SharkSSL-Lite

Users » wini » Code » SharkSSL-Lite

This package includes the SharkSSL lite library and header files.

Dependents: WebSocket-Client-Example SharkMQ-LED-Demo

Description: SharkSSL is an SSL v3.0 TLS v1.0/1.1/1.2 implementation of the TLS and SSL protocol standard. With its array of compile-time options and Raycrypto proprietary cryptographic algorithms, SharkSSL can be fine-tuned to a footprint that occupies less than 20 kB, while maintaining full x.509 authentication. The SharkSSL-Lite download includes a subset of SharkSSL and header files made for use in non-commercial and for evaluation purposes.

Features

SSL|TLS v1.2
Size: 21kB
Encryption: Elliptic Curve Cryptography (ECC) | ChaCha20/Poly1305
SharkSSL Online Documentation
SMQ (Simple Message Queues) Client and SMQ Documentation
Secure WebSocket Client
Secure MQTT Client

Examples

SharkMQ LED Demo: Secure control of LEDs on your mbed board using a browser.
WebSocket Client: Connect to ELIZA the Psychotherapist

Limitations

SharkSSL-Lite includes a limited set of ciphers. To use SharkSSL-Lite, the peer side must support Elliptic Curve Cryptography (ECC) and you must use ECC certificates. The peer side must also support the new ChaCha20/Poly1305 cipher combination.

ChaCha20 and Poly1305 for TLS is published RFC 7905. The development of this new cipher was a response to many attacks discovered against other widely used TLS cipher suites. ChaCha20 is the cipher and Poly1305 is an authenticated encryption mode.

SharkSSL-Lite occupies less than 20kB, while maintaining full x.509 authentication. The ChaCha20/Poly1305 cipher software implementation is equally as fast as many hardware accelerated AES engines.

Creating ECC Certificates for SharkSSL-Lite

The following video shows how to create an Elliptic Curve Cryptography (ECC) certificate for a server, how to install the certificate in the server, and how to make the mbed clients connecting to the server trust this certificate. The server in this video is installed on a private/personal computer on a private network for test purposes. The video was produced for the embedded.com article How to run your own secure IoT cloud server.

inc/SharkSSL.h@1:d5e0e1dcf0d6, 2016-05-23 (annotated)

Committer:: wini
Date:: Mon May 23 13:56:30 2016 +0000
Revision:: 1:d5e0e1dcf0d6
Parent:: 0:e0adec41ad6b

Type conflict fix (U8-U32) for latest mbed release.

Who changed what in which revision?

