ssl.h File Reference

#include "session/scorebrd.h"

Go to the source code of this file.

Classes
struct	CIPHERSUITE_INFO
struct	SL

Macros
#define	SSL_PORT   443
#define	ID_SIZE   1 /* ID byte */
#define	LENGTH_SIZE   3 /* 24 bits */
#define	SEQNO_SIZE   8 /* 64 bits */
#define	VERSIONINFO_SIZE   2 /* 0x03, 0x0n */
#define	ALERTINFO_SIZE   2 /* level + description */
#define	SSL_HEADER_SIZE   5 /* Type, version, length */
#define	SSL_NONCE_SIZE   32 /* Size of client/svr nonce */
#define	SSL_SECRET_SIZE   48 /* Size of premaster/master secret */
#define	MD5MAC_SIZE   16 /* Size of MD5 proto-HMAC/dual hash */
#define	SHA1MAC_SIZE   20 /* Size of SHA-1 proto-HMAC/dual hash */
#define	SHA2MAC_SIZE   32 /* Size of SHA-2 HMAC hash */
#define	GCMICV_SIZE   16 /* Size of GCM ICV */
#define	GCM_SALT_SIZE   4 /* Size of implicit portion of GCM IV */
#define	GCM_IV_SIZE   12 /* Overall size of GCM IV */
#define	TLS_HASHEDMAC_SIZE   12 /* Size of TLS PRF( MD5 + SHA1 ) */
#define	SESSIONID_SIZE   16 /* Size of session ID */
#define	MAX_SESSIONID_SIZE   32 /* Max.allowed session ID size */
#define	MAX_KEYBLOCK_SIZE   ( ( 64 + 32 + 16 ) * 2 )
#define	MIN_PACKET_SIZE   4 /* Minimum SSL packet size */
#define	MAX_PACKET_SIZE   16384 /* Maximum SSL packet size */
#define	MAX_CIPHERSUITES   200 /* Max.allowed cipher suites */
#define	EXTRA_PACKET_SIZE   512
#define	SSL_PFLAG_NONE   0x00 /* No protocol-specific flags */
#define	SSL_PFLAG_ALERTSENT   0x01 /* Close alert sent */
#define	SSL_PFLAG_CLIAUTHSKIPPED   0x02 /* Client auth-req.skipped */
#define	SSL_PFLAG_GCM   0x04 /* Encryption uses GCM, not CBC */
#define	SSL_PFLAG_SUITEB_128   0x08 /* Enforce Suite B 128-bit semantics */
#define	SSL_PFLAG_SUITEB_256   0x10 /* Enforce Suite B 256-bit semantics */
#define	SSL_PFLAG_CHECKREHANDSHAKE   0x20 /* Check decrypted pkt.for rehandshake */
#define	SSL_PFLAG_MAX   0x2F /* Maximum possible flag value */
#define	SSL_PFLAG_SUITEB
#define	SSL_MSG_CHANGE_CIPHER_SPEC   20
#define	SSL_MSG_ALERT   21
#define	SSL_MSG_HANDSHAKE   22
#define	SSL_MSG_APPLICATION_DATA   23
#define	SSL_MSG_FIRST   SSL_MSG_CHANGE_CIPHER_SPEC
#define	SSL_MSG_LAST   SSL_MSG_APPLICATION_DATA
#define	SSL_MSG_FIRST_HANDSHAKE   0xFE
#define	SSL_MSG_FIRST_ENCRHANDSHAKE   0xFF
#define	SSL_MSG_LAST_SPECIAL   SSL_MSG_FIRST_ENCRHANDSHAKE
#define	SSL_MSG_V2HANDSHAKE   0x80
#define	SSL_HAND_CLIENT_HELLO   1
#define	SSL_HAND_SERVER_HELLO   2
#define	SSL_HAND_CERTIFICATE   11
#define	SSL_HAND_SERVER_KEYEXCHANGE   12
#define	SSL_HAND_SERVER_CERTREQUEST   13
#define	SSL_HAND_SERVER_HELLODONE   14
#define	SSL_HAND_CLIENT_CERTVERIFY   15
#define	SSL_HAND_CLIENT_KEYEXCHANGE   16
#define	SSL_HAND_FINISHED   20
#define	SSL_HAND_SUPPLEMENTAL_DATA   23
#define	SSL_HAND_FIRST   SSL_HAND_CLIENT_HELLO
#define	SSL_HAND_LAST   SSL_HAND_SUPPLEMENTAL_DATA
#define	SSL_ALERTLEVEL_WARNING   1
#define	SSL_ALERTLEVEL_FATAL   2
#define	SSL_ALERT_CLOSE_NOTIFY   0
#define	SSL_ALERT_UNEXPECTED_MESSAGE   10
#define	SSL_ALERT_BAD_RECORD_MAC   20
#define	TLS_ALERT_DECRYPTION_FAILED   21
#define	TLS_ALERT_RECORD_OVERFLOW   22
#define	SSL_ALERT_DECOMPRESSION_FAILURE   30
#define	SSL_ALERT_HANDSHAKE_FAILURE   40
#define	SSL_ALERT_NO_CERTIFICATE   41
#define	SSL_ALERT_BAD_CERTIFICATE   42
#define	SSL_ALERT_UNSUPPORTED_CERTIFICATE   43
#define	SSL_ALERT_CERTIFICATE_REVOKED   44
#define	SSL_ALERT_CERTIFICATE_EXPIRED   45
#define	SSL_ALERT_CERTIFICATE_UNKNOWN   46
#define	TLS_ALERT_ILLEGAL_PARAMETER   47
#define	TLS_ALERT_UNKNOWN_CA   48
#define	TLS_ALERT_ACCESS_DENIED   49
#define	TLS_ALERT_DECODE_ERROR   50
#define	TLS_ALERT_DECRYPT_ERROR   51
#define	TLS_ALERT_EXPORT_RESTRICTION   60
#define	TLS_ALERT_PROTOCOL_VERSION   70
#define	TLS_ALERT_INSUFFICIENT_SECURITY   71
#define	TLS_ALERT_INTERNAL_ERROR   80
#define	TLS_ALERT_USER_CANCELLED   90
#define	TLS_ALERT_NO_RENEGOTIATION   100
#define	TLS_ALERT_UNSUPPORTED_EXTENSION   110
#define	TLS_ALERT_CERTIFICATE_UNOBTAINABLE   111
#define	TLS_ALERT_UNRECOGNIZED_NAME   112
#define	TLS_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE   113
#define	TLS_ALERT_BAD_CERTIFICATE_HASH_VALUE   114
#define	TLS_ALERT_UNKNOWN_PSK_IDENTITY   115
#define	SSL_ALERT_FIRST   SSL_ALERT_CLOSE_NOTIFY
#define	SSL_ALERT_LAST   TLS_ALERT_UNKNOWN_PSK_IDENTITY
#define	TLS_SUPPDATA_USERMAPPING   0
#define	SSL_MAJOR_VERSION   3
#define	SSL_MINOR_VERSION_SSL   0
#define	SSL_MINOR_VERSION_TLS   1
#define	SSL_MINOR_VERSION_TLS11   2
#define	SSL_MINOR_VERSION_TLS12   3
#define	SSL_SENDER_CLIENTLABEL   "CLNT"
#define	SSL_SENDER_SERVERLABEL   "SRVR"
#define	SSL_SENDERLABEL_SIZE   4
#define	CIPHERSUITE_FLAG_NONE   0x00 /* No suite */
#define	CIPHERSUITE_FLAG_PSK   0x01 /* TLS-PSK suite */
#define	CIPHERSUITE_FLAG_DH   0x02 /* DH suite */
#define	CIPHERSUITE_FLAG_ECC   0x04 /* ECC suite */
#define	CIPHERSUITE_FLAG_TLS12   0x08 /* TLS 1.2 suite */
#define	CIPHERSUITE_FLAG_GCM   0x10 /* GCM instead of CBC */
#define	CIPHERSUITE_FLAG_MAX   0x1F /* Maximum possible flag value */
#define	DESCRIPTION(text)   text,

