Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1 | /** |
| 2 | * \file ssl.h |
Paul Bakker | e0ccd0a | 2009-01-04 16:27:10 +0000 | [diff] [blame] | 3 | * |
Paul Bakker | 37ca75d | 2011-01-06 12:28:03 +0000 | [diff] [blame] | 4 | * \brief SSL/TLS functions. |
| 5 | * |
Manuel Pégourié-Gonnard | 6fb8187 | 2015-07-27 11:11:48 +0200 | [diff] [blame] | 6 | * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved |
Manuel Pégourié-Gonnard | 37ff140 | 2015-09-04 14:21:07 +0200 | [diff] [blame] | 7 | * SPDX-License-Identifier: Apache-2.0 |
| 8 | * |
| 9 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| 10 | * not use this file except in compliance with the License. |
| 11 | * You may obtain a copy of the License at |
| 12 | * |
| 13 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 14 | * |
| 15 | * Unless required by applicable law or agreed to in writing, software |
| 16 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| 17 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 18 | * See the License for the specific language governing permissions and |
| 19 | * limitations under the License. |
Paul Bakker | b96f154 | 2010-07-18 20:36:00 +0000 | [diff] [blame] | 20 | * |
Manuel Pégourié-Gonnard | fe44643 | 2015-03-06 13:17:10 +0000 | [diff] [blame] | 21 | * This file is part of mbed TLS (https://tls.mbed.org) |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 22 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 23 | #ifndef MBEDTLS_SSL_H |
| 24 | #define MBEDTLS_SSL_H |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 25 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 26 | #if !defined(MBEDTLS_CONFIG_FILE) |
Paul Bakker | ed27a04 | 2013-04-18 22:46:23 +0200 | [diff] [blame] | 27 | #include "config.h" |
Manuel Pégourié-Gonnard | cef4ad2 | 2014-04-29 12:39:06 +0200 | [diff] [blame] | 28 | #else |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 29 | #include MBEDTLS_CONFIG_FILE |
Manuel Pégourié-Gonnard | cef4ad2 | 2014-04-29 12:39:06 +0200 | [diff] [blame] | 30 | #endif |
Manuel Pégourié-Gonnard | 0371704 | 2014-11-04 19:52:10 +0100 | [diff] [blame] | 31 | |
Paul Bakker | ed27a04 | 2013-04-18 22:46:23 +0200 | [diff] [blame] | 32 | #include "bignum.h" |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 33 | #include "ecp.h" |
Paul Bakker | ed27a04 | 2013-04-18 22:46:23 +0200 | [diff] [blame] | 34 | |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 35 | #include "ssl_ciphersuites.h" |
Paul Bakker | 43b7e35 | 2011-01-18 15:27:19 +0000 | [diff] [blame] | 36 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 37 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
Paul Bakker | 7c6b2c3 | 2013-09-16 13:49:26 +0200 | [diff] [blame] | 38 | #include "x509_crt.h" |
Paul Bakker | 7c6b2c3 | 2013-09-16 13:49:26 +0200 | [diff] [blame] | 39 | #include "x509_crl.h" |
Manuel Pégourié-Gonnard | 834ea85 | 2013-09-23 14:46:13 +0200 | [diff] [blame] | 40 | #endif |
Paul Bakker | ed27a04 | 2013-04-18 22:46:23 +0200 | [diff] [blame] | 41 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 42 | #if defined(MBEDTLS_DHM_C) |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 43 | #include "dhm.h" |
| 44 | #endif |
| 45 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 46 | #if defined(MBEDTLS_ECDH_C) |
Paul Bakker | 41c83d3 | 2013-03-20 14:39:14 +0100 | [diff] [blame] | 47 | #include "ecdh.h" |
| 48 | #endif |
| 49 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 50 | #if defined(MBEDTLS_ZLIB_SUPPORT) |
Paul Bakker | 2770fbd | 2012-07-03 13:30:23 +0000 | [diff] [blame] | 51 | #include "zlib.h" |
| 52 | #endif |
| 53 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 54 | #if defined(MBEDTLS_HAVE_TIME) |
Simon Butcher | 8631143 | 2016-07-12 13:11:00 +0100 | [diff] [blame] | 55 | #include "mbedtls/platform_time.h" |
Paul Bakker | fa9b100 | 2013-07-03 15:31:03 +0200 | [diff] [blame] | 56 | #endif |
| 57 | |
Paul Bakker | 13e2dfe | 2009-07-28 07:18:38 +0000 | [diff] [blame] | 58 | /* |
| 59 | * SSL Error codes |
| 60 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 61 | #define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ |
| 62 | #define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ |
| 63 | #define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ |
| 64 | #define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ |
| 65 | #define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ |
| 66 | #define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */ |
| 67 | #define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ |
| 68 | #define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ |
| 69 | #define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ |
| 70 | #define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message. */ |
| 71 | #define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */ |
| 72 | #define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ |
| 73 | #define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ |
| 74 | #define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ |
| 75 | #define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ |
| 76 | #define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */ |
| 77 | #define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ |
| 78 | #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ |
| 79 | #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ |
| 80 | #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ |
| 81 | #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ |
| 82 | #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ |
| 83 | #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ |
| 84 | #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ |
| 85 | #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */ |
| 86 | #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ |
| 87 | #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ |
| 88 | #define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ |
| 89 | #define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ |
Manuel Pégourié-Gonnard | 6a8ca33 | 2015-05-28 09:33:39 +0200 | [diff] [blame] | 90 | #define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 91 | #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ |
| 92 | #define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ |
| 93 | #define MBEDTLS_ERR_SSL_COMPRESSION_FAILED -0x6F00 /**< Processing of the compression / decompression failed */ |
| 94 | #define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ |
| 95 | #define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */ |
| 96 | #define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ |
| 97 | #define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ |
| 98 | #define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ |
| 99 | #define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */ |
| 100 | #define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */ |
| 101 | #define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */ |
| 102 | #define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */ |
| 103 | #define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */ |
| 104 | #define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980 /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */ |
Manuel Pégourié-Gonnard | 8836994 | 2015-05-06 16:19:31 +0100 | [diff] [blame] | 105 | #define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< Connection requires a read call. */ |
| 106 | #define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */ |
| 107 | #define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */ |
Manuel Pégourié-Gonnard | be619c1 | 2015-09-08 11:21:21 +0200 | [diff] [blame] | 108 | #define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */ |
Manuel Pégourié-Gonnard | e2e25e7 | 2015-12-03 16:13:17 +0100 | [diff] [blame] | 109 | #define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 /**< Record header looks valid but is not expected. */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 110 | |
| 111 | /* |
| 112 | * Various constants |
| 113 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 114 | #define MBEDTLS_SSL_MAJOR_VERSION_3 3 |
| 115 | #define MBEDTLS_SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */ |
| 116 | #define MBEDTLS_SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ |
| 117 | #define MBEDTLS_SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ |
| 118 | #define MBEDTLS_SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 119 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 120 | #define MBEDTLS_SSL_TRANSPORT_STREAM 0 /*!< TLS */ |
| 121 | #define MBEDTLS_SSL_TRANSPORT_DATAGRAM 1 /*!< DTLS */ |
Manuel Pégourié-Gonnard | 0b1ff29 | 2014-02-06 13:04:16 +0100 | [diff] [blame] | 122 | |
Simon Butcher | 9f81231 | 2015-09-28 19:22:33 +0100 | [diff] [blame] | 123 | #define MBEDTLS_SSL_MAX_HOST_NAME_LEN 255 /*!< Maximum host name defined in RFC 1035 */ |
Simon Butcher | 89f7762 | 2015-09-27 22:50:49 +0100 | [diff] [blame] | 124 | |
Manuel Pégourié-Gonnard | 581e6b6 | 2013-07-18 12:32:27 +0200 | [diff] [blame] | 125 | /* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c |
Manuel Pégourié-Gonnard | e048b67 | 2013-07-19 12:47:00 +0200 | [diff] [blame] | 126 | * NONE must be zero so that memset()ing structure to zero works */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 127 | #define MBEDTLS_SSL_MAX_FRAG_LEN_NONE 0 /*!< don't use this extension */ |
| 128 | #define MBEDTLS_SSL_MAX_FRAG_LEN_512 1 /*!< MaxFragmentLength 2^9 */ |
| 129 | #define MBEDTLS_SSL_MAX_FRAG_LEN_1024 2 /*!< MaxFragmentLength 2^10 */ |
| 130 | #define MBEDTLS_SSL_MAX_FRAG_LEN_2048 3 /*!< MaxFragmentLength 2^11 */ |
| 131 | #define MBEDTLS_SSL_MAX_FRAG_LEN_4096 4 /*!< MaxFragmentLength 2^12 */ |
| 132 | #define MBEDTLS_SSL_MAX_FRAG_LEN_INVALID 5 /*!< first invalid value */ |
Manuel Pégourié-Gonnard | 8b46459 | 2013-07-16 12:45:26 +0200 | [diff] [blame] | 133 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 134 | #define MBEDTLS_SSL_IS_CLIENT 0 |
| 135 | #define MBEDTLS_SSL_IS_SERVER 1 |
Manuel Pégourié-Gonnard | 55e4ff2 | 2014-08-19 11:16:35 +0200 | [diff] [blame] | 136 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 137 | #define MBEDTLS_SSL_IS_NOT_FALLBACK 0 |
| 138 | #define MBEDTLS_SSL_IS_FALLBACK 1 |
Manuel Pégourié-Gonnard | 1cbd39d | 2014-10-20 13:34:59 +0200 | [diff] [blame] | 139 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 140 | #define MBEDTLS_SSL_EXTENDED_MS_DISABLED 0 |
| 141 | #define MBEDTLS_SSL_EXTENDED_MS_ENABLED 1 |
Manuel Pégourié-Gonnard | 367381f | 2014-10-20 18:40:56 +0200 | [diff] [blame] | 142 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 143 | #define MBEDTLS_SSL_ETM_DISABLED 0 |
| 144 | #define MBEDTLS_SSL_ETM_ENABLED 1 |
Manuel Pégourié-Gonnard | 699cafa | 2014-10-27 13:57:03 +0100 | [diff] [blame] | 145 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 146 | #define MBEDTLS_SSL_COMPRESS_NULL 0 |
| 147 | #define MBEDTLS_SSL_COMPRESS_DEFLATE 1 |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 148 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 149 | #define MBEDTLS_SSL_VERIFY_NONE 0 |
| 150 | #define MBEDTLS_SSL_VERIFY_OPTIONAL 1 |
| 151 | #define MBEDTLS_SSL_VERIFY_REQUIRED 2 |
Manuel Pégourié-Gonnard | cdc26ae | 2015-06-19 12:16:31 +0200 | [diff] [blame] | 152 | #define MBEDTLS_SSL_VERIFY_UNSET 3 /* Used only for sni_authmode */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 153 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 154 | #define MBEDTLS_SSL_LEGACY_RENEGOTIATION 0 |
| 155 | #define MBEDTLS_SSL_SECURE_RENEGOTIATION 1 |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 156 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 157 | #define MBEDTLS_SSL_RENEGOTIATION_DISABLED 0 |
| 158 | #define MBEDTLS_SSL_RENEGOTIATION_ENABLED 1 |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 159 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 160 | #define MBEDTLS_SSL_ANTI_REPLAY_DISABLED 0 |
| 161 | #define MBEDTLS_SSL_ANTI_REPLAY_ENABLED 1 |
Manuel Pégourié-Gonnard | 2739313 | 2014-09-24 14:41:11 +0200 | [diff] [blame] | 162 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 163 | #define MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED -1 |
| 164 | #define MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT 16 |
Manuel Pégourié-Gonnard | a9964db | 2014-07-03 19:29:16 +0200 | [diff] [blame] | 165 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 166 | #define MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION 0 |
| 167 | #define MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION 1 |
| 168 | #define MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE 2 |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 169 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 170 | #define MBEDTLS_SSL_TRUNC_HMAC_DISABLED 0 |
| 171 | #define MBEDTLS_SSL_TRUNC_HMAC_ENABLED 1 |
| 172 | #define MBEDTLS_SSL_TRUNCATED_HMAC_LEN 10 /* 80 bits, rfc 6066 section 7 */ |
Manuel Pégourié-Gonnard | e980a99 | 2013-07-19 11:08:52 +0200 | [diff] [blame] | 173 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 174 | #define MBEDTLS_SSL_SESSION_TICKETS_DISABLED 0 |
| 175 | #define MBEDTLS_SSL_SESSION_TICKETS_ENABLED 1 |
Manuel Pégourié-Gonnard | aa0d4d1 | 2013-08-03 13:02:31 +0200 | [diff] [blame] | 176 | |
Manuel Pégourié-Gonnard | 17eab2b | 2015-05-05 16:34:53 +0100 | [diff] [blame] | 177 | #define MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED 0 |
| 178 | #define MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED 1 |
Manuel Pégourié-Gonnard | cfa477e | 2015-01-07 14:50:54 +0100 | [diff] [blame] | 179 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 180 | #define MBEDTLS_SSL_ARC4_ENABLED 0 |
| 181 | #define MBEDTLS_SSL_ARC4_DISABLED 1 |
Manuel Pégourié-Gonnard | bd47a58 | 2015-01-12 13:43:29 +0100 | [diff] [blame] | 182 | |
Manuel Pégourié-Gonnard | b31c5f6 | 2015-06-17 13:53:47 +0200 | [diff] [blame] | 183 | #define MBEDTLS_SSL_PRESET_DEFAULT 0 |
| 184 | #define MBEDTLS_SSL_PRESET_SUITEB 2 |
| 185 | |
Manuel Pégourié-Gonnard | ffa67be | 2014-09-19 11:18:57 +0200 | [diff] [blame] | 186 | /* |
Manuel Pégourié-Gonnard | 0ac247f | 2014-09-30 22:21:31 +0200 | [diff] [blame] | 187 | * Default range for DTLS retransmission timer value, in milliseconds. |
| 188 | * RFC 6347 4.2.4.1 says from 1 second to 60 seconds. |
| 189 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 190 | #define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN 1000 |
| 191 | #define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX 60000 |
Manuel Pégourié-Gonnard | 0ac247f | 2014-09-30 22:21:31 +0200 | [diff] [blame] | 192 | |
Paul Bakker | 088c5c5 | 2014-04-25 11:11:10 +0200 | [diff] [blame] | 193 | /** |
| 194 | * \name SECTION: Module settings |
| 195 | * |
| 196 | * The configuration options you can set for this module are in this section. |
| 197 | * Either change them in config.h or define them on the compiler command line. |
| 198 | * \{ |
| 199 | */ |
| 200 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 201 | #if !defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME) |
| 202 | #define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ |
Paul Bakker | 088c5c5 | 2014-04-25 11:11:10 +0200 | [diff] [blame] | 203 | #endif |
Paul Bakker | 606b4ba | 2013-08-14 16:52:14 +0200 | [diff] [blame] | 204 | |
Paul Bakker | 9bcf16c | 2013-06-24 19:31:17 +0200 | [diff] [blame] | 205 | /* |
Manuel Pégourié-Gonnard | bb83844 | 2015-08-31 12:46:01 +0200 | [diff] [blame] | 206 | * Maxium fragment length in bytes, |
| 207 | * determines the size of each of the two internal I/O buffers. |
| 208 | * |
Paul Bakker | 9bcf16c | 2013-06-24 19:31:17 +0200 | [diff] [blame] | 209 | * Note: the RFC defines the default size of SSL / TLS messages. If you |
| 210 | * change the value here, other clients / servers may not be able to |
| 211 | * communicate with you anymore. Only change this value if you control |
Manuel Pégourié-Gonnard | c27807d | 2014-06-30 17:27:49 +0200 | [diff] [blame] | 212 | * both sides of the connection and have it reduced at both sides, or |
| 213 | * if you're using the Max Fragment Length extension and you know all your |
| 214 | * peers are using it too! |
Paul Bakker | 9bcf16c | 2013-06-24 19:31:17 +0200 | [diff] [blame] | 215 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 216 | #if !defined(MBEDTLS_SSL_MAX_CONTENT_LEN) |
| 217 | #define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ |
Paul Bakker | 088c5c5 | 2014-04-25 11:11:10 +0200 | [diff] [blame] | 218 | #endif |
| 219 | |
| 220 | /* \} name SECTION: Module settings */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 221 | |
| 222 | /* |
Manuel Pégourié-Gonnard | 6186019 | 2014-11-04 13:05:42 +0100 | [diff] [blame] | 223 | * Length of the verify data for secure renegotiation |
| 224 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 225 | #if defined(MBEDTLS_SSL_PROTO_SSL3) |
| 226 | #define MBEDTLS_SSL_VERIFY_DATA_MAX_LEN 36 |
Manuel Pégourié-Gonnard | 6186019 | 2014-11-04 13:05:42 +0100 | [diff] [blame] | 227 | #else |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 228 | #define MBEDTLS_SSL_VERIFY_DATA_MAX_LEN 12 |
Manuel Pégourié-Gonnard | 6186019 | 2014-11-04 13:05:42 +0100 | [diff] [blame] | 229 | #endif |
| 230 | |
| 231 | /* |
Manuel Pégourié-Gonnard | c27807d | 2014-06-30 17:27:49 +0200 | [diff] [blame] | 232 | * Signaling ciphersuite values (SCSV) |
| 233 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 234 | #define MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */ |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 235 | #define MBEDTLS_SSL_FALLBACK_SCSV_VALUE 0x5600 /**< RFC 7507 section 2 */ |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 236 | |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 237 | /* |
Paul Bakker | 1ef83d6 | 2012-04-11 12:09:53 +0000 | [diff] [blame] | 238 | * Supported Signature and Hash algorithms (For TLS 1.2) |
Manuel Pégourié-Gonnard | 0b03200 | 2013-08-17 13:01:41 +0200 | [diff] [blame] | 239 | * RFC 5246 section 7.4.1.4.1 |
Paul Bakker | 1ef83d6 | 2012-04-11 12:09:53 +0000 | [diff] [blame] | 240 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 241 | #define MBEDTLS_SSL_HASH_NONE 0 |
| 242 | #define MBEDTLS_SSL_HASH_MD5 1 |
| 243 | #define MBEDTLS_SSL_HASH_SHA1 2 |
| 244 | #define MBEDTLS_SSL_HASH_SHA224 3 |
| 245 | #define MBEDTLS_SSL_HASH_SHA256 4 |
| 246 | #define MBEDTLS_SSL_HASH_SHA384 5 |
| 247 | #define MBEDTLS_SSL_HASH_SHA512 6 |
Paul Bakker | 1ef83d6 | 2012-04-11 12:09:53 +0000 | [diff] [blame] | 248 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 249 | #define MBEDTLS_SSL_SIG_ANON 0 |
| 250 | #define MBEDTLS_SSL_SIG_RSA 1 |
| 251 | #define MBEDTLS_SSL_SIG_ECDSA 3 |
Paul Bakker | 1ef83d6 | 2012-04-11 12:09:53 +0000 | [diff] [blame] | 252 | |
| 253 | /* |
Paul Bakker | 926af75 | 2012-11-23 13:38:07 +0100 | [diff] [blame] | 254 | * Client Certificate Types |
Manuel Pégourié-Gonnard | 0b03200 | 2013-08-17 13:01:41 +0200 | [diff] [blame] | 255 | * RFC 5246 section 7.4.4 plus RFC 4492 section 5.5 |
Paul Bakker | 926af75 | 2012-11-23 13:38:07 +0100 | [diff] [blame] | 256 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 257 | #define MBEDTLS_SSL_CERT_TYPE_RSA_SIGN 1 |
| 258 | #define MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN 64 |
Paul Bakker | 926af75 | 2012-11-23 13:38:07 +0100 | [diff] [blame] | 259 | |
| 260 | /* |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 261 | * Message, alert and handshake types |
| 262 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 263 | #define MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC 20 |
| 264 | #define MBEDTLS_SSL_MSG_ALERT 21 |
| 265 | #define MBEDTLS_SSL_MSG_HANDSHAKE 22 |
| 266 | #define MBEDTLS_SSL_MSG_APPLICATION_DATA 23 |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 267 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 268 | #define MBEDTLS_SSL_ALERT_LEVEL_WARNING 1 |
| 269 | #define MBEDTLS_SSL_ALERT_LEVEL_FATAL 2 |
Paul Bakker | 2e11f7d | 2010-07-25 14:24:53 +0000 | [diff] [blame] | 270 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 271 | #define MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */ |
| 272 | #define MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */ |
| 273 | #define MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */ |
| 274 | #define MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */ |
| 275 | #define MBEDTLS_SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */ |
| 276 | #define MBEDTLS_SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */ |
| 277 | #define MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */ |
| 278 | #define MBEDTLS_SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */ |
| 279 | #define MBEDTLS_SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */ |
| 280 | #define MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */ |
| 281 | #define MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */ |
| 282 | #define MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */ |
| 283 | #define MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */ |
| 284 | #define MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */ |
| 285 | #define MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */ |
| 286 | #define MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */ |
| 287 | #define MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */ |
| 288 | #define MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */ |
| 289 | #define MBEDTLS_SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */ |
| 290 | #define MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */ |
| 291 | #define MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */ |
| 292 | #define MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */ |
| 293 | #define MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK 86 /* 0x56 */ |
| 294 | #define MBEDTLS_SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */ |
| 295 | #define MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */ |
| 296 | #define MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */ |
| 297 | #define MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */ |
| 298 | #define MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY 115 /* 0x73 */ |
| 299 | #define MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL 120 /* 0x78 */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 300 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 301 | #define MBEDTLS_SSL_HS_HELLO_REQUEST 0 |
| 302 | #define MBEDTLS_SSL_HS_CLIENT_HELLO 1 |
| 303 | #define MBEDTLS_SSL_HS_SERVER_HELLO 2 |
| 304 | #define MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST 3 |
| 305 | #define MBEDTLS_SSL_HS_NEW_SESSION_TICKET 4 |
| 306 | #define MBEDTLS_SSL_HS_CERTIFICATE 11 |
| 307 | #define MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE 12 |
| 308 | #define MBEDTLS_SSL_HS_CERTIFICATE_REQUEST 13 |
| 309 | #define MBEDTLS_SSL_HS_SERVER_HELLO_DONE 14 |
| 310 | #define MBEDTLS_SSL_HS_CERTIFICATE_VERIFY 15 |
| 311 | #define MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE 16 |
| 312 | #define MBEDTLS_SSL_HS_FINISHED 20 |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 313 | |