User	Revision	Line number	New contents of line
wini	0:e0adec41ad6b	1	/*
wini	0:e0adec41ad6b	2	* ____ _________ __ _
wini	0:e0adec41ad6b	3	* / __ \___ ____ _/ /_ __(_)___ ___ ___ / / ____ ____ _(_)____
wini	0:e0adec41ad6b	4	* / /_/ / _ \/ __ `/ / / / / / __ `__ \/ _ \/ / / __ \/ __ `/ / ___/
wini	0:e0adec41ad6b	5	* / _, _/ __/ /_/ / / / / / / / / / / / __/ /___/ /_/ / /_/ / / /__
wini	0:e0adec41ad6b	6	* /_/ \|_\|\___/\__,_/_/ /_/ /_/_/ /_/ /_/\___/_____/\____/\__, /_/\___/
wini	0:e0adec41ad6b	7	* /____/
wini	0:e0adec41ad6b	8	*
wini	0:e0adec41ad6b	9	* SharkSSL Embedded SSL/TLS Stack
wini	0:e0adec41ad6b	10	****************************************************************************
wini	0:e0adec41ad6b	11	* PROGRAM MODULE
wini	0:e0adec41ad6b	12	*
wini	0:e0adec41ad6b	13	* $Id: SharkSSL.h 3863 2016-03-19 02:15:11Z wini $
wini	0:e0adec41ad6b	14	*
wini	0:e0adec41ad6b	15	* COPYRIGHT: Real Time Logic LLC, 2010 - 2013
wini	0:e0adec41ad6b	16	*
wini	0:e0adec41ad6b	17	* This software is copyrighted by and is the sole property of Real
wini	0:e0adec41ad6b	18	* Time Logic LLC. All rights, title, ownership, or other interests in
wini	0:e0adec41ad6b	19	* the software remain the property of Real Time Logic LLC. This
wini	0:e0adec41ad6b	20	* software may only be used in accordance with the terms and
wini	0:e0adec41ad6b	21	* conditions stipulated in the corresponding license agreement under
wini	0:e0adec41ad6b	22	* which the software has been supplied. Any unauthorized use,
wini	0:e0adec41ad6b	23	* duplication, transmission, distribution, or disclosure of this
wini	0:e0adec41ad6b	24	* software is expressly forbidden.
wini	0:e0adec41ad6b	25	*
wini	0:e0adec41ad6b	26	* This Copyright notice may not be removed or modified without prior
wini	0:e0adec41ad6b	27	* written consent of Real Time Logic LLC.
wini	0:e0adec41ad6b	28	*
wini	0:e0adec41ad6b	29	* Real Time Logic LLC. reserves the right to modify this software
wini	0:e0adec41ad6b	30	* without notice.
wini	0:e0adec41ad6b	31	*
wini	0:e0adec41ad6b	32	* http://www.realtimelogic.com
wini	0:e0adec41ad6b	33	* http://www.sharkssl.com
wini	0:e0adec41ad6b	34	****************************************************************************
wini	0:e0adec41ad6b	35	*
wini	0:e0adec41ad6b	36	*/
wini	0:e0adec41ad6b	37	#ifndef _SharkSsl_h
wini	0:e0adec41ad6b	38	#define _SharkSsl_h
wini	0:e0adec41ad6b	39
wini	0:e0adec41ad6b	40	#include "TargConfig.h" /* platform dependencies */
wini	0:e0adec41ad6b	41	#include "SharkSSL_cfg.h" /* SharkSSL configuration */
wini	0:e0adec41ad6b	42	#ifdef __cplusplus
wini	0:e0adec41ad6b	43	#include <stddef.h> /* size_t for new, delete */
wini	0:e0adec41ad6b	44	#endif
wini	0:e0adec41ad6b	45
wini	0:e0adec41ad6b	46	#ifndef SHARKSSL_API
wini	0:e0adec41ad6b	47	#define SHARKSSL_API
wini	0:e0adec41ad6b	48	#else /* Barracuda */
wini	0:e0adec41ad6b	49	#define SHARKSSL_BA 1
wini	0:e0adec41ad6b	50	#include <ThreadLib.h>
wini	0:e0adec41ad6b	51	#include <BaServerLib.h>
wini	0:e0adec41ad6b	52	#endif
wini	0:e0adec41ad6b	53
wini	0:e0adec41ad6b	54	#include "SharkSslCrypto.h" /* Crypto API */
wini	0:e0adec41ad6b	55
wini	0:e0adec41ad6b	56	/** \defgroup ECDSA ECDSA sign/verify functions
wini	0:e0adec41ad6b	57	\ingroup RayCryptoApi
wini	0:e0adec41ad6b	58
wini	0:e0adec41ad6b	59	See [Signing and Verifying Binaries](@ref signing) for an example
wini	0:e0adec41ad6b	60	of how to use the ECDSA ECDSA sign/verify functions.
wini	0:e0adec41ad6b	61
wini	0:e0adec41ad6b	62	*/
wini	0:e0adec41ad6b	63
wini	0:e0adec41ad6b	64
wini	0:e0adec41ad6b	65
wini	0:e0adec41ad6b	66
wini	0:e0adec41ad6b	67	/** \addtogroup SharkSslAlert
wini	0:e0adec41ad6b	68	@{
wini	0:e0adec41ad6b	69
wini	0:e0adec41ad6b	70	Alert messages are generated by SharkSSL or the peer side on errors.
wini	0:e0adec41ad6b	71
wini	0:e0adec41ad6b	72	Alert messages are one of: fatal or warning. A fatal error means that
wini	0:e0adec41ad6b	73	the connection must be closed.
wini	0:e0adec41ad6b	74	*/
wini	0:e0adec41ad6b	75
wini	0:e0adec41ad6b	76	/** SSL/TLS warning message */
wini	0:e0adec41ad6b	77	#define SHARKSSL_ALERT_LEVEL_WARNING 1
wini	0:e0adec41ad6b	78
wini	0:e0adec41ad6b	79	/** Fatal error message. Connection must be closed. */
wini	0:e0adec41ad6b	80	#define SHARKSSL_ALERT_LEVEL_FATAL 2
wini	0:e0adec41ad6b	81
wini	0:e0adec41ad6b	82	/** \defgroup SharkSslAlertMsg SSL/TLS Alert Messages
wini	0:e0adec41ad6b	83	\ingroup SharkSslAlert
wini	0:e0adec41ad6b	84	@{
wini	0:e0adec41ad6b	85
wini	0:e0adec41ad6b	86	\brief Alert messages returned by function #SharkSslCon_getAlertDescription
wini	0:e0adec41ad6b	87
wini	0:e0adec41ad6b	88	Alert messages are generated by SharkSSL when processing the incoming
wini	0:e0adec41ad6b	89	data fails. Alert messages can also be received from the peer side,
wini	0:e0adec41ad6b	90	when the peer fails to process the data.
wini	0:e0adec41ad6b	91	*/
wini	0:e0adec41ad6b	92
wini	0:e0adec41ad6b	93	/** SHARKSSL_ALERT_CLOSE_NOTIFY */
wini	0:e0adec41ad6b	94	#define SHARKSSL_ALERT_CLOSE_NOTIFY 0
wini	0:e0adec41ad6b	95	/** SHARKSSL_ALERT_UNEXPECTED_MESSAGE */
wini	0:e0adec41ad6b	96	#define SHARKSSL_ALERT_UNEXPECTED_MESSAGE 10
wini	0:e0adec41ad6b	97	/** SHARKSSL_ALERT_BAD_RECORD_MAC */
wini	0:e0adec41ad6b	98	#define SHARKSSL_ALERT_BAD_RECORD_MAC 20
wini	0:e0adec41ad6b	99	/** SHARKSSL_ALERT_DECRYPTION_FAILED */
wini	0:e0adec41ad6b	100	#define SHARKSSL_ALERT_DECRYPTION_FAILED 21
wini	0:e0adec41ad6b	101	/** SHARKSSL_ALERT_RECORD_OVERFLOW */
wini	0:e0adec41ad6b	102	#define SHARKSSL_ALERT_RECORD_OVERFLOW 22
wini	0:e0adec41ad6b	103	/** SHARKSSL_ALERT_DECOMPRESSION_FAILURE */
wini	0:e0adec41ad6b	104	#define SHARKSSL_ALERT_DECOMPRESSION_FAILURE 30
wini	0:e0adec41ad6b	105	/** SHARKSSL_ALERT_HANDSHAKE_FAILURE */
wini	0:e0adec41ad6b	106	#define SHARKSSL_ALERT_HANDSHAKE_FAILURE 40
wini	0:e0adec41ad6b	107	/** SHARKSSL_ALERT_NO_CERTIFICATE */
wini	0:e0adec41ad6b	108	#define SHARKSSL_ALERT_NO_CERTIFICATE 41 /* SSL 3.0 only */
wini	0:e0adec41ad6b	109	/** SHARKSSL_ALERT_BAD_CERTIFICATE */
wini	0:e0adec41ad6b	110	#define SHARKSSL_ALERT_BAD_CERTIFICATE 42
wini	0:e0adec41ad6b	111	/** SHARKSSL_ALERT_UNSUPPORTED_CERTIFICATE */
wini	0:e0adec41ad6b	112	#define SHARKSSL_ALERT_UNSUPPORTED_CERTIFICATE 43
wini	0:e0adec41ad6b	113	/** SHARKSSL_ALERT_CERTIFICATE_REVOKED */
wini	0:e0adec41ad6b	114	#define SHARKSSL_ALERT_CERTIFICATE_REVOKED 44
wini	0:e0adec41ad6b	115	/** SHARKSSL_ALERT_CERTIFICATE_EXPIRED */
wini	0:e0adec41ad6b	116	#define SHARKSSL_ALERT_CERTIFICATE_EXPIRED 45
wini	0:e0adec41ad6b	117	/** SHARKSSL_ALERT_CERTIFICATE_UNKNOWN */
wini	0:e0adec41ad6b	118	#define SHARKSSL_ALERT_CERTIFICATE_UNKNOWN 46
wini	0:e0adec41ad6b	119	/** SHARKSSL_ALERT_ILLEGAL_PARAMETER */
wini	0:e0adec41ad6b	120	#define SHARKSSL_ALERT_ILLEGAL_PARAMETER 47
wini	0:e0adec41ad6b	121	/** SHARKSSL_ALERT_UNKNOWN_CA */
wini	0:e0adec41ad6b	122	#define SHARKSSL_ALERT_UNKNOWN_CA 48
wini	0:e0adec41ad6b	123	/** SHARKSSL_ALERT_ACCESS_DENIED */
wini	0:e0adec41ad6b	124	#define SHARKSSL_ALERT_ACCESS_DENIED 49
wini	0:e0adec41ad6b	125	/** SHARKSSL_ALERT_DECODE_ERROR */
wini	0:e0adec41ad6b	126	#define SHARKSSL_ALERT_DECODE_ERROR 50
wini	0:e0adec41ad6b	127	/** SHARKSSL_ALERT_DECRYPT_ERROR */
wini	0:e0adec41ad6b	128	#define SHARKSSL_ALERT_DECRYPT_ERROR 51
wini	0:e0adec41ad6b	129	/** SHARKSSL_ALERT_EXPORT_RESTRICTION */
wini	0:e0adec41ad6b	130	#define SHARKSSL_ALERT_EXPORT_RESTRICTION 60
wini	0:e0adec41ad6b	131	/** SHARKSSL_ALERT_PROTOCOL_VERSION */
wini	0:e0adec41ad6b	132	#define SHARKSSL_ALERT_PROTOCOL_VERSION 70
wini	0:e0adec41ad6b	133	/** SHARKSSL_ALERT_INSUFFICIENT_SECURITY */
wini	0:e0adec41ad6b	134	#define SHARKSSL_ALERT_INSUFFICIENT_SECURITY 71
wini	0:e0adec41ad6b	135	/** SHARKSSL_ALERT_INTERNAL_ERROR */
wini	0:e0adec41ad6b	136	#define SHARKSSL_ALERT_INTERNAL_ERROR 80
wini	0:e0adec41ad6b	137	/** SHARKSSL_ALERT_USER_CANCELED */
wini	0:e0adec41ad6b	138	#define SHARKSSL_ALERT_USER_CANCELED 90
wini	0:e0adec41ad6b	139	/** SHARKSSL_ALERT_NO_RENEGOTIATION */
wini	0:e0adec41ad6b	140	#define SHARKSSL_ALERT_NO_RENEGOTIATION 100
wini	0:e0adec41ad6b	141	/** SHARKSSL_ALERT_UNKNOWN_PSK_IDENTITY */
wini	0:e0adec41ad6b	142	#define SHARKSSL_ALERT_UNKNOWN_PSK_IDENTITY 115
wini	0:e0adec41ad6b	143
wini	0:e0adec41ad6b	144	/** @} / / end group SharkSslAlertMsg */
wini	0:e0adec41ad6b	145	/** @} / / end group SharkSslAlert */
wini	0:e0adec41ad6b	146
wini	0:e0adec41ad6b	147
wini	0:e0adec41ad6b	148	/** \defgroup SharkSslCiphers Supported Ciphersuites
wini	0:e0adec41ad6b	149	\ingroup SharkSslInfoAndCodes
wini	0:e0adec41ad6b	150	@{
wini	0:e0adec41ad6b	151
wini	0:e0adec41ad6b	152	\brief Supported Ciphersuites and values returned by
wini	0:e0adec41ad6b	153	SharkSslCon_getCiphersuite.
wini	0:e0adec41ad6b	154	*/
wini	0:e0adec41ad6b	155
wini	0:e0adec41ad6b	156	/** TLS_NULL_WITH_NULL_NULL */
wini	0:e0adec41ad6b	157	#define TLS_NULL_WITH_NULL_NULL 0x0000
wini	0:e0adec41ad6b	158	/** TLS_RSA_WITH_NULL_MD5 */
wini	0:e0adec41ad6b	159	#define TLS_RSA_WITH_NULL_MD5 0x0001
wini	0:e0adec41ad6b	160	/** TLS_RSA_WITH_NULL_SHA */
wini	0:e0adec41ad6b	161	#define TLS_RSA_WITH_NULL_SHA 0x0002
wini	0:e0adec41ad6b	162	/** TLS_RSA_WITH_RC4_128_MD5 */
wini	0:e0adec41ad6b	163	#define TLS_RSA_WITH_RC4_128_MD5 0x0004
wini	0:e0adec41ad6b	164	/** TLS_RSA_WITH_RC4_128_SHA */
wini	0:e0adec41ad6b	165	#define TLS_RSA_WITH_RC4_128_SHA 0x0005
wini	0:e0adec41ad6b	166	/** TLS_RSA_WITH_DES_CBC_SHA */
wini	0:e0adec41ad6b	167	#define TLS_RSA_WITH_DES_CBC_SHA 0x0009
wini	0:e0adec41ad6b	168	/** TLS_RSA_WITH_3DES_EDE_CBC_SHA */
wini	0:e0adec41ad6b	169	#define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x000A
wini	0:e0adec41ad6b	170	/** TLS_DHE_RSA_WITH_DES_CBC_SHA */
wini	0:e0adec41ad6b	171	#define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x0015
wini	0:e0adec41ad6b	172	/** TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA */
wini	0:e0adec41ad6b	173	#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x0016
wini	0:e0adec41ad6b	174	/** TLS_RSA_WITH_AES_128_CBC_SHA */
wini	0:e0adec41ad6b	175	#define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F
wini	0:e0adec41ad6b	176	/** TLS_DHE_RSA_WITH_AES_128_CBC_SHA */
wini	0:e0adec41ad6b	177	#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033
wini	0:e0adec41ad6b	178	/** TLS_RSA_WITH_AES_256_CBC_SHA */
wini	0:e0adec41ad6b	179	#define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035
wini	0:e0adec41ad6b	180	/** TLS_DHE_RSA_WITH_AES_256_CBC_SHA */
wini	0:e0adec41ad6b	181	#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039
wini	0:e0adec41ad6b	182	/** TLS_RSA_WITH_NULL_SHA256 */
wini	0:e0adec41ad6b	183	#define TLS_RSA_WITH_NULL_SHA256 0x003B
wini	0:e0adec41ad6b	184	/** TLS_RSA_WITH_AES_128_CBC_SHA256 */
wini	0:e0adec41ad6b	185	#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x003C
wini	0:e0adec41ad6b	186	/** TLS_RSA_WITH_AES_256_CBC_SHA256 */
wini	0:e0adec41ad6b	187	#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003D
wini	0:e0adec41ad6b	188	/** TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 */
wini	0:e0adec41ad6b	189	#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x0067
wini	0:e0adec41ad6b	190	/** TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 */
wini	0:e0adec41ad6b	191	#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x006B
wini	0:e0adec41ad6b	192	/** TLS_PSK_WITH_RC4_128_SHA */
wini	0:e0adec41ad6b	193	#define TLS_PSK_WITH_RC4_128_SHA 0x008A
wini	0:e0adec41ad6b	194	/** TLS_PSK_WITH_3DES_EDE_CBC_SHA */
wini	0:e0adec41ad6b	195	#define TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x008B
wini	0:e0adec41ad6b	196	/** TLS_PSK_WITH_AES_128_CBC_SHA */
wini	0:e0adec41ad6b	197	#define TLS_PSK_WITH_AES_128_CBC_SHA 0x008C
wini	0:e0adec41ad6b	198	/** TLS_PSK_WITH_AES_256_CBC_SHA */
wini	0:e0adec41ad6b	199	#define TLS_PSK_WITH_AES_256_CBC_SHA 0x008D
wini	0:e0adec41ad6b	200	/** TLS_RSA_WITH_AES_128_GCM_SHA256 */
wini	0:e0adec41ad6b	201	#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C
wini	0:e0adec41ad6b	202	/** TLS_RSA_WITH_AES_256_GCM_SHA384 */
wini	0:e0adec41ad6b	203	#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x009D
wini	0:e0adec41ad6b	204	/** TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 */
wini	0:e0adec41ad6b	205	#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x009E
wini	0:e0adec41ad6b	206	/** TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 */
wini	0:e0adec41ad6b	207	#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x009F
wini	0:e0adec41ad6b	208	/** TLS_PSK_WITH_AES_128_GCM_SHA256 */
wini	0:e0adec41ad6b	209	#define TLS_PSK_WITH_AES_128_GCM_SHA256 0x00A8
wini	0:e0adec41ad6b	210	/** TLS_PSK_WITH_AES_256_GCM_SHA384 */
wini	0:e0adec41ad6b	211	#define TLS_PSK_WITH_AES_256_GCM_SHA384 0x00A9
wini	0:e0adec41ad6b	212	/** TLS_PSK_WITH_AES_128_CBC_SHA256 */
wini	0:e0adec41ad6b	213	#define TLS_PSK_WITH_AES_128_CBC_SHA256 0x00AE
wini	0:e0adec41ad6b	214	/** TLS_PSK_WITH_AES_256_CBC_SHA384 */
wini	0:e0adec41ad6b	215	#define TLS_PSK_WITH_AES_256_CBC_SHA384 0x00AF
wini	0:e0adec41ad6b	216	/** TLS_ECDH_ECDSA_WITH_NULL_SHA */
wini	0:e0adec41ad6b	217	#define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001
wini	0:e0adec41ad6b	218	/** TLS_ECDH_ECDSA_WITH_RC4_128_SHA */
wini	0:e0adec41ad6b	219	#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002
wini	0:e0adec41ad6b	220	/** TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA */
wini	0:e0adec41ad6b	221	#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003
wini	0:e0adec41ad6b	222	/** TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA */
wini	0:e0adec41ad6b	223	#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004
wini	0:e0adec41ad6b	224	/** TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA */
wini	0:e0adec41ad6b	225	#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005
wini	0:e0adec41ad6b	226	/** TLS_ECDHE_ECDSA_WITH_NULL_SHA */
wini	0:e0adec41ad6b	227	#define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006
wini	0:e0adec41ad6b	228	/** TLS_ECDHE_ECDSA_WITH_RC4_128_SHA */
wini	0:e0adec41ad6b	229	#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007
wini	0:e0adec41ad6b	230	/** TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA */
wini	0:e0adec41ad6b	231	#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008
wini	0:e0adec41ad6b	232	/** TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA */
wini	0:e0adec41ad6b	233	#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009
wini	0:e0adec41ad6b	234	/** TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA */
wini	0:e0adec41ad6b	235	#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A
wini	0:e0adec41ad6b	236	/** TLS_ECDH_RSA_WITH_NULL_SHA */
wini	0:e0adec41ad6b	237	#define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B
wini	0:e0adec41ad6b	238	/** TLS_ECDH_RSA_WITH_RC4_128_SHA */
wini	0:e0adec41ad6b	239	#define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C
wini	0:e0adec41ad6b	240	/** TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA */
wini	0:e0adec41ad6b	241	#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D
wini	0:e0adec41ad6b	242	/** TLS_ECDH_RSA_WITH_AES_128_CBC_SHA */
wini	0:e0adec41ad6b	243	#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E
wini	0:e0adec41ad6b	244	/** TLS_ECDH_RSA_WITH_AES_256_CBC_SHA */
wini	0:e0adec41ad6b	245	#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F
wini	0:e0adec41ad6b	246	/** TLS_ECDHE_RSA_WITH_NULL_SHA */
wini	0:e0adec41ad6b	247	#define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010
wini	0:e0adec41ad6b	248	/** TLS_ECDHE_RSA_WITH_RC4_128_SHA */
wini	0:e0adec41ad6b	249	#define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011
wini	0:e0adec41ad6b	250	/** TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA */
wini	0:e0adec41ad6b	251	#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012
wini	0:e0adec41ad6b	252	/** TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA */
wini	0:e0adec41ad6b	253	#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013
wini	0:e0adec41ad6b	254	/** TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */
wini	0:e0adec41ad6b	255	#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014
wini	0:e0adec41ad6b	256	/** TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 */
wini	0:e0adec41ad6b	257	#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023
wini	0:e0adec41ad6b	258	/** TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 */
wini	0:e0adec41ad6b	259	#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024
wini	0:e0adec41ad6b	260	/** TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 */
wini	0:e0adec41ad6b	261	#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025
wini	0:e0adec41ad6b	262	/** TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 */
wini	0:e0adec41ad6b	263	#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026
