Ashley Mills / axTLS

Rough and ready port of axTLS

ssl/tls1.h@0:5a29fd060ac8, 2013-05-13 (annotated)

Committer:
ashleymills
Date:
Mon May 13 18:15:18 2013 +0000
Revision:
0:5a29fd060ac8
initial commit

Who changed what in which revision?

UserRevisionLine numberNew contents of line
ashleymills 0:5a29fd060ac8 1 /*
ashleymills 0:5a29fd060ac8 2 * Copyright (c) 2007, Cameron Rich
ashleymills 0:5a29fd060ac8 3 *
ashleymills 0:5a29fd060ac8 4 * All rights reserved.
ashleymills 0:5a29fd060ac8 5 *
ashleymills 0:5a29fd060ac8 6 * Redistribution and use in source and binary forms, with or without
ashleymills 0:5a29fd060ac8 7 * modification, are permitted provided that the following conditions are met:
ashleymills 0:5a29fd060ac8 8 *
ashleymills 0:5a29fd060ac8 9 * * Redistributions of source code must retain the above copyright notice,
ashleymills 0:5a29fd060ac8 10 * this list of conditions and the following disclaimer.
ashleymills 0:5a29fd060ac8 11 * * Redistributions in binary form must reproduce the above copyright notice,
ashleymills 0:5a29fd060ac8 12 * this list of conditions and the following disclaimer in the documentation
ashleymills 0:5a29fd060ac8 13 * and/or other materials provided with the distribution.
ashleymills 0:5a29fd060ac8 14 * * Neither the name of the axTLS project nor the names of its contributors
ashleymills 0:5a29fd060ac8 15 * may be used to endorse or promote products derived from this software
ashleymills 0:5a29fd060ac8 16 * without specific prior written permission.
ashleymills 0:5a29fd060ac8 17 *
ashleymills 0:5a29fd060ac8 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
ashleymills 0:5a29fd060ac8 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
ashleymills 0:5a29fd060ac8 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
ashleymills 0:5a29fd060ac8 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
ashleymills 0:5a29fd060ac8 22 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
ashleymills 0:5a29fd060ac8 23 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
ashleymills 0:5a29fd060ac8 24 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
ashleymills 0:5a29fd060ac8 25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
ashleymills 0:5a29fd060ac8 26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
ashleymills 0:5a29fd060ac8 27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
ashleymills 0:5a29fd060ac8 28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
ashleymills 0:5a29fd060ac8 29 */
ashleymills 0:5a29fd060ac8 30
ashleymills 0:5a29fd060ac8 31 /**
ashleymills 0:5a29fd060ac8 32 * @file tls1.h
ashleymills 0:5a29fd060ac8 33 *
ashleymills 0:5a29fd060ac8 34 * @brief The definitions for the TLS library.
ashleymills 0:5a29fd060ac8 35 */
ashleymills 0:5a29fd060ac8 36 #ifndef HEADER_SSL_LIB_H
ashleymills 0:5a29fd060ac8 37 #define HEADER_SSL_LIB_H
ashleymills 0:5a29fd060ac8 38
ashleymills 0:5a29fd060ac8 39 #ifdef __cplusplus
