SSL/TLS functions.
Copyright (C) 2006-2015, ARM Limited, All Rights Reserved SPDX-License-Identifier: Apache-2.0
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
This file is part of mbed TLS (https://tls.mbed.org)
Definition in file ssl.h.
|
#define | MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 |
| The requested feature is not available. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 |
| Bad input parameters to function. More...
|
|
#define | MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 |
| Verification of the message MAC failed. More...
|
|
#define | MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 |
| An invalid SSL record was received. More...
|
|
#define | MBEDTLS_ERR_SSL_CONN_EOF -0x7280 |
| The connection indicated an EOF. More...
|
|
#define | MBEDTLS_ERR_SSL_UNKNOWN_CIPHER -0x7300 |
| An unknown cipher was received. More...
|
|
#define | MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 |
| The server has no ciphersuites in common with the client. More...
|
|
#define | MBEDTLS_ERR_SSL_NO_RNG -0x7400 |
| No RNG was provided to the SSL module. More...
|
|
#define | MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 |
| No client certification received from the client, but required by the authentication mode. More...
|
|
#define | MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 |
| Our own certificate(s) is/are too large to send in an SSL message. More...
|
|
#define | MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 |
| The own certificate is not set, but needed by the server. More...
|
|
#define | MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 |
| The own private key or pre-shared key is not set, but needed. More...
|
|
#define | MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 |
| No CA Chain is set, but required to operate. More...
|
|
#define | MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 |
| An unexpected message was received from our peer. More...
|
|
#define | MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 |
| A fatal alert message was received from our peer. More...
|
|
#define | MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED -0x7800 |
| Verification of our peer failed. More...
|
|
#define | MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 |
| The peer notified us that the connection is going to be closed. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 |
| Processing of the ClientHello handshake message failed. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 |
| Processing of the ServerHello handshake message failed. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 |
| Processing of the Certificate handshake message failed. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 |
| Processing of the CertificateRequest handshake message failed. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 |
| Processing of the ServerKeyExchange handshake message failed. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 |
| Processing of the ServerHelloDone handshake message failed. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 |
| Processing of the ClientKeyExchange handshake message failed. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 |
| Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 |
| Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 |
| Processing of the CertificateVerify handshake message failed. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 |
| Processing of the ChangeCipherSpec handshake message failed. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 |
| Processing of the Finished handshake message failed. More...
|
|
#define | MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 |
| Memory allocation failed. More...
|
|
#define | MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 |
| Hardware acceleration function returned with error. More...
|
|
#define | MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 |
| Hardware acceleration function skipped / left alone data. More...
|
|
#define | MBEDTLS_ERR_SSL_COMPRESSION_FAILED -0x6F00 |
| Processing of the compression / decompression failed. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 |
| Handshake protocol not within min/max boundaries. More...
|
|
#define | MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 |
| Processing of the NewSessionTicket handshake message failed. More...
|
|
#define | MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 |
| Session ticket has expired. More...
|
|
#define | MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 |
| Public key type mismatch (eg, asked for RSA key exchange and presented EC key) More...
|
|
#define | MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 |
| Unknown identity received (eg, PSK identity) More...
|
|
#define | MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00 |
| Internal error (eg, unexpected failure in lower-level module) More...
|
|
#define | MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80 |
| A counter would wrap (eg, too many messages exchanged). More...
|
|
#define | MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 |
| Unexpected message at ServerHello in renegotiation. More...
|
|
#define | MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 |
| DTLS client must retry for hello verification. More...
|
|
#define | MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 |
| A buffer is too small to receive or write a message. More...
|
|
#define | MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980 |
| None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). More...
|
|
#define | MBEDTLS_ERR_SSL_WANT_READ -0x6900 |
| Connection requires a read call. More...
|
|
#define | MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 |
| Connection requires a write call. More...
|
|
#define | MBEDTLS_ERR_SSL_TIMEOUT -0x6800 |
| The operation timed out. More...
|
|
#define | MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 |
| The client initiated a reconnect from the same port. More...
