TLS 1.3 helper functions. More...
Go to the source code of this file.
Macros | |
#define | TLS13_DHE_KE_SUPPORT ENABLED |
#define | TLS13_ECDHE_KE_SUPPORT ENABLED |
#define | TLS13_PSK_KE_SUPPORT DISABLED |
#define | TLS13_PSK_DHE_KE_SUPPORT ENABLED |
#define | TLS13_PSK_ECDHE_KE_SUPPORT ENABLED |
#define | TLS13_EARLY_DATA_SUPPORT DISABLED |
#define | TLS13_MIDDLEBOX_COMPAT_SUPPORT ENABLED |
#define | TLS13_MAX_COOKIE_SIZE 256 |
#define | TLS13_MAX_TICKET_SIZE 1024 |
#define | TLS13_MAX_TICKET_LIFETIME 604800 |
#define | TLS13_TICKET_AGE_TOLERANCE 5000 |
#define | TLS13_NEW_SESSION_TICKET_COUNT 2 |
#define | TLS13_MAX_HKDF_DIGEST_SIZE 48 |
Typedefs | |
struct { | |
char_t type | |
uint32_t dataStart | |
uint32_t dataLength | |
uint8_t nameLength | |
char_t name [] | |
uint8_t tokenLen: 4 | |
uint8_t type: 2 | |
uint8_t version: 2 | |
uint8_t code | |
uint16_t mid | |
uint8_t token [] | |
union { | |
uint8_t b [6] | |
uint16_t w [3] | |
} | |
uint16_t srcPort | |
uint16_t destPort | |
uint32_t seqNum | |
uint32_t ackNum | |
uint8_t reserved1: 4 | |
uint8_t dataOffset: 4 | |
uint8_t flags: 6 | |
uint8_t reserved2: 2 | |
uint16_t window | |
uint16_t checksum | |
uint16_t urgentPointer | |
uint8_t options [] | |
uint16_t length | |
uint8_t data [] | |
uint8_t op | |
uint8_t htype | |
uint8_t hlen | |
uint8_t hops | |
uint32_t xid | |
uint16_t secs | |
uint16_t flags | |
Ipv4Addr ciaddr | |
Ipv4Addr yiaddr | |
Ipv4Addr siaddr | |
Ipv4Addr giaddr | |
MacAddr chaddr | |
uint8_t unused [10] | |
uint8_t sname [64] | |
uint8_t file [128] | |
uint32_t magicCookie | |
uint16_t type | |
uint16_t hardwareType | |
uint32_t time | |
MacAddr linkLayerAddr | |
uint16_t id | |
uint8_t rd: 1 | |
uint8_t tc: 1 | |
uint8_t aa: 1 | |
uint8_t opcode: 4 | |
uint8_t qr: 1 | |
uint8_t rcode: 4 | |
uint8_t z: 3 | |
uint8_t ra: 1 | |
uint16_t qdcount | |
uint16_t ancount | |
uint16_t nscount | |
uint16_t arcount | |
uint8_t questions [] | |
uint16_t controlWord | |
uint16_t byteCount | |
uint8_t bLength | |
uint8_t bDescriptorType | |
uint16_t bcdUsb | |
uint8_t bDeviceClass | |
uint8_t bDeviceSubClass | |
uint8_t bDeviceProtocol | |
uint8_t bMaxPacketSize0 | |
uint16_t idVendor | |
uint16_t idProduct | |
uint16_t bcdDevice | |
uint8_t iManufacturer | |
uint8_t iProduct | |
uint8_t iSerialNumber | |
uint8_t bNumConfigurations | |
uint8_t maxRespTime | |
Ipv4Addr groupAddr | |
uint16_t hrd | |
uint16_t pro | |
uint8_t hln | |
uint8_t pln | |
uint16_t op | |
MacAddr sha | |
Ipv4Addr spa | |
MacAddr tha | |
Ipv4Addr tpa | |
uint8_t length | |
uint8_t value [] | |
uint16_t first | |
uint16_t last | |
uint16_t next | |
union { | |
uint8_t b [16] | |
uint16_t w [8] | |
uint32_t dw [4] | |
} | |
uint16_t maxRespDelay | |
uint16_t reserved | |
Ipv6Addr multicastAddr | |
uint32_t reserved | |
uint16_t pvid | |
uint8_t autoNegSupportStatus | |
uint16_t pmdAutoNegAdvCap | |
uint16_t operationalMauType | |
uint16_t capabilities | |
uint8_t deviceType | |
uint8_t lengthH: 1 | |
uint8_t lengthL | |
uint8_t t: 1 | |
uint8_t c: 1 | |
union { | |
int32_t integer | |
uint8_t octetString [1] | |
uint8_t oid [1] | |
uint8_t ipAddr [4] | |
uint32_t counter32 | |
uint32_t gauge32 | |
uint32_t unsigned32 | |
uint32_t timeTicks | |
uint64_t counter64 | |
} | |
uint16_t transactionId | |
uint16_t protocolId | |
uint8_t unitId | |
uint8_t pdu [] | |
uint8_t retain: 1 | |
uint8_t qos: 2 | |
uint8_t dup: 1 | |
union { | |
uint8_t all | |
struct { | |
uint8_t topicIdType: 2 | |
uint8_t cleanSession: 1 | |
uint8_t will: 1 | |
uint8_t retain: 1 | |
uint8_t qos: 2 | |
uint8_t dup: 1 | |
} | |
} | |
uint8_t b: 1 | |
uint8_t identifier | |
uint8_t valueSize | |
Ipv4Addr srcIpAddr | |
Ipv4Addr destIpAddr | |
Eui64 interfaceId | |
uint16_t mru | |
uint8_t peerIdLength | |