ashleymills 0:5a29fd060ac8 40 extern "C" {
ashleymills 0:5a29fd060ac8 41 #endif
ashleymills 0:5a29fd060ac8 42
ashleymills 0:5a29fd060ac8 43 #include "version.h"
ashleymills 0:5a29fd060ac8 44 #include "os_int.h"
ashleymills 0:5a29fd060ac8 45 #include "crypto.h"
ashleymills 0:5a29fd060ac8 46 #include "crypto_misc.h"
ashleymills 0:5a29fd060ac8 47
ashleymills 0:5a29fd060ac8 48 #include "config.h"
ashleymills 0:5a29fd060ac8 49
ashleymills 0:5a29fd060ac8 50 #define SSL_PROTOCOL_MIN_VERSION 0x31 /* TLS v1.0 */
ashleymills 0:5a29fd060ac8 51 #define SSL_PROTOCOL_MINOR_VERSION 0x02 /* TLS v1.1 */
ashleymills 0:5a29fd060ac8 52 #define SSL_PROTOCOL_VERSION_MAX 0x32 /* TLS v1.1 */
ashleymills 0:5a29fd060ac8 53 #define SSL_PROTOCOL_VERSION1_1 0x32 /* TLS v1.1 */
ashleymills 0:5a29fd060ac8 54 #define SSL_RANDOM_SIZE 32
ashleymills 0:5a29fd060ac8 55 #define SSL_SECRET_SIZE 48
ashleymills 0:5a29fd060ac8 56 #define SSL_FINISHED_HASH_SIZE 12
ashleymills 0:5a29fd060ac8 57 #define SSL_RECORD_SIZE 5
ashleymills 0:5a29fd060ac8 58 #define SSL_SERVER_READ 0
ashleymills 0:5a29fd060ac8 59 #define SSL_SERVER_WRITE 1
ashleymills 0:5a29fd060ac8 60 #define SSL_CLIENT_READ 2
ashleymills 0:5a29fd060ac8 61 #define SSL_CLIENT_WRITE 3
ashleymills 0:5a29fd060ac8 62 #define SSL_HS_HDR_SIZE 4
ashleymills 0:5a29fd060ac8 63
ashleymills 0:5a29fd060ac8 64 /* the flags we use while establishing a connection */
ashleymills 0:5a29fd060ac8 65 #define SSL_NEED_RECORD 0x0001
ashleymills 0:5a29fd060ac8 66 #define SSL_TX_ENCRYPTED 0x0002
ashleymills 0:5a29fd060ac8 67 #define SSL_RX_ENCRYPTED 0x0004
ashleymills 0:5a29fd060ac8 68 #define SSL_SESSION_RESUME 0x0008
ashleymills 0:5a29fd060ac8 69 #define SSL_IS_CLIENT 0x0010
ashleymills 0:5a29fd060ac8 70 #define SSL_HAS_CERT_REQ 0x0020
ashleymills 0:5a29fd060ac8 71 #define SSL_SENT_CLOSE_NOTIFY 0x0040
ashleymills 0:5a29fd060ac8 72
ashleymills 0:5a29fd060ac8 73 /* some macros to muck around with flag bits */
ashleymills 0:5a29fd060ac8 74 #define SET_SSL_FLAG(A) (ssl->flag |= A)
ashleymills 0:5a29fd060ac8 75 #define CLR_SSL_FLAG(A) (ssl->flag &= ~A)
ashleymills 0:5a29fd060ac8 76 #define IS_SET_SSL_FLAG(A) (ssl->flag & A)
ashleymills 0:5a29fd060ac8 77
ashleymills 0:5a29fd060ac8 78 #define MAX_KEY_BYTE_SIZE 512 /* for a 4096 bit key */
ashleymills 0:5a29fd060ac8 79 #define RT_MAX_PLAIN_LENGTH 2048//16384
ashleymills 0:5a29fd060ac8 80 #define RT_EXTRA 512//1024
ashleymills 0:5a29fd060ac8 81 #define BM_RECORD_OFFSET 5
ashleymills 0:5a29fd060ac8 82
ashleymills 0:5a29fd060ac8 83 #ifdef CONFIG_SSL_SKELETON_MODE
ashleymills 0:5a29fd060ac8 84 #define NUM_PROTOCOLS 1
ashleymills 0:5a29fd060ac8 85 #else
ashleymills 0:5a29fd060ac8 86 #define NUM_PROTOCOLS 4
ashleymills 0:5a29fd060ac8 87 #endif
ashleymills 0:5a29fd060ac8 88
ashleymills 0:5a29fd060ac8 89 #define PARANOIA_CHECK(A, B) if (A < B) { \
ashleymills 0:5a29fd060ac8 90 ret = SSL_ERROR_INVALID_HANDSHAKE; goto error; }
