ssl.h File Reference

Detailed Description

Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> All rights reserved.

Joined copyright on original XySSL code with: Christophe Devine

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

Definition in file ssl.h.

#include <time.h>
#include "polarssl/net.h"
#include "polarssl/dhm.h"
#include "polarssl/rsa.h"
#include "polarssl/md5.h"
#include "polarssl/sha1.h"
#include "polarssl/x509.h"

Go to the source code of this file.

Data Structures

struct  _ssl_context
struct  _ssl_session

Defines

#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE   -0xA800
#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST   -0xB000
#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY   -0xD000
#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC   -0xD800
#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO   -0x9800
#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE   -0xC800
#define POLARSSL_ERR_SSL_BAD_HS_FINISHED   -0xE000
#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO   -0xA000
#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE   -0xC000
#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE   -0xB800
#define POLARSSL_ERR_SSL_BAD_INPUT_DATA   -0x1800
#define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED   -0x7000
#define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED   -0x6000
#define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE   -0x5800
#define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE   -0x8000
#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE   -0x1000
#define POLARSSL_ERR_SSL_INVALID_MAC   -0x2000
#define POLARSSL_ERR_SSL_INVALID_MODULUS_SIZE   -0x3000
#define POLARSSL_ERR_SSL_INVALID_RECORD   -0x2800
#define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN   -0x4000
#define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE   -0x5000
#define POLARSSL_ERR_SSL_NO_SESSION_FOUND   -0x4800
#define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY   -0x9000
#define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED   -0x8800
#define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED   -0x6800
#define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE   -0x7800
#define POLARSSL_ERR_SSL_UNKNOWN_CIPHER   -0x3800
#define SSL_ALERT_CLOSE_NOTIFY   0
#define SSL_ALERT_FATAL   2
#define SSL_ALERT_NO_CERTIFICATE   41
#define SSL_ALERT_WARNING   1
#define SSL_BUFFER_LEN   (SSL_MAX_CONTENT_LEN + 512)
#define SSL_COMPRESS_NULL   0
#define SSL_EDH_RSA_AES_256_SHA   57
#define SSL_EDH_RSA_CAMELLIA_256_SHA   0x88
#define SSL_EDH_RSA_DES_168_SHA   22
#define SSL_HS_CERTIFICATE   11
#define SSL_HS_CERTIFICATE_REQUEST   13
#define SSL_HS_CERTIFICATE_VERIFY   15
#define SSL_HS_CLIENT_HELLO   1
#define SSL_HS_CLIENT_KEY_EXCHANGE   16
#define SSL_HS_FINISHED   20
#define SSL_HS_HELLO_REQUEST   0
#define SSL_HS_SERVER_HELLO   2
#define SSL_HS_SERVER_HELLO_DONE   14
#define SSL_HS_SERVER_KEY_EXCHANGE   12
#define SSL_IS_CLIENT   0
#define SSL_IS_SERVER   1
#define SSL_MAJOR_VERSION_3   3
#define SSL_MAX_CONTENT_LEN   16384
#define SSL_MINOR_VERSION_0   0
#define SSL_MINOR_VERSION_1   1
#define SSL_MINOR_VERSION_2   2
#define SSL_MSG_ALERT   21
#define SSL_MSG_APPLICATION_DATA   23
#define SSL_MSG_CHANGE_CIPHER_SPEC   20
#define SSL_MSG_HANDSHAKE   22
#define SSL_RSA_AES_128_SHA   47
#define SSL_RSA_AES_256_SHA   53
#define SSL_RSA_CAMELLIA_128_SHA   0x41
#define SSL_RSA_CAMELLIA_256_SHA   0x84
#define SSL_RSA_DES_168_SHA   10
#define SSL_RSA_RC4_128_MD5   4
#define SSL_RSA_RC4_128_SHA   5
#define SSL_VERIFY_NONE   0
#define SSL_VERIFY_OPTIONAL   1
#define SSL_VERIFY_REQUIRED   2
#define TLS_EXT_SERVERNAME   0
#define TLS_EXT_SERVERNAME_HOSTNAME   0