wini	0:e0adec41ad6b	264	/** TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 */
wini	0:e0adec41ad6b	265	#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027
wini	0:e0adec41ad6b	266	/** TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 */
wini	0:e0adec41ad6b	267	#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028
wini	0:e0adec41ad6b	268	/** TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 */
wini	0:e0adec41ad6b	269	#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029
wini	0:e0adec41ad6b	270	/** TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 */
wini	0:e0adec41ad6b	271	#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A
wini	0:e0adec41ad6b	272	/** TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 */
wini	0:e0adec41ad6b	273	#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B
wini	0:e0adec41ad6b	274	/** TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 */
wini	0:e0adec41ad6b	275	#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C
wini	0:e0adec41ad6b	276	/** TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 */
wini	0:e0adec41ad6b	277	#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D
wini	0:e0adec41ad6b	278	/** TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 */
wini	0:e0adec41ad6b	279	#define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E
wini	0:e0adec41ad6b	280	/** TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */
wini	0:e0adec41ad6b	281	#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F
wini	0:e0adec41ad6b	282	/** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 */
wini	0:e0adec41ad6b	283	#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030
wini	0:e0adec41ad6b	284	/** TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 */
wini	0:e0adec41ad6b	285	#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031
wini	0:e0adec41ad6b	286	/** TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 */
wini	0:e0adec41ad6b	287	#define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032
wini	0:e0adec41ad6b	288	/** TLS_RSA_WITH_AES_128_CCM */
wini	0:e0adec41ad6b	289	#define TLS_RSA_WITH_AES_128_CCM 0xC09C
wini	0:e0adec41ad6b	290	/** TLS_RSA_WITH_AES_256_CCM */
wini	0:e0adec41ad6b	291	#define TLS_RSA_WITH_AES_256_CCM 0xC09D
wini	0:e0adec41ad6b	292	/** TLS_DHE_RSA_WITH_AES_128_CCM */
wini	0:e0adec41ad6b	293	#define TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E
wini	0:e0adec41ad6b	294	/** TLS_DHE_RSA_WITH_AES_256_CCM */
wini	0:e0adec41ad6b	295	#define TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F
wini	0:e0adec41ad6b	296	/** TLS_RSA_WITH_AES_128_CCM_8 */
wini	0:e0adec41ad6b	297	#define TLS_RSA_WITH_AES_128_CCM_8 0xC0A0
wini	0:e0adec41ad6b	298	/** TLS_RSA_WITH_AES_256_CCM_8 */
wini	0:e0adec41ad6b	299	#define TLS_RSA_WITH_AES_256_CCM_8 0xC0A1
wini	0:e0adec41ad6b	300	/** TLS_DHE_RSA_WITH_AES_128_CCM_8 */
wini	0:e0adec41ad6b	301	#define TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2
wini	0:e0adec41ad6b	302	/** TLS_DHE_RSA_WITH_AES_256_CCM_8 */
wini	0:e0adec41ad6b	303	#define TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3
wini	0:e0adec41ad6b	304	/** TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 */
wini	0:e0adec41ad6b	305	#define TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCC13
wini	0:e0adec41ad6b	306	/** TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 */
wini	0:e0adec41ad6b	307	#define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCC14
wini	0:e0adec41ad6b	308	/** TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 */
wini	0:e0adec41ad6b	309	#define TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCC15
wini	0:e0adec41ad6b	310
wini	0:e0adec41ad6b	311	/** @} / / end group SharkSslCiphers */
wini	0:e0adec41ad6b	312
wini	0:e0adec41ad6b	313
wini	0:e0adec41ad6b	314	/** \defgroup SharkSslProtocol SSL and TLS protocol version
wini	0:e0adec41ad6b	315	\ingroup SharkSslInfoAndCodes
wini	0:e0adec41ad6b	316	@{
wini	0:e0adec41ad6b	317	\brief Return values from function #SharkSslCon_getProtocol.
wini	0:e0adec41ad6b	318	*/
wini	0:e0adec41ad6b	319
wini	0:e0adec41ad6b	320	/** SHARKSSL_PROTOCOL_UNKNOWN */
wini	0:e0adec41ad6b	321	#define SHARKSSL_PROTOCOL_UNKNOWN 0x00
wini	0:e0adec41ad6b	322	/** SHARKSSL_PROTOCOL_SSL_3_0 */
wini	0:e0adec41ad6b	323	#define SHARKSSL_PROTOCOL_SSL_3_0 0x30
wini	0:e0adec41ad6b	324	/** SHARKSSL_PROTOCOL_TLS_1_0 */
wini	0:e0adec41ad6b	325	#define SHARKSSL_PROTOCOL_TLS_1_0 0x31
wini	0:e0adec41ad6b	326	/** SHARKSSL_PROTOCOL_TLS_1_1 */
wini	0:e0adec41ad6b	327	#define SHARKSSL_PROTOCOL_TLS_1_1 0x32
wini	0:e0adec41ad6b	328	/** SHARKSSL_PROTOCOL_TLS_1_2 */
wini	0:e0adec41ad6b	329	#define SHARKSSL_PROTOCOL_TLS_1_2 0x33
wini	0:e0adec41ad6b	330
wini	0:e0adec41ad6b	331	/** @} / / end group SharkSslProtocol */
wini	0:e0adec41ad6b	332
wini	0:e0adec41ad6b	333
wini	0:e0adec41ad6b	334	#if (SHARKSSL_ENABLE_RSA \|\| SHARKSSL_ENABLE_ECDSA)
wini	0:e0adec41ad6b	335	#ifndef BA_API /* standalone SharkSSL */
wini	0:e0adec41ad6b	336	#define BA_API SHARKSSL_API
wini	0:e0adec41ad6b	337	#ifdef _SHARKSSL_C_
wini	0:e0adec41ad6b	338	#define SingleListCode 1
wini	0:e0adec41ad6b	339	#endif
wini	0:e0adec41ad6b	340	#endif
wini	0:e0adec41ad6b	341	#include "SingleList.h"
wini	0:e0adec41ad6b	342	#endif
wini	0:e0adec41ad6b	343
wini	0:e0adec41ad6b	344
wini	0:e0adec41ad6b	345	#if SHARKSSL_ENABLE_SESSION_CACHE \|\| SHARKSSL_NOPACK
wini	0:e0adec41ad6b	346
wini	0:e0adec41ad6b	347	/** @addtogroup SharkSslSessionApi
wini	0:e0adec41ad6b	348	@{
wini	0:e0adec41ad6b	349	*/
wini	0:e0adec41ad6b	350
wini	0:e0adec41ad6b	351	/** SharkSslSession is an opaque handle returned by function
wini	0:e0adec41ad6b	352	#SharkSslCon_acquireSession.
wini	0:e0adec41ad6b	353	*/
wini	0:e0adec41ad6b	354	typedef struct SharkSslSession SharkSslSession;
wini	0:e0adec41ad6b	355
wini	0:e0adec41ad6b	356	/** @} / / end group SharkSslSessionApi */
wini	0:e0adec41ad6b	357
wini	0:e0adec41ad6b	358	#ifndef _DOXYGEN
wini	0:e0adec41ad6b	359	typedef struct SharkSslSessionCache
wini	0:e0adec41ad6b	360	{
wini	0:e0adec41ad6b	361	SharkSslSession *cache;
wini	0:e0adec41ad6b	362	ThreadMutexBase cacheMutex;
wini	0:e0adec41ad6b	363	U16 cacheSize;
wini	0:e0adec41ad6b	364	} SharkSslSessionCache;
wini	0:e0adec41ad6b	365	#endif
wini	0:e0adec41ad6b	366	#endif
wini	0:e0adec41ad6b	367
wini	0:e0adec41ad6b	368
wini	0:e0adec41ad6b	369	/** \addtogroup SharkSslInfoAndCodes
wini	0:e0adec41ad6b	370	@{
wini	0:e0adec41ad6b	371	*/
wini	0:e0adec41ad6b	372
wini	0:e0adec41ad6b	373	/** Select one of client or server mode when creating a #SharkSsl
wini	0:e0adec41ad6b	374	object.
wini	0:e0adec41ad6b	375
wini	0:e0adec41ad6b	376	__Note:__ A SharkSsl instance in server mode requires that you
wini	0:e0adec41ad6b	377	install at a minimum one certificate by calling function
wini	0:e0adec41ad6b	378	#SharkSsl_addCertificate.
wini	0:e0adec41ad6b	379	*/
wini	0:e0adec41ad6b	380	typedef enum
wini	0:e0adec41ad6b	381	{
wini	0:e0adec41ad6b	382	SharkSsl_Unspecified, /!< Invalid value /
wini	0:e0adec41ad6b	383	SharkSsl_Server, /!< Select SSL server mode /
wini	0:e0adec41ad6b	384	SharkSsl_Client /!< Select SSL client mode /
wini	0:e0adec41ad6b	385	} SharkSsl_Role;
wini	0:e0adec41ad6b	386
wini	0:e0adec41ad6b	387	/** @} / / end group SharkSslInfoAndCodes */
wini	0:e0adec41ad6b	388
wini	0:e0adec41ad6b	389
wini	0:e0adec41ad6b	390	#if (SHARKSSL_ENABLE_RSA \|\| SHARKSSL_ENABLE_ECDSA)
wini	0:e0adec41ad6b	391	/** \addtogroup SharkSslInfoAndCodes
wini	0:e0adec41ad6b	392	@{
wini	0:e0adec41ad6b	393	*/
wini	0:e0adec41ad6b	394
wini	0:e0adec41ad6b	395	/** The SharkSSL Certificate is in a binary format optimized for speed
wini	0:e0adec41ad6b	396	and size. The certificate can be created by calling #sharkssl_PEM
wini	0:e0adec41ad6b	397	or by using the command line tool
wini	0:e0adec41ad6b	398	[SharkSslParseCert](\ref SharkSslParseCert)
wini	0:e0adec41ad6b	399	*/
wini	0:e0adec41ad6b	400	typedef const U8 *SharkSslCert;
wini	0:e0adec41ad6b	401
wini	0:e0adec41ad6b	402	#if SHARKSSL_ENABLE_CA_LIST
wini	0:e0adec41ad6b	403	/** The SharkSSL Certificate Authority (CA) List is in a binary format
wini	0:e0adec41ad6b	404	optimized for speed and size. The list can be created by calling
wini	0:e0adec41ad6b	405	#SharkSslCertStore_assemble or by using the command line tool
wini	0:e0adec41ad6b	406	[SharkSSLParseCAList](\ref SharkSSLParseCAList).
wini	0:e0adec41ad6b	407	*/
wini	0:e0adec41ad6b	408	typedef const U8 *SharkSslCAList;
wini	0:e0adec41ad6b	409	#endif
wini	0:e0adec41ad6b	410
wini	0:e0adec41ad6b	411	/** @} / / end group SharkSslInfoAndCodes */
wini	0:e0adec41ad6b	412	#endif
wini	0:e0adec41ad6b	413
wini	0:e0adec41ad6b	414	#if SHARKSSL_ENABLE_PSK \|\| SHARKSSL_NOPACK
wini	0:e0adec41ad6b	415	/** \addtogroup SharkSslInfoAndCodes
wini	0:e0adec41ad6b	416	@{
wini	0:e0adec41ad6b	417	*/
wini	0:e0adec41ad6b	418
wini	0:e0adec41ad6b	419	/** The SharkSSL PSK table is in an optimized binary format.
wini	0:e0adec41ad6b	420	The table can be created by using the command line tool
wini	0:e0adec41ad6b	421	[SharkSslParsePSKTable](\ref SharkSSLParsePSKTable).
wini	0:e0adec41ad6b	422	*/
wini	0:e0adec41ad6b	423	typedef const U8 *SharkSslPSKTable;
wini	0:e0adec41ad6b	424
wini	0:e0adec41ad6b	425	/** @} / / end group SharkSslInfoAndCodes */
wini	0:e0adec41ad6b	426	#endif
wini	0:e0adec41ad6b	427
wini	0:e0adec41ad6b	428	#ifndef _DOXYGEN
wini	0:e0adec41ad6b	429	struct SharkSsl;
wini	0:e0adec41ad6b	430	#endif
wini	0:e0adec41ad6b	431
wini	0:e0adec41ad6b	432
wini	0:e0adec41ad6b	433	/* Non documented API used by SharkSslSCMgr when used indirectly by
wini	0:e0adec41ad6b	434	Lua code in the Barracuda Application Server. The code manages
wini	0:e0adec41ad6b	435	automatic destruction of SharkSslSCMgr.
wini	0:e0adec41ad6b	436	*/
wini	0:e0adec41ad6b	437	#ifndef _DOXYGEN
wini	0:e0adec41ad6b	438	struct SharkSslIntf;
wini	0:e0adec41ad6b	439	typedef void (SharkSslIntf_Terminate)(struct SharkSslIntf o,
wini	0:e0adec41ad6b	440	struct SharkSsl* ssl);
wini	0:e0adec41ad6b	441	typedef struct SharkSslIntf
wini	0:e0adec41ad6b	442	{
wini	0:e0adec41ad6b	443	SharkSslIntf_Terminate terminate;
wini	0:e0adec41ad6b	444	} SharkSslIntf;
wini	0:e0adec41ad6b	445	#define SharkSslIntf_constructor(o,terminateFunc) (o)->terminate=terminateFunc
wini	0:e0adec41ad6b	446	#endif
wini	0:e0adec41ad6b	447
wini	0:e0adec41ad6b	448
wini	0:e0adec41ad6b	449	/** \addtogroup SharkSslInfoAndCodes
wini	0:e0adec41ad6b	450	@{
wini	0:e0adec41ad6b	451	*/
wini	0:e0adec41ad6b	452
wini	0:e0adec41ad6b	453	/** SharkSslCon is an opaque handle returned by function
wini	0:e0adec41ad6b	454	#SharkSsl_createCon.
wini	0:e0adec41ad6b	455
wini	0:e0adec41ad6b	456	The lifetime of a SharkSslCon object is as follows:
wini	0:e0adec41ad6b	457
wini	0:e0adec41ad6b	458	- Create a network connection and create a SharkSslCon object by
wini	0:e0adec41ad6b	459	calling #SharkSsl_createCon
wini	0:e0adec41ad6b	460
wini	0:e0adec41ad6b	461	- Use the SharkSslCon functions to encode and decode data sent
wini	0:e0adec41ad6b	462	and received over the network. See #SharkSslCon_encrypt and
wini	0:e0adec41ad6b	463	#SharkSslCon_decrypt for more information.
wini	0:e0adec41ad6b	464
wini	0:e0adec41ad6b	465	- When you are ready to close the connection: close the network
wini	0:e0adec41ad6b	466	connection and call function #SharkSsl_terminateCon
wini	0:e0adec41ad6b	467
wini	0:e0adec41ad6b	468	\sa SharkSsl
wini	0:e0adec41ad6b	469	*/
wini	0:e0adec41ad6b	470	typedef struct SharkSslCon SharkSslCon;
wini	0:e0adec41ad6b	471
wini	0:e0adec41ad6b	472
wini	0:e0adec41ad6b	473	/** A SharkSsl object is the coordinator for managing #SharkSslCon
wini	0:e0adec41ad6b	474	objects (See #SharkSsl_constructor for details).
wini	0:e0adec41ad6b	475	*/
wini	0:e0adec41ad6b	476	typedef struct
wini	0:e0adec41ad6b	477	SharkSsl
wini	0:e0adec41ad6b	478	{
wini	0:e0adec41ad6b	479	#ifdef __cplusplus
wini	0:e0adec41ad6b	480	void *operator new(size_t s) { return ::baMalloc(s); }
wini	0:e0adec41ad6b	481	void operator delete(void* d) { if(d) ::baFree(d); }
wini	0:e0adec41ad6b	482	void operator new(size_t, void place) { return place; }
wini	0:e0adec41ad6b	483	void operator delete(void, void ) { }
wini	0:e0adec41ad6b	484
wini	0:e0adec41ad6b	485	SharkSsl() {};
wini	0:e0adec41ad6b	486
wini	0:e0adec41ad6b	487	SharkSsl(SharkSsl_Role role,
wini	0:e0adec41ad6b	488	U16 cacheSize = 0,
wini	0:e0adec41ad6b	489	U16 inBufStartSize = 4096,
wini	0:e0adec41ad6b	490	U16 outBufSize = 4096
wini	0:e0adec41ad6b	491	);
wini	0:e0adec41ad6b	492
wini	0:e0adec41ad6b	493	~SharkSsl();
wini	0:e0adec41ad6b	494	SharkSslCon *createCon(void);
wini	0:e0adec41ad6b	495	U8 setCAList(SharkSslCAList caList);
wini	0:e0adec41ad6b	496	U8 addCertificate(SharkSslCert cert);
wini	0:e0adec41ad6b	497	void terminateCon(SharkSslCon *sslCon);
wini	0:e0adec41ad6b	498	#endif
wini	0:e0adec41ad6b	499	#if (SHARKSSL_SSL_SERVER_CODE && SHARKSSL_SSL_CLIENT_CODE) \|\| SHARKSSL_NOPACK
wini	0:e0adec41ad6b	500	SharkSsl_Role role;
wini	0:e0adec41ad6b	501	#endif
wini	0:e0adec41ad6b	502	U16 outBufSize;
wini	0:e0adec41ad6b	503	U16 inBufStartSize;
wini	0:e0adec41ad6b	504	U16 nCon;
wini	0:e0adec41ad6b	505	#if (SHARKSSL_ENABLE_RSA \|\| (SHARKSSL_ENABLE_ECDSA)) \|\| SHARKSSL_NOPACK
wini	0:e0adec41ad6b	506	SingleList certList;
wini	0:e0adec41ad6b	507	#if SHARKSSL_ENABLE_CA_LIST \|\| SHARKSSL_NOPACK
wini	0:e0adec41ad6b	508	SharkSslCAList caList;
wini	0:e0adec41ad6b	509	#endif
wini	0:e0adec41ad6b	510	#endif
wini	0:e0adec41ad6b	511	#if SHARKSSL_ENABLE_PSK \|\| SHARKSSL_NOPACK
wini	0:e0adec41ad6b	512	SharkSslPSKTable tablePSK;
wini	0:e0adec41ad6b	513	#endif
wini	0:e0adec41ad6b	514	#if SHARKSSL_ENABLE_SESSION_CACHE \|\| SHARKSSL_NOPACK
wini	0:e0adec41ad6b	515	SharkSslSessionCache sessionCache;
wini	0:e0adec41ad6b	516	/* Reserved for use with one SharkSslSCMgr object */
wini	0:e0adec41ad6b	517	SharkSslIntf* intf;
wini	0:e0adec41ad6b	518	#endif
wini	0:e0adec41ad6b	519	} SharkSsl;
wini	0:e0adec41ad6b	520
wini	0:e0adec41ad6b	521	/** @} / / end group SharkSslInfoAndCodes */
wini	0:e0adec41ad6b	522
wini	0:e0adec41ad6b	523	/** @addtogroup SharkSslCoreApi
wini	0:e0adec41ad6b	524	@{
wini	0:e0adec41ad6b	525	*/
wini	0:e0adec41ad6b	526
wini	0:e0adec41ad6b	527	/** The #SharkSslCon_decrypt and #SharkSslCon_encrypt return values.
wini	0:e0adec41ad6b	528	*/
wini	0:e0adec41ad6b	529	typedef enum
wini	0:e0adec41ad6b	530	{
wini	0:e0adec41ad6b	531	/** Indicates general errors, including configuration errors.
wini	0:e0adec41ad6b	532	*/
wini	0:e0adec41ad6b	533	SharkSslCon_Error = 1,
wini	0:e0adec41ad6b	534
wini	0:e0adec41ad6b	535	/** The memory pool is too small.
wini	0:e0adec41ad6b	536	*/
wini	0:e0adec41ad6b	537	SharkSslCon_AllocationError,
wini	0:e0adec41ad6b	538
wini	0:e0adec41ad6b	539	/** Returned when a block of received data has been successfully decrypted.
wini	0:e0adec41ad6b	540
wini	0:e0adec41ad6b	541	__selib.c code snippet:__
wini	0:e0adec41ad6b	542	\dontinclude selib.c
wini	0:e0adec41ad6b	543	\skipline case SharkSslCon_Decrypted:
wini	0:e0adec41ad6b	544	\until return
wini	0:e0adec41ad6b	545
wini	0:e0adec41ad6b	546	\sa SharkSslCon_getDecData
wini	0:e0adec41ad6b	547	*/
wini	0:e0adec41ad6b	548	SharkSslCon_Decrypted,
wini	0:e0adec41ad6b	549
wini	0:e0adec41ad6b	550	/** Returned when an SSL/TLS handshake message has been received or
wini	0:e0adec41ad6b	551	is to be sent. During this phase, one must call
wini	0:e0adec41ad6b	552	#SharkSslCon_getHandshakeData and
wini	0:e0adec41ad6b	553	#SharkSslCon_getHandshakeDataLen, and send the handshake data to
wini	0:e0adec41ad6b	554	the peer side.
wini	0:e0adec41ad6b	555
wini	0:e0adec41ad6b	556	__selib.c code snippet:__
wini	0:e0adec41ad6b	557	\dontinclude selib.c
wini	0:e0adec41ad6b	558	\skipline case SharkSslCon_Handshake:
wini	0:e0adec41ad6b	559	\until xprintf(("handshake complete"));
wini	0:e0adec41ad6b	560	*/
wini	0:e0adec41ad6b	561	SharkSslCon_Handshake,
wini	0:e0adec41ad6b	562
wini	0:e0adec41ad6b	563	/** Returned when SharkSSL holds an incomplete SSL/TLS record or
wini	0:e0adec41ad6b	564	when the connection is initially established and the readLen
wini	0:e0adec41ad6b	565	parameter is zero.
wini	0:e0adec41ad6b	566
wini	0:e0adec41ad6b	567	__selib.c code snippet:__
wini	0:e0adec41ad6b	568	\dontinclude selib.c
wini	0:e0adec41ad6b	569	\skipline case SharkSslCon_NeedMoreData:
wini	0:e0adec41ad6b	570	\until decrypt next record
wini	0:e0adec41ad6b	571
wini	0:e0adec41ad6b	572	\sa #SharkSslCon_getBuf and #SharkSslCon_getBufLen
wini	0:e0adec41ad6b	573	*/
wini	0:e0adec41ad6b	574	SharkSslCon_NeedMoreData,
wini	0:e0adec41ad6b	575
wini	0:e0adec41ad6b	576	/** Returned when an [SSL/TLS alert message](@ref SharkSslAlertMsg)
wini	0:e0adec41ad6b	577	must be sent to the peer side. The error code, which must be
wini	0:e0adec41ad6b	578	sent to the peer, indicates that SharkSSL was unable to decode
wini	0:e0adec41ad6b	579	the data sent from the peer.