Typedefs
typedef struct SL	SSL_HANDSHAKE_INFO

Enumerations
enum	SSL_CIPHERSUITE_TYPE {   SSL_NULL_WITH_NULL, SSL_RSA_WITH_NULL_MD5, SSL_RSA_WITH_NULL_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5,   SSL_RSA_WITH_RC4_128_MD5, SSL_FIRST_VALID_SUITE = SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,   SSL_RSA_WITH_IDEA_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,   TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_DH_DSS_WITH_DES_CBC_SHA, TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA, TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,   TLS_DH_RSA_WITH_DES_CBC_SHA, TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_DHE_DSS_WITH_DES_CBC_SHA,   TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, TLS_DHE_RSA_WITH_DES_CBC_SHA, TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,   TLS_DH_anon_EXPORT_WITH_RC4_40_MD5, TLS_DH_anon_WITH_RC4_128_MD5, TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_DH_anon_WITH_DES_CBC_SHA,   TLS_DH_anon_WITH_3DES_EDE_CBC_SHA, TLS_reserved_1, TLS_reserved_2, TLS_KRB5_WITH_DES_CBC_SHA,   TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_RC4_128_SHA, TLS_KRB5_WITH_IDEA_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5,   TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_RC4_128_MD5, TLS_KRB5_WITH_IDEA_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA,   TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_RC4_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5, TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5,   TLS_KRB5_EXPORT_WITH_RC4_40_MD5, TLS_RSA_WITH_AES_128_CBC_SHA = 0x2F, TLS_DH_DSS_WITH_AES_128_CBC_SHA, TLS_DH_RSA_WITH_AES_128_CBC_SHA,   TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA,   TLS_DH_DSS_WITH_AES_256_CBC_SHA, TLS_DH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,   TLS_DH_anon_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,   TLS_DH_DSS_WITH_AES_128_CBC_SHA256, TLS_DH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,   TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,   TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 103, TLS_DH_DSS_WITH_AES_256_CBC_SHA256, TLS_DH_RSA_WITH_AES_256_CBC_SHA256,   TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_DH_anon_WITH_AES_256_CBC_SHA256,   TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 132, TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,   TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA, TLS_PSK_WITH_RC4_128_SHA, TLS_PSK_WITH_3DES_EDE_CBC_SHA,   TLS_PSK_WITH_AES_128_CBC_SHA, TLS_PSK_WITH_AES_256_CBC_SHA, TLS_DHE_PSK_WITH_RC4_128_SHA, TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,   TLS_DHE_PSK_WITH_AES_128_CBC_SHA, TLS_DHE_PSK_WITH_AES_256_CBC_SHA, TLS_RSA_PSK_WITH_RC4_128_SHA, TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,   TLS_RSA_PSK_WITH_AES_128_CBC_SHA, TLS_RSA_PSK_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256 = 156, TLS_RSA_WITH_AES_256_GCM_SHA384,   TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DH_RSA_WITH_AES_128_GCM_SHA256, TLS_DH_RSA_WITH_AES_256_GCM_SHA384,   TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_DH_DSS_WITH_AES_128_GCM_SHA256, TLS_DH_DSS_WITH_AES_256_GCM_SHA384,   TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_NULL_SHA = 49153, TLS_ECDH_ECDSA_WITH_RC4_128_SHA,   TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_NULL_SHA,   TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,   TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,   TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_anon_WITH_NULL_SHA, TLS_ECDH_anon_WITH_RC4_128_SHA,   TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_AES_256_CBC_SHA, TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA,   TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, TLS_SRP_SHA_WITH_AES_128_CBC_SHA, TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,   TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, TLS_SRP_SHA_WITH_AES_256_CBC_SHA, TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,   TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,   TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,   TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,   TLS_ECDHE_PSK_WITH_RC4_128_SHA, TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,   TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, TLS_ECDHE_PSK_WITH_NULL_SHA, TLS_ECDHE_PSK_WITH_NULL_SHA256,   TLS_ECDHE_PSK_WITH_NULL_SHA384, SSL_LAST_SUITE }
enum	TLS_EXT_TYPE {   TLS_EXT_SERVER_NAME, TLS_EXT_MAX_FRAGMENT_LENTH, TLS_EXT_CLIENT_CERTIFICATE_URL, TLS_EXT_TRUSTED_CA_KEYS,   TLS_EXT_TRUNCATED_HMAC, TLS_EXT_STATUS_REQUEST, TLS_EXT_USER_MAPPING, TLS_EXT_CLIENT_AUTHZ,   TLS_EXT_SERVER_AUTHZ, TLS_EXT_CERTTYPE, TLS_EXT_ELLIPTIC_CURVES, TLS_EXT_EC_POINT_FORMATS,   TLS_EXT_SRP, TLS_EXT_SIGNATURE_ALGORITHMS, TLS_EXT_SESSIONTICKET = 35, TLS_EXT_LAST,   TLS_EXT_SECURE_RENEG = 65281 }
enum	TLS_CERTTYPE_TYPE {   TLS_CERTTYPE_NONE, TLS_CERTTYPE_RSA, TLS_CERTTYPE_DSA, TLS_CERTTYPE_DUMMY1,   TLS_CERTTYPE_DUMMY2, TLS_CERTTYPE_DUMMY3, TLS_CERTTYPE_DUMMY4, TLS_CERTTYPE_ECDSA = 64,   TLS_CERTTYPE_LAST }
enum	TLS_SIGALGO_TYPE {   TLS_SIGALGO_NONE, TLS_SIGALGO_RSA, TLS_SIGALGO_DSA, TLS_SIGALGO_ECDSA,   TLS_SIGALGO_LAST }
enum	TLS_HASHALGO_TYPE {   TLS_HASHALGO_NONE, TLS_HASHALGO_MD5, TLS_HASHALGO_SHA1, TLS_HASHALGO_DUMMY1,   TLS_HASHALGO_SHA2, TLS_HASHALGO_SHA384, TLS_HASHALGO_DUMMY3, TLS_HASHALGO_LAST }
enum	TLS_CURVE_TYPE {   TLS_CURVE_NONE, TLS_CURVE_SECT163K1, TLS_CURVE_SECT163R1, TLS_CURVE_SECT163R2,   TLS_CURVE_SECT193R1, TLS_CURVE_SECT193R2, TLS_CURVE_SECT233K1, TLS_CURVE_SECT233R1,   TLS_CURVE_SECT239K1, TLS_CURVE_SECT283K1, TLS_CURVE_SECT283R1, TLS_CURVE_SECT409K1,   TLS_CURVE_SECT409R1, TLS_CURVE_SECT571K1, TLS_CURVE_SECT571R1, TLS_CURVE_SECP160K1,   TLS_CURVE_SECP160R1, TLS_CURVE_SECP160R2, TLS_CURVE_SECP192K1, TLS_CURVE_SECP192R1,   TLS_CURVE_SECP224K1, TLS_CURVE_SECP224R1, TLS_CURVE_SECP256K1, TLS_CURVE_SECP256R1,   TLS_CURVE_SECP384R1, TLS_CURVE_SECP521R1, TLS_CURVE_LAST }

