tls13_misc.h
Go to the documentation of this file.
1 /**
2  * @file tls13_misc.h
3  * @brief TLS 1.3 helper functions
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2023 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneSSL Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.3.0
29  **/
30 
31 #ifndef _TLS13_MISC_H
32 #define _TLS13_MISC_H
33 
34 //DHE key establishment
35 #ifndef TLS13_DHE_KE_SUPPORT
36  #define TLS13_DHE_KE_SUPPORT ENABLED
37 #elif (TLS13_DHE_KE_SUPPORT != ENABLED && TLS13_DHE_KE_SUPPORT != DISABLED)
38  #error TLS13_DHE_KE_SUPPORT parameter is not valid
39 #endif
40 
41 //ECDHE key establishment
42 #ifndef TLS13_ECDHE_KE_SUPPORT
43  #define TLS13_ECDHE_KE_SUPPORT ENABLED
44 #elif (TLS13_ECDHE_KE_SUPPORT != ENABLED && TLS13_ECDHE_KE_SUPPORT != DISABLED)
45  #error TLS13_ECDHE_KE_SUPPORT parameter is not valid
46 #endif
47 
48 //PSK-only key establishment
49 #ifndef TLS13_PSK_KE_SUPPORT
50  #define TLS13_PSK_KE_SUPPORT DISABLED
51 #elif (TLS13_PSK_KE_SUPPORT != ENABLED && TLS13_PSK_KE_SUPPORT != DISABLED)
52  #error TLS13_PSK_KE_SUPPORT parameter is not valid
53 #endif
54 
55 //PSK with DHE key establishment
56 #ifndef TLS13_PSK_DHE_KE_SUPPORT
57  #define TLS13_PSK_DHE_KE_SUPPORT ENABLED
58 #elif (TLS13_PSK_DHE_KE_SUPPORT != ENABLED && TLS13_PSK_DHE_KE_SUPPORT != DISABLED)
59  #error TLS13_PSK_DHE_KE_SUPPORT parameter is not valid
60 #endif
61 
62 //PSK with ECDHE key establishment
63 #ifndef TLS13_PSK_ECDHE_KE_SUPPORT
64  #define TLS13_PSK_ECDHE_KE_SUPPORT ENABLED
65 #elif (TLS13_PSK_ECDHE_KE_SUPPORT != ENABLED && TLS13_PSK_ECDHE_KE_SUPPORT != DISABLED)
66  #error TLS13_PSK_ECDHE_KE_SUPPORT parameter is not valid
67 #endif
68 
69 //Early data support
70 #ifndef TLS13_EARLY_DATA_SUPPORT
71  #define TLS13_EARLY_DATA_SUPPORT DISABLED
72 #elif (TLS13_EARLY_DATA_SUPPORT != ENABLED && TLS13_EARLY_DATA_SUPPORT != DISABLED)
73  #error TLS13_EARLY_DATA_SUPPORT parameter is not valid
74 #endif
75 
76 //Middlebox compatibility mode
77 #ifndef TLS13_MIDDLEBOX_COMPAT_SUPPORT
78  #define TLS13_MIDDLEBOX_COMPAT_SUPPORT ENABLED
79 #elif (TLS13_MIDDLEBOX_COMPAT_SUPPORT != ENABLED && TLS13_MIDDLEBOX_COMPAT_SUPPORT != DISABLED)
80  #error TLS13_MIDDLEBOX_COMPAT_SUPPORT parameter is not valid
81 #endif
82 
83 //Maximum size for cookies
84 #ifndef TLS13_MAX_COOKIE_SIZE
85  #define TLS13_MAX_COOKIE_SIZE 256
86 #elif (TLS13_MAX_COOKIE_SIZE < 32)
87  #error TLS13_MAX_COOKIE_SIZE parameter is not valid
88 #endif
89 
90 //Maximum size for session tickets
91 #ifndef TLS13_MAX_TICKET_SIZE
92  #define TLS13_MAX_TICKET_SIZE 1024
93 #elif (TLS13_MAX_TICKET_SIZE < 32)
94  #error TLS13_MAX_TICKET_SIZE parameter is not valid
95 #endif
96 
97 //Maximum lifetime of session tickets
98 #ifndef TLS13_MAX_TICKET_LIFETIME
99  #define TLS13_MAX_TICKET_LIFETIME 604800
100 #elif (TLS13_MAX_TICKET_LIFETIME < 0)
101  #error TLS13_MAX_TICKET_LIFETIME parameter is not valid