wini	0:e0adec41ad6b	580
wini	0:e0adec41ad6b	581	__selib.c code snippet:__
wini	0:e0adec41ad6b	582	\dontinclude selib.c
wini	0:e0adec41ad6b	583	\skipline case SharkSslCon_AlertSend:
wini	0:e0adec41ad6b	584	\until return
wini	0:e0adec41ad6b	585
wini	0:e0adec41ad6b	586	\sa #SharkSslCon_getAlertData and #SharkSslCon_getAlertDataLen
wini	0:e0adec41ad6b	587	*/
wini	0:e0adec41ad6b	588	SharkSslCon_AlertSend,
wini	0:e0adec41ad6b	589
wini	0:e0adec41ad6b	590	/** SharkSSL received an [SSL/TLS alert message](@ref SharkSslAlertMsg)
wini	0:e0adec41ad6b	591	from the peer, which means that the peer either failed to
wini	0:e0adec41ad6b	592	decode the message from SharkSSL or the peer entered an
wini	0:e0adec41ad6b	593	exception state.
wini	0:e0adec41ad6b	594
wini	0:e0adec41ad6b	595	\sa SharkSslCon_getAlertLevel and SharkSslCon_getAlertDescription
wini	0:e0adec41ad6b	596	*/
wini	0:e0adec41ad6b	597	SharkSslCon_AlertRecv,
wini	0:e0adec41ad6b	598
wini	0:e0adec41ad6b	599	/** SharkSSL has successfully decrypted a chunk of data. The data
wini	0:e0adec41ad6b	600	is available in the SharkSSL receive buffer, which is returned
wini	0:e0adec41ad6b	601	by function #SharkSslCon_getEncData. The length is returned by
wini	0:e0adec41ad6b	602	function #SharkSslCon_getEncDataLen.
wini	0:e0adec41ad6b	603
wini	0:e0adec41ad6b	604	__selib.c code snippet:__
wini	0:e0adec41ad6b	605	\dontinclude selib.c
wini	0:e0adec41ad6b	606	\skipline case SharkSslCon_Encrypted:
wini	0:e0adec41ad6b	607	\until return maxLen
wini	0:e0adec41ad6b	608	*/
wini	0:e0adec41ad6b	609	SharkSslCon_Encrypted,
wini	0:e0adec41ad6b	610
wini	0:e0adec41ad6b	611	/** An error condition returned by function #SharkSslCon_encrypt if
wini	0:e0adec41ad6b	612	the SSL handshake is not completed. You cannot send encrypted
wini	0:e0adec41ad6b	613	data before completing the handshake phase.
wini	0:e0adec41ad6b	614	*/
wini	0:e0adec41ad6b	615	SharkSslCon_HandshakeNotComplete,
wini	0:e0adec41ad6b	616
wini	0:e0adec41ad6b	617	/** Returned by function #SharkSslCon_encrypt if
wini	0:e0adec41ad6b	618	#SHARKSSL_ENABLE_CLONE_CERTINFO is disabled and when a complete
wini	0:e0adec41ad6b	619	certificate is received from the peer during the SSL handshake
wini	0:e0adec41ad6b	620	phase. Fixme more...
wini	0:e0adec41ad6b	621	*/
wini	0:e0adec41ad6b	622	SharkSslCon_Certificate,
wini	0:e0adec41ad6b	623
wini	0:e0adec41ad6b	624	/** Unrecognized format of a provided certificate.
wini	0:e0adec41ad6b	625	*/
wini	0:e0adec41ad6b	626	SharkSslCon_CertificateError
wini	0:e0adec41ad6b	627
wini	0:e0adec41ad6b	628	} SharkSslCon_RetVal;
wini	0:e0adec41ad6b	629
wini	0:e0adec41ad6b	630	/** @} / / end group SharkSslCoreApi */
wini	0:e0adec41ad6b	631
wini	0:e0adec41ad6b	632	#if (SHARKSSL_ENABLE_RSA \|\| SHARKSSL_ENABLE_ECDSA)
wini	0:e0adec41ad6b	633
wini	0:e0adec41ad6b	634	/** \defgroup SharkSslCertInfo Peer's certificate information
wini	0:e0adec41ad6b	635	\ingroup SharkSslInfoAndCodes
wini	0:e0adec41ad6b	636
wini	0:e0adec41ad6b	637	\brief Certificate information returned by #SharkSslCon_getCertInfo
wini	0:e0adec41ad6b	638
wini	0:e0adec41ad6b	639	@{
wini	0:e0adec41ad6b	640	*/
wini	0:e0adec41ad6b	641
wini	0:e0adec41ad6b	642	/** Certificate KeyUsage and ExtendedKeyUsage flags and relative
wini	0:e0adec41ad6b	643	pseudofunctions
wini	0:e0adec41ad6b	644	*/
wini	0:e0adec41ad6b	645	#if SHARKSSL_ENABLE_CERT_KEYUSAGE
wini	0:e0adec41ad6b	646	#define SHARKSSL_CERT_KEYUSAGE_DIGITALSIGNATURE 0x00000001
wini	0:e0adec41ad6b	647	#define SHARKSSL_CERT_KEYUSAGE_NONREPUDIATION 0x00000002
wini	0:e0adec41ad6b	648	#define SHARKSSL_CERT_KEYUSAGE_KEYENCIPHERMENT 0x00000004
wini	0:e0adec41ad6b	649	#define SHARKSSL_CERT_KEYUSAGE_DATAENCIPHERMENT 0x00000008
wini	0:e0adec41ad6b	650	#define SHARKSSL_CERT_KEYUSAGE_KEYAGREEMENT 0x00000010
wini	0:e0adec41ad6b	651	#define SHARKSSL_CERT_KEYUSAGE_KEYCERTSIGN 0x00000020
wini	0:e0adec41ad6b	652	#define SHARKSSL_CERT_KEYUSAGE_CRLSIGN 0x00000040
wini	0:e0adec41ad6b	653	#define SHARKSSL_CERT_KEYUSAGE_ENCIPHERONLY 0x00000080
wini	0:e0adec41ad6b	654	#define SHARKSSL_CERT_KEYUSAGE_DECIPHERONLY 0x00000100
wini	0:e0adec41ad6b	655	#define SHARKSSL_CERT_KEYUSAGE_PRESENT 0x00000200
wini	0:e0adec41ad6b	656	#define SHARKSSL_CERT_KEYUSAGE_CRITICAL 0x00000400
wini	0:e0adec41ad6b	657
wini	0:e0adec41ad6b	658	#define SHARKSSL_CERT_KEYPURPOSE_SERVERAUTH 0x00010000
wini	0:e0adec41ad6b	659	#define SHARKSSL_CERT_KEYPURPOSE_CLIENTAUTH 0x00020000
wini	0:e0adec41ad6b	660	#define SHARKSSL_CERT_KEYPURPOSE_CODESIGNING 0x00040000
wini	0:e0adec41ad6b	661	#define SHARKSSL_CERT_KEYPURPOSE_EMAILPROTECTION 0x00080000
wini	0:e0adec41ad6b	662	#define SHARKSSL_CERT_KEYPURPOSE_TIMESTAMPING 0x00100000
wini	0:e0adec41ad6b	663	#define SHARKSSL_CERT_KEYPURPOSE_OCSPSIGNING 0x00200000
wini	0:e0adec41ad6b	664
wini	0:e0adec41ad6b	665	#define SharkSslCertInfo_KeyFlagSet(o,f) ((o)->keyUsagePurposes & f)
wini	0:e0adec41ad6b	666
wini	0:e0adec41ad6b	667	/** The following pseudo-functions return a non-zero value
wini	0:e0adec41ad6b	668	if the corresponding flag is set
wini	0:e0adec41ad6b	669	*/
wini	0:e0adec41ad6b	670	#define SharkSslCertInfo_isKeyUsagePresent(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_PRESENT)
wini	0:e0adec41ad6b	671	#define SharkSslCertInfo_isKeyUsageCritical(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_CRITICAL)
wini	0:e0adec41ad6b	672	#define SharkSslCertInfo_KU_digitalSignature(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_DIGITALSIGNATURE)
wini	0:e0adec41ad6b	673	#define SharkSslCertInfo_KU_nonRepudiation(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_NONREPUDIATION)
wini	0:e0adec41ad6b	674	#define SharkSslCertInfo_KU_keyEncipherment(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_KEYENCIPHERMENT)
wini	0:e0adec41ad6b	675	#define SharkSslCertInfo_KU_dataEncipherment(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_DATAENCIPHERMENT)
wini	0:e0adec41ad6b	676	#define SharkSslCertInfo_KU_keyAgreement(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_KEYAGREEMENT)
wini	0:e0adec41ad6b	677	#define SharkSslCertInfo_KU_keyCertSign(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_KEYCERTSIGN)
wini	0:e0adec41ad6b	678	#define SharkSslCertInfo_KU_cRLSign(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_CRLSIGN)
wini	0:e0adec41ad6b	679	#define SharkSslCertInfo_KU_encipherOnly(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_ENCIPHERONLY)
wini	0:e0adec41ad6b	680	#define SharkSslCertInfo_KU_decipherOnly(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_DECIPHERONLY)
wini	0:e0adec41ad6b	681
wini	0:e0adec41ad6b	682	#define SharkSslCertInfo_kp_serverAuth(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_SERVERAUTH)
wini	0:e0adec41ad6b	683	#define SharkSslCertInfo_kp_clientAuth(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_CLIENTAUTH)
wini	0:e0adec41ad6b	684	#define SharkSslCertInfo_kp_codeSigning(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_CODESIGNING)
wini	0:e0adec41ad6b	685	#define SharkSslCertInfo_kp_emailProtection(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_EMAILPROTECTION)
wini	0:e0adec41ad6b	686	#define SharkSslCertInfo_kp_timeStamping(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_TIMESTAMPING)
wini	0:e0adec41ad6b	687	#define SharkSslCertInfo_kp_OCSPSigning(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_OCSPSIGNING)
wini	0:e0adec41ad6b	688	#endif
wini	0:e0adec41ad6b	689
wini	0:e0adec41ad6b	690
wini	0:e0adec41ad6b	691	/** Certificate Distinguished Name
wini	0:e0adec41ad6b	692
wini	0:e0adec41ad6b	693	Example from certcheck.c:
wini	0:e0adec41ad6b	694
wini	0:e0adec41ad6b	695	\dontinclude certcheck.c
wini	0:e0adec41ad6b	696	\skip Begin Cert Info
wini	0:e0adec41ad6b	697	\until End Cert Info
wini	0:e0adec41ad6b	698
wini	0:e0adec41ad6b	699	\sa SharkSslCertInfo
wini	0:e0adec41ad6b	700
wini	0:e0adec41ad6b	701	*/
wini	0:e0adec41ad6b	702	typedef struct SharkSslCertDN
wini	0:e0adec41ad6b	703	{
wini	0:e0adec41ad6b	704	const U8 countryName; /< ISO3166 country code /
wini	0:e0adec41ad6b	705	const U8 province; /< State or Province /
wini	0:e0adec41ad6b	706	const U8 locality; /< The city or town name /
wini	0:e0adec41ad6b	707	const U8 organization; /< Organization Name (company or department) /
wini	0:e0adec41ad6b	708	const U8 unit; /< Organizational Unit (OU: department or organization unit) /
wini	0:e0adec41ad6b	709	/** Common Name is the Host + Domain Name (example:
wini	0:e0adec41ad6b	710	www.mycompany.com, where www is host and mycompany.com is Domain
wini	0:e0adec41ad6b	711	Name) */
wini	0:e0adec41ad6b	712	const U8 *commonName;
wini	0:e0adec41ad6b	713	const U8 *emailAddress;
wini	0:e0adec41ad6b	714
wini	0:e0adec41ad6b	715	U8 countryNameLen; /** length in bytes of the field "country" */
wini	0:e0adec41ad6b	716	U8 provinceLen; /** length in bytes of the field "province" */
wini	0:e0adec41ad6b	717	U8 localityLen; /** length in bytes of the field "locality" */
wini	0:e0adec41ad6b	718	U8 organizationLen; /** length in bytes of the field "organization" */
wini	0:e0adec41ad6b	719	U8 unitLen; /** length in bytes of the field "unit" */
wini	0:e0adec41ad6b	720	U8 commonNameLen; /** length in bytes of the field "common name" */
wini	0:e0adec41ad6b	721	U8 emailAddressLen; /** length in bytes of the field "emailAddress" */
wini	0:e0adec41ad6b	722	} SharkSslCertDN;
wini	0:e0adec41ad6b	723
wini	0:e0adec41ad6b	724	#define SharkSslCertDN_constructor(o) memset(o,0,sizeof(SharkSslCertDN))
wini	0:e0adec41ad6b	725
wini	0:e0adec41ad6b	726	#define SharkSslCertDN_setCountryName(o, countryNameMA) \
wini	0:e0adec41ad6b	727	(o)->countryName=(const U8*)countryNameMA,(o)->countryNameLen=(U8)strlen(countryNameMA)
wini	0:e0adec41ad6b	728	#define SharkSslCertDN_setProvince(o, provinceMA) \
wini	0:e0adec41ad6b	729	(o)->province=(const U8*)provinceMA,(o)->provinceLen=(U8)strlen(provinceMA)
wini	0:e0adec41ad6b	730	#define SharkSslCertDN_setLocality(o, localityMA) \
wini	0:e0adec41ad6b	731	(o)->locality=(const U8*)localityMA,(o)->localityLen=(U8)strlen(localityMA)
wini	0:e0adec41ad6b	732	#define SharkSslCertDN_setOrganization(o, organizationMA) \
wini	0:e0adec41ad6b	733	(o)->organization=(const U8*)organizationMA,(o)->organizationLen=(U8)strlen(organizationMA)
wini	0:e0adec41ad6b	734	#define SharkSslCertDN_setUnit(o, unitMA) \
wini	0:e0adec41ad6b	735	(o)->unit=(const U8*)unitMA,(o)->unitLen=(U8)strlen(unitMA)
wini	0:e0adec41ad6b	736	#define SharkSslCertDN_setCommonName(o, commonNameMA) \
wini	0:e0adec41ad6b	737	(o)->commonName=(const U8*)commonNameMA,(o)->commonNameLen=(U8)strlen(commonNameMA)
wini	0:e0adec41ad6b	738
wini	0:e0adec41ad6b	739
wini	0:e0adec41ad6b	740	/** The peer's certificate information returned by #SharkSslCon_getCertInfo.
wini	0:e0adec41ad6b	741	\sa SharkSslCertDN
wini	0:e0adec41ad6b	742	*/
wini	0:e0adec41ad6b	743	typedef struct SharkSslCertInfo
wini	0:e0adec41ad6b	744	{
wini	0:e0adec41ad6b	745	/** Length of 'sn' (serial number) */
wini	0:e0adec41ad6b	746	U16 snLen;
wini	0:e0adec41ad6b	747
wini	0:e0adec41ad6b	748	/** Certificate version is offset at 0 so add +1 for actual
wini	0:e0adec41ad6b	749	version number.
wini	0:e0adec41ad6b	750	*/
wini	0:e0adec41ad6b	751	U8 version;
wini	0:e0adec41ad6b	752
wini	0:e0adec41ad6b	753	/** The Certificate Authority flag (CA) is set to one if the
wini	0:e0adec41ad6b	754	certificate is a CA i.e. a root certificate.
wini	0:e0adec41ad6b	755	*/
wini	0:e0adec41ad6b	756	U8 CAflag;
wini	0:e0adec41ad6b	757
wini	0:e0adec41ad6b	758	/** Binary serial number. The length is provided in 'snLen'
wini	0:e0adec41ad6b	759	*/
wini	0:e0adec41ad6b	760	U8 *sn;
wini	0:e0adec41ad6b	761
wini	0:e0adec41ad6b	762	/** Certificate is valid from date (in UTCTime format: YYMMDDHHMMSSZ)
wini	0:e0adec41ad6b	763	*/
wini	0:e0adec41ad6b	764	U8 *timeFrom;
wini	0:e0adec41ad6b	765
wini	0:e0adec41ad6b	766	/** Certificate expiration date (in UTCTime format: YYMMDDHHMMSSZ)
wini	0:e0adec41ad6b	767	*/
wini	0:e0adec41ad6b	768	U8 *timeTo;
wini	0:e0adec41ad6b	769
wini	0:e0adec41ad6b	770	/** The entity who has signed and issued the certificate (<a
wini	0:e0adec41ad6b	771	href="http://tools.ietf.org/html/rfc2459#section-4.1.2.4"
wini	0:e0adec41ad6b	772	>RFC2459 4.1.2.4</a>)
wini	0:e0adec41ad6b	773	*/
wini	0:e0adec41ad6b	774	SharkSslCertDN issuer;
wini	0:e0adec41ad6b	775
wini	0:e0adec41ad6b	776	/** The entity associated with the public key (<a
wini	0:e0adec41ad6b	777	href="http://tools.ietf.org/html/rfc2459#section-4.1.2.6"
wini	0:e0adec41ad6b	778	>RFC2459 4.1.2.6</a>).
wini	0:e0adec41ad6b	779	*/
wini	0:e0adec41ad6b	780	SharkSslCertDN subject;
wini	0:e0adec41ad6b	781
wini	0:e0adec41ad6b	782	/** Subject Alternative DNS Names, if set, is a pointer to a list
wini	0:e0adec41ad6b	783	of alternative names. Each entry in the list is prefixed with
wini	0:e0adec41ad6b	784	a 1-byte length, followed by a string of 'length' bytes;
wini	0:e0adec41ad6b	785	the list ends with a zero length.
wini	0:e0adec41ad6b	786	The following example is from certcheck.c:
wini	0:e0adec41ad6b	787
wini	0:e0adec41ad6b	788	\dontinclude certcheck.c
wini	0:e0adec41ad6b	789	\skipline U8 *tp
wini	0:e0adec41ad6b	790	\until xprintf(("\n"))
wini	0:e0adec41ad6b	791	*/
wini	0:e0adec41ad6b	792	U8 *subjectAltDNSNames;
wini	0:e0adec41ad6b	793
wini	0:e0adec41ad6b	794	#if SHARKSSL_ENABLE_CERT_KEYUSAGE
wini	0:e0adec41ad6b	795	/** KeyUsage & ExtendedKeyUsage (key purposes) flags.
wini	0:e0adec41ad6b	796	Verify that the KeyUsage extension is present through the
wini	0:e0adec41ad6b	797	SharkSslCertInfo_isKeyUsagePresent(o) pseudo-function,
wini	0:e0adec41ad6b	798	then verify all the flags through the pseudo-functions:
wini	0:e0adec41ad6b	799	SharkSslCertInfo_KU_digitalSignature(o)
wini	0:e0adec41ad6b	800	SharkSslCertInfo_KU_nonRepudiation(o)
wini	0:e0adec41ad6b	801	SharkSslCertInfo_KU_keyEncipherment(o)
wini	0:e0adec41ad6b	802	SharkSslCertInfo_KU_dataEncipherment(o)
wini	0:e0adec41ad6b	803	SharkSslCertInfo_KU_keyAgreement(o)
wini	0:e0adec41ad6b	804	SharkSslCertInfo_KU_keyCertSign(o)
wini	0:e0adec41ad6b	805	SharkSslCertInfo_KU_cRLSign(o)
wini	0:e0adec41ad6b	806	SharkSslCertInfo_KU_encipherOnly(o)
wini	0:e0adec41ad6b	807	SharkSslCertInfo_KU_decipherOnly(o)
wini	0:e0adec41ad6b	808
wini	0:e0adec41ad6b	809	Verify the ExtendedKeyUsage purposes through the following:
wini	0:e0adec41ad6b	810	SharkSslCertInfo_kp_serverAuth(o)
wini	0:e0adec41ad6b	811	SharkSslCertInfo_kp_clientAuth(o)
wini	0:e0adec41ad6b	812	SharkSslCertInfo_kp_codeSigning(o)
wini	0:e0adec41ad6b	813	SharkSslCertInfo_kp_emailProtection(o)
wini	0:e0adec41ad6b	814	SharkSslCertInfo_kp_timeStamping(o)
wini	0:e0adec41ad6b	815	SharkSslCertInfo_kp_OCSPSigning(o)
wini	0:e0adec41ad6b	816	*/
wini	0:e0adec41ad6b	817	U32 keyUsagePurposes;
wini	0:e0adec41ad6b	818	#endif
wini	0:e0adec41ad6b	819
wini	0:e0adec41ad6b	820	/** Pointer to parent node when the SharkSslCertInfo object is part of
wini	0:e0adec41ad6b	821	a certificate chain. You walk up the chain until you reach the root.
wini	0:e0adec41ad6b	822	*/
wini	0:e0adec41ad6b	823	struct SharkSslCertInfo *parent;
wini	0:e0adec41ad6b	824	} SharkSslCertInfo;
wini	0:e0adec41ad6b	825
wini	0:e0adec41ad6b	826	/** @} / / end group SharkSslCertInfo */
wini	0:e0adec41ad6b	827	#endif
wini	0:e0adec41ad6b	828
wini	0:e0adec41ad6b	829	/** @addtogroup SharkSslApi
wini	0:e0adec41ad6b	830	@{
wini	0:e0adec41ad6b	831	*/
wini	0:e0adec41ad6b	832
wini	0:e0adec41ad6b	833
wini	0:e0adec41ad6b	834	#ifdef __cplusplus
wini	0:e0adec41ad6b	835	extern "C" {
wini	0:e0adec41ad6b	836	#endif
wini	0:e0adec41ad6b	837
wini	0:e0adec41ad6b	838	/** A SharkSsl object is the coordinator for managing SharkSslCon
wini	0:e0adec41ad6b	839	objects.
wini	0:e0adec41ad6b	840
wini	0:e0adec41ad6b	841	You must at a minimum create one SharkSsl object. A more advanced
wini	0:e0adec41ad6b	842	configuration may include several SharkSsl objects. For example, a
wini	0:e0adec41ad6b	843	system that includes both a client and server SSL stack must
wini	0:e0adec41ad6b	844	create and initialize two SharkSsl objects.
wini	0:e0adec41ad6b	845
wini	0:e0adec41ad6b	846	\param o Uninitialized data of size sizeof(SharkSsl).
wini	0:e0adec41ad6b	847
wini	0:e0adec41ad6b	848	\param role Select client or server SSL mode. See #SharkSsl_Role
wini	0:e0adec41ad6b	849	for details.
wini	0:e0adec41ad6b	850
wini	0:e0adec41ad6b	851	\param cacheSize The session resumption cache size. Setting this
wini	0:e0adec41ad6b	852	to zero disables the cache management code. See
wini	0:e0adec41ad6b	853	[SSL Session Management](@ref SharkSslSessionApi) for details.
wini	0:e0adec41ad6b	854
wini	0:e0adec41ad6b	855	\param inBufStartSize
wini	0:e0adec41ad6b	856	\param outBufSize
wini	0:e0adec41ad6b	857
wini	0:e0adec41ad6b	858	parameter must be provided if you plan on using function
wini	0:e0adec41ad6b	859	#SharkSslCon_trustedCA or #SharkSslCon_trusted. See