| 314 | /* |
| 315 | * TLS extensions |
| 316 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 317 | #define MBEDTLS_TLS_EXT_SERVERNAME 0 |
| 318 | #define MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME 0 |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 319 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 320 | #define MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH 1 |
Manuel Pégourié-Gonnard | 48f8d0d | 2013-07-17 10:25:37 +0200 | [diff] [blame] | 321 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 322 | #define MBEDTLS_TLS_EXT_TRUNCATED_HMAC 4 |
Manuel Pégourié-Gonnard | 57c2852 | 2013-07-19 11:41:43 +0200 | [diff] [blame] | 323 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 324 | #define MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10 |
| 325 | #define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS 11 |
Paul Bakker | c3f177a | 2012-04-11 16:11:49 +0000 | [diff] [blame] | 326 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 327 | #define MBEDTLS_TLS_EXT_SIG_ALG 13 |
Paul Bakker | 41c83d3 | 2013-03-20 14:39:14 +0100 | [diff] [blame] | 328 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 329 | #define MBEDTLS_TLS_EXT_ALPN 16 |
Manuel Pégourié-Gonnard | 0b874dc | 2014-04-07 10:57:45 +0200 | [diff] [blame] | 330 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 331 | #define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ |
| 332 | #define MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */ |
Manuel Pégourié-Gonnard | 367381f | 2014-10-20 18:40:56 +0200 | [diff] [blame] | 333 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 334 | #define MBEDTLS_TLS_EXT_SESSION_TICKET 35 |
Manuel Pégourié-Gonnard | 60182ef | 2013-08-02 14:44:54 +0200 | [diff] [blame] | 335 | |
Manuel Pégourié-Gonnard | 294139b | 2015-09-15 16:55:05 +0200 | [diff] [blame] | 336 | #define MBEDTLS_TLS_EXT_ECJPAKE_KKPP 256 /* experimental */ |
| 337 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 338 | #define MBEDTLS_TLS_EXT_RENEGOTIATION_INFO 0xFF01 |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 339 | |
Paul Bakker | eb2c658 | 2012-09-27 19:15:01 +0000 | [diff] [blame] | 340 | /* |
Paul Bakker | ed27a04 | 2013-04-18 22:46:23 +0200 | [diff] [blame] | 341 | * Size defines |
| 342 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 343 | #if !defined(MBEDTLS_PSK_MAX_LEN) |
| 344 | #define MBEDTLS_PSK_MAX_LEN 32 /* 256 bits */ |
Paul Bakker | ed27a04 | 2013-04-18 22:46:23 +0200 | [diff] [blame] | 345 | #endif |
| 346 | |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 347 | /* Dummy type used only for its size */ |
Manuel Pégourié-Gonnard | 160e384 | 2015-05-27 20:27:06 +0200 | [diff] [blame] | 348 | union mbedtls_ssl_premaster_secret |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 349 | { |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 350 | #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 351 | unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */ |
| 352 | #endif |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 353 | #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) |
| 354 | unsigned char _pms_dhm[MBEDTLS_MPI_MAX_SIZE]; /* RFC 5246 8.1.2 */ |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 355 | #endif |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 356 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ |
| 357 | defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ |
| 358 | defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ |
| 359 | defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) |
| 360 | unsigned char _pms_ecdh[MBEDTLS_ECP_MAX_BYTES]; /* RFC 4492 5.10 */ |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 361 | #endif |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 362 | #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) |
| 363 | unsigned char _pms_psk[4 + 2 * MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 2 */ |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 364 | #endif |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 365 | #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) |
| 366 | unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE |
| 367 | + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */ |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 368 | #endif |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 369 | #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) |
| 370 | unsigned char _pms_rsa_psk[52 + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 4 */ |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 371 | #endif |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 372 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) |
| 373 | unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES |
| 374 | + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */ |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 375 | #endif |
Manuel Pégourié-Gonnard | 557535d | 2015-09-15 17:53:32 +0200 | [diff] [blame] | 376 | #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) |
| 377 | unsigned char _pms_ecjpake[32]; /* Thread spec: SHA-256 output */ |
| 378 | #endif |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 379 | }; |
| 380 | |
Manuel Pégourié-Gonnard | 160e384 | 2015-05-27 20:27:06 +0200 | [diff] [blame] | 381 | #define MBEDTLS_PREMASTER_SIZE sizeof( union mbedtls_ssl_premaster_secret ) |
Manuel Pégourié-Gonnard | 481fcfd | 2014-07-03 16:12:50 +0200 | [diff] [blame] | 382 | |
Paul Bakker | 407a0da | 2013-06-27 14:29:21 +0200 | [diff] [blame] | 383 | #ifdef __cplusplus |
| 384 | extern "C" { |
| 385 | #endif |
| 386 | |
Paul Bakker | ed27a04 | 2013-04-18 22:46:23 +0200 | [diff] [blame] | 387 | /* |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 388 | * SSL state machine |
| 389 | */ |
| 390 | typedef enum |
| 391 | { |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 392 | MBEDTLS_SSL_HELLO_REQUEST, |
| 393 | MBEDTLS_SSL_CLIENT_HELLO, |
| 394 | MBEDTLS_SSL_SERVER_HELLO, |
| 395 | MBEDTLS_SSL_SERVER_CERTIFICATE, |
| 396 | MBEDTLS_SSL_SERVER_KEY_EXCHANGE, |
| 397 | MBEDTLS_SSL_CERTIFICATE_REQUEST, |
| 398 | MBEDTLS_SSL_SERVER_HELLO_DONE, |
| 399 | MBEDTLS_SSL_CLIENT_CERTIFICATE, |
| 400 | MBEDTLS_SSL_CLIENT_KEY_EXCHANGE, |
| 401 | MBEDTLS_SSL_CERTIFICATE_VERIFY, |
| 402 | MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC, |
| 403 | MBEDTLS_SSL_CLIENT_FINISHED, |
| 404 | MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC, |
| 405 | MBEDTLS_SSL_SERVER_FINISHED, |
| 406 | MBEDTLS_SSL_FLUSH_BUFFERS, |
| 407 | MBEDTLS_SSL_HANDSHAKE_WRAPUP, |
| 408 | MBEDTLS_SSL_HANDSHAKE_OVER, |
| 409 | MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET, |
| 410 | MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT, |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 411 | } |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 412 | mbedtls_ssl_states; |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 413 | |
Simon Butcher | e846b51 | 2016-03-01 17:31:49 +0000 | [diff] [blame] | 414 | /** |
| 415 | * \brief Callback type: send data on the network. |
| 416 | * |
| 417 | * \note That callback may be either blocking or non-blocking. |
| 418 | * |
| 419 | * \param ctx Context for the send callback (typically a file descriptor) |
Simon Butcher | d567a23 | 2016-03-09 20:19:21 +0000 | [diff] [blame] | 420 | * \param buf Buffer holding the data to send |
Simon Butcher | e846b51 | 2016-03-01 17:31:49 +0000 | [diff] [blame] | 421 | * \param len Length of the data to send |
| 422 | * |
| 423 | * \return The callback must return the number of bytes sent if any, |
| 424 | * or a non-zero error code. |
| 425 | * If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_WRITE |
| 426 | * must be returned when the operation would block. |
| 427 | * |
Simon Butcher | d567a23 | 2016-03-09 20:19:21 +0000 | [diff] [blame] | 428 | * \note The callback is allowed to send fewer bytes than requested. |
Simon Butcher | e846b51 | 2016-03-01 17:31:49 +0000 | [diff] [blame] | 429 | * It must always return the number of bytes actually sent. |
| 430 | */ |
| 431 | typedef int mbedtls_ssl_send_t( void *ctx, |
| 432 | const unsigned char *buf, |
| 433 | size_t len ); |
| 434 | |
| 435 | /** |
| 436 | * \brief Callback type: receive data from the network. |
| 437 | * |
| 438 | * \note That callback may be either blocking or non-blocking. |
| 439 | * |
| 440 | * \param ctx Context for the receive callback (typically a file |
| 441 | * descriptor) |
| 442 | * \param buf Buffer to write the received data to |
| 443 | * \param len Length of the receive buffer |
| 444 | * |
| 445 | * \return The callback must return the number of bytes received, |
| 446 | * or a non-zero error code. |
| 447 | * If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ |
| 448 | * must be returned when the operation would block. |
| 449 | * |
Simon Butcher | d567a23 | 2016-03-09 20:19:21 +0000 | [diff] [blame] | 450 | * \note The callback may receive fewer bytes than the length of the |
Simon Butcher | e846b51 | 2016-03-01 17:31:49 +0000 | [diff] [blame] | 451 | * buffer. It must always return the number of bytes actually |
| 452 | * received and written to the buffer. |
| 453 | */ |
| 454 | typedef int mbedtls_ssl_recv_t( void *ctx, |
| 455 | unsigned char *buf, |
| 456 | size_t len ); |
| 457 | |
| 458 | /** |
| 459 | * \brief Callback type: receive data from the network, with timeout |
| 460 | * |
| 461 | * \note That callback must block until data is received, or the |
| 462 | * timeout delay expires, or the operation is interrupted by a |
| 463 | * signal. |
| 464 | * |
| 465 | * \param ctx Context for the receive callback (typically a file descriptor) |
| 466 | * \param buf Buffer to write the received data to |
| 467 | * \param len Length of the receive buffer |
| 468 | * \param timeout Maximum nomber of millisecondes to wait for data |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 469 | * 0 means no timeout (potentially waiting forever) |
Simon Butcher | e846b51 | 2016-03-01 17:31:49 +0000 | [diff] [blame] | 470 | * |
| 471 | * \return The callback must return the number of bytes received, |
| 472 | * or a non-zero error code: |
| 473 | * \c MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out, |
| 474 | * \c MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal. |
| 475 | * |
Simon Butcher | d567a23 | 2016-03-09 20:19:21 +0000 | [diff] [blame] | 476 | * \note The callback may receive fewer bytes than the length of the |
Simon Butcher | e846b51 | 2016-03-01 17:31:49 +0000 | [diff] [blame] | 477 | * buffer. It must always return the number of bytes actually |
| 478 | * received and written to the buffer. |
| 479 | */ |
| 480 | typedef int mbedtls_ssl_recv_timeout_t( void *ctx, |
| 481 | unsigned char *buf, |
| 482 | size_t len, |
| 483 | uint32_t timeout ); |
| 484 | /** |
| 485 | * \brief Callback type: set a pair of timers/delays to watch |
| 486 | * |
| 487 | * \param ctx Context pointer |
| 488 | * \param int_ms Intermediate delay in milliseconds |
| 489 | * \param fin_ms Final delay in milliseconds |
| 490 | * 0 cancels the current timer. |
| 491 | * |
| 492 | * \note This callback must at least store the necessary information |
| 493 | * for the associated \c mbedtls_ssl_get_timer_t callback to |
| 494 | * return correct information. |
| 495 | * |
| 496 | * \note If using a event-driven style of programming, an event must |
| 497 | * be generated when the final delay is passed. The event must |
| 498 | * cause a call to \c mbedtls_ssl_handshake() with the proper |
| 499 | * SSL context to be scheduled. Care must be taken to ensure |
| 500 | * that at most one such call happens at a time. |
| 501 | * |
| 502 | * \note Only one timer at a time must be running. Calling this |
| 503 | * function while a timer is running must cancel it. Cancelled |
| 504 | * timers must not generate any event. |
| 505 | */ |
| 506 | typedef void mbedtls_ssl_set_timer_t( void * ctx, |
| 507 | uint32_t int_ms, |
| 508 | uint32_t fin_ms ); |
| 509 | |
| 510 | /** |
| 511 | * \brief Callback type: get status of timers/delays |
| 512 | * |
| 513 | * \param ctx Context pointer |
| 514 | * |
| 515 | * \return This callback must return: |
| 516 | * -1 if cancelled (fin_ms == 0), |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 517 | * 0 if none of the delays have passed, |
| 518 | * 1 if only the intermediate delay has passed, |
| 519 | * 2 if the final delay has passed. |
Simon Butcher | e846b51 | 2016-03-01 17:31:49 +0000 | [diff] [blame] | 520 | */ |
| 521 | typedef int mbedtls_ssl_get_timer_t( void * ctx ); |
| 522 | |
| 523 | |
Manuel Pégourié-Gonnard | cd4fcc6 | 2015-05-26 12:11:48 +0200 | [diff] [blame] | 524 | /* Defined below */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 525 | typedef struct mbedtls_ssl_session mbedtls_ssl_session; |
| 526 | typedef struct mbedtls_ssl_context mbedtls_ssl_context; |
Manuel Pégourié-Gonnard | cd4fcc6 | 2015-05-26 12:11:48 +0200 | [diff] [blame] | 527 | typedef struct mbedtls_ssl_config mbedtls_ssl_config; |
| 528 | |
| 529 | /* Defined in ssl_internal.h */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 530 | typedef struct mbedtls_ssl_transform mbedtls_ssl_transform; |
| 531 | typedef struct mbedtls_ssl_handshake_params mbedtls_ssl_handshake_params; |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 532 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| 533 | typedef struct mbedtls_ssl_key_cert mbedtls_ssl_key_cert; |
Manuel Pégourié-Gonnard | 834ea85 | 2013-09-23 14:46:13 +0200 | [diff] [blame] | 534 | #endif |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 535 | #if defined(MBEDTLS_SSL_PROTO_DTLS) |
| 536 | typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; |
Manuel Pégourié-Gonnard | ffa67be | 2014-09-19 11:18:57 +0200 | [diff] [blame] | 537 | #endif |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 538 | |
| 539 | /* |
Paul Bakker | 0a59707 | 2012-09-25 21:55:46 +0000 | [diff] [blame] | 540 | * This structure is used for storing current session data. |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 541 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 542 | struct mbedtls_ssl_session |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 543 | { |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 544 | #if defined(MBEDTLS_HAVE_TIME) |
SimonB | d5800b7 | 2016-04-26 07:43:27 +0100 | [diff] [blame] | 545 | mbedtls_time_t start; /*!< starting time */ |
Paul Bakker | fa9b100 | 2013-07-03 15:31:03 +0200 | [diff] [blame] | 546 | #endif |
Paul Bakker | e3166ce | 2011-01-27 17:40:50 +0000 | [diff] [blame] | 547 | int ciphersuite; /*!< chosen ciphersuite */ |
Paul Bakker | 2770fbd | 2012-07-03 13:30:23 +0000 | [diff] [blame] | 548 | int compression; /*!< chosen compression */ |
Manuel Pégourié-Gonnard | 12ad798 | 2015-06-18 15:50:37 +0200 | [diff] [blame] | 549 | size_t id_len; /*!< session id length */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 550 | unsigned char id[32]; /*!< session identifier */ |
| 551 | unsigned char master[48]; /*!< the master secret */ |
Paul Bakker | ed27a04 | 2013-04-18 22:46:23 +0200 | [diff] [blame] | 552 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 553 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| 554 | mbedtls_x509_crt *peer_cert; /*!< peer X.509 cert chain */ |
| 555 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
Manuel Pégourié-Gonnard | e6ef16f | 2015-05-11 19:54:43 +0200 | [diff] [blame] | 556 | uint32_t verify_result; /*!< verification result */ |
Manuel Pégourié-Gonnard | ed4af8b | 2013-07-18 14:07:09 +0200 | [diff] [blame] | 557 | |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 558 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) |
Manuel Pégourié-Gonnard | 75d4401 | 2013-08-02 14:44:04 +0200 | [diff] [blame] | 559 | unsigned char *ticket; /*!< RFC 5077 session ticket */ |
| 560 | size_t ticket_len; /*!< session ticket length */ |
Manuel Pégourié-Gonnard | a5cc602 | 2013-07-31 12:58:16 +0200 | [diff] [blame] | 561 | uint32_t ticket_lifetime; /*!< ticket lifetime hint */ |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 562 | #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ |
Manuel Pégourié-Gonnard | 75d4401 | 2013-08-02 14:44:04 +0200 | [diff] [blame] | 563 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 564 | #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) |
Manuel Pégourié-Gonnard | ed4af8b | 2013-07-18 14:07:09 +0200 | [diff] [blame] | 565 | unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 566 | #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ |
Paul Bakker | 05decb2 | 2013-08-15 13:33:48 +0200 | [diff] [blame] | 567 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 568 | #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) |
Manuel Pégourié-Gonnard | 57c2852 | 2013-07-19 11:41:43 +0200 | [diff] [blame] | 569 | int trunc_hmac; /*!< flag for truncated hmac activation */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 570 | #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ |
Manuel Pégourié-Gonnard | 699cafa | 2014-10-27 13:57:03 +0100 | [diff] [blame] | 571 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 572 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) |
Manuel Pégourié-Gonnard | 699cafa | 2014-10-27 13:57:03 +0100 | [diff] [blame] | 573 | int encrypt_then_mac; /*!< flag for EtM activation */ |
| 574 | #endif |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 575 | }; |
| 576 | |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 577 | /** |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 578 | * SSL/TLS configuration to be shared between mbedtls_ssl_context structures. |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 579 | */ |
Manuel Pégourié-Gonnard | cd4fcc6 | 2015-05-26 12:11:48 +0200 | [diff] [blame] | 580 | struct mbedtls_ssl_config |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 581 | { |
| 582 | /* Group items by size (largest first) to minimize padding overhead */ |
| 583 | |
| 584 | /* |
| 585 | * Pointers |
| 586 | */ |
| 587 | |
Manuel Pégourié-Gonnard | 750e4d7 | 2015-05-07 12:35:38 +0100 | [diff] [blame] | 588 | const int *ciphersuite_list[4]; /*!< allowed ciphersuites per version */ |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 589 | |
| 590 | /** Callback for printing debug output */ |
Manuel Pégourié-Gonnard | fd47423 | 2015-06-23 16:34:24 +0200 | [diff] [blame] | 591 | void (*f_dbg)(void *, int, const char *, int, const char *); |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 592 | void *p_dbg; /*!< context for the debug function */ |
| 593 | |
Manuel Pégourié-Gonnard | 750e4d7 | 2015-05-07 12:35:38 +0100 | [diff] [blame] | 594 | /** Callback for getting (pseudo-)random numbers */ |
| 595 | int (*f_rng)(void *, unsigned char *, size_t); |
| 596 | void *p_rng; /*!< context for the RNG function */ |
| 597 | |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 598 | /** Callback to retrieve a session from the cache */ |
| 599 | int (*f_get_cache)(void *, mbedtls_ssl_session *); |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 600 | /** Callback to store a session into the cache */ |
| 601 | int (*f_set_cache)(void *, const mbedtls_ssl_session *); |
Manuel Pégourié-Gonnard | 5cb3308 | 2015-05-06 18:06:26 +0100 | [diff] [blame] | 602 | void *p_cache; /*!< context for cache callbacks */ |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 603 | |
| 604 | #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) |
| 605 | /** Callback for setting cert according to SNI extension */ |
| 606 | int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t); |
| 607 | void *p_sni; /*!< context for SNI callback */ |
| 608 | #endif |
| 609 | |
| 610 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| 611 | /** Callback to customize X.509 certificate chain verification */ |
Manuel Pégourié-Gonnard | e6ef16f | 2015-05-11 19:54:43 +0200 | [diff] [blame] | 612 | int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 613 | void *p_vrfy; /*!< context for X.509 verify calllback */ |
| 614 | #endif |
| 615 | |
| 616 | #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) |
| 617 | /** Callback to retrieve PSK key from identity */ |
| 618 | int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t); |
| 619 | void *p_psk; /*!< context for PSK callback */ |
| 620 | #endif |
| 621 | |
Manuel Pégourié-Gonnard | e057d3b | 2015-05-20 10:59:43 +0200 | [diff] [blame] | 622 | #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 623 | /** Callback to create & write a cookie for ClientHello veirifcation */ |
| 624 | int (*f_cookie_write)( void *, unsigned char **, unsigned char *, |
| 625 | const unsigned char *, size_t ); |
| 626 | /** Callback to verify validity of a ClientHello cookie */ |
| 627 | int (*f_cookie_check)( void *, const unsigned char *, size_t, |
| 628 | const unsigned char *, size_t ); |
Manuel Pégourié-Gonnard | 750e4d7 | 2015-05-07 12:35:38 +0100 | [diff] [blame] | 629 | void *p_cookie; /*!< context for the cookie callbacks */ |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 630 | #endif |
| 631 | |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 632 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) |
Manuel Pégourié-Gonnard | d59675d | 2015-05-19 15:28:00 +0200 | [diff] [blame] | 633 | /** Callback to create & write a session ticket */ |
| 634 | int (*f_ticket_write)( void *, const mbedtls_ssl_session *, |
| 635 | unsigned char *, const unsigned char *, size_t *, uint32_t * ); |
| 636 | /** Callback to parse a session ticket into a session structure */ |
| 637 | int (*f_ticket_parse)( void *, mbedtls_ssl_session *, unsigned char *, size_t); |
| 638 | void *p_ticket; /*!< context for the ticket callbacks */ |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 639 | #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ |
Manuel Pégourié-Gonnard | d59675d | 2015-05-19 15:28:00 +0200 | [diff] [blame] | 640 | |
Robert Cragie | 4feb7ae | 2015-10-02 13:33:37 +0100 | [diff] [blame] | 641 | #if defined(MBEDTLS_SSL_EXPORT_KEYS) |
Manuel Pégourié-Gonnard | 024b6df | 2015-10-19 13:52:53 +0200 | [diff] [blame] | 642 | /** Callback to export key block and master secret */ |
Robert Cragie | 4feb7ae | 2015-10-02 13:33:37 +0100 | [diff] [blame] | 643 | int (*f_export_keys)( void *, const unsigned char *, |
| 644 | const unsigned char *, size_t, size_t, size_t ); |
| 645 | void *p_export_keys; /*!< context for key export callback */ |
| 646 | #endif |
| 647 | |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 648 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
Manuel Pégourié-Gonnard | 36a8b57 | 2015-06-17 12:43:26 +0200 | [diff] [blame] | 649 | const mbedtls_x509_crt_profile *cert_profile; /*!< verification profile */ |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 650 | mbedtls_ssl_key_cert *key_cert; /*!< own certificate/key pair(s) */ |
| 651 | mbedtls_x509_crt *ca_chain; /*!< trusted CAs */ |
| 652 | mbedtls_x509_crl *ca_crl; /*!< trusted CAs CRLs */ |
| 653 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
| 654 | |
Manuel Pégourié-Gonnard | e5f3072 | 2015-10-22 17:01:15 +0200 | [diff] [blame] | 655 | #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) |