uint8_t peerId [] | |
uint32_t seconds | |
uint32_t fraction | |
uint16_t opcode | |
char_t filename [] | |
uint8_t reserved: 3 | |
uint8_t fin: 1 | |
uint8_t payloadLen: 7 | |
uint8_t mask: 1 | |
uint8_t extPayloadLen [] | |
uint32_t length | |
uint8_t payload [] | |
uint8_t protocolVersionId | |
uint8_t bpduType | |
StpBridgeId rootId | |
uint32_t rootPathCost | |
StpBridgeId bridgeId | |
uint16_t portId | |
uint16_t messageAge | |
uint16_t maxAge | |
uint16_t helloTime | |
uint16_t forwardDelay | |
uint8_t version1Length | |
uint16_t priority | |
MacAddr addr | |
} | Tls13Cookie |
Cookie. More... | |
struct { | |
char_t type | |
uint32_t dataStart | |
uint32_t dataLength | |
uint8_t nameLength | |
uint8_t length: 4 | |
uint8_t delta: 4 | |
union { | |
uint8_t b [8] | |
uint16_t w [4] | |
uint32_t dw [2] | |
} | |
uint8_t kind | |
uint8_t value [] | |
uint8_t code | |
uint16_t type | |
uint32_t enterpriseNumber | |
uint8_t identifier [] | |
uint16_t qtype | |
uint16_t qclass | |
uint16_t statusWord | |
uint16_t byteCount | |
uint8_t bLength | |
uint8_t bDescriptorType | |
uint16_t wTotalLength | |
uint8_t bNumInterfaces | |
uint8_t bConfigurationValue | |
uint8_t iConfiguration | |
uint8_t bmAttributes | |
uint8_t bMaxPower | |
uint8_t type | |
uint16_t checksum | |
uint8_t parameter | |
uint8_t unused [3] | |
uint8_t data [] | |
uint32_t parameter | |
uint8_t nextHeader | |
uint8_t hdrExtLen | |
uint8_t options [] | |
uint8_t curHopLimit | |
uint8_t reserved: 2 | |
uint8_t p: 1 | |
uint8_t prf: 2 | |
uint8_t h: 1 | |
uint8_t o: 1 | |
uint8_t m: 1 | |
uint16_t routerLifetime | |
uint32_t reachableTime | |
uint32_t retransTimer | |
uint8_t flags | |
uint16_t ppvid | |
uint8_t mdiPowerSupport | |
uint8_t psePowerPair | |
uint8_t powerClass | |
uint8_t appType | |
uint8_t vlanIdH: 5 | |
uint8_t x: 1 | |
uint8_t t: 1 | |
uint8_t u: 1 | |
uint8_t l2PriorityH: 1 | |
uint8_t vlanIdL: 7 | |
uint8_t dscpValue: 6 | |
uint8_t l2PriorityL: 2 | |
uint8_t chassisIdSubtype | |
uint8_t chassisId [] | |
uint8_t functionCode | |
uint16_t startingAddr | |
uint16_t quantityOfCoils | |
uint16_t length | |
uint8_t msgType | |
uint16_t flags | |
Ipv4Addr addr | |
uint8_t valueSize | |
uint16_t protocol | |
uint32_t accm | |
uint8_t msgLength | |
uint8_t message [] | |
uint8_t mode: 3 | |
uint8_t vn: 3 | |
uint8_t li: 2 | |
uint8_t stratum | |
uint8_t poll | |
int8_t precision | |
uint32_t rootDelay | |
uint32_t rootDispersion | |
uint32_t referenceId | |
NtpTimestamp referenceTimestamp | |
NtpTimestamp originateTimestamp | |
NtpTimestamp receiveTimestamp | |
NtpTimestamp transmitTimestamp | |
uint16_t opcode | |
char_t filename [] | |
uint16_t value [] | |
uint16_t group | |
uint8_t keyExchange [] | |
uint32_t id | |
uint32_t dataLen | |
} | Tls13KeyShareEntry |
Key share entry. More... | |
struct { | |
uint32_t totalSize | |
ResRootEntry rootEntry | |
MacAddr destAddr | |
MacAddr srcAddr | |
uint16_t type | |
uint8_t data [] | |
uint16_t hardwareType | |
MacAddr linkLayerAddr | |
uint16_t rtype | |
uint16_t rclass | |
uint32_t ttl | |
uint16_t rdlength | |
uint8_t rdata [] | |
uint8_t bLength | |
uint8_t bDescriptorType | |
uint8_t bInterfaceNumber | |
uint8_t bAlternateSetting | |
uint8_t bNumEndpoints | |
uint8_t bInterfaceClass | |
uint8_t bInterfaceSubClass | |
uint8_t bInterfaceProtocol | |
uint8_t iInterface | |
uint8_t type | |
uint8_t code | |
uint16_t checksum | |
uint32_t unused | |
uint8_t nextHeader | |
uint8_t hdrExtLen | |
uint8_t options [] | |
uint32_t reserved | |
Ipv6Addr targetAddr | |
uint16_t vlanId | |
uint8_t vlanNameLen | |
char_t vlanName [] | |
uint8_t aggregationStatus | |
uint32_t aggregatedPortId | |
uint8_t locationDataFormat | |
uint8_t locationId [] | |
uint8_t portIdSubtype | |