Typedefs

typedef struct _ssl_context ssl_context
typedef struct _ssl_session ssl_session

Enumerations

enum  ssl_states {
  SSL_HELLO_REQUEST, SSL_CLIENT_HELLO, SSL_SERVER_HELLO, SSL_SERVER_CERTIFICATE,
  SSL_SERVER_KEY_EXCHANGE, SSL_CERTIFICATE_REQUEST, SSL_SERVER_HELLO_DONE, SSL_CLIENT_CERTIFICATE,
  SSL_CLIENT_KEY_EXCHANGE, SSL_CERTIFICATE_VERIFY, SSL_CLIENT_CHANGE_CIPHER_SPEC, SSL_CLIENT_FINISHED,
  SSL_SERVER_CHANGE_CIPHER_SPEC, SSL_SERVER_FINISHED, SSL_FLUSH_BUFFERS, SSL_HANDSHAKE_OVER
}

Functions

void ssl_calc_verify (ssl_context *ssl, unsigned char hash[36])
int ssl_close_notify (ssl_context *ssl)
 Notify the peer that the connection is being closed.
int ssl_derive_keys (ssl_context *ssl)
int ssl_fetch_input (ssl_context *ssl, int nb_want)
int ssl_flush_output (ssl_context *ssl)
void ssl_free (ssl_context *ssl)
 Free an SSL context.
int ssl_get_bytes_avail (ssl_context *ssl)
 Return the number of data bytes available to read.
char * ssl_get_cipher (ssl_context *ssl)
 Return the name of the current cipher.
int ssl_get_verify_result (ssl_context *ssl)
 Return the result of the certificate verification.
int ssl_handshake (ssl_context *ssl)
 Perform the SSL handshake.
int ssl_handshake_client (ssl_context *ssl)
int ssl_handshake_server (ssl_context *ssl)
int ssl_init (ssl_context *ssl)
 Initialize an SSL context.
int ssl_parse_certificate (ssl_context *ssl)
int ssl_parse_change_cipher_spec (ssl_context *ssl)
int ssl_parse_finished (ssl_context *ssl)
int ssl_read (ssl_context *ssl, unsigned char *buf, int len)
 Read at most 'len' application data bytes.
int ssl_read_record (ssl_context *ssl)
void ssl_set_authmode (ssl_context *ssl, int authmode)
 Set the certificate verification mode.
void ssl_set_bio (ssl_context *ssl, int(*f_recv)(void *, unsigned char *, int), void *p_recv, int(*f_send)(void *, unsigned char *, int), void *p_send)
 Set the underlying BIO read and write callbacks.
void ssl_set_ca_chain (ssl_context *ssl, x509_cert *ca_chain, x509_crl *ca_crl, char *peer_cn)
 Set the data required to verify peer certificate.
void ssl_set_ciphers (ssl_context *ssl, int *ciphers)
 Set the list of allowed ciphersuites.
void ssl_set_dbg (ssl_context *ssl, void(*f_dbg)(void *, int, char *), void *p_dbg)
 Set the debug callback.
int ssl_set_dh_param (ssl_context *ssl, char *dhm_P, char *dhm_G)
 Set the Diffie-Hellman public P and G values, read as hexadecimal strings (server-side only).
void ssl_set_endpoint (ssl_context *ssl, int endpoint)
 Set the current endpoint type.
int ssl_set_hostname (ssl_context *ssl, char *hostname)
 Set hostname for ServerName TLS Extension.
void ssl_set_own_cert (ssl_context *ssl, x509_cert *own_cert, rsa_context *rsa_key)
 Set own certificate and private key.
void ssl_set_rng (ssl_context *ssl, int(*f_rng)(void *), void *p_rng)
 Set the random number generator callback.
void ssl_set_scb (ssl_context *ssl, int(*s_get)(ssl_context *), int(*s_set)(ssl_context *))
 Set the session callbacks (server-side only).
void ssl_set_session (ssl_context *ssl, int resume, int timeout, ssl_session *session)
 Set the session resuming flag, timeout and data.
int ssl_write (ssl_context *ssl, unsigned char *buf, int len)
 Write exactly 'len' application data bytes.
int ssl_write_certificate (ssl_context *ssl)
int ssl_write_change_cipher_spec (ssl_context *ssl)
int ssl_write_finished (ssl_context *ssl)
int ssl_write_record (ssl_context *ssl)

