Sergey Pastor / 1

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependents:   Nucleo

Embed: (wiki syntax)

« Back to documentation index

tls_misc.c File Reference
Functions

tls_misc.c File Reference

Helper functions (TLS client and server) More...

Go to the source code of this file.

Functions

void tlsProcessError (TlsContext *context, error_t errorCode)
 Translate an error code to an alert message.
error_t tlsGenerateRandomValue (TlsContext *context, TlsRandom *random)
 Generate client or server random value.
error_t tlsSetVersion (TlsContext *context, uint16_t version)
 Set TLS version to use.
error_t tlsSetCipherSuite (TlsContext *context, uint16_t identifier)
 Set cipher suite.
error_t tlsSetCompressionMethod (TlsContext *context, uint8_t identifier)
 Set compression method.
error_t tlsSelectSignHashAlgo (TlsContext *context, TlsSignatureAlgo signAlgo, const TlsSignHashAlgos *supportedSignAlgos)
 Select the hash algorithm to be used when generating signatures.
error_t tlsSelectNamedCurve (TlsContext *context, const TlsEllipticCurveList *curveList)
 Select the named curve to be used when performing ECDH key exchange.
error_t tlsInitHandshakeHash (TlsContext *context)
 Initialize handshake message hashing.
void tlsUpdateHandshakeHash (TlsContext *context, const void *data, size_t length)
 Update hash value with a handshake message.
error_t tlsFinalizeHandshakeHash (TlsContext *context, const HashAlgo *hash, const void *hashContext, const char_t *label, uint8_t *output)
 Finalize hash calculation from previous handshake messages.
error_t tlsComputeVerifyData (TlsContext *context, TlsConnectionEnd entity)
 Compute verify data from previous handshake messages.
error_t tlsInitEncryptionEngine (TlsContext *context)
 Initialize encryption engine.
error_t tlsInitDecryptionEngine (TlsContext *context)
 Initialize decryption engine.
error_t tlsWriteMpi (const Mpi *a, uint8_t *data, size_t *length)
 Encode a multiple precision integer to an opaque vector.
error_t tlsReadMpi (Mpi *a, const uint8_t *data, size_t size, size_t *length)
 Read a multiple precision integer from an opaque vector.
error_t tlsWriteEcPoint (const EcDomainParameters *params, const EcPoint *a, uint8_t *data, size_t *length)
 Encode an EC point to an opaque vector.
error_t tlsReadEcPoint (const EcDomainParameters *params, EcPoint *a, const uint8_t *data, size_t size, size_t *length)
 Read an EC point from an opaque vector.
error_t tlsGenerateRsaSignature (const RsaPrivateKey *key, const uint8_t *digest, uint8_t *signature, size_t *signatureLength)
 Generate RSA signature (SSL 3.0, TLS 1.0 and TLS 1.1)
error_t tlsVerifyRsaSignature (const RsaPublicKey *key, const uint8_t *digest, const uint8_t *signature, size_t signatureLength)
 Verify RSA signature (SSL 3.0, TLS 1.0 and TLS 1.1)
error_t tlsGenerateDsaSignature (const PrngAlgo *prngAlgo, void *prngContext, const DsaPrivateKey *key, const uint8_t *digest, size_t digestLength, uint8_t *signature, size_t *signatureLength)
 Generate DSA signature.
error_t tlsVerifyDsaSignature (const DsaPublicKey *key, const uint8_t *digest, size_t digestLength, const uint8_t *signature, size_t signatureLength)
 Verify DSA signature.
error_t tlsGenerateEcdsaSignature (const EcDomainParameters *params, const PrngAlgo *prngAlgo, void *prngContext, const Mpi *key, const uint8_t *digest, size_t digestLength, uint8_t *signature, size_t *signatureLength)
 Generate ECDSA signature.
error_t tlsVerifyEcdsaSignature (const EcDomainParameters *params, const EcPoint *key, const uint8_t *digest, size_t digestLength, const uint8_t *signature, size_t signatureLength)
 Verify ECDSA signature.
error_t tlsGeneratePskPremasterSecret (TlsContext *context)
 Premaster secret generation (for PSK cipher suites)
error_t tlsGenerateKeys (TlsContext *context)
 Key generation.
error_t tlsPrf (const uint8_t *secret, size_t secretLength, const char_t *label, const uint8_t *seed, size_t seedLength, uint8_t *output, size_t outputLength)
 Pseudorandom function (TLS 1.0 and 1.1)
error_t tlsPrf2 (const HashAlgo *hash, const uint8_t *secret, size_t secretLength, const char_t *label, const uint8_t *seed, size_t seedLength, uint8_t *output, size_t outputLength)
 Pseudorandom function (TLS 1.2)
bool_t tlsIsCertificateAcceptable (const TlsCertDesc *cert, const uint8_t *certTypes, size_t numCertTypes, const TlsSignHashAlgos *signHashAlgos, const TlsEllipticCurveList *curveList, const TlsCertAuthorities *certAuthorities)
 Check whether a certificate is acceptable.
error_t tlsGetCertificateType (const X509CertificateInfo *certInfo, TlsCertificateType *certType, TlsSignatureAlgo *certSignAlgo, TlsHashAlgo *certHashAlgo, TlsEcNamedCurve *namedCurve)
 Retrieve the certificate type.
const TlsExtension * tlsGetExtension (const uint8_t *data, size_t length, uint16_t type)
 Find the specified extension.
const char_t * tlsGetVersionName (uint16_t version)
 Convert TLS version to string representation.
const HashAlgotlsGetHashAlgo (uint8_t hashAlgoId)
 Get the hash algorithm that matches the specified identifier.
const EcCurveInfotlsGetCurveInfo (uint16_t namedCurve)
 Get the EC domain parameters that match the specified named curve.
TlsEcNamedCurve tlsGetNamedCurve (const uint8_t *oid, size_t length)
 Get the named curve that matches the specified OID.