Functions
CHECK_RETVAL_LENGTH	STDC_NONNULL_ARG ((1)) int readUint24(INOUT STREAM *stream)
CHECK_RETVAL	STDC_NONNULL_ARG ((1, 2, 4)) int readEcdhValue(INOUT STREAM *stream
CHECK_RETVAL OUT_BUFFER valueLen void	IN_LENGTH_SHORT_MIN (64) const int valueMaxLen
CHECK_RETVAL	STDC_NONNULL_ARG ((1, 2, 3, 4)) int readSSLCertChain(INOUT SESSION_INFO *sessionInfoPtr
CHECK_RETVAL	STDC_NONNULL_ARG ((1, 2)) int writeSSLCertChain(INOUT SESSION_INFO *sessionInfoPtr
CHECK_RETVAL	INOUT_BUFFER (dataMaxLength,*dataLength) BYTE *data
CHECK_RETVAL	INOUT_BUFFER_FIXED (dataLength) BYTE *data
CHECK_RETVAL IN_LENGTH const int OUT_LENGTH_Z int IN_LENGTH const int	IN_RANGE (0, 255) const int type)
CHECK_RETVAL	OUT_BUFFER (dataMaxLength,*dataLength) void *data
CHECK_RETVAL	IN_BUFFER (dataLength) const void *data
CHECK_RETVAL int	macDataTLSGCM (IN_HANDLE const CRYPT_CONTEXT iCryptContext, IN_INT_Z const long seqNo, IN_RANGE(SSL_MINOR_VERSION_TLS, SSL_MINOR_VERSION_TLS12) const int version, IN_LENGTH_Z const int payloadLength, IN_RANGE(0, 255) const int type)
CHECK_RETVAL	STDC_NONNULL_ARG ((3, 5, 6, 8)) int completeSSLDualMAC(IN_HANDLE const CRYPT_CONTEXT md5context
CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE	IN_LENGTH_SHORT_MIN (MD5MAC_SIZE+SHA1MAC_SIZE) const int hashValuesMaxLen
CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE OUT_LENGTH_SHORT_Z int	IN_BUFFER (labelLength) const char *label
CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE OUT_LENGTH_SHORT_Z int	IN_RANGE (1, 64) const int labelLength
CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE OUT_LENGTH_SHORT_Z int	IN_BUFFER (masterSecretLen) const BYTE *masterSecret
CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT	OUT_BUFFER (hashValuesMaxLen,*hashValuesLen) BYTE *hashValues
CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT	IN_LENGTH_SHORT_MIN (TLS_HASHEDMAC_SIZE) const int hashValuesMaxLen
CHECK_RETVAL	STDC_NONNULL_ARG ((2, 4, 5, 7)) int completeTLS12HashedMAC(IN_HANDLE const CRYPT_CONTEXT sha2context
CHECK_RETVAL	STDC_NONNULL_ARG ((1, 2, 3)) int createCertVerify(const SESSION_INFO *sessionInfoPtr
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM	IN_LENGTH_SHORT_MIN (MIN_CRYPT_OBJECTSIZE) const int sigLength)
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM	IN_BUFFER (keyDataLength) const void *keyData
CHECK_RETVAL	STDC_NONNULL_ARG ((2)) int cloneHashContext(IN_HANDLE const CRYPT_CONTEXT hashContext
CHECK_RETVAL	IN_BUFFER_OPT (keyDataLength) const void *keyData
CHECK_RETVAL IN_LENGTH_SHORT_Z const int IN_HANDLE_OPT const CRYPT_CONTEXT	IN_ENUM_OPT (CRYPT_ECCCURVE) const CRYPT_ECCCURVE_TYPE eccParams)
CHECK_RETVAL	STDC_NONNULL_ARG ((1, 3, 4)) int createSharedPremasterSecret(OUT_BUFFER(premasterSecretMaxLength
CHECK_RETVAL *premasterSecretLength void IN_LENGTH_SHORT const int OUT_LENGTH_SHORT_Z int	IN_BUFFER (sharedSecretLength) const void *sharedSecret
CHECK_RETVAL	STDC_NONNULL_ARG ((1, 2, 3, 5)) int wrapPremasterSecret(INOUT SESSION_INFO *sessionInfoPtr
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO	OUT_BUFFER_FIXED (masterSecreSize) void *masterSecret
CHECK_RETVAL_PTR const char *	getSSLPacketName (IN_RANGE(0, 255) const int packetType)
CHECK_RETVAL_PTR const char *	getSSLHSPacketName (IN_RANGE(0, 255) const int packetType)
CHECK_RETVAL INOUT STREAM OUT_LENGTH_Z int	IN_RANGE (SSL_HAND_FIRST, SSL_HAND_LAST) const int packetType
CHECK_RETVAL	STDC_NONNULL_ARG ((1, 3)) int readHSPacketSSL(INOUT SESSION_INFO *sessionInfoPtr
CHECK_RETVAL INOUT_OPT SSL_HANDSHAKE_INFO OUT_LENGTH_Z int	IN_RANGE (SSL_HAND_FIRST, SSL_MSG_LAST_SPECIAL) const int packetType)
CHECK_RETVAL int	getCipherSuiteInfo (OUT const CIPHERSUITE_INFO ***cipherSuiteInfoPtrPtrPtr, OUT_INT_Z int *noSuiteEntries, const BOOLEAN isServer)
CHECK_RETVAL	IN_BUFFER (headerLength) const void *header

