tls_misc.h
Go to the documentation of this file.
1 /**
2  * @file tls_misc.h
3  * @brief TLS helper functions
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2025 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneSSL Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.5.2
29  **/
30 
31 #ifndef _TLS_MISC_H
32 #define _TLS_MISC_H
33 
34 //Dependencies
35 #include "tls.h"
36 
37 //C++ guard
38 #ifdef __cplusplus
39 extern "C" {
40 #endif
41 
42 //TLS related functions
43 void tlsChangeState(TlsContext *context, TlsState newState);
44 void tlsProcessError(TlsContext *context, error_t errorCode);
45 
46 error_t tlsGenerateRandomValue(TlsContext *context, uint8_t *random);
47 error_t tlsGenerateSessionId(TlsContext *context, size_t length);
48 
49 error_t tlsSelectVersion(TlsContext *context, uint16_t version);
50 error_t tlsSelectCipherSuite(TlsContext *context, uint16_t identifier);
51 
52 error_t tlsSaveSessionId(const TlsContext *context,
53  TlsSessionState *session);
54 
55 error_t tlsSaveSessionTicket(const TlsContext *context,
56  TlsSessionState *session);
57 
58 error_t tlsRestoreSessionId(TlsContext *context,
59  const TlsSessionState *session);
60 
61 error_t tlsRestoreSessionTicket(TlsContext *context,
62  const TlsSessionState *session);
63 
64 error_t tlsInitEncryptionEngine(TlsContext *context,
65  TlsEncryptionEngine *encryptionEngine, TlsConnectionEnd entity,
66  const uint8_t *secret);
67 
68 void tlsFreeEncryptionEngine(TlsEncryptionEngine *encryptionEngine);
69 
70 error_t tlsWriteMpi(const Mpi *a, uint8_t *data, size_t *length);
71 error_t tlsReadMpi(Mpi *a, const uint8_t *data, size_t size, size_t *length);
72 
73 error_t tlsWriteEcPoint(const EcPublicKey *publicKey, uint8_t *data,
74  size_t *length);
75 
76 error_t tlsReadEcPoint(EcPublicKey *publicKey, const EcCurve *curve,
77  const uint8_t *data, size_t size, size_t *length);
78 
79 const char_t *tlsGetVersionName(uint16_t version);
80 const HashAlgo *tlsGetHashAlgo(TlsHashAlgo hashAlgoId);
81 const EcCurve *tlsGetCurve(TlsContext *context, uint16_t namedCurve);
82 TlsNamedGroup tlsGetNamedCurve(const uint8_t *oid, size_t length);
83 
84 size_t tlsComputeEncryptionOverhead(TlsEncryptionEngine *encryptionEngine,
85  size_t payloadLen);
86 
87 bool_t tlsCheckDnsHostname(const char_t *name, size_t length);
88 
89 //C++ guard
90 #ifdef __cplusplus
91 }
92 #endif
93 
94 #endif
tlsChangeState
void tlsChangeState(TlsContext *context, TlsState newState)
Update TLS state.
Definition: tls_misc.c:54
tlsGetHashAlgo
const HashAlgo * tlsGetHashAlgo(TlsHashAlgo hashAlgoId)
Get the hash algorithm that matches the specified identifier.
Definition: tls_misc.c:1186
tlsRestoreSessionId
error_t tlsRestoreSessionId(TlsContext *context, const TlsSessionState *session)
Restore a TLS session using session ID.
Definition: tls_misc.c:558
bool_t
int bool_t
Definition: compiler_port.h:61
a
uint8_t a
Definition: ndp.h:411
Mpi
Arbitrary precision integer.
Definition: mpi.h:102
TlsState
TlsState
TLS FSM states.
Definition: tls.h:1510
TlsConnectionEnd
TlsConnectionEnd
TLS connection end.
Definition: tls.h:997
data
uint8_t data[]
Definition: ethernet.h:224
tlsFreeEncryptionEngine
void tlsFreeEncryptionEngine(TlsEncryptionEngine *encryptionEngine)
Release encryption engine.
Definition: tls_misc.c:921
TlsHashAlgo
TlsHashAlgo
Hash algorithms.
Definition: tls.h:1245
name
char_t name[]
Definition: resource_manager.h:71
tlsRestoreSessionTicket
error_t tlsRestoreSessionTicket(TlsContext *context, const TlsSessionState *session)
Restore a TLS session using session ticket.
