Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependencies: MAX44000 PWM_Tone_Library nexpaq_mdk
Fork of LED_Demo by
mbedtls_ssl_config Struct Reference
SSL/TLS configuration to be shared between mbedtls_ssl_context structures. More...
#include <ssl.h>
Data Fields | |
const int * | ciphersuite_list [4] |
void(* | f_dbg )(void *, int, const char *, int, const char *) |
Callback for printing debug output. | |
void * | p_dbg |
int(* | f_rng )(void *, unsigned char *, size_t) |
Callback for getting (pseudo-)random numbers. | |
void * | p_rng |
int(* | f_get_cache )(void *, mbedtls_ssl_session *) |
Callback to retrieve a session from the cache. | |
int(* | f_set_cache )(void *, const mbedtls_ssl_session *) |
Callback to store a session into the cache. | |
void * | p_cache |
int(* | f_sni )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback for setting cert according to SNI extension. | |
void * | p_sni |
int(* | f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *) |
Callback to customize X.509 certificate chain verification. | |
void * | p_vrfy |
int(* | f_psk )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback to retrieve PSK key from identity. | |
void * | p_psk |
int(* | f_cookie_write )(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
Callback to create & write a cookie for ClientHello veirifcation. | |
int(* | f_cookie_check )(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
Callback to verify validity of a ClientHello cookie. | |
void * | p_cookie |
int(* | f_ticket_write )(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
Callback to create & write a session ticket. | |
int(* | f_ticket_parse )(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
Callback to parse a session ticket into a session structure. | |
void * | p_ticket |
int(* | f_export_keys )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
Callback to export key block and master secret. | |
void * | p_export_keys |
const mbedtls_x509_crt_profile * | cert_profile |
mbedtls_ssl_key_cert * | key_cert |
mbedtls_x509_crt * | ca_chain |
mbedtls_x509_crl * | ca_crl |
const int * | sig_hashes |
const mbedtls_ecp_group_id * | curve_list |
mbedtls_mpi | dhm_P |
mbedtls_mpi | dhm_G |
unsigned char * | psk |
size_t | psk_len |
unsigned char * | psk_identity |
size_t | psk_identity_len |
const char ** | alpn_list |
uint32_t | read_timeout |
uint32_t | hs_timeout_min |
uint32_t | hs_timeout_max |
int | renego_max_records |
unsigned char | renego_period [8] |
unsigned int | badmac_limit |
unsigned int | dhm_min_bitlen |
unsigned char | max_major_ver |
unsigned char | max_minor_ver |
unsigned char | min_major_ver |
unsigned char | min_minor_ver |
unsigned int | endpoint: 1 |
unsigned int | transport: 1 |
unsigned int | authmode: 2 |
unsigned int | allow_legacy_renegotiation: 2 |
unsigned int | arc4_disabled: 1 |
unsigned int | mfl_code: 3 |
unsigned int | encrypt_then_mac: 1 |
unsigned int | extended_ms: 1 |
unsigned int | anti_replay: 1 |
unsigned int | cbc_record_splitting: 1 |
unsigned int | disable_renegotiation: 1 |
unsigned int | trunc_hmac: 1 |
unsigned int | session_tickets: 1 |
unsigned int | fallback: 1 |
Detailed Description
SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
Definition at line 580 of file features/mbedtls/inc/mbedtls/ssl.h.
Field Documentation
unsigned int allow_legacy_renegotiation |
MBEDTLS_LEGACY_XXX
Definition at line 719 of file features/mbedtls/inc/mbedtls/ssl.h.
const char** alpn_list |
ordered list of protocols
Definition at line 676 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int anti_replay |
detect and prevent replay?
Definition at line 733 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int arc4_disabled |
blacklist RC4 ciphersuites?
Definition at line 721 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int authmode |
MBEDTLS_SSL_VERIFY_XXX
Definition at line 717 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int badmac_limit |
limit of records with a bad MAC
Definition at line 699 of file features/mbedtls/inc/mbedtls/ssl.h.
trusted CAs
Definition at line 651 of file features/mbedtls/inc/mbedtls/ssl.h.
trusted CAs CRLs
Definition at line 652 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int cbc_record_splitting |
do cbc record splitting
Definition at line 736 of file features/mbedtls/inc/mbedtls/ssl.h.
verification profile
Definition at line 649 of file features/mbedtls/inc/mbedtls/ssl.h.
const int* ciphersuite_list[4] |
allowed ciphersuites per version
Definition at line 588 of file features/mbedtls/inc/mbedtls/ssl.h.
const mbedtls_ecp_group_id* curve_list |
allowed curves
Definition at line 660 of file features/mbedtls/inc/mbedtls/ssl.h.
generator for DHM
Definition at line 665 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int dhm_min_bitlen |
min. bit length of the DHM prime
Definition at line 703 of file features/mbedtls/inc/mbedtls/ssl.h.
prime modulus for DHM
Definition at line 664 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int disable_renegotiation |
disable renegotiation?
Definition at line 739 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int encrypt_then_mac |
negotiate encrypt-then-mac?
Definition at line 727 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int endpoint |
0: client, 1: server
Definition at line 715 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int extended_ms |
negotiate extended master secret?
Definition at line 730 of file features/mbedtls/inc/mbedtls/ssl.h.
int(* f_cookie_check)(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
Callback to verify validity of a ClientHello cookie.