Variables
IN_LENGTH const int	length
CHECK_RETVAL OUT_BUFFER valueLen void *	value
CHECK_RETVAL OUT_BUFFER valueLen void OUT_LENGTH_PKC_Z int *	valueLen
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO *	handshakeInfo
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM *	stream
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM OUT_HANDLE_OPT CRYPT_CERTIFICATE *	iCertChain
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM OUT_HANDLE_OPT CRYPT_CERTIFICATE const BOOLEAN	isServer
CHECK_RETVAL IN_LENGTH const int	dataMaxLength
CHECK_RETVAL IN_LENGTH const int OUT_LENGTH_Z int *	dataLength
CHECK_RETVAL IN_LENGTH const int OUT_LENGTH_Z int IN_LENGTH const int	payloadLength
CHECK_RETVAL IN_LENGTH const int OUT_LENGTH_Z int *	processedDataLength
CHECK_RETVAL IN_LENGTH const int IN_LENGTH_Z const int const BOOLEAN	noReportError
CHECK_RETVAL INOUT STREAM IN_LENGTH_Z const int	offset
CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT	sha1context
CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE *	hashValues
CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE OUT_LENGTH_SHORT_Z int *	hashValuesLen
CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE OUT_LENGTH_SHORT_Z int IN_LENGTH_SHORT const int	masterSecretLen
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM IN_LENGTH_SHORT const int	keyDataLength
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM IN_LENGTH_SHORT const int const BOOLEAN	isECC
CHECK_RETVAL INOUT SESSION_INFO *	sessionInfoPtr
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO const BOOLEAN	isClient
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO const BOOLEAN const BOOLEAN	isResumedSession
CHECK_RETVAL const BOOLEAN	isTLS12
CHECK_RETVAL OUT_HANDLE_OPT CRYPT_CONTEXT *	clonedHashContext
CHECK_RETVAL IN_LENGTH_SHORT_Z const int IN_HANDLE_OPT const CRYPT_CONTEXT	iServerKeyTemplate
CHECK_RETVAL *premasterSecretLength void *	premasterSecret
CHECK_RETVAL *premasterSecretLength void IN_LENGTH_SHORT const int	premasterSecretMaxLength
CHECK_RETVAL *premasterSecretLength void IN_LENGTH_SHORT const int OUT_LENGTH_SHORT_Z int *	premasterSecretLength
CHECK_RETVAL *premasterSecretLength void IN_LENGTH_SHORT const int OUT_LENGTH_SHORT_Z int IN_LENGTH_SHORT const int	sharedSecretLength
CHECK_RETVAL *premasterSecretLength void IN_LENGTH_SHORT const int OUT_LENGTH_SHORT_Z int IN_LENGTH_SHORT const int const BOOLEAN	isEncodedValue
CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO IN_LENGTH_SHORT const int	masterSecreSize
CHECK_RETVAL INOUT STREAM OUT_INT_SHORT_Z int *	ivLength
CHECK_RETVAL INOUT STREAM OUT_OPT_INT_Z int *	clientVersion
CHECK_RETVAL INOUT STREAM OUT_LENGTH_Z int *	packetLength
CHECK_RETVAL INOUT STREAM OUT_LENGTH_Z int IN_LENGTH_SHORT_Z const int	minSize
CHECK_RETVAL INOUT STREAM const BOOLEAN	sendOnly
CHECK_RETVAL const SESSION_INFO IN_LENGTH_OPT const int	bufferSize
CHECK_RETVAL const SESSION_INFO OUT_LENGTH_SHORT_Z int *	packetOffset
CHECK_RETVAL IN_LENGTH const int	headerLength
const BOOLEAN	alertReceived

Macro Definition Documentation

#define ALERTINFO_SIZE   2 /* level + description */

Definition at line 34 of file ssl.h.

#define CIPHERSUITE_FLAG_DH   0x02 /* DH suite */

Definition at line 450 of file ssl.h.

#define CIPHERSUITE_FLAG_ECC   0x04 /* ECC suite */

Definition at line 451 of file ssl.h.

#define CIPHERSUITE_FLAG_GCM   0x10 /* GCM instead of CBC */

Definition at line 453 of file ssl.h.

#define CIPHERSUITE_FLAG_MAX   0x1F /* Maximum possible flag value */

Definition at line 454 of file ssl.h.

#define CIPHERSUITE_FLAG_NONE   0x00 /* No suite */

Definition at line 448 of file ssl.h.

#define CIPHERSUITE_FLAG_PSK   0x01 /* TLS-PSK suite */

Definition at line 449 of file ssl.h.

#define CIPHERSUITE_FLAG_TLS12   0x08 /* TLS 1.2 suite */

Definition at line 452 of file ssl.h.

#define DESCRIPTION

(

text

)

text,

Definition at line 476 of file ssl.h.

#define EXTRA_PACKET_SIZE   512

Definition at line 58 of file ssl.h.

#define GCM_IV_SIZE   12 /* Overall size of GCM IV */

Definition at line 43 of file ssl.h.

#define GCM_SALT_SIZE   4 /* Size of implicit portion of GCM IV */

Definition at line 42 of file ssl.h.

#define GCMICV_SIZE   16 /* Size of GCM ICV */

Definition at line 41 of file ssl.h.

#define ID_SIZE   1 /* ID byte */

Definition at line 30 of file ssl.h.

#define LENGTH_SIZE   3 /* 24 bits */

Definition at line 31 of file ssl.h.

#define MAX_CIPHERSUITES   200 /* Max.allowed cipher suites */

Definition at line 51 of file ssl.h.

#define MAX_KEYBLOCK_SIZE   ( ( 64 + 32 + 16 ) * 2 )

Definition at line 47 of file ssl.h.

#define MAX_PACKET_SIZE   16384 /* Maximum SSL packet size */

Definition at line 50 of file ssl.h.

#define MAX_SESSIONID_SIZE   32 /* Max.allowed session ID size */

Definition at line 46 of file ssl.h.

#define MD5MAC_SIZE   16 /* Size of MD5 proto-HMAC/dual hash */

Definition at line 38 of file ssl.h.

#define MIN_PACKET_SIZE   4 /* Minimum SSL packet size */

Definition at line 49 of file ssl.h.

