package tls

  1. Overview
  2. Docs
val answer_client_hello : hrr:bool -> State.handshake_state -> Core.client_hello -> Cstruct.t -> (State.handshake_state * [> `Change_dec of State.crypto_context | `Change_enc of State.crypto_context | `Record of Packet.content_type * Cstruct.t ] list, [> `Error of [> `CouldntSelectCertificate | `NoCertificateConfigured | `NoConfiguredCiphersuite of [> `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 ] list | `NoConfiguredSignatureAlgorithm of Core.signature_algorithm list | `NoMatchingCertificateFound of string ] | `Fatal of [> `BadECDH of Mirage_crypto_ec.error | `HandshakeFragmentsNotEmpty | `InvalidClientHello of [> `EmptyCiphersuites | `Has0rttAfterHRR | `HasSignatureAlgorithmsExtension | `NoCookie | `NoGoodSignatureAlgorithms of Core.signature_algorithm list | `NoKeyShareExtension | `NoSignatureAlgorithmsExtension | `NoSupportedCiphersuite of Packet.any_ciphersuite list | `NoSupportedGroupExtension | `NotSetExtension of Core.client_extension list | `NotSetKeyShare of (Packet.named_group * Cstruct_sexp.t) list | `NotSetSupportedGroup of Packet.named_group list | `NotSubsetKeyShareSupportedGroup of Packet.named_group list * (Packet.named_group * Cstruct_sexp.t) list ] | `InvalidDH | `InvalidSession | `KeyTooSmall | `NoApplicationProtocol | `NoSupportedGroup ] ]) Rresult.result
val answer_client_certificate : State.handshake_state -> Cstruct.t -> State.session_data13 -> Cstruct_sexp.t -> State.crypto_context -> Core.session_ticket option -> Cstruct.t -> Cstruct.t -> (State.handshake_state * 'a list, [> `Error of [> `AuthenticationFailure of X509.Validation.validation_error ] | `Fatal of [> `BadCertificateChain | `InvalidSession | `KeyTooSmall | `ReaderError of Reader.error ] ]) Rresult.result
val answer_client_certificate_verify : State.handshake_state -> Cstruct.t -> State.session_data13 -> Cstruct_sexp.t -> State.crypto_context -> Core.session_ticket option -> Cstruct.t -> Cstruct.t -> (State.handshake_state * 'a list, [> `Error of [> `NoConfiguredSignatureAlgorithm of Core.signature_algorithm list ] | `Fatal of [> `HashAlgorithmMismatch | `NoCertificateReceived | `ReaderError of Reader.error | `SignatureVerificationFailed | `UnsupportedSignatureScheme ] ]) Rresult.result
val answer_client_finished : State.handshake_state -> Cstruct.t -> Cstruct.t -> 'a -> Core.session_ticket option -> Cstruct.t -> Cstruct.t -> (State.handshake_state * [> `Change_dec of 'a ] list, [> `Fatal of [> `BadFinished | `HandshakeFragmentsNotEmpty | `InvalidSession ] ]) Rresult.result
val handle_end_of_early_data : State.handshake_state -> Cstruct_sexp.t -> 'a -> State.crypto_context -> Core.session_ticket option -> Cstruct.t -> Cstruct.t -> (State.handshake_state * [> `Change_dec of 'a ] list, [> `Fatal of [> `InvalidSession ] ]) Stdlib.result
val handle_key_update : State.handshake_state -> Packet.key_update_request_type -> (State.handshake_state * [> `Change_dec of State.crypto_context | `Change_enc of State.crypto_context | `Record of Packet.content_type * Cstruct.t ] list, [> `Fatal of [> `HandshakeFragmentsNotEmpty | `InvalidSession ] ]) Rresult.result
val handle_handshake : State.server13_handshake_state -> State.handshake_state -> Cstruct.t -> (State.handshake_state * [> `Change_dec of State.crypto_context | `Change_enc of State.crypto_context | `Record of Packet.content_type * Cstruct.t ] list, [> `Error of [> `AuthenticationFailure of X509.Validation.validation_error | `CouldntSelectCertificate | `NoCertificateConfigured | `NoConfiguredCiphersuite of [> `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 ] list | `NoConfiguredSignatureAlgorithm of Core.signature_algorithm list | `NoMatchingCertificateFound of string ] | `Fatal of [> `BadCertificateChain | `BadECDH of Mirage_crypto_ec.error | `BadFinished | `HandshakeFragmentsNotEmpty | `HashAlgorithmMismatch | `InvalidClientHello of [> `EmptyCiphersuites | `Has0rttAfterHRR | `HasSignatureAlgorithmsExtension | `NoCookie | `NoGoodSignatureAlgorithms of Core.signature_algorithm list | `NoKeyShareExtension | `NoSignatureAlgorithmsExtension | `NoSupportedCiphersuite of Packet.any_ciphersuite list | `NoSupportedGroupExtension | `NotSetExtension of Core.client_extension list | `NotSetKeyShare of (Packet.named_group * Cstruct_sexp.t) list | `NotSetSupportedGroup of Packet.named_group list | `NotSubsetKeyShareSupportedGroup of Packet.named_group list * (Packet.named_group * Cstruct_sexp.t) list ] | `InvalidDH | `InvalidSession | `KeyTooSmall | `NoApplicationProtocol | `NoCertificateReceived | `NoSupportedGroup | `ReaderError of Reader.error | `SignatureVerificationFailed | `UnexpectedHandshake of Core.tls_handshake | `UnsupportedSignatureScheme ] ]) Rresult.result
OCaml

Innovation. Community. Security.