![]() |
nRF5 SDK for Thread and Zigbee v1.0.0
|
Choose documentation: | nRF5 SDK | S112 SoftDevice API | S132 SoftDevice API | S140 SoftDevice API | S212 SoftDevice API |
#include <ssl.h>
Data Fields | |
const int * | ciphersuite_list [4] |
void(* | f_dbg )(void *, int, const char *, int, const char *) |
void * | p_dbg |
int(* | f_rng )(void *, unsigned char *, size_t) |
void * | p_rng |
int(* | f_get_cache )(void *, mbedtls_ssl_session *) |
int(* | f_set_cache )(void *, const mbedtls_ssl_session *) |
void * | p_cache |
int(* | f_sni )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
void * | p_sni |
int(* | f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *) |
void * | p_vrfy |
int(* | f_psk )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
void * | p_psk |
int(* | f_cookie_write )(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
int(* | f_cookie_check )(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
void * | p_cookie |
int(* | f_ticket_write )(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
int(* | f_ticket_parse )(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
void * | p_ticket |
int(* | f_export_keys )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
void * | p_export_keys |
const mbedtls_x509_crt_profile * | cert_profile |
mbedtls_ssl_key_cert * | key_cert |
mbedtls_x509_crt * | ca_chain |
mbedtls_x509_crl * | ca_crl |
const int * | sig_hashes |
const mbedtls_ecp_group_id * | curve_list |
mbedtls_mpi | dhm_P |
mbedtls_mpi | dhm_G |
unsigned char * | psk |
size_t | psk_len |
unsigned char * | psk_identity |
size_t | psk_identity_len |
const char ** | alpn_list |
uint32_t | read_timeout |
uint32_t | hs_timeout_min |
uint32_t | hs_timeout_max |
int | renego_max_records |
unsigned char | renego_period [8] |
unsigned int | badmac_limit |
unsigned int | dhm_min_bitlen |
unsigned char | max_major_ver |
unsigned char | max_minor_ver |
unsigned char | min_major_ver |
unsigned char | min_minor_ver |
unsigned int | endpoint: 1 |
unsigned int | transport: 1 |
unsigned int | authmode: 2 |
unsigned int | allow_legacy_renegotiation: 2 |
unsigned int | arc4_disabled: 1 |
unsigned int | mfl_code: 3 |
unsigned int | encrypt_then_mac: 1 |
unsigned int | extended_ms: 1 |
unsigned int | anti_replay: 1 |
unsigned int | cbc_record_splitting: 1 |
unsigned int | disable_renegotiation: 1 |
unsigned int | trunc_hmac: 1 |
unsigned int | session_tickets: 1 |
unsigned int | fallback: 1 |
unsigned int | cert_req_ca_list: 1 |
SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
unsigned int mbedtls_ssl_config::allow_legacy_renegotiation |
MBEDTLS_LEGACY_XXX
const char** mbedtls_ssl_config::alpn_list |
ordered list of protocols
unsigned int mbedtls_ssl_config::anti_replay |
detect and prevent replay?
unsigned int mbedtls_ssl_config::arc4_disabled |
blacklist RC4 ciphersuites?
unsigned int mbedtls_ssl_config::authmode |
MBEDTLS_SSL_VERIFY_XXX
unsigned int mbedtls_ssl_config::badmac_limit |
limit of records with a bad MAC
mbedtls_x509_crt* mbedtls_ssl_config::ca_chain |
trusted CAs
mbedtls_x509_crl* mbedtls_ssl_config::ca_crl |
trusted CAs CRLs
unsigned int mbedtls_ssl_config::cbc_record_splitting |
do cbc record splitting
const mbedtls_x509_crt_profile* mbedtls_ssl_config::cert_profile |
verification profile
unsigned int mbedtls_ssl_config::cert_req_ca_list |
enable sending CA list in Certificate Request messages?
const int* mbedtls_ssl_config::ciphersuite_list[4] |
allowed ciphersuites per version
const mbedtls_ecp_group_id* mbedtls_ssl_config::curve_list |
allowed curves
mbedtls_mpi mbedtls_ssl_config::dhm_G |
generator for DHM
unsigned int mbedtls_ssl_config::dhm_min_bitlen |
min. bit length of the DHM prime
mbedtls_mpi mbedtls_ssl_config::dhm_P |
prime modulus for DHM
unsigned int mbedtls_ssl_config::disable_renegotiation |
disable renegotiation?