Detailed Description

Helper functions (TLS client and server)

License

Copyright (C) 2010-2017 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneSSL Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author:
Oryx Embedded SARL (www.oryx-embedded.com)
Version:
1.7.6

Definition in file tls_misc.c.

Function Documentation

error_t tlsComputeVerifyData ( TlsContext *  context,
TlsConnectionEnd  entity 
)

Compute verify data from previous handshake messages.

Parameters:
[in]contextPointer to the TLS context
[in]entitySpecifies whether the computation is performed at client or server side
Returns:
Error code

Definition at line 690 of file tls_misc.c.

error_t tlsFinalizeHandshakeHash ( TlsContext *  context,
const HashAlgo hash,
const void *  hashContext,
const char_t *  label,
uint8_t *  output 
)

Finalize hash calculation from previous handshake messages.

Parameters:
[in]contextPointer to the TLS context
[in]hashHash function used to digest the handshake messages
[in]hashContextPointer to the hash context
[in]labelNULL-terminated string
[out]outputBuffer where to store the resulting hash value
Returns:
Error code

Definition at line 609 of file tls_misc.c.

error_t tlsGenerateDsaSignature ( const PrngAlgo prngAlgo,
void *  prngContext,
const DsaPrivateKey key,
const uint8_t *  digest,
size_t  digestLength,
uint8_t *  signature,
size_t *  signatureLength 
)

Generate DSA signature.

Parameters:
[in]prngAlgoPRNG algorithm
[in]prngContextPointer to the PRNG context
[in]keySigner's DSA private key
[in]digestDigest of the message to be signed
[in]digestLengthLength in octets of the digest
[out]signatureResulting signature
[out]signatureLengthLength of the resulting signature
Returns:
Error code

Definition at line 1378 of file tls_misc.c.

error_t tlsGenerateEcdsaSignature ( const EcDomainParameters params,
const PrngAlgo prngAlgo,
void *  prngContext,
const Mpi key,
const uint8_t *  digest,
size_t  digestLength,
uint8_t *  signature,
size_t *  signatureLength 
)

Generate ECDSA signature.

Parameters:
[in]paramsEC domain parameters
[in]prngAlgoPRNG algorithm
[in]prngContextPointer to the PRNG context
[in]keySigner's ECDSA private key
[in]digestDigest of the message to be signed
[in]digestLengthLength in octets of the digest
[out]signatureResulting signature
[out]signatureLengthLength of the resulting signature
Returns:
Error code

Definition at line 1464 of file tls_misc.c.

error_t tlsGenerateKeys ( TlsContext *  context )

Key generation.