102 #endif
103 
104 //Age tolerance for tickets, in milliseconds
105 #ifndef TLS13_TICKET_AGE_TOLERANCE
106  #define TLS13_TICKET_AGE_TOLERANCE 5000
107 #elif (TLS13_TICKET_AGE_TOLERANCE < 0)
108  #error TLS13_TICKET_AGE_TOLERANCE parameter is not valid
109 #endif
110 
111 //Number of NewSessionTicket message sent by the server
112 #ifndef TLS13_NEW_SESSION_TICKET_COUNT
113  #define TLS13_NEW_SESSION_TICKET_COUNT 2
114 #elif (TLS13_NEW_SESSION_TICKET_COUNT < 0)
115  #error TLS13_NEW_SESSION_TICKET_COUNT parameter is not valid
116 #endif
117 
118 //Maximum size for HKDF digests
119 #if (TLS_SHA384_SUPPORT == ENABLED)
120  #define TLS13_MAX_HKDF_DIGEST_SIZE 48
121 #else
122  #define TLS13_MAX_HKDF_DIGEST_SIZE 32
123 #endif
124 
125 //C++ guard
126 #ifdef __cplusplus
127 extern "C" {
128 #endif
129 
130 
131 /**
132  * @brief Signature schemes (TLS 1.3)
133  **/
134 
135 typedef enum
136 {
137  TLS_SIGN_SCHEME_NONE = 0x0000,
138  TLS_SIGN_SCHEME_RSA_PKCS1_SHA1 = 0x0201,
139  TLS_SIGN_SCHEME_RSA_PKCS1_SHA256 = 0x0401,
140  TLS_SIGN_SCHEME_RSA_PKCS1_SHA384 = 0x0501,
141  TLS_SIGN_SCHEME_RSA_PKCS1_SHA512 = 0x0601,
142  TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA256 = 0x0804,
143  TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA384 = 0x0805,
144  TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA512 = 0x0806,
145  TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA256 = 0x0809,
146  TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA384 = 0x080A,
147  TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA512 = 0x080B,
148  TLS_SIGN_SCHEME_ECDSA_SHA1 = 0x0203,
149  TLS_SIGN_SCHEME_ECDSA_SECP256R1_SHA256 = 0x0403,
150  TLS_SIGN_SCHEME_ECDSA_SECP384R1_SHA384 = 0x0503,
151  TLS_SIGN_SCHEME_ECDSA_SECP521R1_SHA512 = 0x0603,
152  TLS_SIGN_SCHEME_SM2_SM3 = 0x0708,
153  TLS_SIGN_SCHEME_GOSTR34102012_256A = 0x0709,
154  TLS_SIGN_SCHEME_GOSTR34102012_256B = 0x070A,
155  TLS_SIGN_SCHEME_GOSTR34102012_256C = 0x070B,
156  TLS_SIGN_SCHEME_GOSTR34102012_256D = 0x070C,
157  TLS_SIGN_SCHEME_GOSTR34102012_512A = 0x070D,
158  TLS_SIGN_SCHEME_GOSTR34102012_512B = 0x070E,
159  TLS_SIGN_SCHEME_GOSTR34102012_512C = 0x070F,
160  TLS_SIGN_SCHEME_ECDSA_BRAINPOOLP256R1_TLS13_SHA256 = 0x081A,
161  TLS_SIGN_SCHEME_ECDSA_BRAINPOOLP384R1_TLS13_SHA384 = 0x081B,
162  TLS_SIGN_SCHEME_ECDSA_BRAINPOOLP512R1_TLS13_SHA512 = 0x081C,
163  TLS_SIGN_SCHEME_ED25519 = 0x0807,
164  TLS_SIGN_SCHEME_ED448 = 0x0808
165 } Tls13SignatureScheme;
166 
167 
168 /**
169  * @brief PSK key exchange modes
170  **/
171 
172 typedef enum
173 {
174  TLS_PSK_KEY_EXCH_MODE_PSK_KE = 0,
175  TLS_PSK_KEY_EXCH_MODE_PSK_DHE_KE = 1
176 } Tls13PskKeyExchMode;
177 
178 
179 /**
180  * @brief Key update requests
181  **/
182 
183 typedef enum
184 {
185  TLS_KEY_UPDATE_NOT_REQUESTED = 0,
186  TLS_KEY_UPDATE_REQUESTED = 1
187 } Tls13KeyUpdateRequest;
188 
189 
190 //CodeWarrior or Win32 compiler?
