-endian 64-bit number.
*/
-void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
- const unsigned char period[8] );
+void mbedtls_ssl_conf_renegotiation_period(mbedtls_ssl_config *conf,
+ const unsigned char period[8]);
#endif /* MBEDTLS_SSL_RENEGOTIATION */
/**
@@ -4435,7 +4426,7 @@
* that all internal data has been processed.
*
*/
-int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_check_pending(const mbedtls_ssl_context *ssl);
/**
* \brief Return the number of application data bytes
@@ -4452,7 +4443,7 @@
* amount of data fitting into the input buffer.
*
*/
-size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl );
+size_t mbedtls_ssl_get_bytes_avail(const mbedtls_ssl_context *ssl);
/**
* \brief Return the result of the certificate verification
@@ -4466,7 +4457,7 @@
* \return A bitwise combination of \c MBEDTLS_X509_BADCERT_XXX
* and \c MBEDTLS_X509_BADCRL_XXX failure flags; see x509.h.
*/
-uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl );
+uint32_t mbedtls_ssl_get_verify_result(const mbedtls_ssl_context *ssl);
/**
* \brief Return the id of the current ciphersuite
@@ -4475,7 +4466,7 @@
*
* \return a ciphersuite id
*/
-int mbedtls_ssl_get_ciphersuite_id_from_ssl( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_ciphersuite_id_from_ssl(const mbedtls_ssl_context *ssl);
/**
* \brief Return the name of the current ciphersuite
@@ -4484,7 +4475,7 @@
*
* \return a string containing the ciphersuite name
*/
-const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl );
+const char *mbedtls_ssl_get_ciphersuite(const mbedtls_ssl_context *ssl);
/**
@@ -4499,7 +4490,7 @@
* \return The negotiated protocol version.
*/
static inline mbedtls_ssl_protocol_version mbedtls_ssl_get_version_number(
- const mbedtls_ssl_context *ssl )
+ const mbedtls_ssl_context *ssl)
{
return ssl->MBEDTLS_PRIVATE(tls_version);
}
@@ -4511,7 +4502,7 @@
*
* \return a string containing the TLS version
*/
-const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl );
+const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl);
/**
* \brief Return the (maximum) number of bytes added by the record
@@ -4521,7 +4512,7 @@
*
* \return Current maximum record expansion in bytes
*/
-int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_record_expansion(const mbedtls_ssl_context *ssl);
/**
* \brief Return the current maximum outgoing record payload in bytes.
@@ -4548,7 +4539,7 @@
* \return Current maximum payload for an outgoing record,
* or a negative error code.
*/
-int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl);
/**
* \brief Return the current maximum incoming record payload in bytes.
@@ -4568,7 +4559,7 @@
* \return Current maximum payload for an outgoing record,
* or a negative error code.
*/
-int mbedtls_ssl_get_max_in_record_payload( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_max_in_record_payload(const mbedtls_ssl_context *ssl);
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/**
@@ -4601,7 +4592,7 @@
* If you want to use the certificate across API calls,
* you must make a copy.
*/
-const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl );
+const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_CLI_C)
@@ -4639,8 +4630,8 @@
* \sa mbedtls_ssl_set_session()
* \sa mbedtls_ssl_session_save()
*/
-int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl,
- mbedtls_ssl_session *session );
+int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl,
+ mbedtls_ssl_session *session);
#endif /* MBEDTLS_SSL_CLI_C */
/**
@@ -4693,7 +4684,7 @@
* currently being processed might or might not contain further
* DTLS records.
*/
-int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl);
/**
* \brief After calling mbedtls_ssl_handshake() to start the SSL
@@ -4706,9 +4697,9 @@
*
* \return \c 1 if handshake is over, \c 0 if it is still ongoing.
*/
-static inline int mbedtls_ssl_is_handshake_over( mbedtls_ssl_context *ssl )
+static inline int mbedtls_ssl_is_handshake_over(mbedtls_ssl_context *ssl)
{
- return( ssl->MBEDTLS_PRIVATE( state ) >= MBEDTLS_SSL_HANDSHAKE_OVER );
+ return ssl->MBEDTLS_PRIVATE(state) >= MBEDTLS_SSL_HANDSHAKE_OVER;
}
/**
@@ -4744,7 +4735,7 @@
* re-using it for a new connection; the current connection
* must be closed.
*/
-int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl);
#if defined(MBEDTLS_SSL_RENEGOTIATION)
/**
@@ -4770,7 +4761,7 @@
* must be closed.
*
*/
-int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_SSL_RENEGOTIATION */
/**
@@ -4850,7 +4841,7 @@
* \c mbedtls_ssl_check_pending to check for remaining records.
*
*/
-int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len );
+int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len);
/**
* \brief Try to write exactly 'len' application data bytes
@@ -4912,7 +4903,7 @@
* \note Attempting to write 0 bytes will result in an empty TLS
* application record being sent.