Parameters:
[in]contextPointer to the TLS context
Returns:
Error code

Definition at line 1646 of file tls_misc.c.

error_t tlsGeneratePskPremasterSecret ( TlsContext *  context )

Premaster secret generation (for PSK cipher suites)

Parameters:
[in]contextPointer to the TLS context
Returns:
Error code

Definition at line 1547 of file tls_misc.c.

error_t tlsGenerateRandomValue ( TlsContext *  context,
TlsRandom *  random 
)

Generate client or server random value.

Parameters:
[in]contextPointer to the TLS context
[out]randomPointer to the random value
Returns:
Error code

Definition at line 139 of file tls_misc.c.

error_t tlsGenerateRsaSignature ( const RsaPrivateKey key,
const uint8_t *  digest,
uint8_t *  signature,
size_t *  signatureLength 
)

Generate RSA signature (SSL 3.0, TLS 1.0 and TLS 1.1)

Parameters:
[in]keySigner's RSA private key
[in]digestDigest of the message to be signed
[out]signatureResulting signature
[out]signatureLengthLength of the resulting signature
Returns:
Error code

Definition at line 1125 of file tls_misc.c.

error_t tlsGetCertificateType ( const X509CertificateInfo certInfo,
TlsCertificateType certType,
TlsSignatureAlgo certSignAlgo,
TlsHashAlgo certHashAlgo,
TlsEcNamedCurve namedCurve 
)

Retrieve the certificate type.

Parameters:
[in]certInfoX.509 certificate
[out]certTypeCertificate type
[out]certSignAlgoSignature algorithm that has been used to sign the certificate
[out]certHashAlgoHash algorithm that has been used to sign the certificate
[out]namedCurveElliptic curve (only for ECDSA certificates)
Returns:
Error code

Definition at line 2193 of file tls_misc.c.

const EcCurveInfo* tlsGetCurveInfo ( uint16_t  namedCurve )

Get the EC domain parameters that match the specified named curve.

Parameters:
[in]namedCurveElliptic curve identifier
Returns:
Elliptic curve domain parameters

Definition at line 2487 of file tls_misc.c.

const TlsExtension* tlsGetExtension ( const uint8_t *  data,
size_t  length,
uint16_t  type 
)

Find the specified extension.

Parameters:
[in]dataPointer to the list of extensions
[in]lengthLength in bytes of the list
[in]typeExpected extension type
Returns:
If the specified extension was found, a pointer to the corresponding extension is returned. Otherwise NULL pointer is returned

Definition at line 2372 of file tls_misc.c.

const HashAlgo* tlsGetHashAlgo ( uint8_t  hashAlgoId )

Get the hash algorithm that matches the specified identifier.

Parameters:
[in]hashAlgoIdHash algorithm identifier
Returns:
Cipher suite name

Definition at line 2449 of file tls_misc.c.

TlsEcNamedCurve tlsGetNamedCurve ( const uint8_t *  oid,
size_t  length 
)

Get the named curve that matches the specified OID.

Parameters:
[in]oidObject identifier
[in]lengthOID length
Returns:
Named curve

Definition at line 2584 of file tls_misc.c.

const char_t* tlsGetVersionName ( uint16_t  version )

Convert TLS version to string representation.

Parameters:
[in]versionVersion number
Returns:
Cipher suite name

Definition at line 2424 of file tls_misc.c.

error_t tlsInitDecryptionEngine ( TlsContext *  context )

Initialize decryption engine.

Parameters:
[in]contextPointer to the TLS context
Returns:
Error code

Definition at line 887 of file tls_misc.c.

error_t tlsInitEncryptionEngine ( TlsContext *  context )

Initialize encryption engine.

Parameters:
[in]contextPointer to the TLS context
Returns:
Error code

Definition at line 804 of file tls_misc.c.

error_t tlsInitHandshakeHash ( TlsContext *  context )

Initialize handshake message hashing.