ashleymills 0:5a29fd060ac8 91
ashleymills 0:5a29fd060ac8 92 /* protocol types */
ashleymills 0:5a29fd060ac8 93 enum
ashleymills 0:5a29fd060ac8 94 {
ashleymills 0:5a29fd060ac8 95 PT_CHANGE_CIPHER_SPEC = 20,
ashleymills 0:5a29fd060ac8 96 PT_ALERT_PROTOCOL,
ashleymills 0:5a29fd060ac8 97 PT_HANDSHAKE_PROTOCOL,
ashleymills 0:5a29fd060ac8 98 PT_APP_PROTOCOL_DATA
ashleymills 0:5a29fd060ac8 99 };
ashleymills 0:5a29fd060ac8 100
ashleymills 0:5a29fd060ac8 101 /* handshaking types */
ashleymills 0:5a29fd060ac8 102 enum
ashleymills 0:5a29fd060ac8 103 {
ashleymills 0:5a29fd060ac8 104 HS_HELLO_REQUEST,
ashleymills 0:5a29fd060ac8 105 HS_CLIENT_HELLO,
ashleymills 0:5a29fd060ac8 106 HS_SERVER_HELLO,
ashleymills 0:5a29fd060ac8 107 HS_CERTIFICATE = 11,
ashleymills 0:5a29fd060ac8 108 HS_SERVER_KEY_XCHG,
ashleymills 0:5a29fd060ac8 109 HS_CERT_REQ,
ashleymills 0:5a29fd060ac8 110 HS_SERVER_HELLO_DONE,
ashleymills 0:5a29fd060ac8 111 HS_CERT_VERIFY,
ashleymills 0:5a29fd060ac8 112 HS_CLIENT_KEY_XCHG,
ashleymills 0:5a29fd060ac8 113 HS_FINISHED = 20
ashleymills 0:5a29fd060ac8 114 };
ashleymills 0:5a29fd060ac8 115
ashleymills 0:5a29fd060ac8 116 typedef struct
ashleymills 0:5a29fd060ac8 117 {
ashleymills 0:5a29fd060ac8 118 uint8_t cipher;
ashleymills 0:5a29fd060ac8 119 uint8_t key_size;
ashleymills 0:5a29fd060ac8 120 uint8_t iv_size;
ashleymills 0:5a29fd060ac8 121 uint8_t key_block_size;
ashleymills 0:5a29fd060ac8 122 uint8_t padding_size;
ashleymills 0:5a29fd060ac8 123 uint8_t digest_size;
ashleymills 0:5a29fd060ac8 124 hmac_func hmac;
ashleymills 0:5a29fd060ac8 125 crypt_func encrypt;
ashleymills 0:5a29fd060ac8 126 crypt_func decrypt;
ashleymills 0:5a29fd060ac8 127 } cipher_info_t;
ashleymills 0:5a29fd060ac8 128
ashleymills 0:5a29fd060ac8 129 struct _SSLObjLoader
ashleymills 0:5a29fd060ac8 130 {
ashleymills 0:5a29fd060ac8 131 uint8_t *buf;
ashleymills 0:5a29fd060ac8 132 int len;
ashleymills 0:5a29fd060ac8 133 };
ashleymills 0:5a29fd060ac8 134
ashleymills 0:5a29fd060ac8 135 typedef struct _SSLObjLoader SSLObjLoader;
ashleymills 0:5a29fd060ac8 136
ashleymills 0:5a29fd060ac8 137 typedef struct
ashleymills 0:5a29fd060ac8 138 {
ashleymills 0:5a29fd060ac8 139 time_t conn_time;
ashleymills 0:5a29fd060ac8 140 uint8_t session_id[SSL_SESSION_ID_SIZE];
ashleymills 0:5a29fd060ac8 141 uint8_t master_secret[SSL_SECRET_SIZE];
ashleymills 0:5a29fd060ac8 142 } SSL_SESSION;
ashleymills 0:5a29fd060ac8 143
ashleymills 0:5a29fd060ac8 144 typedef struct
ashleymills 0:5a29fd060ac8 145 {
ashleymills 0:5a29fd060ac8 146 uint8_t *buf;
ashleymills 0:5a29fd060ac8 147 int size;
ashleymills 0:5a29fd060ac8 148 } SSL_CERT;
ashleymills 0:5a29fd060ac8 149
ashleymills 0:5a29fd060ac8 150 typedef struct
ashleymills 0:5a29fd060ac8 151 {
ashleymills 0:5a29fd060ac8 152 MD5_CTX md5_ctx;
ashleymills 0:5a29fd060ac8 153 SHA1_CTX sha1_ctx;
ashleymills 0:5a29fd060ac8 154 uint8_t final_finish_mac[SSL_FINISHED_HASH_SIZE];