Variables

int ssl_default_ciphers []

Define Documentation

#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE   -0xA800

Definition at line 57 of file ssl.h.

#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST   -0xB000

Definition at line 58 of file ssl.h.

#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY   -0xD000

Definition at line 62 of file ssl.h.

#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC   -0xD800

Definition at line 63 of file ssl.h.

#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO   -0x9800

Definition at line 55 of file ssl.h.

#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE   -0xC800

Definition at line 61 of file ssl.h.

#define POLARSSL_ERR_SSL_BAD_HS_FINISHED   -0xE000

Definition at line 64 of file ssl.h.

#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO   -0xA000

Definition at line 56 of file ssl.h.

#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE   -0xC000

Definition at line 60 of file ssl.h.

#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE   -0xB800

Definition at line 59 of file ssl.h.

#define POLARSSL_ERR_SSL_BAD_INPUT_DATA   -0x1800

Definition at line 39 of file ssl.h.

#define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED   -0x7000

Definition at line 50 of file ssl.h.

#define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED   -0x6000

Definition at line 48 of file ssl.h.

#define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE   -0x5800

Definition at line 47 of file ssl.h.

#define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE   -0x8000

Definition at line 52 of file ssl.h.

#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE   -0x1000

Definition at line 38 of file ssl.h.

#define POLARSSL_ERR_SSL_INVALID_MAC   -0x2000

Definition at line 40 of file ssl.h.

#define POLARSSL_ERR_SSL_INVALID_MODULUS_SIZE   -0x3000

Definition at line 42 of file ssl.h.

#define POLARSSL_ERR_SSL_INVALID_RECORD   -0x2800

Definition at line 41 of file ssl.h.

#define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN   -0x4000

Definition at line 44 of file ssl.h.

#define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE   -0x5000

Definition at line 46 of file ssl.h.

#define POLARSSL_ERR_SSL_NO_SESSION_FOUND   -0x4800

Definition at line 45 of file ssl.h.

#define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY   -0x9000

Definition at line 54 of file ssl.h.

#define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED   -0x8800

Definition at line 53 of file ssl.h.

#define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED   -0x6800

Definition at line 49 of file ssl.h.

#define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE   -0x7800

Definition at line 51 of file ssl.h.

#define POLARSSL_ERR_SSL_UNKNOWN_CIPHER   -0x3800

Definition at line 43 of file ssl.h.

#define SSL_ALERT_CLOSE_NOTIFY   0

Definition at line 113 of file ssl.h.

#define SSL_ALERT_FATAL   2

Definition at line 115 of file ssl.h.

#define SSL_ALERT_NO_CERTIFICATE   41

Definition at line 116 of file ssl.h.

#define SSL_ALERT_WARNING   1

Definition at line 114 of file ssl.h.

#define SSL_BUFFER_LEN   (SSL_MAX_CONTENT_LEN + 512)

Definition at line 88 of file ssl.h.

#define SSL_COMPRESS_NULL   0

Definition at line 76 of file ssl.h.

#define SSL_EDH_RSA_AES_256_SHA   57

Definition at line 99 of file ssl.h.

#define SSL_EDH_RSA_CAMELLIA_256_SHA   0x88

Definition at line 103 of file ssl.h.

#define SSL_EDH_RSA_DES_168_SHA   22

Definition at line 96 of file ssl.h.

#define SSL_HS_CERTIFICATE   11

Definition at line 121 of file ssl.h.

#define SSL_HS_CERTIFICATE_REQUEST   13

Definition at line 123 of file ssl.h.