191 #if defined(__CWCC__) || defined(_WIN32)
192  #pragma pack(push, 1)
193 #endif
194 
195 
196 /**
197  * @brief Cookie
198  **/
199 
200 typedef __packed_struct
201 {
202  uint16_t length; //0-1
203  uint8_t value[]; //2
204 } Tls13Cookie;
205 
206 
207 /**
208  * @brief Key share entry
209  **/
210 
211 typedef __packed_struct
212 {
213  uint16_t group; //0
214  uint16_t length; //1
215  uint8_t keyExchange[]; //2
216 } Tls13KeyShareEntry;
217 
218 
219 /**
220  * @brief List of key shares
221  **/
222 
223 typedef __packed_struct
224 {
225  uint16_t length; //0
226  uint8_t value[]; //1
227 } Tls13KeyShareList;
228 
229 
230 /**
231  * @brief List of PSK key exchange modes
232  **/
233 
234 typedef __packed_struct
235 {
236  uint8_t length; //0
237  uint8_t value[]; //1
238 } Tls13PskKeModeList;
239 
240 
241 /**
242  * @brief PSK identity
243  **/
244 
245 typedef __packed_struct
246 {
247  uint16_t length; //0-1
248  uint8_t value[]; //2
249 } Tls13PskIdentity;
250 
251 
252 /**
253  * @brief List of PSK identities
254  **/
255 
256 typedef __packed_struct
257 {
258  uint16_t length; //0-1
259  uint8_t value[]; //2
260 } Tls13PskIdentityList;
261 
262 
263 /**
264  * @brief PSK binder
265  **/
266 
267 typedef __packed_struct
268 {
269  uint8_t length; //0
270  uint8_t value[]; //1
271 } Tls13PskBinder;
272 
273 
274 /**
275  * @brief List of PSK binders
276  **/
277 
278 typedef __packed_struct
279 {
280  uint16_t length; //0-1
281  uint8_t value[]; //2
282 } Tls13PskBinderList;
283 
284 
285 /**
286  * @brief Certificate request context
287  **/
288 
289 typedef __packed_struct
290 {
291  uint8_t length; //0
292  uint8_t value[]; //1
293 } Tls13CertRequestContext;
294 
295 
296 /**
297  * @brief Digitally-signed element (TLS 1.3)
298  **/
299 
300 typedef __packed_struct
301 {
302  uint16_t algorithm; //0-1
303  uint16_t length; //2-3
304  uint8_t value[]; //4
305 } Tls13DigitalSignature;
306 
307 
308 /**
309  * @brief HelloRetryRequest message
310  **/
311 
312 typedef __packed_struct
313 {
314  uint16_t serverVersion; //0-1
315  uint8_t random[32]; //2-33
316  uint8_t sessionIdLen; //34
317  uint8_t sessionId[]; //35
318 } Tls13HelloRetryRequest;
319 
320 
321 /**
322  * @brief EndOfEarlyData message
323  **/
324 
325 typedef void *Tls13EndOfEarlyData;
326 
327 
328 /**
329  * @brief EncryptedExtensions message
330  **/
331 
332 typedef __packed_struct
333 {
334  uint16_t extensionsLen; //0-1
335  uint8_t extensions[]; //2
336 } Tls13EncryptedExtensions;
337 
338 
339 /**
340  * @brief NewSessionTicket message (TLS 1.3)
341  **/
342 
343 typedef __packed_struct
344 {
345  uint32_t ticketLifetime; //0-3
346  uint32_t ticketAgeAdd; //4-7
347  uint8_t ticketNonceLen; //8
348  uint8_t ticketNonce[]; //9
349 } Tls13NewSessionTicket;
350 
351 
352 /**
353  * @brief KeyUpdate message
354  **/
355 
356 typedef __packed_struct
357 {
358  uint8_t requestUpdate; //0
359 } Tls13KeyUpdate;
360 
361 
362 /**
363  * @brief Session ticket