#define SEQNO_SIZE   8 /* 64 bits */

Definition at line 32 of file ssl.h.

#define SESSIONID_SIZE   16 /* Size of session ID */

Definition at line 45 of file ssl.h.

#define SHA1MAC_SIZE   20 /* Size of SHA-1 proto-HMAC/dual hash */

Definition at line 39 of file ssl.h.

#define SHA2MAC_SIZE   32 /* Size of SHA-2 HMAC hash */

Definition at line 40 of file ssl.h.

#define SSL_ALERT_BAD_CERTIFICATE   42

Definition at line 181 of file ssl.h.

#define SSL_ALERT_BAD_RECORD_MAC   20

Definition at line 175 of file ssl.h.

#define SSL_ALERT_CERTIFICATE_EXPIRED   45

Definition at line 184 of file ssl.h.

#define SSL_ALERT_CERTIFICATE_REVOKED   44

Definition at line 183 of file ssl.h.

#define SSL_ALERT_CERTIFICATE_UNKNOWN   46

Definition at line 185 of file ssl.h.

#define SSL_ALERT_CLOSE_NOTIFY   0

Definition at line 173 of file ssl.h.

#define SSL_ALERT_DECOMPRESSION_FAILURE   30

Definition at line 178 of file ssl.h.

#define SSL_ALERT_FIRST   SSL_ALERT_CLOSE_NOTIFY

Definition at line 204 of file ssl.h.

#define SSL_ALERT_HANDSHAKE_FAILURE   40

Definition at line 179 of file ssl.h.

#define SSL_ALERT_LAST   TLS_ALERT_UNKNOWN_PSK_IDENTITY

Definition at line 205 of file ssl.h.

#define SSL_ALERT_NO_CERTIFICATE   41

Definition at line 180 of file ssl.h.

#define SSL_ALERT_UNEXPECTED_MESSAGE   10

Definition at line 174 of file ssl.h.

#define SSL_ALERT_UNSUPPORTED_CERTIFICATE   43

Definition at line 182 of file ssl.h.

#define SSL_ALERTLEVEL_FATAL   2

Definition at line 171 of file ssl.h.

#define SSL_ALERTLEVEL_WARNING   1

Definition at line 170 of file ssl.h.

#define SSL_HAND_CERTIFICATE   11

Definition at line 156 of file ssl.h.

#define SSL_HAND_CLIENT_CERTVERIFY   15

Definition at line 160 of file ssl.h.

#define SSL_HAND_CLIENT_HELLO   1

Definition at line 154 of file ssl.h.

#define SSL_HAND_CLIENT_KEYEXCHANGE   16

Definition at line 161 of file ssl.h.

#define SSL_HAND_FINISHED   20

Definition at line 162 of file ssl.h.

#define SSL_HAND_FIRST   SSL_HAND_CLIENT_HELLO

Definition at line 165 of file ssl.h.

#define SSL_HAND_LAST   SSL_HAND_SUPPLEMENTAL_DATA

Definition at line 166 of file ssl.h.

#define SSL_HAND_SERVER_CERTREQUEST   13

Definition at line 158 of file ssl.h.

#define SSL_HAND_SERVER_HELLO   2

Definition at line 155 of file ssl.h.

#define SSL_HAND_SERVER_HELLODONE   14

Definition at line 159 of file ssl.h.

#define SSL_HAND_SERVER_KEYEXCHANGE   12

Definition at line 157 of file ssl.h.

#define SSL_HAND_SUPPLEMENTAL_DATA   23

Definition at line 163 of file ssl.h.

#define SSL_HEADER_SIZE   5 /* Type, version, length */

Definition at line 35 of file ssl.h.

#define SSL_MAJOR_VERSION   3

Definition at line 421 of file ssl.h.

#define SSL_MINOR_VERSION_SSL   0

Definition at line 422 of file ssl.h.

#define SSL_MINOR_VERSION_TLS   1

Definition at line 423 of file ssl.h.

#define SSL_MINOR_VERSION_TLS11   2

Definition at line 424 of file ssl.h.

#define SSL_MINOR_VERSION_TLS12   3

Definition at line 425 of file ssl.h.

#define SSL_MSG_ALERT   21

Definition at line 131 of file ssl.h.

#define SSL_MSG_APPLICATION_DATA   23

Definition at line 133 of file ssl.h.

#define SSL_MSG_CHANGE_CIPHER_SPEC   20

Definition at line 130 of file ssl.h.

#define SSL_MSG_FIRST   SSL_MSG_CHANGE_CIPHER_SPEC

Definition at line 135 of file ssl.h.

#define SSL_MSG_FIRST_ENCRHANDSHAKE   0xFF

Definition at line 148 of file ssl.h.

#define SSL_MSG_FIRST_HANDSHAKE   0xFE

Definition at line 147 of file ssl.h.

#define SSL_MSG_HANDSHAKE   22

Definition at line 132 of file ssl.h.

#define SSL_MSG_LAST   SSL_MSG_APPLICATION_DATA

Definition at line 136 of file ssl.h.

#define SSL_MSG_LAST_SPECIAL   SSL_MSG_FIRST_ENCRHANDSHAKE

Definition at line 149 of file ssl.h.

#define SSL_MSG_V2HANDSHAKE   0x80

Definition at line 150 of file ssl.h.

#define SSL_NONCE_SIZE   32 /* Size of client/svr nonce */

Definition at line 36 of file ssl.h.

#define SSL_PFLAG_ALERTSENT   0x01 /* Close alert sent */

Definition at line 112 of file ssl.h.

#define SSL_PFLAG_CHECKREHANDSHAKE   0x20 /* Check decrypted pkt.for rehandshake */

Definition at line 117 of file ssl.h.

#define SSL_PFLAG_CLIAUTHSKIPPED   0x02 /* Client auth-req.skipped */

Definition at line 113 of file ssl.h.

#define SSL_PFLAG_GCM   0x04 /* Encryption uses GCM, not CBC */

Definition at line 114 of file ssl.h.

#define SSL_PFLAG_MAX   0x2F /* Maximum possible flag value */

Definition at line 118 of file ssl.h.

#define SSL_PFLAG_NONE   0x00 /* No protocol-specific flags */

Definition at line 111 of file ssl.h.

#define SSL_PFLAG_SUITEB

Value:

( SSL_PFLAG_SUITEB_128 | \
                                      SSL_PFLAG_SUITEB_256 )

Definition at line 125 of file ssl.h.

#define SSL_PFLAG_SUITEB_128   0x08 /* Enforce Suite B 128-bit semantics */

Definition at line 115 of file ssl.h.

#define SSL_PFLAG_SUITEB_256   0x10 /* Enforce Suite B 256-bit semantics */

Definition at line 116 of file ssl.h.