Manuel Pégourié-Gonnard | 36a8b57 | 2015-06-17 12:43:26 +0200 | [diff] [blame] | 656 | const int *sig_hashes; /*!< allowed signature hashes */ |
| 657 | #endif |
| 658 | |
Manuel Pégourié-Gonnard | b541da6 | 2015-06-17 11:43:30 +0200 | [diff] [blame] | 659 | #if defined(MBEDTLS_ECP_C) |
Manuel Pégourié-Gonnard | 750e4d7 | 2015-05-07 12:35:38 +0100 | [diff] [blame] | 660 | const mbedtls_ecp_group_id *curve_list; /*!< allowed curves */ |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 661 | #endif |
| 662 | |
| 663 | #if defined(MBEDTLS_DHM_C) |
| 664 | mbedtls_mpi dhm_P; /*!< prime modulus for DHM */ |
| 665 | mbedtls_mpi dhm_G; /*!< generator for DHM */ |
| 666 | #endif |
| 667 | |
| 668 | #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) |
| 669 | unsigned char *psk; /*!< pre-shared key */ |
| 670 | size_t psk_len; /*!< length of the pre-shared key */ |
| 671 | unsigned char *psk_identity; /*!< identity for PSK negotiation */ |
| 672 | size_t psk_identity_len;/*!< length of identity */ |
| 673 | #endif |
| 674 | |
| 675 | #if defined(MBEDTLS_SSL_ALPN) |
| 676 | const char **alpn_list; /*!< ordered list of protocols */ |
| 677 | #endif |
| 678 | |
| 679 | /* |
| 680 | * Numerical settings (int then char) |
| 681 | */ |
| 682 | |
Manuel Pégourié-Gonnard | 7ca4e4d | 2015-05-04 10:55:58 +0200 | [diff] [blame] | 683 | uint32_t read_timeout; /*!< timeout for mbedtls_ssl_read (ms) */ |
| 684 | |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 685 | #if defined(MBEDTLS_SSL_PROTO_DTLS) |
| 686 | uint32_t hs_timeout_min; /*!< initial value of the handshake |
Manuel Pégourié-Gonnard | 7ca4e4d | 2015-05-04 10:55:58 +0200 | [diff] [blame] | 687 | retransmission timeout (ms) */ |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 688 | uint32_t hs_timeout_max; /*!< maximum value of the handshake |
Manuel Pégourié-Gonnard | 7ca4e4d | 2015-05-04 10:55:58 +0200 | [diff] [blame] | 689 | retransmission timeout (ms) */ |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 690 | #endif |
| 691 | |
| 692 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
| 693 | int renego_max_records; /*!< grace period for renegotiation */ |
| 694 | unsigned char renego_period[8]; /*!< value of the record counters |
| 695 | that triggers renegotiation */ |
| 696 | #endif |
| 697 | |
| 698 | #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) |
| 699 | unsigned int badmac_limit; /*!< limit of records with a bad MAC */ |
| 700 | #endif |
| 701 | |
Manuel Pégourié-Gonnard | bd990d6 | 2015-06-11 14:49:42 +0200 | [diff] [blame] | 702 | #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) |
| 703 | unsigned int dhm_min_bitlen; /*!< min. bit length of the DHM prime */ |
| 704 | #endif |
| 705 | |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 706 | unsigned char max_major_ver; /*!< max. major version used */ |
| 707 | unsigned char max_minor_ver; /*!< max. minor version used */ |
| 708 | unsigned char min_major_ver; /*!< min. major version used */ |
| 709 | unsigned char min_minor_ver; /*!< min. minor version used */ |
| 710 | |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 711 | /* |
| 712 | * Flags (bitfields) |
| 713 | */ |
| 714 | |
| 715 | unsigned int endpoint : 1; /*!< 0: client, 1: server */ |
| 716 | unsigned int transport : 1; /*!< stream (TLS) or datagram (DTLS) */ |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 717 | unsigned int authmode : 2; /*!< MBEDTLS_SSL_VERIFY_XXX */ |
| 718 | /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE */ |
| 719 | unsigned int allow_legacy_renegotiation : 2 ; /*!< MBEDTLS_LEGACY_XXX */ |
Manuel Pégourié-Gonnard | 66dc555 | 2015-05-14 12:28:21 +0200 | [diff] [blame] | 720 | #if defined(MBEDTLS_ARC4_C) |
| 721 | unsigned int arc4_disabled : 1; /*!< blacklist RC4 ciphersuites? */ |
| 722 | #endif |
Manuel Pégourié-Gonnard | e51bba0 | 2015-05-06 09:33:13 +0100 | [diff] [blame] | 723 | #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) |
| 724 | unsigned int mfl_code : 3; /*!< desired fragment length */ |
| 725 | #endif |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 726 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) |
| 727 | unsigned int encrypt_then_mac : 1 ; /*!< negotiate encrypt-then-mac? */ |
| 728 | #endif |
| 729 | #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) |
| 730 | unsigned int extended_ms : 1; /*!< negotiate extended master secret? */ |
| 731 | #endif |
| 732 | #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) |
| 733 | unsigned int anti_replay : 1; /*!< detect and prevent replay? */ |
| 734 | #endif |
| 735 | #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) |
| 736 | unsigned int cbc_record_splitting : 1; /*!< do cbc record splitting */ |
| 737 | #endif |
| 738 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
| 739 | unsigned int disable_renegotiation : 1; /*!< disable renegotiation? */ |
| 740 | #endif |
| 741 | #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) |
| 742 | unsigned int trunc_hmac : 1; /*!< negotiate truncated hmac? */ |
| 743 | #endif |
| 744 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
| 745 | unsigned int session_tickets : 1; /*!< use session tickets? */ |
| 746 | #endif |
Manuel Pégourié-Gonnard | 684b059 | 2015-05-06 09:27:31 +0100 | [diff] [blame] | 747 | #if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) |
| 748 | unsigned int fallback : 1; /*!< is this a fallback? */ |
| 749 | #endif |
Manuel Pégourié-Gonnard | cd4fcc6 | 2015-05-26 12:11:48 +0200 | [diff] [blame] | 750 | }; |
| 751 | |
Manuel Pégourié-Gonnard | fa6473d | 2015-04-30 18:03:08 +0200 | [diff] [blame] | 752 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 753 | struct mbedtls_ssl_context |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 754 | { |
Manuel Pégourié-Gonnard | 1897af9 | 2015-05-10 23:27:38 +0200 | [diff] [blame] | 755 | const mbedtls_ssl_config *conf; /*!< configuration information */ |
Manuel Pégourié-Gonnard | 7ca4e4d | 2015-05-04 10:55:58 +0200 | [diff] [blame] | 756 | |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 757 | /* |
| 758 | * Miscellaneous |
| 759 | */ |
| 760 | int state; /*!< SSL handshake: current state */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 761 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
Manuel Pégourié-Gonnard | 852a6d3 | 2015-03-19 16:15:20 +0000 | [diff] [blame] | 762 | int renego_status; /*!< Initial, in progress, pending? */ |
Manuel Pégourié-Gonnard | df3acd8 | 2014-10-15 15:07:45 +0200 | [diff] [blame] | 763 | int renego_records_seen; /*!< Records since renego request, or with DTLS, |
| 764 | number of retransmissions of request if |
| 765 | renego_max_records is < 0 */ |
Manuel Pégourié-Gonnard | 615e677 | 2014-11-03 08:23:14 +0100 | [diff] [blame] | 766 | #endif |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 767 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 768 | int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 769 | int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ |
| 770 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 771 | #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) |
Manuel Pégourié-Gonnard | b0643d1 | 2014-10-14 18:30:36 +0200 | [diff] [blame] | 772 | unsigned badmac_seen; /*!< records with a bad MAC received */ |
| 773 | #endif |
| 774 | |
Simon Butcher | e846b51 | 2016-03-01 17:31:49 +0000 | [diff] [blame] | 775 | mbedtls_ssl_send_t *f_send; /*!< Callback for network send */ |
| 776 | mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */ |
| 777 | mbedtls_ssl_recv_timeout_t *f_recv_timeout; |
| 778 | /*!< Callback for network receive with timeout */ |
| 779 | |
Manuel Pégourié-Gonnard | e6bdc44 | 2014-09-17 11:34:57 +0200 | [diff] [blame] | 780 | void *p_bio; /*!< context for I/O operations */ |
Paul Bakker | 6db455e | 2013-09-18 17:29:31 +0200 | [diff] [blame] | 781 | |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 782 | /* |
| 783 | * Session layer |
| 784 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 785 | mbedtls_ssl_session *session_in; /*!< current session data (in) */ |
| 786 | mbedtls_ssl_session *session_out; /*!< current session data (out) */ |
| 787 | mbedtls_ssl_session *session; /*!< negotiated session data */ |
| 788 | mbedtls_ssl_session *session_negotiate; /*!< session data in negotiation */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 789 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 790 | mbedtls_ssl_handshake_params *handshake; /*!< params required only during |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 791 | the handshake process */ |
| 792 | |
| 793 | /* |
| 794 | * Record layer transformations |
| 795 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 796 | mbedtls_ssl_transform *transform_in; /*!< current transform params (in) */ |
| 797 | mbedtls_ssl_transform *transform_out; /*!< current transform params (in) */ |
| 798 | mbedtls_ssl_transform *transform; /*!< negotiated transform params */ |
| 799 | mbedtls_ssl_transform *transform_negotiate; /*!< transform params in negotiation */ |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 800 | |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 801 | /* |
Manuel Pégourié-Gonnard | 8e704f0 | 2014-10-14 20:03:35 +0200 | [diff] [blame] | 802 | * Timers |
Manuel Pégourié-Gonnard | db2858c | 2014-09-29 14:04:42 +0200 | [diff] [blame] | 803 | */ |
Manuel Pégourié-Gonnard | 2e01291 | 2015-05-12 20:55:41 +0200 | [diff] [blame] | 804 | void *p_timer; /*!< context for the timer callbacks */ |
Simon Butcher | e846b51 | 2016-03-01 17:31:49 +0000 | [diff] [blame] | 805 | |
| 806 | mbedtls_ssl_set_timer_t *f_set_timer; /*!< set timer callback */ |
| 807 | mbedtls_ssl_get_timer_t *f_get_timer; /*!< get timer callback */ |
Manuel Pégourié-Gonnard | 905dd24 | 2014-10-01 12:03:55 +0200 | [diff] [blame] | 808 | |
Manuel Pégourié-Gonnard | db2858c | 2014-09-29 14:04:42 +0200 | [diff] [blame] | 809 | /* |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 810 | * Record layer (incoming data) |
| 811 | */ |
Manuel Pégourié-Gonnard | 7ee6f0e | 2014-02-13 10:54:07 +0100 | [diff] [blame] | 812 | unsigned char *in_buf; /*!< input buffer */ |
Manuel Pégourié-Gonnard | 246c13a | 2014-09-24 13:56:09 +0200 | [diff] [blame] | 813 | unsigned char *in_ctr; /*!< 64-bit incoming message counter |
| 814 | TLS: maintained by us |
| 815 | DTLS: read from peer */ |
Manuel Pégourié-Gonnard | 7ee6f0e | 2014-02-13 10:54:07 +0100 | [diff] [blame] | 816 | unsigned char *in_hdr; /*!< start of record header */ |
| 817 | unsigned char *in_len; /*!< two-bytes message length field */ |
| 818 | unsigned char *in_iv; /*!< ivlen-byte IV */ |
Paul Bakker | 92be97b | 2013-01-02 17:30:03 +0100 | [diff] [blame] | 819 | unsigned char *in_msg; /*!< message contents (in_iv+ivlen) */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 820 | unsigned char *in_offt; /*!< read offset in application data */ |
| 821 | |
| 822 | int in_msgtype; /*!< record header: message type */ |
Paul Bakker | 23986e5 | 2011-04-24 08:57:21 +0000 | [diff] [blame] | 823 | size_t in_msglen; /*!< record header: message length */ |
| 824 | size_t in_left; /*!< amount of data read so far */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 825 | #if defined(MBEDTLS_SSL_PROTO_DTLS) |
Manuel Pégourié-Gonnard | 246c13a | 2014-09-24 13:56:09 +0200 | [diff] [blame] | 826 | uint16_t in_epoch; /*!< DTLS epoch for incoming records */ |
Manuel Pégourié-Gonnard | 64dffc5 | 2014-09-02 13:39:16 +0200 | [diff] [blame] | 827 | size_t next_record_offset; /*!< offset of the next record in datagram |
| 828 | (equal to in_left if none) */ |
Manuel Pégourié-Gonnard | b2f3be8 | 2014-07-10 17:54:52 +0200 | [diff] [blame] | 829 | #endif |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 830 | #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) |
Manuel Pégourié-Gonnard | 7a7e140 | 2014-09-24 10:52:58 +0200 | [diff] [blame] | 831 | uint64_t in_window_top; /*!< last validated record seq_num */ |
| 832 | uint64_t in_window; /*!< bitmask for replay detection */ |
| 833 | #endif |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 834 | |
Manuel Pégourié-Gonnard | 9d1d719 | 2014-09-03 11:01:14 +0200 | [diff] [blame] | 835 | size_t in_hslen; /*!< current handshake message length, |
| 836 | including the handshake header */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 837 | int nb_zero; /*!< # of 0-length encrypted messages */ |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 838 | int record_read; /*!< record is already present */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 839 | |
| 840 | /* |
| 841 | * Record layer (outgoing data) |
| 842 | */ |
Manuel Pégourié-Gonnard | 7ee6f0e | 2014-02-13 10:54:07 +0100 | [diff] [blame] | 843 | unsigned char *out_buf; /*!< output buffer */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 844 | unsigned char *out_ctr; /*!< 64-bit outgoing message counter */ |
Manuel Pégourié-Gonnard | 7ee6f0e | 2014-02-13 10:54:07 +0100 | [diff] [blame] | 845 | unsigned char *out_hdr; /*!< start of record header */ |
| 846 | unsigned char *out_len; /*!< two-bytes message length field */ |
| 847 | unsigned char *out_iv; /*!< ivlen-byte IV */ |
Paul Bakker | 92be97b | 2013-01-02 17:30:03 +0100 | [diff] [blame] | 848 | unsigned char *out_msg; /*!< message contents (out_iv+ivlen) */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 849 | |
| 850 | int out_msgtype; /*!< record header: message type */ |
Paul Bakker | 23986e5 | 2011-04-24 08:57:21 +0000 | [diff] [blame] | 851 | size_t out_msglen; /*!< record header: message length */ |
| 852 | size_t out_left; /*!< amount of data not yet written */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 853 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 854 | #if defined(MBEDTLS_ZLIB_SUPPORT) |
Paul Bakker | 1677033 | 2013-10-11 09:59:44 +0200 | [diff] [blame] | 855 | unsigned char *compress_buf; /*!< zlib data buffer */ |
| 856 | #endif |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 857 | #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) |
Manuel Pégourié-Gonnard | 17eab2b | 2015-05-05 16:34:53 +0100 | [diff] [blame] | 858 | signed char split_done; /*!< current record already splitted? */ |
Manuel Pégourié-Gonnard | d76314c | 2015-01-07 12:39:44 +0100 | [diff] [blame] | 859 | #endif |
Manuel Pégourié-Gonnard | 8b46459 | 2013-07-16 12:45:26 +0200 | [diff] [blame] | 860 | |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 861 | /* |
| 862 | * PKI layer |
| 863 | */ |
Manuel Pégourié-Gonnard | 7ca4e4d | 2015-05-04 10:55:58 +0200 | [diff] [blame] | 864 | int client_auth; /*!< flag for client auth. */ |
Manuel Pégourié-Gonnard | 7ca4e4d | 2015-05-04 10:55:58 +0200 | [diff] [blame] | 865 | |
Manuel Pégourié-Gonnard | 779e429 | 2013-08-03 13:50:48 +0200 | [diff] [blame] | 866 | /* |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 867 | * User settings |
| 868 | */ |
Manuel Pégourié-Gonnard | bc2b771 | 2015-05-06 11:14:19 +0100 | [diff] [blame] | 869 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| 870 | char *hostname; /*!< expected peer CN for verification |
| 871 | (and SNI if available) */ |
Paul Bakker | 0be444a | 2013-08-27 21:55:01 +0200 | [diff] [blame] | 872 | #endif |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 873 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 874 | #if defined(MBEDTLS_SSL_ALPN) |
Manuel Pégourié-Gonnard | 7e250d4 | 2014-04-04 16:08:41 +0200 | [diff] [blame] | 875 | const char *alpn_chosen; /*!< negotiated protocol */ |
| 876 | #endif |
| 877 | |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 878 | /* |
Manuel Pégourié-Gonnard | d485d19 | 2014-07-23 14:56:15 +0200 | [diff] [blame] | 879 | * Information for DTLS hello verify |
Manuel Pégourié-Gonnard | 43c0218 | 2014-07-22 17:32:01 +0200 | [diff] [blame] | 880 | */ |
Manuel Pégourié-Gonnard | e057d3b | 2015-05-20 10:59:43 +0200 | [diff] [blame] | 881 | #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) |
Manuel Pégourié-Gonnard | 43c0218 | 2014-07-22 17:32:01 +0200 | [diff] [blame] | 882 | unsigned char *cli_id; /*!< transport-level ID of the client */ |
| 883 | size_t cli_id_len; /*!< length of cli_id */ |
| 884 | #endif |
| 885 | |
| 886 | /* |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 887 | * Secure renegotiation |
| 888 | */ |
Manuel Pégourié-Gonnard | 3b2c0d6 | 2015-03-10 13:20:49 +0000 | [diff] [blame] | 889 | /* needed to know when to send extension on server */ |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 890 | int secure_renegotiation; /*!< does peer support legacy or |
| 891 | secure renegotiation */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 892 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 893 | size_t verify_data_len; /*!< length of verify data stored */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 894 | char own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ |
| 895 | char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ |
Manuel Pégourié-Gonnard | 615e677 | 2014-11-03 08:23:14 +0100 | [diff] [blame] | 896 | #endif |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 897 | }; |
| 898 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 899 | #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) |
Paul Bakker | 07eb38b | 2012-12-19 14:42:06 +0100 | [diff] [blame] | 900 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 901 | #define MBEDTLS_SSL_CHANNEL_OUTBOUND 0 |
| 902 | #define MBEDTLS_SSL_CHANNEL_INBOUND 1 |
Paul Bakker | 07eb38b | 2012-12-19 14:42:06 +0100 | [diff] [blame] | 903 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 904 | extern int (*mbedtls_ssl_hw_record_init)(mbedtls_ssl_context *ssl, |
Paul Bakker | 05ef835 | 2012-05-08 09:17:57 +0000 | [diff] [blame] | 905 | const unsigned char *key_enc, const unsigned char *key_dec, |
Paul Bakker | 07eb38b | 2012-12-19 14:42:06 +0100 | [diff] [blame] | 906 | size_t keylen, |
Paul Bakker | 05ef835 | 2012-05-08 09:17:57 +0000 | [diff] [blame] | 907 | const unsigned char *iv_enc, const unsigned char *iv_dec, |
Paul Bakker | 07eb38b | 2012-12-19 14:42:06 +0100 | [diff] [blame] | 908 | size_t ivlen, |
| 909 | const unsigned char *mac_enc, const unsigned char *mac_dec, |
| 910 | size_t maclen); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 911 | extern int (*mbedtls_ssl_hw_record_activate)(mbedtls_ssl_context *ssl, int direction); |
| 912 | extern int (*mbedtls_ssl_hw_record_reset)(mbedtls_ssl_context *ssl); |
| 913 | extern int (*mbedtls_ssl_hw_record_write)(mbedtls_ssl_context *ssl); |
| 914 | extern int (*mbedtls_ssl_hw_record_read)(mbedtls_ssl_context *ssl); |
| 915 | extern int (*mbedtls_ssl_hw_record_finish)(mbedtls_ssl_context *ssl); |
| 916 | #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ |
Paul Bakker | 05ef835 | 2012-05-08 09:17:57 +0000 | [diff] [blame] | 917 | |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 918 | /** |
Paul Bakker | e3166ce | 2011-01-27 17:40:50 +0000 | [diff] [blame] | 919 | * \brief Returns the list of ciphersuites supported by the SSL/TLS module. |
Paul Bakker | 72f6266 | 2011-01-16 21:27:44 +0000 | [diff] [blame] | 920 | * |
Paul Bakker | e3166ce | 2011-01-27 17:40:50 +0000 | [diff] [blame] | 921 | * \return a statically allocated array of ciphersuites, the last |
| 922 | * entry is 0. |
Paul Bakker | 72f6266 | 2011-01-16 21:27:44 +0000 | [diff] [blame] | 923 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 924 | const int *mbedtls_ssl_list_ciphersuites( void ); |
Paul Bakker | 72f6266 | 2011-01-16 21:27:44 +0000 | [diff] [blame] | 925 | |
| 926 | /** |
Paul Bakker | b9e4e2c | 2014-05-01 14:18:25 +0200 | [diff] [blame] | 927 | * \brief Return the name of the ciphersuite associated with the |
| 928 | * given ID |
Paul Bakker | 72f6266 | 2011-01-16 21:27:44 +0000 | [diff] [blame] | 929 | * |
Paul Bakker | e3166ce | 2011-01-27 17:40:50 +0000 | [diff] [blame] | 930 | * \param ciphersuite_id SSL ciphersuite ID |
Paul Bakker | 72f6266 | 2011-01-16 21:27:44 +0000 | [diff] [blame] | 931 | * |
Paul Bakker | e3166ce | 2011-01-27 17:40:50 +0000 | [diff] [blame] | 932 | * \return a string containing the ciphersuite name |
Paul Bakker | 72f6266 | 2011-01-16 21:27:44 +0000 | [diff] [blame] | 933 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 934 | const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ); |
Paul Bakker | e3166ce | 2011-01-27 17:40:50 +0000 | [diff] [blame] | 935 | |
| 936 | /** |
Paul Bakker | b9e4e2c | 2014-05-01 14:18:25 +0200 | [diff] [blame] | 937 | * \brief Return the ID of the ciphersuite associated with the |
| 938 | * given name |
Paul Bakker | e3166ce | 2011-01-27 17:40:50 +0000 | [diff] [blame] | 939 | * |
| 940 | * \param ciphersuite_name SSL ciphersuite name |
| 941 | * |
| 942 | * \return the ID with the ciphersuite or 0 if not found |
| 943 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 944 | int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ); |
Paul Bakker | 72f6266 | 2011-01-16 21:27:44 +0000 | [diff] [blame] | 945 | |
| 946 | /** |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 947 | * \brief Initialize an SSL context |
Tillmann Karras | 588ad50 | 2015-09-25 04:27:22 +0200 | [diff] [blame] | 948 | * Just makes the context ready for mbedtls_ssl_setup() or |
Manuel Pégourié-Gonnard | 41d479e | 2015-04-29 00:48:22 +0200 | [diff] [blame] | 949 | * mbedtls_ssl_free() |
| 950 | * |
| 951 | * \param ssl SSL context |
| 952 | */ |
| 953 | void mbedtls_ssl_init( mbedtls_ssl_context *ssl ); |
| 954 | |
| 955 | /** |
| 956 | * \brief Set up an SSL context for use |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 957 | * |
Manuel Pégourié-Gonnard | 06939ce | 2015-05-11 11:25:46 +0200 | [diff] [blame] | 958 | * \note No copy of the configuration context is made, it can be |
Manuel Pégourié-Gonnard | 151dc77 | 2015-05-14 13:55:51 +0200 | [diff] [blame] | 959 | * shared by many mbedtls_ssl_context structures. |
Manuel Pégourié-Gonnard | 06939ce | 2015-05-11 11:25:46 +0200 | [diff] [blame] | 960 | * |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 961 | * \warning Modifying the conf structure after it has been used in this |
Manuel Pégourié-Gonnard | 06939ce | 2015-05-11 11:25:46 +0200 | [diff] [blame] | 962 | * function is unsupported! |
| 963 | * |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 964 | * \param ssl SSL context |
Manuel Pégourié-Gonnard | def0bbe | 2015-05-04 14:56:36 +0200 | [diff] [blame] | 965 | * \param conf SSL configuration to use |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 966 | * |
Manuel Pégourié-Gonnard | 6a8ca33 | 2015-05-28 09:33:39 +0200 | [diff] [blame] | 967 | * \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED if |
Paul Bakker | 69e095c | 2011-12-10 21:55:01 +0000 | [diff] [blame] | 968 | * memory allocation failed |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 969 | */ |
Manuel Pégourié-Gonnard | def0bbe | 2015-05-04 14:56:36 +0200 | [diff] [blame] | 970 | int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, |
Manuel Pégourié-Gonnard | 1897af9 | 2015-05-10 23:27:38 +0200 | [diff] [blame] | 971 | const mbedtls_ssl_config *conf ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 972 | |