Definition: tls_misc.c:607
version
uint8_t version
Definition: coap_common.h:177
errorCode
uint16_t errorCode
Definition: tftp_common.h:138
tlsCheckDnsHostname
bool_t tlsCheckDnsHostname(const char_t *name, size_t length)
DNS hostname verification.
Definition: tls_misc.c:1598
tlsGetCurve
const EcCurve * tlsGetCurve(TlsContext *context, uint16_t namedCurve)
Get the EC domain parameters that match the specified named curve.
Definition: tls_misc.c:1253
tlsSelectVersion
error_t tlsSelectVersion(TlsContext *context, uint16_t version)
Set the TLS version to be used.
Definition: tls_misc.c:307
oid
uint8_t oid[]
Definition: lldp_tlv.h:300
tlsInitEncryptionEngine
error_t tlsInitEncryptionEngine(TlsContext *context, TlsEncryptionEngine *encryptionEngine, TlsConnectionEnd entity, const uint8_t *secret)
Initialize encryption engine.
Definition: tls_misc.c:674
TlsContext
#define TlsContext
Definition: tls.h:36
error_t
error_t
Error codes.
Definition: error.h:43
tlsSelectCipherSuite
error_t tlsSelectCipherSuite(TlsContext *context, uint16_t identifier)
Set cipher suite.
Definition: tls_misc.c:335
tlsSaveSessionId
error_t tlsSaveSessionId(const TlsContext *context, TlsSessionState *session)
Save session ID.
Definition: tls_misc.c:432
tlsGetVersionName
const char_t * tlsGetVersionName(uint16_t version)
Convert TLS version to string representation.
Definition: tls_misc.c:1125
length
uint8_t length
Definition: tcp.h:375
tlsReadEcPoint
error_t tlsReadEcPoint(EcPublicKey *publicKey, const EcCurve *curve, const uint8_t *data, size_t size, size_t *length)
Read an EC point from an opaque vector.
Definition: tls_misc.c:1077
tlsWriteEcPoint
error_t tlsWriteEcPoint(const EcPublicKey *publicKey, uint8_t *data, size_t *length)
Encode an EC point to an opaque vector.
Definition: tls_misc.c:1038
tlsWriteMpi
error_t tlsWriteMpi(const Mpi *a, uint8_t *data, size_t *length)
Encode a multiple precision integer to an opaque vector.
Definition: tls_misc.c:962
secret
uint8_t secret[TLS_MASTER_SECRET_SIZE]
Master secret.
Definition: tls.h:1940
random
uint8_t random[32]
Definition: tls.h:1827
EcPublicKey
EC public key.
Definition: ec.h:421
char_t
char char_t
Definition: compiler_port.h:55
tlsComputeEncryptionOverhead
size_t tlsComputeEncryptionOverhead(TlsEncryptionEngine *encryptionEngine, size_t payloadLen)
Compute overhead caused by encryption.
Definition: tls_misc.c:1544
TlsSessionState
TLS session state.
Definition: tls.h:2094
tlsReadMpi
error_t tlsReadMpi(Mpi *a, const uint8_t *data, size_t size, size_t *length)
Read a multiple precision integer from an opaque vector.
Definition: tls_misc.c:996
tls.h
TLS (Transport Layer Security)
identifier
uint8_t identifier[]
Definition: dhcpv6_common.h:185
tlsProcessError
void tlsProcessError(TlsContext *context, error_t errorCode)
Translate an error code to an alert message.
Definition: tls_misc.c:74
HashAlgo
Common interface for hash algorithms.
Definition: crypto.h:1089
EcCurve
#define EcCurve
Definition: ec.h:346
payloadLen
uint16_t payloadLen
Definition: ipv6.h:281
TlsNamedGroup
TlsNamedGroup
Named groups.
Definition: tls.h:1420
tlsSaveSessionTicket
error_t tlsSaveSessionTicket(const TlsContext *context, TlsSessionState *session)
Save session ticket.
Definition: tls_misc.c:504
TlsEncryptionEngine
#define TlsEncryptionEngine
Definition: tls.h:40
tlsGenerateSessionId
error_t tlsGenerateSessionId(TlsContext *context, size_t length)
Generate a random session identifier.
Definition: tls_misc.c:270
tlsGetNamedCurve
TlsNamedGroup tlsGetNamedCurve(const uint8_t *oid, size_t length)
Get the named curve that matches the specified OID.
Definition: tls_misc.c:1407
tlsGenerateRandomValue
error_t tlsGenerateRandomValue(TlsContext *context, uint8_t *random)
Generate client or server random value.
Definition: tls_misc.c:207