wini	0:e0adec41ad6b	860	#SharkSslCAList for details.
wini	0:e0adec41ad6b	861
wini	0:e0adec41ad6b	862	\sa #SharkSsl_addCertificate, #SharkSsl_setCAList,
wini	0:e0adec41ad6b	863	SharkSsl_createCon, and SharkSsl_terminateCon.
wini	0:e0adec41ad6b	864	*/
wini	0:e0adec41ad6b	865	SHARKSSL_API void SharkSsl_constructor(
wini	0:e0adec41ad6b	866	SharkSsl *o,
wini	0:e0adec41ad6b	867	SharkSsl_Role role,
wini	0:e0adec41ad6b	868	U16 cacheSize,
wini	0:e0adec41ad6b	869	U16 inBufStartSize,
wini	0:e0adec41ad6b	870	U16 outBufSize
wini	0:e0adec41ad6b	871	);
wini	0:e0adec41ad6b	872
wini	0:e0adec41ad6b	873	/** Close the SharkSsl object. Closing a SharkSsl object is not
wini	0:e0adec41ad6b	874	common in embedded devices. You would normally keep the SharkSsl
wini	0:e0adec41ad6b	875	object for the lifetime of the application. You must make sure
wini	0:e0adec41ad6b	876	all #SharkSslCon objects are terminated by calling
wini	0:e0adec41ad6b	877	#SharkSslCon_terminate for each active connection prior to calling
wini	0:e0adec41ad6b	878	the SharkSsl_destructor.
wini	0:e0adec41ad6b	879	*/
wini	0:e0adec41ad6b	880	SHARKSSL_API void SharkSsl_destructor(SharkSsl *o);
wini	0:e0adec41ad6b	881
wini	0:e0adec41ad6b	882
wini	0:e0adec41ad6b	883	/** Create a #SharkSslCon object. You must create one SharkSslCon
wini	0:e0adec41ad6b	884	object for each active network connection that requires encryption.
wini	0:e0adec41ad6b	885
wini	0:e0adec41ad6b	886	The following code snippet is from the
wini	0:e0adec41ad6b	887	[example programs](\ref SharkExamples).
wini	0:e0adec41ad6b	888	\code
wini	0:e0adec41ad6b	889	int rc;
wini	0:e0adec41ad6b	890	SharkSslCon* scon;
wini	0:e0adec41ad6b	891	if( (rc=se_connect(&sock, "realtimelogic.com", 443)) == 0) // open socket
wini	0:e0adec41ad6b	892	{
wini	0:e0adec41ad6b	893	if( (scon = SharkSsl_createCon(&sharkSsl)) != NULL)
wini	0:e0adec41ad6b	894	{
wini	0:e0adec41ad6b	895	// success
wini	0:e0adec41ad6b	896	\endcode
wini	0:e0adec41ad6b	897
wini	0:e0adec41ad6b	898	\return a SharkSslCon object or NULL if memory is exhausted.
wini	0:e0adec41ad6b	899
wini	0:e0adec41ad6b	900	\sa SharkSsl_terminateCon and SharkSslCon_terminate
wini	0:e0adec41ad6b	901	*/
wini	0:e0adec41ad6b	902	SharkSslCon SharkSsl_createCon(SharkSsl o);
wini	0:e0adec41ad6b	903
wini	0:e0adec41ad6b	904
wini	0:e0adec41ad6b	905	/** Terminate a SharkSslCon object created by function SharkSsl_createCon.
wini	0:e0adec41ad6b	906
wini	0:e0adec41ad6b	907	\param o the SharkSsl object. Setting this parameter to NULL is
wini	0:e0adec41ad6b	908	the same as calling macro #SharkSslCon_terminate.
wini	0:e0adec41ad6b	909
wini	0:e0adec41ad6b	910	\param con the SharkSslCon object to reclaim.
wini	0:e0adec41ad6b	911
wini	0:e0adec41ad6b	912	Code snippet from the example code: sessioncache.c
wini	0:e0adec41ad6b	913
wini	0:e0adec41ad6b	914	\dontinclude sessioncache.c
wini	0:e0adec41ad6b	915	\skipline Release resources
wini	0:e0adec41ad6b	916	\until se_close
wini	0:e0adec41ad6b	917
wini	0:e0adec41ad6b	918	*/
wini	0:e0adec41ad6b	919	void SharkSsl_terminateCon(const SharkSsl o, SharkSslCon con);
wini	0:e0adec41ad6b	920
wini	0:e0adec41ad6b	921
wini	0:e0adec41ad6b	922	#if SHARKSSL_ENABLE_SESSION_CACHE
wini	0:e0adec41ad6b	923
wini	0:e0adec41ad6b	924	/** Returns the SharkSsl session cache size.
wini	0:e0adec41ad6b	925	\sa SharkSsl_constructor (parameter cacheSize) and
wini	0:e0adec41ad6b	926	#SHARKSSL_ENABLE_SESSION_CACHE
wini	0:e0adec41ad6b	927	*/
wini	0:e0adec41ad6b	928	SHARKSSL_API U16 SharkSsl_getCacheSize(SharkSsl *o);
wini	0:e0adec41ad6b	929
wini	0:e0adec41ad6b	930	#define SharkSsl_setIntf(o, sharkSslIntf) (o)->intf=sharkSslIntf
wini	0:e0adec41ad6b	931	#define SharkSsl_getIntf(o) (o)->intf
wini	0:e0adec41ad6b	932
wini	0:e0adec41ad6b	933	#endif
wini	0:e0adec41ad6b	934
wini	0:e0adec41ad6b	935
wini	0:e0adec41ad6b	936	/** The SharkSslCon object must be reclaimed when you close the
wini	0:e0adec41ad6b	937	* network connection.
wini	0:e0adec41ad6b	938
wini	0:e0adec41ad6b	939	\sa #SharkSsl_createCon
wini	0:e0adec41ad6b	940	\sa SharkSsl_terminateCon
wini	0:e0adec41ad6b	941	*/
wini	0:e0adec41ad6b	942	#define SharkSslCon_terminate(o) SharkSsl_terminateCon(0, o)
wini	0:e0adec41ad6b	943
wini	0:e0adec41ad6b	944	/** @addtogroup SharkSslCoreApi
wini	0:e0adec41ad6b	945	@{
wini	0:e0adec41ad6b	946	*/
wini	0:e0adec41ad6b	947
wini	0:e0adec41ad6b	948	/** Decrypt the received data copied into the SharkSslCon receive
wini	0:e0adec41ad6b	949	buffer (the buffer returned by #SharkSslCon_getBuf). See
wini	0:e0adec41ad6b	950	#SharkSslCon_RetVal for example code.
wini	0:e0adec41ad6b	951
wini	0:e0adec41ad6b	952	The SharkSslCon_decrypt function keeps decrypt state information
wini	0:e0adec41ad6b	953	in the SharkSslCon object and the function can therefore be used
wini	0:e0adec41ad6b	954	in event driven systems.
wini	0:e0adec41ad6b	955
wini	0:e0adec41ad6b	956	\param o the SharkSslCon object returned by function #SharkSsl_createCon.
wini	0:e0adec41ad6b	957
wini	0:e0adec41ad6b	958	\param readLen the length of the received network data copied into
wini	0:e0adec41ad6b	959	the buffer returned by #SharkSslCon_getBuf.
wini	0:e0adec41ad6b	960
wini	0:e0adec41ad6b	961	\return the decrypt state information #SharkSslCon_RetVal.
wini	0:e0adec41ad6b	962
wini	0:e0adec41ad6b	963	\sa SharkSslCon_getBuf, SharkSslCon_getBufLen, SharkSslCon_encrypt
wini	0:e0adec41ad6b	964	*/
wini	0:e0adec41ad6b	965	SharkSslCon_RetVal SharkSslCon_decrypt(SharkSslCon *o, U16 readLen);
wini	0:e0adec41ad6b	966
wini	0:e0adec41ad6b	967
wini	0:e0adec41ad6b	968	/** Encrypt the data provided by parameter 'buf' or encrypt data in
wini	0:e0adec41ad6b	969	the SharkSslCon send buffer. SharkSSL provides a zero copy API and
wini	0:e0adec41ad6b	970	you can optionally copy data directly to the SharkSslCon send
wini	0:e0adec41ad6b	971	buffer. The send buffer is returned by calling function
wini	0:e0adec41ad6b	972	#SharkSslCon_getEncBufPtr.
wini	0:e0adec41ad6b	973
wini	0:e0adec41ad6b	974	The SharkSslCon_encrypt function keeps decrypt state information
wini	0:e0adec41ad6b	975	in the SharkSslCon object and the function can therefore be used
wini	0:e0adec41ad6b	976	in event driven systems.
wini	0:e0adec41ad6b	977
wini	0:e0adec41ad6b	978	\param o the SharkSslCon object returned by function #SharkSsl_createCon.
wini	0:e0adec41ad6b	979
wini	0:e0adec41ad6b	980	\param buf the data to be encrypted or NULL when encrypting data
wini	0:e0adec41ad6b	981	copied directly to the SharkSslCon send buffer i.e. when copying
wini	0:e0adec41ad6b	982	the data to the pointer returned by function
wini	0:e0adec41ad6b	983	#SharkSslCon_getEncBufPtr.
wini	0:e0adec41ad6b	984
wini	0:e0adec41ad6b	985	\param maxLen is the length of 'buf' or the length of the data
wini	0:e0adec41ad6b	986	data copied directly to the SharkSslCon send buffer.
wini	0:e0adec41ad6b	987
wini	0:e0adec41ad6b	988	\return the decrypt state information #SharkSslCon_RetVal.
wini	0:e0adec41ad6b	989
wini	0:e0adec41ad6b	990	\sa SharkSslCon_getEncBufPtr, SharkSslCon_getEncBufSize, SharkSslCon_decrypt
wini	0:e0adec41ad6b	991	*/
wini	0:e0adec41ad6b	992	SharkSslCon_RetVal SharkSslCon_encrypt(SharkSslCon o, U8 buf, U16 maxLen);
wini	0:e0adec41ad6b	993
wini	0:e0adec41ad6b	994
wini	0:e0adec41ad6b	995	/** Returns TRUE if the SSL handshake phase is completed. See
wini	0:e0adec41ad6b	996	state #SharkSslCon_Handshake for example code.
wini	0:e0adec41ad6b	997	*/
wini	0:e0adec41ad6b	998	U8 SharkSslCon_isHandshakeComplete(SharkSslCon *o);
wini	0:e0adec41ad6b	999
wini	0:e0adec41ad6b	1000
wini	0:e0adec41ad6b	1001	/** This function is used in conjunction with state
wini	0:e0adec41ad6b	1002	SharkSslCon_Encrypted returned by function
wini	0:e0adec41ad6b	1003	#SharkSslCon_encrypt.
wini	0:e0adec41ad6b	1004
wini	0:e0adec41ad6b	1005	The function returns TRUE if the SharkSslCon send buffer is full
wini	0:e0adec41ad6b	1006	and must be flushed out.
wini	0:e0adec41ad6b	1007
wini	0:e0adec41ad6b	1008	The maximum size of the output buffer is set with parameter
wini	0:e0adec41ad6b	1009	'outBufSize' when calling the #SharkSsl_constructor. When the
wini	0:e0adec41ad6b	1010	unencrypted buffer is larger than what fits into the internal
wini	0:e0adec41ad6b	1011	output buffer, SharkSSL breaks the unencrypted data into multiple
wini	0:e0adec41ad6b	1012	chunks and SharkSslCon_encryptMore lets the application know when
wini	0:e0adec41ad6b	1013	the buffer must be flushed.
wini	0:e0adec41ad6b	1014
wini	0:e0adec41ad6b	1015	See #SharkSslCon_Encrypted for example code.
wini	0:e0adec41ad6b	1016	*/
wini	0:e0adec41ad6b	1017	U8 SharkSslCon_encryptMore(SharkSslCon *o);
wini	0:e0adec41ad6b	1018
wini	0:e0adec41ad6b	1019
wini	0:e0adec41ad6b	1020	/** This function is used in conjunction with state
wini	0:e0adec41ad6b	1021	SharkSslCon_Decrypted returned by function
wini	0:e0adec41ad6b	1022	#SharkSslCon_decrypt.
wini	0:e0adec41ad6b	1023
wini	0:e0adec41ad6b	1024	The function returns TRUE if a complete SSL frame has been
wini	0:e0adec41ad6b	1025	decrypted and is ready for consumption. See #SharkSslCon_Decrypted
wini	0:e0adec41ad6b	1026	for example code.
wini	0:e0adec41ad6b	1027
wini	0:e0adec41ad6b	1028	*/
wini	0:e0adec41ad6b	1029	U8 SharkSslCon_decryptMore(SharkSslCon *o);
wini	0:e0adec41ad6b	1030
wini	0:e0adec41ad6b	1031	/** Returns a pointer to the SharkSslCon input/receive buffer. The
wini	0:e0adec41ad6b	1032	pointer returned by SharkSslCon_getBuf is where you copy the
wini	0:e0adec41ad6b	1033	encrypted data you receive from the network.
wini	0:e0adec41ad6b	1034
wini	0:e0adec41ad6b	1035	Example code:
wini	0:e0adec41ad6b	1036	\code
wini	0:e0adec41ad6b	1037	readLen = recv(mysocket, SharkSslCon_getBuf(s),SharkSslCon_getBufLen(s), 0);
wini	0:e0adec41ad6b	1038	\endcode
wini	0:e0adec41ad6b	1039	\sa SharkSslCon_getBufLen and SharkSslCon_getDecData
wini	0:e0adec41ad6b	1040	*/
wini	0:e0adec41ad6b	1041	U8 SharkSslCon_getBuf(SharkSslCon o);
wini	0:e0adec41ad6b	1042
wini	0:e0adec41ad6b	1043
wini	0:e0adec41ad6b	1044	/** Returns the length of the SharkSslCon input buffer. The buffer is
wini	0:e0adec41ad6b	1045	internally managed by SharkSSL and may dynamically grow as large
wini	0:e0adec41ad6b	1046	as 16Kbytes. The SharkSslCon input buffer start size is set with
wini	0:e0adec41ad6b	1047	parameter inBufStartSize when calling the #SharkSsl_constructor.
wini	0:e0adec41ad6b	1048
wini	0:e0adec41ad6b	1049	Many ciphers are block based and the receiving end must read the
wini	0:e0adec41ad6b	1050	complete block before it can be decrypted. The SSL/TLS
wini	0:e0adec41ad6b	1051	specification enables blocks up to 16K in size. Note, the block
wini	0:e0adec41ad6b	1052	will not be larger than the size of the packet sent by the peer
wini	0:e0adec41ad6b	1053	side.
wini	0:e0adec41ad6b	1054
wini	0:e0adec41ad6b	1055	\sa SharkSslCon_getBuf
wini	0:e0adec41ad6b	1056	*/
wini	0:e0adec41ad6b	1057	U16 SharkSslCon_getBufLen(SharkSslCon *o);
wini	0:e0adec41ad6b	1058
wini	0:e0adec41ad6b	1059	/** Copy decoded data to 'buf'. Provides an alternative to using the
wini	0:e0adec41ad6b	1060	zero copy API and the buffer returned by #SharkSslCon_getDecData.
wini	0:e0adec41ad6b	1061
wini	0:e0adec41ad6b	1062	\param o the SharkSslCon object returned by function #SharkSsl_createCon.
wini	0:e0adec41ad6b	1063	\param buf a buffer provided by the caller
wini	0:e0adec41ad6b	1064	\param maxLen the size of parameter 'buf'. SharkSSL will copy at
wini	0:e0adec41ad6b	1065	most maxLen bytes to 'buf'.
wini	0:e0adec41ad6b	1066
wini	0:e0adec41ad6b	1067	Example:
wini	0:e0adec41ad6b	1068	\code
wini	0:e0adec41ad6b	1069	for(;;)
wini	0:e0adec41ad6b	1070	{
wini	0:e0adec41ad6b	1071	switch (SharkSslCon_decrypt(s, (U16)readLen))
wini	0:e0adec41ad6b	1072	{
wini	0:e0adec41ad6b	1073	case SharkSslCon_Decrypted:
wini	0:e0adec41ad6b	1074	readLen = SharkSslCon_copyDecData(s, buf, maxLen);
wini	0:e0adec41ad6b	1075	// decrypted readLen bytes
wini	0:e0adec41ad6b	1076	if (SharkSslCon_decryptMore(s))
wini	0:e0adec41ad6b	1077	{
wini	0:e0adec41ad6b	1078	if ((readLen == 0) && (maxLen > 0))
wini	0:e0adec41ad6b	1079	{
wini	0:e0adec41ad6b	1080	break; // zero-length record, decrypt next one
wini	0:e0adec41ad6b	1081	}
wini	0:e0adec41ad6b	1082	}
wini	0:e0adec41ad6b	1083	return readLen;
wini	0:e0adec41ad6b	1084
wini	0:e0adec41ad6b	1085	// other cases not shown here
wini	0:e0adec41ad6b	1086	\endcode
wini	0:e0adec41ad6b	1087	\sa SharkSslCon_getDecData
wini	0:e0adec41ad6b	1088	*/
wini	0:e0adec41ad6b	1089	U16 SharkSslCon_copyDecData(SharkSslCon o, U8 buf, U16 maxLen);
wini	0:e0adec41ad6b	1090
wini	0:e0adec41ad6b	1091
wini	0:e0adec41ad6b	1092	/** Get a pointer to the decoded data.
wini	0:e0adec41ad6b	1093
wini	0:e0adec41ad6b	1094	See #SharkSslCon_Decrypted for example code.
wini	0:e0adec41ad6b	1095
wini	0:e0adec41ad6b	1096	\param o the SharkSslCon object returned by function #SharkSsl_createCon.
wini	0:e0adec41ad6b	1097	\param bufPtr is set to the beginning of the decoded data.
wini	0:e0adec41ad6b	1098	\returns Number of bytes decoded.
wini	0:e0adec41ad6b	1099	\sa SharkSslCon_copyDecData
wini	0:e0adec41ad6b	1100	*/
wini	0:e0adec41ad6b	1101	SHARKSSL_API U16 SharkSslCon_getDecData(SharkSslCon o, U8 *bufPtr);
wini	0:e0adec41ad6b	1102
wini	0:e0adec41ad6b	1103
wini	0:e0adec41ad6b	1104	/** This function is used in conjunction with state
wini	0:e0adec41ad6b	1105	SharkSslCon_Handshake returned by function
wini	0:e0adec41ad6b	1106	#SharkSslCon_encrypt.
wini	0:e0adec41ad6b	1107
wini	0:e0adec41ad6b	1108	The function returns the handshake data that must be sent to the
wini	0:e0adec41ad6b	1109	peer side, if any.
wini	0:e0adec41ad6b	1110
wini	0:e0adec41ad6b	1111	See #SharkSslCon_Handshake for example code.
wini	0:e0adec41ad6b	1112
wini	0:e0adec41ad6b	1113	\sa SharkSslCon_getHandshakeDataLen
wini	0:e0adec41ad6b	1114	*/
wini	0:e0adec41ad6b	1115	U8 SharkSslCon_getHandshakeData(SharkSslCon o);
wini	0:e0adec41ad6b	1116
wini	0:e0adec41ad6b	1117
wini	0:e0adec41ad6b	1118	/** This function is used in conjunction with state
wini	0:e0adec41ad6b	1119	SharkSslCon_Handshake returned by function
wini	0:e0adec41ad6b	1120	#SharkSslCon_decrypt.
wini	0:e0adec41ad6b	1121
wini	0:e0adec41ad6b	1122	The function returns the length of the handshake data that must be
wini	0:e0adec41ad6b	1123	sent to the peer side, if any. The function returns zero if no
wini	0:e0adec41ad6b	1124	handshake data should be sent.
wini	0:e0adec41ad6b	1125
wini	0:e0adec41ad6b	1126	See #SharkSslCon_Handshake for example code.
wini	0:e0adec41ad6b	1127
wini	0:e0adec41ad6b	1128	\sa SharkSslCon_getHandshakeData
wini	0:e0adec41ad6b	1129	*/
wini	0:e0adec41ad6b	1130	U16 SharkSslCon_getHandshakeDataLen(SharkSslCon *o);
wini	0:e0adec41ad6b	1131
wini	0:e0adec41ad6b	1132
wini	0:e0adec41ad6b	1133	/** This function is used in conjunction with state
wini	0:e0adec41ad6b	1134	SharkSslCon_Encrypted returned by function
wini	0:e0adec41ad6b	1135	#SharkSslCon_encrypt.
wini	0:e0adec41ad6b	1136
wini	0:e0adec41ad6b	1137	The function returns a pointer to the encoded data that must be
wini	0:e0adec41ad6b	1138	sent to the peer side.
wini	0:e0adec41ad6b	1139
wini	0:e0adec41ad6b	1140	\sa SharkSslCon_getEncDataLen and SharkSslCon_encryptMore
wini	0:e0adec41ad6b	1141	*/
wini	0:e0adec41ad6b	1142	U8 SharkSslCon_getEncData(SharkSslCon o);
wini	0:e0adec41ad6b	1143
wini	0:e0adec41ad6b	1144
wini	0:e0adec41ad6b	1145	/** This function is used in conjunction with state
wini	0:e0adec41ad6b	1146	SharkSslCon_Encrypted returned by function
wini	0:e0adec41ad6b	1147	#SharkSslCon_encrypt.
wini	0:e0adec41ad6b	1148
wini	0:e0adec41ad6b	1149	The function returns the length of the encoded data that must be
wini	0:e0adec41ad6b	1150	sent to the peer side.
wini	0:e0adec41ad6b	1151
wini	0:e0adec41ad6b	1152	See #SharkSslCon_Encrypted for example code.
wini	0:e0adec41ad6b	1153
wini	0:e0adec41ad6b	1154	\sa SharkSslCon_getEncData and SharkSslCon_encryptMore
wini	0:e0adec41ad6b	1155	*/
wini	0:e0adec41ad6b	1156	U16 SharkSslCon_getEncDataLen(SharkSslCon *o);
wini	0:e0adec41ad6b	1157
wini	0:e0adec41ad6b	1158
wini	0:e0adec41ad6b	1159	/** This function is used in conjunction with #SharkSslCon_encrypt
wini	0:e0adec41ad6b	1160	when using the zero copy send API.
wini	0:e0adec41ad6b	1161
wini	0:e0adec41ad6b	1162	\return a pointer to the internal SharkSslCon send buffer.
wini	0:e0adec41ad6b	1163	\sa SharkSslCon_getEncBufSize.
wini	0:e0adec41ad6b	1164	*/
wini	0:e0adec41ad6b	1165	U8 SharkSslCon_getEncBufPtr(SharkSslCon o);
wini	0:e0adec41ad6b	1166
wini	0:e0adec41ad6b	1167
wini	0:e0adec41ad6b	1168	/** Returns the length of the buffer returned by #SharkSslCon_getEncBufPtr
wini	0:e0adec41ad6b	1169	*/
wini	0:e0adec41ad6b	1170	U16 SharkSslCon_getEncBufSize(SharkSslCon *o);
wini	0:e0adec41ad6b	1171
wini	0:e0adec41ad6b	1172
wini	0:e0adec41ad6b	1173	/** This function is used in conjunction with state