#define SSL_PORT   443

Definition at line 26 of file ssl.h.

#define SSL_SECRET_SIZE   48 /* Size of premaster/master secret */

Definition at line 37 of file ssl.h.

#define SSL_SENDER_CLIENTLABEL   "CLNT"

Definition at line 429 of file ssl.h.

#define SSL_SENDER_SERVERLABEL   "SRVR"

Definition at line 430 of file ssl.h.

#define SSL_SENDERLABEL_SIZE   4

Definition at line 431 of file ssl.h.

#define TLS_ALERT_ACCESS_DENIED   49

Definition at line 188 of file ssl.h.

#define TLS_ALERT_BAD_CERTIFICATE_HASH_VALUE   114

Definition at line 201 of file ssl.h.

#define TLS_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE   113

Definition at line 200 of file ssl.h.

#define TLS_ALERT_CERTIFICATE_UNOBTAINABLE   111

Definition at line 198 of file ssl.h.

#define TLS_ALERT_DECODE_ERROR   50

Definition at line 189 of file ssl.h.

#define TLS_ALERT_DECRYPT_ERROR   51

Definition at line 190 of file ssl.h.

#define TLS_ALERT_DECRYPTION_FAILED   21

Definition at line 176 of file ssl.h.

#define TLS_ALERT_EXPORT_RESTRICTION   60

Definition at line 191 of file ssl.h.

#define TLS_ALERT_ILLEGAL_PARAMETER   47

Definition at line 186 of file ssl.h.

#define TLS_ALERT_INSUFFICIENT_SECURITY   71

Definition at line 193 of file ssl.h.

#define TLS_ALERT_INTERNAL_ERROR   80

Definition at line 194 of file ssl.h.

#define TLS_ALERT_NO_RENEGOTIATION   100

Definition at line 196 of file ssl.h.

#define TLS_ALERT_PROTOCOL_VERSION   70

Definition at line 192 of file ssl.h.

#define TLS_ALERT_RECORD_OVERFLOW   22

Definition at line 177 of file ssl.h.

#define TLS_ALERT_UNKNOWN_CA   48

Definition at line 187 of file ssl.h.

#define TLS_ALERT_UNKNOWN_PSK_IDENTITY   115

Definition at line 202 of file ssl.h.

#define TLS_ALERT_UNRECOGNIZED_NAME   112

Definition at line 199 of file ssl.h.

#define TLS_ALERT_UNSUPPORTED_EXTENSION   110

Definition at line 197 of file ssl.h.

#define TLS_ALERT_USER_CANCELLED   90

Definition at line 195 of file ssl.h.

#define TLS_HASHEDMAC_SIZE   12 /* Size of TLS PRF( MD5 + SHA1 ) */

Definition at line 44 of file ssl.h.

#define TLS_SUPPDATA_USERMAPPING   0

Definition at line 209 of file ssl.h.

#define VERSIONINFO_SIZE   2 /* 0x03, 0x0n */

Definition at line 33 of file ssl.h.

Typedef Documentation

typedef struct SL SSL_HANDSHAKE_INFO

Enumeration Type Documentation

enum SSL_CIPHERSUITE_TYPE

Enumerator:

SSL_NULL_WITH_NULL
SSL_RSA_WITH_NULL_MD5
SSL_RSA_WITH_NULL_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_WITH_RC4_128_MD5
SSL_FIRST_VALID_SUITE
SSL_RSA_WITH_RC4_128_SHA
SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
SSL_RSA_WITH_IDEA_CBC_SHA
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_DSS_WITH_DES_CBC_SHA
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA
TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_RSA_WITH_DES_CBC_SHA
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
TLS_DH_anon_WITH_RC4_128_MD5
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_WITH_DES_CBC_SHA
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
TLS_reserved_1
TLS_reserved_2
TLS_KRB5_WITH_DES_CBC_SHA
TLS_KRB5_WITH_3DES_EDE_CBC_SHA
TLS_KRB5_WITH_RC4_128_SHA
TLS_KRB5_WITH_IDEA_CBC_SHA
TLS_KRB5_WITH_DES_CBC_MD5
TLS_KRB5_WITH_3DES_EDE_CBC_MD5
TLS_KRB5_WITH_RC4_128_MD5
TLS_KRB5_WITH_IDEA_CBC_MD5
TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA
TLS_KRB5_EXPORT_WITH_RC4_40_SHA
TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5
TLS_KRB5_EXPORT_WITH_RC4_40_MD5
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DH_DSS_WITH_AES_128_CBC_SHA
TLS_DH_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DH_DSS_WITH_AES_256_CBC_SHA
TLS_DH_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_NULL_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_DH_DSS_WITH_AES_128_CBC_SHA256
TLS_DH_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DH_DSS_WITH_AES_256_CBC_SHA256
TLS_DH_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DH_anon_WITH_AES_128_CBC_SHA256
TLS_DH_anon_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA
TLS_PSK_WITH_RC4_128_SHA
TLS_PSK_WITH_3DES_EDE_CBC_SHA
TLS_PSK_WITH_AES_128_CBC_SHA
TLS_PSK_WITH_AES_256_CBC_SHA
TLS_DHE_PSK_WITH_RC4_128_SHA
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
TLS_DHE_PSK_WITH_AES_128_CBC_SHA
TLS_DHE_PSK_WITH_AES_256_CBC_SHA
TLS_RSA_PSK_WITH_RC4_128_SHA
TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
TLS_RSA_PSK_WITH_AES_128_CBC_SHA
TLS_RSA_PSK_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DH_RSA_WITH_AES_128_GCM_SHA256
TLS_DH_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
TLS_DH_DSS_WITH_AES_128_GCM_SHA256
TLS_DH_DSS_WITH_AES_256_GCM_SHA384
TLS_DH_anon_WITH_AES_128_GCM_SHA256
TLS_DH_anon_WITH_AES_256_GCM_SHA384
TLS_ECDH_ECDSA_WITH_NULL_SHA
TLS_ECDH_ECDSA_WITH_RC4_128_SHA
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDH_RSA_WITH_NULL_SHA
TLS_ECDH_RSA_WITH_RC4_128_SHA
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDH_anon_WITH_NULL_SHA
TLS_ECDH_anon_WITH_RC4_128_SHA
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA
TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
TLS_SRP_SHA_WITH_AES_128_CBC_SHA
TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA
TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA
TLS_SRP_SHA_WITH_AES_256_CBC_SHA
TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA
TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_PSK_WITH_RC4_128_SHA
TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
TLS_ECDHE_PSK_WITH_NULL_SHA
TLS_ECDHE_PSK_WITH_NULL_SHA256
TLS_ECDHE_PSK_WITH_NULL_SHA384
SSL_LAST_SUITE