ashleymills 0:5a29fd060ac8 155 uint8_t *key_block;
ashleymills 0:5a29fd060ac8 156 uint8_t master_secret[SSL_SECRET_SIZE];
ashleymills 0:5a29fd060ac8 157 uint8_t client_random[SSL_RANDOM_SIZE]; /* client's random sequence */
ashleymills 0:5a29fd060ac8 158 uint8_t server_random[SSL_RANDOM_SIZE]; /* server's random sequence */
ashleymills 0:5a29fd060ac8 159 uint16_t bm_proc_index;
ashleymills 0:5a29fd060ac8 160 } DISPOSABLE_CTX;
ashleymills 0:5a29fd060ac8 161
ashleymills 0:5a29fd060ac8 162 struct _SSL
ashleymills 0:5a29fd060ac8 163 {
ashleymills 0:5a29fd060ac8 164 uint32_t flag;
ashleymills 0:5a29fd060ac8 165 uint16_t need_bytes;
ashleymills 0:5a29fd060ac8 166 uint16_t got_bytes;
ashleymills 0:5a29fd060ac8 167 uint8_t record_type;
ashleymills 0:5a29fd060ac8 168 uint8_t cipher;
ashleymills 0:5a29fd060ac8 169 uint8_t sess_id_size;
ashleymills 0:5a29fd060ac8 170 uint8_t version;
ashleymills 0:5a29fd060ac8 171 uint8_t client_version;
ashleymills 0:5a29fd060ac8 172 int16_t next_state;
ashleymills 0:5a29fd060ac8 173 int16_t hs_status;
ashleymills 0:5a29fd060ac8 174 DISPOSABLE_CTX *dc; /* temporary data which we'll get rid of soon */
ashleymills 0:5a29fd060ac8 175 int client_fd;
ashleymills 0:5a29fd060ac8 176 const cipher_info_t *cipher_info;
ashleymills 0:5a29fd060ac8 177 void *encrypt_ctx;
ashleymills 0:5a29fd060ac8 178 void *decrypt_ctx;
ashleymills 0:5a29fd060ac8 179 uint8_t bm_all_data[RT_MAX_PLAIN_LENGTH+RT_EXTRA];
ashleymills 0:5a29fd060ac8 180 uint8_t *bm_data;
ashleymills 0:5a29fd060ac8 181 uint16_t bm_index;
ashleymills 0:5a29fd060ac8 182 uint16_t bm_read_index;
ashleymills 0:5a29fd060ac8 183 struct _SSL *next; /* doubly linked list */
ashleymills 0:5a29fd060ac8 184 struct _SSL *prev;
ashleymills 0:5a29fd060ac8 185 struct _SSL_CTX *ssl_ctx; /* back reference to a clnt/svr ctx */
ashleymills 0:5a29fd060ac8 186 #ifndef CONFIG_SSL_SKELETON_MODE
ashleymills 0:5a29fd060ac8 187 uint16_t session_index;
ashleymills 0:5a29fd060ac8 188 SSL_SESSION *session;
ashleymills 0:5a29fd060ac8 189 #endif
ashleymills 0:5a29fd060ac8 190 #ifdef CONFIG_SSL_CERT_VERIFICATION
ashleymills 0:5a29fd060ac8 191 X509_CTX *x509_ctx;
ashleymills 0:5a29fd060ac8 192 #endif
ashleymills 0:5a29fd060ac8 193
ashleymills 0:5a29fd060ac8 194 uint8_t session_id[SSL_SESSION_ID_SIZE];
ashleymills 0:5a29fd060ac8 195 uint8_t client_mac[SHA1_SIZE]; /* for HMAC verification */
ashleymills 0:5a29fd060ac8 196 uint8_t server_mac[SHA1_SIZE]; /* for HMAC verification */
ashleymills 0:5a29fd060ac8 197 uint8_t read_sequence[8]; /* 64 bit sequence number */
ashleymills 0:5a29fd060ac8 198 uint8_t write_sequence[8]; /* 64 bit sequence number */
ashleymills 0:5a29fd060ac8 199 uint8_t hmac_header[SSL_RECORD_SIZE]; /* rx hmac */
ashleymills 0:5a29fd060ac8 200 };
ashleymills 0:5a29fd060ac8 201
ashleymills 0:5a29fd060ac8 202 typedef struct _SSL SSL;
ashleymills 0:5a29fd060ac8 203
ashleymills 0:5a29fd060ac8 204 struct _SSL_CTX
