#include <ssl.h>
|
mbedtls_ssl_protocol_version | private_max_tls_version |
|
mbedtls_ssl_protocol_version | private_min_tls_version |
|
uint8_t | private_endpoint |
|
uint8_t | private_transport |
|
uint8_t | private_authmode |
|
uint8_t | private_allow_legacy_renegotiation |
|
uint8_t | private_mfl_code |
|
uint8_t | private_encrypt_then_mac |
|
uint8_t | private_extended_ms |
|
uint8_t | private_anti_replay |
|
uint8_t | private_disable_renegotiation |
|
uint8_t | private_session_tickets |
|
uint16_t | private_new_session_tickets_count |
|
uint8_t | private_cert_req_ca_list |
|
uint8_t | private_respect_cli_pref |
|
uint8_t | private_ignore_unexpected_cid |
|
uint8_t | private_dtls_srtp_mki_support |
|
const int * | private_ciphersuite_list |
|
int | private_tls13_kex_modes |
|
void(* | private_f_dbg )(void *, int, const char *, int, const char *) |
|
void * | private_p_dbg |
|
int(* | private_f_rng )(void *, unsigned char *, size_t) |
|
void * | private_p_rng |
|
mbedtls_ssl_cache_get_t * | private_f_get_cache |
|
mbedtls_ssl_cache_set_t * | private_f_set_cache |
|
void * | private_p_cache |
|
int(* | private_f_sni )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | private_p_sni |
|
int(* | private_f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *) |
|
void * | private_p_vrfy |
|
int(* | private_f_psk )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
|
void * | private_p_psk |
|
int(* | private_f_cookie_write )(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
|
int(* | private_f_cookie_check )(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
|
void * | private_p_cookie |
|
int(* | private_f_ticket_write )(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
|
int(* | private_f_ticket_parse )(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
|
void * | private_p_ticket |
|
size_t | private_cid_len |
|
const mbedtls_x509_crt_profile * | private_cert_profile |
|
mbedtls_ssl_key_cert * | private_key_cert |
|
mbedtls_x509_crt * | private_ca_chain |
|
mbedtls_x509_crl * | private_ca_crl |
|
mbedtls_x509_crt_ca_cb_t | private_f_ca_cb |
|
void * | private_p_ca_cb |
|
mbedtls_ssl_async_sign_t * | private_f_async_sign_start |
|
mbedtls_ssl_async_decrypt_t * | private_f_async_decrypt_start |
|
mbedtls_ssl_async_resume_t * | private_f_async_resume |
|
mbedtls_ssl_async_cancel_t * | private_f_async_cancel |
|
void * | private_p_async_config_data |
|
const uint16_t * | private_sig_algs |
|
const uint16_t * | private_group_list |
|
mbedtls_mpi | private_dhm_P |
|
mbedtls_mpi | private_dhm_G |
|
mbedtls_svc_key_id_t | private_psk_opaque |
|
unsigned char * | private_psk |
|
size_t | private_psk_len |
|
unsigned char * | private_psk_identity |
|
size_t | private_psk_identity_len |
|
int | private_early_data_enabled |
|
uint32_t | private_max_early_data_size |
|
const char ** | private_alpn_list |
|
const mbedtls_ssl_srtp_profile * | private_dtls_srtp_profile_list |
|
size_t | private_dtls_srtp_profile_list_len |
|
uint32_t | private_read_timeout |
|
uint32_t | private_hs_timeout_min |
|
uint32_t | private_hs_timeout_max |
|
int | private_renego_max_records |
|
unsigned char | private_renego_period [8] |
|
unsigned int | private_badmac_limit |
|
unsigned int | private_dhm_min_bitlen |
|
mbedtls_ssl_user_data_t | private_user_data |
|
mbedtls_ssl_hs_cb_t | private_f_cert_cb |
|
const mbedtls_x509_crt * | private_dn_hints |
|
SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
Definition at line 1453 of file ssl.h.
uint8_t mbedtls_ssl_config::private_allow_legacy_renegotiation |
MBEDTLS_LEGACY_XXX
Definition at line 1472 of file ssl.h.
const char** mbedtls_ssl_config::private_alpn_list |
ordered list of protocols
Definition at line 1678 of file ssl.h.
uint8_t mbedtls_ssl_config::private_anti_replay |
detect and prevent replay?
