mbedtls_ssl_config Struct Reference

SSL/TLS configuration to be shared between mbedtls_ssl_context structures. More...

#include <ssl.h>

Collaboration diagram for mbedtls_ssl_config:
Collaboration graph
[legend]

Data Fields

const int * ciphersuite_list [4]
void(* f_dbg )(void *, int, const char *, int, const char *)
 Callback for printing debug output.
void * p_dbg
int(* f_rng )(void *, unsigned char *, size_t)
 Callback for getting (pseudo-)random numbers.
void * p_rng
int(* f_get_cache )(void *, mbedtls_ssl_session *)
 Callback to retrieve a session from the cache.
int(* f_set_cache )(void *, const mbedtls_ssl_session *)
 Callback to store a session into the cache.
void * p_cache
int(* f_sni )(void *, mbedtls_ssl_context *, const unsigned char *, size_t)
 Callback for setting cert according to SNI extension.
void * p_sni
int(* f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *)
 Callback to customize X.509 certificate chain verification.
void * p_vrfy
int(* f_cookie_write )(void *, unsigned char **, unsigned char *, const unsigned char *, size_t)
 Callback to create & write a cookie for ClientHello veirifcation.
int(* f_cookie_check )(void *, const unsigned char *, size_t, const unsigned char *, size_t)
 Callback to verify validity of a ClientHello cookie.
void * p_cookie
int(* f_ticket_write )(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *)
 Callback to create & write a session ticket.
int(* f_ticket_parse )(void *, mbedtls_ssl_session *, unsigned char *, size_t)
 Callback to parse a session ticket into a session structure.
void * p_ticket
int(* f_export_keys )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t)
 Callback to export key block and master secret.
void * p_export_keys
const mbedtls_x509_crt_profilecert_profile
mbedtls_ssl_key_certkey_cert
mbedtls_x509_crtca_chain
mbedtls_x509_crlca_crl
const mbedtls_ecp_group_idcurve_list
mbedtls_mpi dhm_P
mbedtls_mpi dhm_G
const char ** alpn_list
uint32_t read_timeout
uint32_t hs_timeout_min
uint32_t hs_timeout_max
int renego_max_records
unsigned char renego_period [8]
unsigned int badmac_limit
unsigned int dhm_min_bitlen
unsigned char max_major_ver
unsigned char max_minor_ver
unsigned char min_major_ver
unsigned char min_minor_ver
unsigned int endpoint: 1
unsigned int transport: 1
unsigned int authmode: 2
unsigned int allow_legacy_renegotiation: 2
unsigned int arc4_disabled: 1
unsigned int mfl_code: 3
unsigned int encrypt_then_mac: 1
unsigned int extended_ms: 1
unsigned int anti_replay: 1
unsigned int cbc_record_splitting: 1
unsigned int disable_renegotiation: 1
unsigned int trunc_hmac: 1
unsigned int session_tickets: 1
unsigned int fallback: 1

Detailed Description

SSL/TLS configuration to be shared between mbedtls_ssl_context structures.

Definition at line 582 of file ssl.h.


Field Documentation

MBEDTLS_LEGACY_XXX

Definition at line 721 of file ssl.h.

ordered list of protocols

Definition at line 678 of file ssl.h.

detect and prevent replay?

Definition at line 735 of file ssl.h.

blacklist RC4 ciphersuites?

Definition at line 723 of file ssl.h.

MBEDTLS_SSL_VERIFY_XXX

Definition at line 719 of file ssl.h.

limit of records with a bad MAC

Definition at line 701 of file ssl.h.

trusted CAs

Definition at line 653 of file ssl.h.

trusted CAs CRLs

Definition at line 654 of file ssl.h.

do cbc record splitting

Definition at line 738 of file ssl.h.

verification profile

Definition at line 651 of file ssl.h.

allowed ciphersuites per version

Definition at line 590 of file ssl.h.

allowed curves

Definition at line 662 of file ssl.h.

generator for DHM

Definition at line 667 of file ssl.h.

min. bit length of the DHM prime

Definition at line 705 of file ssl.h.

prime modulus for DHM

Definition at line 666 of file ssl.h.

disable renegotiation?

Definition at line 741 of file ssl.h.

negotiate encrypt-then-mac?

Definition at line 729 of file ssl.h.

0: client, 1: server

Definition at line 717 of file ssl.h.

negotiate extended master secret?

Definition at line 732 of file ssl.h.

int(* mbedtls_ssl_config::f_cookie_check)(void *, const unsigned char *, size_t, const unsigned char *, size_t)

Callback to verify validity of a ClientHello cookie.

int(* mbedtls_ssl_config::f_cookie_write)(void *, unsigned char **, unsigned char *, const unsigned char *, size_t)

Callback to create & write a cookie for ClientHello veirifcation.

void(* mbedtls_ssl_config::f_dbg)(void *, int, const char *, int, const char *)

Callback for printing debug output.

int(* mbedtls_ssl_config::f_export_keys)(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t)

Callback to export key block and master secret.

Callback to retrieve a session from the cache.

int(* mbedtls_ssl_config::f_rng)(void *, unsigned char *, size_t)

Callback for getting (pseudo-)random numbers.

Callback to store a session into the cache.

int(* mbedtls_ssl_config::f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t)

Callback for setting cert according to SNI extension.

int(* mbedtls_ssl_config::f_ticket_parse)(void *, mbedtls_ssl_session *, unsigned char *, size_t)

Callback to parse a session ticket into a session structure.

int(* mbedtls_ssl_config::f_ticket_write)(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *)

Callback to create & write a session ticket.

int(* mbedtls_ssl_config::f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *)

Callback to customize X.509 certificate chain verification.

is this a fallback?

Definition at line 750 of file ssl.h.

maximum value of the handshake retransmission timeout (ms)

Definition at line 690 of file ssl.h.

initial value of the handshake retransmission timeout (ms)

Definition at line 688 of file ssl.h.

own certificate/key pair(s)

Definition at line 652 of file ssl.h.

max. major version used

Definition at line 708 of file ssl.h.

max. minor version used

Definition at line 709 of file ssl.h.

desired fragment length

Definition at line 726 of file ssl.h.

min. major version used

Definition at line 710 of file ssl.h.

min. minor version used

Definition at line 711 of file ssl.h.

context for cache callbacks

Definition at line 604 of file ssl.h.

context for the cookie callbacks

Definition at line 631 of file ssl.h.

context for the debug function

Definition at line 594 of file ssl.h.

context for key export callback

Definition at line 647 of file ssl.h.

context for the RNG function

Definition at line 598 of file ssl.h.

context for SNI callback

Definition at line 609 of file ssl.h.

context for the ticket callbacks

Definition at line 640 of file ssl.h.

context for X.509 verify calllback

Definition at line 615 of file ssl.h.

timeout for mbedtls_ssl_read (ms)

Definition at line 685 of file ssl.h.

grace period for renegotiation

Definition at line 695 of file ssl.h.

value of the record counters that triggers renegotiation

Definition at line 696 of file ssl.h.

use session tickets?

Definition at line 747 of file ssl.h.

stream (TLS) or datagram (DTLS)

Definition at line 718 of file ssl.h.

negotiate truncated hmac?

Definition at line 744 of file ssl.h.


The documentation for this struct was generated from the following file:

Generated on 11 Mar 2017 for mbed TLS v2.4.2 by  doxygen 1.6.1