ashleymills 0:5a29fd060ac8 205 {
ashleymills 0:5a29fd060ac8 206 uint32_t options;
ashleymills 0:5a29fd060ac8 207 uint8_t chain_length;
ashleymills 0:5a29fd060ac8 208 RSA_CTX *rsa_ctx;
ashleymills 0:5a29fd060ac8 209 #ifdef CONFIG_SSL_CERT_VERIFICATION
ashleymills 0:5a29fd060ac8 210 CA_CERT_CTX *ca_cert_ctx;
ashleymills 0:5a29fd060ac8 211 #endif
ashleymills 0:5a29fd060ac8 212 SSL *head;
ashleymills 0:5a29fd060ac8 213 SSL *tail;
ashleymills 0:5a29fd060ac8 214 SSL_CERT certs[CONFIG_SSL_MAX_CERTS];
ashleymills 0:5a29fd060ac8 215 #ifndef CONFIG_SSL_SKELETON_MODE
ashleymills 0:5a29fd060ac8 216 uint16_t num_sessions;
ashleymills 0:5a29fd060ac8 217 SSL_SESSION **ssl_sessions;
ashleymills 0:5a29fd060ac8 218 #endif
ashleymills 0:5a29fd060ac8 219 #ifdef CONFIG_SSL_CTX_MUTEXING
ashleymills 0:5a29fd060ac8 220 SSL_CTX_MUTEX_TYPE mutex;
ashleymills 0:5a29fd060ac8 221 #endif
ashleymills 0:5a29fd060ac8 222 #ifdef CONFIG_OPENSSL_COMPATIBLE
ashleymills 0:5a29fd060ac8 223 void *bonus_attr;
ashleymills 0:5a29fd060ac8 224 #endif
ashleymills 0:5a29fd060ac8 225 };
ashleymills 0:5a29fd060ac8 226
ashleymills 0:5a29fd060ac8 227 typedef struct _SSL_CTX SSL_CTX;
ashleymills 0:5a29fd060ac8 228
ashleymills 0:5a29fd060ac8 229 /* backwards compatibility */
ashleymills 0:5a29fd060ac8 230 typedef struct _SSL_CTX SSLCTX;
ashleymills 0:5a29fd060ac8 231
ashleymills 0:5a29fd060ac8 232 extern const uint8_t ssl_prot_prefs[NUM_PROTOCOLS];
ashleymills 0:5a29fd060ac8 233
ashleymills 0:5a29fd060ac8 234 SSL *ssl_new(SSL_CTX *ssl_ctx, int client_fd);
ashleymills 0:5a29fd060ac8 235 void disposable_new(SSL *ssl);
ashleymills 0:5a29fd060ac8 236 void disposable_free(SSL *ssl);
ashleymills 0:5a29fd060ac8 237 int send_packet(SSL *ssl, uint8_t protocol,
ashleymills 0:5a29fd060ac8 238 const uint8_t *in, int length);
ashleymills 0:5a29fd060ac8 239 int do_svr_handshake(SSL *ssl, int handshake_type, uint8_t *buf, int hs_len);
ashleymills 0:5a29fd060ac8 240 int do_clnt_handshake(SSL *ssl, int handshake_type, uint8_t *buf, int hs_len);
ashleymills 0:5a29fd060ac8 241 int process_finished(SSL *ssl, uint8_t *buf, int hs_len);
ashleymills 0:5a29fd060ac8 242 int process_sslv23_client_hello(SSL *ssl);
ashleymills 0:5a29fd060ac8 243 int send_alert(SSL *ssl, int error_code);
ashleymills 0:5a29fd060ac8 244 int send_finished(SSL *ssl);
ashleymills 0:5a29fd060ac8 245 int send_certificate(SSL *ssl);
ashleymills 0:5a29fd060ac8 246 int basic_read(SSL *ssl, uint8_t **in_data);
ashleymills 0:5a29fd060ac8 247 int send_change_cipher_spec(SSL *ssl);
ashleymills 0:5a29fd060ac8 248 void finished_digest(SSL *ssl, const char *label, uint8_t *digest);
ashleymills 0:5a29fd060ac8 249 void generate_master_secret(SSL *ssl, const uint8_t *premaster_secret);
ashleymills 0:5a29fd060ac8 250 void add_packet(SSL *ssl, const uint8_t *pkt, int len);
ashleymills 0:5a29fd060ac8 251 int add_cert(SSL_CTX *ssl_ctx, const uint8_t *buf, int len);