uint8_t portId [] | |
uint8_t functionCode | |
uint8_t byteCount | |
uint8_t coilStatus [] | |
uint8_t prefix | |
uint16_t length | |
uint8_t msgType | |
uint8_t identifier | |
uint8_t message [] | |
uint8_t length | |
Ipv4Addr ipAddr | |
uint16_t protocol | |
uint8_t msgLength | |
uint8_t rejectedPacket [] | |
uint32_t keyId | |
uint8_t messageDigest [16] | |
uint16_t opcode | |
uint16_t block | |
uint16_t value [] | |
uint8_t value [] | |
} | Tls13KeyShareList |
List of key shares. More... | |
struct { | |
uint8_t dsap | |
uint8_t ssap | |
uint8_t control | |
uint8_t msgType | |
uint8_t transactionId [3] | |
uint8_t options [] | |
uint16_t rtype | |
uint16_t rclass | |
uint32_t ttl | |
uint16_t rdlength | |
uint8_t rdata [4] | |
uint8_t bLength | |
uint8_t bDescriptorType | |
uint8_t bEndpointAddress | |
uint8_t bmAttributes | |
uint16_t wMaxPacketSize | |
uint8_t bInterval | |
uint8_t type | |
uint8_t code | |
uint16_t checksum | |
uint32_t unused | |
uint8_t data [] | |
uint32_t mtu | |
uint8_t nextHeader | |
uint8_t hdrExtLen | |
uint8_t routingType | |
uint8_t segmentsLeft | |
uint32_t reserved | |
Ipv6Addr address [] | |
uint8_t reserved1: 5 | |
uint8_t o: 1 | |
uint8_t s: 1 | |
uint8_t r: 1 | |
uint8_t reserved2 [3] | |
Ipv6Addr targetAddr | |
uint8_t protocolIdLen | |
uint8_t protocolId [] | |
uint16_t maxFrameSize | |
uint8_t powerPriority: 4 | |
uint8_t powerSource: 2 | |
uint8_t powerType: 2 | |
uint16_t powerValue | |
uint16_t ttl | |
uint8_t functionCode | |
uint16_t startingAddr | |
uint16_t quantityOfInputs | |
uint8_t gwId | |
uint16_t duration | |
uint8_t identifier | |
uint16_t length | |
uint8_t message [] | |
uint8_t length | |
Ipv4Addr ipAddr | |
uint16_t protocol | |
uint16_t rejectedProtocol | |
uint8_t rejectedInfo [] | |
uint16_t opcode | |
uint16_t block | |
uint16_t version | |
uint16_t epoch | |
DtlsSequenceNumber seqNum | |
uint8_t hash | |
uint8_t signature | |
uint8_t value [] | |
} | Tls13PskKeModeList |
List of PSK key exchange modes. More... | |
struct { | |
uint16_t tci | |
uint16_t type | |
uint8_t msgType | |
uint8_t hopCount | |
Ipv6Addr linkAddress | |
Ipv6Addr peerAddress | |
uint8_t options [] | |
uint16_t rtype | |
uint16_t rclass | |
uint32_t ttl | |
uint16_t rdlength | |
uint8_t rdata [16] | |
uint8_t bLength | |
uint8_t bDescriptorType | |
uint16_t bString [] | |
uint8_t type | |
uint8_t code | |
uint16_t checksum | |
uint8_t pointer | |
uint8_t unused [3] | |
uint8_t data [] | |
uint32_t unused | |
uint8_t nextHeader | |
uint8_t payloadLen | |
uint16_t reserved | |
uint32_t securityParamIndex | |
uint32_t sequenceNumber | |
uint8_t authData [] | |
uint32_t reserved | |
Ipv6Addr targetAddr | |
Ipv6Addr destAddr | |
uint8_t measurements [20] | |
uint16_t psePowerPriceIndex | |
uint16_t supportedCap | |
uint16_t enabledCap | |
uint8_t functionCode | |
uint8_t byteCount | |
uint8_t inputStatus [] | |
uint8_t radius | |
uint8_t length | |
Ipv4Addr ipAddr | |
uint32_t magicNumber | |
uint8_t identifier | |
uint16_t length | |
uint16_t opcode | |
uint16_t errorCode | |
char_t errorMsg [] | |
uint16_t msgSeq | |
uint8_t fragOffset [3] | |
uint8_t fragLength [3] | |
TlsSignHashAlgo value [] | |
uint8_t value [] | |
} | Tls13PskIdentity |
PSK identity. More... | |
struct { | |
uint16_t code | |
uint16_t length | |
uint8_t value [] | |
uint16_t rtype | |
uint16_t rclass | |
uint32_t ttl | |
uint16_t rdlength | |
uint16_t priority | |
uint16_t weight | |
uint16_t port | |
uint8_t target [] | |
uint8_t bFunctionLength | |
uint8_t bDescriptorType | |
uint8_t bDescriptorSubtype | |
uint16_t bcdCdc | |
uint8_t type | |
uint8_t code | |
uint16_t checksum | |
uint16_t identifier | |
uint16_t sequenceNumber | |
uint8_t data [] | |
uint32_t pointer | |