| 973 | /** |
Paul Bakker | 7eb013f | 2011-10-06 12:37:39 +0000 | [diff] [blame] | 974 | * \brief Reset an already initialized SSL context for re-use |
| 975 | * while retaining application-set variables, function |
| 976 | * pointers and data. |
| 977 | * |
| 978 | * \param ssl SSL context |
Attila Molnar | 0b98d2f | 2016-05-02 11:06:47 +0200 | [diff] [blame] | 979 | * \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 980 | MBEDTLS_ERR_SSL_HW_ACCEL_FAILED or |
| 981 | * MBEDTLS_ERR_SSL_COMPRESSION_FAILED |
Paul Bakker | 7eb013f | 2011-10-06 12:37:39 +0000 | [diff] [blame] | 982 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 983 | int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ); |
Paul Bakker | 7eb013f | 2011-10-06 12:37:39 +0000 | [diff] [blame] | 984 | |
| 985 | /** |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 986 | * \brief Set the current endpoint type |
| 987 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 988 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 989 | * \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 990 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 991 | void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 992 | |
| 993 | /** |
Manuel Pégourié-Gonnard | 8fa6dfd | 2014-09-17 10:47:43 +0200 | [diff] [blame] | 994 | * \brief Set the transport type (TLS or DTLS). |
| 995 | * Default: TLS |
Manuel Pégourié-Gonnard | 0b1ff29 | 2014-02-06 13:04:16 +0100 | [diff] [blame] | 996 | * |
Manuel Pégourié-Gonnard | 01e5e8c | 2015-05-11 10:11:56 +0200 | [diff] [blame] | 997 | * \note For DTLS, you must either provide a recv callback that |
| 998 | * doesn't block, or one that handles timeouts, see |
Manuel Pégourié-Gonnard | bbd28f7 | 2015-05-13 10:21:19 +0200 | [diff] [blame] | 999 | * \c mbedtls_ssl_set_bio(). You also need to provide timer |
| 1000 | * callbacks with \c mbedtls_ssl_set_timer_cb(). |
Manuel Pégourié-Gonnard | 01e5e8c | 2015-05-11 10:11:56 +0200 | [diff] [blame] | 1001 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1002 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 0b1ff29 | 2014-02-06 13:04:16 +0100 | [diff] [blame] | 1003 | * \param transport transport type: |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1004 | * MBEDTLS_SSL_TRANSPORT_STREAM for TLS, |
| 1005 | * MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS. |
Manuel Pégourié-Gonnard | 0b1ff29 | 2014-02-06 13:04:16 +0100 | [diff] [blame] | 1006 | */ |
Manuel Pégourié-Gonnard | 01e5e8c | 2015-05-11 10:11:56 +0200 | [diff] [blame] | 1007 | void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ); |
Manuel Pégourié-Gonnard | 0b1ff29 | 2014-02-06 13:04:16 +0100 | [diff] [blame] | 1008 | |
| 1009 | /** |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1010 | * \brief Set the certificate verification mode |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1011 | * Default: NONE on server, REQUIRED on client |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1012 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1013 | * \param conf SSL configuration |
Paul Bakker | 37ca75d | 2011-01-06 12:28:03 +0000 | [diff] [blame] | 1014 | * \param authmode can be: |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1015 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1016 | * MBEDTLS_SSL_VERIFY_NONE: peer certificate is not checked |
Manuel Pégourié-Gonnard | fa44f20 | 2015-03-27 17:52:25 +0100 | [diff] [blame] | 1017 | * (default on server) |
| 1018 | * (insecure on client) |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1019 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1020 | * MBEDTLS_SSL_VERIFY_OPTIONAL: peer certificate is checked, however the |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1021 | * handshake continues even if verification failed; |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1022 | * mbedtls_ssl_get_verify_result() can be called after the |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1023 | * handshake is complete. |
| 1024 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1025 | * MBEDTLS_SSL_VERIFY_REQUIRED: peer *must* present a valid certificate, |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1026 | * handshake is aborted if verification failed. |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 1027 | * (default on client) |
Manuel Pégourié-Gonnard | e2ce211 | 2014-03-11 10:50:48 +0100 | [diff] [blame] | 1028 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1029 | * \note On client, MBEDTLS_SSL_VERIFY_REQUIRED is the recommended mode. |
| 1030 | * With MBEDTLS_SSL_VERIFY_OPTIONAL, the user needs to call mbedtls_ssl_get_verify_result() at |
Manuel Pégourié-Gonnard | e2ce211 | 2014-03-11 10:50:48 +0100 | [diff] [blame] | 1031 | * the right time(s), which may not be obvious, while REQUIRED always perform |
| 1032 | * the verification as soon as possible. For example, REQUIRED was protecting |
| 1033 | * against the "triple handshake" attack even before it was found. |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1034 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1035 | void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1036 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1037 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1038 | /** |
Paul Bakker | b63b0af | 2011-01-13 17:54:59 +0000 | [diff] [blame] | 1039 | * \brief Set the verification callback (Optional). |
| 1040 | * |
Paul Bakker | 915275b | 2012-09-28 07:10:55 +0000 | [diff] [blame] | 1041 | * If set, the verify callback is called for each |
| 1042 | * certificate in the chain. For implementation |
| 1043 | * information, please see \c x509parse_verify() |
Paul Bakker | b63b0af | 2011-01-13 17:54:59 +0000 | [diff] [blame] | 1044 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1045 | * \param conf SSL configuration |
Paul Bakker | b63b0af | 2011-01-13 17:54:59 +0000 | [diff] [blame] | 1046 | * \param f_vrfy verification function |
| 1047 | * \param p_vrfy verification parameter |
| 1048 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1049 | void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | e6ef16f | 2015-05-11 19:54:43 +0200 | [diff] [blame] | 1050 | int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), |
Paul Bakker | b63b0af | 2011-01-13 17:54:59 +0000 | [diff] [blame] | 1051 | void *p_vrfy ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1052 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
Paul Bakker | b63b0af | 2011-01-13 17:54:59 +0000 | [diff] [blame] | 1053 | |
| 1054 | /** |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1055 | * \brief Set the random number generator callback |
| 1056 | * |
Manuel Pégourié-Gonnard | 750e4d7 | 2015-05-07 12:35:38 +0100 | [diff] [blame] | 1057 | * \param conf SSL configuration |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1058 | * \param f_rng RNG function |
| 1059 | * \param p_rng RNG parameter |
| 1060 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1061 | void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, |
Paul Bakker | a3d195c | 2011-11-27 21:07:34 +0000 | [diff] [blame] | 1062 | int (*f_rng)(void *, unsigned char *, size_t), |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1063 | void *p_rng ); |
| 1064 | |
| 1065 | /** |
| 1066 | * \brief Set the debug callback |
| 1067 | * |
Manuel Pégourié-Gonnard | fd47423 | 2015-06-23 16:34:24 +0200 | [diff] [blame] | 1068 | * The callback has the following argument: |
| 1069 | * void * opaque context for the callback |
| 1070 | * int debug level |
| 1071 | * const char * file name |
| 1072 | * int line number |
| 1073 | * const char * message |
| 1074 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1075 | * \param conf SSL configuration |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1076 | * \param f_dbg debug function |
| 1077 | * \param p_dbg debug parameter |
| 1078 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1079 | void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | fd47423 | 2015-06-23 16:34:24 +0200 | [diff] [blame] | 1080 | void (*f_dbg)(void *, int, const char *, int, const char *), |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1081 | void *p_dbg ); |
| 1082 | |
Manuel Pégourié-Gonnard | 8fa6dfd | 2014-09-17 10:47:43 +0200 | [diff] [blame] | 1083 | /** |
| 1084 | * \brief Set the underlying BIO callbacks for write, read and |
| 1085 | * read-with-timeout. |
| 1086 | * |
| 1087 | * \param ssl SSL context |
| 1088 | * \param p_bio parameter (context) shared by BIO callbacks |
| 1089 | * \param f_send write callback |
| 1090 | * \param f_recv read callback |
Manuel Pégourié-Gonnard | 8836994 | 2015-05-06 16:19:31 +0100 | [diff] [blame] | 1091 | * \param f_recv_timeout blocking read callback with timeout. |
Manuel Pégourié-Gonnard | 8fa6dfd | 2014-09-17 10:47:43 +0200 | [diff] [blame] | 1092 | * |
Manuel Pégourié-Gonnard | bbd28f7 | 2015-05-13 10:21:19 +0200 | [diff] [blame] | 1093 | * \note One of f_recv or f_recv_timeout can be NULL, in which case |
| 1094 | * the other is used. If both are non-NULL, f_recv_timeout is |
| 1095 | * used and f_recv is ignored (as if it were NULL). |
Manuel Pégourié-Gonnard | 8fa6dfd | 2014-09-17 10:47:43 +0200 | [diff] [blame] | 1096 | * |
Manuel Pégourié-Gonnard | bbd28f7 | 2015-05-13 10:21:19 +0200 | [diff] [blame] | 1097 | * \note The two most common use cases are: |
| 1098 | * - non-blocking I/O, f_recv != NULL, f_recv_timeout == NULL |
| 1099 | * - blocking I/O, f_recv == NULL, f_recv_timout != NULL |
| 1100 | * |
| 1101 | * \note For DTLS, you need to provide either a non-NULL |
| 1102 | * f_recv_timeout callback, or a f_recv that doesn't block. |
Manuel Pégourié-Gonnard | d13b950 | 2016-02-22 09:33:52 +0100 | [diff] [blame] | 1103 | * |
| 1104 | * \note See the documentations of \c mbedtls_ssl_sent_t, |
| 1105 | * \c mbedtls_ssl_recv_t and \c mbedtls_ssl_recv_timeout_t for |
Simon Butcher | d567a23 | 2016-03-09 20:19:21 +0000 | [diff] [blame] | 1106 | * the conventions those callbacks must follow. |
Manuel Pégourié-Gonnard | d13b950 | 2016-02-22 09:33:52 +0100 | [diff] [blame] | 1107 | * |
| 1108 | * \note On some platforms, net.c provides \c mbedtls_net_send(), |
| 1109 | * \c mbedtls_net_recv() and \c mbedtls_net_recv_timeout() |
| 1110 | * that are suitable to be used here. |
Manuel Pégourié-Gonnard | 8fa6dfd | 2014-09-17 10:47:43 +0200 | [diff] [blame] | 1111 | */ |
Manuel Pégourié-Gonnard | 1b511f9 | 2015-05-06 15:54:23 +0100 | [diff] [blame] | 1112 | void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, |
Manuel Pégourié-Gonnard | d13b950 | 2016-02-22 09:33:52 +0100 | [diff] [blame] | 1113 | void *p_bio, |
| 1114 | mbedtls_ssl_send_t *f_send, |
| 1115 | mbedtls_ssl_recv_t *f_recv, |
| 1116 | mbedtls_ssl_recv_timeout_t *f_recv_timeout ); |
Manuel Pégourié-Gonnard | 97fd52c | 2015-05-06 15:38:52 +0100 | [diff] [blame] | 1117 | |
| 1118 | /** |
| 1119 | * \brief Set the timeout period for mbedtls_ssl_read() |
| 1120 | * (Default: no timeout.) |
| 1121 | * |
| 1122 | * \param conf SSL configuration context |
| 1123 | * \param timeout Timeout value in milliseconds. |
| 1124 | * Use 0 for no timeout (default). |
| 1125 | * |
| 1126 | * \note With blocking I/O, this will only work if a non-NULL |
Manuel Pégourié-Gonnard | 1b511f9 | 2015-05-06 15:54:23 +0100 | [diff] [blame] | 1127 | * \c f_recv_timeout was set with \c mbedtls_ssl_set_bio(). |
Manuel Pégourié-Gonnard | bbd28f7 | 2015-05-13 10:21:19 +0200 | [diff] [blame] | 1128 | * With non-blocking I/O, this will only work if timer |
| 1129 | * callbacks were set with \c mbedtls_ssl_set_timer_cb(). |
| 1130 | * |
| 1131 | * \note With non-blocking I/O, you may also skip this function |
| 1132 | * altogether and handle timeouts at the application layer. |
Manuel Pégourié-Gonnard | 97fd52c | 2015-05-06 15:38:52 +0100 | [diff] [blame] | 1133 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1134 | void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); |
Manuel Pégourié-Gonnard | 8fa6dfd | 2014-09-17 10:47:43 +0200 | [diff] [blame] | 1135 | |
Manuel Pégourié-Gonnard | 2e01291 | 2015-05-12 20:55:41 +0200 | [diff] [blame] | 1136 | /** |
Manuel Pégourié-Gonnard | d13b950 | 2016-02-22 09:33:52 +0100 | [diff] [blame] | 1137 | * \brief Set the timer callbacks (Mandatory for DTLS.) |
Manuel Pégourié-Gonnard | 2e01291 | 2015-05-12 20:55:41 +0200 | [diff] [blame] | 1138 | * |
| 1139 | * \param ssl SSL context |
Manuel Pégourié-Gonnard | d13b950 | 2016-02-22 09:33:52 +0100 | [diff] [blame] | 1140 | * \param p_timer parameter (context) shared by timer callbacks |
Manuel Pégourié-Gonnard | 2e01291 | 2015-05-12 20:55:41 +0200 | [diff] [blame] | 1141 | * \param f_set_timer set timer callback |
Manuel Pégourié-Gonnard | 2e01291 | 2015-05-12 20:55:41 +0200 | [diff] [blame] | 1142 | * \param f_get_timer get timer callback. Must return: |
Manuel Pégourié-Gonnard | d13b950 | 2016-02-22 09:33:52 +0100 | [diff] [blame] | 1143 | * |
| 1144 | * \note See the documentation of \c mbedtls_ssl_set_timer_t and |
| 1145 | * \c mbedtls_ssl_get_timer_t for the conventions this pair of |
| 1146 | * callbacks must fallow. |
| 1147 | * |
| 1148 | * \note On some platforms, timing.c provides |
| 1149 | * \c mbedtls_timing_set_delay() and |
| 1150 | * \c mbedtls_timing_get_delay() that are suitable for using |
| 1151 | * here, except if using an event-driven style. |
| 1152 | * |
| 1153 | * \note See also the "DTLS tutorial" article in our knowledge base. |
Manuel Pégourié-Gonnard | 02049dc | 2016-02-22 16:42:51 +0000 | [diff] [blame] | 1154 | * https://tls.mbed.org/kb/how-to/dtls-tutorial |
Manuel Pégourié-Gonnard | 2e01291 | 2015-05-12 20:55:41 +0200 | [diff] [blame] | 1155 | */ |
| 1156 | void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, |
| 1157 | void *p_timer, |
Manuel Pégourié-Gonnard | d13b950 | 2016-02-22 09:33:52 +0100 | [diff] [blame] | 1158 | mbedtls_ssl_set_timer_t *f_set_timer, |
| 1159 | mbedtls_ssl_get_timer_t *f_get_timer ); |
Manuel Pégourié-Gonnard | 2e01291 | 2015-05-12 20:55:41 +0200 | [diff] [blame] | 1160 | |
Manuel Pégourié-Gonnard | d59675d | 2015-05-19 15:28:00 +0200 | [diff] [blame] | 1161 | /** |
| 1162 | * \brief Callback type: generate and write session ticket |
| 1163 | * |
| 1164 | * \note This describes what a callback implementation should do. |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 1165 | * This callback should generate an encrypted and |
Manuel Pégourié-Gonnard | d59675d | 2015-05-19 15:28:00 +0200 | [diff] [blame] | 1166 | * authenticated ticket for the session and write it to the |
| 1167 | * output buffer. Here, ticket means the opaque ticket part |
| 1168 | * of the NewSessionTicket structure of RFC 5077. |
| 1169 | * |
| 1170 | * \param p_ticket Context for the callback |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 1171 | * \param session SSL session to be written in the ticket |
| 1172 | * \param start Start of the output buffer |
Manuel Pégourié-Gonnard | d59675d | 2015-05-19 15:28:00 +0200 | [diff] [blame] | 1173 | * \param end End of the output buffer |
| 1174 | * \param tlen On exit, holds the length written |
| 1175 | * \param lifetime On exit, holds the lifetime of the ticket in seconds |
| 1176 | * |
| 1177 | * \return 0 if successful, or |
| 1178 | * a specific MBEDTLS_ERR_XXX code. |
| 1179 | */ |
| 1180 | typedef int mbedtls_ssl_ticket_write_t( void *p_ticket, |
| 1181 | const mbedtls_ssl_session *session, |
| 1182 | unsigned char *start, |
| 1183 | const unsigned char *end, |
| 1184 | size_t *tlen, |
| 1185 | uint32_t *lifetime ); |
| 1186 | |
Robert Cragie | 4feb7ae | 2015-10-02 13:33:37 +0100 | [diff] [blame] | 1187 | #if defined(MBEDTLS_SSL_EXPORT_KEYS) |
| 1188 | /** |
Manuel Pégourié-Gonnard | 024b6df | 2015-10-19 13:52:53 +0200 | [diff] [blame] | 1189 | * \brief Callback type: Export key block and master secret |
Robert Cragie | 4feb7ae | 2015-10-02 13:33:37 +0100 | [diff] [blame] | 1190 | * |
| 1191 | * \note This is required for certain uses of TLS, e.g. EAP-TLS |
Manuel Pégourié-Gonnard | 024b6df | 2015-10-19 13:52:53 +0200 | [diff] [blame] | 1192 | * (RFC 5216) and Thread. The key pointers are ephemeral and |
| 1193 | * therefore must not be stored. The master secret and keys |
| 1194 | * should not be used directly except as an input to a key |
| 1195 | * derivation function. |
Robert Cragie | 4feb7ae | 2015-10-02 13:33:37 +0100 | [diff] [blame] | 1196 | * |
| 1197 | * \param p_expkey Context for the callback |
Manuel Pégourié-Gonnard | 024b6df | 2015-10-19 13:52:53 +0200 | [diff] [blame] | 1198 | * \param ms Pointer to master secret (fixed length: 48 bytes) |
| 1199 | * \param kb Pointer to key block, see RFC 5246 section 6.3 |
| 1200 | * (variable length: 2 * maclen + 2 * keylen + 2 * ivlen). |
Robert Cragie | 4feb7ae | 2015-10-02 13:33:37 +0100 | [diff] [blame] | 1201 | * \param maclen MAC length |
| 1202 | * \param keylen Key length |
| 1203 | * \param ivlen IV length |
| 1204 | * |
| 1205 | * \return 0 if successful, or |
| 1206 | * a specific MBEDTLS_ERR_XXX code. |
| 1207 | */ |
| 1208 | typedef int mbedtls_ssl_export_keys_t( void *p_expkey, |
Manuel Pégourié-Gonnard | 024b6df | 2015-10-19 13:52:53 +0200 | [diff] [blame] | 1209 | const unsigned char *ms, |
Robert Cragie | 4feb7ae | 2015-10-02 13:33:37 +0100 | [diff] [blame] | 1210 | const unsigned char *kb, |
Robert Cragie | 4feb7ae | 2015-10-02 13:33:37 +0100 | [diff] [blame] | 1211 | size_t maclen, |
| 1212 | size_t keylen, |
| 1213 | size_t ivlen ); |
| 1214 | #endif /* MBEDTLS_SSL_EXPORT_KEYS */ |
Manuel Pégourié-Gonnard | 024b6df | 2015-10-19 13:52:53 +0200 | [diff] [blame] | 1215 | |
Manuel Pégourié-Gonnard | d59675d | 2015-05-19 15:28:00 +0200 | [diff] [blame] | 1216 | /** |
| 1217 | * \brief Callback type: parse and load session ticket |
| 1218 | * |
| 1219 | * \note This describes what a callback implementation should do. |
| 1220 | * This callback should parse a session ticket as generated |
| 1221 | * by the corresponding mbedtls_ssl_ticket_write_t function, |
| 1222 | * and, if the ticket is authentic and valid, load the |
| 1223 | * session. |
| 1224 | * |
| 1225 | * \note The implementation is allowed to modify the first len |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 1226 | * bytes of the input buffer, eg to use it as a temporary |
| 1227 | * area for the decrypted ticket contents. |
Manuel Pégourié-Gonnard | d59675d | 2015-05-19 15:28:00 +0200 | [diff] [blame] | 1228 | * |
| 1229 | * \param p_ticket Context for the callback |
| 1230 | * \param session SSL session to be loaded |
| 1231 | * \param buf Start of the buffer containing the ticket |
| 1232 | * \param len Length of the ticket. |
| 1233 | * |
| 1234 | * \return 0 if successful, or |
| 1235 | * MBEDTLS_ERR_SSL_INVALID_MAC if not authentic, or |
| 1236 | * MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED if expired, or |
| 1237 | * any other non-zero code for other failures. |
| 1238 | */ |
| 1239 | typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket, |
| 1240 | mbedtls_ssl_session *session, |
| 1241 | unsigned char *buf, |
| 1242 | size_t len ); |
| 1243 | |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 1244 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) |
Manuel Pégourié-Gonnard | d59675d | 2015-05-19 15:28:00 +0200 | [diff] [blame] | 1245 | /** |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 1246 | * \brief Configure SSL session ticket callbacks (server only). |
| 1247 | * (Default: none.) |
| 1248 | * |
| 1249 | * \note On server, session tickets are enabled by providing |
| 1250 | * non-NULL callbacks. |
| 1251 | * |
Manuel Pégourié-Gonnard | 1b1e65f | 2015-06-11 13:29:15 +0200 | [diff] [blame] | 1252 | * \note On client, use \c mbedtls_ssl_conf_session_tickets(). |
Manuel Pégourié-Gonnard | d59675d | 2015-05-19 15:28:00 +0200 | [diff] [blame] | 1253 | * |
| 1254 | * \param conf SSL configuration context |
| 1255 | * \param f_ticket_write Callback for writing a ticket |
| 1256 | * \param f_ticket_parse Callback for parsing a ticket |
| 1257 | * \param p_ticket Context shared by the two callbacks |
| 1258 | */ |
| 1259 | void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, |
| 1260 | mbedtls_ssl_ticket_write_t *f_ticket_write, |
| 1261 | mbedtls_ssl_ticket_parse_t *f_ticket_parse, |
| 1262 | void *p_ticket ); |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 1263 | #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ |
Manuel Pégourié-Gonnard | d59675d | 2015-05-19 15:28:00 +0200 | [diff] [blame] | 1264 | |
Robert Cragie | 4feb7ae | 2015-10-02 13:33:37 +0100 | [diff] [blame] | 1265 | #if defined(MBEDTLS_SSL_EXPORT_KEYS) |
| 1266 | /** |
| 1267 | * \brief Configure key export callback. |
| 1268 | * (Default: none.) |
| 1269 | * |
Manuel Pégourié-Gonnard | 024b6df | 2015-10-19 13:52:53 +0200 | [diff] [blame] | 1270 | * \note See \c mbedtls_ssl_export_keys_t. |
Robert Cragie | 4feb7ae | 2015-10-02 13:33:37 +0100 | [diff] [blame] | 1271 | * |
| 1272 | * \param conf SSL configuration context |
| 1273 | * \param f_export_keys Callback for exporting keys |
Manuel Pégourié-Gonnard | 024b6df | 2015-10-19 13:52:53 +0200 | [diff] [blame] | 1274 | * \param p_export_keys Context for the callback |
Robert Cragie | 4feb7ae | 2015-10-02 13:33:37 +0100 | [diff] [blame] | 1275 | */ |
| 1276 | void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, |
| 1277 | mbedtls_ssl_export_keys_t *f_export_keys, |
| 1278 | void *p_export_keys ); |
| 1279 | #endif /* MBEDTLS_SSL_EXPORT_KEYS */ |
| 1280 | |
Manuel Pégourié-Gonnard | d485d19 | 2014-07-23 14:56:15 +0200 | [diff] [blame] | 1281 | /** |
| 1282 | * \brief Callback type: generate a cookie |
| 1283 | * |
| 1284 | * \param ctx Context for the callback |
| 1285 | * \param p Buffer to write to, |
| 1286 | * must be updated to point right after the cookie |
| 1287 | * \param end Pointer to one past the end of the output buffer |
| 1288 | * \param info Client ID info that was passed to |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1289 | * \c mbedtls_ssl_set_client_transport_id() |
Manuel Pégourié-Gonnard | d485d19 | 2014-07-23 14:56:15 +0200 | [diff] [blame] | 1290 | * \param ilen Length of info in bytes |
| 1291 | * |
| 1292 | * \return The callback must return 0 on success, |
| 1293 | * or a negative error code. |
| 1294 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1295 | typedef int mbedtls_ssl_cookie_write_t( void *ctx, |
Manuel Pégourié-Gonnard | d485d19 | 2014-07-23 14:56:15 +0200 | [diff] [blame] | 1296 | unsigned char **p, unsigned char *end, |
| 1297 | const unsigned char *info, size_t ilen ); |
| 1298 | |
| 1299 | /** |
| 1300 | * \brief Callback type: verify a cookie |
| 1301 | * |
| 1302 | * \param ctx Context for the callback |
| 1303 | * \param cookie Cookie to verify |
| 1304 | * \param clen Length of cookie |
| 1305 | * \param info Client ID info that was passed to |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1306 | * \c mbedtls_ssl_set_client_transport_id() |
Manuel Pégourié-Gonnard | d485d19 | 2014-07-23 14:56:15 +0200 | [diff] [blame] | 1307 | * \param ilen Length of info in bytes |
| 1308 | * |
| 1309 | * \return The callback must return 0 if cookie is valid, |
| 1310 | * or a negative error code. |
