tls 0.11.1 · OCaml Package

val empty : 'a list -> bool

val change_cipher_spec : Packet.content_type * Cstruct.t

val host_name_opt : string option -> [ `host ] Domain_name.t option

val hostname : Core.client_hello -> [ `host ] Domain_name.t option

val get_secure_renegotiation : 
  [> `SecureRenegotiation of 'a ] list ->
  'a option

val get_alpn_protocols : Core.client_hello -> string list option

val get_alpn_protocol : Core.server_hello -> string option

val empty_session : State.session_data

val session_of_epoch : Core.epoch_data -> State.session_data

val supported_protocol_version : 
  (Core.tls_version * Core.tls_version) ->
  Core.tls_any_version ->
  Core.tls_version option

val to_client_ext_type : 
  [< `ALPN of 'a
  | `ECPointFormats of 'b
  | `EllipticCurves of 'c
  | `ExtendedMasterSecret
  | `Hostname of 'd
  | `MaxFragmentLength of 'e
  | `Padding of 'f
  | `SecureRenegotiation of 'g
  | `SignatureAlgorithms of 'h
  | `UnknownExtension of 'i ] ->
  [> `ALPN
  | `ECPointFormats
  | `EllipticCurves
  | `ExtendedMasterSecret
  | `Hostname
  | `MaxFragmentLength
  | `Padding
  | `SecureRenegotiation
  | `SignatureAlgorithms
  | `UnknownExtension ]

val to_server_ext_type : 
  [< `ALPN of 'a
  | `ECPointFormats of 'b
  | `ExtendedMasterSecret
  | `Hostname
  | `MaxFragmentLength of 'c
  | `SecureRenegotiation of 'd
  | `UnknownExtension of 'e ] ->
  [> `ALPN
  | `ECPointFormats
  | `ExtendedMasterSecret
  | `Hostname
  | `MaxFragmentLength
  | `SecureRenegotiation
  | `UnknownExtension ]

val extension_types : 
  ('a -> [> `UnknownExtension ] as 'b) ->
  'a list ->
  'b list

val server_exts_subset_of_client : 
  [< `ALPN of 'a
  | `ECPointFormats of 'b
  | `ExtendedMasterSecret
  | `Hostname
  | `MaxFragmentLength of 'c
  | `SecureRenegotiation of 'd
  | `UnknownExtension of 'e ]
    list ->
  [< `ALPN of 'f
  | `ECPointFormats of 'g
  | `EllipticCurves of 'h
  | `ExtendedMasterSecret
  | `Hostname of 'i
  | `MaxFragmentLength of 'j
  | `Padding of 'k
  | `SecureRenegotiation of 'l
  | `SignatureAlgorithms of 'm
  | `UnknownExtension of 'n ]
    list ->
  bool

val client_hello_valid : Core.client_hello -> bool

val server_hello_valid : Core.server_hello -> bool

val (<+>) : Cstruct.t -> Cstruct.t -> Cstruct.t

val signature : 
  Core.tls_version ->
  Cstruct.t ->
  (Ciphersuite.H.t * Packet.signature_algorithm_type) list option ->
  Ciphersuite.H.t list ->
  Mirage_crypto_pk.Rsa.priv ->
  Cstruct.t State.t

val peer_rsa_key : 
  X509.Certificate.t option ->
  Mirage_crypto_pk.Rsa.pub State.t

val verify_digitally_signed : 
  Core.tls_version ->
  Ciphersuite.H.t list ->
  Cstruct.t ->
  Cstruct.t ->
  X509.Certificate.t option ->
  unit State.t

val validate_chain : 
  (host:'a ->
    X509.Certificate.t list ->
    (('b list * 'c) option, State.V_err.t) result)
    option ->
  Cstruct.t list ->
  'a ->
  (X509.Certificate.t option * X509.Certificate.t list * 'b list * 'c option)
    State.t

package tls