Definition at line 213 of file ssl.h.

enum TLS_CERTTYPE_TYPE

Enumerator:

TLS_CERTTYPE_NONE
TLS_CERTTYPE_RSA
TLS_CERTTYPE_DSA
TLS_CERTTYPE_DUMMY1
TLS_CERTTYPE_DUMMY2
TLS_CERTTYPE_DUMMY3
TLS_CERTTYPE_DUMMY4
TLS_CERTTYPE_ECDSA
TLS_CERTTYPE_LAST

Definition at line 382 of file ssl.h.

enum TLS_CURVE_TYPE

Enumerator:

TLS_CURVE_NONE
TLS_CURVE_SECT163K1
TLS_CURVE_SECT163R1
TLS_CURVE_SECT163R2
TLS_CURVE_SECT193R1
TLS_CURVE_SECT193R2
TLS_CURVE_SECT233K1
TLS_CURVE_SECT233R1
TLS_CURVE_SECT239K1
TLS_CURVE_SECT283K1
TLS_CURVE_SECT283R1
TLS_CURVE_SECT409K1
TLS_CURVE_SECT409R1
TLS_CURVE_SECT571K1
TLS_CURVE_SECT571R1
TLS_CURVE_SECP160K1
TLS_CURVE_SECP160R1
TLS_CURVE_SECP160R2
TLS_CURVE_SECP192K1
TLS_CURVE_SECP192R1
TLS_CURVE_SECP224K1
TLS_CURVE_SECP224R1
TLS_CURVE_SECP256K1
TLS_CURVE_SECP256R1
TLS_CURVE_SECP384R1
TLS_CURVE_SECP521R1
TLS_CURVE_LAST

Definition at line 405 of file ssl.h.

enum TLS_EXT_TYPE

Enumerator:

TLS_EXT_SERVER_NAME
TLS_EXT_MAX_FRAGMENT_LENTH
TLS_EXT_CLIENT_CERTIFICATE_URL
TLS_EXT_TRUSTED_CA_KEYS
TLS_EXT_TRUNCATED_HMAC
TLS_EXT_STATUS_REQUEST
TLS_EXT_USER_MAPPING
TLS_EXT_CLIENT_AUTHZ
TLS_EXT_SERVER_AUTHZ
TLS_EXT_CERTTYPE
TLS_EXT_ELLIPTIC_CURVES
TLS_EXT_EC_POINT_FORMATS
TLS_EXT_SRP
TLS_EXT_SIGNATURE_ALGORITHMS
TLS_EXT_SESSIONTICKET
TLS_EXT_LAST
TLS_EXT_SECURE_RENEG

Definition at line 354 of file ssl.h.

enum TLS_HASHALGO_TYPE

Enumerator:

TLS_HASHALGO_NONE
TLS_HASHALGO_MD5
TLS_HASHALGO_SHA1
TLS_HASHALGO_DUMMY1
TLS_HASHALGO_SHA2
TLS_HASHALGO_SHA384
TLS_HASHALGO_DUMMY3
TLS_HASHALGO_LAST

Definition at line 396 of file ssl.h.

enum TLS_SIGALGO_TYPE

Enumerator:

TLS_SIGALGO_NONE
TLS_SIGALGO_RSA
TLS_SIGALGO_DSA
TLS_SIGALGO_ECDSA
TLS_SIGALGO_LAST

Definition at line 391 of file ssl.h.

Function Documentation

CHECK_RETVAL int getCipherSuiteInfo	(	OUT const CIPHERSUITE_INFO ***	cipherSuiteInfoPtrPtrPtr,
		OUT_INT_Z int *	noSuiteEntries,
		const BOOLEAN	isServer
	)

CHECK_RETVAL_PTR const char* getSSLHSPacketName

(

IN_RANGE(0, 255) const int

packetType

)

CHECK_RETVAL_PTR const char* getSSLPacketName

(

IN_RANGE(0, 255) const int

packetType

)

CHECK_RETVAL IN_BUFFER

(

dataLength

)

const

CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE OUT_LENGTH_SHORT_Z int IN_BUFFER

(

labelLength

)

const

CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE OUT_LENGTH_SHORT_Z int IN_BUFFER

(

masterSecretLen

)

const

CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM IN_BUFFER

(

keyDataLength

)

const

CHECK_RETVAL * premasterSecretLength void IN_LENGTH_SHORT const int OUT_LENGTH_SHORT_Z int IN_BUFFER

(

sharedSecretLength

)

const

CHECK_RETVAL IN_BUFFER

(

headerLength

)

const

CHECK_RETVAL IN_BUFFER_OPT

(

keyDataLength

)

const

CHECK_RETVAL IN_LENGTH_SHORT_Z const int IN_HANDLE_OPT const CRYPT_CONTEXT IN_ENUM_OPT

(

CRYPT_ECCCURVE

)

const

CHECK_RETVAL OUT_BUFFER valueLen void IN_LENGTH_SHORT_MIN

(

64

)

const

CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE IN_LENGTH_SHORT_MIN

(

MD5MAC_SIZE+

SHA1MAC_SIZE

)

const

CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT IN_LENGTH_SHORT_MIN

(

TLS_HASHEDMAC_SIZE

)

const

CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM IN_LENGTH_SHORT_MIN

(

MIN_CRYPT_OBJECTSIZE

)

const

CHECK_RETVAL IN_LENGTH const int IN_LENGTH_Z const int IN_RANGE	(	0	,
		255
	)		const

CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE OUT_LENGTH_SHORT_Z int IN_RANGE	(	1	,
		64
	)		const

CHECK_RETVAL IN_RANGE	(	SSL_HAND_FIRST	,
		SSL_HAND_LAST
	)		const

CHECK_RETVAL INOUT_OPT SSL_HANDSHAKE_INFO OUT_LENGTH_Z int IN_RANGE	(	SSL_HAND_FIRST	,
		SSL_MSG_LAST_SPECIAL
	)		const

CHECK_RETVAL INOUT_BUFFER	(	dataMaxLength	,
		*	dataLength
	)

CHECK_RETVAL INOUT_BUFFER_FIXED

(

dataLength

)

CHECK_RETVAL int macDataTLSGCM	(	IN_HANDLE const CRYPT_CONTEXT	iCryptContext,
		IN_INT_Z const long	seqNo,
		IN_RANGE(SSL_MINOR_VERSION_TLS, SSL_MINOR_VERSION_TLS12) const int	version,
		IN_LENGTH_Z const int	payloadLength,
		IN_RANGE(0, 255) const int	type
	)

CHECK_RETVAL OUT_BUFFER	(	dataMaxLength	,
		*	dataLength
	)

CHECK_RETVAL OUT_BUFFER	(	hashValuesMaxLen	,
		*	hashValuesLen
	)

CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO OUT_BUFFER_FIXED

(

masterSecreSize

)

CHECK_RETVAL_LENGTH STDC_NONNULL_ARG

(

(1)

)

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Definition at line 26 of file ctx_attr.c.