| 1311 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1312 | typedef int mbedtls_ssl_cookie_check_t( void *ctx, |
Manuel Pégourié-Gonnard | d485d19 | 2014-07-23 14:56:15 +0200 | [diff] [blame] | 1313 | const unsigned char *cookie, size_t clen, |
| 1314 | const unsigned char *info, size_t ilen ); |
| 1315 | |
Manuel Pégourié-Gonnard | e057d3b | 2015-05-20 10:59:43 +0200 | [diff] [blame] | 1316 | #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) |
Manuel Pégourié-Gonnard | d485d19 | 2014-07-23 14:56:15 +0200 | [diff] [blame] | 1317 | /** |
| 1318 | * \brief Register callbacks for DTLS cookies |
| 1319 | * (Server only. DTLS only.) |
| 1320 | * |
Manuel Pégourié-Gonnard | b48ef9c | 2015-05-28 15:24:25 +0200 | [diff] [blame] | 1321 | * Default: dummy callbacks that fail, in order to force you to |
Manuel Pégourié-Gonnard | 7d38d21 | 2014-07-23 17:52:09 +0200 | [diff] [blame] | 1322 | * register working callbacks (and initialize their context). |
| 1323 | * |
| 1324 | * To disable HelloVerifyRequest, register NULL callbacks. |
| 1325 | * |
| 1326 | * \warning Disabling hello verification allows your server to be used |
| 1327 | * for amplification in DoS attacks against other hosts. |
| 1328 | * Only disable if you known this can't happen in your |
| 1329 | * particular environment. |
| 1330 | * |
Manuel Pégourié-Gonnard | b48ef9c | 2015-05-28 15:24:25 +0200 | [diff] [blame] | 1331 | * \note See comments on \c mbedtls_ssl_handshake() about handling |
| 1332 | * the MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED that is expected |
| 1333 | * on the first handshake attempt when this is enabled. |
| 1334 | * |
Manuel Pégourié-Gonnard | 3a2a448 | 2015-09-08 15:36:09 +0200 | [diff] [blame] | 1335 | * \note This is also necessary to handle client reconnection from |
| 1336 | * the same port as described in RFC 6347 section 4.2.8 (only |
| 1337 | * the variant with cookies is supported currently). See |
| 1338 | * comments on \c mbedtls_ssl_read() for details. |
| 1339 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1340 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | d485d19 | 2014-07-23 14:56:15 +0200 | [diff] [blame] | 1341 | * \param f_cookie_write Cookie write callback |
| 1342 | * \param f_cookie_check Cookie check callback |
| 1343 | * \param p_cookie Context for both callbacks |
| 1344 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1345 | void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1346 | mbedtls_ssl_cookie_write_t *f_cookie_write, |
| 1347 | mbedtls_ssl_cookie_check_t *f_cookie_check, |
Manuel Pégourié-Gonnard | d485d19 | 2014-07-23 14:56:15 +0200 | [diff] [blame] | 1348 | void *p_cookie ); |
Manuel Pégourié-Gonnard | e057d3b | 2015-05-20 10:59:43 +0200 | [diff] [blame] | 1349 | |
| 1350 | /** |
| 1351 | * \brief Set client's transport-level identification info. |
| 1352 | * (Server only. DTLS only.) |
| 1353 | * |
| 1354 | * This is usually the IP address (and port), but could be |
| 1355 | * anything identify the client depending on the underlying |
| 1356 | * network stack. Used for HelloVerifyRequest with DTLS. |
| 1357 | * This is *not* used to route the actual packets. |
| 1358 | * |
| 1359 | * \param ssl SSL context |
| 1360 | * \param info Transport-level info identifying the client (eg IP + port) |
| 1361 | * \param ilen Length of info in bytes |
| 1362 | * |
| 1363 | * \note An internal copy is made, so the info buffer can be reused. |
| 1364 | * |
| 1365 | * \return 0 on success, |
| 1366 | * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used on client, |
Manuel Pégourié-Gonnard | 6a8ca33 | 2015-05-28 09:33:39 +0200 | [diff] [blame] | 1367 | * MBEDTLS_ERR_SSL_ALLOC_FAILED if out of memory. |
Manuel Pégourié-Gonnard | e057d3b | 2015-05-20 10:59:43 +0200 | [diff] [blame] | 1368 | */ |
| 1369 | int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, |
| 1370 | const unsigned char *info, |
| 1371 | size_t ilen ); |
| 1372 | |
| 1373 | #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ |
Manuel Pégourié-Gonnard | 43c0218 | 2014-07-22 17:32:01 +0200 | [diff] [blame] | 1374 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1375 | #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) |
Manuel Pégourié-Gonnard | 2739313 | 2014-09-24 14:41:11 +0200 | [diff] [blame] | 1376 | /** |
| 1377 | * \brief Enable or disable anti-replay protection for DTLS. |
| 1378 | * (DTLS only, no effect on TLS.) |
Manuel Pégourié-Gonnard | a6fcffe | 2014-10-13 18:15:52 +0200 | [diff] [blame] | 1379 | * Default: enabled. |
Manuel Pégourié-Gonnard | 2739313 | 2014-09-24 14:41:11 +0200 | [diff] [blame] | 1380 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1381 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1382 | * \param mode MBEDTLS_SSL_ANTI_REPLAY_ENABLED or MBEDTLS_SSL_ANTI_REPLAY_DISABLED. |
Manuel Pégourié-Gonnard | a6fcffe | 2014-10-13 18:15:52 +0200 | [diff] [blame] | 1383 | * |
| 1384 | * \warning Disabling this is a security risk unless the application |
| 1385 | * protocol handles duplicated packets in a safe way. You |
| 1386 | * should not disable this without careful consideration. |
| 1387 | * However, if your application already detects duplicated |
| 1388 | * packets and needs information about them to adjust its |
| 1389 | * transmission strategy, then you'll want to disable this. |
Manuel Pégourié-Gonnard | 2739313 | 2014-09-24 14:41:11 +0200 | [diff] [blame] | 1390 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1391 | void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1392 | #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ |
Manuel Pégourié-Gonnard | 2739313 | 2014-09-24 14:41:11 +0200 | [diff] [blame] | 1393 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1394 | #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) |
Manuel Pégourié-Gonnard | b0643d1 | 2014-10-14 18:30:36 +0200 | [diff] [blame] | 1395 | /** |
| 1396 | * \brief Set a limit on the number of records with a bad MAC |
| 1397 | * before terminating the connection. |
| 1398 | * (DTLS only, no effect on TLS.) |
| 1399 | * Default: 0 (disabled). |
| 1400 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1401 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | b0643d1 | 2014-10-14 18:30:36 +0200 | [diff] [blame] | 1402 | * \param limit Limit, or 0 to disable. |
| 1403 | * |
| 1404 | * \note If the limit is N, then the connection is terminated when |
| 1405 | * the Nth non-authentic record is seen. |
| 1406 | * |
| 1407 | * \note Records with an invalid header are not counted, only the |
| 1408 | * ones going through the authentication-decryption phase. |
| 1409 | * |
| 1410 | * \note This is a security trade-off related to the fact that it's |
| 1411 | * often relatively easy for an active attacker ot inject UDP |
| 1412 | * datagrams. On one hand, setting a low limit here makes it |
| 1413 | * easier for such an attacker to forcibly terminated a |
| 1414 | * connection. On the other hand, a high limit or no limit |
| 1415 | * might make us waste resources checking authentication on |
| 1416 | * many bogus packets. |
| 1417 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1418 | void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1419 | #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ |
Manuel Pégourié-Gonnard | b0643d1 | 2014-10-14 18:30:36 +0200 | [diff] [blame] | 1420 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1421 | #if defined(MBEDTLS_SSL_PROTO_DTLS) |
Manuel Pégourié-Gonnard | 905dd24 | 2014-10-01 12:03:55 +0200 | [diff] [blame] | 1422 | /** |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 1423 | * \brief Set retransmit timeout values for the DTLS handshake. |
Manuel Pégourié-Gonnard | 905dd24 | 2014-10-01 12:03:55 +0200 | [diff] [blame] | 1424 | * (DTLS only, no effect on TLS.) |
| 1425 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1426 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 905dd24 | 2014-10-01 12:03:55 +0200 | [diff] [blame] | 1427 | * \param min Initial timeout value in milliseconds. |
| 1428 | * Default: 1000 (1 second). |
| 1429 | * \param max Maximum timeout value in milliseconds. |
| 1430 | * Default: 60000 (60 seconds). |
| 1431 | * |
| 1432 | * \note Default values are from RFC 6347 section 4.2.4.1. |
| 1433 | * |
Manuel Pégourié-Gonnard | edb1a48 | 2016-01-29 16:05:55 +0100 | [diff] [blame] | 1434 | * \note The 'min' value should typically be slightly above the |
| 1435 | * expected round-trip time to your peer, plus whatever time |
| 1436 | * it takes for the peer to process the message. For example, |
| 1437 | * if your RTT is about 600ms and you peer needs up to 1s to |
| 1438 | * do the cryptographic operations in the handshake, then you |
| 1439 | * should set 'min' slightly above 1600. Lower values of 'min' |
| 1440 | * might cause spurious resends which waste network resources, |
| 1441 | * while larger value of 'min' will increase overall latency |
| 1442 | * on unreliable network links. |
| 1443 | * |
| 1444 | * \note The more unreliable your network connection is, the larger |
| 1445 | * your max / min ratio needs to be in order to achieve |
| 1446 | * reliable handshakes. |
| 1447 | * |
| 1448 | * \note Messages are retransmitted up to log2(ceil(max/min)) times. |
| 1449 | * For example, if min = 1s and max = 5s, the retransmit plan |
| 1450 | * goes: send ... 1s -> resend ... 2s -> resend ... 4s -> |
| 1451 | * resend ... 5s -> give up and return a timeout error. |
Manuel Pégourié-Gonnard | 905dd24 | 2014-10-01 12:03:55 +0200 | [diff] [blame] | 1452 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1453 | void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1454 | #endif /* MBEDTLS_SSL_PROTO_DTLS */ |
Manuel Pégourié-Gonnard | 2739313 | 2014-09-24 14:41:11 +0200 | [diff] [blame] | 1455 | |
Manuel Pégourié-Gonnard | cc3195e | 2015-05-06 14:53:09 +0100 | [diff] [blame] | 1456 | #if defined(MBEDTLS_SSL_SRV_C) |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1457 | /** |
Paul Bakker | 0a59707 | 2012-09-25 21:55:46 +0000 | [diff] [blame] | 1458 | * \brief Set the session cache callbacks (server-side only) |
Manuel Pégourié-Gonnard | 3e94493 | 2014-11-20 18:29:41 +0100 | [diff] [blame] | 1459 | * If not set, no session resuming is done (except if session |
| 1460 | * tickets are enabled too). |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1461 | * |
Paul Bakker | 0a59707 | 2012-09-25 21:55:46 +0000 | [diff] [blame] | 1462 | * The session cache has the responsibility to check for stale |
| 1463 | * entries based on timeout. See RFC 5246 for recommendations. |
| 1464 | * |
| 1465 | * Warning: session.peer_cert is cleared by the SSL/TLS layer on |
| 1466 | * connection shutdown, so do not cache the pointer! Either set |
| 1467 | * it to NULL or make a full copy of the certificate. |
| 1468 | * |
| 1469 | * The get callback is called once during the initial handshake |
| 1470 | * to enable session resuming. The get function has the |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1471 | * following parameters: (void *parameter, mbedtls_ssl_session *session) |
Paul Bakker | 0a59707 | 2012-09-25 21:55:46 +0000 | [diff] [blame] | 1472 | * If a valid entry is found, it should fill the master of |
| 1473 | * the session object with the cached values and return 0, |
| 1474 | * return 1 otherwise. Optionally peer_cert can be set as well |
| 1475 | * if it is properly present in cache entry. |
| 1476 | * |
| 1477 | * The set callback is called once during the initial handshake |
| 1478 | * to enable session resuming after the entire handshake has |
| 1479 | * been finished. The set function has the following parameters: |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1480 | * (void *parameter, const mbedtls_ssl_session *session). The function |
Paul Bakker | 0a59707 | 2012-09-25 21:55:46 +0000 | [diff] [blame] | 1481 | * should create a cache entry for future retrieval based on |
| 1482 | * the data in the session structure and should keep in mind |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1483 | * that the mbedtls_ssl_session object presented (and all its referenced |
Paul Bakker | 0a59707 | 2012-09-25 21:55:46 +0000 | [diff] [blame] | 1484 | * data) is cleared by the SSL/TLS layer when the connection is |
| 1485 | * terminated. It is recommended to add metadata to determine if |
| 1486 | * an entry is still valid in the future. Return 0 if |
Paul Bakker | 7a2538e | 2012-11-02 10:59:36 +0000 | [diff] [blame] | 1487 | * successfully cached, return 1 otherwise. |
Paul Bakker | 0a59707 | 2012-09-25 21:55:46 +0000 | [diff] [blame] | 1488 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1489 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 5cb3308 | 2015-05-06 18:06:26 +0100 | [diff] [blame] | 1490 | * \param p_cache parmater (context) for both callbacks |
Paul Bakker | 0a59707 | 2012-09-25 21:55:46 +0000 | [diff] [blame] | 1491 | * \param f_get_cache session get callback |
Paul Bakker | 0a59707 | 2012-09-25 21:55:46 +0000 | [diff] [blame] | 1492 | * \param f_set_cache session set callback |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1493 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1494 | void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | 5cb3308 | 2015-05-06 18:06:26 +0100 | [diff] [blame] | 1495 | void *p_cache, |
| 1496 | int (*f_get_cache)(void *, mbedtls_ssl_session *), |
| 1497 | int (*f_set_cache)(void *, const mbedtls_ssl_session *) ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1498 | #endif /* MBEDTLS_SSL_SRV_C */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1499 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1500 | #if defined(MBEDTLS_SSL_CLI_C) |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1501 | /** |
Paul Bakker | 0a59707 | 2012-09-25 21:55:46 +0000 | [diff] [blame] | 1502 | * \brief Request resumption of session (client-side only) |
| 1503 | * Session data is copied from presented session structure. |
| 1504 | * |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1505 | * \param ssl SSL context |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1506 | * \param session session context |
Manuel Pégourié-Gonnard | 7471803 | 2013-07-30 12:41:56 +0200 | [diff] [blame] | 1507 | * |
Manuel Pégourié-Gonnard | 06650f6 | 2013-08-02 15:34:52 +0200 | [diff] [blame] | 1508 | * \return 0 if successful, |
Manuel Pégourié-Gonnard | 6a8ca33 | 2015-05-28 09:33:39 +0200 | [diff] [blame] | 1509 | * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1510 | * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or |
Manuel Pégourié-Gonnard | 06650f6 | 2013-08-02 15:34:52 +0200 | [diff] [blame] | 1511 | * arguments are otherwise invalid |
| 1512 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1513 | * \sa mbedtls_ssl_get_session() |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1514 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1515 | int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ); |
| 1516 | #endif /* MBEDTLS_SSL_CLI_C */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1517 | |
| 1518 | /** |
Paul Bakker | cf1d73b | 2014-01-14 14:08:13 +0100 | [diff] [blame] | 1519 | * \brief Set the list of allowed ciphersuites and the preference |
| 1520 | * order. First in the list has the highest preference. |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 1521 | * (Overrides all version-specific lists) |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1522 | * |
Manuel Pégourié-Gonnard | eecb43c | 2015-05-12 12:56:41 +0200 | [diff] [blame] | 1523 | * The ciphersuites array is not copied, and must remain |
| 1524 | * valid for the lifetime of the ssl_config. |
| 1525 | * |
Manuel Pégourié-Gonnard | b4fe3cb | 2015-01-22 16:11:05 +0000 | [diff] [blame] | 1526 | * Note: The server uses its own preferences |
| 1527 | * over the preference of the client unless |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1528 | * MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined! |
Paul Bakker | cf1d73b | 2014-01-14 14:08:13 +0100 | [diff] [blame] | 1529 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1530 | * \param conf SSL configuration |
Paul Bakker | e3166ce | 2011-01-27 17:40:50 +0000 | [diff] [blame] | 1531 | * \param ciphersuites 0-terminated list of allowed ciphersuites |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1532 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1533 | void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1534 | const int *ciphersuites ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1535 | |
| 1536 | /** |
Paul Bakker | cf1d73b | 2014-01-14 14:08:13 +0100 | [diff] [blame] | 1537 | * \brief Set the list of allowed ciphersuites and the |
| 1538 | * preference order for a specific version of the protocol. |
Paul Bakker | 8f4ddae | 2013-04-15 15:09:54 +0200 | [diff] [blame] | 1539 | * (Only useful on the server side) |
| 1540 | * |
Manuel Pégourié-Gonnard | eecb43c | 2015-05-12 12:56:41 +0200 | [diff] [blame] | 1541 | * The ciphersuites array is not copied, and must remain |
| 1542 | * valid for the lifetime of the ssl_config. |
| 1543 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1544 | * \param conf SSL configuration |
Paul Bakker | 8f4ddae | 2013-04-15 15:09:54 +0200 | [diff] [blame] | 1545 | * \param ciphersuites 0-terminated list of allowed ciphersuites |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1546 | * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 |
Paul Bakker | 8f4ddae | 2013-04-15 15:09:54 +0200 | [diff] [blame] | 1547 | * supported) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1548 | * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, |
| 1549 | * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, |
| 1550 | * MBEDTLS_SSL_MINOR_VERSION_3 supported) |
Manuel Pégourié-Gonnard | b21ca2a | 2014-02-10 13:43:33 +0100 | [diff] [blame] | 1551 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1552 | * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 |
| 1553 | * and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 |
Paul Bakker | 8f4ddae | 2013-04-15 15:09:54 +0200 | [diff] [blame] | 1554 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1555 | void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, |
Paul Bakker | 8f4ddae | 2013-04-15 15:09:54 +0200 | [diff] [blame] | 1556 | const int *ciphersuites, |
| 1557 | int major, int minor ); |
| 1558 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1559 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
Paul Bakker | 8f4ddae | 2013-04-15 15:09:54 +0200 | [diff] [blame] | 1560 | /** |
Manuel Pégourié-Gonnard | 6e3ee3a | 2015-06-17 10:58:20 +0200 | [diff] [blame] | 1561 | * \brief Set the X.509 security profile used for verification |
| 1562 | * |
Manuel Pégourié-Gonnard | 65eefc8 | 2015-10-23 14:08:48 +0200 | [diff] [blame] | 1563 | * \note The restrictions are enforced for all certificates in the |
| 1564 | * chain. However, signatures in the handshake are not covered |
| 1565 | * by this setting but by \b mbedtls_ssl_conf_sig_hashes(). |
| 1566 | * |
Manuel Pégourié-Gonnard | 6e3ee3a | 2015-06-17 10:58:20 +0200 | [diff] [blame] | 1567 | * \param conf SSL configuration |
| 1568 | * \param profile Profile to use |
| 1569 | */ |
| 1570 | void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, |
Nicholas Wilson | 2088e2e | 2015-09-08 16:53:18 +0100 | [diff] [blame] | 1571 | const mbedtls_x509_crt_profile *profile ); |
Manuel Pégourié-Gonnard | 6e3ee3a | 2015-06-17 10:58:20 +0200 | [diff] [blame] | 1572 | |
| 1573 | /** |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1574 | * \brief Set the data required to verify peer certificate |
| 1575 | * |
Manuel Pégourié-Gonnard | bc2b771 | 2015-05-06 11:14:19 +0100 | [diff] [blame] | 1576 | * \param conf SSL configuration |
Paul Bakker | 1f9d02d | 2012-11-20 10:30:55 +0100 | [diff] [blame] | 1577 | * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) |
Paul Bakker | 40ea7de | 2009-05-03 10:18:48 +0000 | [diff] [blame] | 1578 | * \param ca_crl trusted CA CRLs |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1579 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1580 | void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | bc2b771 | 2015-05-06 11:14:19 +0100 | [diff] [blame] | 1581 | mbedtls_x509_crt *ca_chain, |
| 1582 | mbedtls_x509_crl *ca_crl ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1583 | |
| 1584 | /** |
Paul Bakker | 1f9d02d | 2012-11-20 10:30:55 +0100 | [diff] [blame] | 1585 | * \brief Set own certificate chain and private key |
| 1586 | * |
Manuel Pégourié-Gonnard | 834ea85 | 2013-09-23 14:46:13 +0200 | [diff] [blame] | 1587 | * \note own_cert should contain in order from the bottom up your |
| 1588 | * certificate chain. The top certificate (self-signed) |
Paul Bakker | 1f9d02d | 2012-11-20 10:30:55 +0100 | [diff] [blame] | 1589 | * can be omitted. |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1590 | * |
Manuel Pégourié-Gonnard | 22bfa4b | 2015-05-11 08:46:37 +0200 | [diff] [blame] | 1591 | * \note On server, this function can be called multiple times to |
| 1592 | * provision more than one cert/key pair (eg one ECDSA, one |
| 1593 | * RSA with SHA-256, one RSA with SHA-1). An adequate |
| 1594 | * certificate will be selected according to the client's |
| 1595 | * advertised capabilities. In case mutliple certificates are |
| 1596 | * adequate, preference is given to the one set by the first |
| 1597 | * call to this function, then second, etc. |
| 1598 | * |
Manuel Pégourié-Gonnard | d1b7f2b | 2016-02-24 14:13:22 +0000 | [diff] [blame] | 1599 | * \note On client, only the first call has any effect. That is, |
| 1600 | * only one client certificate can be provisioned. The |
| 1601 | * server's preferences in its CertficateRequest message will |
| 1602 | * be ignored and our only cert will be sent regardless of |
| 1603 | * whether it matches those preferences - the server can then |
| 1604 | * decide what it wants to do with it. |
Manuel Pégourié-Gonnard | 834ea85 | 2013-09-23 14:46:13 +0200 | [diff] [blame] | 1605 | * |
Manuel Pégourié-Gonnard | 17a40cd | 2015-05-10 23:17:17 +0200 | [diff] [blame] | 1606 | * \param conf SSL configuration |
Paul Bakker | 1f9d02d | 2012-11-20 10:30:55 +0100 | [diff] [blame] | 1607 | * \param own_cert own public certificate chain |
Manuel Pégourié-Gonnard | ac75523 | 2013-08-19 14:10:16 +0200 | [diff] [blame] | 1608 | * \param pk_key own private key |
Manuel Pégourié-Gonnard | 834ea85 | 2013-09-23 14:46:13 +0200 | [diff] [blame] | 1609 | * |
Manuel Pégourié-Gonnard | 6a8ca33 | 2015-05-28 09:33:39 +0200 | [diff] [blame] | 1610 | * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1611 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1612 | int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | 8f618a8 | 2015-05-10 21:13:36 +0200 | [diff] [blame] | 1613 | mbedtls_x509_crt *own_cert, |
| 1614 | mbedtls_pk_context *pk_key ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1615 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
Paul Bakker | 43b7e35 | 2011-01-18 15:27:19 +0000 | [diff] [blame] | 1616 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1617 | #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 1618 | /** |