364  **/
365 
366 typedef __packed_struct
367 {
368  uint16_t length; //0-1
369  uint8_t data[]; //2
370 } Tls13Ticket;
371 
372 
373 /**
374  * @brief Session state information
375  **/
376 
377 typedef __packed_struct
378 {
379  uint16_t version; ///<Protocol version
380  uint16_t cipherSuite; ///<Cipher suite identifier
381  systime_t ticketTimestamp; ///<Timestamp to manage ticket lifetime
382  uint32_t ticketLifetime; ///<Lifetime of the ticket
383  uint32_t ticketAgeAdd; ///<Random value used to obscure the age of the ticket
384  uint8_t ticketNonce[4]; ///<A per-ticket value that is unique across all tickets issued
385  size_t ticketPskLen; ///<Length of the PSK associated with the ticket
386  uint8_t ticketPsk[TLS13_MAX_HKDF_DIGEST_SIZE]; ///<PSK associated with the ticket
387 } Tls13PlaintextSessionState;
388 
389 
390 //CodeWarrior or Win32 compiler?
391 #if defined(__CWCC__) || defined(_WIN32)
392  #pragma pack(pop)
393 #endif
394 
395 //TLS 1.3 related constants
396 extern const uint8_t tls11DowngradeRandom[8];
397 extern const uint8_t tls12DowngradeRandom[8];
398 extern const uint8_t tls13HelloRetryRequestRandom[32];
399 
400 //TLS 1.3 related functions
401 error_t tls13ComputePskBinder(TlsContext *context, const void *clientHello,
402  size_t clientHelloLen, size_t truncatedClientHelloLen,
403  const Tls13PskIdentity *identity, uint8_t *binder, size_t binderLen);
404 
405 error_t tls13GenerateKeyShare(TlsContext *context, uint16_t namedGroup);
406 
407 error_t tls13GenerateSharedSecret(TlsContext *context, const uint8_t *keyShare,
408  size_t length);
409 
410 error_t tls13ComputeMac(TlsContext *context, TlsEncryptionEngine *encryptionEngine,
411  void *record, const uint8_t *data, size_t dataLen, uint8_t *mac);
412 
413 error_t tls13DigestClientHello1(TlsContext *context);
414 
415 bool_t tls13IsPskValid(TlsContext *context);
416 
417 bool_t tls13IsGroupSupported(TlsContext *context, uint16_t namedGroup);
418 bool_t tls13IsEcdheGroupSupported(TlsContext *context, uint16_t namedGroup);
419 bool_t tls13IsFfdheGroupSupported(TlsContext *context, uint16_t namedGroup);
420 
421 error_t tls13CheckDuplicateKeyShare(uint16_t namedGroup, const uint8_t *p,
422  size_t length);
423 
424 error_t tls13FormatCertExtensions(uint8_t *p, size_t *written);
425 
426 error_t tls13ParseCertExtensions(const uint8_t *p, size_t length,
427  size_t *consumed);
428 
429 //C++ guard
430 #ifdef __cplusplus
431 }
432 #endif
433 
434 #endif
sessionId
uint8_t sessionId[]
Definition: tls13_misc.h:317
ticketLifetime
uint32_t ticketLifetime
Lifetime of the ticket.
Definition: tls13_misc.h:382
Tls13PskBinderList
Tls13PskBinderList
Definition: tls13_misc.h:282
TLS13_MAX_HKDF_DIGEST_SIZE
#define TLS13_MAX_HKDF_DIGEST_SIZE
Definition: tls13_misc.h:120
tls13ComputeMac
error_t tls13ComputeMac(TlsContext *context, TlsEncryptionEngine *encryptionEngine, void *record, const uint8_t *data, size_t dataLen, uint8_t *mac)
Compute message authentication code.