Definition at line 627 of file features/mbedtls/inc/mbedtls/ssl.h.
int(* f_cookie_write)(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
Callback to create & write a cookie for ClientHello veirifcation.
Definition at line 624 of file features/mbedtls/inc/mbedtls/ssl.h.
void(* f_dbg)(void *, int, const char *, int, const char *) |
Callback for printing debug output.
Definition at line 591 of file features/mbedtls/inc/mbedtls/ssl.h.
int(* f_export_keys)(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
Callback to export key block and master secret.
Definition at line 643 of file features/mbedtls/inc/mbedtls/ssl.h.
int(* f_get_cache)(void *, mbedtls_ssl_session *) |
Callback to retrieve a session from the cache.
Definition at line 599 of file features/mbedtls/inc/mbedtls/ssl.h.
int(* f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback to retrieve PSK key from identity.
Definition at line 618 of file features/mbedtls/inc/mbedtls/ssl.h.
int(* f_rng)(void *, unsigned char *, size_t) |
Callback for getting (pseudo-)random numbers.
Definition at line 595 of file features/mbedtls/inc/mbedtls/ssl.h.
int(* f_set_cache)(void *, const mbedtls_ssl_session *) |
Callback to store a session into the cache.
Definition at line 601 of file features/mbedtls/inc/mbedtls/ssl.h.
int(* f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback for setting cert according to SNI extension.
Definition at line 606 of file features/mbedtls/inc/mbedtls/ssl.h.
int(* f_ticket_parse)(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
Callback to parse a session ticket into a session structure.
Definition at line 637 of file features/mbedtls/inc/mbedtls/ssl.h.
int(* f_ticket_write)(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
Callback to create & write a session ticket.
Definition at line 634 of file features/mbedtls/inc/mbedtls/ssl.h.
int(* f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) |
Callback to customize X.509 certificate chain verification.
Definition at line 612 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int fallback |
is this a fallback?
Definition at line 748 of file features/mbedtls/inc/mbedtls/ssl.h.
uint32_t hs_timeout_max |
maximum value of the handshake retransmission timeout (ms)
Definition at line 688 of file features/mbedtls/inc/mbedtls/ssl.h.
uint32_t hs_timeout_min |
initial value of the handshake retransmission timeout (ms)
Definition at line 686 of file features/mbedtls/inc/mbedtls/ssl.h.
mbedtls_ssl_key_cert* key_cert |
own certificate/key pair(s)
Definition at line 650 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned char max_major_ver |
max. major version used
Definition at line 706 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned char max_minor_ver |
max. minor version used
Definition at line 707 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int mfl_code |
desired fragment length
Definition at line 724 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned char min_major_ver |
min. major version used
Definition at line 708 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned char min_minor_ver |
min. minor version used
Definition at line 709 of file features/mbedtls/inc/mbedtls/ssl.h.
void* p_cache |
context for cache callbacks
Definition at line 602 of file features/mbedtls/inc/mbedtls/ssl.h.
void* p_cookie |
context for the cookie callbacks
Definition at line 629 of file features/mbedtls/inc/mbedtls/ssl.h.
void* p_dbg |
context for the debug function
Definition at line 592 of file features/mbedtls/inc/mbedtls/ssl.h.
void* p_export_keys |
context for key export callback
Definition at line 645 of file features/mbedtls/inc/mbedtls/ssl.h.
void* p_psk |
context for PSK callback
Definition at line 619 of file features/mbedtls/inc/mbedtls/ssl.h.
void* p_rng |
context for the RNG function
Definition at line 596 of file features/mbedtls/inc/mbedtls/ssl.h.
void* p_sni |
context for SNI callback
Definition at line 607 of file features/mbedtls/inc/mbedtls/ssl.h.
void* p_ticket |
context for the ticket callbacks
Definition at line 638 of file features/mbedtls/inc/mbedtls/ssl.h.
void* p_vrfy |
context for X.509 verify calllback
Definition at line 613 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned char* psk |
pre-shared key
Definition at line 669 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned char* psk_identity |
identity for PSK negotiation
Definition at line 671 of file features/mbedtls/inc/mbedtls/ssl.h.
size_t psk_identity_len |
length of identity
Definition at line 672 of file features/mbedtls/inc/mbedtls/ssl.h.
size_t psk_len |
length of the pre-shared key
Definition at line 670 of file features/mbedtls/inc/mbedtls/ssl.h.
uint32_t read_timeout |
timeout for mbedtls_ssl_read (ms)
Definition at line 683 of file features/mbedtls/inc/mbedtls/ssl.h.
grace period for renegotiation
Definition at line 693 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned char renego_period[8] |
value of the record counters that triggers renegotiation
Definition at line 694 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int session_tickets |
use session tickets?
Definition at line 745 of file features/mbedtls/inc/mbedtls/ssl.h.
const int* sig_hashes |
allowed signature hashes
Definition at line 656 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int transport |
stream (TLS) or datagram (DTLS)
Definition at line 716 of file features/mbedtls/inc/mbedtls/ssl.h.
unsigned int trunc_hmac |
negotiate truncated hmac?
Definition at line 742 of file features/mbedtls/inc/mbedtls/ssl.h.
Generated on Tue Jul 12 2022 12:29:08 by