wini	0:e0adec41ad6b	1174	#SharkSslCon_AlertSend returned by function #SharkSslCon_encrypt or
wini	0:e0adec41ad6b	1175	in conjunction with state #SharkSslCon_AlertRecv returned by
wini	0:e0adec41ad6b	1176	function #SharkSslCon_decrypt.
wini	0:e0adec41ad6b	1177
wini	0:e0adec41ad6b	1178	\returns #SHARKSSL_ALERT_LEVEL_WARNING or #SHARKSSL_ALERT_LEVEL_FATAL
wini	0:e0adec41ad6b	1179
wini	0:e0adec41ad6b	1180	\sa #SharkSslCon_getAlertDescription and #SharkSslCon_getAlertData
wini	0:e0adec41ad6b	1181	*/
wini	0:e0adec41ad6b	1182	U8 SharkSslCon_getAlertLevel(SharkSslCon *o);
wini	0:e0adec41ad6b	1183
wini	0:e0adec41ad6b	1184
wini	0:e0adec41ad6b	1185	/** This function is used in conjunction with state
wini	0:e0adec41ad6b	1186	#SharkSslCon_AlertSend returned by function #SharkSslCon_encrypt or
wini	0:e0adec41ad6b	1187	in conjunction with state #SharkSslCon_AlertRecv returned by
wini	0:e0adec41ad6b	1188	function #SharkSslCon_decrypt.
wini	0:e0adec41ad6b	1189
wini	0:e0adec41ad6b	1190	returns the [SSL/TLS alert message](@ref SharkSslAlertMsg)
wini	0:e0adec41ad6b	1191
wini	0:e0adec41ad6b	1192	\sa #SharkSslCon_getAlertLevel and #SharkSslCon_getAlertData
wini	0:e0adec41ad6b	1193	*/
wini	0:e0adec41ad6b	1194	U8 SharkSslCon_getAlertDescription(SharkSslCon *o);
wini	0:e0adec41ad6b	1195
wini	0:e0adec41ad6b	1196
wini	0:e0adec41ad6b	1197	/** This function is used in conjunction with state
wini	0:e0adec41ad6b	1198	#SharkSslCon_AlertSend returned by function
wini	0:e0adec41ad6b	1199	#SharkSslCon_encrypt.
wini	0:e0adec41ad6b	1200
wini	0:e0adec41ad6b	1201	The function returns a pointer to the alert data that must be sent
wini	0:e0adec41ad6b	1202	to the peer side.
wini	0:e0adec41ad6b	1203
wini	0:e0adec41ad6b	1204	\sa #SharkSslCon_getAlertDataLen
wini	0:e0adec41ad6b	1205	*/
wini	0:e0adec41ad6b	1206	#define SharkSslCon_getAlertData(o) SharkSslCon_getEncData(o)
wini	0:e0adec41ad6b	1207
wini	0:e0adec41ad6b	1208
wini	0:e0adec41ad6b	1209	/** This function is used in conjunction with state
wini	0:e0adec41ad6b	1210	#SharkSslCon_AlertSend returned by function
wini	0:e0adec41ad6b	1211	#SharkSslCon_encrypt.
wini	0:e0adec41ad6b	1212
wini	0:e0adec41ad6b	1213	The function returns the length of the alert data that must be
wini	0:e0adec41ad6b	1214	sent to the peer side.
wini	0:e0adec41ad6b	1215
wini	0:e0adec41ad6b	1216	\sa #SharkSslCon_getAlertData
wini	0:e0adec41ad6b	1217	*/
wini	0:e0adec41ad6b	1218	#define SharkSslCon_getAlertDataLen(o) SharkSslCon_getEncDataLen(o)
wini	0:e0adec41ad6b	1219
wini	0:e0adec41ad6b	1220	/** @} / / end group SharkSslCoreApi */
wini	0:e0adec41ad6b	1221
wini	0:e0adec41ad6b	1222	#if SHARKSSL_ENABLE_INFO_API
wini	0:e0adec41ad6b	1223
wini	0:e0adec41ad6b	1224	/** Returns the active session's [chiper suite](@ref Ciphersuites)
wini	0:e0adec41ad6b	1225	*/
wini	0:e0adec41ad6b	1226	SHARKSSL_API U16 SharkSslCon_getCiphersuite(SharkSslCon *o);
wini	0:e0adec41ad6b	1227
wini	0:e0adec41ad6b	1228	/** Returns the active session's [protocol version](@ref SharkSslProtocol)
wini	0:e0adec41ad6b	1229	*/
wini	0:e0adec41ad6b	1230	SHARKSSL_API U8 SharkSslCon_getProtocol(SharkSslCon *o);
wini	0:e0adec41ad6b	1231
wini	0:e0adec41ad6b	1232	#endif
wini	0:e0adec41ad6b	1233
wini	0:e0adec41ad6b	1234	#if SHARKSSL_ENABLE_SNI
wini	0:e0adec41ad6b	1235
wini	0:e0adec41ad6b	1236	#if SHARKSSL_SSL_CLIENT_CODE
wini	0:e0adec41ad6b	1237	/** set Server Name Indication for TLS client connections
wini	0:e0adec41ad6b	1238	*/
wini	0:e0adec41ad6b	1239	SHARKSSL_API U8 SharkSslCon_setSNI(SharkSslCon o, const char name, U16 length);
wini	0:e0adec41ad6b	1240	#endif
wini	0:e0adec41ad6b	1241
wini	0:e0adec41ad6b	1242	#endif
wini	0:e0adec41ad6b	1243
wini	0:e0adec41ad6b	1244
wini	0:e0adec41ad6b	1245	#if (SHARKSSL_ENABLE_RSA \|\| SHARKSSL_ENABLE_ECDSA)
wini	0:e0adec41ad6b	1246	#if (SHARKSSL_SSL_CLIENT_CODE && SHARKSSL_ENABLE_CLIENT_AUTH)
wini	0:e0adec41ad6b	1247	/** Returns TRUE if the server requested a certificate from the client
wini	0:e0adec41ad6b	1248	to verify that the client's identity (authentication)
wini	0:e0adec41ad6b	1249	*/
wini	0:e0adec41ad6b	1250	U8 SharkSslCon_certificateRequested(SharkSslCon *o);
wini	0:e0adec41ad6b	1251	#endif
wini	0:e0adec41ad6b	1252
wini	0:e0adec41ad6b	1253	/** Returns the peer's certificate if the handshaking has
wini	0:e0adec41ad6b	1254	completed. The certificate is available at any time if the code is
wini	0:e0adec41ad6b	1255	compiled with #SHARKSSL_ENABLE_CLONE_CERTINFO enabled. The
wini	0:e0adec41ad6b	1256	certificate is only available when #SharkSslCon_decrypt returns the
wini	0:e0adec41ad6b	1257	state #SharkSslCon_Certificate if the certificate cloning code is
wini	0:e0adec41ad6b	1258	not enabled.
wini	0:e0adec41ad6b	1259	*/
wini	0:e0adec41ad6b	1260	SHARKSSL_API SharkSslCertInfo SharkSslCon_getCertInfo(SharkSslCon o);
wini	0:e0adec41ad6b	1261
wini	0:e0adec41ad6b	1262
wini	0:e0adec41ad6b	1263	/** Add a certificate to the SharkSsl object. A SharkSsl object in
wini	0:e0adec41ad6b	1264	[server mode](\ref #SharkSsl_Server) is required to have at least
wini	0:e0adec41ad6b	1265	one certificate.
wini	0:e0adec41ad6b	1266
wini	0:e0adec41ad6b	1267	__Note:__ You must install the certificate(s) before using the
wini	0:e0adec41ad6b	1268	SharkSsl object -- i.e. before calling #SharkSsl_createCon.
wini	0:e0adec41ad6b	1269
wini	0:e0adec41ad6b	1270	\returns TRUE on success or FALSE on error. The function
wini	0:e0adec41ad6b	1271	fails if you have existing connections in the SharkSsl object.
wini	0:e0adec41ad6b	1272	*/
wini	0:e0adec41ad6b	1273	SHARKSSL_API U8 SharkSsl_addCertificate(SharkSsl *o, SharkSslCert cert);
wini	0:e0adec41ad6b	1274
wini	0:e0adec41ad6b	1275	#if SHARKSSL_ENABLE_CA_LIST
wini	0:e0adec41ad6b	1276
wini	0:e0adec41ad6b	1277	/** Set a Certificate Authority (CA) list so the SharkSSL object can
wini	0:e0adec41ad6b	1278	permform certificate validation on the peer's certificate.
wini	0:e0adec41ad6b	1279
wini	0:e0adec41ad6b	1280	\param o the SharkSsl object.
wini	0:e0adec41ad6b	1281
wini	0:e0adec41ad6b	1282	\param caList list created by calling #SharkSslCertStore_assemble
wini	0:e0adec41ad6b	1283	or by using the command line tool
wini	0:e0adec41ad6b	1284	[SharkSSLParseCAList](\ref SharkSSLParseCAList)
wini	0:e0adec41ad6b	1285
wini	0:e0adec41ad6b	1286	__Note:__ You can only set one CA list, thus the CA list must
wini	0:e0adec41ad6b	1287	include all root certificates required for your system.
wini	0:e0adec41ad6b	1288
wini	0:e0adec41ad6b	1289	The example program certcheck.c includes code that shows how to
wini	0:e0adec41ad6b	1290	perform complete certificate validation of the connected servers.
wini	0:e0adec41ad6b	1291
wini	0:e0adec41ad6b	1292	\return TRUE if the CA list was successfully installed or FALSE if
wini	0:e0adec41ad6b	1293	another CA list has previously been installed.
wini	0:e0adec41ad6b	1294
wini	0:e0adec41ad6b	1295	\sa #SharkSslCAList and SharkSslCon_trusted.
wini	0:e0adec41ad6b	1296	*/
wini	0:e0adec41ad6b	1297	SHARKSSL_API U8 SharkSsl_setCAList(SharkSsl *o, SharkSslCAList caList);
wini	0:e0adec41ad6b	1298
wini	0:e0adec41ad6b	1299	/** Returns TRUE if the certificate is valid and is signed with a root
wini	0:e0adec41ad6b	1300	certificate trusted by SharkSSL. Root certificates can optionally
wini	0:e0adec41ad6b	1301	be installed with parameter #SharkSslCAList when calling
wini	0:e0adec41ad6b	1302	#SharkSsl_constructor.
wini	0:e0adec41ad6b	1303
wini	0:e0adec41ad6b	1304	Note, the function only validates the certificate. You must
wini	0:e0adec41ad6b	1305	typically also validate the domain name. Function
wini	0:e0adec41ad6b	1306	#SharkSslCon_trusted extends the certificate validation and also
wini	0:e0adec41ad6b	1307	includes domain name validation.
wini	0:e0adec41ad6b	1308
wini	0:e0adec41ad6b	1309	\sa SharkSslCon_trusted
wini	0:e0adec41ad6b	1310	*/
wini	0:e0adec41ad6b	1311	SHARKSSL_API U8 SharkSslCon_trustedCA(SharkSslCon *o);
wini	0:e0adec41ad6b	1312
wini	0:e0adec41ad6b	1313	U8 SharkSslCon_isCAListEmpty(SharkSslCon *o);
wini	0:e0adec41ad6b	1314	#endif /* SHARKSSL_ENABLE_CA_LIST */
wini	0:e0adec41ad6b	1315
wini	0:e0adec41ad6b	1316	#if (SHARKSSL_SSL_SERVER_CODE && SHARKSSL_ENABLE_RSA)
wini	0:e0adec41ad6b	1317	/** Description to be added.
wini	0:e0adec41ad6b	1318	*/
wini	0:e0adec41ad6b	1319
wini	0:e0adec41ad6b	1320	/* to be used as 'flag' param */
wini	0:e0adec41ad6b	1321	#define SHARKSSL_SET_FAVOR_RSA 1
wini	0:e0adec41ad6b	1322	#define SHARKSSL_CLEAR_FAVOR_RSA 0
wini	0:e0adec41ad6b	1323
wini	0:e0adec41ad6b	1324	/** A SharkSSL server can have multiple certificates, such as RSA
wini	0:e0adec41ad6b	1325	certificates with various strengths, and Elliptic Curve
wini	0:e0adec41ad6b	1326	Certificates (ECC). A SharkSSL server connection will select the
wini	0:e0adec41ad6b	1327	strongest cipher combination supported by the server and the
wini	0:e0adec41ad6b	1328	client. In general, the ECC certificate will be preferred by the
wini	0:e0adec41ad6b	1329	server connection, if supported by the client. Most browsers today
wini	0:e0adec41ad6b	1330	support ECC, however, Certificate Authorities do not typically
wini	0:e0adec41ad6b	1331	support ECC.
wini	0:e0adec41ad6b	1332
wini	0:e0adec41ad6b	1333	The purpose with function SharkSslCon_favorRSA is to favor RSA
wini	0:e0adec41ad6b	1334	certificates over ECC when a client such as browser supports both
wini	0:e0adec41ad6b	1335	ECC and RSA. An M2M device can then force the use of ECC by
wini	0:e0adec41ad6b	1336	calling function SharkSslCon_selectCiphersuite, or at compile time
wini	0:e0adec41ad6b	1337	by removing RSA support. This enables devices to use ECC, with
wini	0:e0adec41ad6b	1338	self signed Certificate Authority certificates and browsers to use
wini	0:e0adec41ad6b	1339	RSA certificates signed by well known Certificate Authorities.
wini	0:e0adec41ad6b	1340	*/
wini	0:e0adec41ad6b	1341	U8 SharkSslCon_favorRSA(SharkSslCon *o, U8 flag);
wini	0:e0adec41ad6b	1342	#endif /* SHARKSSL_SSL_SERVER_CODE */
wini	0:e0adec41ad6b	1343	#endif /* SHARKSSL_ENABLE_RSA \|\| SHARKSSL_ENABLE_ECDSA */
wini	0:e0adec41ad6b	1344
wini	0:e0adec41ad6b	1345	#if SHARKSSL_ENABLE_PSK
wini	0:e0adec41ad6b	1346	/** To be documented
wini	0:e0adec41ad6b	1347	*/
wini	0:e0adec41ad6b	1348	SHARKSSL_API U8 SharkSsl_setPSKTable(SharkSsl *o, SharkSslPSKTable tablePSK);
wini	0:e0adec41ad6b	1349	#endif /* SHARKSSL_ENABLE_PSK */
wini	0:e0adec41ad6b	1350
wini	0:e0adec41ad6b	1351	#if SHARKSSL_SSL_CLIENT_CODE
wini	0:e0adec41ad6b	1352	U8 SharkSslCon_selectProtocol(SharkSslCon *o, U8 protocol);
wini	0:e0adec41ad6b	1353	#endif
wini	0:e0adec41ad6b	1354
wini	0:e0adec41ad6b	1355	/** @addtogroup SharkSslSessionApi
wini	0:e0adec41ad6b	1356	@{
wini	0:e0adec41ad6b	1357	*/
wini	0:e0adec41ad6b	1358
wini	0:e0adec41ad6b	1359	#if SHARKSSL_ENABLE_SESSION_CACHE
wini	0:e0adec41ad6b	1360
wini	0:e0adec41ad6b	1361	/** Release a session created by function #SharkSslCon_acquireSession.
wini	0:e0adec41ad6b	1362	*/
wini	0:e0adec41ad6b	1363	SHARKSSL_API U8 SharkSslSession_release(SharkSslSession o, SharkSsl s);
wini	0:e0adec41ad6b	1364
wini	0:e0adec41ad6b	1365	#if SHARKSSL_SSL_SERVER_CODE
wini	0:e0adec41ad6b	1366	/** experimental
wini	0:e0adec41ad6b	1367	*/
wini	0:e0adec41ad6b	1368	SHARKSSL_API U8 SharkSslCon_releaseSession(SharkSslCon *o);
wini	0:e0adec41ad6b	1369	#endif
wini	0:e0adec41ad6b	1370
wini	0:e0adec41ad6b	1371	#if SHARKSSL_SSL_CLIENT_CODE
wini	0:e0adec41ad6b	1372
wini	0:e0adec41ad6b	1373	/** Request a SharkSslSession object from the client's session pool.
wini	0:e0adec41ad6b	1374
wini	0:e0adec41ad6b	1375	\returns a SharkSslSession object on success or NULL if the
wini	0:e0adec41ad6b	1376	session cache pool is exhausted. See parameter 'cacheSize' in
wini	0:e0adec41ad6b	1377	function SharkSsl_constructor for more information on the cache
wini	0:e0adec41ad6b	1378	size.
wini	0:e0adec41ad6b	1379	*/
wini	0:e0adec41ad6b	1380	SHARKSSL_API SharkSslSession SharkSslCon_acquireSession(SharkSslCon o);
wini	0:e0adec41ad6b	1381
wini	0:e0adec41ad6b	1382
wini	0:e0adec41ad6b	1383	/** Resume an existing session.
wini	0:e0adec41ad6b	1384	\param o the SharkSslCon object.
wini	0:e0adec41ad6b	1385	\param s a session object created by function #SharkSslCon_acquireSession.
wini	0:e0adec41ad6b	1386
wini	0:e0adec41ad6b	1387	\returns TRUE on success or FALSE if the session cannot be resumed.
wini	0:e0adec41ad6b	1388	*/
wini	0:e0adec41ad6b	1389	SHARKSSL_API U8 SharkSslCon_resumeSession(SharkSslCon o, SharkSslSession s);
wini	0:e0adec41ad6b	1390
wini	0:e0adec41ad6b	1391	/** Returns the last time the session was accessed. Delta time can be
wini	0:e0adec41ad6b	1392	calculated as follows: baGetUnixTime() -
wini	0:e0adec41ad6b	1393	SharkSslSession_getLatestAccessTime(ss);
wini	0:e0adec41ad6b	1394	*/
wini	0:e0adec41ad6b	1395	SHARKSSL_API U32 SharkSslSession_getLatestAccessTime(SharkSslSession *o);
wini	0:e0adec41ad6b	1396	#endif
wini	0:e0adec41ad6b	1397	#endif
wini	0:e0adec41ad6b	1398
wini	0:e0adec41ad6b	1399	/** @} / / end group SharkSslSessionApi */
wini	0:e0adec41ad6b	1400
wini	0:e0adec41ad6b	1401	#if (SHARKSSL_SSL_SERVER_CODE && SHARKSSL_ENABLE_CLIENT_AUTH && \
wini	0:e0adec41ad6b	1402	(SHARKSSL_ENABLE_RSA \|\| SHARKSSL_ENABLE_ECDSA))
wini	0:e0adec41ad6b	1403	/** This function is used by server solutions that require client SSL
wini	0:e0adec41ad6b	1404	certificate authentication. For example, it can be used by an
wini	0:e0adec41ad6b	1405	HTTPS server that requires the client to authenticate using a
wini	0:e0adec41ad6b	1406	certificate signed with a Certificate Authority (CA) known to the
wini	0:e0adec41ad6b	1407	server. The second parameter, caList specifies one or several CA
wini	0:e0adec41ad6b	1408	certificates the server uses when validating the client
wini	0:e0adec41ad6b	1409	certificate.
wini	0:e0adec41ad6b	1410
wini	0:e0adec41ad6b	1411	The function must be called before the initial handshake has
wini	0:e0adec41ad6b	1412	started or just after calling SharkSslCon_renegotiate. Calling
wini	0:e0adec41ad6b	1413	SharkSslCon_requestClientCert after #SharkSslCon_renegotiate
wini	0:e0adec41ad6b	1414	enables an existing session to request client authentication at a
wini	0:e0adec41ad6b	1415	later stage. For example, a server may require that the client
wini	0:e0adec41ad6b	1416	authenticates when the user navigates to a protected web page.
wini	0:e0adec41ad6b	1417
wini	0:e0adec41ad6b	1418	\param o the SharkSslCon object returned by function #SharkSsl_createCon.
wini	0:e0adec41ad6b	1419
wini	0:e0adec41ad6b	1420	\param caList the SharkSSL CA list is in a binary format optimized
wini	0:e0adec41ad6b	1421	for speed and size. The list can be created by calling
wini	0:e0adec41ad6b	1422	#SharkSslCertStore_assemble or by using the command line tool
wini	0:e0adec41ad6b	1423	[SharkSSLParseCAList](\ref SharkSSLParseCAList). The client is
wini	0:e0adec41ad6b	1424	then requested to provide an SSL certificate and this certificate
wini	0:e0adec41ad6b	1425	must be signed using one of the CA certificates provided in the
wini	0:e0adec41ad6b	1426	caList. The SSL handshake or rehandshake fails if the client's
wini	0:e0adec41ad6b	1427	certificate is not trusted or not signed with a known CA
wini	0:e0adec41ad6b	1428	certificate.
wini	0:e0adec41ad6b	1429
wini	0:e0adec41ad6b	1430	\return TRUE (1) if the request is accepted. Returns FALSE (0) if
wini	0:e0adec41ad6b	1431	the SharkSSL connection is already going through or done with a
wini	0:e0adec41ad6b	1432	handshaking phase.
wini	0:e0adec41ad6b	1433	*/
wini	0:e0adec41ad6b	1434	SHARKSSL_API U8 SharkSslCon_requestClientCert(
wini	0:e0adec41ad6b	1435	SharkSslCon o, const void caList);
wini	0:e0adec41ad6b	1436	#endif
wini	0:e0adec41ad6b	1437
wini	0:e0adec41ad6b	1438	#if ((SHARKSSL_SSL_SERVER_CODE \|\| SHARKSSL_SSL_CLIENT_CODE) && \
wini	0:e0adec41ad6b	1439	SHARKSSL_ENABLE_SELECT_CIPHERSUITE)
wini	0:e0adec41ad6b	1440	/**
wini	0:e0adec41ad6b	1441	This function enables you to limit the number of ciphers at
wini	0:e0adec41ad6b	1442	runtime. Cipher suites can be enabled/disabled at compile time, but
wini	0:e0adec41ad6b	1443	your application may require that you also allow only specific ciphers
wini	0:e0adec41ad6b	1444	at runtime. By default, all ciphers enabled at compile time can be
wini	0:e0adec41ad6b	1445	used by SharkSSL. Calling this function disables the use of all
wini	0:e0adec41ad6b	1446	ciphers except the selected cipher. You can call this function up to N
wini	0:e0adec41ad6b	1447	times and re-enable N ciphers. N is by default set to 8 at compile
wini	0:e0adec41ad6b	1448	time. You can change the N value by setting macro
wini	0:e0adec41ad6b	1449	#SHARKSSL_SELECT_CIPHERSUITE_LIST_DEPTH.
wini	0:e0adec41ad6b	1450
wini	0:e0adec41ad6b	1451	The function must be called before the initial handshake has completed
wini	0:e0adec41ad6b	1452	or just after calling SharkSslCon_renegotiate. Calling