uint32_t securityParamIndex | |
uint32_t sequenceNumber | |
uint8_t payloadData [] | |
uint8_t length | |
uint8_t powerPriority: 2 | |
uint8_t pd4pid: 1 | |
uint8_t reserved: 1 | |
uint8_t powerSource: 2 | |
uint8_t powerType: 2 | |
uint16_t pdRequestedPower | |
uint16_t pseAllocatedPower | |
uint8_t mgmtAddrLen | |
uint8_t mgmtAddrSubtype | |
uint8_t mgmtAddr [] | |
uint8_t functionCode | |
uint16_t startingAddr | |
uint16_t quantityOfRegs | |
uint8_t gwId | |
uint8_t gwAdd [] | |
Ipv4Addr ipAddr | |
uint8_t identifier | |
uint32_t magicNumber | |
uint16_t serverVersion | |
uint8_t cookieLength | |
uint8_t cookie [] | |
} | Tls13PskIdentityList |
List of PSK identities. More... | |
struct { | |
uint32_t iaId | |
uint32_t t1 | |
uint32_t t2 | |
uint8_t options [] | |
uint8_t bFunctionLength | |
uint8_t bDescriptorType | |
uint8_t bDescriptorSubtype | |
uint8_t bmCapabilities | |
uint8_t bDataInterface | |
uint8_t type | |
uint8_t code | |
uint16_t checksum | |
uint16_t identifier | |
uint16_t sequenceNumber | |
uint8_t data [] | |
uint8_t length | |
MacAddr linkLayerAddr | |
uint16_t pdRequestedPowerA | |
uint16_t pdRequestedPowerB | |
uint16_t pseAllocatedPowerA | |
uint16_t pseAllocatedPowerB | |
uint16_t powerStatus | |
uint8_t systemSetup | |
uint16_t pseMaxAvailablePower | |
uint8_t autoclass | |
uint8_t powerDown [3] | |
uint8_t ifNumSubtype | |
uint32_t ifNum | |
uint8_t oidLen | |
uint8_t oid [] | |
uint8_t functionCode | |
uint8_t byteCount | |
uint16_t regValue [] | |
MqttSnFlags flags | |
uint8_t protocolId | |
uint16_t duration | |
char_t clientId [] | |
Ipv4Addr ipAddr | |
uint16_t length | |
uint8_t value [] | |
} | Tls13PskBinder |
PSK binder. More... | |
struct { | |
uint32_t iaId | |
uint8_t options [] | |
uint8_t bFunctionLength | |
uint8_t bDescriptorType | |
uint8_t bDescriptorSubtype | |
uint8_t bmCapabilities | |
uint8_t type | |
uint8_t length | |
uint8_t prefixLength | |
uint8_t reserved1: 5 | |
uint8_t r: 1 | |
uint8_t a: 1 | |
uint8_t l: 1 | |
uint32_t validLifetime | |
uint32_t preferredLifetime | |
uint32_t reserved2 | |
Ipv6Addr prefix | |
uint8_t oui [LLDP_OUI_SIZE] | |
uint8_t subtype | |
uint8_t value [] | |
uint8_t functionCode | |
uint16_t startingAddr | |
uint16_t quantityOfRegs | |
uint8_t returnCode | |
uint16_t type | |
uint16_t length | |
} | Tls13PskBinderList |
List of PSK binders. More... | |
struct { | |
Ipv6Addr address | |
uint32_t preferredLifetime | |
uint32_t validLifetime | |
uint8_t options [] | |
uint8_t bFunctionLength | |
uint8_t bDescriptorType | |
uint8_t bDescriptorSubtype | |
uint8_t bMasterInterface | |
uint8_t bSlaveInterface0 | |
uint8_t type | |
uint8_t length | |
uint16_t reserved1 | |
uint32_t reserved2 | |
uint8_t ipPacket [] | |
uint8_t functionCode | |
uint8_t byteCount | |
uint16_t regValue [] | |
MqttSnFlags flags | |
char_t willTopic [] | |
uint16_t length | |
uint8_t value [] | |
} | Tls13CertRequestContext |
Certificate request context. More... | |
struct { | |
uint16_t requestedOption [1] | |
UsbConfigDescriptor configDescriptor | |
UsbInterfaceDescriptor communicationInterfaceDescriptor | |
CdcHeaderDescriptor cdcHeaderDescriptor | |
CdcCallManagementDescriptor cdcCallManagementDescriptor | |
CdcAcmDescriptor cdcAcmDescriptor | |
CdcUnionDescriptor cdcUnionDescriptor | |
UsbEndpointDescriptor notificationEndpointDescriptor | |
UsbInterfaceDescriptor dataInterfaceDescriptor | |
UsbEndpointDescriptor dataOutEndpointDescriptor | |
UsbEndpointDescriptor dataInEndpointDescriptor | |
uint8_t type | |
uint8_t length | |
uint16_t reserved | |
uint32_t mtu | |
uint8_t functionCode | |
uint16_t outputAddr | |
uint16_t outputValue | |
uint16_t topicId | |
uint16_t msgId | |
char_t topicName [] | |
uint16_t value [] | |
uint16_t algorithm | |
