joey shelton / LED_Demo

Dependencies:   MAX44000 PWM_Tone_Library nexpaq_mdk

Fork of LED_Demo by Maxim nexpaq

Embed: (wiki syntax)

« Back to documentation index

mbedtls_ssl_config Struct Reference

mbedtls_ssl_config Struct Reference

SSL/TLS configuration to be shared between mbedtls_ssl_context structures. More...

#include <ssl.h>

Data Fields

const int * ciphersuite_list [4]
void(* f_dbg )(void *, int, const char *, int, const char *)
 Callback for printing debug output.
void * p_dbg
int(* f_rng )(void *, unsigned char *, size_t)
 Callback for getting (pseudo-)random numbers.
void * p_rng
int(* f_get_cache )(void *, mbedtls_ssl_session *)
 Callback to retrieve a session from the cache.
int(* f_set_cache )(void *, const mbedtls_ssl_session *)
 Callback to store a session into the cache.
void * p_cache
int(* f_sni )(void *, mbedtls_ssl_context *, const unsigned char *, size_t)
 Callback for setting cert according to SNI extension.
void * p_sni
int(* f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *)
 Callback to customize X.509 certificate chain verification.
void * p_vrfy
int(* f_psk )(void *, mbedtls_ssl_context *, const unsigned char *, size_t)
 Callback to retrieve PSK key from identity.
void * p_psk
int(* f_cookie_write )(void *, unsigned char **, unsigned char *, const unsigned char *, size_t)
 Callback to create & write a cookie for ClientHello veirifcation.
int(* f_cookie_check )(void *, const unsigned char *, size_t, const unsigned char *, size_t)
 Callback to verify validity of a ClientHello cookie.
void * p_cookie
int(* f_ticket_write )(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *)
 Callback to create & write a session ticket.
int(* f_ticket_parse )(void *, mbedtls_ssl_session *, unsigned char *, size_t)
 Callback to parse a session ticket into a session structure.
void * p_ticket
int(* f_export_keys )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t)
 Callback to export key block and master secret.
void * p_export_keys
const mbedtls_x509_crt_profilecert_profile
mbedtls_ssl_key_cert * key_cert
mbedtls_x509_crtca_chain
mbedtls_x509_crlca_crl
const int * sig_hashes
const mbedtls_ecp_group_idcurve_list
mbedtls_mpi dhm_P
mbedtls_mpi dhm_G
unsigned char * psk
size_t psk_len
unsigned char * psk_identity
size_t psk_identity_len
const char ** alpn_list
uint32_t read_timeout
uint32_t hs_timeout_min
uint32_t hs_timeout_max
int renego_max_records
unsigned char renego_period [8]
unsigned int badmac_limit
unsigned int dhm_min_bitlen
unsigned char max_major_ver
unsigned char max_minor_ver
unsigned char min_major_ver
unsigned char min_minor_ver
unsigned int endpoint: 1
unsigned int transport: 1
unsigned int authmode: 2
unsigned int allow_legacy_renegotiation: 2
unsigned int arc4_disabled: 1
unsigned int mfl_code: 3
unsigned int encrypt_then_mac: 1
unsigned int extended_ms: 1
unsigned int anti_replay: 1
unsigned int cbc_record_splitting: 1
unsigned int disable_renegotiation: 1
unsigned int trunc_hmac: 1
unsigned int session_tickets: 1
unsigned int fallback: 1

Detailed Description

SSL/TLS configuration to be shared between mbedtls_ssl_context structures.

Definition at line 580 of file features/mbedtls/inc/mbedtls/ssl.h.


Field Documentation

MBEDTLS_LEGACY_XXX

Definition at line 719 of file features/mbedtls/inc/mbedtls/ssl.h.

const char** alpn_list

ordered list of protocols

Definition at line 676 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int anti_replay

detect and prevent replay?

Definition at line 733 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int arc4_disabled

blacklist RC4 ciphersuites?

Definition at line 721 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int authmode

MBEDTLS_SSL_VERIFY_XXX

Definition at line 717 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int badmac_limit

limit of records with a bad MAC

Definition at line 699 of file features/mbedtls/inc/mbedtls/ssl.h.

trusted CAs

Definition at line 651 of file features/mbedtls/inc/mbedtls/ssl.h.

trusted CAs CRLs

Definition at line 652 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int cbc_record_splitting

do cbc record splitting

Definition at line 736 of file features/mbedtls/inc/mbedtls/ssl.h.

verification profile

Definition at line 649 of file features/mbedtls/inc/mbedtls/ssl.h.

const int* ciphersuite_list[4]

allowed ciphersuites per version

Definition at line 588 of file features/mbedtls/inc/mbedtls/ssl.h.

allowed curves

Definition at line 660 of file features/mbedtls/inc/mbedtls/ssl.h.

generator for DHM

Definition at line 665 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int dhm_min_bitlen

min. bit length of the DHM prime

Definition at line 703 of file features/mbedtls/inc/mbedtls/ssl.h.

prime modulus for DHM

Definition at line 664 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int disable_renegotiation

disable renegotiation?

Definition at line 739 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int encrypt_then_mac

negotiate encrypt-then-mac?

Definition at line 727 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int endpoint

0: client, 1: server

Definition at line 715 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int extended_ms

negotiate extended master secret?