|
|
#define | MBEDTLS_SSL_MAJOR_VERSION_3 3 |
|
#define | MBEDTLS_SSL_MINOR_VERSION_0 0 |
|
#define | MBEDTLS_SSL_MINOR_VERSION_1 1 |
|
#define | MBEDTLS_SSL_MINOR_VERSION_2 2 |
|
#define | MBEDTLS_SSL_MINOR_VERSION_3 3 |
|
#define | MBEDTLS_SSL_TRANSPORT_STREAM 0 |
|
#define | MBEDTLS_SSL_TRANSPORT_DATAGRAM 1 |
|
#define | MBEDTLS_SSL_MAX_HOST_NAME_LEN 255 |
|
#define | MBEDTLS_SSL_MAX_FRAG_LEN_NONE 0 |
|
#define | MBEDTLS_SSL_MAX_FRAG_LEN_512 1 |
|
#define | MBEDTLS_SSL_MAX_FRAG_LEN_1024 2 |
|
#define | MBEDTLS_SSL_MAX_FRAG_LEN_2048 3 |
|
#define | MBEDTLS_SSL_MAX_FRAG_LEN_4096 4 |
|
#define | MBEDTLS_SSL_MAX_FRAG_LEN_INVALID 5 |
|
#define | MBEDTLS_SSL_IS_CLIENT 0 |
|
#define | MBEDTLS_SSL_IS_SERVER 1 |
|
#define | MBEDTLS_SSL_IS_NOT_FALLBACK 0 |
|
#define | MBEDTLS_SSL_IS_FALLBACK 1 |
|
#define | MBEDTLS_SSL_EXTENDED_MS_DISABLED 0 |
|
#define | MBEDTLS_SSL_EXTENDED_MS_ENABLED 1 |
|
#define | MBEDTLS_SSL_ETM_DISABLED 0 |
|
#define | MBEDTLS_SSL_ETM_ENABLED 1 |
|
#define | MBEDTLS_SSL_COMPRESS_NULL 0 |
|
#define | MBEDTLS_SSL_COMPRESS_DEFLATE 1 |
|
#define | MBEDTLS_SSL_VERIFY_NONE 0 |
|
#define | MBEDTLS_SSL_VERIFY_OPTIONAL 1 |
|
#define | MBEDTLS_SSL_VERIFY_REQUIRED 2 |
|
#define | MBEDTLS_SSL_VERIFY_UNSET 3 /* Used only for sni_authmode */ |
|
#define | MBEDTLS_SSL_LEGACY_RENEGOTIATION 0 |
|
#define | MBEDTLS_SSL_SECURE_RENEGOTIATION 1 |
|
#define | MBEDTLS_SSL_RENEGOTIATION_DISABLED 0 |
|
#define | MBEDTLS_SSL_RENEGOTIATION_ENABLED 1 |
|
#define | MBEDTLS_SSL_ANTI_REPLAY_DISABLED 0 |
|
#define | MBEDTLS_SSL_ANTI_REPLAY_ENABLED 1 |
|
#define | MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED -1 |
|
#define | MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT 16 |
|
#define | MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION 0 |
|
#define | MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION 1 |
|
#define | MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE 2 |
|
#define | MBEDTLS_SSL_TRUNC_HMAC_DISABLED 0 |
|
#define | MBEDTLS_SSL_TRUNC_HMAC_ENABLED 1 |
|
#define | MBEDTLS_SSL_TRUNCATED_HMAC_LEN 10 /* 80 bits, rfc 6066 section 7 */ |
|
#define | MBEDTLS_SSL_SESSION_TICKETS_DISABLED 0 |
|
#define | MBEDTLS_SSL_SESSION_TICKETS_ENABLED 1 |
|
#define | MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED 0 |
|
#define | MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED 1 |
|
#define | MBEDTLS_SSL_ARC4_ENABLED 0 |
|
#define | MBEDTLS_SSL_ARC4_DISABLED 1 |
|
#define | MBEDTLS_SSL_PRESET_DEFAULT 0 |
|
#define | MBEDTLS_SSL_PRESET_SUITEB 2 |
|
#define | MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN 1000 |
|
#define | MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX 60000 |
|
#define | MBEDTLS_SSL_VERIFY_DATA_MAX_LEN 12 |
|
#define | MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO 0xFF |
| renegotiation info ext More...
|
|
#define | MBEDTLS_SSL_FALLBACK_SCSV_VALUE 0x5600 |
| draft-ietf-tls-downgrade-scsv-00 More...
