« Back to documentation index
tls.c File Reference
TLS (Transport Layer Security)
More...
Go to the source code of this file.
TlsContext * tlsInit (void) TLS context initialization. error_t tlsSetIoCallbacks (TlsContext *context, TlsIoHandle handle, TlsIoSendCallback sendCallback, TlsIoReceiveCallback receiveCallback) Set send and receive callbacks (I/O abstraction layer) error_t tlsSetConnectionEnd (TlsContext *context, TlsConnectionEnd entity) Set operation mode (client or server) error_t tlsSetPrng (TlsContext *context, const PrngAlgo *prngAlgo, void *prngContext) Set the pseudo-random number generator to be used. error_t tlsSetServerName (TlsContext *context, const char_t *serverName) Set the name of the remote server. error_t tlsSetCache (TlsContext *context, TlsCache *cache) Set session cache. error_t tlsSetClientAuthMode (TlsContext *context, TlsClientAuthMode mode) Set client authentication mode. error_t tlsSetBufferSize (TlsContext *context, size_t txBufferSize, size_t rxBufferSize) Set TLS buffer size. error_t tlsSetCipherSuites (TlsContext *context, const uint16_t *cipherSuites, uint_t length) Specify the list of allowed cipher suites. error_t tlsSetDhParameters (TlsContext *context, const char_t *params, size_t length) Import Diffie-Hellman parameters. error_t tlsSetAlpnProtocolList (TlsContext *context, const char_t *protocolList) Set the list of supported ALPN protocols. const char_t * tlsGetAlpnProtocol (TlsContext *context) Get the name of the negotiated ALPN protocol. error_t tlsSetPsk (TlsContext *context, const uint8_t *psk, size_t pskLength) Set the pre-shared key to be used. error_t tlsSetPskIdentity (TlsContext *context, const char_t *pskIdentity) Set the PSK identity to be used by the client. error_t tlsSetPskIdentityHint (TlsContext *context, const char_t *pskIdentityHint) Set the PSK identity hint to be used by the server. error_t tlsSetPskCallback (TlsContext *context, TlsPskCallback pskCallback) Register the PSK callback function. error_t tlsSetTrustedCaList (TlsContext *context, const char_t *trustedCaList, size_t length) Import a trusted CA list. error_t tlsAddCertificate (TlsContext *context, const char_t *certChain, size_t certChainLength, const char_t *privateKey, size_t privateKeyLength) Import a certificate and the corresponding private key. error_t tlsConnect (TlsContext *context) Initiate the TLS handshake. error_t tlsWrite (TlsContext *context, const void *data, size_t length, size_t *written, uint_t flags) Send application data to the remote host using TLS. error_t tlsRead (TlsContext *context, void *data, size_t size, size_t *received, uint_t flags) Receive application data from a the remote host using TLS. error_t tlsShutdown (TlsContext *context) Gracefully close TLS session. error_t tlsShutdownEx (TlsContext *context, bool_t waitForCloseNotify) Gracefully close TLS session. void tlsFree (TlsContext *context) Release TLS context. error_t tlsSaveSession (const TlsContext *context, TlsSession *session) Save TLS session. error_t tlsRestoreSession (TlsContext *context, const TlsSession *session) Restore TLS session.
Detailed Description
TLS (Transport Layer Security)
Copyright (C) 2010-2017 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneSSL Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery
Author: Oryx Embedded SARL (www.oryx-embedded.com) Version: 1.7.6 Definition in file tls.c .
Function Documentation
error_t tlsAddCertificate (
TlsContext *
context ,
const char_t *
certChain ,
size_t
certChainLength ,
const char_t *
privateKey ,
size_t
privateKeyLength
)
Import a certificate and the corresponding private key.
Parameters:
[in] context Pointer to the TLS context [in] certChain Certificate chain (PEM format) [in] certChainLength Total length of the certificate chain [in] privateKey Private key (PEM format) [in] privateKeyLength Total length of the private key
Returns: Error code Definition at line 674 of file tls.c .
error_t tlsConnect (
TlsContext *
context )
Initiate the TLS handshake.
Parameters:
[in] context Pointer to the TLS context
Returns: Error code Definition at line 778 of file tls.c .
void tlsFree
(
TlsContext *
context )
Release TLS context.
Parameters:
[in] context Pointer to the TLS context
Definition at line 1230 of file tls.c .
const char_t* tlsGetAlpnProtocol
(
TlsContext *
context )
Get the name of the negotiated ALPN protocol.
Parameters:
[in] context Pointer to the TLS context
Returns: Pointer to the protocol name Definition at line 450 of file tls.c .
TlsContext* tlsInit
(
void
)
TLS context initialization.
Returns: Handle referencing the fully initialized TLS context Definition at line 60 of file tls.c .
error_t tlsRead (
TlsContext *
context ,
void *
data ,
size_t
size ,
size_t *
received ,
uint_t
flags
)
Receive application data from a the remote host using TLS.
Parameters:
[in] context Pointer to the TLS context [out] data Buffer into which received data will be placed [in] size Maximum number of bytes that can be received [out] received Number of bytes that have been received [in] flags Set of flags that influences the behavior of this function
Returns: Error code Definition at line 932 of file tls.c .
Restore TLS session.
Parameters:
[in] context Pointer to the TLS context [in] session Pointer to the session to be restored
Returns: Error code Definition at line 1408 of file tls.c .
Save TLS session.