Parameters:
[in]contextPointer to the TLS context
Returns:
Error code

Definition at line 495 of file tls_misc.c.

bool_t tlsIsCertificateAcceptable ( const TlsCertDesc cert,
const uint8_t *  certTypes,
size_t  numCertTypes,
const TlsSignHashAlgos *  signHashAlgos,
const TlsEllipticCurveList *  curveList,
const TlsCertAuthorities *  certAuthorities 
)

Check whether a certificate is acceptable.

Parameters:
[in]certEnd entity certificate
[in]certTypesList of supported certificate types
[in]numCertTypesSize of the list that contains the supported certificate types
[in]signHashAlgosList of supported signature algorithms
[in]curveListList of supported elliptic curves
[in]certAuthoritiesList of trusted CA
Returns:
TRUE if the specified certificate conforms to the requirements, else FALSE

Definition at line 2005 of file tls_misc.c.

error_t tlsPrf ( const uint8_t *  secret,
size_t  secretLength,
const char_t *  label,
const uint8_t *  seed,
size_t  seedLength,
uint8_t *  output,
size_t  outputLength 
)

Pseudorandom function (TLS 1.0 and 1.1)

The pseudorandom function (PRF) takes as input a secret, a seed, and an identifying label and produces an output of arbitrary length. This function is used to expand secrets into blocks of data for the purpose of key generation

Parameters:
[in]secretPointer to the secret
[in]secretLengthLength of the secret
[in]labelIdentifying label (NULL-terminated string)
[in]seedPointer to the seed
[in]seedLengthLength of the seed
[out]outputPointer to the output
[in]outputLengthDesired output length
Returns:
Error code

Definition at line 1831 of file tls_misc.c.

error_t tlsPrf2 ( const HashAlgo hash,
const uint8_t *  secret,
size_t  secretLength,
const char_t *  label,
const uint8_t *  seed,
size_t  seedLength,
uint8_t *  output,
size_t  outputLength 
)

Pseudorandom function (TLS 1.2)

The pseudorandom function (PRF) takes as input a secret, a seed, and an identifying label and produces an output of arbitrary length. This function is used to expand secrets into blocks of data for the purpose of key generation

Parameters:
[in]hashHash function used to compute PRF
[in]secretPointer to the secret
[in]secretLengthLength of the secret
[in]labelIdentifying label (NULL-terminated string)
[in]seedPointer to the seed
[in]seedLengthLength of the seed
[out]outputPointer to the output
[in]outputLengthDesired output length
Returns:
Error code

Definition at line 1938 of file tls_misc.c.

void tlsProcessError ( TlsContext *  context,
error_t  errorCode 
)

Translate an error code to an alert message.

Parameters:
[in]contextPointer to the TLS context
[in]errorCodeInternal error code
Returns:
Error code

Definition at line 57 of file tls_misc.c.

error_t tlsReadEcPoint ( const EcDomainParameters params,
EcPoint a,
const uint8_t *  data,
size_t  size,
size_t *  length 
)

Read an EC point from an opaque vector.

Parameters:
[in]paramsEC domain parameters
[out]aResulting EC point
[in]dataBuffer where to read the opaque vector
[in]sizeTotal number of bytes available in the buffer
[out]lengthTotal number of bytes that have been read
Returns:
Error code

Definition at line 1080 of file tls_misc.c.

error_t tlsReadMpi ( Mpi a,
const uint8_t *  data,
size_t  size,
size_t *  length 
)

Read a multiple precision integer from an opaque vector.

Parameters:
[out]aResulting multiple precision integer
[in]dataBuffer where to read the opaque vector
[in]sizeTotal number of bytes available in the buffer
[out]lengthTotal number of bytes that have been read
Returns:
Error code

Definition at line 1005 of file tls_misc.c.

error_t tlsSelectNamedCurve ( TlsContext *  context,
const TlsEllipticCurveList *  curveList 
)

Select the named curve to be used when performing ECDH key exchange.

Parameters:
[in]contextPointer to the TLS context
[in]curveListSet of elliptic curves supported by the peer
Returns:
Error code

Definition at line 446 of file tls_misc.c.

error_t tlsSelectSignHashAlgo ( TlsContext *  context,
TlsSignatureAlgo  signAlgo,
const TlsSignHashAlgos *  supportedSignAlgos 
)

Select the hash algorithm to be used when generating signatures.