uint16_t length | |
uint8_t value [] | |
} | Tls13DigitalSignature |
Digitally-signed element (TLS 1.3) More... | |
struct { | |
uint8_t value | |
uint8_t type | |
uint8_t length | |
uint8_t prefixLength | |
uint8_t reserved2: 3 | |
uint8_t prf: 2 | |
uint8_t reserved1: 3 | |
uint32_t routeLifetime | |
Ipv6Addr prefix | |
uint8_t functionCode | |
uint16_t outputAddr | |
uint16_t outputValue | |
uint16_t topicId | |
uint16_t msgId | |
uint8_t returnCode | |
uint16_t length | |
char_t hostname [] | |
uint16_t serverVersion | |
uint8_t random [32] | |
uint8_t sessionIdLen | |
uint8_t sessionId [] | |
} | Tls13HelloRetryRequest |
HelloRetryRequest message. More... | |
typedef void * | Tls13EndOfEarlyData |
EndOfEarlyData message. More... | |
struct { | |
uint16_t value | |
uint8_t type | |
uint8_t length | |
uint16_t reserved | |
uint32_t lifetime | |
Ipv6Addr address [] | |
uint8_t functionCode | |
uint16_t regAddr | |
uint16_t regValue | |
MqttSnFlags flags | |
uint16_t topicId | |
uint16_t msgId | |
uint8_t data [] | |
uint16_t length | |
uint8_t value [] | |
uint16_t extensionsLen | |
uint8_t extensions [] | |
} | Tls13EncryptedExtensions |
EncryptedExtensions message. More... | |
struct { | |
uint8_t protocol | |
uint8_t algorithm | |
uint8_t rdm | |
uint8_t replayDetection [8] | |
uint8_t authInfo [] | |
uint8_t type | |
uint8_t length | |
uint16_t reserved | |
uint32_t lifetime | |
uint8_t domainNames [] | |
uint8_t functionCode | |
uint16_t regAddr | |
uint16_t regValue | |
uint16_t topicId | |
uint16_t msgId | |
uint8_t returnCode | |
char_t value [] | |
uint32_t ticketLifetime | |
uint32_t ticketAgeAdd | |
uint8_t ticketNonceLen | |
uint8_t ticketNonce [] | |
} | Tls13NewSessionTicket |
NewSessionTicket message (TLS 1.3) More... | |
struct { | |
Ipv6Addr serverAddr | |
uint8_t type | |
uint8_t length | |
uint8_t contextLength | |
uint8_t cid: 4 | |
uint8_t c: 1 | |
uint8_t reserved1: 3 | |
uint16_t reserved2 | |
uint16_t validLifetime | |
Ipv6Addr contextPrefix | |
uint8_t functionCode | |
uint16_t startingAddr | |
uint16_t quantityOfOutputs | |
uint8_t byteCount | |
uint8_t outputValue [] | |
uint16_t msgId | |
uint16_t length | |
uint8_t value [] | |
uint8_t requestUpdate | |
} | Tls13KeyUpdate |
KeyUpdate message. More... | |
struct { | |
uint16_t statusCode | |
char_t statusMessage [] | |
uint8_t functionCode | |
uint16_t startingAddr | |
uint16_t quantityOfOutputs | |
uint16_t msgId | |
uint16_t length | |
uint16_t value [] | |
uint8_t data [] | |
} | Tls13Ticket |
Session ticket. More... | |
struct { | |
uint8_t msgType | |
uint8_t functionCode | |
uint16_t startingAddr | |
uint16_t quantityOfRegs | |
uint8_t byteCount | |
uint16_t regValue [] | |
uint16_t msgId | |
uint8_t length | |
uint8_t value [] | |
uint16_t version | |
Protocol version. More... | |
uint16_t cipherSuite | |
Cipher suite identifier. More... | |
systime_t ticketTimestamp | |
Timestamp to manage ticket lifetime. More... | |
uint32_t ticketLifetime | |
Lifetime of the ticket. More... | |
uint32_t ticketAgeAdd | |
Random value used to obscure the age of the ticket. More... | |
uint8_t ticketNonce [4] | |
A per-ticket value that is unique across all tickets issued. More... | |
size_t ticketPskLen | |
Length of the PSK associated with the ticket. More... | |
uint8_t ticketPsk [TLS13_MAX_HKDF_DIGEST_SIZE] | |
PSK associated with the ticket. More... | |
} | Tls13PlaintextSessionState |
Session state information. More... | |
Functions | |
error_t | tls13ComputePskBinder (TlsContext *context, const void *clientHello, size_t clientHelloLen, size_t truncatedClientHelloLen, const Tls13PskIdentity *identity, uint8_t *binder, size_t binderLen) |
Compute PSK binder value. More... | |
error_t | tls13GenerateKeyShare (TlsContext *context, uint16_t namedGroup) |
