RetroArch
Macros | Functions | Variables
ssl_tls.c File Reference
#include "mbedtls/config.h"
#include "mbedtls/platform.h"
#include "mbedtls/debug.h"
#include "mbedtls/ssl.h"
#include "mbedtls/ssl_internal.h"
#include <string.h>
#include "mbedtls/oid.h"
#include "arc4_alt.h"
Include dependency graph for ssl_tls.c:

Macros

#define SSL_SOME_MODES_USE_MAC
 
#define SSL_MAX_MAC_SIZE   48
 
#define SSL_MAX_HASH_LEN   12
 

Functions

static size_t ssl_ep_len (const mbedtls_ssl_context *ssl)
 
static void ssl_set_timer (mbedtls_ssl_context *ssl, uint32_t millisecs)
 
static int ssl_check_timer (mbedtls_ssl_context *ssl)
 
static int ssl_double_retransmit_timeout (mbedtls_ssl_context *ssl)
 
static void ssl_reset_retransmit_timeout (mbedtls_ssl_context *ssl)
 
static int ssl_session_copy (mbedtls_ssl_session *dst, const mbedtls_ssl_session *src)
 
static int tls1_prf (const unsigned char *secret, size_t slen, const char *label, const unsigned char *random, size_t rlen, unsigned char *dstbuf, size_t dlen)
 
static int tls_prf_generic (mbedtls_md_type_t md_type, const unsigned char *secret, size_t slen, const char *label, const unsigned char *random, size_t rlen, unsigned char *dstbuf, size_t dlen)
 
static int tls_prf_sha256 (const unsigned char *secret, size_t slen, const char *label, const unsigned char *random, size_t rlen, unsigned char *dstbuf, size_t dlen)
 
static int tls_prf_sha384 (const unsigned char *secret, size_t slen, const char *label, const unsigned char *random, size_t rlen, unsigned char *dstbuf, size_t dlen)
 
static void ssl_update_checksum_start (mbedtls_ssl_context *, const unsigned char *, size_t)
 
static void ssl_update_checksum_md5sha1 (mbedtls_ssl_context *, const unsigned char *, size_t)
 
static void ssl_calc_verify_tls (mbedtls_ssl_context *, unsigned char *)
 
static void ssl_calc_finished_tls (mbedtls_ssl_context *, unsigned char *, int)
 
static void ssl_update_checksum_sha256 (mbedtls_ssl_context *, const unsigned char *, size_t)
 
static void ssl_calc_verify_tls_sha256 (mbedtls_ssl_context *, unsigned char *)
 
static void ssl_calc_finished_tls_sha256 (mbedtls_ssl_context *, unsigned char *, int)
 
static void ssl_update_checksum_sha384 (mbedtls_ssl_context *, const unsigned char *, size_t)
 
static void ssl_calc_verify_tls_sha384 (mbedtls_ssl_context *, unsigned char *)
 
static void ssl_calc_finished_tls_sha384 (mbedtls_ssl_context *, unsigned char *, int)
 
int mbedtls_ssl_derive_keys (mbedtls_ssl_context *ssl)
 
void ssl_calc_verify_tls (mbedtls_ssl_context *ssl, unsigned char hash[36])
 
void ssl_calc_verify_tls_sha256 (mbedtls_ssl_context *ssl, unsigned char hash[32])
 
void ssl_calc_verify_tls_sha384 (mbedtls_ssl_context *ssl, unsigned char hash[48])
 
int mbedtls_ssl_psk_derive_premaster (mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex)
 
static int ssl_encrypt_buf (mbedtls_ssl_context *ssl)
 
static int ssl_decrypt_buf (mbedtls_ssl_context *ssl)
 
static int ssl_write_hello_request (mbedtls_ssl_context *ssl)
 
static int ssl_resend_hello_request (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_fetch_input (mbedtls_ssl_context *ssl, size_t nb_want)
 
int mbedtls_ssl_flush_output (mbedtls_ssl_context *ssl)
 
static int ssl_flight_append (mbedtls_ssl_context *ssl)
 
static void ssl_flight_free (mbedtls_ssl_flight_item *flight)
 
static void ssl_dtls_replay_reset (mbedtls_ssl_context *ssl)
 
static void ssl_swap_epochs (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_resend (mbedtls_ssl_context *ssl)
 
void mbedtls_ssl_recv_flight_completed (mbedtls_ssl_context *ssl)
 
void mbedtls_ssl_send_flight_completed (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_write_record (mbedtls_ssl_context *ssl)
 
static void ssl_bitmask_set (unsigned char *mask, size_t offset, size_t len)
 
static int ssl_bitmask_check (unsigned char *mask, size_t len)
 
static int ssl_reassemble_dtls_handshake (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_prepare_handshake_record (mbedtls_ssl_context *ssl)
 
void mbedtls_ssl_update_handshake_status (mbedtls_ssl_context *ssl)
 
static uint64_t ssl_load_six_bytes (unsigned char *buf)
 
int mbedtls_ssl_dtls_replay_check (mbedtls_ssl_context *ssl)
 
void mbedtls_ssl_dtls_replay_update (mbedtls_ssl_context *ssl)
 
static int ssl_session_reset_int (mbedtls_ssl_context *ssl, int partial)
 
static int ssl_check_dtls_clihlo_cookie (mbedtls_ssl_cookie_write_t *f_cookie_write, mbedtls_ssl_cookie_check_t *f_cookie_check, void *p_cookie, const unsigned char *cli_id, size_t cli_id_len, const unsigned char *in, size_t in_len, unsigned char *obuf, size_t buf_len, size_t *olen)
 
static int ssl_handle_possible_reconnect (mbedtls_ssl_context *ssl)
 
static int ssl_parse_record_header (mbedtls_ssl_context *ssl)
 
static int ssl_prepare_record_content (mbedtls_ssl_context *ssl)
 
static void ssl_handshake_wrapup_free_hs_transform (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_read_record (mbedtls_ssl_context *ssl)
 Update record layer. More...
 
int mbedtls_ssl_read_record_layer (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_handle_message_type (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_send_fatal_handshake_failure (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_send_alert_message (mbedtls_ssl_context *ssl, unsigned char level, unsigned char message)
 Send an alert message. More...
 
int mbedtls_ssl_write_certificate (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_parse_certificate (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_write_change_cipher_spec (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_parse_change_cipher_spec (mbedtls_ssl_context *ssl)
 
void mbedtls_ssl_optimize_checksum (mbedtls_ssl_context *ssl, const mbedtls_ssl_ciphersuite_t *ciphersuite_info)
 
void mbedtls_ssl_reset_checksum (mbedtls_ssl_context *ssl)
 
void mbedtls_ssl_handshake_wrapup (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_write_finished (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_parse_finished (mbedtls_ssl_context *ssl)
 
static void ssl_handshake_params_init (mbedtls_ssl_handshake_params *handshake)
 
static void ssl_transform_init (mbedtls_ssl_transform *transform)
 
void mbedtls_ssl_session_init (mbedtls_ssl_session *session)
 Initialize SSL session structure. More...
 
static int ssl_handshake_init (mbedtls_ssl_context *ssl)
 
static int ssl_cookie_write_dummy (void *ctx, unsigned char **p, unsigned char *end, const unsigned char *cli_id, size_t cli_id_len)
 
static int ssl_cookie_check_dummy (void *ctx, const unsigned char *cookie, size_t cookie_len, const unsigned char *cli_id, size_t cli_id_len)
 
void mbedtls_ssl_init (mbedtls_ssl_context *ssl)
 Initialize an SSL context Just makes the context ready for mbedtls_ssl_setup() or mbedtls_ssl_free() More...
 
int mbedtls_ssl_setup (mbedtls_ssl_context *ssl, const mbedtls_ssl_config *conf)
 Set up an SSL context for use. More...
 
int mbedtls_ssl_session_reset (mbedtls_ssl_context *ssl)
 Reset an already initialized SSL context for re-use while retaining application-set variables, function pointers and data. More...
 
void mbedtls_ssl_conf_endpoint (mbedtls_ssl_config *conf, int endpoint)
 Set the current endpoint type. More...
 
void mbedtls_ssl_conf_transport (mbedtls_ssl_config *conf, int transport)
 Set the transport type (TLS or DTLS). Default: TLS. More...
 
void mbedtls_ssl_conf_dtls_anti_replay (mbedtls_ssl_config *conf, char mode)
 Enable or disable anti-replay protection for DTLS. (DTLS only, no effect on TLS.) Default: enabled. More...
 
void mbedtls_ssl_conf_dtls_badmac_limit (mbedtls_ssl_config *conf, unsigned limit)
 Set a limit on the number of records with a bad MAC before terminating the connection. (DTLS only, no effect on TLS.) Default: 0 (disabled). More...
 
void mbedtls_ssl_conf_handshake_timeout (mbedtls_ssl_config *conf, uint32_t min, uint32_t max)
 Set retransmit timeout values for the DTLS handshake. (DTLS only, no effect on TLS.) More...
 
void mbedtls_ssl_conf_authmode (mbedtls_ssl_config *conf, int authmode)
 Set the certificate verification mode Default: NONE on server, REQUIRED on client. More...
 
void mbedtls_ssl_conf_verify (mbedtls_ssl_config *conf, int(*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy)
 Set the verification callback (Optional). More...
 
void mbedtls_ssl_conf_rng (mbedtls_ssl_config *conf, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Set the random number generator callback. More...
 
void mbedtls_ssl_conf_dbg (mbedtls_ssl_config *conf, void(*f_dbg)(void *, int, const char *, int, const char *), void *p_dbg)
 Set the debug callback. More...
 
void mbedtls_ssl_set_bio (mbedtls_ssl_context *ssl, void *p_bio, mbedtls_ssl_send_t *f_send, mbedtls_ssl_recv_t *f_recv, mbedtls_ssl_recv_timeout_t *f_recv_timeout)
 Set the underlying BIO callbacks for write, read and read-with-timeout. More...
 
void mbedtls_ssl_conf_read_timeout (mbedtls_ssl_config *conf, uint32_t timeout)
 Set the timeout period for mbedtls_ssl_read() (Default: no timeout.) More...
 
void mbedtls_ssl_set_timer_cb (mbedtls_ssl_context *ssl, void *p_timer, mbedtls_ssl_set_timer_t *f_set_timer, mbedtls_ssl_get_timer_t *f_get_timer)
 Set the timer callbacks (Mandatory for DTLS.) More...
 
void mbedtls_ssl_conf_session_cache (mbedtls_ssl_config *conf, void *p_cache, int(*f_get_cache)(void *, mbedtls_ssl_session *), int(*f_set_cache)(void *, const mbedtls_ssl_session *))
 Set the session cache callbacks (server-side only) If not set, no session resuming is done (except if session tickets are enabled too). More...
 
int mbedtls_ssl_set_session (mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session)
 Request resumption of session (client-side only) Session data is copied from presented session structure. More...
 
void mbedtls_ssl_conf_ciphersuites (mbedtls_ssl_config *conf, const int *ciphersuites)
 Set the list of allowed ciphersuites and the preference order. First in the list has the highest preference. (Overrides all version-specific lists) More...
 
void mbedtls_ssl_conf_ciphersuites_for_version (mbedtls_ssl_config *conf, const int *ciphersuites, int major, int minor)
 Set the list of allowed ciphersuites and the preference order for a specific version of the protocol. (Only useful on the server side) More...
 
void mbedtls_ssl_conf_cert_profile (mbedtls_ssl_config *conf, const mbedtls_x509_crt_profile *profile)
 Set the X.509 security profile used for verification. More...
 
static int ssl_append_key_cert (mbedtls_ssl_key_cert **head, mbedtls_x509_crt *cert, mbedtls_pk_context *key)
 
int mbedtls_ssl_conf_own_cert (mbedtls_ssl_config *conf, mbedtls_x509_crt *own_cert, mbedtls_pk_context *pk_key)
 Set own certificate chain and private key. More...
 
void mbedtls_ssl_conf_ca_chain (mbedtls_ssl_config *conf, mbedtls_x509_crt *ca_chain, mbedtls_x509_crl *ca_crl)
 Set the data required to verify peer certificate. More...
 
int mbedtls_ssl_set_hs_own_cert (mbedtls_ssl_context *ssl, mbedtls_x509_crt *own_cert, mbedtls_pk_context *pk_key)
 Set own certificate and key for the current handshake. More...
 
void mbedtls_ssl_set_hs_ca_chain (mbedtls_ssl_context *ssl, mbedtls_x509_crt *ca_chain, mbedtls_x509_crl *ca_crl)
 Set the data required to verify peer certificate for the current handshake. More...
 
void mbedtls_ssl_set_hs_authmode (mbedtls_ssl_context *ssl, int authmode)
 Set authmode for the current handshake. More...
 
int mbedtls_ssl_conf_psk (mbedtls_ssl_config *conf, const unsigned char *psk, size_t psk_len, const unsigned char *psk_identity, size_t psk_identity_len)
 Set the Pre Shared Key (PSK) and the expected identity name. More...
 
int mbedtls_ssl_set_hs_psk (mbedtls_ssl_context *ssl, const unsigned char *psk, size_t psk_len)
 Set the Pre Shared Key (PSK) for the current handshake. More...
 
void mbedtls_ssl_conf_psk_cb (mbedtls_ssl_config *conf, int(*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t), void *p_psk)
 Set the PSK callback (server-side only). More...
 
int mbedtls_ssl_conf_dh_param (mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G)
 Set the Diffie-Hellman public P and G values, read as hexadecimal strings (server-side only) (Default: MBEDTLS_DHM_RFC5114_MODP_2048_[PG]) More...
 
int mbedtls_ssl_conf_dh_param_ctx (mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx)
 Set the Diffie-Hellman public P and G values, read from existing context (server-side only) More...
 
void mbedtls_ssl_conf_dhm_min_bitlen (mbedtls_ssl_config *conf, unsigned int bitlen)
 Set the minimum length for Diffie-Hellman parameters. (Client-side only.) (Default: 1024 bits.) More...
 
void mbedtls_ssl_conf_sig_hashes (mbedtls_ssl_config *conf, const int *hashes)
 Set the allowed hashes for signatures during the handshake. (Default: all available hashes except MD5.) More...
 
void mbedtls_ssl_conf_curves (mbedtls_ssl_config *conf, const mbedtls_ecp_group_id *curve_list)
 Set the allowed curves in order of preference. (Default: all defined curves.) More...
 
int mbedtls_ssl_set_hostname (mbedtls_ssl_context *ssl, const char *hostname)
 Set the hostname to check against the received server certificate. It sets the ServerName TLS extension too, if the extension is enabled. (client-side only) More...
 
void mbedtls_ssl_conf_sni (mbedtls_ssl_config *conf, int(*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t), void *p_sni)
 Set server side ServerName TLS extension callback (optional, server-side only). More...
 
int mbedtls_ssl_conf_alpn_protocols (mbedtls_ssl_config *conf, const char **protos)
 Set the supported Application Layer Protocols. More...
 
const char * mbedtls_ssl_get_alpn_protocol (const mbedtls_ssl_context *ssl)
 Get the name of the negotiated Application Layer Protocol. This function should be called after the handshake is completed. More...
 
void mbedtls_ssl_conf_max_version (mbedtls_ssl_config *conf, int major, int minor)
 Set the maximum supported version sent from the client side and/or accepted at the server side (Default: MBEDTLS_SSL_MAX_MAJOR_VERSION, MBEDTLS_SSL_MAX_MINOR_VERSION) More...
 
void mbedtls_ssl_conf_min_version (mbedtls_ssl_config *conf, int major, int minor)
 Set the minimum accepted SSL/TLS protocol version (Default: TLS 1.0) More...
 
void mbedtls_ssl_conf_fallback (mbedtls_ssl_config *conf, char fallback)
 Set the fallback flag (client-side only). (Default: MBEDTLS_SSL_IS_NOT_FALLBACK). More...
 
void mbedtls_ssl_conf_cert_req_ca_list (mbedtls_ssl_config *conf, char cert_req_ca_list)
 Whether to send a list of acceptable CAs in CertificateRequest messages. (Default: do send) More...
 
void mbedtls_ssl_conf_encrypt_then_mac (mbedtls_ssl_config *conf, char etm)
 Enable or disable Encrypt-then-MAC (Default: MBEDTLS_SSL_ETM_ENABLED) More...
 
void mbedtls_ssl_conf_extended_master_secret (mbedtls_ssl_config *conf, char ems)
 Enable or disable Extended Master Secret negotiation. (Default: MBEDTLS_SSL_EXTENDED_MS_ENABLED) More...
 
void mbedtls_ssl_conf_arc4_support (mbedtls_ssl_config *conf, char arc4)
 Disable or enable support for RC4 (Default: MBEDTLS_SSL_ARC4_DISABLED) More...
 
int mbedtls_ssl_conf_max_frag_len (mbedtls_ssl_config *conf, unsigned char mfl_code)
 Set the maximum fragment length to emit and/or negotiate (Default: MBEDTLS_SSL_MAX_CONTENT_LEN, usually 2^14 bytes) (Server: set maximum fragment length to emit, usually negotiated by the client during handshake (Client: set maximum fragment length to emit and negotiate with the server during handshake) More...
 
void mbedtls_ssl_conf_truncated_hmac (mbedtls_ssl_config *conf, int truncate)
 Activate negotiation of truncated HMAC (Default: MBEDTLS_SSL_TRUNC_HMAC_DISABLED) More...
 
void mbedtls_ssl_conf_cbc_record_splitting (mbedtls_ssl_config *conf, char split)
 Enable / Disable 1/n-1 record splitting (Default: MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED) More...
 
void mbedtls_ssl_conf_legacy_renegotiation (mbedtls_ssl_config *conf, int allow_legacy)
 Prevent or allow legacy renegotiation. (Default: MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION) More...
 
void mbedtls_ssl_conf_renegotiation (mbedtls_ssl_config *conf, int renegotiation)
 Enable / Disable renegotiation support for connection when initiated by peer (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED) More...
 
void mbedtls_ssl_conf_renegotiation_enforced (mbedtls_ssl_config *conf, int max_records)
 Enforce renegotiation requests. (Default: enforced, max_records = 16) More...
 
void mbedtls_ssl_conf_renegotiation_period (mbedtls_ssl_config *conf, const unsigned char period[8])
 Set record counter threshold for periodic renegotiation. (Default: 2^48 - 1) More...
 
void mbedtls_ssl_conf_session_tickets (mbedtls_ssl_config *conf, int use_tickets)
 Enable / Disable session tickets (client only). (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED.) More...
 
void mbedtls_ssl_conf_session_tickets_cb (mbedtls_ssl_config *conf, mbedtls_ssl_ticket_write_t *f_ticket_write, mbedtls_ssl_ticket_parse_t *f_ticket_parse, void *p_ticket)
 Configure SSL session ticket callbacks (server only). (Default: none.) More...
 
void mbedtls_ssl_conf_export_keys_cb (mbedtls_ssl_config *conf, mbedtls_ssl_export_keys_t *f_export_keys, void *p_export_keys)
 Configure key export callback. (Default: none.) More...
 
size_t mbedtls_ssl_get_bytes_avail (const mbedtls_ssl_context *ssl)
 Return the number of data bytes available to read. More...
 
uint32_t mbedtls_ssl_get_verify_result (const mbedtls_ssl_context *ssl)
 Return the result of the certificate verification. More...
 
const char * mbedtls_ssl_get_ciphersuite (const mbedtls_ssl_context *ssl)
 Return the name of the current ciphersuite. More...
 
const char * mbedtls_ssl_get_version (const mbedtls_ssl_context *ssl)
 Return the current SSL version (SSLv3/TLSv1/etc) More...
 
int mbedtls_ssl_get_record_expansion (const mbedtls_ssl_context *ssl)
 Return the (maximum) number of bytes added by the record layer: header + encryption/MAC overhead (inc. padding) More...
 
size_t mbedtls_ssl_get_max_frag_len (const mbedtls_ssl_context *ssl)
 Return the maximum fragment length (payload, in bytes). This is the value negotiated with peer if any, or the locally configured value. More...
 
const mbedtls_x509_crtmbedtls_ssl_get_peer_cert (const mbedtls_ssl_context *ssl)
 Return the peer certificate from the current connection. More...
 
int mbedtls_ssl_get_session (const mbedtls_ssl_context *ssl, mbedtls_ssl_session *dst)
 Save session in order to resume it later (client-side only) Session data is copied to presented session structure. More...
 
int mbedtls_ssl_handshake_step (mbedtls_ssl_context *ssl)
 Perform a single step of the SSL handshake. More...
 
int mbedtls_ssl_handshake (mbedtls_ssl_context *ssl)
 Perform the SSL handshake. More...
 
static int ssl_start_renegotiation (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_renegotiate (mbedtls_ssl_context *ssl)
 Initiate an SSL renegotiation on the running connection. Client: perform the renegotiation right now. Server: request renegotiation, which will be performed during the next call to mbedtls_ssl_read() if honored by client. More...
 
static int ssl_check_ctr_renegotiate (mbedtls_ssl_context *ssl)
 
int mbedtls_ssl_read (mbedtls_ssl_context *ssl, unsigned char *buf, size_t len)
 Read at most 'len' application data bytes. More...
 
static int ssl_write_real (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 
static int ssl_write_split (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 
int mbedtls_ssl_write (mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
 Try to write exactly 'len' application data bytes. More...
 
int mbedtls_ssl_close_notify (mbedtls_ssl_context *ssl)
 Notify the peer that the connection is being closed. More...
 
void mbedtls_ssl_transform_free (mbedtls_ssl_transform *transform)
 Free referenced items in an SSL transform context and clear memory. More...
 
static void ssl_key_cert_free (mbedtls_ssl_key_cert *key_cert)
 
void mbedtls_ssl_handshake_free (mbedtls_ssl_handshake_params *handshake)
 Free referenced items in an SSL handshake context and clear memory. More...
 
void mbedtls_ssl_session_free (mbedtls_ssl_session *session)
 Free referenced items in an SSL session including the peer certificate and clear memory. More...
 
void mbedtls_ssl_free (mbedtls_ssl_context *ssl)
 Free referenced items in an SSL context and clear memory. More...
 
void mbedtls_ssl_config_init (mbedtls_ssl_config *conf)
 Initialize an SSL configuration context Just makes the context ready for mbedtls_ssl_config_defaults() or mbedtls_ssl_config_free(). More...
 
int mbedtls_ssl_config_defaults (mbedtls_ssl_config *conf, int endpoint, int transport, int preset)
 Load reasonnable default SSL configuration values. (You need to call mbedtls_ssl_config_init() first.) More...
 
void mbedtls_ssl_config_free (mbedtls_ssl_config *conf)
 Free an SSL configuration context. More...
 
unsigned char mbedtls_ssl_sig_from_pk (mbedtls_pk_context *pk)
 
unsigned char mbedtls_ssl_sig_from_pk_alg (mbedtls_pk_type_t type)
 
mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig (unsigned char sig)
 
mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find (mbedtls_ssl_sig_hash_set_t *set, mbedtls_pk_type_t sig_alg)
 
void mbedtls_ssl_sig_hash_set_add (mbedtls_ssl_sig_hash_set_t *set, mbedtls_pk_type_t sig_alg, mbedtls_md_type_t md_alg)
 
void mbedtls_ssl_sig_hash_set_const_hash (mbedtls_ssl_sig_hash_set_t *set, mbedtls_md_type_t md_alg)
 
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash (unsigned char hash)
 
unsigned char mbedtls_ssl_hash_from_md_alg (int md)
 
int mbedtls_ssl_check_curve (const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id)
 
int mbedtls_ssl_check_sig_hash (const mbedtls_ssl_context *ssl, mbedtls_md_type_t md)
 
int mbedtls_ssl_check_cert_usage (const mbedtls_x509_crt *cert, const mbedtls_ssl_ciphersuite_t *ciphersuite, int cert_endpoint, uint32_t *flags)
 
void mbedtls_ssl_write_version (int major, int minor, int transport, unsigned char ver[2])
 
void mbedtls_ssl_read_version (int *major, int *minor, int transport, const unsigned char ver[2])
 
int mbedtls_ssl_set_calc_verify_md (mbedtls_ssl_context *ssl, int md)
 

Variables

static unsigned int mfl_code_to_length [MBEDTLS_SSL_MAX_FRAG_LEN_INVALID]
 
static int ssl_preset_default_hashes []
 
static int ssl_preset_suiteb_ciphersuites []
 
static int ssl_preset_suiteb_hashes []
 
static mbedtls_ecp_group_id ssl_preset_suiteb_curves []
 

Macro Definition Documentation

◆ SSL_MAX_HASH_LEN

#define SSL_MAX_HASH_LEN   12

◆ SSL_MAX_MAC_SIZE

#define SSL_MAX_MAC_SIZE   48

◆ SSL_SOME_MODES_USE_MAC

#define SSL_SOME_MODES_USE_MAC

Function Documentation

◆ mbedtls_ssl_check_cert_usage()

int mbedtls_ssl_check_cert_usage ( const mbedtls_x509_crt cert,
const mbedtls_ssl_ciphersuite_t ciphersuite,
int  cert_endpoint,
uint32_t flags 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_check_curve()

int mbedtls_ssl_check_curve ( const mbedtls_ssl_context ssl,
mbedtls_ecp_group_id  grp_id 
)
Here is the caller graph for this function:

◆ mbedtls_ssl_check_sig_hash()

int mbedtls_ssl_check_sig_hash ( const mbedtls_ssl_context ssl,
mbedtls_md_type_t  md 
)
Here is the caller graph for this function:

◆ mbedtls_ssl_close_notify()

int mbedtls_ssl_close_notify ( mbedtls_ssl_context ssl)

Notify the peer that the connection is being closed.

Parameters
sslSSL context
Returns
0 if successful, or a specific SSL error code.
Note
If this function returns something other than 0 or MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context becomes unusable, and you should either free it or call mbedtls_ssl_session_reset() on it before re-using it for a new connection; the current connection must be closed.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_conf_alpn_protocols()

int mbedtls_ssl_conf_alpn_protocols ( mbedtls_ssl_config conf,
const char **  protos 
)

Set the supported Application Layer Protocols.

Parameters
confSSL configuration
protosPointer to a NULL-terminated list of supported protocols, in decreasing preference order. The pointer to the list is recorded by the library for later reference as required, so the lifetime of the table must be atleast as long as the lifetime of the SSL configuration structure.
Returns
0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
Here is the call graph for this function:

◆ mbedtls_ssl_conf_arc4_support()

void mbedtls_ssl_conf_arc4_support ( mbedtls_ssl_config conf,
char  arc4 
)

Disable or enable support for RC4 (Default: MBEDTLS_SSL_ARC4_DISABLED)

Warning
Use of RC4 in DTLS/TLS has been prohibited by RFC 7465 for security reasons. Use at your own risk.
Note
This function is deprecated and will likely be removed in a future version of the library. RC4 is disabled by default at compile time and needs to be actively enabled for use with legacy systems.
Parameters
confSSL configuration
arc4MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED

◆ mbedtls_ssl_conf_authmode()

void mbedtls_ssl_conf_authmode ( mbedtls_ssl_config conf,
int  authmode 
)

Set the certificate verification mode Default: NONE on server, REQUIRED on client.

Parameters
confSSL configuration
authmodecan be:

MBEDTLS_SSL_VERIFY_NONE: peer certificate is not checked (default on server) (insecure on client)

MBEDTLS_SSL_VERIFY_OPTIONAL: peer certificate is checked, however the handshake continues even if verification failed; mbedtls_ssl_get_verify_result() can be called after the handshake is complete.

MBEDTLS_SSL_VERIFY_REQUIRED: peer must present a valid certificate, handshake is aborted if verification failed. (default on client)

Note
On client, MBEDTLS_SSL_VERIFY_REQUIRED is the recommended mode. With MBEDTLS_SSL_VERIFY_OPTIONAL, the user needs to call mbedtls_ssl_get_verify_result() at the right time(s), which may not be obvious, while REQUIRED always perform the verification as soon as possible. For example, REQUIRED was protecting against the "triple handshake" attack even before it was found.
Here is the caller graph for this function:

◆ mbedtls_ssl_conf_ca_chain()

void mbedtls_ssl_conf_ca_chain ( mbedtls_ssl_config conf,
mbedtls_x509_crt ca_chain,
mbedtls_x509_crl ca_crl 
)

Set the data required to verify peer certificate.

Parameters
confSSL configuration
ca_chaintrusted CA chain (meaning all fully trusted top-level CAs)
ca_crltrusted CA CRLs
Here is the caller graph for this function:

◆ mbedtls_ssl_conf_cbc_record_splitting()

void mbedtls_ssl_conf_cbc_record_splitting ( mbedtls_ssl_config conf,
char  split 
)

Enable / Disable 1/n-1 record splitting (Default: MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED)

Note
Only affects SSLv3 and TLS 1.0, not higher versions. Does not affect non-CBC ciphersuites in any version.
Parameters
confSSL configuration
splitMBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED

◆ mbedtls_ssl_conf_cert_profile()

void mbedtls_ssl_conf_cert_profile ( mbedtls_ssl_config conf,
const mbedtls_x509_crt_profile profile 
)

Set the X.509 security profile used for verification.

Note
The restrictions are enforced for all certificates in the chain. However, signatures in the handshake are not covered by this setting but by mbedtls_ssl_conf_sig_hashes().
Parameters
confSSL configuration
profileProfile to use

◆ mbedtls_ssl_conf_cert_req_ca_list()

void mbedtls_ssl_conf_cert_req_ca_list ( mbedtls_ssl_config conf,
char  cert_req_ca_list 
)

Whether to send a list of acceptable CAs in CertificateRequest messages. (Default: do send)

Parameters
confSSL configuration
cert_req_ca_listMBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED or MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED

◆ mbedtls_ssl_conf_ciphersuites()

void mbedtls_ssl_conf_ciphersuites ( mbedtls_ssl_config conf,
const int *  ciphersuites 
)

Set the list of allowed ciphersuites and the preference order. First in the list has the highest preference. (Overrides all version-specific lists)

The ciphersuites array is not copied, and must remain valid for the lifetime of the ssl_config.

Note: The server uses its own preferences over the preference of the client unless MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined!

Parameters
confSSL configuration
ciphersuites0-terminated list of allowed ciphersuites

◆ mbedtls_ssl_conf_ciphersuites_for_version()

void mbedtls_ssl_conf_ciphersuites_for_version ( mbedtls_ssl_config conf,
const int *  ciphersuites,
int  major,
int  minor 
)

Set the list of allowed ciphersuites and the preference order for a specific version of the protocol. (Only useful on the server side)

The ciphersuites array is not copied, and must remain valid for the lifetime of the ssl_config.

Parameters
confSSL configuration
ciphersuites0-terminated list of allowed ciphersuites
majorMajor version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported)
minorMinor version number (MBEDTLS_SSL_MINOR_VERSION_0, MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, MBEDTLS_SSL_MINOR_VERSION_3 supported)
Note
With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2

◆ mbedtls_ssl_conf_curves()

void mbedtls_ssl_conf_curves ( mbedtls_ssl_config conf,
const mbedtls_ecp_group_id curves 
)

Set the allowed curves in order of preference. (Default: all defined curves.)

On server: this only affects selection of the ECDHE curve; the curves used for ECDH and ECDSA are determined by the list of available certificates instead.

On client: this affects the list of curves offered for any use. The server can override our preference order.

Both sides: limits the set of curves accepted for use in ECDHE and in the peer's end-entity certificate.

Note
This has no influence on which curves are allowed inside the certificate chains, see mbedtls_ssl_conf_cert_profile() for that. For the end-entity certificate however, the key will be accepted only if it is allowed both by this list and by the cert profile.
This list should be ordered by decreasing preference (preferred curve first).
Parameters
confSSL configuration
curvesOrdered list of allowed curves, terminated by MBEDTLS_ECP_DP_NONE.

◆ mbedtls_ssl_conf_dbg()

void mbedtls_ssl_conf_dbg ( mbedtls_ssl_config conf,
void(*)(void *, int, const char *, int, const char *)  f_dbg,
void p_dbg 
)

Set the debug callback.

            The callback has the following argument:
            void *           opaque context for the callback
            int              debug level
            const char *     file name
            int              line number
            const char *     message
Parameters
confSSL configuration
f_dbgdebug function
p_dbgdebug parameter
Here is the caller graph for this function:

◆ mbedtls_ssl_conf_dh_param()

int mbedtls_ssl_conf_dh_param ( mbedtls_ssl_config conf,
const char *  dhm_P,
const char *  dhm_G 
)

Set the Diffie-Hellman public P and G values, read as hexadecimal strings (server-side only) (Default: MBEDTLS_DHM_RFC5114_MODP_2048_[PG])

Parameters
confSSL configuration
dhm_PDiffie-Hellman-Merkle modulus
dhm_GDiffie-Hellman-Merkle generator
Returns
0 if successful
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_conf_dh_param_ctx()

int mbedtls_ssl_conf_dh_param_ctx ( mbedtls_ssl_config conf,
mbedtls_dhm_context dhm_ctx 
)

Set the Diffie-Hellman public P and G values, read from existing context (server-side only)

Parameters
confSSL configuration
dhm_ctxDiffie-Hellman-Merkle context
Returns
0 if successful
Here is the call graph for this function:

◆ mbedtls_ssl_conf_dhm_min_bitlen()

void mbedtls_ssl_conf_dhm_min_bitlen ( mbedtls_ssl_config conf,
unsigned int  bitlen 
)

Set the minimum length for Diffie-Hellman parameters. (Client-side only.) (Default: 1024 bits.)

Parameters
confSSL configuration
bitlenMinimum bit length of the DHM prime

◆ mbedtls_ssl_conf_dtls_anti_replay()

void mbedtls_ssl_conf_dtls_anti_replay ( mbedtls_ssl_config conf,
char  mode 
)

Enable or disable anti-replay protection for DTLS. (DTLS only, no effect on TLS.) Default: enabled.

Parameters
confSSL configuration
modeMBEDTLS_SSL_ANTI_REPLAY_ENABLED or MBEDTLS_SSL_ANTI_REPLAY_DISABLED.
Warning
Disabling this is a security risk unless the application protocol handles duplicated packets in a safe way. You should not disable this without careful consideration. However, if your application already detects duplicated packets and needs information about them to adjust its transmission strategy, then you'll want to disable this.

◆ mbedtls_ssl_conf_dtls_badmac_limit()

void mbedtls_ssl_conf_dtls_badmac_limit ( mbedtls_ssl_config conf,
unsigned  limit 
)

Set a limit on the number of records with a bad MAC before terminating the connection. (DTLS only, no effect on TLS.) Default: 0 (disabled).

Parameters
confSSL configuration
limitLimit, or 0 to disable.
Note
If the limit is N, then the connection is terminated when the Nth non-authentic record is seen.
Records with an invalid header are not counted, only the ones going through the authentication-decryption phase.
This is a security trade-off related to the fact that it's often relatively easy for an active attacker ot inject UDP datagrams. On one hand, setting a low limit here makes it easier for such an attacker to forcibly terminated a connection. On the other hand, a high limit or no limit might make us waste resources checking authentication on many bogus packets.

◆ mbedtls_ssl_conf_encrypt_then_mac()

void mbedtls_ssl_conf_encrypt_then_mac ( mbedtls_ssl_config conf,
char  etm 
)

Enable or disable Encrypt-then-MAC (Default: MBEDTLS_SSL_ETM_ENABLED)

Note
This should always be enabled, it is a security improvement, and should not cause any interoperability issue (used only if the peer supports it too).
Parameters
confSSL configuration
etmMBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED

◆ mbedtls_ssl_conf_endpoint()

void mbedtls_ssl_conf_endpoint ( mbedtls_ssl_config conf,
int  endpoint 
)

Set the current endpoint type.

Parameters
confSSL configuration
endpointmust be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
Here is the caller graph for this function:

◆ mbedtls_ssl_conf_export_keys_cb()

void mbedtls_ssl_conf_export_keys_cb ( mbedtls_ssl_config conf,
mbedtls_ssl_export_keys_t f_export_keys,
void p_export_keys 
)

Configure key export callback. (Default: none.)

Note
See mbedtls_ssl_export_keys_t.
Parameters
confSSL configuration context
f_export_keysCallback for exporting keys
p_export_keysContext for the callback

◆ mbedtls_ssl_conf_extended_master_secret()

void mbedtls_ssl_conf_extended_master_secret ( mbedtls_ssl_config conf,
char  ems 
)

Enable or disable Extended Master Secret negotiation. (Default: MBEDTLS_SSL_EXTENDED_MS_ENABLED)

Note
This should always be enabled, it is a security fix to the protocol, and should not cause any interoperability issue (used only if the peer supports it too).
Parameters
confSSL configuration
emsMBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED

◆ mbedtls_ssl_conf_fallback()

void mbedtls_ssl_conf_fallback ( mbedtls_ssl_config conf,
char  fallback 
)

Set the fallback flag (client-side only). (Default: MBEDTLS_SSL_IS_NOT_FALLBACK).

Note
Set to MBEDTLS_SSL_IS_FALLBACK when preparing a fallback connection, that is a connection with max_version set to a lower value than the value you're willing to use. Such fallback connections are not recommended but are sometimes necessary to interoperate with buggy (version-intolerant) servers.
Warning
You should NOT set this to MBEDTLS_SSL_IS_FALLBACK for non-fallback connections! This would appear to work for a while, then cause failures when the server is upgraded to support a newer TLS version.
Parameters
confSSL configuration
fallbackMBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK

◆ mbedtls_ssl_conf_handshake_timeout()

void mbedtls_ssl_conf_handshake_timeout ( mbedtls_ssl_config conf,
uint32_t  min,
uint32_t  max 
)

Set retransmit timeout values for the DTLS handshake. (DTLS only, no effect on TLS.)

Parameters
confSSL configuration
minInitial timeout value in milliseconds. Default: 1000 (1 second).
maxMaximum timeout value in milliseconds. Default: 60000 (60 seconds).
Note
Default values are from RFC 6347 section 4.2.4.1.
The 'min' value should typically be slightly above the expected round-trip time to your peer, plus whatever time it takes for the peer to process the message. For example, if your RTT is about 600ms and you peer needs up to 1s to do the cryptographic operations in the handshake, then you should set 'min' slightly above 1600. Lower values of 'min' might cause spurious resends which waste network resources, while larger value of 'min' will increase overall latency on unreliable network links.
The more unreliable your network connection is, the larger your max / min ratio needs to be in order to achieve reliable handshakes.
Messages are retransmitted up to log2(ceil(max/min)) times. For example, if min = 1s and max = 5s, the retransmit plan goes: send ... 1s -> resend ... 2s -> resend ... 4s -> resend ... 5s -> give up and return a timeout error.

◆ mbedtls_ssl_conf_legacy_renegotiation()

void mbedtls_ssl_conf_legacy_renegotiation ( mbedtls_ssl_config conf,
int  allow_legacy 
)

Prevent or allow legacy renegotiation. (Default: MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION)

MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION allows connections to be established even if the peer does not support secure renegotiation, but does not allow renegotiation to take place if not secure. (Interoperable and secure option)

MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION allows renegotiations with non-upgraded peers. Allowing legacy renegotiation makes the connection vulnerable to specific man in the middle attacks. (See RFC 5746) (Most interoperable and least secure option)

MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE breaks off connections if peer does not support secure renegotiation. Results in interoperability issues with non-upgraded peers that do not support renegotiation altogether. (Most secure option, interoperability issues)

Parameters
confSSL configuration
allow_legacyPrevent or allow (SSL_NO_LEGACY_RENEGOTIATION, SSL_ALLOW_LEGACY_RENEGOTIATION or MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE)

◆ mbedtls_ssl_conf_max_frag_len()

int mbedtls_ssl_conf_max_frag_len ( mbedtls_ssl_config conf,
unsigned char  mfl_code 
)

Set the maximum fragment length to emit and/or negotiate (Default: MBEDTLS_SSL_MAX_CONTENT_LEN, usually 2^14 bytes) (Server: set maximum fragment length to emit, usually negotiated by the client during handshake (Client: set maximum fragment length to emit and negotiate with the server during handshake)

Parameters
confSSL configuration
mfl_codeCode for maximum fragment length (allowed values: MBEDTLS_SSL_MAX_FRAG_LEN_512, MBEDTLS_SSL_MAX_FRAG_LEN_1024, MBEDTLS_SSL_MAX_FRAG_LEN_2048, MBEDTLS_SSL_MAX_FRAG_LEN_4096)
Returns
0 if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA

◆ mbedtls_ssl_conf_max_version()

void mbedtls_ssl_conf_max_version ( mbedtls_ssl_config conf,
int  major,
int  minor 
)

Set the maximum supported version sent from the client side and/or accepted at the server side (Default: MBEDTLS_SSL_MAX_MAJOR_VERSION, MBEDTLS_SSL_MAX_MINOR_VERSION)

Note
This ignores ciphersuites from higher versions.
With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
Parameters
confSSL configuration
majorMajor version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported)
minorMinor version number (MBEDTLS_SSL_MINOR_VERSION_0, MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, MBEDTLS_SSL_MINOR_VERSION_3 supported)

◆ mbedtls_ssl_conf_min_version()

void mbedtls_ssl_conf_min_version ( mbedtls_ssl_config conf,
int  major,
int  minor 
)

Set the minimum accepted SSL/TLS protocol version (Default: TLS 1.0)

Note
Input outside of the SSL_MAX_XXXXX_VERSION and SSL_MIN_XXXXX_VERSION range is ignored.
MBEDTLS_SSL_MINOR_VERSION_0 (SSL v3) should be avoided.
With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
Parameters
confSSL configuration
majorMajor version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported)
minorMinor version number (MBEDTLS_SSL_MINOR_VERSION_0, MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, MBEDTLS_SSL_MINOR_VERSION_3 supported)

◆ mbedtls_ssl_conf_own_cert()

int mbedtls_ssl_conf_own_cert ( mbedtls_ssl_config conf,
mbedtls_x509_crt own_cert,
mbedtls_pk_context pk_key 
)

Set own certificate chain and private key.

Note
own_cert should contain in order from the bottom up your certificate chain. The top certificate (self-signed) can be omitted.
On server, this function can be called multiple times to provision more than one cert/key pair (eg one ECDSA, one RSA with SHA-256, one RSA with SHA-1). An adequate certificate will be selected according to the client's advertised capabilities. In case mutliple certificates are adequate, preference is given to the one set by the first call to this function, then second, etc.
On client, only the first call has any effect. That is, only one client certificate can be provisioned. The server's preferences in its CertficateRequest message will be ignored and our only cert will be sent regardless of whether it matches those preferences - the server can then decide what it wants to do with it.
Parameters
confSSL configuration
own_certown public certificate chain
pk_keyown private key
Returns
0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED
Here is the call graph for this function:

◆ mbedtls_ssl_conf_psk()

int mbedtls_ssl_conf_psk ( mbedtls_ssl_config conf,
const unsigned char *  psk,
size_t  psk_len,
const unsigned char *  psk_identity,
size_t  psk_identity_len 
)

Set the Pre Shared Key (PSK) and the expected identity name.

Note
This is mainly useful for clients. Servers will usually want to use mbedtls_ssl_conf_psk_cb() instead.
Currently clients can only register one pre-shared key. In other words, the servers' identity hint is ignored. Support for setting multiple PSKs on clients and selecting one based on the identity hint is not a planned feature but feedback is welcomed.
Parameters
confSSL configuration
pskpointer to the pre-shared key
psk_lenpre-shared key length
psk_identitypointer to the pre-shared key identity
psk_identity_lenidentity key length
Returns
0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED
Here is the call graph for this function:

◆ mbedtls_ssl_conf_psk_cb()

void mbedtls_ssl_conf_psk_cb ( mbedtls_ssl_config conf,
int(*)(void *, mbedtls_ssl_context *, const unsigned char *, size_t)  f_psk,
void p_psk 
)

Set the PSK callback (server-side only).

            If set, the PSK callback is called for each
            handshake where a PSK ciphersuite was negotiated.
            The caller provides the identity received and wants to
            receive the actual PSK data and length.

            The callback has the following parameters: (void *parameter,
            mbedtls_ssl_context *ssl, const unsigned char *psk_identity,
            size_t identity_len)
            If a valid PSK identity is found, the callback should use
            \c mbedtls_ssl_set_hs_psk() on the ssl context to set the
            correct PSK and return 0.
            Any other return value will result in a denied PSK identity.
Note
If you set a PSK callback using this function, then you don't need to set a PSK key and identity using mbedtls_ssl_conf_psk().
Parameters
confSSL configuration
f_pskPSK identity function
p_pskPSK identity parameter

◆ mbedtls_ssl_conf_read_timeout()

void mbedtls_ssl_conf_read_timeout ( mbedtls_ssl_config conf,
uint32_t  timeout 
)

Set the timeout period for mbedtls_ssl_read() (Default: no timeout.)

Parameters
confSSL configuration context
timeoutTimeout value in milliseconds. Use 0 for no timeout (default).
Note
With blocking I/O, this will only work if a non-NULL f_recv_timeout was set with mbedtls_ssl_set_bio(). With non-blocking I/O, this will only work if timer callbacks were set with mbedtls_ssl_set_timer_cb().
With non-blocking I/O, you may also skip this function altogether and handle timeouts at the application layer.

◆ mbedtls_ssl_conf_renegotiation()

void mbedtls_ssl_conf_renegotiation ( mbedtls_ssl_config conf,
int  renegotiation 
)

Enable / Disable renegotiation support for connection when initiated by peer (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED)

Warning
It is recommended to always disable renegotation unless you know you need it and you know what you're doing. In the past, there have been several issues associated with renegotiation or a poor understanding of its properties.
Note
Server-side, enabling renegotiation also makes the server susceptible to a resource DoS by a malicious client.
Parameters
confSSL configuration
renegotiationEnable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or MBEDTLS_SSL_RENEGOTIATION_DISABLED)

◆ mbedtls_ssl_conf_renegotiation_enforced()

void mbedtls_ssl_conf_renegotiation_enforced ( mbedtls_ssl_config conf,
int  max_records 
)

Enforce renegotiation requests. (Default: enforced, max_records = 16)

When we request a renegotiation, the peer can comply or ignore the request. This function allows us to decide whether to enforce our renegotiation requests by closing the connection if the peer doesn't comply.

However, records could already be in transit from the peer when the request is emitted. In order to increase reliability, we can accept a number of records before the expected handshake records.

The optimal value is highly dependent on the specific usage scenario.

Note
With DTLS and server-initiated renegotiation, the HelloRequest is retransmited every time mbedtls_ssl_read() times out or receives Application Data, until:
  • max_records records have beens seen, if it is >= 0, or
  • the number of retransmits that would happen during an actual handshake has been reached. Please remember the request might be lost a few times if you consider setting max_records to a really low value.
Warning
On client, the grace period can only happen during mbedtls_ssl_read(), as opposed to mbedtls_ssl_write() and mbedtls_ssl_renegotiate() which always behave as if max_record was 0. The reason is, if we receive application data from the server, we need a place to write it, which only happens during mbedtls_ssl_read().
Parameters
confSSL configuration
max_recordsUse MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED if you don't want to enforce renegotiation, or a non-negative value to enforce it but allow for a grace period of max_records records.

◆ mbedtls_ssl_conf_renegotiation_period()

void mbedtls_ssl_conf_renegotiation_period ( mbedtls_ssl_config conf,
const unsigned char  period[8] 
)

Set record counter threshold for periodic renegotiation. (Default: 2^48 - 1)

Renegotiation is automatically triggered when a record counter (outgoing or ingoing) crosses the defined threshold. The default value is meant to prevent the connection from being closed when the counter is about to reached its maximal value (it is not allowed to wrap).

Lower values can be used to enforce policies such as "keys must be refreshed every N packets with cipher X".

The renegotiation period can be disabled by setting conf->disable_renegotiation to MBEDTLS_SSL_RENEGOTIATION_DISABLED.

Note
When the configured transport is MBEDTLS_SSL_TRANSPORT_DATAGRAM the maximum renegotiation period is 2^48 - 1, and for MBEDTLS_SSL_TRANSPORT_STREAM, the maximum renegotiation period is 2^64 - 1.
Parameters
confSSL configuration
periodThe threshold value: a big-endian 64-bit number.
Here is the call graph for this function:

◆ mbedtls_ssl_conf_rng()

void mbedtls_ssl_conf_rng ( mbedtls_ssl_config conf,
int(*)(void *, unsigned char *, size_t)  f_rng,
void p_rng 
)

Set the random number generator callback.

Parameters
confSSL configuration
f_rngRNG function
p_rngRNG parameter
Here is the caller graph for this function:

◆ mbedtls_ssl_conf_session_cache()

void mbedtls_ssl_conf_session_cache ( mbedtls_ssl_config conf,
void p_cache,
int(*)(void *, mbedtls_ssl_session *)  f_get_cache,
int(*)(void *, const mbedtls_ssl_session *)  f_set_cache 
)

Set the session cache callbacks (server-side only) If not set, no session resuming is done (except if session tickets are enabled too).

The session cache has the responsibility to check for stale entries based on timeout. See RFC 5246 for recommendations.

Warning: session.peer_cert is cleared by the SSL/TLS layer on connection shutdown, so do not cache the pointer! Either set it to NULL or make a full copy of the certificate.

The get callback is called once during the initial handshake to enable session resuming. The get function has the following parameters: (void *parameter, mbedtls_ssl_session *session) If a valid entry is found, it should fill the master of the session object with the cached values and return 0, return 1 otherwise. Optionally peer_cert can be set as well if it is properly present in cache entry.

The set callback is called once during the initial handshake to enable session resuming after the entire handshake has been finished. The set function has the following parameters: (void *parameter, const mbedtls_ssl_session *session). The function should create a cache entry for future retrieval based on the data in the session structure and should keep in mind that the mbedtls_ssl_session object presented (and all its referenced data) is cleared by the SSL/TLS layer when the connection is terminated. It is recommended to add metadata to determine if an entry is still valid in the future. Return 0 if successfully cached, return 1 otherwise.

Parameters
confSSL configuration
p_cacheparmater (context) for both callbacks
f_get_cachesession get callback
f_set_cachesession set callback

◆ mbedtls_ssl_conf_session_tickets()

void mbedtls_ssl_conf_session_tickets ( mbedtls_ssl_config conf,
int  use_tickets 
)

Enable / Disable session tickets (client only). (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED.)

Note
On server, use mbedtls_ssl_conf_session_tickets_cb().
Parameters
confSSL configuration
use_ticketsEnable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or MBEDTLS_SSL_SESSION_TICKETS_DISABLED)

◆ mbedtls_ssl_conf_session_tickets_cb()

void mbedtls_ssl_conf_session_tickets_cb ( mbedtls_ssl_config conf,
mbedtls_ssl_ticket_write_t f_ticket_write,
mbedtls_ssl_ticket_parse_t f_ticket_parse,
void p_ticket 
)

Configure SSL session ticket callbacks (server only). (Default: none.)

Note
On server, session tickets are enabled by providing non-NULL callbacks.
On client, use mbedtls_ssl_conf_session_tickets().
Parameters
confSSL configuration context
f_ticket_writeCallback for writing a ticket
f_ticket_parseCallback for parsing a ticket
p_ticketContext shared by the two callbacks

◆ mbedtls_ssl_conf_sig_hashes()

void mbedtls_ssl_conf_sig_hashes ( mbedtls_ssl_config conf,
const int *  hashes 
)

Set the allowed hashes for signatures during the handshake. (Default: all available hashes except MD5.)

Note
This only affects which hashes are offered and can be used for signatures during the handshake. Hashes for message authentication and the TLS PRF are controlled by the ciphersuite, see mbedtls_ssl_conf_ciphersuites(). Hashes used for certificate signature are controlled by the verification profile, see mbedtls_ssl_conf_cert_profile().
This list should be ordered by decreasing preference (preferred hash first).
Parameters
confSSL configuration
hashesOrdered list of allowed signature hashes, terminated by MBEDTLS_MD_NONE.

◆ mbedtls_ssl_conf_sni()

void mbedtls_ssl_conf_sni ( mbedtls_ssl_config conf,
int(*)(void *, mbedtls_ssl_context *, const unsigned char *, size_t)  f_sni,
void p_sni 
)

Set server side ServerName TLS extension callback (optional, server-side only).

If set, the ServerName callback is called whenever the server receives a ServerName TLS extension from the client during a handshake. The ServerName callback has the following parameters: (void *parameter, mbedtls_ssl_context *ssl, const unsigned char *hostname, size_t len). If a suitable certificate is found, the callback must set the certificate(s) and key(s) to use with mbedtls_ssl_set_hs_own_cert() (can be called repeatedly), and may optionally adjust the CA and associated CRL with mbedtls_ssl_set_hs_ca_chain() as well as the client authentication mode with mbedtls_ssl_set_hs_authmode(), then must return 0. If no matching name is found, the callback must either set a default cert, or return non-zero to abort the handshake at this point.

Parameters
confSSL configuration
f_sniverification function
p_sniverification parameter

◆ mbedtls_ssl_conf_transport()

void mbedtls_ssl_conf_transport ( mbedtls_ssl_config conf,
int  transport 
)

Set the transport type (TLS or DTLS). Default: TLS.

Note
For DTLS, you must either provide a recv callback that doesn't block, or one that handles timeouts, see mbedtls_ssl_set_bio(). You also need to provide timer callbacks with mbedtls_ssl_set_timer_cb().
Parameters
confSSL configuration
transporttransport type: MBEDTLS_SSL_TRANSPORT_STREAM for TLS, MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS.
Here is the caller graph for this function:

◆ mbedtls_ssl_conf_truncated_hmac()

void mbedtls_ssl_conf_truncated_hmac ( mbedtls_ssl_config conf,
int  truncate 
)

Activate negotiation of truncated HMAC (Default: MBEDTLS_SSL_TRUNC_HMAC_DISABLED)

Parameters
confSSL configuration
truncateEnable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or MBEDTLS_SSL_TRUNC_HMAC_DISABLED)

◆ mbedtls_ssl_conf_verify()

void mbedtls_ssl_conf_verify ( mbedtls_ssl_config conf,
int(*)(void *, mbedtls_x509_crt *, int, uint32_t *)  f_vrfy,
void p_vrfy 
)

Set the verification callback (Optional).

            If set, the verify callback is called for each
            certificate in the chain. For implementation
            information, please see \c x509parse_verify()
Parameters
confSSL configuration
f_vrfyverification function
p_vrfyverification parameter

◆ mbedtls_ssl_config_defaults()

int mbedtls_ssl_config_defaults ( mbedtls_ssl_config conf,
int  endpoint,
int  transport,
int  preset 
)

Load reasonnable default SSL configuration values. (You need to call mbedtls_ssl_config_init() first.)

Parameters
confSSL configuration context
endpointMBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
transportMBEDTLS_SSL_TRANSPORT_STREAM for TLS, or MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS
preseta MBEDTLS_SSL_PRESET_XXX value
Note
See mbedtls_ssl_conf_transport() for notes on DTLS.
Returns
0 if successful, or MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_config_free()

void mbedtls_ssl_config_free ( mbedtls_ssl_config conf)

Free an SSL configuration context.

Parameters
confSSL configuration context
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_config_init()

void mbedtls_ssl_config_init ( mbedtls_ssl_config conf)

Initialize an SSL configuration context Just makes the context ready for mbedtls_ssl_config_defaults() or mbedtls_ssl_config_free().

Note
You need to call mbedtls_ssl_config_defaults() unless you manually set all of the relevent fields yourself.
Parameters
confSSL configuration context
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_derive_keys()

int mbedtls_ssl_derive_keys ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_dtls_replay_check()

int mbedtls_ssl_dtls_replay_check ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_dtls_replay_update()

void mbedtls_ssl_dtls_replay_update ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_fetch_input()

int mbedtls_ssl_fetch_input ( mbedtls_ssl_context ssl,
size_t  nb_want 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_flush_output()

int mbedtls_ssl_flush_output ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_free()

void mbedtls_ssl_free ( mbedtls_ssl_context ssl)

Free referenced items in an SSL context and clear memory.

Parameters
sslSSL context
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_get_alpn_protocol()

const char* mbedtls_ssl_get_alpn_protocol ( const mbedtls_ssl_context ssl)

Get the name of the negotiated Application Layer Protocol. This function should be called after the handshake is completed.

Parameters
sslSSL context
Returns
Protcol name, or NULL if no protocol was negotiated.

◆ mbedtls_ssl_get_bytes_avail()

size_t mbedtls_ssl_get_bytes_avail ( const mbedtls_ssl_context ssl)

Return the number of data bytes available to read.

Parameters
sslSSL context
Returns
how many bytes are available in the read buffer

◆ mbedtls_ssl_get_ciphersuite()

const char* mbedtls_ssl_get_ciphersuite ( const mbedtls_ssl_context ssl)

Return the name of the current ciphersuite.

Parameters
sslSSL context
Returns
a string containing the ciphersuite name
Here is the call graph for this function:

◆ mbedtls_ssl_get_max_frag_len()

size_t mbedtls_ssl_get_max_frag_len ( const mbedtls_ssl_context ssl)

Return the maximum fragment length (payload, in bytes). This is the value negotiated with peer if any, or the locally configured value.

Note
With DTLS, mbedtls_ssl_write() will return an error if called with a larger length value. With TLS, mbedtls_ssl_write() will fragment the input if necessary and return the number of bytes written; it is up to the caller to call mbedtls_ssl_write() again in order to send the remaining bytes if any.
Parameters
sslSSL context
Returns
Current maximum fragment length.
Here is the caller graph for this function:

◆ mbedtls_ssl_get_peer_cert()

const mbedtls_x509_crt* mbedtls_ssl_get_peer_cert ( const mbedtls_ssl_context ssl)

Return the peer certificate from the current connection.

            Note: Can be NULL in case no certificate was sent during
            the handshake. Different calls for the same connection can
            return the same or different pointers for the same
            certificate and even a different certificate altogether.
            The peer cert CAN change in a single connection if
            renegotiation is performed.
Parameters
sslSSL context
Returns
the current peer certificate

◆ mbedtls_ssl_get_record_expansion()

int mbedtls_ssl_get_record_expansion ( const mbedtls_ssl_context ssl)

Return the (maximum) number of bytes added by the record layer: header + encryption/MAC overhead (inc. padding)

Parameters
sslSSL context
Returns
Current maximum record expansion in bytes, or MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if compression is enabled, which makes expansion much less predictable
Here is the call graph for this function:

◆ mbedtls_ssl_get_session()

int mbedtls_ssl_get_session ( const mbedtls_ssl_context ssl,
mbedtls_ssl_session session 
)

Save session in order to resume it later (client-side only) Session data is copied to presented session structure.

Warning
Currently, peer certificate is lost in the operation.
Parameters
sslSSL context
sessionsession context
Returns
0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or arguments are otherwise invalid
See also
mbedtls_ssl_set_session()
Here is the call graph for this function:

◆ mbedtls_ssl_get_verify_result()

uint32_t mbedtls_ssl_get_verify_result ( const mbedtls_ssl_context ssl)

Return the result of the certificate verification.

Parameters
sslSSL context
Returns
0 if successful, -1 if result is not available (eg because the handshake was aborted too early), or a combination of BADCERT_xxx and BADCRL_xxx flags, see x509.h
Here is the caller graph for this function:

◆ mbedtls_ssl_get_version()

const char* mbedtls_ssl_get_version ( const mbedtls_ssl_context ssl)

Return the current SSL version (SSLv3/TLSv1/etc)

Parameters
sslSSL context
Returns
a string containing the SSL version

◆ mbedtls_ssl_handle_message_type()

int mbedtls_ssl_handle_message_type ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_handshake()

int mbedtls_ssl_handshake ( mbedtls_ssl_context ssl)

Perform the SSL handshake.

Parameters
sslSSL context
Returns
0 if successful, or MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED (see below), or a specific SSL error code.
Note
If this function returns something other than 0 or MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context becomes unusable, and you should either free it or call mbedtls_ssl_session_reset() on it before re-using it for a new connection; the current connection must be closed.
If DTLS is in use, then you may choose to handle MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED specially for logging purposes, as it is an expected return value rather than an actual error, but you still need to reset/free the context.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_handshake_free()

void mbedtls_ssl_handshake_free ( mbedtls_ssl_handshake_params handshake)

Free referenced items in an SSL handshake context and clear memory.

Parameters
handshakeSSL handshake context
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_handshake_step()

int mbedtls_ssl_handshake_step ( mbedtls_ssl_context ssl)

Perform a single step of the SSL handshake.

Note
The state of the context (ssl->state) will be at the next state after execution of this function. Do not call this function if state is MBEDTLS_SSL_HANDSHAKE_OVER.
If this function returns something other than 0 or MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context becomes unusable, and you should either free it or call mbedtls_ssl_session_reset() on it before re-using it for a new connection; the current connection must be closed.
Parameters
sslSSL context
Returns
0 if successful, or MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or a specific SSL error code.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_handshake_wrapup()

void mbedtls_ssl_handshake_wrapup ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_hash_from_md_alg()

unsigned char mbedtls_ssl_hash_from_md_alg ( int  md)
Here is the caller graph for this function:

◆ mbedtls_ssl_init()

void mbedtls_ssl_init ( mbedtls_ssl_context ssl)

Initialize an SSL context Just makes the context ready for mbedtls_ssl_setup() or mbedtls_ssl_free()

Parameters
sslSSL context
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_md_alg_from_hash()

mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash ( unsigned char  hash)
Here is the caller graph for this function:

◆ mbedtls_ssl_optimize_checksum()

void mbedtls_ssl_optimize_checksum ( mbedtls_ssl_context ssl,
const mbedtls_ssl_ciphersuite_t ciphersuite_info 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_parse_certificate()

int mbedtls_ssl_parse_certificate ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_parse_change_cipher_spec()

int mbedtls_ssl_parse_change_cipher_spec ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_parse_finished()

int mbedtls_ssl_parse_finished ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_pk_alg_from_sig()

mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig ( unsigned char  sig)
Here is the caller graph for this function:

◆ mbedtls_ssl_prepare_handshake_record()

int mbedtls_ssl_prepare_handshake_record ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_psk_derive_premaster()

int mbedtls_ssl_psk_derive_premaster ( mbedtls_ssl_context ssl,
mbedtls_key_exchange_type_t  key_ex 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_read()

int mbedtls_ssl_read ( mbedtls_ssl_context ssl,
unsigned char *  buf,
size_t  len 
)

Read at most 'len' application data bytes.

Parameters
sslSSL context
bufbuffer that will hold the data
lenmaximum number of bytes to read
Returns
the number of bytes read, or 0 for EOF, or MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or MBEDTLS_ERR_SSL_CLIENT_RECONNECT (see below), or another negative error code.
Note
If this function returns something other than a positive value or MBEDTLS_ERR_SSL_WANT_READ/WRITE or MBEDTLS_ERR_SSL_CLIENT_RECONNECT, then the ssl context becomes unusable, and you should either free it or call mbedtls_ssl_session_reset() on it before re-using it for a new connection; the current connection must be closed.
When this function return MBEDTLS_ERR_SSL_CLIENT_RECONNECT (which can only happen server-side), it means that a client is initiating a new connection using the same source port. You can either treat that as a connection close and wait for the client to resend a ClientHello, or directly continue with mbedtls_ssl_handshake() with the same context (as it has beeen reset internally). Either way, you should make sure this is seen by the application as a new connection: application state, if any, should be reset, and most importantly the identity of the client must be checked again. WARNING: not validating the identity of the client again, or not transmitting the new identity to the application layer, would allow authentication bypass!
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_read_record()

int mbedtls_ssl_read_record ( mbedtls_ssl_context ssl)

Update record layer.

         This function roughly separates the implementation
         of the logic of (D)TLS from the implementation
         of the secure transport.
Parameters
sslSSL context to use
Returns
0 or non-zero error code.
Note
A clarification on what is called 'record layer' here is in order, as many sensible definitions are possible:

The record layer takes as input an untrusted underlying transport (stream or datagram) and transforms it into a serially multiplexed, secure transport, which conceptually provides the following:

(1) Three datagram based, content-agnostic transports for handshake, alert and CCS messages. (2) One stream- or datagram-based transport for application data. (3) Functionality for changing the underlying transform securing the contents.

The interface to this functionality is given as follows:

a Updating [Currently implemented by mbedtls_ssl_read_record]

Check if and on which of the four 'ports' data is pending: Nothing, a controlling datagram of type (1), or application data (2). In any case data is present, internal buffers provide access to the data for the user to process it. Consumption of type (1) datagrams is done automatically on the next update, invalidating that the internal buffers for previous datagrams, while consumption of application data (2) is user-controlled.

b Reading of application data [Currently manual adaption of ssl->in_offt pointer]

As mentioned in the last paragraph, consumption of data is different from the automatic consumption of control datagrams (1) because application data is treated as a stream.

c Tracking availability of application data [Currently manually through decreasing ssl->in_msglen]

For efficiency and to retain datagram semantics for application data in case of DTLS, the record layer provides functionality for checking how much application data is still available in the internal buffer.

d Changing the transformation securing the communication.

Given an opaque implementation of the record layer in the above sense, it should be possible to implement the logic of (D)TLS on top of it without the need to know anything about the record layer's internals. This is done e.g. in all the handshake handling functions, and in the application data reading function mbedtls_ssl_read.

Note
The above tries to give a conceptual picture of the record layer, but the current implementation deviates from it in some places. For example, our implementation of the update functionality through mbedtls_ssl_read_record discards datagrams depending on the current state, which wouldn't fall under the record layer's responsibility following the above definition.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_read_record_layer()

int mbedtls_ssl_read_record_layer ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_read_version()

void mbedtls_ssl_read_version ( int *  major,
int *  minor,
int  transport,
const unsigned char  ver[2] 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_recv_flight_completed()

void mbedtls_ssl_recv_flight_completed ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_renegotiate()

int mbedtls_ssl_renegotiate ( mbedtls_ssl_context ssl)

Initiate an SSL renegotiation on the running connection. Client: perform the renegotiation right now. Server: request renegotiation, which will be performed during the next call to mbedtls_ssl_read() if honored by client.

Parameters
sslSSL context
Returns
0 if successful, or any mbedtls_ssl_handshake() return value.
Note
If this function returns something other than 0 or MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context becomes unusable, and you should either free it or call mbedtls_ssl_session_reset() on it before re-using it for a new connection; the current connection must be closed.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_resend()

int mbedtls_ssl_resend ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_reset_checksum()

void mbedtls_ssl_reset_checksum ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_send_alert_message()

int mbedtls_ssl_send_alert_message ( mbedtls_ssl_context ssl,
unsigned char  level,
unsigned char  message 
)

Send an alert message.

Parameters
sslSSL context
levelThe alert level of the message (MBEDTLS_SSL_ALERT_LEVEL_WARNING or MBEDTLS_SSL_ALERT_LEVEL_FATAL)
messageThe alert message (SSL_ALERT_MSG_*)
Returns
0 if successful, or a specific SSL error code.
Note
If this function returns something other than 0 or MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context becomes unusable, and you should either free it or call mbedtls_ssl_session_reset() on it before re-using it for a new connection; the current connection must be closed.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_send_fatal_handshake_failure()

int mbedtls_ssl_send_fatal_handshake_failure ( mbedtls_ssl_context ssl)
Here is the call graph for this function:

◆ mbedtls_ssl_send_flight_completed()

void mbedtls_ssl_send_flight_completed ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_session_free()

void mbedtls_ssl_session_free ( mbedtls_ssl_session session)

Free referenced items in an SSL session including the peer certificate and clear memory.

Parameters
sessionSSL session
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_session_init()

void mbedtls_ssl_session_init ( mbedtls_ssl_session session)

Initialize SSL session structure.

Parameters
sessionSSL session
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_session_reset()

int mbedtls_ssl_session_reset ( mbedtls_ssl_context ssl)

Reset an already initialized SSL context for re-use while retaining application-set variables, function pointers and data.

Parameters
sslSSL context
Returns
0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED, MBEDTLS_ERR_SSL_HW_ACCEL_FAILED or MBEDTLS_ERR_SSL_COMPRESSION_FAILED
Here is the call graph for this function:

◆ mbedtls_ssl_set_bio()

void mbedtls_ssl_set_bio ( mbedtls_ssl_context ssl,
void p_bio,
mbedtls_ssl_send_t f_send,
mbedtls_ssl_recv_t f_recv,
mbedtls_ssl_recv_timeout_t f_recv_timeout 
)

Set the underlying BIO callbacks for write, read and read-with-timeout.

Parameters
sslSSL context
p_bioparameter (context) shared by BIO callbacks
f_sendwrite callback
f_recvread callback
f_recv_timeoutblocking read callback with timeout.
Note
One of f_recv or f_recv_timeout can be NULL, in which case the other is used. If both are non-NULL, f_recv_timeout is used and f_recv is ignored (as if it were NULL).
The two most common use cases are:
  • non-blocking I/O, f_recv != NULL, f_recv_timeout == NULL
  • blocking I/O, f_recv == NULL, f_recv_timout != NULL
For DTLS, you need to provide either a non-NULL f_recv_timeout callback, or a f_recv that doesn't block.
See the documentations of mbedtls_ssl_sent_t, mbedtls_ssl_recv_t and mbedtls_ssl_recv_timeout_t for the conventions those callbacks must follow.
On some platforms, net_sockets.c provides mbedtls_net_send(), mbedtls_net_recv() and mbedtls_net_recv_timeout() that are suitable to be used here.
Here is the caller graph for this function:

◆ mbedtls_ssl_set_calc_verify_md()

int mbedtls_ssl_set_calc_verify_md ( mbedtls_ssl_context ssl,
int  md 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_set_hostname()

int mbedtls_ssl_set_hostname ( mbedtls_ssl_context ssl,
const char *  hostname 
)

Set the hostname to check against the received server certificate. It sets the ServerName TLS extension too, if the extension is enabled. (client-side only)

Parameters
sslSSL context
hostnamethe server hostname
Returns
0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_set_hs_authmode()

void mbedtls_ssl_set_hs_authmode ( mbedtls_ssl_context ssl,
int  authmode 
)

Set authmode for the current handshake.

Note
Same as mbedtls_ssl_conf_authmode() but for use within the SNI callback.
Parameters
sslSSL context
authmodeMBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL or MBEDTLS_SSL_VERIFY_REQUIRED

◆ mbedtls_ssl_set_hs_ca_chain()

void mbedtls_ssl_set_hs_ca_chain ( mbedtls_ssl_context ssl,
mbedtls_x509_crt ca_chain,
mbedtls_x509_crl ca_crl 
)

Set the data required to verify peer certificate for the current handshake.

Note
Same as mbedtls_ssl_conf_ca_chain() but for use within the SNI callback.
Parameters
sslSSL context
ca_chaintrusted CA chain (meaning all fully trusted top-level CAs)
ca_crltrusted CA CRLs

◆ mbedtls_ssl_set_hs_own_cert()

int mbedtls_ssl_set_hs_own_cert ( mbedtls_ssl_context ssl,
mbedtls_x509_crt own_cert,
mbedtls_pk_context pk_key 
)

Set own certificate and key for the current handshake.

Note
Same as mbedtls_ssl_conf_own_cert() but for use within the SNI callback.
Parameters
sslSSL context
own_certown public certificate chain
pk_keyown private key
Returns
0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED
Here is the call graph for this function:

◆ mbedtls_ssl_set_hs_psk()

int mbedtls_ssl_set_hs_psk ( mbedtls_ssl_context ssl,
const unsigned char *  psk,
size_t  psk_len 
)

Set the Pre Shared Key (PSK) for the current handshake.

Note
This should only be called inside the PSK callback, ie the function passed to mbedtls_ssl_conf_psk_cb().
Parameters
sslSSL context
pskpointer to the pre-shared key
psk_lenpre-shared key length
Returns
0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED
Here is the call graph for this function:

◆ mbedtls_ssl_set_session()

int mbedtls_ssl_set_session ( mbedtls_ssl_context ssl,
const mbedtls_ssl_session session 
)

Request resumption of session (client-side only) Session data is copied from presented session structure.

Parameters
sslSSL context
sessionsession context
Returns
0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or arguments are otherwise invalid
See also
mbedtls_ssl_get_session()
Here is the call graph for this function:

◆ mbedtls_ssl_set_timer_cb()

void mbedtls_ssl_set_timer_cb ( mbedtls_ssl_context ssl,
void p_timer,
mbedtls_ssl_set_timer_t f_set_timer,
mbedtls_ssl_get_timer_t f_get_timer 
)

Set the timer callbacks (Mandatory for DTLS.)

Parameters
sslSSL context
p_timerparameter (context) shared by timer callbacks
f_set_timerset timer callback
f_get_timerget timer callback. Must return:
Note
See the documentation of mbedtls_ssl_set_timer_t and mbedtls_ssl_get_timer_t for the conventions this pair of callbacks must follow.
On some platforms, timing.c provides mbedtls_timing_set_delay() and mbedtls_timing_get_delay() that are suitable for using here, except if using an event-driven style.
See also the "DTLS tutorial" article in our knowledge base. https://tls.mbed.org/kb/how-to/dtls-tutorial
Here is the call graph for this function:

◆ mbedtls_ssl_setup()

int mbedtls_ssl_setup ( mbedtls_ssl_context ssl,
const mbedtls_ssl_config conf 
)

Set up an SSL context for use.

Note
No copy of the configuration context is made, it can be shared by many mbedtls_ssl_context structures.
Warning
Modifying the conf structure after it has been used in this function is unsupported!
Parameters
sslSSL context
confSSL configuration to use
Returns
0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_sig_from_pk()

unsigned char mbedtls_ssl_sig_from_pk ( mbedtls_pk_context pk)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_sig_from_pk_alg()

unsigned char mbedtls_ssl_sig_from_pk_alg ( mbedtls_pk_type_t  type)
Here is the caller graph for this function:

◆ mbedtls_ssl_sig_hash_set_add()

void mbedtls_ssl_sig_hash_set_add ( mbedtls_ssl_sig_hash_set_t set,
mbedtls_pk_type_t  sig_alg,
mbedtls_md_type_t  md_alg 
)
Here is the caller graph for this function:

◆ mbedtls_ssl_sig_hash_set_const_hash()

void mbedtls_ssl_sig_hash_set_const_hash ( mbedtls_ssl_sig_hash_set_t set,
mbedtls_md_type_t  md_alg 
)
Here is the caller graph for this function:

◆ mbedtls_ssl_sig_hash_set_find()

mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find ( mbedtls_ssl_sig_hash_set_t set,
mbedtls_pk_type_t  sig_alg 
)
Here is the caller graph for this function:

◆ mbedtls_ssl_transform_free()

void mbedtls_ssl_transform_free ( mbedtls_ssl_transform transform)

Free referenced items in an SSL transform context and clear memory.

Parameters
transformSSL transform context
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_update_handshake_status()

void mbedtls_ssl_update_handshake_status ( mbedtls_ssl_context ssl)
Here is the caller graph for this function:

◆ mbedtls_ssl_write()

int mbedtls_ssl_write ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)

Try to write exactly 'len' application data bytes.

Warning
This function will do partial writes in some cases. If the return value is non-negative but less than length, the function must be called again with updated arguments: buf + ret, len - ret (if ret is the return value) until it returns a value equal to the last 'len' argument.
Parameters
sslSSL context
bufbuffer holding the data
lenhow many bytes must be written
Returns
the number of bytes actually written (may be less than len), or MBEDTLS_ERR_SSL_WANT_WRITE or MBEDTLS_ERR_SSL_WANT_READ, or another negative error code.
Note
If this function returns something other than a positive value or MBEDTLS_ERR_SSL_WANT_READ/WRITE, the ssl context becomes unusable, and you should either free it or call mbedtls_ssl_session_reset() on it before re-using it for a new connection; the current connection must be closed.
When this function returns MBEDTLS_ERR_SSL_WANT_WRITE/READ, it must be called later with the same arguments, until it returns a positive value.
If the requested length is greater than the maximum fragment length (either the built-in limit or the one set or negotiated with the peer), then:
  • with TLS, less bytes than requested are written.
  • with DTLS, MBEDTLS_ERR_SSL_BAD_INPUT_DATA is returned. mbedtls_ssl_get_max_frag_len() may be used to query the active maximum fragment length.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_write_certificate()

int mbedtls_ssl_write_certificate ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_write_change_cipher_spec()

int mbedtls_ssl_write_change_cipher_spec ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_write_finished()

int mbedtls_ssl_write_finished ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_write_record()

int mbedtls_ssl_write_record ( mbedtls_ssl_context ssl)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ssl_write_version()

void mbedtls_ssl_write_version ( int  major,
int  minor,
int  transport,
unsigned char  ver[2] 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_append_key_cert()

static int ssl_append_key_cert ( mbedtls_ssl_key_cert **  head,
mbedtls_x509_crt cert,
mbedtls_pk_context key 
)
static
Here is the caller graph for this function:

◆ ssl_bitmask_check()

static int ssl_bitmask_check ( unsigned char *  mask,
size_t  len 
)
static
Here is the caller graph for this function:

◆ ssl_bitmask_set()

static void ssl_bitmask_set ( unsigned char *  mask,
size_t  offset,
size_t  len 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_calc_finished_tls()

static void ssl_calc_finished_tls ( mbedtls_ssl_context ssl,
unsigned char *  buf,
int  from 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_calc_finished_tls_sha256()

static void ssl_calc_finished_tls_sha256 ( mbedtls_ssl_context ssl,
unsigned char *  buf,
int  from 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_calc_finished_tls_sha384()

static void ssl_calc_finished_tls_sha384 ( mbedtls_ssl_context ssl,
unsigned char *  buf,
int  from 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_calc_verify_tls() [1/2]

static void ssl_calc_verify_tls ( mbedtls_ssl_context ,
unsigned char *   
)
static
Here is the caller graph for this function:

◆ ssl_calc_verify_tls() [2/2]

void ssl_calc_verify_tls ( mbedtls_ssl_context ssl,
unsigned char  hash[36] 
)
Here is the call graph for this function:

◆ ssl_calc_verify_tls_sha256() [1/2]

static void ssl_calc_verify_tls_sha256 ( mbedtls_ssl_context ,
unsigned char *   
)
static
Here is the caller graph for this function:

◆ ssl_calc_verify_tls_sha256() [2/2]

void ssl_calc_verify_tls_sha256 ( mbedtls_ssl_context ssl,
unsigned char  hash[32] 
)
Here is the call graph for this function:

◆ ssl_calc_verify_tls_sha384() [1/2]

static void ssl_calc_verify_tls_sha384 ( mbedtls_ssl_context ,
unsigned char *   
)
static
Here is the caller graph for this function:

◆ ssl_calc_verify_tls_sha384() [2/2]

void ssl_calc_verify_tls_sha384 ( mbedtls_ssl_context ssl,
unsigned char  hash[48] 
)
Here is the call graph for this function:

◆ ssl_check_ctr_renegotiate()

static int ssl_check_ctr_renegotiate ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_check_dtls_clihlo_cookie()

static int ssl_check_dtls_clihlo_cookie ( mbedtls_ssl_cookie_write_t f_cookie_write,
mbedtls_ssl_cookie_check_t f_cookie_check,
void p_cookie,
const unsigned char *  cli_id,
size_t  cli_id_len,
const unsigned char *  in,
size_t  in_len,
unsigned char *  obuf,
size_t  buf_len,
size_t *  olen 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_check_timer()

static int ssl_check_timer ( mbedtls_ssl_context ssl)
static
Here is the caller graph for this function:

◆ ssl_cookie_check_dummy()

static int ssl_cookie_check_dummy ( void ctx,
const unsigned char *  cookie,
size_t  cookie_len,
const unsigned char *  cli_id,
size_t  cli_id_len 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_cookie_write_dummy()

static int ssl_cookie_write_dummy ( void ctx,
unsigned char **  p,
unsigned char *  end,
const unsigned char *  cli_id,
size_t  cli_id_len 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_decrypt_buf()

static int ssl_decrypt_buf ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_double_retransmit_timeout()

static int ssl_double_retransmit_timeout ( mbedtls_ssl_context ssl)
static
Here is the caller graph for this function:

◆ ssl_dtls_replay_reset()

static void ssl_dtls_replay_reset ( mbedtls_ssl_context ssl)
static
Here is the caller graph for this function:

◆ ssl_encrypt_buf()

static int ssl_encrypt_buf ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_ep_len()

static size_t ssl_ep_len ( const mbedtls_ssl_context ssl)
inlinestatic
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_flight_append()

static int ssl_flight_append ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_flight_free()

static void ssl_flight_free ( mbedtls_ssl_flight_item flight)
static
Here is the caller graph for this function:

◆ ssl_handle_possible_reconnect()

static int ssl_handle_possible_reconnect ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_handshake_init()

static int ssl_handshake_init ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_handshake_params_init()

static void ssl_handshake_params_init ( mbedtls_ssl_handshake_params handshake)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_handshake_wrapup_free_hs_transform()

static void ssl_handshake_wrapup_free_hs_transform ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_key_cert_free()

static void ssl_key_cert_free ( mbedtls_ssl_key_cert key_cert)
static
Here is the caller graph for this function:

◆ ssl_load_six_bytes()

static uint64_t ssl_load_six_bytes ( unsigned char *  buf)
inlinestatic
Here is the caller graph for this function:

◆ ssl_parse_record_header()

static int ssl_parse_record_header ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_prepare_record_content()

static int ssl_prepare_record_content ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_reassemble_dtls_handshake()

static int ssl_reassemble_dtls_handshake ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_resend_hello_request()

static int ssl_resend_hello_request ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_reset_retransmit_timeout()

static void ssl_reset_retransmit_timeout ( mbedtls_ssl_context ssl)
static
Here is the caller graph for this function:

◆ ssl_session_copy()

static int ssl_session_copy ( mbedtls_ssl_session dst,
const mbedtls_ssl_session src 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_session_reset_int()

static int ssl_session_reset_int ( mbedtls_ssl_context ssl,
int  partial 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_set_timer()

static void ssl_set_timer ( mbedtls_ssl_context ssl,
uint32_t  millisecs 
)
static
Here is the caller graph for this function:

◆ ssl_start_renegotiation()

static int ssl_start_renegotiation ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_swap_epochs()

static void ssl_swap_epochs ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_transform_init()

static void ssl_transform_init ( mbedtls_ssl_transform transform)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_update_checksum_md5sha1()

static void ssl_update_checksum_md5sha1 ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_update_checksum_sha256()

static void ssl_update_checksum_sha256 ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_update_checksum_sha384()

static void ssl_update_checksum_sha384 ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_update_checksum_start()

static void ssl_update_checksum_start ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_write_hello_request()

static int ssl_write_hello_request ( mbedtls_ssl_context ssl)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_write_real()

static int ssl_write_real ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ssl_write_split()

static int ssl_write_split ( mbedtls_ssl_context ssl,
const unsigned char *  buf,
size_t  len 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ tls1_prf()

static int tls1_prf ( const unsigned char *  secret,
size_t  slen,
const char *  label,
const unsigned char *  random,
size_t  rlen,
unsigned char *  dstbuf,
size_t  dlen 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ tls_prf_generic()

static int tls_prf_generic ( mbedtls_md_type_t  md_type,
const unsigned char *  secret,
size_t  slen,
const char *  label,
const unsigned char *  random,
size_t  rlen,
unsigned char *  dstbuf,
size_t  dlen 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ tls_prf_sha256()

static int tls_prf_sha256 ( const unsigned char *  secret,
size_t  slen,
const char *  label,
const unsigned char *  random,
size_t  rlen,
unsigned char *  dstbuf,
size_t  dlen 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ tls_prf_sha384()

static int tls_prf_sha384 ( const unsigned char *  secret,
size_t  slen,
const char *  label,
const unsigned char *  random,
size_t  rlen,
unsigned char *  dstbuf,
size_t  dlen 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ mfl_code_to_length

unsigned int mfl_code_to_length[MBEDTLS_SSL_MAX_FRAG_LEN_INVALID]
static
Initial value:
=
{
512,
1024,
2048,
4096,
}
#define MBEDTLS_SSL_MAX_CONTENT_LEN
Definition: ssl.h:222

◆ ssl_preset_default_hashes

int ssl_preset_default_hashes[]
static
Initial value:
= {
}
Definition: md.h:45
Definition: md.h:46
Definition: md.h:40
Definition: md.h:48
Definition: md.h:47
Definition: md.h:44

◆ ssl_preset_suiteb_ciphersuites

int ssl_preset_suiteb_ciphersuites[]
static
Initial value:
= {
0
}
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Definition: ssl_ciphersuites.h:155
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Definition: ssl_ciphersuites.h:154

◆ ssl_preset_suiteb_curves

mbedtls_ecp_group_id ssl_preset_suiteb_curves[]
static

◆ ssl_preset_suiteb_hashes

int ssl_preset_suiteb_hashes[]
static
Initial value:
= {
}
Definition: md.h:46
Definition: md.h:40
Definition: md.h:47