ashleymills 0:5a29fd060ac8 252 int add_private_key(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj);
ashleymills 0:5a29fd060ac8 253 void ssl_obj_free(SSLObjLoader *ssl_obj);
ashleymills 0:5a29fd060ac8 254 int pkcs8_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password);
ashleymills 0:5a29fd060ac8 255 int pkcs12_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password);
ashleymills 0:5a29fd060ac8 256 int load_key_certs(SSL_CTX *ssl_ctx);
ashleymills 0:5a29fd060ac8 257 #ifdef CONFIG_SSL_CERT_VERIFICATION
ashleymills 0:5a29fd060ac8 258 int add_cert_auth(SSL_CTX *ssl_ctx, const uint8_t *buf, int len);
ashleymills 0:5a29fd060ac8 259 void remove_ca_certs(CA_CERT_CTX *ca_cert_ctx);
ashleymills 0:5a29fd060ac8 260 #endif
ashleymills 0:5a29fd060ac8 261 #ifdef CONFIG_SSL_ENABLE_CLIENT
ashleymills 0:5a29fd060ac8 262 int do_client_connect(SSL *ssl);
ashleymills 0:5a29fd060ac8 263 #endif
ashleymills 0:5a29fd060ac8 264
ashleymills 0:5a29fd060ac8 265 #ifdef CONFIG_SSL_FULL_MODE
ashleymills 0:5a29fd060ac8 266 void DISPLAY_STATE(SSL *ssl, int is_send, uint8_t state, int not_ok);
ashleymills 0:5a29fd060ac8 267 void DISPLAY_BYTES(SSL *ssl, const char *format,
ashleymills 0:5a29fd060ac8 268 const uint8_t *data, int size, ...);
ashleymills 0:5a29fd060ac8 269 void DISPLAY_CERT(SSL *ssl, const X509_CTX *x509_ctx);
ashleymills 0:5a29fd060ac8 270 void DISPLAY_RSA(SSL *ssl, const RSA_CTX *rsa_ctx);
ashleymills 0:5a29fd060ac8 271 void DISPLAY_ALERT(SSL *ssl, int alert);
ashleymills 0:5a29fd060ac8 272 #else
ashleymills 0:5a29fd060ac8 273 #define DISPLAY_STATE(A,B,C,D)
ashleymills 0:5a29fd060ac8 274 #define DISPLAY_CERT(A,B)
ashleymills 0:5a29fd060ac8 275 #define DISPLAY_RSA(A,B)
ashleymills 0:5a29fd060ac8 276 #define DISPLAY_ALERT(A, B)
ashleymills 0:5a29fd060ac8 277 #ifdef WIN32
ashleymills 0:5a29fd060ac8 278 void DISPLAY_BYTES(SSL *ssl, const char *format,/* win32 has no variadic macros */
ashleymills 0:5a29fd060ac8 279 const uint8_t *data, int size, ...);
ashleymills 0:5a29fd060ac8 280 #else
ashleymills 0:5a29fd060ac8 281 #define DISPLAY_BYTES(A,B,C,D,...)
ashleymills 0:5a29fd060ac8 282 #endif
ashleymills 0:5a29fd060ac8 283 #endif
ashleymills 0:5a29fd060ac8 284
ashleymills 0:5a29fd060ac8 285 #ifdef CONFIG_SSL_CERT_VERIFICATION
ashleymills 0:5a29fd060ac8 286 int process_certificate(SSL *ssl, X509_CTX **x509_ctx);
ashleymills 0:5a29fd060ac8 287 #endif
ashleymills 0:5a29fd060ac8 288
ashleymills 0:5a29fd060ac8 289 SSL_SESSION *ssl_session_update(int max_sessions,
ashleymills 0:5a29fd060ac8 290 SSL_SESSION *ssl_sessions[], SSL *ssl,
ashleymills 0:5a29fd060ac8 291 const uint8_t *session_id);
ashleymills 0:5a29fd060ac8 292 void kill_ssl_session(SSL_SESSION **ssl_sessions, SSL *ssl);
ashleymills 0:5a29fd060ac8 293
ashleymills 0:5a29fd060ac8 294 #ifdef __cplusplus
ashleymills 0:5a29fd060ac8 295 }
ashleymills 0:5a29fd060ac8 296 #endif
ashleymills 0:5a29fd060ac8 297
ashleymills 0:5a29fd060ac8 298 #endif