Definition at line 1484 of file ssl.h.
uint8_t mbedtls_ssl_config::private_authmode |
MBEDTLS_SSL_VERIFY_XXX
Definition at line 1470 of file ssl.h.
unsigned int mbedtls_ssl_config::private_badmac_limit |
limit of records with a bad MAC
Definition at line 1707 of file ssl.h.
trusted CAs
Definition at line 1595 of file ssl.h.
trusted CAs CRLs
Definition at line 1596 of file ssl.h.
verification profile
Definition at line 1593 of file ssl.h.
uint8_t mbedtls_ssl_config::private_cert_req_ca_list |
enable sending CA list in Certificate Request messages?
Definition at line 1507 of file ssl.h.
size_t mbedtls_ssl_config::private_cid_len |
The length of CIDs for incoming DTLS records.
Definition at line 1589 of file ssl.h.
const int* mbedtls_ssl_config::private_ciphersuite_list |
Allowed ciphersuites for (D)TLS 1.2 (0-terminated)
Definition at line 1528 of file ssl.h.
generator for DHM
Definition at line 1629 of file ssl.h.
unsigned int mbedtls_ssl_config::private_dhm_min_bitlen |
min. bit length of the DHM prime
Definition at line 1710 of file ssl.h.
prime modulus for DHM
Definition at line 1628 of file ssl.h.
uint8_t mbedtls_ssl_config::private_disable_renegotiation |
disable renegotiation?
Definition at line 1487 of file ssl.h.
acceptable client cert issuers
Definition at line 1725 of file ssl.h.
uint8_t mbedtls_ssl_config::private_dtls_srtp_mki_support |
ordered list of supported srtp profile
Definition at line 1683 of file ssl.h.
size_t mbedtls_ssl_config::private_dtls_srtp_profile_list_len |
number of supported profiles
Definition at line 1685 of file ssl.h.
int mbedtls_ssl_config::private_early_data_enabled |
Early data enablement:
- MBEDTLS_SSL_EARLY_DATA_DISABLED,
- MBEDTLS_SSL_EARLY_DATA_ENABLED
Definition at line 1666 of file ssl.h.
uint8_t mbedtls_ssl_config::private_encrypt_then_mac |
negotiate encrypt-then-mac?
Definition at line 1478 of file ssl.h.
uint8_t mbedtls_ssl_config::private_endpoint |
0: client, 1: server
Definition at line 1468 of file ssl.h.
uint8_t mbedtls_ssl_config::private_extended_ms |
negotiate extended master secret?
Definition at line 1481 of file ssl.h.
cancel asynchronous operation
Definition at line 1609 of file ssl.h.
start asynchronous decryption operation
Definition at line 1606 of file ssl.h.
resume asynchronous operation
Definition at line 1608 of file ssl.h.
start asynchronous signature operation
Definition at line 1605 of file ssl.h.
certificate selection callback
Definition at line 1721 of file ssl.h.
int(* mbedtls_ssl_config::private_f_cookie_check)(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
Callback to verify validity of a ClientHello cookie
Definition at line 1574 of file ssl.h.
int(* mbedtls_ssl_config::private_f_cookie_write)(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
Callback to create & write a cookie for ClientHello verification
Definition at line 1571 of file ssl.h.
void(* mbedtls_ssl_config::private_f_dbg)(void *, int, const char *, int, const char *) |
Callback for printing debug output
Definition at line 1536 of file ssl.h.
Callback to retrieve a session from the cache
Definition at line 1544 of file ssl.h.
int(* mbedtls_ssl_config::private_f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback to retrieve PSK key from identity
Definition at line 1564 of file ssl.h.
int(* mbedtls_ssl_config::private_f_rng)(void *, unsigned char *, size_t) |
Callback for getting (pseudo-)random numbers
Definition at line 1540 of file ssl.h.
Callback to store a session into the cache
Definition at line 1546 of file ssl.h.
int(* mbedtls_ssl_config::private_f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback for setting cert according to SNI extension
Definition at line 1551 of file ssl.h.
int(* mbedtls_ssl_config::private_f_ticket_parse)(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
Callback to parse a session ticket into a session structure
Definition at line 1585 of file ssl.h.
int(* mbedtls_ssl_config::private_f_ticket_write)(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
Callback to create & write a session ticket
Definition at line 1581 of file ssl.h.
int(* mbedtls_ssl_config::private_f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) |
Callback to customize X.509 certificate chain verification
Definition at line 1557 of file ssl.h.
const uint16_t* mbedtls_ssl_config::private_group_list |
allowed IANA NamedGroups
Definition at line 1625 of file ssl.h.
uint32_t mbedtls_ssl_config::private_hs_timeout_max |
maximum value of the handshake retransmission timeout (ms)
Definition at line 1697 of file ssl.h.
uint32_t mbedtls_ssl_config::private_hs_timeout_min |
initial value of the handshake retransmission timeout (ms)
Definition at line 1695 of file ssl.h.
uint8_t mbedtls_ssl_config::private_ignore_unexpected_cid |
Should DTLS record with unexpected CID lead to failure?
