Gitiles
Code Review Sign In
realtimeroboticsgroup.org / RealtimeRoboticsGroup / test / 35a2f4972223ed6ec630f82bbaf4ef35a21a3eb4 / . / include / re_tls.h
blob: 09ad0280d6bb24ac30d520998cef0b0265e9fe5a [file] [log] [blame]
James Kuszmaul82f6c042021-01-17 11:30:16 -0800[diff] [blame]1/**
2 * @file re_tls.h Interface to Transport Layer Security
3 *
4 * Copyright (C) 2010 Creytiv.com
5 */
6
7
8struct tls;
9struct tls_conn;
10struct tcp_conn;
11struct udp_sock;
12
13
14/** Defines the TLS method */
15enum tls_method {
16 TLS_METHOD_SSLV23,
17 TLS_METHOD_DTLSV1,
18 TLS_METHOD_DTLS, /* DTLS 1.0 and 1.2 */
19 TLS_METHOD_DTLSV1_2, /* DTLS 1.2 */
20};
21
22enum tls_fingerprint {
23 TLS_FINGERPRINT_SHA1,
24 TLS_FINGERPRINT_SHA256,
25};
26
27enum tls_keytype {
28 TLS_KEYTYPE_RSA,
29 TLS_KEYTYPE_EC,
30};
31
32
33int tls_alloc(struct tls **tlsp, enum tls_method method, const char *keyfile,
34 const char *pwd);
35int tls_add_ca(struct tls *tls, const char *cafile);
36int tls_set_selfsigned(struct tls *tls, const char *cn);
37int tls_set_certificate_pem(struct tls *tls, const char *cert, size_t len_cert,
38 const char *key, size_t len_key);
39int tls_set_certificate_der(struct tls *tls, enum tls_keytype keytype,
40 const uint8_t *cert, size_t len_cert,
41 const uint8_t *key, size_t len_key);
42int tls_set_certificate(struct tls *tls, const char *cert, size_t len);
43void tls_set_verify_client(struct tls *tls);
44int tls_set_srtp(struct tls *tls, const char *suites);
45int tls_fingerprint(const struct tls *tls, enum tls_fingerprint type,
46 uint8_t *md, size_t size);
47
48int tls_peer_fingerprint(const struct tls_conn *tc, enum tls_fingerprint type,
49 uint8_t *md, size_t size);
50int tls_peer_common_name(const struct tls_conn *tc, char *cn, size_t size);
51int tls_peer_verify(const struct tls_conn *tc);
52int tls_srtp_keyinfo(const struct tls_conn *tc, enum srtp_suite *suite,
53 uint8_t *cli_key, size_t cli_key_size,
54 uint8_t *srv_key, size_t srv_key_size);
55const char *tls_cipher_name(const struct tls_conn *tc);
56int tls_set_ciphers(struct tls *tls, const char *cipherv[], size_t count);
Austin Schuh35a2f492021-04-07 21:41:56 -0700[diff] [blame^]57int tls_set_dh_params_pem(struct tls *tls, const char *pem, size_t len);
58int tls_set_dh_params_der(struct tls *tls, const uint8_t *der, size_t len);
James Kuszmaul82f6c042021-01-17 11:30:16 -0800[diff] [blame]59int tls_set_servername(struct tls_conn *tc, const char *servername);
60
61
62/* TCP */
63
64int tls_start_tcp(struct tls_conn **ptc, struct tls *tls,
65 struct tcp_conn *tcp, int layer);
66
67
68/* UDP (DTLS) */
69
70typedef void (dtls_conn_h)(const struct sa *peer, void *arg);
Austin Schuh35a2f492021-04-07 21:41:56 -0700[diff] [blame^]71typedef int (dtls_send_h)(struct tls_conn *tc, const struct sa *dst,
72 struct mbuf *mb, void *arg);
73typedef size_t (dtls_mtu_h)(struct tls_conn *tc, void *arg);
James Kuszmaul82f6c042021-01-17 11:30:16 -0800[diff] [blame]74typedef void (dtls_estab_h)(void *arg);
75typedef void (dtls_recv_h)(struct mbuf *mb, void *arg);
76typedef void (dtls_close_h)(int err, void *arg);
77
78struct dtls_sock;
79
80int dtls_listen(struct dtls_sock **sockp, const struct sa *laddr,
81 struct udp_sock *us, uint32_t htsize, int layer,
82 dtls_conn_h *connh, void *arg);
Austin Schuh35a2f492021-04-07 21:41:56 -0700[diff] [blame^]83int dtls_socketless(struct dtls_sock **sockp, uint32_t htsize,
84 dtls_conn_h *connh, dtls_send_h *sendh, dtls_mtu_h *mtuh,
85 void *arg);
James Kuszmaul82f6c042021-01-17 11:30:16 -0800[diff] [blame]86struct udp_sock *dtls_udp_sock(struct dtls_sock *sock);
87void dtls_set_mtu(struct dtls_sock *sock, size_t mtu);
Austin Schuh35a2f492021-04-07 21:41:56 -0700[diff] [blame^]88size_t dtls_headroom(struct dtls_sock *sock);
89void dtls_set_headroom(struct dtls_sock *sock, size_t headroom);
James Kuszmaul82f6c042021-01-17 11:30:16 -0800[diff] [blame]90int dtls_connect(struct tls_conn **ptc, struct tls *tls,
91 struct dtls_sock *sock, const struct sa *peer,
92 dtls_estab_h *estabh, dtls_recv_h *recvh,
93 dtls_close_h *closeh, void *arg);
94int dtls_accept(struct tls_conn **ptc, struct tls *tls,
95 struct dtls_sock *sock,
96 dtls_estab_h *estabh, dtls_recv_h *recvh,
97 dtls_close_h *closeh, void *arg);
98int dtls_send(struct tls_conn *tc, struct mbuf *mb);
Austin Schuh35a2f492021-04-07 21:41:56 -0700[diff] [blame^]99bool dtls_receive(struct dtls_sock *sock, struct sa *src, struct mbuf *mb);
James Kuszmaul82f6c042021-01-17 11:30:16 -0800[diff] [blame]100void dtls_set_handlers(struct tls_conn *tc, dtls_estab_h *estabh,
101 dtls_recv_h *recvh, dtls_close_h *closeh, void *arg);
102const struct sa *dtls_peer(const struct tls_conn *tc);
103void dtls_set_peer(struct tls_conn *tc, const struct sa *peer);
104void dtls_recv_packet(struct dtls_sock *sock, const struct sa *src,
105 struct mbuf *mb);
106
107
108#ifdef USE_OPENSSL
109struct ssl_ctx_st;
110
111struct ssl_ctx_st *tls_openssl_context(const struct tls *tls);
112#endif