Key share generation. More... | |
error_t | tls13GenerateSharedSecret (TlsContext *context, const uint8_t *keyShare, size_t length) |
(EC)DHE shared secret generation More... | |
error_t | tls13ComputeMac (TlsContext *context, TlsEncryptionEngine *encryptionEngine, void *record, const uint8_t *data, size_t dataLen, uint8_t *mac) |
Compute message authentication code. More... | |
error_t | tls13DigestClientHello1 (TlsContext *context) |
Hash ClientHello1 in the transcript when HelloRetryRequest is used. More... | |
bool_t | tls13IsPskValid (TlsContext *context) |
Check whether an externally established PSK is valid. More... | |
bool_t | tls13IsGroupSupported (TlsContext *context, uint16_t namedGroup) |
Check whether a given named group is supported. More... | |
bool_t | tls13IsEcdheGroupSupported (TlsContext *context, uint16_t namedGroup) |
Check whether a given ECDHE group is supported. More... | |
bool_t | tls13IsFfdheGroupSupported (TlsContext *context, uint16_t namedGroup) |
Check whether a given FFDHE group is supported. More... | |
error_t | tls13CheckDuplicateKeyShare (uint16_t namedGroup, const uint8_t *p, size_t length) |
Check whether the specified key share group is a duplicate. More... | |
error_t | tls13FormatCertExtensions (uint8_t *p, size_t *written) |
Format certificate extensions. More... | |
error_t | tls13ParseCertExtensions (const uint8_t *p, size_t length, size_t *consumed) |
Parse certificate extensions. More... | |
Variables | |
const uint8_t | tls11DowngradeRandom [8] |
const uint8_t | tls12DowngradeRandom [8] |
const uint8_t | tls13HelloRetryRequestRandom [32] |
Detailed Description
TLS 1.3 helper functions.
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2010-2023 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneSSL Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.2.4
Definition in file tls13_misc.h.
Macro Definition Documentation
◆ TLS13_DHE_KE_SUPPORT
#define TLS13_DHE_KE_SUPPORT ENABLED |
Definition at line 36 of file tls13_misc.h.
◆ TLS13_EARLY_DATA_SUPPORT
#define TLS13_EARLY_DATA_SUPPORT DISABLED |
Definition at line 71 of file tls13_misc.h.
◆ TLS13_ECDHE_KE_SUPPORT
#define TLS13_ECDHE_KE_SUPPORT ENABLED |
Definition at line 43 of file tls13_misc.h.
◆ TLS13_MAX_COOKIE_SIZE
#define TLS13_MAX_COOKIE_SIZE 256 |
Definition at line 85 of file tls13_misc.h.
◆ TLS13_MAX_HKDF_DIGEST_SIZE
#define TLS13_MAX_HKDF_DIGEST_SIZE 48 |
Definition at line 120 of file tls13_misc.h.
◆ TLS13_MAX_TICKET_LIFETIME
#define TLS13_MAX_TICKET_LIFETIME 604800 |
Definition at line 99 of file tls13_misc.h.
◆ TLS13_MAX_TICKET_SIZE
#define TLS13_MAX_TICKET_SIZE 1024 |
Definition at line 92 of file tls13_misc.h.
◆ TLS13_MIDDLEBOX_COMPAT_SUPPORT
#define TLS13_MIDDLEBOX_COMPAT_SUPPORT ENABLED |
Definition at line 78 of file tls13_misc.h.
◆ TLS13_NEW_SESSION_TICKET_COUNT
#define TLS13_NEW_SESSION_TICKET_COUNT 2 |
Definition at line 113 of file tls13_misc.h.
◆ TLS13_PSK_DHE_KE_SUPPORT
#define TLS13_PSK_DHE_KE_SUPPORT ENABLED |
Definition at line 57 of file tls13_misc.h.
◆ TLS13_PSK_ECDHE_KE_SUPPORT
#define TLS13_PSK_ECDHE_KE_SUPPORT ENABLED |
Definition at line 64 of file tls13_misc.h.
◆ TLS13_PSK_KE_SUPPORT
#define TLS13_PSK_KE_SUPPORT DISABLED |
Definition at line 50 of file tls13_misc.h.
◆ TLS13_TICKET_AGE_TOLERANCE
#define TLS13_TICKET_AGE_TOLERANCE 5000 |
Definition at line 106 of file tls13_misc.h.
Typedef Documentation
◆ Tls13CertRequestContext
typedef { ... } Tls13CertRequestContext |
Certificate request context.
◆ Tls13Cookie
typedef { ... } Tls13Cookie |
Cookie.
◆ Tls13DigitalSignature
typedef { ... } Tls13DigitalSignature |
Digitally-signed element (TLS 1.3)
◆ Tls13EncryptedExtensions
typedef { ... } Tls13EncryptedExtensions |
EncryptedExtensions message.