#define SSL_HS_CERTIFICATE_VERIFY   15

Definition at line 125 of file ssl.h.

#define SSL_HS_CLIENT_HELLO   1

Definition at line 119 of file ssl.h.

#define SSL_HS_CLIENT_KEY_EXCHANGE   16

Definition at line 126 of file ssl.h.

#define SSL_HS_FINISHED   20

Definition at line 127 of file ssl.h.

#define SSL_HS_HELLO_REQUEST   0

Definition at line 118 of file ssl.h.

#define SSL_HS_SERVER_HELLO   2

Definition at line 120 of file ssl.h.

#define SSL_HS_SERVER_HELLO_DONE   14

Definition at line 124 of file ssl.h.

#define SSL_HS_SERVER_KEY_EXCHANGE   12

Definition at line 122 of file ssl.h.

#define SSL_IS_CLIENT   0

Definition at line 74 of file ssl.h.

#define SSL_IS_SERVER   1

Definition at line 75 of file ssl.h.

#define SSL_MAJOR_VERSION_3   3

Definition at line 69 of file ssl.h.

#define SSL_MAX_CONTENT_LEN   16384

Definition at line 82 of file ssl.h.

#define SSL_MINOR_VERSION_0   0

SSL v3.0

Definition at line 70 of file ssl.h.

#define SSL_MINOR_VERSION_1   1

TLS v1.0

Definition at line 71 of file ssl.h.

#define SSL_MINOR_VERSION_2   2

TLS v1.1

Definition at line 72 of file ssl.h.

#define SSL_MSG_ALERT   21

Definition at line 109 of file ssl.h.

#define SSL_MSG_APPLICATION_DATA   23

Definition at line 111 of file ssl.h.

#define SSL_MSG_CHANGE_CIPHER_SPEC   20

Definition at line 108 of file ssl.h.

#define SSL_MSG_HANDSHAKE   22

Definition at line 110 of file ssl.h.

#define SSL_RSA_AES_128_SHA   47

Definition at line 97 of file ssl.h.

#define SSL_RSA_AES_256_SHA   53

Definition at line 98 of file ssl.h.

#define SSL_RSA_CAMELLIA_128_SHA   0x41

Definition at line 101 of file ssl.h.

#define SSL_RSA_CAMELLIA_256_SHA   0x84

Definition at line 102 of file ssl.h.

#define SSL_RSA_DES_168_SHA   10

Definition at line 95 of file ssl.h.

#define SSL_RSA_RC4_128_MD5   4

Definition at line 93 of file ssl.h.

#define SSL_RSA_RC4_128_SHA   5

Definition at line 94 of file ssl.h.

#define SSL_VERIFY_NONE   0

Definition at line 78 of file ssl.h.

#define SSL_VERIFY_OPTIONAL   1

Definition at line 79 of file ssl.h.

#define SSL_VERIFY_REQUIRED   2

Definition at line 80 of file ssl.h.

#define TLS_EXT_SERVERNAME   0

Definition at line 132 of file ssl.h.

#define TLS_EXT_SERVERNAME_HOSTNAME   0

Definition at line 133 of file ssl.h.

Typedef Documentation

typedef struct _ssl_context ssl_context

Definition at line 160 of file ssl.h.

typedef struct _ssl_session ssl_session

Definition at line 159 of file ssl.h.

Enumeration Type Documentation

enum ssl_states

Enumerator:
SSL_HELLO_REQUEST 
SSL_CLIENT_HELLO 
SSL_SERVER_HELLO 
SSL_SERVER_CERTIFICATE 
SSL_SERVER_KEY_EXCHANGE 
SSL_CERTIFICATE_REQUEST 
SSL_SERVER_HELLO_DONE 
SSL_CLIENT_CERTIFICATE 
SSL_CLIENT_KEY_EXCHANGE 
SSL_CERTIFICATE_VERIFY 
SSL_CLIENT_CHANGE_CIPHER_SPEC 
SSL_CLIENT_FINISHED 
SSL_SERVER_CHANGE_CIPHER_SPEC 
SSL_SERVER_FINISHED 
SSL_FLUSH_BUFFERS 
SSL_HANDSHAKE_OVER 

Definition at line 138 of file ssl.h.