|
|
#define | MBEDTLS_SSL_HASH_NONE 0 |
|
#define | MBEDTLS_SSL_HASH_MD5 1 |
|
#define | MBEDTLS_SSL_HASH_SHA1 2 |
|
#define | MBEDTLS_SSL_HASH_SHA224 3 |
|
#define | MBEDTLS_SSL_HASH_SHA256 4 |
|
#define | MBEDTLS_SSL_HASH_SHA384 5 |
|
#define | MBEDTLS_SSL_HASH_SHA512 6 |
|
#define | MBEDTLS_SSL_SIG_ANON 0 |
|
#define | MBEDTLS_SSL_SIG_RSA 1 |
|
#define | MBEDTLS_SSL_SIG_ECDSA 3 |
|
#define | MBEDTLS_SSL_CERT_TYPE_RSA_SIGN 1 |
|
#define | MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN 64 |
|
#define | MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC 20 |
|
#define | MBEDTLS_SSL_MSG_ALERT 21 |
|
#define | MBEDTLS_SSL_MSG_HANDSHAKE 22 |
|
#define | MBEDTLS_SSL_MSG_APPLICATION_DATA 23 |
|
#define | MBEDTLS_SSL_ALERT_LEVEL_WARNING 1 |
|
#define | MBEDTLS_SSL_ALERT_LEVEL_FATAL 2 |
|
#define | MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK 86 /* 0x56 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY 115 /* 0x73 */ |
|
#define | MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL 120 /* 0x78 */ |
|
#define | MBEDTLS_SSL_HS_HELLO_REQUEST 0 |
|
#define | MBEDTLS_SSL_HS_CLIENT_HELLO 1 |
|
#define | MBEDTLS_SSL_HS_SERVER_HELLO 2 |
|
#define | MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST 3 |
|
#define | MBEDTLS_SSL_HS_NEW_SESSION_TICKET 4 |
|
#define | MBEDTLS_SSL_HS_CERTIFICATE 11 |
|
#define | MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE 12 |
|
#define | MBEDTLS_SSL_HS_CERTIFICATE_REQUEST 13 |
|
#define | MBEDTLS_SSL_HS_SERVER_HELLO_DONE 14 |
|
#define | MBEDTLS_SSL_HS_CERTIFICATE_VERIFY 15 |
|
#define | MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE 16 |
|
#define | MBEDTLS_SSL_HS_FINISHED 20 |
|
#define | MBEDTLS_TLS_EXT_SERVERNAME 0 |
|
#define | MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME 0 |
|
#define | MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH 1 |
|
#define | MBEDTLS_TLS_EXT_TRUNCATED_HMAC 4 |
|
#define | MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10 |
|
#define | MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS 11 |
|
#define | MBEDTLS_TLS_EXT_SIG_ALG 13 |
|
#define | MBEDTLS_TLS_EXT_ALPN 16 |
|
#define | MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ |
|
#define | MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */ |
|
#define | MBEDTLS_TLS_EXT_SESSION_TICKET 35 |
|
#define | MBEDTLS_TLS_EXT_ECJPAKE_KKPP 256 /* experimental */ |
|
#define | MBEDTLS_TLS_EXT_RENEGOTIATION_INFO 0xFF01 |
|
#define | MBEDTLS_PSK_MAX_LEN 32 /* 256 bits */ |
|
#define | MBEDTLS_PREMASTER_SIZE sizeof( union mbedtls_ssl_premaster_secret ) |
|
|
The configuration options you can set for this module are in this section.
Either change them in config.h or define them on the compiler command line.
|
#define | MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 |
| Lifetime of session tickets (if enabled) More...
|
|
#define | MBEDTLS_SSL_MAX_CONTENT_LEN 16384 |
| Size of the input / output buffer. More...
|
|
|
const int * | mbedtls_ssl_list_ciphersuites (void) |
| Returns the list of ciphersuites supported by the SSL/TLS module. More...
|
|
const char * | mbedtls_ssl_get_ciphersuite_name (const int ciphersuite_id) |
| Return the name of the ciphersuite associated with the given ID. More...
|
|
int | mbedtls_ssl_get_ciphersuite_id (const char *ciphersuite_name) |
| Return the ID of the ciphersuite associated with the given name. More...
|
|
void | mbedtls_ssl_init (mbedtls_ssl_context *ssl) |
| Initialize an SSL context Just makes the context ready for mbedtls_ssl_setup() or mbedtls_ssl_free() More...
|
|
int | mbedtls_ssl_setup (mbedtls_ssl_context *ssl, const mbedtls_ssl_config *conf) |
| Set up an SSL context for use. More...
|
|
int | mbedtls_ssl_session_reset (mbedtls_ssl_context *ssl) |
| Reset an already initialized SSL context for re-use while retaining application-set variables, function pointers and data. More...
|
|
void | mbedtls_ssl_conf_endpoint (mbedtls_ssl_config *conf, int endpoint) |
| Set the current endpoint type. More...
|
|
void | mbedtls_ssl_conf_transport (mbedtls_ssl_config *conf, int transport) |
| Set the transport type (TLS or DTLS). More...
|
|
void | mbedtls_ssl_conf_authmode (mbedtls_ssl_config *conf, int authmode) |
| Set the certificate verification mode Default: NONE on server, REQUIRED on client. More...
|
|
void | mbedtls_ssl_conf_rng (mbedtls_ssl_config *conf, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
| Set the random number generator callback. More...
|
|
void | mbedtls_ssl_conf_dbg (mbedtls_ssl_config *conf, void(*f_dbg)(void *, int, const char *, int, const char *), void *p_dbg) |
| Set the debug callback. More...