◆ Tls13EndOfEarlyData
typedef void* Tls13EndOfEarlyData |
EndOfEarlyData message.
Definition at line 325 of file tls13_misc.h.
◆ Tls13HelloRetryRequest
typedef { ... } Tls13HelloRetryRequest |
HelloRetryRequest message.
◆ Tls13KeyShareEntry
typedef { ... } Tls13KeyShareEntry |
Key share entry.
◆ Tls13KeyShareList
typedef { ... } Tls13KeyShareList |
List of key shares.
◆ Tls13KeyUpdate
typedef { ... } Tls13KeyUpdate |
KeyUpdate message.
◆ Tls13NewSessionTicket
typedef { ... } Tls13NewSessionTicket |
NewSessionTicket message (TLS 1.3)
◆ Tls13PlaintextSessionState
typedef { ... } Tls13PlaintextSessionState |
Session state information.
◆ Tls13PskBinder
typedef { ... } Tls13PskBinder |
PSK binder.
◆ Tls13PskBinderList
typedef { ... } Tls13PskBinderList |
List of PSK binders.
◆ Tls13PskIdentity
typedef { ... } Tls13PskIdentity |
PSK identity.
◆ Tls13PskIdentityList
typedef { ... } Tls13PskIdentityList |
List of PSK identities.
◆ Tls13PskKeModeList
typedef { ... } Tls13PskKeModeList |
List of PSK key exchange modes.
◆ Tls13Ticket
typedef { ... } Tls13Ticket |
Session ticket.
Enumeration Type Documentation
◆ Tls13KeyUpdateRequest
Key update requests.
Enumerator | |
---|---|
TLS_KEY_UPDATE_NOT_REQUESTED | |
TLS_KEY_UPDATE_REQUESTED |
Definition at line 183 of file tls13_misc.h.
◆ Tls13PskKeyExchMode
enum Tls13PskKeyExchMode |
PSK key exchange modes.
Enumerator | |
---|---|
TLS_PSK_KEY_EXCH_MODE_PSK_KE | |
TLS_PSK_KEY_EXCH_MODE_PSK_DHE_KE |
Definition at line 172 of file tls13_misc.h.
◆ Tls13SignatureScheme
enum Tls13SignatureScheme |
Signature schemes (TLS 1.3)
Definition at line 135 of file tls13_misc.h.
Function Documentation
◆ tls13CheckDuplicateKeyShare()
error_t tls13CheckDuplicateKeyShare | ( | uint16_t | namedGroup, |
const uint8_t * | p, | ||
size_t | length | ||
) |
Check whether the specified key share group is a duplicate.
- Parameters
-
[in] namedGroup Named group [in] p List of key share entries [in] length Length of the list, in bytes
- Returns
- Error code
Definition at line 692 of file tls13_misc.c.
◆ tls13ComputeMac()
error_t tls13ComputeMac | ( | TlsContext * | context, |
TlsEncryptionEngine * | encryptionEngine, | ||
void * | record, | ||
const uint8_t * | data, | ||
size_t | dataLen, | ||
uint8_t * | mac | ||
) |
Compute message authentication code.
- Parameters
-
[in] context Pointer to the TLS context [in] encryptionEngine Pointer to the encryption/decryption engine [in] record Pointer to the TLS record [in] data Pointer to the record data [in] dataLen Length of the data [out] mac The computed MAC value
- Returns
- Error code
Definition at line 458 of file tls13_misc.c.
◆ tls13ComputePskBinder()
error_t tls13ComputePskBinder | ( | TlsContext * | context, |
const void * | clientHello, | ||
size_t | clientHelloLen, | ||
size_t | truncatedClientHelloLen, | ||
const Tls13PskIdentity * | identity, | ||
uint8_t * | binder, | ||
size_t | binderLen | ||
) |
Compute PSK binder value.
- Parameters
-
[in] context Pointer to the TLS context [in] clientHello Pointer to the ClientHello message [in] clientHelloLen Length of the ClientHello message [in] truncatedClientHelloLen Length of the partial ClientHello message [in] identity Pointer to the PSK identity [out] binder Buffer where to store the resulting PSK binder [in] binderLen Expected length of the PSK binder
- Returns
- Error code
Definition at line 87 of file tls13_misc.c.
◆ tls13DigestClientHello1()
error_t tls13DigestClientHello1 | ( | TlsContext * | context | ) |
Hash ClientHello1 in the transcript when HelloRetryRequest is used.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 500 of file tls13_misc.c.
◆ tls13FormatCertExtensions()
error_t tls13FormatCertExtensions | ( | uint8_t * | p, |
size_t * | written | ||
) |
Format certificate extensions.
- Parameters
-
[in] p Output stream where to write the list of extensions [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 738 of file tls13_misc.c.
◆ tls13GenerateKeyShare()
error_t tls13GenerateKeyShare | ( | TlsContext * | context, |
uint16_t | namedGroup | ||
) |
Key share generation.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- Error code
Definition at line 261 of file tls13_misc.c.
