TLSv1 server (RFC 2246). More...
#include "tlsv1_cred.h"
Go to the source code of this file.
Typedefs | |
typedef int(* | tlsv1_server_session_ticket_cb )(void *ctx, const u8 *ticket, size_t len, const u8 *client_random, const u8 *server_random, u8 *master_secret) |
Functions | |
int | tlsv1_server_global_init (void) |
Initialize TLSv1 server. | |
void | tlsv1_server_global_deinit (void) |
Deinitialize TLSv1 server. | |
struct tlsv1_server * | tlsv1_server_init (struct tlsv1_credentials *cred) |
Initialize TLSv1 server connection. | |
void | tlsv1_server_deinit (struct tlsv1_server *conn) |
Deinitialize TLSv1 server connection. | |
int | tlsv1_server_established (struct tlsv1_server *conn) |
Check whether connection has been established. | |
int | tlsv1_server_prf (struct tlsv1_server *conn, const char *label, int server_random_first, u8 *out, size_t out_len) |
Use TLS-PRF to derive keying material. | |
u8 * | tlsv1_server_handshake (struct tlsv1_server *conn, const u8 *in_data, size_t in_len, size_t *out_len) |
Process TLS handshake. | |
int | tlsv1_server_encrypt (struct tlsv1_server *conn, const u8 *in_data, size_t in_len, u8 *out_data, size_t out_len) |
Encrypt data into TLS tunnel. | |
int | tlsv1_server_decrypt (struct tlsv1_server *conn, const u8 *in_data, size_t in_len, u8 *out_data, size_t out_len) |
Decrypt data from TLS tunnel. | |
int | tlsv1_server_get_cipher (struct tlsv1_server *conn, char *buf, size_t buflen) |
Get current cipher name. | |
int | tlsv1_server_shutdown (struct tlsv1_server *conn) |
Shutdown TLS connection. | |
int | tlsv1_server_resumed (struct tlsv1_server *conn) |
Was session resumption used. | |
int | tlsv1_server_get_keys (struct tlsv1_server *conn, struct tls_keys *keys) |
Get master key and random data from TLS connection. | |
int | tlsv1_server_get_keyblock_size (struct tlsv1_server *conn) |
Get TLS key_block size. | |
int | tlsv1_server_set_cipher_list (struct tlsv1_server *conn, u8 *ciphers) |
Configure acceptable cipher suites. | |
int | tlsv1_server_set_verify (struct tlsv1_server *conn, int verify_peer) |
void | tlsv1_server_set_session_ticket_cb (struct tlsv1_server *conn, tlsv1_server_session_ticket_cb cb, void *ctx) |
TLSv1 server (RFC 2246).
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.
Alternatively, this software may be distributed under the terms of BSD license.
See README and COPYING for more details.
Definition in file tlsv1_server.h.
int tlsv1_server_decrypt | ( | struct tlsv1_server * | conn, | |
const u8 * | in_data, | |||
size_t | in_len, | |||
u8 * | out_data, | |||
size_t | out_len | |||
) |
Decrypt data from TLS tunnel.
conn | TLSv1 server connection data from tlsv1_server_init() | |
in_data | Pointer to input buffer (encrypted TLS data) | |
in_len | Input buffer length | |
out_data | Pointer to output buffer (decrypted data from TLS tunnel) | |
out_len | Maximum out_data length |
This function is used after TLS handshake has been completed successfully to receive data from the encrypted tunnel.
Definition at line 234 of file tlsv1_server.c.
void tlsv1_server_deinit | ( | struct tlsv1_server * | conn | ) |
Deinitialize TLSv1 server connection.
conn | TLSv1 server connection data from tlsv1_server_init() |
Definition at line 377 of file tlsv1_server.c.
int tlsv1_server_encrypt | ( | struct tlsv1_server * | conn, | |
const u8 * | in_data, | |||
size_t | in_len, | |||
u8 * | out_data, | |||
size_t | out_len | |||
) |
Encrypt data into TLS tunnel.
conn | TLSv1 server connection data from tlsv1_server_init() | |
in_data | Pointer to plaintext data to be encrypted | |
in_len | Input buffer length | |
out_data | Pointer to output buffer (encrypted TLS data) | |
out_len | Maximum out_data length |
This function is used after TLS handshake has been completed successfully to send data in the encrypted tunnel.