Definition: tls13_misc.c:457
keyExchange
uint8_t keyExchange[]
Definition: tls13_misc.h:215
bool_t
int bool_t
Definition: compiler_port.h:53
TLS_SIGN_SCHEME_ECDSA_BRAINPOOLP256R1_TLS13_SHA256
@ TLS_SIGN_SCHEME_ECDSA_BRAINPOOLP256R1_TLS13_SHA256
Definition: tls13_misc.h:160
Tls13Cookie
Tls13Cookie
Definition: tls13_misc.h:204
TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA256
@ TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA256
Definition: tls13_misc.h:142
TLS_SIGN_SCHEME_RSA_PKCS1_SHA512
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA512
Definition: tls13_misc.h:141
Tls13KeyUpdate
Tls13KeyUpdate
Definition: tls13_misc.h:359
tls13GenerateKeyShare
error_t tls13GenerateKeyShare(TlsContext *context, uint16_t namedGroup)
Key share generation.
Definition: tls13_misc.c:260
ticketNonce
uint8_t ticketNonce[]
A per-ticket value that is unique across all tickets issued.
Definition: tls13_misc.h:348
algorithm
uint8_t algorithm
Definition: dhcpv6_common.h:315
TLS_SIGN_SCHEME_SM2_SM3
@ TLS_SIGN_SCHEME_SM2_SM3
Definition: tls13_misc.h:152
p
uint8_t p
Definition: ndp.h:298
length
uint16_t length
Definition: tls13_misc.h:214
tls13DigestClientHello1
error_t tls13DigestClientHello1(TlsContext *context)
Hash ClientHello1 in the transcript when HelloRetryRequest is used.
Definition: tls13_misc.c:499
TLS_SIGN_SCHEME_ED25519
@ TLS_SIGN_SCHEME_ED25519
Definition: tls13_misc.h:163
TLS_SIGN_SCHEME_GOSTR34102012_512C
@ TLS_SIGN_SCHEME_GOSTR34102012_512C
Definition: tls13_misc.h:159
__packed_struct
typedef __packed_struct
Cookie.
Definition: tls13_misc.h:201
data
uint8_t data[]
Definition: tls13_misc.h:369
tls13ParseCertExtensions
error_t tls13ParseCertExtensions(const uint8_t *p, size_t length, size_t *consumed)
Parse certificate extensions.
Definition: tls13_misc.c:766
ticketPskLen
size_t ticketPskLen
Length of the PSK associated with the ticket.
Definition: tls13_misc.h:385
TLS_SIGN_SCHEME_RSA_PKCS1_SHA384
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA384
Definition: tls13_misc.h:140
TLS_SIGN_SCHEME_ECDSA_SECP256R1_SHA256
@ TLS_SIGN_SCHEME_ECDSA_SECP256R1_SHA256
Definition: tls13_misc.h:149
TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA384
@ TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA384
Definition: tls13_misc.h:146
TLS_SIGN_SCHEME_ECDSA_BRAINPOOLP384R1_TLS13_SHA384
@ TLS_SIGN_SCHEME_ECDSA_BRAINPOOLP384R1_TLS13_SHA384
Definition: tls13_misc.h:161
version
uint8_t version
Definition: coap_common.h:175
TLS_SIGN_SCHEME_GOSTR34102012_256B
@ TLS_SIGN_SCHEME_GOSTR34102012_256B
Definition: tls13_misc.h:154
Tls13KeyShareEntry
Tls13KeyShareEntry
Definition: tls13_misc.h:216
ticketNonceLen
uint8_t ticketNonceLen
Definition: tls13_misc.h:347
TLS_SIGN_SCHEME_GOSTR34102012_512A
@ TLS_SIGN_SCHEME_GOSTR34102012_512A
Definition: tls13_misc.h:157
Tls13KeyUpdateRequest
Tls13KeyUpdateRequest
Key update requests.