Manuel Pégourié-Gonnard | 4b68296 | 2015-05-07 15:59:54 +0100 | [diff] [blame] | 1619 | * \brief Set the Pre Shared Key (PSK) and the expected identity name |
| 1620 | * |
| 1621 | * \note This is mainly useful for clients. Servers will usually |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1622 | * want to use \c mbedtls_ssl_conf_psk_cb() instead. |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 1623 | * |
Manuel Pégourié-Gonnard | 9d62412 | 2016-02-22 11:10:14 +0100 | [diff] [blame] | 1624 | * \note Currently clients can only register one pre-shared key. |
Simon Butcher | c0957bd | 2016-03-01 13:16:57 +0000 | [diff] [blame] | 1625 | * In other words, the servers' identity hint is ignored. |
| 1626 | * Support for setting multiple PSKs on clients and selecting |
| 1627 | * one based on the identity hint is not a planned feature but |
| 1628 | * feedback is welcomed. |
Manuel Pégourié-Gonnard | 9d62412 | 2016-02-22 11:10:14 +0100 | [diff] [blame] | 1629 | * |
Manuel Pégourié-Gonnard | 120fdbd | 2015-05-07 17:07:50 +0100 | [diff] [blame] | 1630 | * \param conf SSL configuration |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 1631 | * \param psk pointer to the pre-shared key |
| 1632 | * \param psk_len pre-shared key length |
| 1633 | * \param psk_identity pointer to the pre-shared key identity |
| 1634 | * \param psk_identity_len identity key length |
Paul Bakker | 6db455e | 2013-09-18 17:29:31 +0200 | [diff] [blame] | 1635 | * |
Manuel Pégourié-Gonnard | 6a8ca33 | 2015-05-28 09:33:39 +0200 | [diff] [blame] | 1636 | * \return 0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 1637 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1638 | int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | 4b68296 | 2015-05-07 15:59:54 +0100 | [diff] [blame] | 1639 | const unsigned char *psk, size_t psk_len, |
| 1640 | const unsigned char *psk_identity, size_t psk_identity_len ); |
| 1641 | |
Paul Bakker | 6db455e | 2013-09-18 17:29:31 +0200 | [diff] [blame] | 1642 | |
| 1643 | /** |
Manuel Pégourié-Gonnard | 4b68296 | 2015-05-07 15:59:54 +0100 | [diff] [blame] | 1644 | * \brief Set the Pre Shared Key (PSK) for the current handshake |
| 1645 | * |
| 1646 | * \note This should only be called inside the PSK callback, |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1647 | * ie the function passed to \c mbedtls_ssl_conf_psk_cb(). |
Manuel Pégourié-Gonnard | 4b68296 | 2015-05-07 15:59:54 +0100 | [diff] [blame] | 1648 | * |
| 1649 | * \param ssl SSL context |
| 1650 | * \param psk pointer to the pre-shared key |
| 1651 | * \param psk_len pre-shared key length |
| 1652 | * |
Manuel Pégourié-Gonnard | 6a8ca33 | 2015-05-28 09:33:39 +0200 | [diff] [blame] | 1653 | * \return 0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED |
Manuel Pégourié-Gonnard | 4b68296 | 2015-05-07 15:59:54 +0100 | [diff] [blame] | 1654 | */ |
| 1655 | int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, |
| 1656 | const unsigned char *psk, size_t psk_len ); |
| 1657 | |
| 1658 | /** |
| 1659 | * \brief Set the PSK callback (server-side only). |
Paul Bakker | 6db455e | 2013-09-18 17:29:31 +0200 | [diff] [blame] | 1660 | * |
| 1661 | * If set, the PSK callback is called for each |
| 1662 | * handshake where a PSK ciphersuite was negotiated. |
Manuel Pégourié-Gonnard | a612b44 | 2014-02-25 13:08:08 +0100 | [diff] [blame] | 1663 | * The caller provides the identity received and wants to |
Paul Bakker | 6db455e | 2013-09-18 17:29:31 +0200 | [diff] [blame] | 1664 | * receive the actual PSK data and length. |
| 1665 | * |
| 1666 | * The callback has the following parameters: (void *parameter, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1667 | * mbedtls_ssl_context *ssl, const unsigned char *psk_identity, |
Paul Bakker | 6db455e | 2013-09-18 17:29:31 +0200 | [diff] [blame] | 1668 | * size_t identity_len) |
| 1669 | * If a valid PSK identity is found, the callback should use |
Manuel Pégourié-Gonnard | 4b68296 | 2015-05-07 15:59:54 +0100 | [diff] [blame] | 1670 | * \c mbedtls_ssl_set_hs_psk() on the ssl context to set the |
| 1671 | * correct PSK and return 0. |
Paul Bakker | 6db455e | 2013-09-18 17:29:31 +0200 | [diff] [blame] | 1672 | * Any other return value will result in a denied PSK identity. |
| 1673 | * |
Manuel Pégourié-Gonnard | 4b68296 | 2015-05-07 15:59:54 +0100 | [diff] [blame] | 1674 | * \note If you set a PSK callback using this function, then you |
| 1675 | * don't need to set a PSK key and identity using |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1676 | * \c mbedtls_ssl_conf_psk(). |
Manuel Pégourié-Gonnard | 4b68296 | 2015-05-07 15:59:54 +0100 | [diff] [blame] | 1677 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1678 | * \param conf SSL configuration |
Paul Bakker | 6db455e | 2013-09-18 17:29:31 +0200 | [diff] [blame] | 1679 | * \param f_psk PSK identity function |
| 1680 | * \param p_psk PSK identity parameter |
| 1681 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1682 | void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1683 | int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, |
Paul Bakker | 6db455e | 2013-09-18 17:29:31 +0200 | [diff] [blame] | 1684 | size_t), |
| 1685 | void *p_psk ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1686 | #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 1687 | |
Manuel Pégourié-Gonnard | 1028b74 | 2015-05-06 17:33:07 +0100 | [diff] [blame] | 1688 | #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1689 | /** |
| 1690 | * \brief Set the Diffie-Hellman public P and G values, |
| 1691 | * read as hexadecimal strings (server-side only) |
Manuel Pégourié-Gonnard | 1028b74 | 2015-05-06 17:33:07 +0100 | [diff] [blame] | 1692 | * (Default: MBEDTLS_DHM_RFC5114_MODP_2048_[PG]) |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1693 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1694 | * \param conf SSL configuration |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1695 | * \param dhm_P Diffie-Hellman-Merkle modulus |
| 1696 | * \param dhm_G Diffie-Hellman-Merkle generator |
| 1697 | * |
| 1698 | * \return 0 if successful |
| 1699 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1700 | int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1701 | |
| 1702 | /** |
Paul Bakker | 1b57b06 | 2011-01-06 15:48:19 +0000 | [diff] [blame] | 1703 | * \brief Set the Diffie-Hellman public P and G values, |
| 1704 | * read from existing context (server-side only) |
| 1705 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1706 | * \param conf SSL configuration |
Paul Bakker | 1b57b06 | 2011-01-06 15:48:19 +0000 | [diff] [blame] | 1707 | * \param dhm_ctx Diffie-Hellman-Merkle context |
| 1708 | * |
| 1709 | * \return 0 if successful |
| 1710 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1711 | int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ); |
Manuel Pégourié-Gonnard | cf141ca | 2015-05-20 10:35:51 +0200 | [diff] [blame] | 1712 | #endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */ |
Paul Bakker | 1b57b06 | 2011-01-06 15:48:19 +0000 | [diff] [blame] | 1713 | |
Manuel Pégourié-Gonnard | bd990d6 | 2015-06-11 14:49:42 +0200 | [diff] [blame] | 1714 | #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) |
| 1715 | /** |
| 1716 | * \brief Set the minimum length for Diffie-Hellman parameters. |
| 1717 | * (Client-side only.) |
| 1718 | * (Default: 1024 bits.) |
| 1719 | * |
| 1720 | * \param conf SSL configuration |
| 1721 | * \param bitlen Minimum bit length of the DHM prime |
| 1722 | */ |
| 1723 | void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, |
| 1724 | unsigned int bitlen ); |
| 1725 | #endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */ |
| 1726 | |
Manuel Pégourié-Gonnard | b541da6 | 2015-06-17 11:43:30 +0200 | [diff] [blame] | 1727 | #if defined(MBEDTLS_ECP_C) |
Gergely Budai | 987bfb5 | 2014-01-19 21:48:42 +0100 | [diff] [blame] | 1728 | /** |
Manuel Pégourié-Gonnard | cd49f76 | 2014-02-04 15:14:13 +0100 | [diff] [blame] | 1729 | * \brief Set the allowed curves in order of preference. |
Manuel Pégourié-Gonnard | 5de2580 | 2014-02-03 15:56:49 +0100 | [diff] [blame] | 1730 | * (Default: all defined curves.) |
Gergely Budai | 987bfb5 | 2014-01-19 21:48:42 +0100 | [diff] [blame] | 1731 | * |
Manuel Pégourié-Gonnard | cd49f76 | 2014-02-04 15:14:13 +0100 | [diff] [blame] | 1732 | * On server: this only affects selection of the ECDHE curve; |
| 1733 | * the curves used for ECDH and ECDSA are determined by the |
| 1734 | * list of available certificates instead. |
| 1735 | * |
| 1736 | * On client: this affects the list of curves offered for any |
Manuel Pégourié-Gonnard | ab24010 | 2014-02-04 16:18:07 +0100 | [diff] [blame] | 1737 | * use. The server can override our preference order. |
| 1738 | * |
Manuel Pégourié-Gonnard | 65eefc8 | 2015-10-23 14:08:48 +0200 | [diff] [blame] | 1739 | * Both sides: limits the set of curves accepted for use in |
| 1740 | * ECDHE and in the peer's end-entity certificate. |
Manuel Pégourié-Gonnard | 27716cc | 2015-06-17 11:49:39 +0200 | [diff] [blame] | 1741 | * |
Manuel Pégourié-Gonnard | 65eefc8 | 2015-10-23 14:08:48 +0200 | [diff] [blame] | 1742 | * \note This has no influence on which curves are allowed inside the |
Manuel Pégourié-Gonnard | 27716cc | 2015-06-17 11:49:39 +0200 | [diff] [blame] | 1743 | * certificate chains, see \c mbedtls_ssl_conf_cert_profile() |
Manuel Pégourié-Gonnard | 65eefc8 | 2015-10-23 14:08:48 +0200 | [diff] [blame] | 1744 | * for that. For the end-entity certificate however, the key |
| 1745 | * will be accepted only if it is allowed both by this list |
| 1746 | * and by the cert profile. |
Gergely Budai | 987bfb5 | 2014-01-19 21:48:42 +0100 | [diff] [blame] | 1747 | * |
Manuel Pégourié-Gonnard | 36a8b57 | 2015-06-17 12:43:26 +0200 | [diff] [blame] | 1748 | * \note This list should be ordered by decreasing preference |
| 1749 | * (preferred curve first). |
| 1750 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1751 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | cd49f76 | 2014-02-04 15:14:13 +0100 | [diff] [blame] | 1752 | * \param curves Ordered list of allowed curves, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1753 | * terminated by MBEDTLS_ECP_DP_NONE. |
Gergely Budai | 987bfb5 | 2014-01-19 21:48:42 +0100 | [diff] [blame] | 1754 | */ |
Manuel Pégourié-Gonnard | 36a8b57 | 2015-06-17 12:43:26 +0200 | [diff] [blame] | 1755 | void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, |
| 1756 | const mbedtls_ecp_group_id *curves ); |
Manuel Pégourié-Gonnard | b541da6 | 2015-06-17 11:43:30 +0200 | [diff] [blame] | 1757 | #endif /* MBEDTLS_ECP_C */ |
Gergely Budai | 987bfb5 | 2014-01-19 21:48:42 +0100 | [diff] [blame] | 1758 | |
Manuel Pégourié-Gonnard | e5f3072 | 2015-10-22 17:01:15 +0200 | [diff] [blame] | 1759 | #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) |
Manuel Pégourié-Gonnard | 36a8b57 | 2015-06-17 12:43:26 +0200 | [diff] [blame] | 1760 | /** |
| 1761 | * \brief Set the allowed hashes for signatures during the handshake. |
Manuel Pégourié-Gonnard | 47229c7 | 2015-12-04 15:02:56 +0100 | [diff] [blame] | 1762 | * (Default: all available hashes except MD5.) |
Manuel Pégourié-Gonnard | 36a8b57 | 2015-06-17 12:43:26 +0200 | [diff] [blame] | 1763 | * |
| 1764 | * \note This only affects which hashes are offered and can be used |
| 1765 | * for signatures during the handshake. Hashes for message |
| 1766 | * authentication and the TLS PRF are controlled by the |
| 1767 | * ciphersuite, see \c mbedtls_ssl_conf_ciphersuites(). Hashes |
| 1768 | * used for certificate signature are controlled by the |
| 1769 | * verification profile, see \c mbedtls_ssl_conf_cert_profile(). |
| 1770 | * |
| 1771 | * \note This list should be ordered by decreasing preference |
| 1772 | * (preferred hash first). |
| 1773 | * |
| 1774 | * \param conf SSL configuration |
| 1775 | * \param hashes Ordered list of allowed signature hashes, |
| 1776 | * terminated by \c MBEDTLS_MD_NONE. |
| 1777 | */ |
| 1778 | void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, |
| 1779 | const int *hashes ); |
Manuel Pégourié-Gonnard | e5f3072 | 2015-10-22 17:01:15 +0200 | [diff] [blame] | 1780 | #endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ |
Manuel Pégourié-Gonnard | 36a8b57 | 2015-06-17 12:43:26 +0200 | [diff] [blame] | 1781 | |
Manuel Pégourié-Gonnard | bc2b771 | 2015-05-06 11:14:19 +0100 | [diff] [blame] | 1782 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
Paul Bakker | 1b57b06 | 2011-01-06 15:48:19 +0000 | [diff] [blame] | 1783 | /** |
Janos Follath | efc665f | 2016-06-22 00:18:50 +0100 | [diff] [blame] | 1784 | * \brief Set the hostname to check against the received server |
| 1785 | * certificate. It sets the ServerName TLS extension too, |
| 1786 | * if the extension is enabled. |
Paul Bakker | 5701cdc | 2012-09-27 21:49:42 +0000 | [diff] [blame] | 1787 | * (client-side only) |
Paul Bakker | 6db455e | 2013-09-18 17:29:31 +0200 | [diff] [blame] | 1788 | * |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1789 | * \param ssl SSL context |
| 1790 | * \param hostname the server hostname |
| 1791 | * |
Manuel Pégourié-Gonnard | 6a8ca33 | 2015-05-28 09:33:39 +0200 | [diff] [blame] | 1792 | * \return 0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1793 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1794 | int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ); |
Manuel Pégourié-Gonnard | bc2b771 | 2015-05-06 11:14:19 +0100 | [diff] [blame] | 1795 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1796 | |
Manuel Pégourié-Gonnard | bc2b771 | 2015-05-06 11:14:19 +0100 | [diff] [blame] | 1797 | #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 1798 | /** |
Manuel Pégourié-Gonnard | 1af6c85 | 2015-05-10 23:10:37 +0200 | [diff] [blame] | 1799 | * \brief Set own certificate and key for the current handshake |
| 1800 | * |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1801 | * \note Same as \c mbedtls_ssl_conf_own_cert() but for use within |
Manuel Pégourié-Gonnard | 1af6c85 | 2015-05-10 23:10:37 +0200 | [diff] [blame] | 1802 | * the SNI callback. |
| 1803 | * |
| 1804 | * \param ssl SSL context |
| 1805 | * \param own_cert own public certificate chain |
| 1806 | * \param pk_key own private key |
| 1807 | * |
Manuel Pégourié-Gonnard | 6a8ca33 | 2015-05-28 09:33:39 +0200 | [diff] [blame] | 1808 | * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED |
Manuel Pégourié-Gonnard | 1af6c85 | 2015-05-10 23:10:37 +0200 | [diff] [blame] | 1809 | */ |
| 1810 | int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, |
| 1811 | mbedtls_x509_crt *own_cert, |
| 1812 | mbedtls_pk_context *pk_key ); |
| 1813 | |
| 1814 | /** |
Manuel Pégourié-Gonnard | 22bfa4b | 2015-05-11 08:46:37 +0200 | [diff] [blame] | 1815 | * \brief Set the data required to verify peer certificate for the |
| 1816 | * current handshake |
| 1817 | * |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1818 | * \note Same as \c mbedtls_ssl_conf_ca_chain() but for use within |
Manuel Pégourié-Gonnard | 22bfa4b | 2015-05-11 08:46:37 +0200 | [diff] [blame] | 1819 | * the SNI callback. |
| 1820 | * |
| 1821 | * \param ssl SSL context |
| 1822 | * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) |
| 1823 | * \param ca_crl trusted CA CRLs |
| 1824 | */ |
| 1825 | void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, |
| 1826 | mbedtls_x509_crt *ca_chain, |
| 1827 | mbedtls_x509_crl *ca_crl ); |
| 1828 | |
| 1829 | /** |
Manuel Pégourié-Gonnard | cdc26ae | 2015-06-19 12:16:31 +0200 | [diff] [blame] | 1830 | * \brief Set authmode for the current handshake. |
| 1831 | * |
| 1832 | * \note Same as \c mbedtls_ssl_conf_authmode() but for use within |
| 1833 | * the SNI callback. |
| 1834 | * |
| 1835 | * \param ssl SSL context |
| 1836 | * \param authmode MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL or |
| 1837 | * MBEDTLS_SSL_VERIFY_REQUIRED |
| 1838 | */ |
| 1839 | void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, |
| 1840 | int authmode ); |
| 1841 | |
| 1842 | /** |
Paul Bakker | 5701cdc | 2012-09-27 21:49:42 +0000 | [diff] [blame] | 1843 | * \brief Set server side ServerName TLS extension callback |
| 1844 | * (optional, server-side only). |
| 1845 | * |
| 1846 | * If set, the ServerName callback is called whenever the |
| 1847 | * server receives a ServerName TLS extension from the client |
| 1848 | * during a handshake. The ServerName callback has the |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1849 | * following parameters: (void *parameter, mbedtls_ssl_context *ssl, |
Paul Bakker | 5701cdc | 2012-09-27 21:49:42 +0000 | [diff] [blame] | 1850 | * const unsigned char *hostname, size_t len). If a suitable |
Manuel Pégourié-Gonnard | cdc26ae | 2015-06-19 12:16:31 +0200 | [diff] [blame] | 1851 | * certificate is found, the callback must set the |
Manuel Pégourié-Gonnard | 22bfa4b | 2015-05-11 08:46:37 +0200 | [diff] [blame] | 1852 | * certificate(s) and key(s) to use with \c |
| 1853 | * mbedtls_ssl_set_hs_own_cert() (can be called repeatedly), |
Manuel Pégourié-Gonnard | cdc26ae | 2015-06-19 12:16:31 +0200 | [diff] [blame] | 1854 | * and may optionally adjust the CA and associated CRL with \c |
| 1855 | * mbedtls_ssl_set_hs_ca_chain() as well as the client |
| 1856 | * authentication mode with \c mbedtls_ssl_set_hs_authmode(), |
| 1857 | * then must return 0. If no matching name is found, the |
| 1858 | * callback must either set a default cert, or |
| 1859 | * return non-zero to abort the handshake at this point. |
Paul Bakker | 5701cdc | 2012-09-27 21:49:42 +0000 | [diff] [blame] | 1860 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1861 | * \param conf SSL configuration |
Paul Bakker | 5701cdc | 2012-09-27 21:49:42 +0000 | [diff] [blame] | 1862 | * \param f_sni verification function |
| 1863 | * \param p_sni verification parameter |
| 1864 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1865 | void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1866 | int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, |
Paul Bakker | 5701cdc | 2012-09-27 21:49:42 +0000 | [diff] [blame] | 1867 | size_t), |
| 1868 | void *p_sni ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1869 | #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ |
Paul Bakker | 5701cdc | 2012-09-27 21:49:42 +0000 | [diff] [blame] | 1870 | |
Manuel Pégourié-Gonnard | eef142d | 2015-09-16 10:05:04 +0200 | [diff] [blame] | 1871 | #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) |
Manuel Pégourié-Gonnard | 7002f4a | 2015-09-15 12:43:43 +0200 | [diff] [blame] | 1872 | /** |
| 1873 | * \brief Set the EC J-PAKE password for current handshake. |
| 1874 | * |
| 1875 | * \note An internal copy is made, and destroyed as soon as the |
| 1876 | * handshake is completed, or when the SSL context is reset or |
| 1877 | * freed. |
| 1878 | * |
| 1879 | * \note The SSL context needs to be already set up. The right place |
| 1880 | * to call this function is between \c mbedtls_ssl_setup() or |
| 1881 | * \c mbedtls_ssl_reset() and \c mbedtls_ssl_handshake(). |
| 1882 | * |
| 1883 | * \param ssl SSL context |
| 1884 | * \param pw EC J-PAKE password (pre-shared secret) |
| 1885 | * \param pw_len length of pw in bytes |
| 1886 | * |
| 1887 | * \return 0 on success, or a negative error code. |
| 1888 | */ |
| 1889 | int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, |
| 1890 | const unsigned char *pw, |
| 1891 | size_t pw_len ); |
Manuel Pégourié-Gonnard | eef142d | 2015-09-16 10:05:04 +0200 | [diff] [blame] | 1892 | #endif /*MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ |
Manuel Pégourié-Gonnard | 7002f4a | 2015-09-15 12:43:43 +0200 | [diff] [blame] | 1893 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1894 | #if defined(MBEDTLS_SSL_ALPN) |
Manuel Pégourié-Gonnard | 7e250d4 | 2014-04-04 16:08:41 +0200 | [diff] [blame] | 1895 | /** |
| 1896 | * \brief Set the supported Application Layer Protocols. |
| 1897 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1898 | * \param conf SSL configuration |
Simon Butcher | 157cb65 | 2016-02-13 23:19:04 +0000 | [diff] [blame] | 1899 | * \param protos Pointer to a NULL-terminated list of supported protocols, |
| 1900 | * in decreasing preference order. The pointer to the list is |
| 1901 | * recorded by the library for later reference as required, so |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 1902 | * the lifetime of the table must be atleast as long as the |
| 1903 | * lifetime of the SSL configuration structure. |
Manuel Pégourié-Gonnard | 0b874dc | 2014-04-07 10:57:45 +0200 | [diff] [blame] | 1904 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1905 | * \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA. |
Manuel Pégourié-Gonnard | 7e250d4 | 2014-04-04 16:08:41 +0200 | [diff] [blame] | 1906 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1907 | int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ); |
Manuel Pégourié-Gonnard | 7e250d4 | 2014-04-04 16:08:41 +0200 | [diff] [blame] | 1908 | |
| 1909 | /** |
| 1910 | * \brief Get the name of the negotiated Application Layer Protocol. |
| 1911 | * This function should be called after the handshake is |
| 1912 | * completed. |
| 1913 | * |
| 1914 | * \param ssl SSL context |
| 1915 | * |
| 1916 | * \return Protcol name, or NULL if no protocol was negotiated. |
| 1917 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1918 | const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl ); |
| 1919 | #endif /* MBEDTLS_SSL_ALPN */ |
Manuel Pégourié-Gonnard | 7e250d4 | 2014-04-04 16:08:41 +0200 | [diff] [blame] | 1920 | |
Paul Bakker | 5701cdc | 2012-09-27 21:49:42 +0000 | [diff] [blame] | 1921 | /** |
Paul Bakker | 490ecc8 | 2011-10-06 13:04:09 +0000 | [diff] [blame] | 1922 | * \brief Set the maximum supported version sent from the client side |
Paul Bakker | 2fbefde | 2013-06-29 16:01:15 +0200 | [diff] [blame] | 1923 | * and/or accepted at the server side |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1924 | * (Default: MBEDTLS_SSL_MAX_MAJOR_VERSION, MBEDTLS_SSL_MAX_MINOR_VERSION) |
Paul Bakker | 2fbefde | 2013-06-29 16:01:15 +0200 | [diff] [blame] | 1925 | * |
Manuel Pégourié-Gonnard | 01e5e8c | 2015-05-11 10:11:56 +0200 | [diff] [blame] | 1926 | * \note This ignores ciphersuites from higher versions. |
| 1927 | * |
| 1928 | * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and |
| 1929 | * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 |
Paul Bakker | d2f068e | 2013-08-27 21:19:20 +0200 | [diff] [blame] | 1930 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1931 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1932 | * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) |
| 1933 | * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, |
| 1934 | * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, |
| 1935 | * MBEDTLS_SSL_MINOR_VERSION_3 supported) |
Paul Bakker | 490ecc8 | 2011-10-06 13:04:09 +0000 | [diff] [blame] | 1936 | */ |
Manuel Pégourié-Gonnard | 01e5e8c | 2015-05-11 10:11:56 +0200 | [diff] [blame] | 1937 | void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ); |
Paul Bakker | 490ecc8 | 2011-10-06 13:04:09 +0000 | [diff] [blame] | 1938 | |
Paul Bakker | 1d29fb5 | 2012-09-28 13:28:45 +0000 | [diff] [blame] | 1939 | /** |
| 1940 | * \brief Set the minimum accepted SSL/TLS protocol version |
Manuel Pégourié-Gonnard | 8c8be1e | 2015-03-31 14:21:11 +0200 | [diff] [blame] | 1941 | * (Default: TLS 1.0) |
Paul Bakker | d2f068e | 2013-08-27 21:19:20 +0200 | [diff] [blame] | 1942 | * |
Manuel Pégourié-Gonnard | 448ea50 | 2015-01-12 11:40:14 +0100 | [diff] [blame] | 1943 | * \note Input outside of the SSL_MAX_XXXXX_VERSION and |
| 1944 | * SSL_MIN_XXXXX_VERSION range is ignored. |
| 1945 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1946 | * \note MBEDTLS_SSL_MINOR_VERSION_0 (SSL v3) should be avoided. |
Paul Bakker | 1d29fb5 | 2012-09-28 13:28:45 +0000 | [diff] [blame] | 1947 | * |
Manuel Pégourié-Gonnard | 01e5e8c | 2015-05-11 10:11:56 +0200 | [diff] [blame] | 1948 | * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and |
| 1949 | * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 |
| 1950 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1951 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1952 | * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) |
| 1953 | * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, |
| 1954 | * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, |
| 1955 | * MBEDTLS_SSL_MINOR_VERSION_3 supported) |
Paul Bakker | 1d29fb5 | 2012-09-28 13:28:45 +0000 | [diff] [blame] | 1956 | */ |
Manuel Pégourié-Gonnard | 01e5e8c | 2015-05-11 10:11:56 +0200 | [diff] [blame] | 1957 | void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ); |
Paul Bakker | 1d29fb5 | 2012-09-28 13:28:45 +0000 | [diff] [blame] | 1958 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1959 | #if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) |
Manuel Pégourié-Gonnard | 1cbd39d | 2014-10-20 13:34:59 +0200 | [diff] [blame] | 1960 | /** |
| 1961 | * \brief Set the fallback flag (client-side only). |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1962 | * (Default: MBEDTLS_SSL_IS_NOT_FALLBACK). |
Manuel Pégourié-Gonnard | 1cbd39d | 2014-10-20 13:34:59 +0200 | [diff] [blame] | 1963 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1964 | * \note Set to MBEDTLS_SSL_IS_FALLBACK when preparing a fallback |
Manuel Pégourié-Gonnard | 1cbd39d | 2014-10-20 13:34:59 +0200 | [diff] [blame] | 1965 | * connection, that is a connection with max_version set to a |
| 1966 | * lower value than the value you're willing to use. Such |
| 1967 | * fallback connections are not recommended but are sometimes |
| 1968 | * necessary to interoperate with buggy (version-intolerant) |
| 1969 | * servers. |
| 1970 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1971 | * \warning You should NOT set this to MBEDTLS_SSL_IS_FALLBACK for |
Manuel Pégourié-Gonnard | 1cbd39d | 2014-10-20 13:34:59 +0200 | [diff] [blame] | 1972 | * non-fallback connections! This would appear to work for a |
| 1973 | * while, then cause failures when the server is upgraded to |
| 1974 | * support a newer TLS version. |
| 1975 | * |
Manuel Pégourié-Gonnard | 684b059 | 2015-05-06 09:27:31 +0100 | [diff] [blame] | 1976 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1977 | * \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK |
Manuel Pégourié-Gonnard | 1cbd39d | 2014-10-20 13:34:59 +0200 | [diff] [blame] | 1978 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1979 | void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1980 | #endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */ |
Manuel Pégourié-Gonnard | 1cbd39d | 2014-10-20 13:34:59 +0200 | [diff] [blame] | 1981 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1982 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) |
Manuel Pégourié-Gonnard | 699cafa | 2014-10-27 13:57:03 +0100 | [diff] [blame] | 1983 | /** |
| 1984 | * \brief Enable or disable Encrypt-then-MAC |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1985 | * (Default: MBEDTLS_SSL_ETM_ENABLED) |
Manuel Pégourié-Gonnard | 699cafa | 2014-10-27 13:57:03 +0100 | [diff] [blame] | 1986 | * |
| 1987 | * \note This should always be enabled, it is a security |
| 1988 | * improvement, and should not cause any interoperability |
| 1989 | * issue (used only if the peer supports it too). |
| 1990 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 1991 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1992 | * \param etm MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED |
Manuel Pégourié-Gonnard | 699cafa | 2014-10-27 13:57:03 +0100 | [diff] [blame] | 1993 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 1994 | void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1995 | #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ |
Manuel Pégourié-Gonnard | 699cafa | 2014-10-27 13:57:03 +0100 | [diff] [blame] | 1996 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1997 | #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) |
Manuel Pégourié-Gonnard | 367381f | 2014-10-20 18:40:56 +0200 | [diff] [blame] | 1998 | /** |
| 1999 | * \brief Enable or disable Extended Master Secret negotiation. |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2000 | * (Default: MBEDTLS_SSL_EXTENDED_MS_ENABLED) |
Manuel Pégourié-Gonnard | 367381f | 2014-10-20 18:40:56 +0200 | [diff] [blame] | 2001 | * |
| 2002 | * \note This should always be enabled, it is a security fix to the |
| 2003 | * protocol, and should not cause any interoperability issue |
| 2004 | * (used only if the peer supports it too). |
| 2005 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 2006 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2007 | * \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED |
Manuel Pégourié-Gonnard | 367381f | 2014-10-20 18:40:56 +0200 | [diff] [blame] | 2008 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 2009 | void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2010 | #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ |
Manuel Pégourié-Gonnard | 367381f | 2014-10-20 18:40:56 +0200 | [diff] [blame] | 2011 | |
Manuel Pégourié-Gonnard | 66dc555 | 2015-05-14 12:28:21 +0200 | [diff] [blame] | 2012 | #if defined(MBEDTLS_ARC4_C) |
Manuel Pégourié-Gonnard | bd47a58 | 2015-01-12 13:43:29 +0100 | [diff] [blame] | 2013 | /** |
| 2014 | * \brief Disable or enable support for RC4 |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2015 | * (Default: MBEDTLS_SSL_ARC4_DISABLED) |
Manuel Pégourié-Gonnard | bd47a58 | 2015-01-12 13:43:29 +0100 | [diff] [blame] | 2016 | * |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 2017 | * \warning Use of RC4 in DTLS/TLS has been prohibited by RFC 7465 |
Simon Butcher | 68c0bd7 | 2016-02-13 22:44:49 +0000 | [diff] [blame] | 2018 | * for security reasons. Use at your own risk. |
Manuel Pégourié-Gonnard | bd47a58 | 2015-01-12 13:43:29 +0100 | [diff] [blame] | 2019 | * |
Simon Butcher | 68c0bd7 | 2016-02-13 22:44:49 +0000 | [diff] [blame] | 2020 | * \note This function is deprecated and will likely be removed in |
| 2021 | * a future version of the library. |
| 2022 | * RC4 is disabled by default at compile time and needs to be |
| 2023 | * actively enabled for use with legacy systems. |
Manuel Pégourié-Gonnard | bd47a58 | 2015-01-12 13:43:29 +0100 | [diff] [blame] | 2024 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 2025 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2026 | * \param arc4 MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED |
Manuel Pégourié-Gonnard | bd47a58 | 2015-01-12 13:43:29 +0100 | [diff] [blame] | 2027 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 2028 | void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ); |
Manuel Pégourié-Gonnard | 66dc555 | 2015-05-14 12:28:21 +0200 | [diff] [blame] | 2029 | #endif /* MBEDTLS_ARC4_C */ |
Manuel Pégourié-Gonnard | bd47a58 | 2015-01-12 13:43:29 +0100 | [diff] [blame] | 2030 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2031 | #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) |
Paul Bakker | 490ecc8 | 2011-10-06 13:04:09 +0000 | [diff] [blame] | 2032 | /** |
Manuel Pégourié-Gonnard | 8b46459 | 2013-07-16 12:45:26 +0200 | [diff] [blame] | 2033 | * \brief Set the maximum fragment length to emit and/or negotiate |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2034 | * (Default: MBEDTLS_SSL_MAX_CONTENT_LEN, usually 2^14 bytes) |
Manuel Pégourié-Gonnard | 8b46459 | 2013-07-16 12:45:26 +0200 | [diff] [blame] | 2035 | * (Server: set maximum fragment length to emit, |
| 2036 | * usually negotiated by the client during handshake |
| 2037 | * (Client: set maximum fragment length to emit *and* |
| 2038 | * negotiate with the server during handshake) |
| 2039 | * |
Manuel Pégourié-Gonnard | 6bf89d6 | 2015-05-05 17:01:57 +0100 | [diff] [blame] | 2040 | * \param conf SSL configuration |
Paul Bakker | dcbfdcc | 2013-09-10 16:16:50 +0200 | [diff] [blame] | 2041 | * \param mfl_code Code for maximum fragment length (allowed values: |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2042 | * MBEDTLS_SSL_MAX_FRAG_LEN_512, MBEDTLS_SSL_MAX_FRAG_LEN_1024, |
| 2043 | * MBEDTLS_SSL_MAX_FRAG_LEN_2048, MBEDTLS_SSL_MAX_FRAG_LEN_4096) |
Manuel Pégourié-Gonnard | 8b46459 | 2013-07-16 12:45:26 +0200 | [diff] [blame] | 2044 | * |
Manuel Pégourié-Gonnard | eecb43c | 2015-05-12 12:56:41 +0200 | [diff] [blame] | 2045 | * \return 0 if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA |
Manuel Pégourié-Gonnard | 8b46459 | 2013-07-16 12:45:26 +0200 | [diff] [blame] | 2046 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 2047 | int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2048 | #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ |
Manuel Pégourié-Gonnard | 8b46459 | 2013-07-16 12:45:26 +0200 | [diff] [blame] | 2049 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2050 | #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) |
Manuel Pégourié-Gonnard | 8b46459 | 2013-07-16 12:45:26 +0200 | [diff] [blame] | 2051 | /** |
Manuel Pégourié-Gonnard | e117a8f | 2015-01-09 12:39:35 +0100 | [diff] [blame] | 2052 | * \brief Activate negotiation of truncated HMAC |
Manuel Pégourié-Gonnard | 662c6e8 | 2015-05-06 17:39:23 +0100 | [diff] [blame] | 2053 | * (Default: MBEDTLS_SSL_TRUNC_HMAC_DISABLED) |
Manuel Pégourié-Gonnard | e980a99 | 2013-07-19 11:08:52 +0200 | [diff] [blame] | 2054 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 2055 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2056 | * \param truncate Enable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or |
| 2057 | * MBEDTLS_SSL_TRUNC_HMAC_DISABLED) |
Manuel Pégourié-Gonnard | e980a99 | 2013-07-19 11:08:52 +0200 | [diff] [blame] | 2058 | */ |
Manuel Pégourié-Gonnard | 01e5e8c | 2015-05-11 10:11:56 +0200 | [diff] [blame] | 2059 | void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2060 | #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ |
Manuel Pégourié-Gonnard | e980a99 | 2013-07-19 11:08:52 +0200 | [diff] [blame] | 2061 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2062 | #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) |
Manuel Pégourié-Gonnard | cfa477e | 2015-01-07 14:50:54 +0100 | [diff] [blame] | 2063 | /** |
| 2064 | * \brief Enable / Disable 1/n-1 record splitting |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2065 | * (Default: MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED) |
Manuel Pégourié-Gonnard | cfa477e | 2015-01-07 14:50:54 +0100 | [diff] [blame] | 2066 | * |
| 2067 | * \note Only affects SSLv3 and TLS 1.0, not higher versions. |
| 2068 | * Does not affect non-CBC ciphersuites in any version. |
| 2069 | * |
Manuel Pégourié-Gonnard | 17eab2b | 2015-05-05 16:34:53 +0100 | [diff] [blame] | 2070 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2071 | * \param split MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or |
| 2072 | * MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED |
Manuel Pégourié-Gonnard | cfa477e | 2015-01-07 14:50:54 +0100 | [diff] [blame] | 2073 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 2074 | void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2075 | #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ |
Manuel Pégourié-Gonnard | cfa477e | 2015-01-07 14:50:54 +0100 | [diff] [blame] | 2076 | |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 2077 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) |
Manuel Pégourié-Gonnard | e980a99 | 2013-07-19 11:08:52 +0200 | [diff] [blame] | 2078 | /** |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 2079 | * \brief Enable / Disable session tickets (client only). |
| 2080 | * (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED.) |
Manuel Pégourié-Gonnard | aa0d4d1 | 2013-08-03 13:02:31 +0200 | [diff] [blame] | 2081 | * |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 2082 | * \note On server, use \c mbedtls_ssl_conf_session_tickets_cb(). |
Manuel Pégourié-Gonnard | aa0d4d1 | 2013-08-03 13:02:31 +0200 | [diff] [blame] | 2083 | * |
Manuel Pégourié-Gonnard | 2b49445 | 2015-05-06 10:05:11 +0100 | [diff] [blame] | 2084 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2085 | * \param use_tickets Enable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or |
| 2086 | * MBEDTLS_SSL_SESSION_TICKETS_DISABLED) |
Manuel Pégourié-Gonnard | aa0d4d1 | 2013-08-03 13:02:31 +0200 | [diff] [blame] | 2087 | */ |
Manuel Pégourié-Gonnard | b596abf | 2015-05-20 10:45:29 +0200 | [diff] [blame] | 2088 | void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ); |
| 2089 | #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ |
Manuel Pégourié-Gonnard | aa0d4d1 | 2013-08-03 13:02:31 +0200 | [diff] [blame] | 2090 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2091 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
Manuel Pégourié-Gonnard | aa0d4d1 | 2013-08-03 13:02:31 +0200 | [diff] [blame] | 2092 | /** |
Paul Bakker | 09f097d | 2012-10-23 11:54:56 +0000 | [diff] [blame] | 2093 | * \brief Enable / Disable renegotiation support for connection when |
| 2094 | * initiated by peer |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2095 | * (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED) |
Paul Bakker | 09f097d | 2012-10-23 11:54:56 +0000 | [diff] [blame] | 2096 | * |
Manuel Pégourié-Gonnard | 398b206 | 2015-05-28 15:13:30 +0200 | [diff] [blame] | 2097 | * \warning It is recommended to always disable renegotation unless you |
| 2098 | * know you need it and you know what you're doing. In the |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 2099 | * past, there have been several issues associated with |
Manuel Pégourié-Gonnard | 398b206 | 2015-05-28 15:13:30 +0200 | [diff] [blame] | 2100 | * renegotiation or a poor understanding of its properties. |
| 2101 | * |
| 2102 | * \note Server-side, enabling renegotiation also makes the server |
| 2103 | * susceptible to a resource DoS by a malicious client. |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2104 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 2105 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2106 | * \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or |
| 2107 | * MBEDTLS_SSL_RENEGOTIATION_DISABLED) |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2108 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 2109 | void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2110 | #endif /* MBEDTLS_SSL_RENEGOTIATION */ |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2111 | |
| 2112 | /** |
| 2113 | * \brief Prevent or allow legacy renegotiation. |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2114 | * (Default: MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION) |
Paul Bakker | 9af723c | 2014-05-01 13:03:14 +0200 | [diff] [blame] | 2115 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2116 | * MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION allows connections to |
Paul Bakker | d0f6fa7 | 2012-09-17 09:18:12 +0000 | [diff] [blame] | 2117 | * be established even if the peer does not support |
| 2118 | * secure renegotiation, but does not allow renegotiation |
| 2119 | * to take place if not secure. |
| 2120 | * (Interoperable and secure option) |
| 2121 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2122 | * MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION allows renegotiations |
Paul Bakker | d0f6fa7 | 2012-09-17 09:18:12 +0000 | [diff] [blame] | 2123 | * with non-upgraded peers. Allowing legacy renegotiation |
| 2124 | * makes the connection vulnerable to specific man in the |
| 2125 | * middle attacks. (See RFC 5746) |
| 2126 | * (Most interoperable and least secure option) |
| 2127 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2128 | * MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE breaks off connections |
Paul Bakker | d0f6fa7 | 2012-09-17 09:18:12 +0000 | [diff] [blame] | 2129 | * if peer does not support secure renegotiation. Results |
| 2130 | * in interoperability issues with non-upgraded peers |
| 2131 | * that do not support renegotiation altogether. |
| 2132 | * (Most secure option, interoperability issues) |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2133 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 2134 | * \param conf SSL configuration |
Paul Bakker | 6831c4a | 2012-11-07 19:46:27 +0000 | [diff] [blame] | 2135 | * \param allow_legacy Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION, |
| 2136 | * SSL_ALLOW_LEGACY_RENEGOTIATION or |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2137 | * MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2138 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 2139 | void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ); |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2140 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2141 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2142 | /** |
Manuel Pégourié-Gonnard | df3acd8 | 2014-10-15 15:07:45 +0200 | [diff] [blame] | 2143 | * \brief Enforce renegotiation requests. |
Manuel Pégourié-Gonnard | a9964db | 2014-07-03 19:29:16 +0200 | [diff] [blame] | 2144 | * (Default: enforced, max_records = 16) |
Manuel Pégourié-Gonnard | a9964db | 2014-07-03 19:29:16 +0200 | [diff] [blame] | 2145 | * |
Manuel Pégourié-Gonnard | 44ade65 | 2014-08-19 13:58:40 +0200 | [diff] [blame] | 2146 | * When we request a renegotiation, the peer can comply or |
| 2147 | * ignore the request. This function allows us to decide |
| 2148 | * whether to enforce our renegotiation requests by closing |
| 2149 | * the connection if the peer doesn't comply. |
Manuel Pégourié-Gonnard | a9964db | 2014-07-03 19:29:16 +0200 | [diff] [blame] | 2150 | * |
Manuel Pégourié-Gonnard | 44ade65 | 2014-08-19 13:58:40 +0200 | [diff] [blame] | 2151 | * However, records could already be in transit from the peer |
| 2152 | * when the request is emitted. In order to increase |
| 2153 | * reliability, we can accept a number of records before the |
| 2154 | * expected handshake records. |
Manuel Pégourié-Gonnard | a9964db | 2014-07-03 19:29:16 +0200 | [diff] [blame] | 2155 | * |
| 2156 | * The optimal value is highly dependent on the specific usage |
| 2157 | * scenario. |
| 2158 | * |
Manuel Pégourié-Gonnard | df3acd8 | 2014-10-15 15:07:45 +0200 | [diff] [blame] | 2159 | * \note With DTLS and server-initiated renegotiation, the |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2160 | * HelloRequest is retransmited every time mbedtls_ssl_read() times |
Manuel Pégourié-Gonnard | df3acd8 | 2014-10-15 15:07:45 +0200 | [diff] [blame] | 2161 | * out or receives Application Data, until: |
| 2162 | * - max_records records have beens seen, if it is >= 0, or |
| 2163 | * - the number of retransmits that would happen during an |
| 2164 | * actual handshake has been reached. |
| 2165 | * Please remember the request might be lost a few times |
| 2166 | * if you consider setting max_records to a really low value. |
| 2167 | * |
Manuel Pégourié-Gonnard | 44ade65 | 2014-08-19 13:58:40 +0200 | [diff] [blame] | 2168 | * \warning On client, the grace period can only happen during |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2169 | * mbedtls_ssl_read(), as opposed to mbedtls_ssl_write() and mbedtls_ssl_renegotiate() |
Manuel Pégourié-Gonnard | 44ade65 | 2014-08-19 13:58:40 +0200 | [diff] [blame] | 2170 | * which always behave as if max_record was 0. The reason is, |
| 2171 | * if we receive application data from the server, we need a |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2172 | * place to write it, which only happens during mbedtls_ssl_read(). |
Manuel Pégourié-Gonnard | 44ade65 | 2014-08-19 13:58:40 +0200 | [diff] [blame] | 2173 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 2174 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2175 | * \param max_records Use MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED if you don't want to |
Manuel Pégourié-Gonnard | a9964db | 2014-07-03 19:29:16 +0200 | [diff] [blame] | 2176 | * enforce renegotiation, or a non-negative value to enforce |
| 2177 | * it but allow for a grace period of max_records records. |
| 2178 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 2179 | void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ); |
Manuel Pégourié-Gonnard | a9964db | 2014-07-03 19:29:16 +0200 | [diff] [blame] | 2180 | |
| 2181 | /** |
Manuel Pégourié-Gonnard | 837f0fe | 2014-11-05 13:58:53 +0100 | [diff] [blame] | 2182 | * \brief Set record counter threshold for periodic renegotiation. |
| 2183 | * (Default: 2^64 - 256.) |
| 2184 | * |
| 2185 | * Renegotiation is automatically triggered when a record |
| 2186 | * counter (outgoing or ingoing) crosses the defined |
| 2187 | * threshold. The default value is meant to prevent the |
| 2188 | * connection from being closed when the counter is about to |
| 2189 | * reached its maximal value (it is not allowed to wrap). |
| 2190 | * |
| 2191 | * Lower values can be used to enforce policies such as "keys |
| 2192 | * must be refreshed every N packets with cipher X". |
| 2193 | * |
Manuel Pégourié-Gonnard | d36e33f | 2015-05-05 10:45:39 +0200 | [diff] [blame] | 2194 | * \param conf SSL configuration |
Manuel Pégourié-Gonnard | 837f0fe | 2014-11-05 13:58:53 +0100 | [diff] [blame] | 2195 | * \param period The threshold value: a big-endian 64-bit number. |
| 2196 | * Set to 2^64 - 1 to disable periodic renegotiation |
| 2197 | */ |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 2198 | void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | 837f0fe | 2014-11-05 13:58:53 +0100 | [diff] [blame] | 2199 | const unsigned char period[8] ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2200 | #endif /* MBEDTLS_SSL_RENEGOTIATION */ |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2201 | |
Paul Bakker | 43ca69c | 2011-01-15 17:35:19 +0000 | [diff] [blame] | 2202 | /** |
| 2203 | * \brief Return the number of data bytes available to read |
| 2204 | * |
| 2205 | * \param ssl SSL context |
| 2206 | * |
| 2207 | * \return how many bytes are available in the read buffer |
| 2208 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2209 | size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2210 | |
| 2211 | /** |
| 2212 | * \brief Return the result of the certificate verification |
| 2213 | * |
| 2214 | * \param ssl SSL context |
| 2215 | * |
Manuel Pégourié-Gonnard | e89163c | 2015-01-23 14:30:57 +0000 | [diff] [blame] | 2216 | * \return 0 if successful, |
| 2217 | * -1 if result is not available (eg because the handshake was |
| 2218 | * aborted too early), or |
| 2219 | * a combination of BADCERT_xxx and BADCRL_xxx flags, see |
| 2220 | * x509.h |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2221 | */ |
Manuel Pégourié-Gonnard | e6ef16f | 2015-05-11 19:54:43 +0200 | [diff] [blame] | 2222 | uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ); |
Paul Bakker | 43ca69c | 2011-01-15 17:35:19 +0000 | [diff] [blame] | 2223 | |
| 2224 | /** |
| 2225 | * \brief Return the name of the current ciphersuite |
| 2226 | * |
| 2227 | * \param ssl SSL context |
| 2228 | * |
| 2229 | * \return a string containing the ciphersuite name |
| 2230 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2231 | const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2232 | |
| 2233 | /** |
Paul Bakker | 43ca69c | 2011-01-15 17:35:19 +0000 | [diff] [blame] | 2234 | * \brief Return the current SSL version (SSLv3/TLSv1/etc) |
| 2235 | * |
| 2236 | * \param ssl SSL context |
| 2237 | * |
| 2238 | * \return a string containing the SSL version |
| 2239 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2240 | const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ); |
Paul Bakker | 43ca69c | 2011-01-15 17:35:19 +0000 | [diff] [blame] | 2241 | |
Manuel Pégourié-Gonnard | 9b35f18 | 2014-10-14 17:47:31 +0200 | [diff] [blame] | 2242 | /** |
| 2243 | * \brief Return the (maximum) number of bytes added by the record |
| 2244 | * layer: header + encryption/MAC overhead (inc. padding) |
| 2245 | * |
| 2246 | * \param ssl SSL context |
| 2247 | * |
| 2248 | * \return Current maximum record expansion in bytes, or |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2249 | * MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if compression is |
Manuel Pégourié-Gonnard | 932e393 | 2015-04-03 16:37:14 +0200 | [diff] [blame] | 2250 | * enabled, which makes expansion much less predictable |
Manuel Pégourié-Gonnard | 9b35f18 | 2014-10-14 17:47:31 +0200 | [diff] [blame] | 2251 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2252 | int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); |
Manuel Pégourié-Gonnard | 9b35f18 | 2014-10-14 17:47:31 +0200 | [diff] [blame] | 2253 | |
Manuel Pégourié-Gonnard | a2cda6b | 2015-08-31 18:30:52 +0200 | [diff] [blame] | 2254 | #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) |
| 2255 | /** |
| 2256 | * \brief Return the maximum fragment length (payload, in bytes). |
| 2257 | * This is the value negotiated with peer if any, |
| 2258 | * or the locally configured value. |
| 2259 | * |
| 2260 | * \note With DTLS, \c mbedtls_ssl_write() will return an error if |
| 2261 | * called with a larger length value. |
| 2262 | * With TLS, \c mbedtls_ssl_write() will fragment the input if |
| 2263 | * necessary and return the number of bytes written; it is up |
| 2264 | * to the caller to call \c mbedtls_ssl_write() again in |
| 2265 | * order to send the remaining bytes if any. |
| 2266 | * |
| 2267 | * \param ssl SSL context |
| 2268 | * |
| 2269 | * \return Current maximum fragment length. |
| 2270 | */ |
| 2271 | size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ); |
| 2272 | #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ |
| 2273 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2274 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
Paul Bakker | 43ca69c | 2011-01-15 17:35:19 +0000 | [diff] [blame] | 2275 | /** |
Paul Bakker | b0550d9 | 2012-10-30 07:51:03 +0000 | [diff] [blame] | 2276 | * \brief Return the peer certificate from the current connection |
| 2277 | * |
| 2278 | * Note: Can be NULL in case no certificate was sent during |
| 2279 | * the handshake. Different calls for the same connection can |
| 2280 | * return the same or different pointers for the same |
| 2281 | * certificate and even a different certificate altogether. |
| 2282 | * The peer cert CAN change in a single connection if |
| 2283 | * renegotiation is performed. |
| 2284 | * |
| 2285 | * \param ssl SSL context |
| 2286 | * |
| 2287 | * \return the current peer certificate |
| 2288 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2289 | const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ); |
| 2290 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
Paul Bakker | b0550d9 | 2012-10-30 07:51:03 +0000 | [diff] [blame] | 2291 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2292 | #if defined(MBEDTLS_SSL_CLI_C) |
Paul Bakker | b0550d9 | 2012-10-30 07:51:03 +0000 | [diff] [blame] | 2293 | /** |
Manuel Pégourié-Gonnard | 7471803 | 2013-07-30 12:41:56 +0200 | [diff] [blame] | 2294 | * \brief Save session in order to resume it later (client-side only) |
| 2295 | * Session data is copied to presented session structure. |
| 2296 | * |
| 2297 | * \warning Currently, peer certificate is lost in the operation. |
| 2298 | * |
| 2299 | * \param ssl SSL context |
| 2300 | * \param session session context |
| 2301 | * |
| 2302 | * \return 0 if successful, |
Manuel Pégourié-Gonnard | 6a8ca33 | 2015-05-28 09:33:39 +0200 | [diff] [blame] | 2303 | * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2304 | * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or |
Manuel Pégourié-Gonnard | 7471803 | 2013-07-30 12:41:56 +0200 | [diff] [blame] | 2305 | * arguments are otherwise invalid |
| 2306 | * |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2307 | * \sa mbedtls_ssl_set_session() |
Manuel Pégourié-Gonnard | 7471803 | 2013-07-30 12:41:56 +0200 | [diff] [blame] | 2308 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2309 | int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session ); |
| 2310 | #endif /* MBEDTLS_SSL_CLI_C */ |
Manuel Pégourié-Gonnard | 7471803 | 2013-07-30 12:41:56 +0200 | [diff] [blame] | 2311 | |
| 2312 | /** |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2313 | * \brief Perform the SSL handshake |
| 2314 | * |
| 2315 | * \param ssl SSL context |
| 2316 | * |
Manuel Pégourié-Gonnard | 222cb8d | 2015-09-08 15:43:59 +0200 | [diff] [blame] | 2317 | * \return 0 if successful, or |
| 2318 | * MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or |
Simon Butcher | 1a57af1 | 2015-09-11 17:14:16 +0100 | [diff] [blame] | 2319 | * MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED (see below), or |
Manuel Pégourié-Gonnard | 222cb8d | 2015-09-08 15:43:59 +0200 | [diff] [blame] | 2320 | * a specific SSL error code. |
Manuel Pégourié-Gonnard | b48ef9c | 2015-05-28 15:24:25 +0200 | [diff] [blame] | 2321 | * |
Manuel Pégourié-Gonnard | 222cb8d | 2015-09-08 15:43:59 +0200 | [diff] [blame] | 2322 | * \note If this function returns something other than 0 or |
| 2323 | * MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context |
Manuel Pégourié-Gonnard | b48ef9c | 2015-05-28 15:24:25 +0200 | [diff] [blame] | 2324 | * becomes unusable, and you should either free it or call |
Manuel Pégourié-Gonnard | acbb050 | 2015-12-10 13:57:27 +0100 | [diff] [blame] | 2325 | * \c mbedtls_ssl_session_reset() on it before re-using it for |
| 2326 | * a new connection; the current connection must be closed. |
Manuel Pégourié-Gonnard | 222cb8d | 2015-09-08 15:43:59 +0200 | [diff] [blame] | 2327 | * |
| 2328 | * \note If DTLS is in use, then you may choose to handle |
Manuel Pégourié-Gonnard | b48ef9c | 2015-05-28 15:24:25 +0200 | [diff] [blame] | 2329 | * MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED specially for logging |
Manuel Pégourié-Gonnard | 222cb8d | 2015-09-08 15:43:59 +0200 | [diff] [blame] | 2330 | * purposes, as it is an expected return value rather than an |
| 2331 | * actual error, but you still need to reset/free the context. |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2332 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2333 | int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2334 | |
| 2335 | /** |
Paul Bakker | 1961b70 | 2013-01-25 14:49:24 +0100 | [diff] [blame] | 2336 | * \brief Perform a single step of the SSL handshake |
| 2337 | * |
Manuel Pégourié-Gonnard | 222cb8d | 2015-09-08 15:43:59 +0200 | [diff] [blame] | 2338 | * \note The state of the context (ssl->state) will be at |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 2339 | * the next state after execution of this function. Do not |
| 2340 | * call this function if state is MBEDTLS_SSL_HANDSHAKE_OVER. |
Paul Bakker | 1961b70 | 2013-01-25 14:49:24 +0100 | [diff] [blame] | 2341 | * |
Manuel Pégourié-Gonnard | acbb050 | 2015-12-10 13:57:27 +0100 | [diff] [blame] | 2342 | * \note If this function returns something other than 0 or |
| 2343 | * MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context |
| 2344 | * becomes unusable, and you should either free it or call |
| 2345 | * \c mbedtls_ssl_session_reset() on it before re-using it for |
| 2346 | * a new connection; the current connection must be closed. |
| 2347 | * |
Paul Bakker | 1961b70 | 2013-01-25 14:49:24 +0100 | [diff] [blame] | 2348 | * \param ssl SSL context |
| 2349 | * |
Manuel Pégourié-Gonnard | 222cb8d | 2015-09-08 15:43:59 +0200 | [diff] [blame] | 2350 | * \return 0 if successful, or |
| 2351 | * MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or |
| 2352 | * a specific SSL error code. |
Paul Bakker | 1961b70 | 2013-01-25 14:49:24 +0100 | [diff] [blame] | 2353 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2354 | int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ); |
Paul Bakker | 1961b70 | 2013-01-25 14:49:24 +0100 | [diff] [blame] | 2355 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2356 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
Paul Bakker | 1961b70 | 2013-01-25 14:49:24 +0100 | [diff] [blame] | 2357 | /** |
Manuel Pégourié-Gonnard | 9c1e189 | 2013-10-30 16:41:21 +0100 | [diff] [blame] | 2358 | * \brief Initiate an SSL renegotiation on the running connection. |
| 2359 | * Client: perform the renegotiation right now. |
| 2360 | * Server: request renegotiation, which will be performed |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 2361 | * during the next call to mbedtls_ssl_read() if honored by |
| 2362 | * client. |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2363 | * |
| 2364 | * \param ssl SSL context |
| 2365 | * |
Aaron Jones | d96e526 | 2016-06-17 14:40:41 +0000 | [diff] [blame] | 2366 | * \return 0 if successful, or any mbedtls_ssl_handshake() return |
| 2367 | * value. |
Manuel Pégourié-Gonnard | acbb050 | 2015-12-10 13:57:27 +0100 | [diff] [blame] | 2368 | * |
| 2369 | * \note If this function returns something other than 0 or |
| 2370 | * MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context |
| 2371 | * becomes unusable, and you should either free it or call |
| 2372 | * \c mbedtls_ssl_session_reset() on it before re-using it for |
| 2373 | * a new connection; the current connection must be closed. |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2374 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2375 | int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ); |
| 2376 | #endif /* MBEDTLS_SSL_RENEGOTIATION */ |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2377 | |
| 2378 | /** |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2379 | * \brief Read at most 'len' application data bytes |
| 2380 | * |
| 2381 | * \param ssl SSL context |
| 2382 | * \param buf buffer that will hold the data |
Paul Bakker | 9e4ff95 | 2014-09-24 11:13:11 +0200 | [diff] [blame] | 2383 | * \param len maximum number of bytes to read |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2384 | * |
Manuel Pégourié-Gonnard | 81abefd | 2015-05-29 12:53:47 +0200 | [diff] [blame] | 2385 | * \return the number of bytes read, or |
| 2386 | * 0 for EOF, or |
Manuel Pégourié-Gonnard | 3a2a448 | 2015-09-08 15:36:09 +0200 | [diff] [blame] | 2387 | * MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or |
| 2388 | * MBEDTLS_ERR_SSL_CLIENT_RECONNECT (see below), or |
| 2389 | * another negative error code. |
| 2390 | * |
Manuel Pégourié-Gonnard | acbb050 | 2015-12-10 13:57:27 +0100 | [diff] [blame] | 2391 | * \note If this function returns something other than a positive |
| 2392 | * value or MBEDTLS_ERR_SSL_WANT_READ/WRITE or |
| 2393 | * MBEDTLS_ERR_SSL_CLIENT_RECONNECT, then the ssl context |
| 2394 | * becomes unusable, and you should either free it or call |
| 2395 | * \c mbedtls_ssl_session_reset() on it before re-using it for |
| 2396 | * a new connection; the current connection must be closed. |
| 2397 | * |
Manuel Pégourié-Gonnard | 3a2a448 | 2015-09-08 15:36:09 +0200 | [diff] [blame] | 2398 | * \note When this function return MBEDTLS_ERR_SSL_CLIENT_RECONNECT |
| 2399 | * (which can only happen server-side), it means that a client |
| 2400 | * is initiating a new connection using the same source port. |
| 2401 | * You can either treat that as a connection close and wait |
| 2402 | * for the client to resend a ClientHello, or directly |
| 2403 | * continue with \c mbedtls_ssl_handshake() with the same |
| 2404 | * context (as it has beeen reset internally). Either way, you |
| 2405 | * should make sure this is seen by the application as a new |
| 2406 | * connection: application state, if any, should be reset, and |
| 2407 | * most importantly the identity of the client must be checked |
| 2408 | * again. WARNING: not validating the identity of the client |
| 2409 | * again, or not transmitting the new identity to the |
| 2410 | * application layer, would allow authentication bypass! |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2411 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2412 | int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2413 | |
| 2414 | /** |
Manuel Pégourié-Gonnard | 5f5e0ec | 2015-08-31 20:44:12 +0200 | [diff] [blame] | 2415 | * \brief Try to write exactly 'len' application data bytes |
| 2416 | * |
| 2417 | * \warning This function will do partial writes in some cases. If the |
| 2418 | * return value is non-negative but less than length, the |
| 2419 | * function must be called again with updated arguments: |
| 2420 | * buf + ret, len - ret (if ret is the return value) until |
| 2421 | * it returns a value equal to the last 'len' argument. |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2422 | * |
| 2423 | * \param ssl SSL context |
| 2424 | * \param buf buffer holding the data |
| 2425 | * \param len how many bytes must be written |
| 2426 | * |
Manuel Pégourié-Gonnard | 5f5e0ec | 2015-08-31 20:44:12 +0200 | [diff] [blame] | 2427 | * \return the number of bytes actually written (may be less than len), |
| 2428 | * or MBEDTLS_ERR_SSL_WANT_WRITE of MBEDTLS_ERR_SSL_WANT_READ, |
| 2429 | * or another negative error code. |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2430 | * |
Manuel Pégourié-Gonnard | acbb050 | 2015-12-10 13:57:27 +0100 | [diff] [blame] | 2431 | * \note If this function returns something other than a positive |
| 2432 | * value or MBEDTLS_ERR_SSL_WANT_READ/WRITE, the ssl context |
| 2433 | * becomes unusable, and you should either free it or call |
| 2434 | * \c mbedtls_ssl_session_reset() on it before re-using it for |
| 2435 | * a new connection; the current connection must be closed. |
| 2436 | * |
Manuel Pégourié-Gonnard | 5f5e0ec | 2015-08-31 20:44:12 +0200 | [diff] [blame] | 2437 | * \note When this function returns MBEDTLS_ERR_SSL_WANT_WRITE/READ, |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2438 | * it must be called later with the *same* arguments, |
| 2439 | * until it returns a positive value. |
Manuel Pégourié-Gonnard | 37e08e1 | 2014-10-13 17:55:52 +0200 | [diff] [blame] | 2440 | * |
Manuel Pégourié-Gonnard | 8fbb01e | 2015-01-21 13:37:08 +0000 | [diff] [blame] | 2441 | * \note If the requested length is greater than the maximum |
| 2442 | * fragment length (either the built-in limit or the one set |
| 2443 | * or negotiated with the peer), then: |
Manuel Pégourié-Gonnard | 5f5e0ec | 2015-08-31 20:44:12 +0200 | [diff] [blame] | 2444 | * - with TLS, less bytes than requested are written. |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2445 | * - with DTLS, MBEDTLS_ERR_SSL_BAD_INPUT_DATA is returned. |
Manuel Pégourié-Gonnard | 5f5e0ec | 2015-08-31 20:44:12 +0200 | [diff] [blame] | 2446 | * \c mbedtls_ssl_get_max_frag_len() may be used to query the |
| 2447 | * active maximum fragment length. |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2448 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2449 | int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2450 | |
| 2451 | /** |
Paul Bakker | 0a92518 | 2012-04-16 06:46:41 +0000 | [diff] [blame] | 2452 | * \brief Send an alert message |
| 2453 | * |
| 2454 | * \param ssl SSL context |
| 2455 | * \param level The alert level of the message |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2456 | * (MBEDTLS_SSL_ALERT_LEVEL_WARNING or MBEDTLS_SSL_ALERT_LEVEL_FATAL) |
Paul Bakker | 0a92518 | 2012-04-16 06:46:41 +0000 | [diff] [blame] | 2457 | * \param message The alert message (SSL_ALERT_MSG_*) |
| 2458 | * |
Paul Bakker | 6831c4a | 2012-11-07 19:46:27 +0000 | [diff] [blame] | 2459 | * \return 0 if successful, or a specific SSL error code. |
Manuel Pégourié-Gonnard | acbb050 | 2015-12-10 13:57:27 +0100 | [diff] [blame] | 2460 | * |
| 2461 | * \note If this function returns something other than 0 or |
| 2462 | * MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context |
| 2463 | * becomes unusable, and you should either free it or call |
| 2464 | * \c mbedtls_ssl_session_reset() on it before re-using it for |
| 2465 | * a new connection; the current connection must be closed. |
Paul Bakker | 0a92518 | 2012-04-16 06:46:41 +0000 | [diff] [blame] | 2466 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2467 | int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, |
Paul Bakker | 0a92518 | 2012-04-16 06:46:41 +0000 | [diff] [blame] | 2468 | unsigned char level, |
| 2469 | unsigned char message ); |
| 2470 | /** |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2471 | * \brief Notify the peer that the connection is being closed |
Paul Bakker | 13e2dfe | 2009-07-28 07:18:38 +0000 | [diff] [blame] | 2472 | * |
| 2473 | * \param ssl SSL context |
Manuel Pégourié-Gonnard | acbb050 | 2015-12-10 13:57:27 +0100 | [diff] [blame] | 2474 | * |
| 2475 | * \return 0 if successful, or a specific SSL error code. |
| 2476 | * |
| 2477 | * \note If this function returns something other than 0 or |
| 2478 | * MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context |
| 2479 | * becomes unusable, and you should either free it or call |
| 2480 | * \c mbedtls_ssl_session_reset() on it before re-using it for |
| 2481 | * a new connection; the current connection must be closed. |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2482 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2483 | int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2484 | |
| 2485 | /** |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2486 | * \brief Free referenced items in an SSL context and clear memory |
Paul Bakker | 13e2dfe | 2009-07-28 07:18:38 +0000 | [diff] [blame] | 2487 | * |
| 2488 | * \param ssl SSL context |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2489 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2490 | void mbedtls_ssl_free( mbedtls_ssl_context *ssl ); |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2491 | |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2492 | /** |
Manuel Pégourié-Gonnard | cd523e2 | 2015-05-04 13:35:39 +0200 | [diff] [blame] | 2493 | * \brief Initialize an SSL configuration context |
| 2494 | * Just makes the context ready for |
Manuel Pégourié-Gonnard | 1b1e65f | 2015-06-11 13:29:15 +0200 | [diff] [blame] | 2495 | * mbedtls_ssl_config_defaults() or mbedtls_ssl_config_free(). |
Manuel Pégourié-Gonnard | cd523e2 | 2015-05-04 13:35:39 +0200 | [diff] [blame] | 2496 | * |
| 2497 | * \note You need to call mbedtls_ssl_config_defaults() unless you |
| 2498 | * manually set all of the relevent fields yourself. |
| 2499 | * |
| 2500 | * \param conf SSL configuration context |
| 2501 | */ |
| 2502 | void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ); |
| 2503 | |
| 2504 | /** |
| 2505 | * \brief Load reasonnable default SSL configuration values. |
| 2506 | * (You need to call mbedtls_ssl_config_init() first.) |
| 2507 | * |
| 2508 | * \param conf SSL configuration context |
Manuel Pégourié-Gonnard | 1b1e65f | 2015-06-11 13:29:15 +0200 | [diff] [blame] | 2509 | * \param endpoint MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER |
| 2510 | * \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or |
| 2511 | * MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS |
Manuel Pégourié-Gonnard | b31c5f6 | 2015-06-17 13:53:47 +0200 | [diff] [blame] | 2512 | * \param preset a MBEDTLS_SSL_PRESET_XXX value |
| 2513 | * (currently unused). |
Manuel Pégourié-Gonnard | cd523e2 | 2015-05-04 13:35:39 +0200 | [diff] [blame] | 2514 | * |
Manuel Pégourié-Gonnard | 6729e79 | 2015-05-11 09:50:24 +0200 | [diff] [blame] | 2515 | * \note See \c mbedtls_ssl_conf_transport() for notes on DTLS. |
Manuel Pégourié-Gonnard | 8620f73 | 2015-05-06 14:42:06 +0100 | [diff] [blame] | 2516 | * |
Manuel Pégourié-Gonnard | cd523e2 | 2015-05-04 13:35:39 +0200 | [diff] [blame] | 2517 | * \return 0 if successful, or |
Manuel Pégourié-Gonnard | 1b1e65f | 2015-06-11 13:29:15 +0200 | [diff] [blame] | 2518 | * MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error. |
Manuel Pégourié-Gonnard | cd523e2 | 2015-05-04 13:35:39 +0200 | [diff] [blame] | 2519 | */ |
Manuel Pégourié-Gonnard | 419d5ae | 2015-05-04 19:32:36 +0200 | [diff] [blame] | 2520 | int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, |
Manuel Pégourié-Gonnard | b31c5f6 | 2015-06-17 13:53:47 +0200 | [diff] [blame] | 2521 | int endpoint, int transport, int preset ); |
Manuel Pégourié-Gonnard | cd523e2 | 2015-05-04 13:35:39 +0200 | [diff] [blame] | 2522 | |
| 2523 | /** |
| 2524 | * \brief Free an SSL configuration context |
| 2525 | * |
| 2526 | * \param conf SSL configuration context |
| 2527 | */ |
| 2528 | void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ); |
| 2529 | |
| 2530 | /** |
Paul Bakker | accaffe | 2014-06-26 13:37:14 +0200 | [diff] [blame] | 2531 | * \brief Initialize SSL session structure |
| 2532 | * |
| 2533 | * \param session SSL session |
| 2534 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2535 | void mbedtls_ssl_session_init( mbedtls_ssl_session *session ); |
Paul Bakker | accaffe | 2014-06-26 13:37:14 +0200 | [diff] [blame] | 2536 | |
| 2537 | /** |
Paul Bakker | 0a59707 | 2012-09-25 21:55:46 +0000 | [diff] [blame] | 2538 | * \brief Free referenced items in an SSL session including the |
| 2539 | * peer certificate and clear memory |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2540 | * |
| 2541 | * \param session SSL session |
| 2542 | */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2543 | void mbedtls_ssl_session_free( mbedtls_ssl_session *session ); |
Paul Bakker | 48916f9 | 2012-09-16 19:57:18 +0000 | [diff] [blame] | 2544 | |
Paul Bakker | 5121ce5 | 2009-01-03 21:22:43 +0000 | [diff] [blame] | 2545 | #ifdef __cplusplus |
| 2546 | } |
| 2547 | #endif |
| 2548 | |
| 2549 | #endif /* ssl.h */ |