Definition at line 730 of file features/mbedtls/inc/mbedtls/ssl.h.

int(* f_cookie_check)(void *, const unsigned char *, size_t, const unsigned char *, size_t)

Callback to verify validity of a ClientHello cookie.

Definition at line 627 of file features/mbedtls/inc/mbedtls/ssl.h.

int(* f_cookie_write)(void *, unsigned char **, unsigned char *, const unsigned char *, size_t)

Callback to create & write a cookie for ClientHello veirifcation.

Definition at line 624 of file features/mbedtls/inc/mbedtls/ssl.h.

void(* f_dbg)(void *, int, const char *, int, const char *)

Callback for printing debug output.

Definition at line 591 of file features/mbedtls/inc/mbedtls/ssl.h.

int(* f_export_keys)(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t)

Callback to export key block and master secret.

Definition at line 643 of file features/mbedtls/inc/mbedtls/ssl.h.

int(* f_get_cache)(void *, mbedtls_ssl_session *)

Callback to retrieve a session from the cache.

Definition at line 599 of file features/mbedtls/inc/mbedtls/ssl.h.

int(* f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t)

Callback to retrieve PSK key from identity.

Definition at line 618 of file features/mbedtls/inc/mbedtls/ssl.h.

int(* f_rng)(void *, unsigned char *, size_t)

Callback for getting (pseudo-)random numbers.

Definition at line 595 of file features/mbedtls/inc/mbedtls/ssl.h.

int(* f_set_cache)(void *, const mbedtls_ssl_session *)

Callback to store a session into the cache.

Definition at line 601 of file features/mbedtls/inc/mbedtls/ssl.h.

int(* f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t)

Callback for setting cert according to SNI extension.

Definition at line 606 of file features/mbedtls/inc/mbedtls/ssl.h.

int(* f_ticket_parse)(void *, mbedtls_ssl_session *, unsigned char *, size_t)

Callback to parse a session ticket into a session structure.

Definition at line 637 of file features/mbedtls/inc/mbedtls/ssl.h.

int(* f_ticket_write)(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *)

Callback to create & write a session ticket.

Definition at line 634 of file features/mbedtls/inc/mbedtls/ssl.h.

int(* f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *)

Callback to customize X.509 certificate chain verification.

Definition at line 612 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int fallback

is this a fallback?

Definition at line 748 of file features/mbedtls/inc/mbedtls/ssl.h.

uint32_t hs_timeout_max

maximum value of the handshake retransmission timeout (ms)

Definition at line 688 of file features/mbedtls/inc/mbedtls/ssl.h.

uint32_t hs_timeout_min

initial value of the handshake retransmission timeout (ms)

Definition at line 686 of file features/mbedtls/inc/mbedtls/ssl.h.

mbedtls_ssl_key_cert* key_cert

own certificate/key pair(s)

Definition at line 650 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned char max_major_ver

max. major version used

Definition at line 706 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned char max_minor_ver

max. minor version used

Definition at line 707 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int mfl_code

desired fragment length

Definition at line 724 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned char min_major_ver

min. major version used

Definition at line 708 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned char min_minor_ver

min. minor version used

Definition at line 709 of file features/mbedtls/inc/mbedtls/ssl.h.

void* p_cache

context for cache callbacks

Definition at line 602 of file features/mbedtls/inc/mbedtls/ssl.h.

void* p_cookie

context for the cookie callbacks

Definition at line 629 of file features/mbedtls/inc/mbedtls/ssl.h.

void* p_dbg

context for the debug function

Definition at line 592 of file features/mbedtls/inc/mbedtls/ssl.h.

context for key export callback

Definition at line 645 of file features/mbedtls/inc/mbedtls/ssl.h.

void* p_psk

context for PSK callback

Definition at line 619 of file features/mbedtls/inc/mbedtls/ssl.h.

void* p_rng

context for the RNG function

Definition at line 596 of file features/mbedtls/inc/mbedtls/ssl.h.

void* p_sni

context for SNI callback

Definition at line 607 of file features/mbedtls/inc/mbedtls/ssl.h.

void* p_ticket

context for the ticket callbacks

Definition at line 638 of file features/mbedtls/inc/mbedtls/ssl.h.

void* p_vrfy

context for X.509 verify calllback

Definition at line 613 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned char* psk

pre-shared key

Definition at line 669 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned char* psk_identity

identity for PSK negotiation

Definition at line 671 of file features/mbedtls/inc/mbedtls/ssl.h.

length of identity

Definition at line 672 of file features/mbedtls/inc/mbedtls/ssl.h.

size_t psk_len

length of the pre-shared key

Definition at line 670 of file features/mbedtls/inc/mbedtls/ssl.h.

uint32_t read_timeout

timeout for mbedtls_ssl_read (ms)

Definition at line 683 of file features/mbedtls/inc/mbedtls/ssl.h.

grace period for renegotiation

Definition at line 693 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned char renego_period[8]

value of the record counters that triggers renegotiation

Definition at line 694 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int session_tickets

use session tickets?

Definition at line 745 of file features/mbedtls/inc/mbedtls/ssl.h.

const int* sig_hashes

allowed signature hashes

Definition at line 656 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int transport

stream (TLS) or datagram (DTLS)

Definition at line 716 of file features/mbedtls/inc/mbedtls/ssl.h.

unsigned int trunc_hmac

negotiate truncated hmac?

Definition at line 742 of file features/mbedtls/inc/mbedtls/ssl.h.