|
wpa_supplicant / hostapd
2.5
|
|
wpa_supplicant / hostapd
2.5
|
TLS v1.0/v1.1/v1.2 client (RFC 2246, RFC 4346, RFC 5246) More...
#include "tlsv1_cred.h"Go to the source code of this file.
Typedefs | |
| typedef int(* | tlsv1_client_session_ticket_cb )(void *ctx, const u8 *ticket, size_t len, const u8 *client_random, const u8 *server_random, u8 *master_secret) |
Functions | |
| int | tlsv1_client_global_init (void) |
| Initialize TLSv1 client. More... | |
| void | tlsv1_client_global_deinit (void) |
| Deinitialize TLSv1 client. More... | |
| struct tlsv1_client * | tlsv1_client_init (void) |
| Initialize TLSv1 client connection. More... | |
| void | tlsv1_client_deinit (struct tlsv1_client *conn) |
| Deinitialize TLSv1 client connection. More... | |
| int | tlsv1_client_established (struct tlsv1_client *conn) |
| Check whether connection has been established. More... | |
| int | tlsv1_client_prf (struct tlsv1_client *conn, const char *label, int server_random_first, u8 *out, size_t out_len) |
| Use TLS-PRF to derive keying material. More... | |
| u8 * | tlsv1_client_handshake (struct tlsv1_client *conn, const u8 *in_data, size_t in_len, size_t *out_len, u8 **appl_data, size_t *appl_data_len, int *need_more_data) |
| Process TLS handshake. More... | |
| int | tlsv1_client_encrypt (struct tlsv1_client *conn, const u8 *in_data, size_t in_len, u8 *out_data, size_t out_len) |
| Encrypt data into TLS tunnel. More... | |
| struct wpabuf * | tlsv1_client_decrypt (struct tlsv1_client *conn, const u8 *in_data, size_t in_len, int *need_more_data) |
| Decrypt data from TLS tunnel. More... | |
| int | tlsv1_client_get_cipher (struct tlsv1_client *conn, char *buf, size_t buflen) |
| Get current cipher name. More... | |
| int | tlsv1_client_shutdown (struct tlsv1_client *conn) |
| Shutdown TLS connection. More... | |
| int | tlsv1_client_resumed (struct tlsv1_client *conn) |
| Was session resumption used. More... | |
| int | tlsv1_client_hello_ext (struct tlsv1_client *conn, int ext_type, const u8 *data, size_t data_len) |
| Set TLS extension for ClientHello. More... | |
| int | tlsv1_client_get_random (struct tlsv1_client *conn, struct tls_random *data) |
| Get random data from TLS connection. More... | |
| int | tlsv1_client_get_keyblock_size (struct tlsv1_client *conn) |
| Get TLS key_block size. More... | |
| int | tlsv1_client_set_cipher_list (struct tlsv1_client *conn, u8 *ciphers) |
| Configure acceptable cipher suites. More... | |
| int | tlsv1_client_set_cred (struct tlsv1_client *conn, struct tlsv1_credentials *cred) |
| Set client credentials. More... | |
| void | tlsv1_client_set_time_checks (struct tlsv1_client *conn, int enabled) |
| void | tlsv1_client_set_session_ticket_cb (struct tlsv1_client *conn, tlsv1_client_session_ticket_cb cb, void *ctx) |
TLS v1.0/v1.1/v1.2 client (RFC 2246, RFC 4346, RFC 5246)
| struct wpabuf* tlsv1_client_decrypt | ( | struct tlsv1_client * | conn, |
| const u8 * | in_data, | ||
| size_t | in_len, | ||
| int * | need_more_data | ||
| ) |
Decrypt data from TLS tunnel.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| in_data | Pointer to input buffer (encrypted TLS data) |
| in_len | Input buffer length |
| need_more_data | Set to 1 if more data would be needed to complete processing |
This function is used after TLS handshake has been completed successfully to receive data from the encrypted tunnel.