*/
-int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len );
+int mbedtls_ssl_write(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len);
/**
* \brief Send an alert message
@@ -4930,9 +4921,9 @@
* call \c mbedtls_ssl_session_reset() on it before re-using it
* for a new connection; the current connection must be closed.
*/
-int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl,
- unsigned char level,
- unsigned char message );
+int mbedtls_ssl_send_alert_message(mbedtls_ssl_context *ssl,
+ unsigned char level,
+ unsigned char message);
/**
* \brief Notify the peer that the connection is being closed
*
@@ -4946,7 +4937,7 @@
* call \c mbedtls_ssl_session_reset() on it before re-using it
* for a new connection; the current connection must be closed.
*/
-int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl);
#if defined(MBEDTLS_SSL_EARLY_DATA)
@@ -4995,8 +4986,8 @@
* \p ssl. But this is not mandatory.
*
*/
-int mbedtls_ssl_read_early_data( mbedtls_ssl_context *ssl,
- unsigned char *buf, size_t len );
+int mbedtls_ssl_read_early_data(mbedtls_ssl_context *ssl,
+ unsigned char *buf, size_t len);
#endif /* MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_CLI_C)
@@ -5056,8 +5047,8 @@
* mbedtls_ssl_get_early_data_status() with the handshake
* completed.
*/
-int mbedtls_ssl_write_early_data( mbedtls_ssl_context *ssl,
- const unsigned char *buf, size_t len );
+int mbedtls_ssl_write_early_data(mbedtls_ssl_context *ssl,
+ const unsigned char *buf, size_t len);
#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT 0
#define MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED 1
@@ -5088,7 +5079,7 @@
* application data by calling mbedtls_ssl_write().
*
*/
-int mbedtls_ssl_get_early_data_status( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_early_data_status(mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_SSL_CLI_C */
#endif /* MBEDTLS_SSL_EARLY_DATA */
@@ -5098,7 +5089,7 @@
*
* \param ssl SSL context
*/
-void mbedtls_ssl_free( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_free(mbedtls_ssl_context *ssl);
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
/**
@@ -5157,10 +5148,10 @@
* or the connection does not use DTLS 1.2 with an AEAD
* ciphersuite, or renegotiation is enabled.
*/
-int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
- unsigned char *buf,
- size_t buf_len,
- size_t *olen );
+int mbedtls_ssl_context_save(mbedtls_ssl_context *ssl,
+ unsigned char *buf,
+ size_t buf_len,
+ size_t *olen);
/**
* \brief Load serialized connection data to an SSL context.
@@ -5230,9 +5221,9 @@
* comes from a different Mbed TLS version or build.
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if input data is invalid.
*/
-int mbedtls_ssl_context_load( mbedtls_ssl_context *ssl,
- const unsigned char *buf,
- size_t len );
+int mbedtls_ssl_context_load(mbedtls_ssl_context *ssl,
+ const unsigned char *buf,
+ size_t len);
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
/**
@@ -5245,7 +5236,7 @@
*
* \param conf SSL configuration context
*/
-void mbedtls_ssl_config_init( mbedtls_ssl_config *conf );
+void mbedtls_ssl_config_init(mbedtls_ssl_config *conf);
/**
* \brief Load reasonable default SSL configuration values.
@@ -5262,22 +5253,22 @@
* \return 0 if successful, or
* MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error.
*/
-int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
- int endpoint, int transport, int preset );
+int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf,
+ int endpoint, int transport, int preset);
/**
* \brief Free an SSL configuration context
*
* \param conf SSL configuration context
*/
-void mbedtls_ssl_config_free( mbedtls_ssl_config *conf );
+void mbedtls_ssl_config_free(mbedtls_ssl_config *conf);
/**
* \brief Initialize SSL session structure
*
* \param session SSL session
*/
-void mbedtls_ssl_session_init( mbedtls_ssl_session *session );
+void mbedtls_ssl_session_init(mbedtls_ssl_session *session);
/**
* \brief Free referenced items in an SSL session including the
@@ -5288,7 +5279,7 @@
*
* \param session SSL session
*/
-void mbedtls_ssl_session_free( mbedtls_ssl_session *session );
+void mbedtls_ssl_session_free(mbedtls_ssl_session *session);
/**
* \brief TLS-PRF function for key derivation.
@@ -5305,11 +5296,11 @@
*
* \return 0 on success. An SSL specific error on failure.
*/
-int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf,
- const unsigned char *secret, size_t slen,
- const char *label,
- const unsigned char *random, size_t rlen,
- unsigned char *dstbuf, size_t dlen );
+int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf,
+ const unsigned char *secret, size_t slen,
+ const char *label,
+ const unsigned char *random, size_t rlen,
+ unsigned char *dstbuf, size_t dlen);
#ifdef __cplusplus
}