Definition at line 198 of file tlsv1_server.c.
int tlsv1_server_established | ( | struct tlsv1_server * | conn | ) |
Check whether connection has been established.
conn | TLSv1 server connection data from tlsv1_server_init() |
Definition at line 390 of file tlsv1_server.c.
int tlsv1_server_get_cipher | ( | struct tlsv1_server * | conn, | |
char * | buf, | |||
size_t | buflen | |||
) |
Get current cipher name.
conn | TLSv1 server connection data from tlsv1_server_init() | |
buf | Buffer for the cipher name | |
buflen | buf size |
Get the name of the currently used cipher.
Definition at line 440 of file tlsv1_server.c.
int tlsv1_server_get_keyblock_size | ( | struct tlsv1_server * | conn | ) |
Get TLS key_block size.
conn | TLSv1 server connection data from tlsv1_server_init() |
Definition at line 545 of file tlsv1_server.c.
int tlsv1_server_get_keys | ( | struct tlsv1_server * | conn, | |
struct tls_keys * | keys | |||
) |
Get master key and random data from TLS connection.
conn | TLSv1 server connection data from tlsv1_server_init() | |
keys | Structure of key/random data (filled on success) |
Definition at line 518 of file tlsv1_server.c.
void tlsv1_server_global_deinit | ( | void | ) |
Deinitialize TLSv1 server.
This function can be used to deinitialize the TLSv1 server that was initialized by calling tlsv1_server_global_init(). No TLSv1 server functions can be called after this before calling tlsv1_server_global_init() again.
Definition at line 303 of file tlsv1_server.c.
int tlsv1_server_global_init | ( | void | ) |
Initialize TLSv1 server.
This function must be called before using any other TLSv1 server functions.
Definition at line 289 of file tlsv1_server.c.
u8* tlsv1_server_handshake | ( | struct tlsv1_server * | conn, | |
const u8 * | in_data, | |||
size_t | in_len, | |||
size_t * | out_len | |||
) |
Process TLS handshake.
conn | TLSv1 server connection data from tlsv1_server_init() | |
in_data | Input data from TLS peer | |
in_len | Input data length | |
out_len | Length of the output buffer. |
Definition at line 113 of file tlsv1_server.c.
struct tlsv1_server* tlsv1_server_init | ( | struct tlsv1_credentials * | cred | ) | [read] |
Initialize TLSv1 server connection.
cred | Pointer to server credentials from tlsv1_server_cred_alloc() |
Definition at line 315 of file tlsv1_server.c.
int tlsv1_server_prf | ( | struct tlsv1_server * | conn, | |
const char * | label, | |||
int | server_random_first, | |||
u8 * | out, | |||
size_t | out_len | |||
) |
Use TLS-PRF to derive keying material.
conn | TLSv1 server connection data from tlsv1_server_init() | |
label | Label (e.g., description of the key) for PRF | |
server_random_first | seed is 0 = client_random|server_random, 1 = server_random|client_random | |
out | Buffer for output data from TLS-PRF | |
out_len | Length of the output buffer |
Definition at line 407 of file tlsv1_server.c.
int tlsv1_server_resumed | ( | struct tlsv1_server * | conn | ) |
Was session resumption used.
conn | TLSv1 server connection data from tlsv1_server_init() |
Definition at line 505 of file tlsv1_server.c.
int tlsv1_server_set_cipher_list | ( | struct tlsv1_server * | conn, | |
u8 * | ciphers | |||
) |
Configure acceptable cipher suites.
conn | TLSv1 server connection data from tlsv1_server_init() | |
ciphers | Zero (TLS_CIPHER_NONE) terminated list of allowed ciphers (TLS_CIPHER_*). |
Definition at line 563 of file tlsv1_server.c.
int tlsv1_server_shutdown | ( | struct tlsv1_server * | conn | ) |
Shutdown TLS connection.
conn | TLSv1 server connection data from tlsv1_server_init() |
Definition at line 483 of file tlsv1_server.c.