Definition: tls13_misc.h:184
ticketPsk
uint8_t ticketPsk[TLS13_MAX_HKDF_DIGEST_SIZE]
PSK associated with the ticket.
Definition: tls13_misc.h:386
TLS_PSK_KEY_EXCH_MODE_PSK_KE
@ TLS_PSK_KEY_EXCH_MODE_PSK_KE
Definition: tls13_misc.h:174
TLS_SIGN_SCHEME_RSA_PKCS1_SHA256
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA256
Definition: tls13_misc.h:139
TLS_PSK_KEY_EXCH_MODE_PSK_DHE_KE
@ TLS_PSK_KEY_EXCH_MODE_PSK_DHE_KE
Definition: tls13_misc.h:175
tls13IsGroupSupported
bool_t tls13IsGroupSupported(TlsContext *context, uint16_t namedGroup)
Check whether a given named group is supported.
Definition: tls13_misc.c:582
Tls13PskKeyExchMode
Tls13PskKeyExchMode
PSK key exchange modes.
Definition: tls13_misc.h:173
TLS_SIGN_SCHEME_GOSTR34102012_256D
@ TLS_SIGN_SCHEME_GOSTR34102012_256D
Definition: tls13_misc.h:156
Tls13SignatureScheme
Tls13SignatureScheme
Signature schemes (TLS 1.3)
Definition: tls13_misc.h:136
TlsContext
#define TlsContext
Definition: tls.h:36
error_t
error_t
Error codes.
Definition: error.h:43
TLS_SIGN_SCHEME_ECDSA_SECP384R1_SHA384
@ TLS_SIGN_SCHEME_ECDSA_SECP384R1_SHA384
Definition: tls13_misc.h:150
TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA512
@ TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA512
Definition: tls13_misc.h:147
Tls13PlaintextSessionState
Tls13PlaintextSessionState
Definition: tls13_misc.h:387
Tls13HelloRetryRequest
Tls13HelloRetryRequest
Definition: tls13_misc.h:318
TLS_SIGN_SCHEME_GOSTR34102012_256A
@ TLS_SIGN_SCHEME_GOSTR34102012_256A
Definition: tls13_misc.h:153
ticketTimestamp
systime_t ticketTimestamp
Timestamp to manage ticket lifetime.
Definition: tls13_misc.h:381
TLS_SIGN_SCHEME_ED448
@ TLS_SIGN_SCHEME_ED448
Definition: tls13_misc.h:164
TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA256
@ TLS_SIGN_SCHEME_RSA_PSS_PSS_SHA256
Definition: tls13_misc.h:145
TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA512
@ TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA512
Definition: tls13_misc.h:144
TLS_SIGN_SCHEME_RSA_PKCS1_SHA1
@ TLS_SIGN_SCHEME_RSA_PKCS1_SHA1
Definition: tls13_misc.h:138
Tls13PskBinder
Tls13PskBinder
Definition: tls13_misc.h:271
TLS_SIGN_SCHEME_ECDSA_BRAINPOOLP512R1_TLS13_SHA512
@ TLS_SIGN_SCHEME_ECDSA_BRAINPOOLP512R1_TLS13_SHA512
Definition: tls13_misc.h:162
dataLen
uint32_t dataLen
Definition: sftp_common.h:227
TLS_SIGN_SCHEME_GOSTR34102012_256C
@ TLS_SIGN_SCHEME_GOSTR34102012_256C
Definition: tls13_misc.h:155
Tls13KeyShareList
Tls13KeyShareList
Definition: tls13_misc.h:227
TLS_SIGN_SCHEME_ECDSA_SECP521R1_SHA512
@ TLS_SIGN_SCHEME_ECDSA_SECP521R1_SHA512
Definition: tls13_misc.h:151
Tls13Ticket
Tls13Ticket
Definition: tls13_misc.h:370
systime_t
uint32_t systime_t
System time.
Definition: os_port_chibios.h:108
tls13GenerateSharedSecret
error_t tls13GenerateSharedSecret(TlsContext *context, const uint8_t *keyShare, size_t length)
(EC)DHE shared secret generation
Definition: tls13_misc.c:353
tls13ComputePskBinder
error_t tls13ComputePskBinder(TlsContext *context, const void *clientHello, size_t clientHelloLen, size_t truncatedClientHelloLen, const Tls13PskIdentity *identity, uint8_t *binder, size_t binderLen)
Compute PSK binder value.