Definition at line 1514 of file ssl.h.
own certificate/key pair(s)
Definition at line 1594 of file ssl.h.
uint32_t mbedtls_ssl_config::private_max_early_data_size |
max. TLS version used
Definition at line 1459 of file ssl.h.
uint8_t mbedtls_ssl_config::private_mfl_code |
desired fragment length indicator (MBEDTLS_SSL_MAX_FRAG_LEN_XXX)
Definition at line 1474 of file ssl.h.
min. TLS version used
Definition at line 1460 of file ssl.h.
uint16_t mbedtls_ssl_config::private_new_session_tickets_count |
number of NewSessionTicket
Definition at line 1503 of file ssl.h.
void* mbedtls_ssl_config::private_p_async_config_data |
void* mbedtls_ssl_config::private_p_ca_cb |
void* mbedtls_ssl_config::private_p_cache |
context for cache callbacks
Definition at line 1547 of file ssl.h.
void* mbedtls_ssl_config::private_p_cookie |
context for the cookie callbacks
Definition at line 1576 of file ssl.h.
void* mbedtls_ssl_config::private_p_dbg |
context for the debug function
Definition at line 1537 of file ssl.h.
void* mbedtls_ssl_config::private_p_psk |
context for PSK callback
Definition at line 1565 of file ssl.h.
void* mbedtls_ssl_config::private_p_rng |
context for the RNG function
Definition at line 1541 of file ssl.h.
void* mbedtls_ssl_config::private_p_sni |
context for SNI callback
Definition at line 1552 of file ssl.h.
void* mbedtls_ssl_config::private_p_ticket |
context for the ticket callbacks
Definition at line 1586 of file ssl.h.
void* mbedtls_ssl_config::private_p_vrfy |
context for X.509 verify calllback
Definition at line 1558 of file ssl.h.
unsigned char* mbedtls_ssl_config::private_psk |
The raw pre-shared key. This field should only be set via mbedtls_ssl_conf_psk(). If either no PSK or an opaque PSK have been configured, this has value NULL.
Definition at line 1642 of file ssl.h.
unsigned char* mbedtls_ssl_config::private_psk_identity |
The PSK identity for PSK negotiation. This field should only be set via mbedtls_ssl_conf_psk(). This is set if and only if either psk
or psk_opaque
are set.
Definition at line 1652 of file ssl.h.
size_t mbedtls_ssl_config::private_psk_identity_len |
The length of PSK identity. This field should only be set via mbedtls_ssl_conf_psk(). Its value is non-zero if and only if psk
is not NULL
or psk_opaque
is not 0
.
Definition at line 1657 of file ssl.h.
size_t mbedtls_ssl_config::private_psk_len |
The length of the raw pre-shared key. This field should only be set via mbedtls_ssl_conf_psk(). Its value is non-zero if and only if psk
is not NULL
.
Definition at line 1646 of file ssl.h.
PSA key slot holding opaque PSK. This field should only be set via mbedtls_ssl_conf_psk_opaque(). If either no PSK or a raw PSK have been configured, this has value 0
.
Definition at line 1635 of file ssl.h.
uint32_t mbedtls_ssl_config::private_read_timeout |
timeout for mbedtls_ssl_read (ms)
Definition at line 1692 of file ssl.h.
int mbedtls_ssl_config::private_renego_max_records |
grace period for renegotiation
Definition at line 1702 of file ssl.h.
unsigned char mbedtls_ssl_config::private_renego_period[8] |
value of the record counters that triggers renegotiation
Definition at line 1703 of file ssl.h.
uint8_t mbedtls_ssl_config::private_respect_cli_pref |
pick the ciphersuite according to the client's preferences rather than ours?
Definition at line 1509 of file ssl.h.
uint8_t mbedtls_ssl_config::private_session_tickets |
const uint16_t* mbedtls_ssl_config::private_sig_algs |
allowed signature algorithms
Definition at line 1618 of file ssl.h.
int mbedtls_ssl_config::private_tls13_kex_modes |
Allowed TLS 1.3 key exchange modes.
Definition at line 1532 of file ssl.h.
uint8_t mbedtls_ssl_config::private_transport |
0: stream (TLS), 1: datagram (DTLS)
Definition at line 1469 of file ssl.h.
User data pointer or handle.
The library sets this to 0
when creating a context and does not access it afterwards.
Definition at line 1718 of file ssl.h.
The documentation for this struct was generated from the following file: