tls13_misc.h File Reference
TLS 1.3 helper functions. More...
Go to the source code of this file.
Macros | |
| #define | TLS13_DHE_KE_SUPPORT ENABLED |
| #define | TLS13_ECDHE_KE_SUPPORT ENABLED |
| #define | TLS13_PSK_KE_SUPPORT DISABLED |
| #define | TLS13_PSK_DHE_KE_SUPPORT ENABLED |
| #define | TLS13_PSK_ECDHE_KE_SUPPORT ENABLED |
| #define | TLS13_EARLY_DATA_SUPPORT DISABLED |
| #define | TLS13_MIDDLEBOX_COMPAT_SUPPORT ENABLED |
| #define | TLS13_MAX_COOKIE_SIZE 256 |
| #define | TLS13_MAX_TICKET_SIZE 1024 |
| #define | TLS13_MAX_TICKET_LIFETIME 604800 |
| #define | TLS13_TICKET_AGE_TOLERANCE 5000 |
| #define | TLS13_NEW_SESSION_TICKET_COUNT 2 |
| #define | TLS13_MAX_HKDF_DIGEST_SIZE 48 |
Typedefs | |
| struct { | |
| char_t type | |
| uint32_t dataStart | |
| uint32_t dataLength | |
| uint8_t nameLength | |
| char_t name [] | |
| uint8_t tokenLen: 4 | |
| uint8_t type: 2 | |
| uint8_t version: 2 | |
| uint8_t code | |
| uint16_t mid | |
| uint8_t token [] | |
| union { | |
| uint8_t b [6] | |
| uint16_t w [3] | |
| } | |
| uint16_t srcPort | |
| uint16_t destPort | |
| uint32_t seqNum | |
| uint32_t ackNum | |
| uint8_t reserved1: 4 | |
| uint8_t dataOffset: 4 | |
| uint8_t flags: 6 | |
| uint8_t reserved2: 2 | |
| uint16_t window | |
| uint16_t checksum | |
| uint16_t urgentPointer | |
| uint8_t options [] | |
| uint16_t length | |
| uint8_t data [] | |
| uint8_t op | |
| uint8_t htype | |
| uint8_t hlen | |
| uint8_t hops | |
| uint32_t xid | |
| uint16_t secs | |
| uint16_t flags | |
| Ipv4Addr ciaddr | |
| Ipv4Addr yiaddr | |
| Ipv4Addr siaddr | |
| Ipv4Addr giaddr | |
| MacAddr chaddr | |
| uint8_t unused [10] | |
| uint8_t sname [64] | |
| uint8_t file [128] | |
| uint32_t magicCookie | |
| uint16_t type | |
| uint16_t hardwareType | |
| uint32_t time | |
| MacAddr linkLayerAddr | |
| uint16_t id | |
| uint8_t rd: 1 | |
| uint8_t tc: 1 | |
| uint8_t aa: 1 | |
| uint8_t opcode: 4 | |
| uint8_t qr: 1 | |
| uint8_t rcode: 4 | |
| uint8_t z: 3 | |
| uint8_t ra: 1 | |
| uint16_t qdcount | |
| uint16_t ancount | |
| uint16_t nscount | |
| uint16_t arcount | |
| uint8_t questions [] | |
| uint16_t controlWord | |
| uint16_t byteCount | |
| uint8_t bLength | |
| uint8_t bDescriptorType | |
| uint16_t bcdUsb | |
| uint8_t bDeviceClass | |
| uint8_t bDeviceSubClass | |
| uint8_t bDeviceProtocol | |
| uint8_t bMaxPacketSize0 | |
| uint16_t idVendor | |
| uint16_t idProduct | |
| uint16_t bcdDevice | |
| uint8_t iManufacturer | |
| uint8_t iProduct | |
| uint8_t iSerialNumber | |
| uint8_t bNumConfigurations | |
| uint8_t maxRespTime | |
| Ipv4Addr groupAddr | |
| uint16_t hrd | |
| uint16_t pro | |
| uint8_t hln | |
| uint8_t pln | |
| uint16_t op | |
| MacAddr sha | |
| Ipv4Addr spa | |
| MacAddr tha | |
| Ipv4Addr tpa | |
| uint8_t length | |
| uint8_t value [] | |
| uint16_t first | |
| uint16_t last | |
| uint16_t next | |
| union { | |
| uint8_t b [16] | |
| uint16_t w [8] | |
| uint32_t dw [4] | |
| } | |
| uint16_t maxRespDelay | |
| uint16_t reserved | |
| Ipv6Addr multicastAddr | |
| uint32_t reserved | |
| uint16_t pvid | |
| uint8_t autoNegSupportStatus | |
| uint16_t pmdAutoNegAdvCap | |
| uint16_t operationalMauType | |
| uint16_t capabilities | |
| uint8_t deviceType | |
| uint8_t lengthH: 1 | |
| uint8_t lengthL | |
| uint8_t t: 1 | |
| uint8_t c: 1 | |
| union { | |
| int32_t integer | |
| uint8_t octetString [1] | |
| uint8_t oid [1] | |
| uint8_t ipAddr [4] | |
| uint32_t counter32 | |
| uint32_t gauge32 | |
| uint32_t unsigned32 | |
| uint32_t timeTicks | |
| uint64_t counter64 | |
| } | |
| uint16_t transactionId | |
| uint16_t protocolId | |
| uint8_t unitId | |
| uint8_t pdu [] | |
| uint8_t retain: 1 | |
| uint8_t qos: 2 | |
| uint8_t dup: 1 | |
| union { | |
| uint8_t all | |
| struct { | |
| uint8_t topicIdType: 2 | |
| uint8_t cleanSession: 1 | |
| uint8_t will: 1 | |
| uint8_t retain: 1 | |
| uint8_t qos: 2 | |
| uint8_t dup: 1 | |
| } | |
| } | |
| uint8_t b: 1 | |
| uint8_t identifier | |
| uint8_t valueSize | |
| Ipv4Addr srcIpAddr | |
| Ipv4Addr destIpAddr | |
| Eui64 interfaceId | |
| uint16_t mru | |
| uint8_t peerIdLength | |
| uint8_t peerId [] | |
| uint32_t seconds | |
| uint32_t fraction | |
| uint16_t opcode | |
| char_t filename [] | |
| uint8_t reserved: 3 | |
| uint8_t fin: 1 | |
| uint8_t payloadLen: 7 | |
| uint8_t mask: 1 | |
| uint8_t extPayloadLen [] | |
| uint32_t length | |
| uint8_t payload [] | |
| uint8_t protocolVersionId | |
| uint8_t bpduType | |
| StpBridgeId rootId | |
| uint32_t rootPathCost | |
| StpBridgeId bridgeId | |
| uint16_t portId | |
| uint16_t messageAge | |
| uint16_t maxAge | |
| uint16_t helloTime | |
| uint16_t forwardDelay | |
| uint8_t version1Length | |
| uint16_t priority | |
| MacAddr addr | |
| } | Tls13Cookie |
| Cookie. More... | |
| struct { | |
| char_t type | |
| uint32_t dataStart | |
| uint32_t dataLength | |
| uint8_t nameLength | |
| uint8_t length: 4 | |
| uint8_t delta: 4 | |
| union { | |
| uint8_t b [8] | |
| uint16_t w [4] | |
| uint32_t dw [2] | |
| } | |
| uint8_t kind | |
| uint8_t value [] | |
| uint8_t code | |
| uint16_t type | |
| uint32_t enterpriseNumber | |
| uint8_t identifier [] | |
| uint16_t qtype | |
| uint16_t qclass | |
| uint16_t statusWord | |
| uint16_t byteCount | |
| uint8_t bLength | |
| uint8_t bDescriptorType | |
| uint16_t wTotalLength | |
| uint8_t bNumInterfaces | |
| uint8_t bConfigurationValue | |
| uint8_t iConfiguration | |
| uint8_t bmAttributes | |
| uint8_t bMaxPower | |
| uint8_t type | |
| uint16_t checksum | |
| uint8_t parameter | |
| uint8_t unused [3] | |
| uint8_t data [] | |
| uint32_t parameter | |
| uint8_t nextHeader | |
| uint8_t hdrExtLen | |
| uint8_t options [] | |
| uint8_t curHopLimit | |
| uint8_t reserved: 2 | |
| uint8_t p: 1 | |
| uint8_t prf: 2 | |
| uint8_t h: 1 | |
| uint8_t o: 1 | |
| uint8_t m: 1 | |
| uint16_t routerLifetime | |
| uint32_t reachableTime | |
| uint32_t retransTimer | |
| uint8_t flags | |
| uint16_t ppvid | |
| uint8_t mdiPowerSupport | |
| uint8_t psePowerPair | |
| uint8_t powerClass | |
| uint8_t appType | |
| uint8_t vlanIdH: 5 | |
| uint8_t x: 1 | |
| uint8_t t: 1 | |
| uint8_t u: 1 | |
| uint8_t l2PriorityH: 1 | |
| uint8_t vlanIdL: 7 | |
| uint8_t dscpValue: 6 | |
| uint8_t l2PriorityL: 2 | |
| uint8_t chassisIdSubtype | |
| uint8_t chassisId [] | |
| uint8_t functionCode | |
| uint16_t startingAddr | |
| uint16_t quantityOfCoils | |
| uint16_t length | |
| uint8_t msgType | |
| uint16_t flags | |
| Ipv4Addr addr | |
| uint8_t valueSize | |
| uint16_t protocol | |
| uint32_t accm | |
| uint8_t msgLength | |
| uint8_t message [] | |
| uint8_t mode: 3 | |
| uint8_t vn: 3 | |
| uint8_t li: 2 | |
| uint8_t stratum | |
| uint8_t poll | |
| int8_t precision | |
| uint32_t rootDelay | |
| uint32_t rootDispersion | |
| uint32_t referenceId | |
| NtpTimestamp referenceTimestamp | |
| NtpTimestamp originateTimestamp | |
| NtpTimestamp receiveTimestamp | |
| NtpTimestamp transmitTimestamp | |
| uint16_t opcode | |
| char_t filename [] | |
| uint16_t value [] | |
| uint16_t group | |
| uint8_t keyExchange [] | |
| uint32_t id | |
| uint32_t dataLen | |
| } | Tls13KeyShareEntry |
| Key share entry. More... | |
| struct { | |
| uint32_t totalSize | |
| ResRootEntry rootEntry | |
| MacAddr destAddr | |
| MacAddr srcAddr | |
| uint16_t type | |
| uint8_t data [] | |
| uint16_t hardwareType | |
| MacAddr linkLayerAddr | |
| uint16_t rtype | |
| uint16_t rclass | |
| uint32_t ttl | |
| uint16_t rdlength | |
| uint8_t rdata [] | |
| uint8_t bLength | |
| uint8_t bDescriptorType | |
| uint8_t bInterfaceNumber | |
| uint8_t bAlternateSetting | |
| uint8_t bNumEndpoints | |
| uint8_t bInterfaceClass | |
| uint8_t bInterfaceSubClass | |
| uint8_t bInterfaceProtocol | |
| uint8_t iInterface | |
| uint8_t type | |
| uint8_t code | |
| uint16_t checksum | |
| uint32_t unused | |
| uint8_t nextHeader | |
| uint8_t hdrExtLen | |
| uint8_t options [] | |
| uint32_t reserved | |
| Ipv6Addr targetAddr | |
| uint16_t vlanId | |
| uint8_t vlanNameLen | |
| char_t vlanName [] | |
| uint8_t aggregationStatus | |
| uint32_t aggregatedPortId | |
| uint8_t locationDataFormat | |
| uint8_t locationId [] | |
| uint8_t portIdSubtype | |
| uint8_t portId [] | |
| uint8_t functionCode | |
| uint8_t byteCount | |
| uint8_t coilStatus [] | |
| uint8_t prefix | |
| uint16_t length | |
| uint8_t msgType | |
| uint8_t identifier | |
| uint8_t message [] | |
| uint8_t length | |
| Ipv4Addr ipAddr | |
| uint16_t protocol | |
| uint8_t msgLength | |
| uint8_t rejectedPacket [] | |
| uint32_t keyId | |
| uint8_t messageDigest [16] | |
| uint16_t opcode | |
| uint16_t block | |
| uint16_t value [] | |
| uint8_t value [] | |
| } | Tls13KeyShareList |
| List of key shares. More... | |
| struct { | |
| uint8_t dsap | |
| uint8_t ssap | |
| uint8_t control | |
| uint8_t msgType | |
| uint8_t transactionId [3] | |
| uint8_t options [] | |
| uint16_t rtype | |
| uint16_t rclass | |
| uint32_t ttl | |
| uint16_t rdlength | |
| uint8_t rdata [4] | |
| uint8_t bLength | |
| uint8_t bDescriptorType | |
| uint8_t bEndpointAddress | |
| uint8_t bmAttributes | |
| uint16_t wMaxPacketSize | |
| uint8_t bInterval | |
| uint8_t type | |
| uint8_t code | |
| uint16_t checksum | |
| uint32_t unused | |
| uint8_t data [] | |
| uint32_t mtu | |
| uint8_t nextHeader | |
| uint8_t hdrExtLen | |
| uint8_t routingType | |
| uint8_t segmentsLeft | |
| uint32_t reserved | |
| Ipv6Addr address [] | |
| uint8_t reserved1: 5 | |
| uint8_t o: 1 | |
| uint8_t s: 1 | |
| uint8_t r: 1 | |
| uint8_t reserved2 [3] | |
| Ipv6Addr targetAddr | |
| uint8_t protocolIdLen | |
| uint8_t protocolId [] | |
| uint16_t maxFrameSize | |
| uint8_t powerPriority: 4 | |
| uint8_t powerSource: 2 | |
| uint8_t powerType: 2 | |
| uint16_t powerValue | |
| uint16_t ttl | |
| uint8_t functionCode | |
| uint16_t startingAddr | |
| uint16_t quantityOfInputs | |
| uint8_t gwId | |
| uint16_t duration | |
| uint8_t identifier | |
| uint16_t length | |
| uint8_t message [] | |
| uint8_t length | |
| Ipv4Addr ipAddr | |
| uint16_t protocol | |
| uint16_t rejectedProtocol | |
| uint8_t rejectedInfo [] | |
| uint16_t opcode | |
| uint16_t block | |
| uint16_t version | |
| uint16_t epoch | |
| DtlsSequenceNumber seqNum | |
| uint8_t hash | |
| uint8_t signature | |
| uint8_t value [] | |
| } | Tls13PskKeModeList |
| List of PSK key exchange modes. More... | |
| struct { | |
| uint16_t tci | |
| uint16_t type | |
| uint8_t msgType | |
| uint8_t hopCount | |
| Ipv6Addr linkAddress | |
| Ipv6Addr peerAddress | |
| uint8_t options [] | |
| uint16_t rtype | |
| uint16_t rclass | |
| uint32_t ttl | |
| uint16_t rdlength | |
| uint8_t rdata [16] | |
| uint8_t bLength | |
| uint8_t bDescriptorType | |
| uint16_t bString [] | |
| uint8_t type | |
| uint8_t code | |
| uint16_t checksum | |
| uint8_t pointer | |
| uint8_t unused [3] | |
| uint8_t data [] | |
| uint32_t unused | |
| uint8_t nextHeader | |
| uint8_t payloadLen | |
| uint16_t reserved | |
| uint32_t securityParamIndex | |
| uint32_t sequenceNumber | |
| uint8_t authData [] | |
| uint32_t reserved | |
| Ipv6Addr targetAddr | |
| Ipv6Addr destAddr | |
| uint8_t measurements [20] | |
| uint16_t psePowerPriceIndex | |
| uint16_t supportedCap | |
| uint16_t enabledCap | |
| uint8_t functionCode | |
| uint8_t byteCount | |
| uint8_t inputStatus [] | |
| uint8_t radius | |
| uint8_t length | |
| Ipv4Addr ipAddr | |
| uint32_t magicNumber | |
| uint8_t identifier | |
| uint16_t length | |
| uint16_t opcode | |
| uint16_t errorCode | |
| char_t errorMsg [] | |
| uint16_t msgSeq | |
| uint8_t fragOffset [3] | |
| uint8_t fragLength [3] | |
| TlsSignHashAlgo value [] | |
| uint8_t value [] | |
| } | Tls13PskIdentity |
| PSK identity. More... | |
| struct { | |
| uint16_t code | |
| uint16_t length | |
| uint8_t value [] | |
| uint16_t rtype | |
| uint16_t rclass | |
| uint32_t ttl | |
| uint16_t rdlength | |
| uint16_t priority | |
| uint16_t weight | |
| uint16_t port | |
| uint8_t target [] | |
| uint8_t bFunctionLength | |
| uint8_t bDescriptorType | |
| uint8_t bDescriptorSubtype | |
| uint16_t bcdCdc | |
| uint8_t type | |
| uint8_t code | |
| uint16_t checksum | |
| uint16_t identifier | |
| uint16_t sequenceNumber | |
| uint8_t data [] | |
| uint32_t pointer | |
| uint32_t securityParamIndex | |
| uint32_t sequenceNumber | |
| uint8_t payloadData [] | |
| uint8_t length | |
| uint8_t powerPriority: 2 | |
| uint8_t pd4pid: 1 | |
| uint8_t reserved: 1 | |
| uint8_t powerSource: 2 | |
| uint8_t powerType: 2 | |
| uint16_t pdRequestedPower | |
| uint16_t pseAllocatedPower | |
| uint8_t mgmtAddrLen | |
| uint8_t mgmtAddrSubtype | |
| uint8_t mgmtAddr [] | |
| uint8_t functionCode | |
| uint16_t startingAddr | |
| uint16_t quantityOfRegs | |
| uint8_t gwId | |
| uint8_t gwAdd [] | |
| Ipv4Addr ipAddr | |
| uint8_t identifier | |
| uint32_t magicNumber | |
| uint16_t serverVersion | |
| uint8_t cookieLength | |
| uint8_t cookie [] | |
| } | Tls13PskIdentityList |
| List of PSK identities. More... | |
| struct { | |
| uint32_t iaId | |
| uint32_t t1 | |
| uint32_t t2 | |
| uint8_t options [] | |
| uint8_t bFunctionLength | |
| uint8_t bDescriptorType | |
| uint8_t bDescriptorSubtype | |
| uint8_t bmCapabilities | |
| uint8_t bDataInterface | |
| uint8_t type | |
| uint8_t code | |
| uint16_t checksum | |
| uint16_t identifier | |
| uint16_t sequenceNumber | |
| uint8_t data [] | |
| uint8_t length | |
| MacAddr linkLayerAddr | |
| uint16_t pdRequestedPowerA | |
| uint16_t pdRequestedPowerB | |
| uint16_t pseAllocatedPowerA | |
| uint16_t pseAllocatedPowerB | |
| uint16_t powerStatus | |
| uint8_t systemSetup | |
| uint16_t pseMaxAvailablePower | |
| uint8_t autoclass | |
| uint8_t powerDown [3] | |
| uint8_t ifNumSubtype | |
| uint32_t ifNum | |
| uint8_t oidLen | |
| uint8_t oid [] | |
| uint8_t functionCode | |
| uint8_t byteCount | |
| uint16_t regValue [] | |
| MqttSnFlags flags | |
| uint8_t protocolId | |
| uint16_t duration | |
| char_t clientId [] | |
| Ipv4Addr ipAddr | |
| uint16_t length | |
| uint8_t value [] | |
| } | Tls13PskBinder |
| PSK binder. More... | |
| struct { | |
| uint32_t iaId | |
| uint8_t options [] | |
| uint8_t bFunctionLength | |
| uint8_t bDescriptorType | |
| uint8_t bDescriptorSubtype | |
| uint8_t bmCapabilities | |
| uint8_t type | |
| uint8_t length | |
| uint8_t prefixLength | |
| uint8_t reserved1: 5 | |
| uint8_t r: 1 | |
| uint8_t a: 1 | |
| uint8_t l: 1 | |
| uint32_t validLifetime | |
| uint32_t preferredLifetime | |
| uint32_t reserved2 | |
| Ipv6Addr prefix | |
| uint8_t oui [LLDP_OUI_SIZE] | |
| uint8_t subtype | |
| uint8_t value [] | |
| uint8_t functionCode | |
| uint16_t startingAddr | |
| uint16_t quantityOfRegs | |
| uint8_t returnCode | |
| uint16_t type | |
| uint16_t length | |
| } | Tls13PskBinderList |
| List of PSK binders. More... | |
| struct { | |
| Ipv6Addr address | |
| uint32_t preferredLifetime | |
| uint32_t validLifetime | |
| uint8_t options [] | |
| uint8_t bFunctionLength | |
| uint8_t bDescriptorType | |
| uint8_t bDescriptorSubtype | |
| uint8_t bMasterInterface | |
| uint8_t bSlaveInterface0 | |
| uint8_t type | |
| uint8_t length | |
| uint16_t reserved1 | |
| uint32_t reserved2 | |
| uint8_t ipPacket [] | |
| uint8_t functionCode | |
| uint8_t byteCount | |
| uint16_t regValue [] | |
| MqttSnFlags flags | |
| char_t willTopic [] | |
| uint16_t length | |
| uint8_t value [] | |
| } | Tls13CertRequestContext |
| Certificate request context. More... | |
| struct { | |
| uint16_t requestedOption [1] | |
| UsbConfigDescriptor configDescriptor | |
| UsbInterfaceDescriptor communicationInterfaceDescriptor | |
| CdcHeaderDescriptor cdcHeaderDescriptor | |
| CdcCallManagementDescriptor cdcCallManagementDescriptor | |
| CdcAcmDescriptor cdcAcmDescriptor | |
| CdcUnionDescriptor cdcUnionDescriptor | |
| UsbEndpointDescriptor notificationEndpointDescriptor | |
| UsbInterfaceDescriptor dataInterfaceDescriptor | |
| UsbEndpointDescriptor dataOutEndpointDescriptor | |
| UsbEndpointDescriptor dataInEndpointDescriptor | |
| uint8_t type | |
| uint8_t length | |
| uint16_t reserved | |
| uint32_t mtu | |
| uint8_t functionCode | |
| uint16_t outputAddr | |
| uint16_t outputValue | |
| uint16_t topicId | |
| uint16_t msgId | |
| char_t topicName [] | |
| uint16_t value [] | |
| uint16_t algorithm | |
| uint16_t length | |
| uint8_t value [] | |
| } | Tls13DigitalSignature |
| Digitally-signed element (TLS 1.3) More... | |
| struct { | |
| uint8_t value | |
| uint8_t type | |
| uint8_t length | |
| uint8_t prefixLength | |
| uint8_t reserved2: 3 | |
| uint8_t prf: 2 | |
| uint8_t reserved1: 3 | |
| uint32_t routeLifetime | |
| Ipv6Addr prefix | |
| uint8_t functionCode | |
| uint16_t outputAddr | |
| uint16_t outputValue | |
| uint16_t topicId | |
| uint16_t msgId | |
| uint8_t returnCode | |
| uint16_t length | |
| char_t hostname [] | |
| uint16_t serverVersion | |
| uint8_t random [32] | |
| uint8_t sessionIdLen | |
| uint8_t sessionId [] | |
| } | Tls13HelloRetryRequest |
| HelloRetryRequest message. More... | |
| typedef void * | Tls13EndOfEarlyData |
| EndOfEarlyData message. More... | |
| struct { | |
| uint16_t value | |
| uint8_t type | |
| uint8_t length | |
| uint16_t reserved | |
| uint32_t lifetime | |
| Ipv6Addr address [] | |
| uint8_t functionCode | |
| uint16_t regAddr | |
| uint16_t regValue | |
| MqttSnFlags flags | |
| uint16_t topicId | |
| uint16_t msgId | |
| uint8_t data [] | |
| uint16_t length | |
| uint8_t value [] | |
| uint16_t extensionsLen | |
| uint8_t extensions [] | |
| } | Tls13EncryptedExtensions |
| EncryptedExtensions message. More... | |
| struct { | |
| uint8_t protocol | |
| uint8_t algorithm | |
| uint8_t rdm | |
| uint8_t replayDetection [8] | |
| uint8_t authInfo [] | |
| uint8_t type | |
| uint8_t length | |
| uint16_t reserved | |
| uint32_t lifetime | |
| uint8_t domainNames [] | |
| uint8_t functionCode | |
| uint16_t regAddr | |
| uint16_t regValue | |
| uint16_t topicId | |
| uint16_t msgId | |
| uint8_t returnCode | |
| char_t value [] | |
| uint32_t ticketLifetime | |
| uint32_t ticketAgeAdd | |
| uint8_t ticketNonceLen | |
| uint8_t ticketNonce [] | |
| } | Tls13NewSessionTicket |
| NewSessionTicket message (TLS 1.3) More... | |
| struct { | |
| Ipv6Addr serverAddr | |
| uint8_t type | |
| uint8_t length | |
| uint8_t contextLength | |
| uint8_t cid: 4 | |
| uint8_t c: 1 | |
| uint8_t reserved1: 3 | |
| uint16_t reserved2 | |
| uint16_t validLifetime | |
| Ipv6Addr contextPrefix | |
| uint8_t functionCode | |
| uint16_t startingAddr | |
| uint16_t quantityOfOutputs | |
| uint8_t byteCount | |
| uint8_t outputValue [] | |
| uint16_t msgId | |
| uint16_t length | |
| uint8_t value [] | |
| uint8_t requestUpdate | |
| } | Tls13KeyUpdate |
| KeyUpdate message. More... | |
| struct { | |
| uint16_t statusCode | |
| char_t statusMessage [] | |
| uint8_t functionCode | |
| uint16_t startingAddr | |
| uint16_t quantityOfOutputs | |
| uint16_t msgId | |
| uint16_t length | |
| uint16_t value [] | |
| uint8_t data [] | |
| } | Tls13Ticket |
| Session ticket. More... | |
| struct { | |
| uint8_t msgType | |
| uint8_t functionCode | |
| uint16_t startingAddr | |
| uint16_t quantityOfRegs | |
| uint8_t byteCount | |
| uint16_t regValue [] | |
| uint16_t msgId | |
| uint8_t length | |
| uint8_t value [] | |
| uint16_t version | |
| Protocol version. More... | |
| uint16_t cipherSuite | |
| Cipher suite identifier. More... | |
| systime_t ticketTimestamp | |
| Timestamp to manage ticket lifetime. More... | |
| uint32_t ticketLifetime | |
| Lifetime of the ticket. More... | |
| uint32_t ticketAgeAdd | |
| Random value used to obscure the age of the ticket. More... | |
| uint8_t ticketNonce [4] | |
| A per-ticket value that is unique across all tickets issued. More... | |
| size_t ticketPskLen | |
| Length of the PSK associated with the ticket. More... | |
| uint8_t ticketPsk [TLS13_MAX_HKDF_DIGEST_SIZE] | |
| PSK associated with the ticket. More... | |
| } | Tls13PlaintextSessionState |
| Session state information. More... | |
Functions | |
| error_t | tls13ComputePskBinder (TlsContext *context, const void *clientHello, size_t clientHelloLen, size_t truncatedClientHelloLen, const Tls13PskIdentity *identity, uint8_t *binder, size_t binderLen) |
| Compute PSK binder value. More... | |
| error_t | tls13GenerateKeyShare (TlsContext *context, uint16_t namedGroup) |
| Key share generation. More... | |
| error_t | tls13GenerateSharedSecret (TlsContext *context, const uint8_t *keyShare, size_t length) |
| (EC)DHE shared secret generation More... | |
| error_t | tls13ComputeMac (TlsContext *context, TlsEncryptionEngine *encryptionEngine, void *record, const uint8_t *data, size_t dataLen, uint8_t *mac) |
| Compute message authentication code. More... | |
| error_t | tls13DigestClientHello1 (TlsContext *context) |
| Hash ClientHello1 in the transcript when HelloRetryRequest is used. More... | |
| bool_t | tls13IsPskValid (TlsContext *context) |
| Check whether an externally established PSK is valid. More... | |
| bool_t | tls13IsGroupSupported (TlsContext *context, uint16_t namedGroup) |
| Check whether a given named group is supported. More... | |
| bool_t | tls13IsEcdheGroupSupported (TlsContext *context, uint16_t namedGroup) |
| Check whether a given ECDHE group is supported. More... | |
| bool_t | tls13IsFfdheGroupSupported (TlsContext *context, uint16_t namedGroup) |
| Check whether a given FFDHE group is supported. More... | |
| error_t | tls13CheckDuplicateKeyShare (uint16_t namedGroup, const uint8_t *p, size_t length) |
| Check whether the specified key share group is a duplicate. More... | |
| error_t | tls13FormatCertExtensions (uint8_t *p, size_t *written) |
| Format certificate extensions. More... | |
| error_t | tls13ParseCertExtensions (const uint8_t *p, size_t length, size_t *consumed) |
| Parse certificate extensions. More... | |
Variables | |
| const uint8_t | tls11DowngradeRandom [8] |
| const uint8_t | tls12DowngradeRandom [8] |
| const uint8_t | tls13HelloRetryRequestRandom [32] |
Detailed Description
TLS 1.3 helper functions.
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2010-2023 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneSSL Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.2.4
Definition in file tls13_misc.h.
Macro Definition Documentation
◆ TLS13_DHE_KE_SUPPORT
| #define TLS13_DHE_KE_SUPPORT ENABLED |
Definition at line 36 of file tls13_misc.h.
◆ TLS13_EARLY_DATA_SUPPORT
| #define TLS13_EARLY_DATA_SUPPORT DISABLED |
Definition at line 71 of file tls13_misc.h.
◆ TLS13_ECDHE_KE_SUPPORT
| #define TLS13_ECDHE_KE_SUPPORT ENABLED |
Definition at line 43 of file tls13_misc.h.
◆ TLS13_MAX_COOKIE_SIZE
| #define TLS13_MAX_COOKIE_SIZE 256 |
Definition at line 85 of file tls13_misc.h.
◆ TLS13_MAX_HKDF_DIGEST_SIZE
| #define TLS13_MAX_HKDF_DIGEST_SIZE 48 |
Definition at line 120 of file tls13_misc.h.
◆ TLS13_MAX_TICKET_LIFETIME
| #define TLS13_MAX_TICKET_LIFETIME 604800 |
Definition at line 99 of file tls13_misc.h.
◆ TLS13_MAX_TICKET_SIZE
| #define TLS13_MAX_TICKET_SIZE 1024 |
Definition at line 92 of file tls13_misc.h.
◆ TLS13_MIDDLEBOX_COMPAT_SUPPORT
| #define TLS13_MIDDLEBOX_COMPAT_SUPPORT ENABLED |
Definition at line 78 of file tls13_misc.h.
◆ TLS13_NEW_SESSION_TICKET_COUNT
| #define TLS13_NEW_SESSION_TICKET_COUNT 2 |
Definition at line 113 of file tls13_misc.h.
◆ TLS13_PSK_DHE_KE_SUPPORT
| #define TLS13_PSK_DHE_KE_SUPPORT ENABLED |
Definition at line 57 of file tls13_misc.h.
◆ TLS13_PSK_ECDHE_KE_SUPPORT
| #define TLS13_PSK_ECDHE_KE_SUPPORT ENABLED |
Definition at line 64 of file tls13_misc.h.
◆ TLS13_PSK_KE_SUPPORT
| #define TLS13_PSK_KE_SUPPORT DISABLED |
Definition at line 50 of file tls13_misc.h.
◆ TLS13_TICKET_AGE_TOLERANCE
| #define TLS13_TICKET_AGE_TOLERANCE 5000 |
Definition at line 106 of file tls13_misc.h.
Typedef Documentation
◆ Tls13CertRequestContext
| typedef { ... } Tls13CertRequestContext |
Certificate request context.
◆ Tls13Cookie
| typedef { ... } Tls13Cookie |
Cookie.
◆ Tls13DigitalSignature
| typedef { ... } Tls13DigitalSignature |
Digitally-signed element (TLS 1.3)
◆ Tls13EncryptedExtensions
| typedef { ... } Tls13EncryptedExtensions |
EncryptedExtensions message.
◆ Tls13EndOfEarlyData
| typedef void* Tls13EndOfEarlyData |
EndOfEarlyData message.
Definition at line 325 of file tls13_misc.h.
◆ Tls13HelloRetryRequest
| typedef { ... } Tls13HelloRetryRequest |
HelloRetryRequest message.
◆ Tls13KeyShareEntry
| typedef { ... } Tls13KeyShareEntry |
Key share entry.
◆ Tls13KeyShareList
| typedef { ... } Tls13KeyShareList |
List of key shares.
◆ Tls13KeyUpdate
| typedef { ... } Tls13KeyUpdate |
KeyUpdate message.
◆ Tls13NewSessionTicket
| typedef { ... } Tls13NewSessionTicket |
NewSessionTicket message (TLS 1.3)
◆ Tls13PlaintextSessionState
| typedef { ... } Tls13PlaintextSessionState |
Session state information.
◆ Tls13PskBinder
| typedef { ... } Tls13PskBinder |
PSK binder.
◆ Tls13PskBinderList
| typedef { ... } Tls13PskBinderList |
List of PSK binders.
◆ Tls13PskIdentity
| typedef { ... } Tls13PskIdentity |
PSK identity.
◆ Tls13PskIdentityList
| typedef { ... } Tls13PskIdentityList |
List of PSK identities.
◆ Tls13PskKeModeList
| typedef { ... } Tls13PskKeModeList |
List of PSK key exchange modes.
◆ Tls13Ticket
| typedef { ... } Tls13Ticket |
Session ticket.
Enumeration Type Documentation
◆ Tls13KeyUpdateRequest
Key update requests.
| Enumerator | |
|---|---|
| TLS_KEY_UPDATE_NOT_REQUESTED | |
| TLS_KEY_UPDATE_REQUESTED | |
Definition at line 183 of file tls13_misc.h.
◆ Tls13PskKeyExchMode
| enum Tls13PskKeyExchMode |
PSK key exchange modes.
| Enumerator | |
|---|---|
| TLS_PSK_KEY_EXCH_MODE_PSK_KE | |
| TLS_PSK_KEY_EXCH_MODE_PSK_DHE_KE | |
Definition at line 172 of file tls13_misc.h.
◆ Tls13SignatureScheme
| enum Tls13SignatureScheme |
Signature schemes (TLS 1.3)
Definition at line 135 of file tls13_misc.h.
Function Documentation
◆ tls13CheckDuplicateKeyShare()
| error_t tls13CheckDuplicateKeyShare | ( | uint16_t | namedGroup, |
| const uint8_t * | p, | ||
| size_t | length | ||
| ) |
Check whether the specified key share group is a duplicate.
- Parameters
-
[in] namedGroup Named group [in] p List of key share entries [in] length Length of the list, in bytes
- Returns
- Error code
Definition at line 692 of file tls13_misc.c.
◆ tls13ComputeMac()
| error_t tls13ComputeMac | ( | TlsContext * | context, |
| TlsEncryptionEngine * | encryptionEngine, | ||
| void * | record, | ||
| const uint8_t * | data, | ||
| size_t | dataLen, | ||
| uint8_t * | mac | ||
| ) |
Compute message authentication code.
- Parameters
-
[in] context Pointer to the TLS context [in] encryptionEngine Pointer to the encryption/decryption engine [in] record Pointer to the TLS record [in] data Pointer to the record data [in] dataLen Length of the data [out] mac The computed MAC value
- Returns
- Error code
Definition at line 458 of file tls13_misc.c.
◆ tls13ComputePskBinder()
| error_t tls13ComputePskBinder | ( | TlsContext * | context, |
| const void * | clientHello, | ||
| size_t | clientHelloLen, | ||
| size_t | truncatedClientHelloLen, | ||
| const Tls13PskIdentity * | identity, | ||
| uint8_t * | binder, | ||
| size_t | binderLen | ||
| ) |
Compute PSK binder value.
- Parameters
-
[in] context Pointer to the TLS context [in] clientHello Pointer to the ClientHello message [in] clientHelloLen Length of the ClientHello message [in] truncatedClientHelloLen Length of the partial ClientHello message [in] identity Pointer to the PSK identity [out] binder Buffer where to store the resulting PSK binder [in] binderLen Expected length of the PSK binder
- Returns
- Error code
Definition at line 87 of file tls13_misc.c.
◆ tls13DigestClientHello1()
| error_t tls13DigestClientHello1 | ( | TlsContext * | context | ) |
Hash ClientHello1 in the transcript when HelloRetryRequest is used.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 500 of file tls13_misc.c.
◆ tls13FormatCertExtensions()
| error_t tls13FormatCertExtensions | ( | uint8_t * | p, |
| size_t * | written | ||
| ) |
Format certificate extensions.
- Parameters
-
[in] p Output stream where to write the list of extensions [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 738 of file tls13_misc.c.
◆ tls13GenerateKeyShare()
| error_t tls13GenerateKeyShare | ( | TlsContext * | context, |
| uint16_t | namedGroup | ||
| ) |
Key share generation.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- Error code
Definition at line 261 of file tls13_misc.c.
◆ tls13GenerateSharedSecret()
| error_t tls13GenerateSharedSecret | ( | TlsContext * | context, |
| const uint8_t * | keyShare, | ||
| size_t | length | ||
| ) |
(EC)DHE shared secret generation
- Parameters
-
[in] context Pointer to the TLS context [in] keyShare Pointer to the peer's (EC)DHE parameters [in] length Length of the (EC)DHE parameters, in bytes
- Returns
- Error code
Definition at line 354 of file tls13_misc.c.
◆ tls13IsEcdheGroupSupported()
| bool_t tls13IsEcdheGroupSupported | ( | TlsContext * | context, |
| uint16_t | namedGroup | ||
| ) |
Check whether a given ECDHE group is supported.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- TRUE is the ECDHE group is supported, else FALSE
Definition at line 616 of file tls13_misc.c.
◆ tls13IsFfdheGroupSupported()
| bool_t tls13IsFfdheGroupSupported | ( | TlsContext * | context, |
| uint16_t | namedGroup | ||
| ) |
Check whether a given FFDHE group is supported.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- TRUE is the FFDHE group is supported, else FALSE
Definition at line 654 of file tls13_misc.c.
◆ tls13IsGroupSupported()
| bool_t tls13IsGroupSupported | ( | TlsContext * | context, |
| uint16_t | namedGroup | ||
| ) |
Check whether a given named group is supported.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- TRUE is the named group is supported, else FALSE
Definition at line 583 of file tls13_misc.c.
◆ tls13IsPskValid()
| bool_t tls13IsPskValid | ( | TlsContext * | context | ) |
Check whether an externally established PSK is valid.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- TRUE is the PSK is valid, else FALSE
Definition at line 545 of file tls13_misc.c.
◆ tls13ParseCertExtensions()
| error_t tls13ParseCertExtensions | ( | const uint8_t * | p, |
| size_t | length, | ||
| size_t * | consumed | ||
| ) |
Parse certificate extensions.
- Parameters
-
[in] p Input stream where to read the list of extensions [in] length Number of bytes available in the input stream [out] consumed Total number of bytes that have been consumed
- Returns
- Error code
Definition at line 767 of file tls13_misc.c.
Variable Documentation
◆ algorithm
| uint16_t algorithm |
Definition at line 302 of file tls13_misc.h.
◆ cipherSuite
| uint16_t cipherSuite |
Cipher suite identifier.
Definition at line 380 of file tls13_misc.h.
◆ data
| uint8_t data[] |
Definition at line 369 of file tls13_misc.h.
◆ extensions
| uint8_t extensions[] |
Definition at line 335 of file tls13_misc.h.
◆ extensionsLen
| uint16_t extensionsLen |
Definition at line 334 of file tls13_misc.h.
◆ group
| uint16_t group |
Definition at line 213 of file tls13_misc.h.
◆ keyExchange
| uint8_t keyExchange[] |
Definition at line 215 of file tls13_misc.h.
◆ length
| uint16_t length |
Definition at line 202 of file tls13_misc.h.
◆ random
| uint8_t random[32] |
Definition at line 315 of file tls13_misc.h.
◆ requestUpdate
| uint8_t requestUpdate |
Definition at line 358 of file tls13_misc.h.
◆ serverVersion
| uint16_t serverVersion |
Definition at line 314 of file tls13_misc.h.
◆ sessionId
| uint8_t sessionId[] |
Definition at line 317 of file tls13_misc.h.
◆ sessionIdLen
| uint8_t sessionIdLen |
Definition at line 316 of file tls13_misc.h.
◆ ticketAgeAdd
| uint32_t ticketAgeAdd |
Random value used to obscure the age of the ticket.
Definition at line 346 of file tls13_misc.h.
◆ ticketLifetime
| uint32_t ticketLifetime |
Lifetime of the ticket.
Definition at line 345 of file tls13_misc.h.
◆ ticketNonce
| uint8_t ticketNonce[4] |
A per-ticket value that is unique across all tickets issued.
Definition at line 348 of file tls13_misc.h.
◆ ticketNonceLen
| uint8_t ticketNonceLen |
Definition at line 347 of file tls13_misc.h.
◆ ticketPsk
| uint8_t ticketPsk[TLS13_MAX_HKDF_DIGEST_SIZE] |
PSK associated with the ticket.
Definition at line 386 of file tls13_misc.h.
◆ ticketPskLen
| size_t ticketPskLen |
Length of the PSK associated with the ticket.
Definition at line 385 of file tls13_misc.h.
◆ ticketTimestamp
| systime_t ticketTimestamp |
Timestamp to manage ticket lifetime.
Definition at line 381 of file tls13_misc.h.
◆ tls11DowngradeRandom
|
extern |
Definition at line 54 of file tls13_misc.c.
◆ tls12DowngradeRandom
|
extern |
Definition at line 60 of file tls13_misc.c.
◆ tls13HelloRetryRequestRandom
|
extern |
Definition at line 66 of file tls13_misc.c.
◆ value
| uint8_t value[] |
Definition at line 203 of file tls13_misc.h.
◆ version
| uint16_t version |
Protocol version.
Definition at line 379 of file tls13_misc.h.