Parameters:
[in] context Pointer to the TLS context [out] session Buffer where to store the current session parameters
Returns: Error code Definition at line 1372 of file tls.c .
error_t tlsSetAlpnProtocolList (
TlsContext *
context ,
const char_t *
protocolList
)
Set the list of supported ALPN protocols.
Parameters:
[in] context Pointer to the TLS context [in] protocolList Comma-delimited list of supported protocols
Returns: Error code Definition at line 402 of file tls.c .
error_t tlsSetBufferSize (
TlsContext *
context ,
size_t
txBufferSize ,
size_t
rxBufferSize
)
Set TLS buffer size.
Parameters:
[in] context Pointer to the TLS context [in] txBufferSize TX buffer size [in] rxBufferSize RX buffer size
Returns: Error code Definition at line 310 of file tls.c .
Set session cache.
Parameters:
[in] context Pointer to the TLS context [in] cache Session cache that will be used to save/resume TLS sessions
Returns: Error code Definition at line 267 of file tls.c .
error_t tlsSetCipherSuites (
TlsContext *
context ,
const uint16_t *
cipherSuites ,
uint_t
length
)
Specify the list of allowed cipher suites.
Parameters:
[in] context Pointer to the TLS context [in] cipherSuites Pointer to the cipher suite list [in] length Number of cipher suites in the list
Returns: Error code Definition at line 347 of file tls.c .
Set client authentication mode.
Parameters:
[in] context Pointer to the TLS context [in] mode Client authentication mode
Returns: Error code Definition at line 288 of file tls.c .
Set operation mode (client or server)
Parameters:
[in] context Pointer to the TLS context [in] entity Specifies whether this entity is considered a client or a server
Returns: Error code Definition at line 167 of file tls.c .
error_t tlsSetDhParameters (
TlsContext *
context ,
const char_t *
params ,
size_t
length
)
Import Diffie-Hellman parameters.
Parameters:
[in] context Pointer to the TLS context [in] params PEM structure that holds Diffie-Hellman parameters [in] length Total length of the DER structure
Returns: Error code Definition at line 374 of file tls.c .
Set send and receive callbacks (I/O abstraction layer)
Parameters:
[in] context Pointer to the TLS context [in] handle Handle for I/O operations [in] sendCallback Send callback function [in] receiveCallback Receive callback function
Returns: Error code Definition at line 141 of file tls.c .
error_t tlsSetPrng (
TlsContext *
context ,
const PrngAlgo *
prngAlgo ,
void *
prngContext
)
Set the pseudo-random number generator to be used.
Parameters:
[in] context Pointer to the TLS context [in] prngAlgo PRNG algorithm [in] prngContext Pointer to the PRNG context
Returns: Error code Definition at line 192 of file tls.c .
error_t tlsSetPsk (
TlsContext *
context ,
const uint8_t *
psk ,
size_t
pskLength
)
Set the pre-shared key to be used.
Parameters:
[in] context Pointer to the TLS context [in] psk Pointer to the pre-shared key [in] pskLength Length of the pre-shared key, in bytes
Returns: Error code Definition at line 465 of file tls.c .
Register the PSK callback function.
Parameters:
[in] context Pointer to the TLS context [in] pskCallback PSK callback function
Returns: Error code Definition at line 617 of file tls.c .
error_t tlsSetPskIdentity (
TlsContext *
context ,
const char_t *
pskIdentity
)
Set the PSK identity to be used by the client.
Parameters:
[in] context Pointer to the TLS context [in] pskIdentity NULL-terminated string that contains the PSK identity
Returns: Error code Definition at line 517 of file tls.c .
error_t tlsSetPskIdentityHint (
TlsContext *
context ,
const char_t *
pskIdentityHint
)
Set the PSK identity hint to be used by the server.
Parameters:
[in] context Pointer to the TLS context [in] pskIdentityHint NULL-terminated string that contains the PSK identity hint
Returns: Error code Definition at line 567 of file tls.c .
error_t tlsSetServerName (
TlsContext *
context ,
const char_t *
serverName
)
Set the name of the remote server.
Parameters:
[in] context Pointer to the TLS context [in] serverName Fully qualified domain name of the server
Returns: Error code Definition at line 218 of file tls.c .
error_t tlsSetTrustedCaList (
TlsContext *
context ,
const char_t *
trustedCaList ,
size_t
length
)
Import a trusted CA list.
Parameters:
[in] context Pointer to the TLS context [in] trustedCaList List of trusted CA (PEM format) [in] length Total length of the list
Returns: Error code Definition at line 645 of file tls.c .
error_t tlsShutdown (
TlsContext *
context )
Gracefully close TLS session.
Parameters:
[in] context Pointer to the TLS context
Definition at line 1097 of file tls.c .
error_t tlsShutdownEx (
TlsContext *
context ,
bool_t
waitForCloseNotify
)
Gracefully close TLS session.
Parameters:
[in] context Pointer to the TLS context [in] waitForCloseNotify Wait for the close notify alert from the peer
Definition at line 1110 of file tls.c .
error_t tlsWrite (
TlsContext *
context ,
const void *
data ,
size_t
length ,
size_t *
written ,
uint_t
flags
)
Send application data to the remote host using TLS.
Parameters:
[in] context Pointer to the TLS context [in] data Pointer to a buffer containing the data to be transmitted [in] length Number of bytes to be transmitted [out] written Actual number of bytes written (optional parameter) [in] flags Set of flags that influences the behavior of this function
Returns: Error code Definition at line 849 of file tls.c .
1.7.2