|
|
void | mbedtls_ssl_set_bio (mbedtls_ssl_context *ssl, void *p_bio, int(*f_send)(void *, const unsigned char *, size_t), int(*f_recv)(void *, unsigned char *, size_t), int(*f_recv_timeout)(void *, unsigned char *, size_t, uint32_t)) |
| Set the underlying BIO callbacks for write, read and read-with-timeout. More...
|
|
void | mbedtls_ssl_conf_read_timeout (mbedtls_ssl_config *conf, uint32_t timeout) |
| Set the timeout period for mbedtls_ssl_read() (Default: no timeout.) More...
|
|
void | mbedtls_ssl_set_timer_cb (mbedtls_ssl_context *ssl, void *p_timer, void(*f_set_timer)(void *, uint32_t int_ms, uint32_t fin_ms), int(*f_get_timer)(void *)) |
| Set the timer callbacks (Mandatory for DTLS.) More...
|
|
void | mbedtls_ssl_conf_ciphersuites (mbedtls_ssl_config *conf, const int *ciphersuites) |
| Set the list of allowed ciphersuites and the preference order. More...
|
|
void | mbedtls_ssl_conf_ciphersuites_for_version (mbedtls_ssl_config *conf, const int *ciphersuites, int major, int minor) |
| Set the list of allowed ciphersuites and the preference order for a specific version of the protocol. More...
|
|
void | mbedtls_ssl_conf_max_version (mbedtls_ssl_config *conf, int major, int minor) |
| Set the maximum supported version sent from the client side and/or accepted at the server side (Default: MBEDTLS_SSL_MAX_MAJOR_VERSION, MBEDTLS_SSL_MAX_MINOR_VERSION) More...
|
|
void | mbedtls_ssl_conf_min_version (mbedtls_ssl_config *conf, int major, int minor) |
| Set the minimum accepted SSL/TLS protocol version (Default: TLS 1.0) More...
|
|
void | mbedtls_ssl_conf_legacy_renegotiation (mbedtls_ssl_config *conf, int allow_legacy) |
| Prevent or allow legacy renegotiation. More...
|
|
size_t | mbedtls_ssl_get_bytes_avail (const mbedtls_ssl_context *ssl) |
| Return the number of data bytes available to read. More...
|
|
uint32_t | mbedtls_ssl_get_verify_result (const mbedtls_ssl_context *ssl) |
| Return the result of the certificate verification. More...
|
|
const char * | mbedtls_ssl_get_ciphersuite (const mbedtls_ssl_context *ssl) |
| Return the name of the current ciphersuite. More...
|
|
const char * | mbedtls_ssl_get_version (const mbedtls_ssl_context *ssl) |
| Return the current SSL version (SSLv3/TLSv1/etc) More...
|
|
int | mbedtls_ssl_get_record_expansion (const mbedtls_ssl_context *ssl) |
| Return the (maximum) number of bytes added by the record layer: header + encryption/MAC overhead (inc. More...
|
|
int | mbedtls_ssl_handshake (mbedtls_ssl_context *ssl) |
| Perform the SSL handshake. More...
|
|
int | mbedtls_ssl_handshake_step (mbedtls_ssl_context *ssl) |
| Perform a single step of the SSL handshake. More...
|
|
int | mbedtls_ssl_read (mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) |
| Read at most 'len' application data bytes. More...
|
|
int | mbedtls_ssl_write (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len) |
| Try to write exactly 'len' application data bytes. More...
|
|
int | mbedtls_ssl_send_alert_message (mbedtls_ssl_context *ssl, unsigned char level, unsigned char message) |
| Send an alert message. More...
|
|
int | mbedtls_ssl_close_notify (mbedtls_ssl_context *ssl) |
| Notify the peer that the connection is being closed. More...
|
|
void | mbedtls_ssl_free (mbedtls_ssl_context *ssl) |
| Free referenced items in an SSL context and clear memory. More...
|
|
void | mbedtls_ssl_config_init (mbedtls_ssl_config *conf) |
| Initialize an SSL configuration context Just makes the context ready for mbedtls_ssl_config_defaults() or mbedtls_ssl_config_free(). More...
|
|
int | mbedtls_ssl_config_defaults (mbedtls_ssl_config *conf, int endpoint, int transport, int preset) |
| Load reasonnable default SSL configuration values. More...
|
|
void | mbedtls_ssl_config_free (mbedtls_ssl_config *conf) |
| Free an SSL configuration context. More...
|
|
void | mbedtls_ssl_session_init (mbedtls_ssl_session *session) |
| Initialize SSL session structure. More...
|
|
void | mbedtls_ssl_session_free (mbedtls_ssl_session *session) |
| Free referenced items in an SSL session including the peer certificate and clear memory. More...
|
|