| void tlsv1_client_deinit | ( | struct tlsv1_client * | conn | ) |
Deinitialize TLSv1 client connection.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| int tlsv1_client_encrypt | ( | struct tlsv1_client * | conn, |
| const u8 * | in_data, | ||
| size_t | in_len, | ||
| u8 * | out_data, | ||
| size_t | out_len | ||
| ) |
Encrypt data into TLS tunnel.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| in_data | Pointer to plaintext data to be encrypted |
| in_len | Input buffer length |
| out_data | Pointer to output buffer (encrypted TLS data) |
| out_len | Maximum out_data length |
This function is used after TLS handshake has been completed successfully to send data in the encrypted tunnel.
| int tlsv1_client_established | ( | struct tlsv1_client * | conn | ) |
Check whether connection has been established.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| int tlsv1_client_get_cipher | ( | struct tlsv1_client * | conn, |
| char * | buf, | ||
| size_t | buflen | ||
| ) |
Get current cipher name.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| buf | Buffer for the cipher name |
| buflen | buf size |
Get the name of the currently used cipher.
| int tlsv1_client_get_keyblock_size | ( | struct tlsv1_client * | conn | ) |
Get TLS key_block size.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| int tlsv1_client_get_random | ( | struct tlsv1_client * | conn, |
| struct tls_random * | keys | ||
| ) |
Get random data from TLS connection.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| keys | Structure of random data (filled on success) |
| void tlsv1_client_global_deinit | ( | void | ) |
Deinitialize TLSv1 client.
This function can be used to deinitialize the TLSv1 client that was initialized by calling tlsv1_client_global_init(). No TLSv1 client functions can be called after this before calling tlsv1_client_global_init() again.
| int tlsv1_client_global_init | ( | void | ) |
Initialize TLSv1 client.
This function must be called before using any other TLSv1 client functions.
| u8* tlsv1_client_handshake | ( | struct tlsv1_client * | conn, |
| const u8 * | in_data, | ||
| size_t | in_len, | ||
| size_t * | out_len, | ||
| u8 ** | appl_data, | ||
| size_t * | appl_data_len, | ||
| int * | need_more_data | ||
| ) |
Process TLS handshake.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| in_data | Input data from TLS peer |
| in_len | Input data length |
| out_len | Length of the output buffer. |
| appl_data | Pointer to application data pointer, or NULL if dropped |
| appl_data_len | Pointer to variable that is set to appl_data length |
| need_more_data | Set to 1 if more data would be needed to complete processing |
| int tlsv1_client_hello_ext | ( | struct tlsv1_client * | conn, |
| int | ext_type, | ||
| const u8 * | data, | ||
| size_t | data_len | ||
| ) |
Set TLS extension for ClientHello.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| ext_type | Extension type |
| data | Extension payload (NULL to remove extension) |
| data_len | Extension payload length |
| struct tlsv1_client* tlsv1_client_init | ( | void | ) |
Initialize TLSv1 client connection.
| int tlsv1_client_prf | ( | struct tlsv1_client * | conn, |
| const char * | label, | ||
| int | server_random_first, | ||
| u8 * | out, | ||
| size_t | out_len | ||
| ) |
Use TLS-PRF to derive keying material.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| label | Label (e.g., description of the key) for PRF |
| server_random_first | seed is 0 = client_random|server_random, 1 = server_random|client_random |
| out | Buffer for output data from TLS-PRF |
| out_len | Length of the output buffer |
| int tlsv1_client_resumed | ( | struct tlsv1_client * | conn | ) |
Was session resumption used.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| int tlsv1_client_set_cipher_list | ( | struct tlsv1_client * | conn, |
| u8 * | ciphers | ||
| ) |
Configure acceptable cipher suites.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| ciphers | Zero (TLS_CIPHER_NONE) terminated list of allowed ciphers (TLS_CIPHER_*). |
| int tlsv1_client_set_cred | ( | struct tlsv1_client * | conn, |
| struct tlsv1_credentials * | cred | ||
| ) |
Set client credentials.
| conn | TLSv1 client connection data from tlsv1_client_init() |
| cred | Credentials from tlsv1_cred_alloc() |
On success, the client takes ownership of the credentials block and caller must not free it. On failure, caller is responsible for freeing the credential block.
| int tlsv1_client_shutdown | ( | struct tlsv1_client * | conn | ) |
Shutdown TLS connection.
| conn | TLSv1 client connection data from tlsv1_client_init() |
1.8.6