Parameters:
[in]contextPointer to the TLS context
[in]signAlgoDesired signature algorithm (RSA, DSA or ECDSA)
[in]supportedSignAlgosList of supported signature/hash algorithm pairs
Returns:
Error code

Definition at line 355 of file tls_misc.c.

error_t tlsSetCipherSuite ( TlsContext *  context,
uint16_t  identifier 
)

Set cipher suite.

Parameters:
[in]contextPointer to the TLS context
[in]identifierCipher suite identifier
Returns:
Error code

Definition at line 210 of file tls_misc.c.

error_t tlsSetCompressionMethod ( TlsContext *  context,
uint8_t  identifier 
)

Set compression method.

Parameters:
[in]contextPointer to the TLS context
[in]identifierCompression method identifier
Returns:
Error code

Definition at line 334 of file tls_misc.c.

error_t tlsSetVersion ( TlsContext *  context,
uint16_t  version 
)

Set TLS version to use.

Parameters:
[in]contextPointer to the TLS context
[in]versionTLS version
Returns:
Error code

Definition at line 185 of file tls_misc.c.

void tlsUpdateHandshakeHash ( TlsContext *  context,
const void *  data,
size_t  length 
)

Update hash value with a handshake message.

Parameters:
[in]contextPointer to the TLS context
[in]dataPointer to the handshake message being hashed
[in]lengthLength of the message

Definition at line 576 of file tls_misc.c.

error_t tlsVerifyDsaSignature ( const DsaPublicKey key,
const uint8_t *  digest,
size_t  digestLength,
const uint8_t *  signature,
size_t  signatureLength 
)

Verify DSA signature.

Parameters:
[in]keySigner's DSA public key
[in]digestDigest of the message whose signature is to be verified
[in]digestLengthLength in octets of the digest
[in]signatureSignature to be verified
[in]signatureLengthLength of the signature to be verified
Returns:
Error code

Definition at line 1420 of file tls_misc.c.

error_t tlsVerifyEcdsaSignature ( const EcDomainParameters params,
const EcPoint key,
const uint8_t *  digest,
size_t  digestLength,
const uint8_t *  signature,
size_t  signatureLength 
)

Verify ECDSA signature.

Parameters:
[in]paramsEC domain parameters
[in]keySigner's ECDSA public key
[in]digestDigest of the message whose signature is to be verified
[in]digestLengthLength in octets of the digest
[in]signatureSignature to be verified
[in]signatureLengthLength of the signature to be verified
Returns:
Error code

Definition at line 1508 of file tls_misc.c.

error_t tlsVerifyRsaSignature ( const RsaPublicKey key,
const uint8_t *  digest,
const uint8_t *  signature,
size_t  signatureLength 
)

Verify RSA signature (SSL 3.0, TLS 1.0 and TLS 1.1)

Parameters:
[in]keySigner's RSA public key
[in]digestDigest of the message whose signature is to be verified
[in]signatureSignature to be verified
[in]signatureLengthLength of the signature to be verified
Returns:
Error code

Definition at line 1244 of file tls_misc.c.

error_t tlsWriteEcPoint ( const EcDomainParameters params,
const EcPoint a,
uint8_t *  data,
size_t *  length 
)

Encode an EC point to an opaque vector.

Parameters:
[in]paramsEC domain parameters
[in]aPointer to an EC point
[out]dataBuffer where to store the opaque vector
[out]lengthTotal number of bytes that have been written
Returns:
Error code

Definition at line 1043 of file tls_misc.c.

error_t tlsWriteMpi ( const Mpi a,
uint8_t *  data,
size_t *  length 
)

Encode a multiple precision integer to an opaque vector.

Parameters:
[in]aPointer to a multiple precision integer
[out]dataBuffer where to store the opaque vector
[out]lengthTotal number of bytes that have been written
Returns:
Error code

Definition at line 972 of file tls_misc.c.

Generated on Tue Jul 12 2022 17:10:23 by  doxygen 1.7.2