unsigned int mbedtls_ssl_config::encrypt_then_mac |
negotiate encrypt-then-mac?
unsigned int mbedtls_ssl_config::endpoint |
0: client, 1: server
unsigned int mbedtls_ssl_config::extended_ms |
negotiate extended master secret?
int(* mbedtls_ssl_config::f_cookie_check)(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
Callback to verify validity of a ClientHello cookie
int(* mbedtls_ssl_config::f_cookie_write)(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
Callback to create & write a cookie for ClientHello veirifcation
void(* mbedtls_ssl_config::f_dbg)(void *, int, const char *, int, const char *) |
Callback for printing debug output
int(* mbedtls_ssl_config::f_export_keys)(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
Callback to export key block and master secret
int(* mbedtls_ssl_config::f_get_cache)(void *, mbedtls_ssl_session *) |
Callback to retrieve a session from the cache
int(* mbedtls_ssl_config::f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback to retrieve PSK key from identity
int(* mbedtls_ssl_config::f_rng)(void *, unsigned char *, size_t) |
Callback for getting (pseudo-)random numbers
int(* mbedtls_ssl_config::f_set_cache)(void *, const mbedtls_ssl_session *) |
Callback to store a session into the cache
int(* mbedtls_ssl_config::f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
Callback for setting cert according to SNI extension
int(* mbedtls_ssl_config::f_ticket_parse)(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
Callback to parse a session ticket into a session structure
int(* mbedtls_ssl_config::f_ticket_write)(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
Callback to create & write a session ticket
int(* mbedtls_ssl_config::f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) |
Callback to customize X.509 certificate chain verification
unsigned int mbedtls_ssl_config::fallback |
is this a fallback?
uint32_t mbedtls_ssl_config::hs_timeout_max |
maximum value of the handshake retransmission timeout (ms)
uint32_t mbedtls_ssl_config::hs_timeout_min |
initial value of the handshake retransmission timeout (ms)
mbedtls_ssl_key_cert* mbedtls_ssl_config::key_cert |
own certificate/key pair(s)
unsigned char mbedtls_ssl_config::max_major_ver |
max. major version used
unsigned char mbedtls_ssl_config::max_minor_ver |
max. minor version used
unsigned int mbedtls_ssl_config::mfl_code |
desired fragment length
unsigned char mbedtls_ssl_config::min_major_ver |
min. major version used
unsigned char mbedtls_ssl_config::min_minor_ver |
min. minor version used
void* mbedtls_ssl_config::p_cache |
context for cache callbacks
void* mbedtls_ssl_config::p_cookie |
context for the cookie callbacks
void* mbedtls_ssl_config::p_dbg |
context for the debug function
void* mbedtls_ssl_config::p_export_keys |
context for key export callback
void* mbedtls_ssl_config::p_psk |
context for PSK callback
void* mbedtls_ssl_config::p_rng |
context for the RNG function
void* mbedtls_ssl_config::p_sni |
context for SNI callback
void* mbedtls_ssl_config::p_ticket |
context for the ticket callbacks
void* mbedtls_ssl_config::p_vrfy |
context for X.509 verify calllback
unsigned char* mbedtls_ssl_config::psk |
pre-shared key. This field should only be set via mbedtls_ssl_conf_psk()
unsigned char* mbedtls_ssl_config::psk_identity |
identity for PSK negotiation. This field should only be set via mbedtls_ssl_conf_psk()
size_t mbedtls_ssl_config::psk_identity_len |
length of identity. This field should only be set via mbedtls_ssl_conf_psk()
size_t mbedtls_ssl_config::psk_len |
length of the pre-shared key. This field should only be set via mbedtls_ssl_conf_psk()
uint32_t mbedtls_ssl_config::read_timeout |
timeout for mbedtls_ssl_read (ms)
int mbedtls_ssl_config::renego_max_records |
grace period for renegotiation
unsigned char mbedtls_ssl_config::renego_period[8] |
value of the record counters that triggers renegotiation
unsigned int mbedtls_ssl_config::session_tickets |
use session tickets?
const int* mbedtls_ssl_config::sig_hashes |
allowed signature hashes
unsigned int mbedtls_ssl_config::transport |
stream (TLS) or datagram (DTLS)
unsigned int mbedtls_ssl_config::trunc_hmac |
negotiate truncated hmac?