wini	0:e0adec41ad6b	1453	SharkSslCon_selectCiphersuite and then #SharkSslCon_renegotiate
wini	0:e0adec41ad6b	1454	enables an existing session to change cipher.
wini	0:e0adec41ad6b	1455
wini	0:e0adec41ad6b	1456	<b>Example:</b><br>
wini	0:e0adec41ad6b	1457	SharkSslCon_selectCiphersuite(myCon, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
wini	0:e0adec41ad6b	1458
wini	0:e0adec41ad6b	1459	\param o the SharkSslCon object returned by function #SharkSsl_createCon.
wini	0:e0adec41ad6b	1460
wini	0:e0adec41ad6b	1461	\param cipherSuite is one of the [supported ciphers](\ref SharkSslCiphers)
wini	0:e0adec41ad6b	1462	enabled at compile time.
wini	0:e0adec41ad6b	1463
wini	0:e0adec41ad6b	1464	\return TRUE (1) if the request is accepted. Returns FALSE (0) if the
wini	0:e0adec41ad6b	1465	SharkSSL connection is currently in the handshaking phase, if the
wini	0:e0adec41ad6b	1466	selected cipher was not enabled at compile time, or if called more
wini	0:e0adec41ad6b	1467	than N times.
wini	0:e0adec41ad6b	1468	*/
wini	0:e0adec41ad6b	1469	SHARKSSL_API U8 SharkSslCon_selectCiphersuite(SharkSslCon *o, U16 cipherSuite);
wini	0:e0adec41ad6b	1470
wini	0:e0adec41ad6b	1471	/** Clears the selection, thus enabling all ciphers.
wini	0:e0adec41ad6b	1472	*/
wini	0:e0adec41ad6b	1473	SHARKSSL_API U8 SharkSslCon_clearCiphersuiteSelection(SharkSslCon *o);
wini	0:e0adec41ad6b	1474	#endif
wini	0:e0adec41ad6b	1475
wini	0:e0adec41ad6b	1476	#if (SHARKSSL_SSL_SERVER_CODE && SHARKSSL_ENABLE_SECURE_RENEGOTIATION)
wini	0:e0adec41ad6b	1477	/** This function enables you to renegotiate an already established
wini	0:e0adec41ad6b	1478	SSL/TLS connection. Renegotiation is also known as
wini	0:e0adec41ad6b	1479	rehandshake. The function informs the SharkSSL state machine for
wini	0:e0adec41ad6b	1480	the active connection that you wish to renegotiate the
wini	0:e0adec41ad6b	1481	connection. The actual renegotiation is initiated and performed
wini	0:e0adec41ad6b	1482	the next time you call #SharkSslCon_decrypt.
wini	0:e0adec41ad6b	1483
wini	0:e0adec41ad6b	1484	The function is typically used in combination with
wini	0:e0adec41ad6b	1485	#SharkSslCon_requestClientCert, when requesting client SSL
wini	0:e0adec41ad6b	1486	certificate authentication on an existing connection. The function
wini	0:e0adec41ad6b	1487	can also be used in combination with
wini	0:e0adec41ad6b	1488	#SharkSslCon_selectCiphersuite, to force a change in the cipher
wini	0:e0adec41ad6b	1489	being used.
wini	0:e0adec41ad6b	1490
wini	0:e0adec41ad6b	1491	\param o the SharkSslCon object returned by function #SharkSsl_createCon.
wini	0:e0adec41ad6b	1492
wini	0:e0adec41ad6b	1493	\return TRUE (1) if the request is accepted. Returns FALSE (0) if
wini	0:e0adec41ad6b	1494	the SharkSSL connection is currently in the handshaking phase.
wini	0:e0adec41ad6b	1495	*/
wini	0:e0adec41ad6b	1496	SHARKSSL_API U8 SharkSslCon_renegotiate(SharkSslCon *o);
wini	0:e0adec41ad6b	1497	#endif
wini	0:e0adec41ad6b	1498
wini	0:e0adec41ad6b	1499	/** @} / / end group SharkSslApi */
wini	0:e0adec41ad6b	1500
wini	0:e0adec41ad6b	1501
wini	0:e0adec41ad6b	1502	#if SHARKSSL_ENABLE_PEM_API
wini	0:e0adec41ad6b	1503	/** @addtogroup RayCryptoApi
wini	0:e0adec41ad6b	1504	@{
wini	0:e0adec41ad6b	1505	*/
wini	0:e0adec41ad6b	1506
wini	0:e0adec41ad6b	1507
wini	0:e0adec41ad6b	1508	/** Return values from function #sharkssl_PEM
wini	0:e0adec41ad6b	1509	*/
wini	0:e0adec41ad6b	1510	typedef enum
wini	0:e0adec41ad6b	1511	{
wini	0:e0adec41ad6b	1512	/** OK */
wini	0:e0adec41ad6b	1513	SHARKSSL_PEM_OK = 0,
wini	0:e0adec41ad6b	1514
wini	0:e0adec41ad6b	1515	/** OK_PUBLIC */
wini	0:e0adec41ad6b	1516	SHARKSSL_PEM_OK_PUBLIC = 1,
wini	0:e0adec41ad6b	1517
wini	0:e0adec41ad6b	1518	/** ALLOCATION_ERROR */
wini	0:e0adec41ad6b	1519	SHARKSSL_PEM_ALLOCATION_ERROR = - 3000,
wini	0:e0adec41ad6b	1520
wini	0:e0adec41ad6b	1521	/** KEY_PARSE_ERROR */
wini	0:e0adec41ad6b	1522	SHARKSSL_PEM_KEY_PARSE_ERROR,
wini	0:e0adec41ad6b	1523
wini	0:e0adec41ad6b	1524	/** KEY_WRONG_IV */
wini	0:e0adec41ad6b	1525	SHARKSSL_PEM_KEY_WRONG_IV,
wini	0:e0adec41ad6b	1526
wini	0:e0adec41ad6b	1527	/** KEY_WRONG_LENGTH */
wini	0:e0adec41ad6b	1528	SHARKSSL_PEM_KEY_WRONG_LENGTH,
wini	0:e0adec41ad6b	1529
wini	0:e0adec41ad6b	1530	/** KEY_PASSPHRASE_REQUIRED */
wini	0:e0adec41ad6b	1531	SHARKSSL_PEM_KEY_PASSPHRASE_REQUIRED,
wini	0:e0adec41ad6b	1532
wini	0:e0adec41ad6b	1533	/** KEY_UNRECOGNIZED_FORMAT */
wini	0:e0adec41ad6b	1534	SHARKSSL_PEM_KEY_UNRECOGNIZED_FORMAT,
wini	0:e0adec41ad6b	1535
wini	0:e0adec41ad6b	1536	/** KEY_UNSUPPORTED_FORMAT */
wini	0:e0adec41ad6b	1537	SHARKSSL_PEM_KEY_UNSUPPORTED_FORMAT,
wini	0:e0adec41ad6b	1538
wini	0:e0adec41ad6b	1539	/** KEY_UNSUPPORTED_MODULUS_LENGTH */
wini	0:e0adec41ad6b	1540	SHARKSSL_PEM_KEY_UNSUPPORTED_MODULUS_LENGTH,
wini	0:e0adec41ad6b	1541
wini	0:e0adec41ad6b	1542	/** KEY_UNSUPPORTED_ENCRYPTION_TYPE */
wini	0:e0adec41ad6b	1543	SHARKSSL_PEM_KEY_UNSUPPORTED_ENCRYPTION_TYPE,
wini	0:e0adec41ad6b	1544
wini	0:e0adec41ad6b	1545	/** KEY_CERT_MISMATCH */
wini	0:e0adec41ad6b	1546	SHARKSSL_PEM_KEY_CERT_MISMATCH,
wini	0:e0adec41ad6b	1547
wini	0:e0adec41ad6b	1548	/** CERT_UNRECOGNIZED_FORMAT */
wini	0:e0adec41ad6b	1549	SHARKSSL_PEM_CERT_UNRECOGNIZED_FORMAT,
wini	0:e0adec41ad6b	1550
wini	0:e0adec41ad6b	1551	/** CERT_UNSUPPORTED_TYPE */
wini	0:e0adec41ad6b	1552	SHARKSSL_PEM_CERT_UNSUPPORTED_TYPE,
wini	0:e0adec41ad6b	1553
wini	0:e0adec41ad6b	1554	/** KEY_UNSUPPORTED_VERSION */
wini	0:e0adec41ad6b	1555	SHARKSSL_PEM_KEY_UNSUPPORTED_VERSION,
wini	0:e0adec41ad6b	1556
wini	0:e0adec41ad6b	1557	/** INTERNAL ERROR */
wini	0:e0adec41ad6b	1558	SHARKSSL_PEM_INTERNAL_ERROR
wini	0:e0adec41ad6b	1559	} sharkssl_PEM_RetVal;
wini	0:e0adec41ad6b	1560
wini	0:e0adec41ad6b	1561
wini	0:e0adec41ad6b	1562	/** fixme doc
wini	0:e0adec41ad6b	1563	*/
wini	0:e0adec41ad6b	1564	SHARKSSL_API sharkssl_PEM_RetVal sharkssl_PEM(
wini	0:e0adec41ad6b	1565	const char certPEM, const char keyPEM,
wini	0:e0adec41ad6b	1566	const char passphrase, SharkSslCert sharkSslCert);
wini	0:e0adec41ad6b	1567
wini	0:e0adec41ad6b	1568	/** @} / / end group RayCryptoApi */
wini	0:e0adec41ad6b	1569	#endif
wini	0:e0adec41ad6b	1570
wini	0:e0adec41ad6b	1571	#if SHARKSSL_ENABLE_RSA
wini	0:e0adec41ad6b	1572
wini	0:e0adec41ad6b	1573	/** \addtogroup SharkSslInfoAndCodes
wini	0:e0adec41ad6b	1574	@{
wini	0:e0adec41ad6b	1575	*/
wini	0:e0adec41ad6b	1576
wini	0:e0adec41ad6b	1577	/** SHARKSSL_RSA_NO_PADDING for raw RSA encryption (insecure).
wini	0:e0adec41ad6b	1578	*/
wini	0:e0adec41ad6b	1579	#define SHARKSSL_RSA_NO_PADDING 0
wini	0:e0adec41ad6b	1580
wini	0:e0adec41ad6b	1581
wini	0:e0adec41ad6b	1582	/** SHARKSSL_RSA_PKCS1_PADDING for
wini	0:e0adec41ad6b	1583	[PKCS #1 v1.5](http://tools.ietf.org/html/rfc2313).
wini	0:e0adec41ad6b	1584	*/
wini	0:e0adec41ad6b	1585	#define SHARKSSL_RSA_PKCS1_PADDING 1
wini	0:e0adec41ad6b	1586
wini	0:e0adec41ad6b	1587
wini	0:e0adec41ad6b	1588	/** Return values from functions #sharkssl_RSA_public_encrypt,
wini	0:e0adec41ad6b	1589	#sharkssl_RSA_private_decrypt, #sharkssl_RSA_public_decrypt,
wini	0:e0adec41ad6b	1590	#sharkssl_RSA_private_encrypt
wini	0:e0adec41ad6b	1591	*/
wini	0:e0adec41ad6b	1592	typedef enum
wini	0:e0adec41ad6b	1593	{
wini	0:e0adec41ad6b	1594	/** OK */
wini	0:e0adec41ad6b	1595	SHARKSSL_RSA_OK = 0,
wini	0:e0adec41ad6b	1596
wini	0:e0adec41ad6b	1597	/** ALLOCATION_ERROR */
wini	0:e0adec41ad6b	1598	SHARKSSL_RSA_ALLOCATION_ERROR = -3000,
wini	0:e0adec41ad6b	1599
wini	0:e0adec41ad6b	1600	/** INTERNAL_ERROR */
wini	0:e0adec41ad6b	1601	SHARKSSL_RSA_INTERNAL_ERROR = -3100,
wini	0:e0adec41ad6b	1602
wini	0:e0adec41ad6b	1603	/** WRONG_PARAMETERS */
wini	0:e0adec41ad6b	1604	SHARKSSL_RSA_WRONG_PARAMETERS,
wini	0:e0adec41ad6b	1605
wini	0:e0adec41ad6b	1606	/** WRONG_KEY_FORMAT */
wini	0:e0adec41ad6b	1607	SHARKSSL_RSA_WRONG_KEY_FORMAT,
wini	0:e0adec41ad6b	1608
wini	0:e0adec41ad6b	1609	/** WRONG_KEY_LENGTH */
wini	0:e0adec41ad6b	1610	SHARKSSL_RSA_WRONG_KEY_LENGTH,
wini	0:e0adec41ad6b	1611
wini	0:e0adec41ad6b	1612	/** INPUT_DATA_LENGTH_TOO_BIG */
wini	0:e0adec41ad6b	1613	SHARKSSL_RSA_INPUT_DATA_LENGTH_TOO_BIG,
wini	0:e0adec41ad6b	1614
wini	0:e0adec41ad6b	1615	/** INPUT_DATA_LENGTH_AND_KEY_LENGTH_MISMATCH */
wini	0:e0adec41ad6b	1616	SHARKSSL_RSA_INPUT_DATA_LENGTH_AND_KEY_LENGTH_MISMATCH,
wini	0:e0adec41ad6b	1617
wini	0:e0adec41ad6b	1618	/** PKCS1_PADDING_ERROR */
wini	0:e0adec41ad6b	1619	SHARKSSL_RSA_PKCS1_PADDING_ERROR
wini	0:e0adec41ad6b	1620	} sharkssl_RSA_RetVal;
wini	0:e0adec41ad6b	1621	#endif
wini	0:e0adec41ad6b	1622
wini	0:e0adec41ad6b	1623	/** @} / / end group SharkSslInfoAndCodes */
wini	0:e0adec41ad6b	1624
wini	0:e0adec41ad6b	1625	#if SHARKSSL_ENABLE_RSA_API
wini	0:e0adec41ad6b	1626
wini	0:e0adec41ad6b	1627	/** \defgroup RSA RSA encrypt/decrypt functions
wini	0:e0adec41ad6b	1628	\ingroup RayCryptoApi
wini	0:e0adec41ad6b	1629
wini	0:e0adec41ad6b	1630	@{
wini	0:e0adec41ad6b	1631	*/
wini	0:e0adec41ad6b	1632
wini	0:e0adec41ad6b	1633	/** SharkSslRSAKey is an alias for the #SharkSslCert type and is a
wini	0:e0adec41ad6b	1634	private/public key converted by sharkssl_PEM_to_RSAKey or the
wini	0:e0adec41ad6b	1635	command line tool [SharkSslParseKey](\ref SharkSslParseKey).
wini	0:e0adec41ad6b	1636	*/
wini	0:e0adec41ad6b	1637	typedef U8* SharkSslRSAKey;
wini	0:e0adec41ad6b	1638
wini	0:e0adec41ad6b	1639	#if SHARKSSL_ENABLE_PEM_API
wini	0:e0adec41ad6b	1640	/** Convert an RSA private or public key in PEM format to the
wini	0:e0adec41ad6b	1641	#SharkSslRSAKey format.
wini	0:e0adec41ad6b	1642
wini	0:e0adec41ad6b	1643	Note: the converted value must be released by calling
wini	0:e0adec41ad6b	1644	SharkSslRSAKey_free, when no longer needed.
wini	0:e0adec41ad6b	1645
wini	0:e0adec41ad6b	1646	example:
wini	0:e0adec41ad6b	1647	\code
wini	0:e0adec41ad6b	1648	{
wini	0:e0adec41ad6b	1649	SharkSslRSAKey RSAKey;
wini	0:e0adec41ad6b	1650	...
wini	0:e0adec41ad6b	1651	RSAKey = sharksslPEM_to_RSAKey(key, pass);
wini	0:e0adec41ad6b	1652	if (RSAKey)
wini	0:e0adec41ad6b	1653	{
wini	0:e0adec41ad6b	1654	...
wini	0:e0adec41ad6b	1655	void SharkSslRSAKey_free(RSAKey);
wini	0:e0adec41ad6b	1656	}
wini	0:e0adec41ad6b	1657	}
wini	0:e0adec41ad6b	1658	\endcode
wini	0:e0adec41ad6b	1659
wini	0:e0adec41ad6b	1660	\return the private/public key in #SharkSslRSAKey format or NULL if
wini	0:e0adec41ad6b	1661	the conversion fails.
wini	0:e0adec41ad6b	1662	*/
wini	0:e0adec41ad6b	1663	SHARKSSL_API SharkSslRSAKey sharkssl_PEM_to_RSAKey(
wini	0:e0adec41ad6b	1664	const char PEMKey, const char passphrase);
wini	0:e0adec41ad6b	1665
wini	0:e0adec41ad6b	1666	/** Extract the public key form a certificate in PEM format
wini	0:e0adec41ad6b	1667
wini	0:e0adec41ad6b	1668	Note: the converted value must be released by calling
wini	0:e0adec41ad6b	1669	SharkSslRSAKey_free, when no longer needed.
wini	0:e0adec41ad6b	1670
wini	0:e0adec41ad6b	1671	example:
wini	0:e0adec41ad6b	1672	\code
wini	0:e0adec41ad6b	1673	{
wini	0:e0adec41ad6b	1674	SharkSslRSAKey RSAKey;
wini	0:e0adec41ad6b	1675	...
wini	0:e0adec41ad6b	1676	RSAKey = sharkssl_PEM_extractPublicKey(cert);
wini	0:e0adec41ad6b	1677	if (RSAKey)
wini	0:e0adec41ad6b	1678	{
wini	0:e0adec41ad6b	1679	...
wini	0:e0adec41ad6b	1680	void SharkSslRSAKey_free(RSAKey);
wini	0:e0adec41ad6b	1681	}
wini	0:e0adec41ad6b	1682	}
wini	0:e0adec41ad6b	1683	\endcode
wini	0:e0adec41ad6b	1684
wini	0:e0adec41ad6b	1685	\return the certificate's public key in #SharkSslRSAKey format
wini	0:e0adec41ad6b	1686	or NULL if the conversion fails.
wini	0:e0adec41ad6b	1687
wini	0:e0adec41ad6b	1688	*/
wini	0:e0adec41ad6b	1689	SHARKSSL_API SharkSslRSAKey
wini	0:e0adec41ad6b	1690	sharkssl_PEM_extractPublicKey(const char *certPEM);
wini	0:e0adec41ad6b	1691
wini	0:e0adec41ad6b	1692	/** Release a SharkSslRSAKey allocated by functions #sharkssl_PEM_to_RSAKey
wini	0:e0adec41ad6b	1693	and sharkssl_PEM_extractPublicKey.
wini	0:e0adec41ad6b	1694	*/
wini	0:e0adec41ad6b	1695	SHARKSSL_API void SharkSslRSAKey_free(SharkSslRSAKey key);
wini	0:e0adec41ad6b	1696	#endif
wini	0:e0adec41ad6b	1697
wini	0:e0adec41ad6b	1698	#if SHARKSSL_ENABLE_RSA
wini	0:e0adec41ad6b	1699
wini	0:e0adec41ad6b	1700	/** Returns the private or public key's modulus size in bytes.
wini	0:e0adec41ad6b	1701	*/
wini	0:e0adec41ad6b	1702	SHARKSSL_API U16 SharkSslRSAKey_size(SharkSslRSAKey key);
wini	0:e0adec41ad6b	1703
wini	0:e0adec41ad6b	1704	/** Encrypt data using the public key or private key. The private key
wini	0:e0adec41ad6b	1705	includes the public key an can for this reason be used for
wini	0:e0adec41ad6b	1706	encrypting the data.
wini	0:e0adec41ad6b	1707
wini	0:e0adec41ad6b	1708	\param in the plaintext
wini	0:e0adec41ad6b	1709
wini	0:e0adec41ad6b	1710	\param len is the length/size of parameter 'in'. This length must be
wini	0:e0adec41ad6b	1711	exactly #SharkSslRSAKey_size (key) when selecting
wini	0:e0adec41ad6b	1712	#SHARKSSL_RSA_NO_PADDING or a value between 1 and
wini	0:e0adec41ad6b	1713	(#SharkSslRSAKey_size (key) - 11) when selecting
wini	0:e0adec41ad6b	1714	SHARKSSL_RSA_PKCS1_PADDING.
wini	0:e0adec41ad6b	1715
wini	0:e0adec41ad6b	1716	\param out the encrypted ciphertext is copied to this buffer. The
wini	0:e0adec41ad6b	1717	size of this buffer must be no less than #SharkSslRSAKey_size (key)
wini	0:e0adec41ad6b	1718
wini	0:e0adec41ad6b	1719	\param key is the public key in SharkSslRSAKey format.
wini	0:e0adec41ad6b	1720
wini	0:e0adec41ad6b	1721	\param padding is one of #SHARKSSL_RSA_PKCS1_PADDING or
wini	0:e0adec41ad6b	1722	#SHARKSSL_RSA_NO_PADDING
wini	0:e0adec41ad6b	1723
wini	0:e0adec41ad6b	1724	\return the size of the encrypted ciphertext, or -1 if any error occurs
wini	0:e0adec41ad6b	1725	*/
wini	0:e0adec41ad6b	1726	SHARKSSL_API sharkssl_RSA_RetVal sharkssl_RSA_public_encrypt(
wini	0:e0adec41ad6b	1727	U16 len, U8 in, U8 out, SharkSslRSAKey key, U8 padding);
wini	0:e0adec41ad6b	1728
wini	0:e0adec41ad6b	1729
wini	0:e0adec41ad6b	1730	/** Decrypt ciphertext using the private key.
wini	0:e0adec41ad6b	1731
wini	0:e0adec41ad6b	1732	\param len is the length/size of parameter 'in'. This length must be
wini	0:e0adec41ad6b	1733	exactly #SharkSslRSAKey_size (key).
wini	0:e0adec41ad6b	1734
wini	0:e0adec41ad6b	1735	\param in the ciphertext
wini	0:e0adec41ad6b	1736
wini	0:e0adec41ad6b	1737	\param out the decrypted ciphertext is copied to this buffer. The
wini	0:e0adec41ad6b	1738	size of this buffer must be no less than #SharkSslRSAKey_size (key)
wini	0:e0adec41ad6b	1739
wini	0:e0adec41ad6b	1740	\param privkey is the private key in SharkSslRSAKey format.
wini	0:e0adec41ad6b	1741
wini	0:e0adec41ad6b	1742	\param padding is one of #SHARKSSL_RSA_PKCS1_PADDING or
wini	0:e0adec41ad6b	1743	#SHARKSSL_RSA_NO_PADDING
wini	0:e0adec41ad6b	1744
wini	0:e0adec41ad6b	1745	\return the size of the decrypted ciphertext, or -1 if any error occurs
wini	0:e0adec41ad6b	1746	*/
wini	0:e0adec41ad6b	1747	SHARKSSL_API sharkssl_RSA_RetVal sharkssl_RSA_private_decrypt(
wini	0:e0adec41ad6b	1748	U16 len, U8 in, U8 out, SharkSslRSAKey privkey, U8 padding);
wini	0:e0adec41ad6b	1749
wini	0:e0adec41ad6b	1750
wini	0:e0adec41ad6b	1751	/** Sign a message digest using the private key.
wini	0:e0adec41ad6b	1752
wini	0:e0adec41ad6b	1753	\param in commonly, an algorithm identifier followed by a message digest
wini	0:e0adec41ad6b	1754
wini	0:e0adec41ad6b	1755	\param len is the length/size of parameter 'in'. This length must be
wini	0:e0adec41ad6b	1756	exactly #SharkSslRSAKey_size (key) when selecting
wini	0:e0adec41ad6b	1757	#SHARKSSL_RSA_NO_PADDING or a value between 1 and
wini	0:e0adec41ad6b	1758	(#SharkSslRSAKey_size (key) - 11) when selecting
wini	0:e0adec41ad6b	1759	SHARKSSL_RSA_PKCS1_PADDING.
wini	0:e0adec41ad6b	1760
wini	0:e0adec41ad6b	1761	\param out the signature is copied to this buffer. The size
wini	0:e0adec41ad6b	1762	of this buffer must be no less than #SharkSslRSAKey_size (key)
wini	0:e0adec41ad6b	1763
wini	0:e0adec41ad6b	1764	\param privkey is the private key in SharkSslRSAKey format.
wini	0:e0adec41ad6b	1765
wini	0:e0adec41ad6b	1766	\param padding is one of #SHARKSSL_RSA_PKCS1_PADDING or
wini	0:e0adec41ad6b	1767	#SHARKSSL_RSA_NO_PADDING
wini	0:e0adec41ad6b	1768
wini	0:e0adec41ad6b	1769	\return the size of the signature, or -1 if any error occurs
wini	0:e0adec41ad6b	1770	*/
wini	0:e0adec41ad6b	1771	SHARKSSL_API sharkssl_RSA_RetVal sharkssl_RSA_private_encrypt(
wini	0:e0adec41ad6b	1772	U16 len, U8 in, U8 out, SharkSslRSAKey privkey, U8 padding);
wini	0:e0adec41ad6b	1773
wini	0:e0adec41ad6b	1774
wini	0:e0adec41ad6b	1775	/** Bring back a message digest using the public key or private key.
wini	0:e0adec41ad6b	1776	The private key includes the public key an can for this reason be used for
wini	0:e0adec41ad6b	1777	this operation.
wini	0:e0adec41ad6b	1778
wini	0:e0adec41ad6b	1779	\param in the RSA signature
wini	0:e0adec41ad6b	1780
wini	0:e0adec41ad6b	1781	\param len is the length/size of parameter 'in'. This length must be