Definition: tls13_misc.c:86
tls13IsEcdheGroupSupported
bool_t tls13IsEcdheGroupSupported(TlsContext *context, uint16_t namedGroup)
Check whether a given ECDHE group is supported.
Definition: tls13_misc.c:615
TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA384
@ TLS_SIGN_SCHEME_RSA_PSS_RSAE_SHA384
Definition: tls13_misc.h:143
sessionIdLen
uint8_t sessionIdLen
Definition: tls13_misc.h:316
TLS_SIGN_SCHEME_GOSTR34102012_512B
@ TLS_SIGN_SCHEME_GOSTR34102012_512B
Definition: tls13_misc.h:158
extensions
uint8_t extensions[]
Definition: tls13_misc.h:335
cipherSuite
uint16_t cipherSuite
Cipher suite identifier.
Definition: tls13_misc.h:380
value
uint8_t value[]
Definition: tls13_misc.h:203
random
uint8_t random[32]
Definition: tls13_misc.h:315
Tls13NewSessionTicket
Tls13NewSessionTicket
Definition: tls13_misc.h:349
TLS_SIGN_SCHEME_ECDSA_SHA1
@ TLS_SIGN_SCHEME_ECDSA_SHA1
Definition: tls13_misc.h:148
tls13IsPskValid
bool_t tls13IsPskValid(TlsContext *context)
Check whether an externally established PSK is valid.
Definition: tls13_misc.c:544
tls13IsFfdheGroupSupported
bool_t tls13IsFfdheGroupSupported(TlsContext *context, uint16_t namedGroup)
Check whether a given FFDHE group is supported.
Definition: tls13_misc.c:653
TLS_KEY_UPDATE_REQUESTED
@ TLS_KEY_UPDATE_REQUESTED
Definition: tls13_misc.h:186
Tls13DigitalSignature
Tls13DigitalSignature
Definition: tls13_misc.h:305
Tls13PskKeModeList
Tls13PskKeModeList
Definition: tls13_misc.h:238
tls11DowngradeRandom
const uint8_t tls11DowngradeRandom[8]
Definition: tls13_misc.c:53
tls12DowngradeRandom
const uint8_t tls12DowngradeRandom[8]
Definition: tls13_misc.c:59
Tls13EndOfEarlyData
void * Tls13EndOfEarlyData
EndOfEarlyData message.
Definition: tls13_misc.h:325
TLS_SIGN_SCHEME_NONE
@ TLS_SIGN_SCHEME_NONE
Definition: tls13_misc.h:137
Tls13CertRequestContext
Tls13CertRequestContext
Definition: tls13_misc.h:293
TLS_KEY_UPDATE_NOT_REQUESTED
@ TLS_KEY_UPDATE_NOT_REQUESTED
Definition: tls13_misc.h:185
Tls13PskIdentity
Tls13PskIdentity
Definition: tls13_misc.h:249
Tls13PskIdentityList
Tls13PskIdentityList
Definition: tls13_misc.h:260
ticketAgeAdd
uint32_t ticketAgeAdd
Random value used to obscure the age of the ticket.
Definition: tls13_misc.h:346
TlsEncryptionEngine
#define TlsEncryptionEngine
Definition: tls.h:40
tls13CheckDuplicateKeyShare
error_t tls13CheckDuplicateKeyShare(uint16_t namedGroup, const uint8_t *p, size_t length)
Check whether the specified key share group is a duplicate.
Definition: tls13_misc.c:691
tls13FormatCertExtensions
error_t tls13FormatCertExtensions(uint8_t *p, size_t *written)
Format certificate extensions.
Definition: tls13_misc.c:737
tls13HelloRetryRequestRandom
const uint8_t tls13HelloRetryRequestRandom[32]
Definition: tls13_misc.c:65
Tls13EncryptedExtensions
Tls13EncryptedExtensions
Definition: tls13_misc.h:336