TLSv1 client (RFC 2246). More...
#include "includes.h"
#include "common.h"
#include "sha1.h"
#include "tls.h"
#include "tlsv1_common.h"
#include "tlsv1_record.h"
#include "tlsv1_client.h"
#include "tlsv1_client_i.h"
Go to the source code of this file.
Functions | |
void | tls_alert (struct tlsv1_client *conn, u8 level, u8 description) |
void | tlsv1_client_free_dh (struct tlsv1_client *conn) |
int | tls_derive_pre_master_secret (u8 *pre_master_secret) |
int | tls_derive_keys (struct tlsv1_client *conn, const u8 *pre_master_secret, size_t pre_master_secret_len) |
u8 * | tlsv1_client_handshake (struct tlsv1_client *conn, const u8 *in_data, size_t in_len, size_t *out_len, u8 **appl_data, size_t *appl_data_len) |
Process TLS handshake. | |
int | tlsv1_client_encrypt (struct tlsv1_client *conn, const u8 *in_data, size_t in_len, u8 *out_data, size_t out_len) |
Encrypt data into TLS tunnel. | |
int | tlsv1_client_decrypt (struct tlsv1_client *conn, const u8 *in_data, size_t in_len, u8 *out_data, size_t out_len) |
Decrypt data from TLS tunnel. | |
int | tlsv1_client_global_init (void) |
Initialize TLSv1 client. | |
void | tlsv1_client_global_deinit (void) |
Deinitialize TLSv1 client. | |
struct tlsv1_client * | tlsv1_client_init (void) |
Initialize TLSv1 client connection. | |
void | tlsv1_client_deinit (struct tlsv1_client *conn) |
Deinitialize TLSv1 client connection. | |
int | tlsv1_client_established (struct tlsv1_client *conn) |
Check whether connection has been established. | |
int | tlsv1_client_prf (struct tlsv1_client *conn, const char *label, int server_random_first, u8 *out, size_t out_len) |
Use TLS-PRF to derive keying material. | |
int | tlsv1_client_get_cipher (struct tlsv1_client *conn, char *buf, size_t buflen) |
Get current cipher name. | |
int | tlsv1_client_shutdown (struct tlsv1_client *conn) |
Shutdown TLS connection. | |
int | tlsv1_client_resumed (struct tlsv1_client *conn) |
Was session resumption used. | |
int | tlsv1_client_hello_ext (struct tlsv1_client *conn, int ext_type, const u8 *data, size_t data_len) |
Set TLS extension for ClientHello. | |
int | tlsv1_client_get_keys (struct tlsv1_client *conn, struct tls_keys *keys) |
Get master key and random data from TLS connection. | |
int | tlsv1_client_get_keyblock_size (struct tlsv1_client *conn) |
Get TLS key_block size. | |
int | tlsv1_client_set_cipher_list (struct tlsv1_client *conn, u8 *ciphers) |
Configure acceptable cipher suites. | |
int | tlsv1_client_set_cred (struct tlsv1_client *conn, struct tlsv1_credentials *cred) |
Set client credentials. | |
void | tlsv1_client_set_session_ticket_cb (struct tlsv1_client *conn, tlsv1_client_session_ticket_cb cb, void *ctx) |
TLSv1 client (RFC 2246).
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.
Alternatively, this software may be distributed under the terms of BSD license.
See README and COPYING for more details.
Definition in file tlsv1_client.c.
int tlsv1_client_decrypt | ( | struct tlsv1_client * | conn, | |
const u8 * | in_data, | |||
size_t | in_len, | |||
u8 * | out_data, | |||
size_t | out_len | |||
) |
Decrypt data from TLS tunnel.
conn | TLSv1 client connection data from tlsv1_client_init() | |
in_data | Pointer to input buffer (encrypted TLS data) | |
in_len | Input buffer length | |
out_data | Pointer to output buffer (decrypted data from TLS tunnel) | |
out_len | Maximum out_data length |
This function is used after TLS handshake has been completed successfully to receive data from the encrypted tunnel.
Definition at line 260 of file tlsv1_client.c.
void tlsv1_client_deinit | ( | struct tlsv1_client * | conn | ) |
Deinitialize TLSv1 client connection.
conn | TLSv1 client connection data from tlsv1_client_init() |
Definition at line 379 of file tlsv1_client.c.
int tlsv1_client_encrypt | ( | struct tlsv1_client * | conn, | |
const u8 * | in_data, | |||
size_t | in_len, | |||
u8 * | out_data, | |||
size_t | out_len | |||
) |
Encrypt data into TLS tunnel.
conn | TLSv1 client connection data from tlsv1_client_init() | |
in_data | Pointer to plaintext data to be encrypted | |
in_len | Input buffer length | |
out_data | Pointer to output buffer (encrypted TLS data) | |
out_len | Maximum out_data length |
This function is used after TLS handshake has been completed successfully to send data in the encrypted tunnel.
Definition at line 224 of file tlsv1_client.c.
int tlsv1_client_established | ( | struct tlsv1_client * | conn | ) |
Check whether connection has been established.
conn | TLSv1 client connection data from tlsv1_client_init() |
Definition at line 399 of file tlsv1_client.c.
int tlsv1_client_get_cipher | ( | struct tlsv1_client * | conn, | |
char * | buf, | |||
size_t | buflen | |||
) |
Get current cipher name.
conn | TLSv1 client connection data from tlsv1_client_init() | |
buf | Buffer for the cipher name | |
buflen | buf size |
Get the name of the currently used cipher.
Definition at line 449 of file tlsv1_client.c.
int tlsv1_client_get_keyblock_size | ( | struct tlsv1_client * | conn | ) |
Get TLS key_block size.
conn | TLSv1 client connection data from tlsv1_client_init() |
Definition at line 605 of file tlsv1_client.c.
int tlsv1_client_get_keys | ( | struct tlsv1_client * | conn, | |
struct tls_keys * | keys | |||
) |
Get master key and random data from TLS connection.
conn | TLSv1 client connection data from tlsv1_client_init() | |
keys | Structure of key/random data (filled on success) |
Definition at line 578 of file tlsv1_client.c.
void tlsv1_client_global_deinit | ( | void | ) |
Deinitialize TLSv1 client.
This function can be used to deinitialize the TLSv1 client that was initialized by calling tlsv1_client_global_init(). No TLSv1 client functions can be called after this before calling tlsv1_client_global_init() again.
Definition at line 329 of file tlsv1_client.c.
int tlsv1_client_global_init | ( | void | ) |
Initialize TLSv1 client.
This function must be called before using any other TLSv1 client functions.
Definition at line 315 of file tlsv1_client.c.
u8* tlsv1_client_handshake | ( | struct tlsv1_client * | conn, | |
const u8 * | in_data, | |||
size_t | in_len, | |||
size_t * | out_len, | |||
u8 ** | appl_data, | |||
size_t * | appl_data_len | |||
) |
Process TLS handshake.
conn | TLSv1 client connection data from tlsv1_client_init() | |
in_data | Input data from TLS peer | |
in_len | Input data length | |
out_len | Length of the output buffer. | |
appl_data | Pointer to application data pointer, or NULL if dropped | |
appl_data_len | Pointer to variable that is set to appl_data length |
Definition at line 133 of file tlsv1_client.c.
int tlsv1_client_hello_ext | ( | struct tlsv1_client * | conn, | |
int | ext_type, | |||
const u8 * | data, | |||
size_t | data_len | |||
) |
Set TLS extension for ClientHello.
conn | TLSv1 client connection data from tlsv1_client_init() | |
ext_type | Extension type | |
data | Extension payload (NULL to remove extension) | |
data_len | Extension payload length |
Definition at line 536 of file tlsv1_client.c.
struct tlsv1_client* tlsv1_client_init | ( | void | ) | [read] |
Initialize TLSv1 client connection.
Definition at line 340 of file tlsv1_client.c.
int tlsv1_client_prf | ( | struct tlsv1_client * | conn, | |
const char * | label, | |||
int | server_random_first, | |||
u8 * | out, | |||
size_t | out_len | |||
) |
Use TLS-PRF to derive keying material.
conn | TLSv1 client connection data from tlsv1_client_init() | |
label | Label (e.g., description of the key) for PRF | |
server_random_first | seed is 0 = client_random|server_random, 1 = server_random|client_random | |
out | Buffer for output data from TLS-PRF | |
out_len | Length of the output buffer |
Definition at line 416 of file tlsv1_client.c.
int tlsv1_client_resumed | ( | struct tlsv1_client * | conn | ) |
Was session resumption used.
conn | TLSv1 client connection data from tlsv1_client_init() |
Definition at line 521 of file tlsv1_client.c.
int tlsv1_client_set_cipher_list | ( | struct tlsv1_client * | conn, | |
u8 * | ciphers | |||
) |
Configure acceptable cipher suites.
conn | TLSv1 client connection data from tlsv1_client_init() | |
ciphers | Zero (TLS_CIPHER_NONE) terminated list of allowed ciphers (TLS_CIPHER_*). |
Definition at line 623 of file tlsv1_client.c.
int tlsv1_client_set_cred | ( | struct tlsv1_client * | conn, | |
struct tlsv1_credentials * | cred | |||
) |
Set client credentials.
conn | TLSv1 client connection data from tlsv1_client_init() | |
cred | Credentials from tlsv1_cred_alloc() |
On success, the client takes ownership of the credentials block and caller must not free it. On failure, caller is responsible for freeing the credential block.
Definition at line 672 of file tlsv1_client.c.
int tlsv1_client_shutdown | ( | struct tlsv1_client * | conn | ) |
Shutdown TLS connection.
conn | TLSv1 client connection data from tlsv1_client_init() |
Definition at line 492 of file tlsv1_client.c.