wini	0:e0adec41ad6b	1782	exactly #SharkSslRSAKey_size (key).
wini	0:e0adec41ad6b	1783
wini	0:e0adec41ad6b	1784	\param out the message digest is copied to this buffer. The size
wini	0:e0adec41ad6b	1785	of this buffer must be no less than #SharkSslRSAKey_size (key)
wini	0:e0adec41ad6b	1786
wini	0:e0adec41ad6b	1787	\param key is the public key in SharkSslRSAKey format.
wini	0:e0adec41ad6b	1788
wini	0:e0adec41ad6b	1789	\param padding is one of #SHARKSSL_RSA_PKCS1_PADDING or
wini	0:e0adec41ad6b	1790	#SHARKSSL_RSA_NO_PADDING
wini	0:e0adec41ad6b	1791
wini	0:e0adec41ad6b	1792	\return the size of the obtained message digest, or -1 if any error occurs
wini	0:e0adec41ad6b	1793	*/
wini	0:e0adec41ad6b	1794	SHARKSSL_API sharkssl_RSA_RetVal sharkssl_RSA_public_decrypt(
wini	0:e0adec41ad6b	1795	U16 len, U8 in, U8 out, SharkSslRSAKey key, U8 padding);
wini	0:e0adec41ad6b	1796
wini	0:e0adec41ad6b	1797	#endif
wini	0:e0adec41ad6b	1798
wini	0:e0adec41ad6b	1799	/** @} / / end group RSA */
wini	0:e0adec41ad6b	1800	#endif
wini	0:e0adec41ad6b	1801
wini	0:e0adec41ad6b	1802
wini	0:e0adec41ad6b	1803	/** To be used as hashlen parameter in sharkssl_ECDSA_ functions
wini	0:e0adec41ad6b	1804	These are the hash lengths for the functions implemented in SharkSSL/RayCrypto
wini	0:e0adec41ad6b	1805
wini	0:e0adec41ad6b	1806	SHARKSSL_MD5_HASH_LEN
wini	0:e0adec41ad6b	1807	SHARKSSL_SHA1_HASH_LEN
wini	0:e0adec41ad6b	1808	SHARKSSL_SHA256_HASH_LEN
wini	0:e0adec41ad6b	1809	SHARKSSL_SHA384_HASH_LEN
wini	0:e0adec41ad6b	1810	SHARKSSL_SHA512_HASH_LEN
wini	0:e0adec41ad6b	1811	SHARKSSL_POLY1305_HASH_LEN
wini	0:e0adec41ad6b	1812	*/
wini	0:e0adec41ad6b	1813
wini	0:e0adec41ad6b	1814
wini	0:e0adec41ad6b	1815	#if SHARKSSL_USE_ECC
wini	0:e0adec41ad6b	1816
wini	0:e0adec41ad6b	1817	/*
wini	0:e0adec41ad6b	1818	* use as curveID parameter
wini	0:e0adec41ad6b	1819	*/
wini	0:e0adec41ad6b	1820	#define SHARKSSL_EC_CURVE_ID_SECP192R1 19
wini	0:e0adec41ad6b	1821	#define SHARKSSL_EC_CURVE_ID_SECP224R1 21
wini	0:e0adec41ad6b	1822	#define SHARKSSL_EC_CURVE_ID_SECP256R1 23
wini	0:e0adec41ad6b	1823	#define SHARKSSL_EC_CURVE_ID_SECP384R1 24
wini	0:e0adec41ad6b	1824	#define SHARKSSL_EC_CURVE_ID_SECP521R1 25
wini	0:e0adec41ad6b	1825
wini	0:e0adec41ad6b	1826
wini	0:e0adec41ad6b	1827	/**
wini	0:e0adec41ad6b	1828	@ingroup ECDSA
wini	0:e0adec41ad6b	1829	SharkSslECCKey is an alias for the #SharkSslCert type and is a
wini	0:e0adec41ad6b	1830	private/public key converted by #sharkssl_PEM_to_ECCKey or the
wini	0:e0adec41ad6b	1831	command line tool [SharkSslParseKey](\ref SharkSslParseKey).
wini	0:e0adec41ad6b	1832	*/
wini	0:e0adec41ad6b	1833	typedef U8* SharkSslECCKey;
wini	0:e0adec41ad6b	1834
wini	0:e0adec41ad6b	1835	#if SHARKSSL_ENABLE_PEM_API
wini	0:e0adec41ad6b	1836	/**
wini	0:e0adec41ad6b	1837	@ingroup ECDSA
wini	0:e0adec41ad6b	1838	Convert an ECC private or public key in PEM format to the
wini	0:e0adec41ad6b	1839	#SharkSslECCKey format.
wini	0:e0adec41ad6b	1840
wini	0:e0adec41ad6b	1841	Note: the converted value must be released by calling
wini	0:e0adec41ad6b	1842	SharkSslECCKey_free, when no longer needed.
wini	0:e0adec41ad6b	1843
wini	0:e0adec41ad6b	1844	example:
wini	0:e0adec41ad6b	1845	\code
wini	0:e0adec41ad6b	1846	{
wini	0:e0adec41ad6b	1847	SharkSslECCKey ECCKey;
wini	0:e0adec41ad6b	1848	...
wini	0:e0adec41ad6b	1849	ECCKey = sharksslPEM_to_ECCKey(key, pass);
wini	0:e0adec41ad6b	1850	if (ECCKey)
wini	0:e0adec41ad6b	1851	{
wini	0:e0adec41ad6b	1852	...
wini	0:e0adec41ad6b	1853	void SharkSslECCKey_free(ECCKey);
wini	0:e0adec41ad6b	1854	}
wini	0:e0adec41ad6b	1855	}
wini	0:e0adec41ad6b	1856	\endcode
wini	0:e0adec41ad6b	1857
wini	0:e0adec41ad6b	1858	\return the private/public key in #SharkSslECCKey format or NULL if
wini	0:e0adec41ad6b	1859	the conversion fails.
wini	0:e0adec41ad6b	1860	*/
wini	0:e0adec41ad6b	1861	SHARKSSL_API SharkSslECCKey sharkssl_PEM_to_ECCKey(
wini	0:e0adec41ad6b	1862	const char PEMKey, const char passphrase);
wini	0:e0adec41ad6b	1863	#endif
wini	0:e0adec41ad6b	1864
wini	0:e0adec41ad6b	1865
wini	0:e0adec41ad6b	1866	#if SHARKSSL_ENABLE_ECCKEY_CREATE
wini	0:e0adec41ad6b	1867	int SharkSslECCKey_create(SharkSslECCKey *key, U16 curveID);
wini	0:e0adec41ad6b	1868	#endif
wini	0:e0adec41ad6b	1869
wini	0:e0adec41ad6b	1870
wini	0:e0adec41ad6b	1871	#if (SHARKSSL_ENABLE_PEM_API \|\| SHARKSSL_ENABLE_ECCKEY_CREATE)
wini	0:e0adec41ad6b	1872	/** Release a SharkSslECCKey allocated by functions #sharkssl_PEM_to_ECCKey
wini	0:e0adec41ad6b	1873	or #SharkSslECCKey_create
wini	0:e0adec41ad6b	1874	*/
wini	0:e0adec41ad6b	1875	SHARKSSL_API void SharkSslECCKey_free(SharkSslECCKey key);
wini	0:e0adec41ad6b	1876	#endif
wini	0:e0adec41ad6b	1877
wini	0:e0adec41ad6b	1878	/** \addtogroup SharkSslInfoAndCodes
wini	0:e0adec41ad6b	1879	@{
wini	0:e0adec41ad6b	1880	*/
wini	0:e0adec41ad6b	1881
wini	0:e0adec41ad6b	1882
wini	0:e0adec41ad6b	1883	#if (SHARKSSL_ENABLE_ECDSA && SHARKSSL_ENABLE_ECDSA_API)
wini	0:e0adec41ad6b	1884	/** Return values from functions #sharkssl_ECDSA_sign_hash,
wini	0:e0adec41ad6b	1885	#sharkssl_ECDSA_verify_hash
wini	0:e0adec41ad6b	1886	*/
wini	0:e0adec41ad6b	1887	typedef enum
wini	0:e0adec41ad6b	1888	{
wini	0:e0adec41ad6b	1889	/** OK */
wini	0:e0adec41ad6b	1890	SHARKSSL_ECDSA_OK = 0,
wini	0:e0adec41ad6b	1891
wini	0:e0adec41ad6b	1892	/** ALLOCATION_ERROR */
wini	0:e0adec41ad6b	1893	SHARKSSL_ECDSA_ALLOCATION_ERROR = -3200,
wini	0:e0adec41ad6b	1894
wini	0:e0adec41ad6b	1895	/** INTERNAL_ERROR */
wini	0:e0adec41ad6b	1896	SHARKSSL_ECDSA_INTERNAL_ERROR = -3300,
wini	0:e0adec41ad6b	1897
wini	0:e0adec41ad6b	1898	/** WRONG_PARAMETERS */
wini	0:e0adec41ad6b	1899	SHARKSSL_ECDSA_WRONG_PARAMETERS,
wini	0:e0adec41ad6b	1900
wini	0:e0adec41ad6b	1901	/** WRONG_KEY_FORMAT */
wini	0:e0adec41ad6b	1902	SHARKSSL_ECDSA_WRONG_KEY_FORMAT,
wini	0:e0adec41ad6b	1903
wini	0:e0adec41ad6b	1904	/** KEY_IS_NOT_PRIVATE */
wini	0:e0adec41ad6b	1905	SHARKSSL_ECDSA_KEY_NOT_PRIVATE,
wini	0:e0adec41ad6b	1906
wini	0:e0adec41ad6b	1907	/** KEY_IS_NOT_PUBLIC */
wini	0:e0adec41ad6b	1908	SHARKSSL_ECDSA_KEY_NOT_PUBLIC,
wini	0:e0adec41ad6b	1909
wini	0:e0adec41ad6b	1910	/** SIGLEN_TOO_SMALL */
wini	0:e0adec41ad6b	1911	SHARKSSL_ECDSA_SIGLEN_TOO_SMALL,
wini	0:e0adec41ad6b	1912
wini	0:e0adec41ad6b	1913	/** VERIFICATION_FAIL */
wini	0:e0adec41ad6b	1914	SHARKSSL_ECDSA_VERIFICATION_FAIL,
wini	0:e0adec41ad6b	1915
wini	0:e0adec41ad6b	1916	/** WRONG SIGNATURE */
wini	0:e0adec41ad6b	1917	SHARKSSL_ECDSA_WRONG_SIGNATURE
wini	0:e0adec41ad6b	1918	} sharkssl_ECDSA_RetVal;
wini	0:e0adec41ad6b	1919
wini	0:e0adec41ad6b	1920	/** @} / / end group SharkSslInfoAndCodes */
wini	0:e0adec41ad6b	1921
wini	0:e0adec41ad6b	1922	/** @addtogroup ECDSA
wini	0:e0adec41ad6b	1923	@{
wini	0:e0adec41ad6b	1924	*/
wini	0:e0adec41ad6b	1925
wini	0:e0adec41ad6b	1926
wini	0:e0adec41ad6b	1927	#if (!SHARKSSL_ECDSA_ONLY_VERIFY)
wini	0:e0adec41ad6b	1928	/** Returns the maximum length (in bytes) of a DER-encoded ECDSA
wini	0:e0adec41ad6b	1929	signature generated with the private key 'privkey'. This function
wini	0:e0adec41ad6b	1930	is typically used in combination with #sharkssl_ECDSA_sign_hash to
wini	0:e0adec41ad6b	1931	compute the maximum length of the signature and to allocate a
wini	0:e0adec41ad6b	1932	buffer large enough to hold the signature 'sig'.
wini	0:e0adec41ad6b	1933
wini	0:e0adec41ad6b	1934	\param privkey is the private key in SharkSslECCKey format.
wini	0:e0adec41ad6b	1935	*/
wini	0:e0adec41ad6b	1936	SHARKSSL_API U16 sharkssl_ECDSA_siglen(SharkSslECCKey privkey);
wini	0:e0adec41ad6b	1937
wini	0:e0adec41ad6b	1938	/** Generate the signature using the ECC private key and a hash.
wini	0:e0adec41ad6b	1939
wini	0:e0adec41ad6b	1940	\param privkey is the private key in #SharkSslECCKey format.
wini	0:e0adec41ad6b	1941
wini	0:e0adec41ad6b	1942	\param sig is a pointer to the buffer where the DER-encoded ECDSA
wini	0:e0adec41ad6b	1943	signature will be generated. The size of this buffer must not be
wini	0:e0adec41ad6b	1944	smaller than the value returned by #sharkssl_ECDSA_siglen for
wini	0:e0adec41ad6b	1945	param 'privkey'. The length of this buffer, which may be larger
wini	0:e0adec41ad6b	1946	than required, is provided in the next parameter (siglen).
wini	0:e0adec41ad6b	1947
wini	0:e0adec41ad6b	1948	\param siglen is parameter "sig"'s length and is provided as an
wini	0:e0adec41ad6b	1949	input parameter. The signature length will be returned as output
wini	0:e0adec41ad6b	1950	parameter.
wini	0:e0adec41ad6b	1951
wini	0:e0adec41ad6b	1952	\param hash the message digest obtained from a hash function
wini	0:e0adec41ad6b	1953	e.g. SHA256.
wini	0:e0adec41ad6b	1954
wini	0:e0adec41ad6b	1955	\param hashlen the length of the message digest (see above).
wini	0:e0adec41ad6b	1956
wini	0:e0adec41ad6b	1957	\return SHARKSSL_ECDSA_OK if the signature generation is succesful,
wini	0:e0adec41ad6b	1958	or one of the #sharkssl_ECDSA_RetVal error codes.
wini	0:e0adec41ad6b	1959	*/
wini	0:e0adec41ad6b	1960	SHARKSSL_API sharkssl_ECDSA_RetVal sharkssl_ECDSA_sign_hash(
wini	0:e0adec41ad6b	1961	SharkSslECCKey privkey, U8 sig, U16 siglen, U8 *hash, U8 hashlen);
wini	0:e0adec41ad6b	1962	#endif
wini	0:e0adec41ad6b	1963
wini	0:e0adec41ad6b	1964	/** Verify a message using the ECC public key and a hash algorithm.
wini	0:e0adec41ad6b	1965
wini	0:e0adec41ad6b	1966	\param pubkey is the public key in SharkSslECCKey format.
wini	0:e0adec41ad6b	1967
wini	0:e0adec41ad6b	1968	\param sig is a pointer to the DER-encoded ECDSA signature
wini	0:e0adec41ad6b	1969	that is to be verified.
wini	0:e0adec41ad6b	1970
wini	0:e0adec41ad6b	1971	\param siglen is parameter "sig"'s length.
wini	0:e0adec41ad6b	1972
wini	0:e0adec41ad6b	1973	\param hash the message digest obtained from a hash function
wini	0:e0adec41ad6b	1974	e.g. SHA256.
wini	0:e0adec41ad6b	1975
wini	0:e0adec41ad6b	1976	\param hashlen the length of the message digest (see above).
wini	0:e0adec41ad6b	1977
wini	0:e0adec41ad6b	1978	\return SHARKSSL_ECDSA_OK if the signature verification is succesful,
wini	0:e0adec41ad6b	1979	or one of the #sharkssl_ECDSA_RetVal error codes.
wini	0:e0adec41ad6b	1980	*/
wini	0:e0adec41ad6b	1981	SHARKSSL_API sharkssl_ECDSA_RetVal sharkssl_ECDSA_verify_hash(
wini	0:e0adec41ad6b	1982	SharkSslECCKey pubkey, U8 sig, U16 siglen, U8 hash, U8 hashlen);
wini	0:e0adec41ad6b	1983
wini	0:e0adec41ad6b	1984	#endif
wini	0:e0adec41ad6b	1985
wini	0:e0adec41ad6b	1986	/** @} / / end group ECC */
wini	0:e0adec41ad6b	1987	#endif
wini	0:e0adec41ad6b	1988
wini	0:e0adec41ad6b	1989
wini	0:e0adec41ad6b	1990	#if (SHARKSSL_ENABLE_CA_LIST && SHARKSSL_ENABLE_CERTSTORE_API)
wini	0:e0adec41ad6b	1991
wini	0:e0adec41ad6b	1992	/** @addtogroup SharkSslCertApi
wini	0:e0adec41ad6b	1993	@{
wini	0:e0adec41ad6b	1994	*/
wini	0:e0adec41ad6b	1995
wini	0:e0adec41ad6b	1996
wini	0:e0adec41ad6b	1997	#ifndef BA_API /* standalone SharkSSL */
wini	0:e0adec41ad6b	1998	#define BA_API SHARKSSL_API
wini	0:e0adec41ad6b	1999	typedef U8 BaBool;
wini	0:e0adec41ad6b	2000	#endif
wini	0:e0adec41ad6b	2001	#include "DoubleList.h"
wini	0:e0adec41ad6b	2002
wini	0:e0adec41ad6b	2003	/** SharkSslCertStore is a container object used when assembling a
wini	0:e0adec41ad6b	2004	#SharkSslCAList. See #SharkSslCertStore_assemble for details.
wini	0:e0adec41ad6b	2005	*/
wini	0:e0adec41ad6b	2006	typedef struct SharkSslCertStore
wini	0:e0adec41ad6b	2007	{
wini	0:e0adec41ad6b	2008	DoubleList certList;
wini	0:e0adec41ad6b	2009	SharkSslCAList caList;
wini	0:e0adec41ad6b	2010	U16 elements; /* number of elements in list */
wini	0:e0adec41ad6b	2011	} SharkSslCertStore;
wini	0:e0adec41ad6b	2012
wini	0:e0adec41ad6b	2013	/** Initialize a SharkSslCertStore object. See #SharkSslCertStore for
wini	0:e0adec41ad6b	2014	details. The object must reside in memory as long as the produced
wini	0:e0adec41ad6b	2015	SharkSslCAList is used by a SharkSSL object.
wini	0:e0adec41ad6b	2016
wini	0:e0adec41ad6b	2017	\param o Uninitialized data of size sizeof(SharkSsl).
wini	0:e0adec41ad6b	2018
wini	0:e0adec41ad6b	2019	\sa #SharkSslCertStore_assemble.
wini	0:e0adec41ad6b	2020	*/
wini	0:e0adec41ad6b	2021	SHARKSSL_API void SharkSslCertStore_constructor(SharkSslCertStore *o);
wini	0:e0adec41ad6b	2022
wini	0:e0adec41ad6b	2023	/** Cleanup all memory used by the SharkSslCAList object.
wini	0:e0adec41ad6b	2024	*/
wini	0:e0adec41ad6b	2025	SHARKSSL_API void SharkSslCertStore_destructor(SharkSslCertStore* o);
wini	0:e0adec41ad6b	2026
wini	0:e0adec41ad6b	2027	/** Alias for SharkSslCertStore_destructor */
wini	0:e0adec41ad6b	2028	#define SharkSslCertStore_release(o) SharkSslCertStore_destructor(o)
wini	0:e0adec41ad6b	2029
wini	0:e0adec41ad6b	2030	/** add a certificate in PEM or p7b format to the CA store. A
wini	0:e0adec41ad6b	2031	convenient way to get CA's is to export the certificates from a
wini	0:e0adec41ad6b	2032	browser in PEM or p7b format. The p7b format is a container format
wini	0:e0adec41ad6b	2033	that can contain many CA's.
wini	0:e0adec41ad6b	2034
wini	0:e0adec41ad6b	2035	\param o the SharkSslCertStore object.
wini	0:e0adec41ad6b	2036	\param cert is a one PEM cert or multiple certs in p7b format.
wini	0:e0adec41ad6b	2037	\param certlen is the length of parameter 'cert'
wini	0:e0adec41ad6b	2038	\sa SharkSslCertStore_assemble.
wini	0:e0adec41ad6b	2039	\return the number of certificates successfully parsed and added to
wini	0:e0adec41ad6b	2040	the certificate store or a negative value if memory could not be allocated.
wini	0:e0adec41ad6b	2041	*/
wini	0:e0adec41ad6b	2042	SHARKSSL_API U16 SharkSslCertStore_add(
wini	0:e0adec41ad6b	2043	SharkSslCertStore o, const char cert, U32 certlen);
wini	0:e0adec41ad6b	2044
wini	0:e0adec41ad6b	2045	/** Assemble all certificates added by calling #SharkSslCertStore_add.
wini	0:e0adec41ad6b	2046	The SharkSslCertStore object can be released as soon as the
wini	0:e0adec41ad6b	2047	#SharkSslCAList is assembled.
wini	0:e0adec41ad6b	2048
wini	0:e0adec41ad6b	2049	\param o the SharkSslCertStore object
wini	0:e0adec41ad6b	2050	\param outList is the SharkSslCAList out value
wini	0:e0adec41ad6b	2051	\return TRUE on success or FALSE if memory could not be allocated
wini	0:e0adec41ad6b	2052	\sa #SharkSslCertStore_destructor and #SharkSsl_setCAList
wini	0:e0adec41ad6b	2053	*/
wini	0:e0adec41ad6b	2054	SHARKSSL_API U8 SharkSslCertStore_assemble(
wini	0:e0adec41ad6b	2055	SharkSslCertStore o, SharkSslCAList outList);
wini	0:e0adec41ad6b	2056
wini	0:e0adec41ad6b	2057	/** @} / / end group SharkSslCertApi */
wini	0:e0adec41ad6b	2058	#endif /* SHARKSSL_ENABLE_CA_LIST && SHARKSSL_ENABLE_CERTSTORE_API */
wini	0:e0adec41ad6b	2059
wini	0:e0adec41ad6b	2060
wini	0:e0adec41ad6b	2061
wini	0:e0adec41ad6b	2062
wini	0:e0adec41ad6b	2063
wini	0:e0adec41ad6b	2064	#ifdef __cplusplus
wini	0:e0adec41ad6b	2065	}
wini	0:e0adec41ad6b	2066
wini	0:e0adec41ad6b	2067	inline SharkSsl::SharkSsl(
wini	0:e0adec41ad6b	2068	SharkSsl_Role role, U16 cacheSize, U16 inBufStartSize, U16 outBufSize) {
wini	0:e0adec41ad6b	2069	SharkSsl_constructor(this, role, cacheSize, inBufStartSize, outBufSize);
wini	0:e0adec41ad6b	2070	}
wini	0:e0adec41ad6b	2071	inline SharkSsl::~SharkSsl() {
wini	0:e0adec41ad6b	2072	SharkSsl_destructor(this);
wini	0:e0adec41ad6b	2073	}
wini	0:e0adec41ad6b	2074	inline SharkSslCon *SharkSsl::createCon(void) {
wini	0:e0adec41ad6b	2075	return SharkSsl_createCon(this);
wini	0:e0adec41ad6b	2076	}
wini	0:e0adec41ad6b	2077	inline void SharkSsl::terminateCon(SharkSslCon *sslCon) {
wini	0:e0adec41ad6b	2078	SharkSsl_terminateCon(this, sslCon);
wini	0:e0adec41ad6b	2079	}
wini	0:e0adec41ad6b	2080
wini	0:e0adec41ad6b	2081	#if (SHARKSSL_ENABLE_RSA \|\| SHARKSSL_ENABLE_ECDSA)
wini	0:e0adec41ad6b	2082	inline U8 SharkSsl::addCertificate(SharkSslCert cert) {
wini	0:e0adec41ad6b	2083	return SharkSsl_addCertificate(this, cert);
wini	0:e0adec41ad6b	2084	}
wini	0:e0adec41ad6b	2085	#if SHARKSSL_ENABLE_CA_LIST
wini	0:e0adec41ad6b	2086	inline U8 SharkSsl::setCAList(SharkSslCAList caList) {
wini	0:e0adec41ad6b	2087	return SharkSsl_setCAList(this, caList);
wini	0:e0adec41ad6b	2088	}
wini	0:e0adec41ad6b	2089	#endif /* SHARKSSL_ENABLE_CA_LIST */
wini	0:e0adec41ad6b	2090	#endif /* SHARKSSL_ENABLE_RSA \|\| SHARKSSL_ENABLE_ECDSA */
wini	0:e0adec41ad6b	2091
wini	0:e0adec41ad6b	2092	#if SHARKSSL_ENABLE_PSK
wini	0:e0adec41ad6b	2093	inline U8 SharkSsl::setPSKTable(SharkSslPSKTable tablePSK) {
wini	0:e0adec41ad6b	2094	return SharkSsl_setPSKTable(this, tablePSK);
wini	0:e0adec41ad6b	2095	}
wini	0:e0adec41ad6b	2096	#endif /* SHARKSSL_ENABLE_PSK */
wini	0:e0adec41ad6b	2097
wini	0:e0adec41ad6b	2098	#endif /* __cplusplus */
wini	0:e0adec41ad6b	2099
wini	0:e0adec41ad6b	2100
wini	0:e0adec41ad6b	2101	#endif

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	06 Apr 2016
Imports:	66
Forks:	0
Commits:	2
Dependents:	2
Dependencies:	0
Followers:	5