CHECK_RETVAL STDC_NONNULL_ARG

(

(1, 2, 4)

)

CHECK_RETVAL STDC_NONNULL_ARG

(

(1, 2, 3, 4)

)

CHECK_RETVAL STDC_NONNULL_ARG

(

(1, 2)

)

CHECK_RETVAL STDC_NONNULL_ARG

(

(3, 5, 6, 8)

)

const

CHECK_RETVAL STDC_NONNULL_ARG

(

(2, 4, 5, 7)

)

const

CHECK_RETVAL STDC_NONNULL_ARG

(

(1, 2, 3)

)

const

CHECK_RETVAL STDC_NONNULL_ARG

(

(2)

)

const

CHECK_RETVAL STDC_NONNULL_ARG

(

(1, 3, 4)

)

CHECK_RETVAL STDC_NONNULL_ARG

(

(1, 2, 3, 5)

)

CHECK_RETVAL STDC_NONNULL_ARG

(

(1, 3)

)

Variable Documentation

const BOOLEAN alertReceived

Definition at line 936 of file ssl.h.

CHECK_RETVAL const SESSION_INFO IN_LENGTH_OPT const int bufferSize

Definition at line 909 of file ssl.h.

CHECK_RETVAL INOUT STREAM OUT_OPT_INT_Z int* clientVersion

Definition at line 846 of file ssl.h.

CHECK_RETVAL OUT_HANDLE_OPT CRYPT_CONTEXT* clonedHashContext

Definition at line 796 of file ssl.h.

CHECK_RETVAL IN_LENGTH const int OUT_LENGTH_Z int* dataLength

Definition at line 640 of file ssl.h.

CHECK_RETVAL IN_LENGTH const int dataMaxLength

Definition at line 640 of file ssl.h.

CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO* handshakeInfo

Definition at line 626 of file ssl.h.

CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT BYTE* hashValues

Definition at line 699 of file ssl.h.

CHECK_RETVAL OUT_LENGTH_SHORT_Z int * hashValuesLen

Definition at line 704 of file ssl.h.

CHECK_RETVAL IN_LENGTH const int headerLength

Definition at line 933 of file ssl.h.

CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM OUT_HANDLE_OPT CRYPT_CERTIFICATE* iCertChain

Definition at line 626 of file ssl.h.

CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO IN_LENGTH_SHORT const int const BOOLEAN isClient

Definition at line 781 of file ssl.h.

CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM IN_LENGTH_SHORT const int const BOOLEAN isECC

Definition at line 756 of file ssl.h.

CHECK_RETVAL * premasterSecretLength void IN_LENGTH_SHORT const int OUT_LENGTH_SHORT_Z int IN_LENGTH_SHORT const int const BOOLEAN isEncodedValue

Definition at line 813 of file ssl.h.

CHECK_RETVAL IN_LENGTH_SHORT_Z const int IN_HANDLE_OPT const CRYPT_CONTEXT iServerKeyTemplate

Definition at line 800 of file ssl.h.

CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO IN_LENGTH_SHORT const int const BOOLEAN const BOOLEAN isResumedSession

Definition at line 781 of file ssl.h.

CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM const BOOLEAN isServer

Definition at line 626 of file ssl.h.

CHECK_RETVAL const BOOLEAN isTLS12

Definition at line 791 of file ssl.h.

CHECK_RETVAL INOUT STREAM OUT_INT_SHORT_Z int* ivLength

Definition at line 835 of file ssl.h.

CHECK_RETVAL IN_LENGTH_SHORT_Z const int keyDataLength

Definition at line 750 of file ssl.h.

CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO INOUT STREAM IN_LENGTH_SHORT const int length

Definition at line 618 of file ssl.h.

CHECK_RETVAL INOUT SSL_HANDSHAKE_INFO IN_LENGTH_SHORT const int masterSecreSize

Definition at line 830 of file ssl.h.

CHECK_RETVAL OUT_LENGTH_SHORT_Z int IN_LENGTH_SHORT const int masterSecretLen

Definition at line 708 of file ssl.h.

CHECK_RETVAL INOUT STREAM OUT_LENGTH_Z int IN_LENGTH_SHORT_Z const int minSize

Definition at line 858 of file ssl.h.

CHECK_RETVAL IN_LENGTH const int IN_LENGTH_Z const int const BOOLEAN noReportError

Definition at line 675 of file ssl.h.

CHECK_RETVAL IN_LENGTH const int offset

Definition at line 695 of file ssl.h.

CHECK_RETVAL INOUT_OPT SSL_HANDSHAKE_INFO OUT_LENGTH_Z int* packetLength

Definition at line 850 of file ssl.h.

CHECK_RETVAL OUT_LENGTH_SHORT_Z int* packetOffset

Definition at line 918 of file ssl.h.

CHECK_RETVAL IN_LENGTH const int IN_LENGTH_Z const int payloadLength

Definition at line 640 of file ssl.h.

CHECK_RETVAL * premasterSecretLength void* premasterSecret

Definition at line 807 of file ssl.h.

CHECK_RETVAL * premasterSecretLength void IN_LENGTH_SHORT const int OUT_LENGTH_SHORT_Z int* premasterSecretLength

Definition at line 807 of file ssl.h.

CHECK_RETVAL * premasterSecretLength void IN_LENGTH_SHORT const int premasterSecretMaxLength

Definition at line 807 of file ssl.h.

CHECK_RETVAL IN_LENGTH const int OUT_LENGTH_Z int* processedDataLength

Definition at line 650 of file ssl.h.

CHECK_RETVAL INOUT STREAM const BOOLEAN sendOnly

Definition at line 906 of file ssl.h.

CHECK_RETVAL const SESSION_INFO* sessionInfoPtr

Definition at line 768 of file ssl.h.

CHECK_RETVAL IN_HANDLE const CRYPT_CONTEXT sha1context

Definition at line 699 of file ssl.h.

CHECK_RETVAL * premasterSecretLength void IN_LENGTH_SHORT const int OUT_LENGTH_SHORT_Z int IN_LENGTH_SHORT const int sharedSecretLength

Definition at line 813 of file ssl.h.

CHECK_RETVAL INOUT STREAM* stream

Definition at line 626 of file ssl.h.

CHECK_RETVAL OUT_BUFFER valueLen void* value

Definition at line 621 of file ssl.h.

CHECK_RETVAL OUT_BUFFER valueLen void OUT_LENGTH_PKC_Z int* valueLen

Definition at line 623 of file ssl.h.