00139 {
00140     SSL_HELLO_REQUEST,
00141     SSL_CLIENT_HELLO,
00142     SSL_SERVER_HELLO,
00143     SSL_SERVER_CERTIFICATE,
00144     SSL_SERVER_KEY_EXCHANGE,
00145     SSL_CERTIFICATE_REQUEST,
00146     SSL_SERVER_HELLO_DONE,
00147     SSL_CLIENT_CERTIFICATE,
00148     SSL_CLIENT_KEY_EXCHANGE,
00149     SSL_CERTIFICATE_VERIFY,
00150     SSL_CLIENT_CHANGE_CIPHER_SPEC,
00151     SSL_CLIENT_FINISHED,
00152     SSL_SERVER_CHANGE_CIPHER_SPEC,
00153     SSL_SERVER_FINISHED,
00154     SSL_FLUSH_BUFFERS,
00155     SSL_HANDSHAKE_OVER
00156 }

Function Documentation

void ssl_calc_verify ( ssl_context ssl,
unsigned char  hash[36] 
)

int ssl_close_notify ( ssl_context ssl  ) 

Notify the peer that the connection is being closed.

Parameters:
ssl SSL context

int ssl_derive_keys ( ssl_context ssl  ) 

int ssl_fetch_input ( ssl_context ssl,
int  nb_want 
)

int ssl_flush_output ( ssl_context ssl  ) 

void ssl_free ( ssl_context ssl  ) 

Free an SSL context.

Parameters:
ssl SSL context

int ssl_get_bytes_avail ( ssl_context ssl  ) 

Return the number of data bytes available to read.

Parameters:
ssl SSL context
Returns:
how many bytes are available in the read buffer

char* ssl_get_cipher ( ssl_context ssl  ) 

Return the name of the current cipher.

Parameters:
ssl SSL context
Returns:
a string containing the cipher name

int ssl_get_verify_result ( ssl_context ssl  ) 

Return the result of the certificate verification.

Parameters:
ssl SSL context
Returns:
0 if successful, or a combination of: BADCERT_EXPIRED BADCERT_REVOKED BADCERT_CN_MISMATCH BADCERT_NOT_TRUSTED

int ssl_handshake ( ssl_context ssl  ) 

Perform the SSL handshake.

Parameters:
ssl SSL context
Returns:
0 if successful, POLARSSL_ERR_NET_TRY_AGAIN, or a specific SSL error code.

int ssl_handshake_client ( ssl_context ssl  ) 

int ssl_handshake_server ( ssl_context ssl  ) 

int ssl_init ( ssl_context ssl  ) 

Initialize an SSL context.

Parameters:
ssl SSL context
Returns:
0 if successful, or 1 if memory allocation failed

int ssl_parse_certificate ( ssl_context ssl  ) 

int ssl_parse_change_cipher_spec ( ssl_context ssl  ) 

int ssl_parse_finished ( ssl_context ssl  ) 

int ssl_read ( ssl_context ssl,
unsigned char *  buf,
int  len 
)

Read at most 'len' application data bytes.

Parameters:
ssl SSL context
buf buffer that will hold the data
len how many bytes must be read
Returns:
This function returns the number of bytes read, or a negative error code.

int ssl_read_record ( ssl_context ssl  ) 

void ssl_set_authmode ( ssl_context ssl,
int  authmode 
)

Set the certificate verification mode.

Parameters:
ssl SSL context
authmode can be:
SSL_VERIFY_NONE: peer certificate is not checked (default), this is insecure and SHOULD be avoided.

SSL_VERIFY_OPTIONAL: peer certificate is checked, however the handshake continues even if verification failed; ssl_get_verify_result() can be called after the handshake is complete.