◆ tls13GenerateSharedSecret()
error_t tls13GenerateSharedSecret | ( | TlsContext * | context, |
const uint8_t * | keyShare, | ||
size_t | length | ||
) |
(EC)DHE shared secret generation
- Parameters
-
[in] context Pointer to the TLS context [in] keyShare Pointer to the peer's (EC)DHE parameters [in] length Length of the (EC)DHE parameters, in bytes
- Returns
- Error code
Definition at line 354 of file tls13_misc.c.
◆ tls13IsEcdheGroupSupported()
bool_t tls13IsEcdheGroupSupported | ( | TlsContext * | context, |
uint16_t | namedGroup | ||
) |
Check whether a given ECDHE group is supported.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- TRUE is the ECDHE group is supported, else FALSE
Definition at line 616 of file tls13_misc.c.
◆ tls13IsFfdheGroupSupported()
bool_t tls13IsFfdheGroupSupported | ( | TlsContext * | context, |
uint16_t | namedGroup | ||
) |
Check whether a given FFDHE group is supported.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- TRUE is the FFDHE group is supported, else FALSE
Definition at line 654 of file tls13_misc.c.
◆ tls13IsGroupSupported()
bool_t tls13IsGroupSupported | ( | TlsContext * | context, |
uint16_t | namedGroup | ||
) |
Check whether a given named group is supported.
- Parameters
-
[in] context Pointer to the TLS context [in] namedGroup Named group
- Returns
- TRUE is the named group is supported, else FALSE
Definition at line 583 of file tls13_misc.c.
◆ tls13IsPskValid()
bool_t tls13IsPskValid | ( | TlsContext * | context | ) |
Check whether an externally established PSK is valid.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- TRUE is the PSK is valid, else FALSE
Definition at line 545 of file tls13_misc.c.
◆ tls13ParseCertExtensions()
error_t tls13ParseCertExtensions | ( | const uint8_t * | p, |
size_t | length, | ||
size_t * | consumed | ||
) |
Parse certificate extensions.
- Parameters
-
[in] p Input stream where to read the list of extensions [in] length Number of bytes available in the input stream [out] consumed Total number of bytes that have been consumed
- Returns
- Error code
Definition at line 767 of file tls13_misc.c.
Variable Documentation
◆ algorithm
uint16_t algorithm |
Definition at line 302 of file tls13_misc.h.
◆ cipherSuite
uint16_t cipherSuite |
Cipher suite identifier.
Definition at line 380 of file tls13_misc.h.
◆ data
uint8_t data[] |
Definition at line 369 of file tls13_misc.h.
◆ extensions
uint8_t extensions[] |
Definition at line 335 of file tls13_misc.h.
◆ extensionsLen
uint16_t extensionsLen |
Definition at line 334 of file tls13_misc.h.
◆ group
uint16_t group |
Definition at line 213 of file tls13_misc.h.
◆ keyExchange
uint8_t keyExchange[] |
Definition at line 215 of file tls13_misc.h.
◆ length
uint16_t length |
Definition at line 202 of file tls13_misc.h.
◆ random
uint8_t random[32] |
Definition at line 315 of file tls13_misc.h.
◆ requestUpdate
uint8_t requestUpdate |
Definition at line 358 of file tls13_misc.h.
◆ serverVersion
uint16_t serverVersion |
Definition at line 314 of file tls13_misc.h.
◆ sessionId
uint8_t sessionId[] |
Definition at line 317 of file tls13_misc.h.
◆ sessionIdLen
uint8_t sessionIdLen |
Definition at line 316 of file tls13_misc.h.
◆ ticketAgeAdd
uint32_t ticketAgeAdd |
Random value used to obscure the age of the ticket.
Definition at line 346 of file tls13_misc.h.
◆ ticketLifetime
uint32_t ticketLifetime |
Lifetime of the ticket.
Definition at line 345 of file tls13_misc.h.
◆ ticketNonce
uint8_t ticketNonce[4] |
A per-ticket value that is unique across all tickets issued.
Definition at line 348 of file tls13_misc.h.
◆ ticketNonceLen
uint8_t ticketNonceLen |
Definition at line 347 of file tls13_misc.h.
◆ ticketPsk
uint8_t ticketPsk[TLS13_MAX_HKDF_DIGEST_SIZE] |
PSK associated with the ticket.
Definition at line 386 of file tls13_misc.h.
◆ ticketPskLen
size_t ticketPskLen |
Length of the PSK associated with the ticket.
Definition at line 385 of file tls13_misc.h.
◆ ticketTimestamp
systime_t ticketTimestamp |
Timestamp to manage ticket lifetime.
Definition at line 381 of file tls13_misc.h.
◆ tls11DowngradeRandom
|
extern |
Definition at line 54 of file tls13_misc.c.
◆ tls12DowngradeRandom
|
extern |
Definition at line 60 of file tls13_misc.c.
◆ tls13HelloRetryRequestRandom
|
extern |
Definition at line 66 of file tls13_misc.c.
◆ value
uint8_t value[] |
Definition at line 203 of file tls13_misc.h.
◆ version
uint16_t version |
Protocol version.
Definition at line 379 of file tls13_misc.h.