SSL_VERIFY_REQUIRED: peer *must* present a valid certificate, handshake is aborted if verification failed.

void ssl_set_bio ( ssl_context ssl,
int(*)(void *, unsigned char *, int)  f_recv,
void *  p_recv,
int(*)(void *, unsigned char *, int)  f_send,
void *  p_send 
)

Set the underlying BIO read and write callbacks.

Parameters:
ssl SSL context
f_recv read callback
p_recv read parameter
f_send write callback
p_send write parameter

void ssl_set_ca_chain ( ssl_context ssl,
x509_cert ca_chain,
x509_crl ca_crl,
char *  peer_cn 
)

Set the data required to verify peer certificate.

Parameters:
ssl SSL context
ca_chain trusted CA chain
ca_crl trusted CA CRLs
peer_cn expected peer CommonName (or NULL)
Note:
TODO: add two more parameters: depth and crl

void ssl_set_ciphers ( ssl_context ssl,
int *  ciphers 
)

Set the list of allowed ciphersuites.

Parameters:
ssl SSL context
ciphers 0-terminated list of allowed ciphers

void ssl_set_dbg ( ssl_context ssl,
void(*)(void *, int, char *)  f_dbg,
void *  p_dbg 
)

Set the debug callback.

Parameters:
ssl SSL context
f_dbg debug function
p_dbg debug parameter

int ssl_set_dh_param ( ssl_context ssl,
char *  dhm_P,
char *  dhm_G 
)

Set the Diffie-Hellman public P and G values, read as hexadecimal strings (server-side only).

Parameters:
ssl SSL context
dhm_P Diffie-Hellman-Merkle modulus
dhm_G Diffie-Hellman-Merkle generator
Returns:
0 if successful

void ssl_set_endpoint ( ssl_context ssl,
int  endpoint 
)

Set the current endpoint type.

Parameters:
ssl SSL context
endpoint must be SSL_IS_CLIENT or SSL_IS_SERVER

int ssl_set_hostname ( ssl_context ssl,
char *  hostname 
)

Set hostname for ServerName TLS Extension.

Parameters:
ssl SSL context
hostname the server hostname
Returns:
0 if successful

void ssl_set_own_cert ( ssl_context ssl,
x509_cert own_cert,
rsa_context rsa_key 
)

Set own certificate and private key.

Parameters:
ssl SSL context
own_cert own public certificate
rsa_key own private RSA key

void ssl_set_rng ( ssl_context ssl,
int(*)(void *)  f_rng,
void *  p_rng 
)

Set the random number generator callback.

Parameters:
ssl SSL context
f_rng RNG function
p_rng RNG parameter

void ssl_set_scb ( ssl_context ssl,
int(*)(ssl_context *)  s_get,
int(*)(ssl_context *)  s_set 
)

Set the session callbacks (server-side only).

Parameters:
ssl SSL context
s_get session get callback
s_set session set callback

void ssl_set_session ( ssl_context ssl,
int  resume,
int  timeout,
ssl_session session 
)

Set the session resuming flag, timeout and data.

Parameters:
ssl SSL context
resume if 0 (default), the session will not be resumed
timeout session timeout in seconds, or 0 (no timeout)
session session context

int ssl_write ( ssl_context ssl,
unsigned char *  buf,
int  len 
)

Write exactly 'len' application data bytes.

Parameters:
ssl SSL context
buf buffer holding the data
len how many bytes must be written
Returns:
This function returns the number of bytes written, or a negative error code.
Note:
When this function returns POLARSSL_ERR_NET_TRY_AGAIN, it must be called later with the *same* arguments, until it returns a positive value.

int ssl_write_certificate ( ssl_context ssl  ) 

int ssl_write_change_cipher_spec ( ssl_context ssl  ) 

int ssl_write_finished ( ssl_context ssl  ) 

int ssl_write_record ( ssl_context ssl  ) 

Variable Documentation

int ssl_default_ciphers[]

Generated on Thu Dec 17 20:02:43 2009 for AVR32 - POLARSSL - Benchmark Example by  doxygen 1.5.5