= 1024" x-on:close-sidebar="sidebar=window.innerWidth >= 1024 && true">
Legend:
Library
Module
Module type
Parameter
Class
Class type
Library
Module
Module type
Parameter
Class
Class type
type hmac_key = Cstruct.t
val sexp_of_iv_mode : iv_mode -> Sexplib0.Sexp.t
type 'k cbc_cipher =
(module Mirage_crypto.Cipher_block.S.CBC
with type key = 'k)
type 'k cbc_state = {
cipher : 'k cbc_cipher;
cipher_secret : 'k;
iv_mode : iv_mode;
hmac : Mirage_crypto.Hash.hash;
hmac_secret : hmac_key;
}
type nonce = Cstruct.t
type 'k aead_cipher =
| CCM of (module Mirage_crypto.Cipher_block.S.CCM with type key = 'k)
| GCM of (module Mirage_crypto.Cipher_block.S.GCM with type key = 'k)
| ChaCha20_Poly1305 of (module Mirage_crypto.AEAD with type key = 'k)
val sexp_of_cipher_st : cipher_st -> Sexplib.Sexp.t
val sexp_of_crypto_context : crypto_context -> Sexplib0.Sexp.t
type hs_log = Cstruct_sexp.t list
val sexp_of_hs_log : hs_log -> Sexplib0.Sexp.t
type dh_secret = [
|
`Finite_field of Mirage_crypto_pk.Dh.secret
|
`P256 of Mirage_crypto_ec.P256.Dh.secret
|
`P384 of Mirage_crypto_ec.P384.Dh.secret
|
`P521 of Mirage_crypto_ec.P521.Dh.secret
|
`X25519 of Mirage_crypto_ec.X25519.secret
]
val sexp_of_dh_secret : 'a -> Sexplib.Sexp.t
val dh_secret_of_sexp : Sexplib0.Sexp.t -> 'a
type reneg_params = Cstruct_sexp.t * Cstruct_sexp.t
val sexp_of_reneg_params : reneg_params -> Sexplib0.Sexp.t
type common_session_data = {
server_random : Cstruct_sexp.t;
client_random : Cstruct_sexp.t;
peer_certificate_chain : Core.Cert.t list;
peer_certificate : Core.Cert.t option;
trust_anchor : Core.Cert.t option;
received_certificates : Core.Cert.t list;
own_certificate : Core.Cert.t list;
own_private_key : Core.Priv.t option;
own_name : Core.Peer_name.t option;
client_auth : bool;
master_secret : Core.master_secret;
alpn_protocol : string option;
}
val sexp_of_common_session_data : common_session_data -> Sexplib0.Sexp.t
type session_data = {
common_session_data : common_session_data;
client_version : Core.tls_any_version;
ciphersuite : Ciphersuite.ciphersuite;
group : Core.group option;
renegotiation : reneg_params;
session_id : Cstruct_sexp.t;
extended_ms : bool;
}
val sexp_of_session_data : session_data -> Sexplib0.Sexp.t
type server_handshake_state =
| AwaitClientHello
| AwaitClientHelloRenegotiate
| AwaitClientCertificate_RSA of session_data * hs_log
| AwaitClientCertificate_DHE of session_data * dh_secret * hs_log
| AwaitClientKeyExchange_RSA of session_data * hs_log
| AwaitClientKeyExchange_DHE of session_data * dh_secret * hs_log
| AwaitClientCertificateVerify of session_data * crypto_context * crypto_context * hs_log
| AwaitClientChangeCipherSpec of session_data * crypto_context * crypto_context * hs_log
| AwaitClientChangeCipherSpecResume of session_data * crypto_context * Cstruct_sexp.t * hs_log
| AwaitClientFinished of session_data * hs_log
| AwaitClientFinishedResume of session_data * Cstruct_sexp.t * hs_log
| Established
val sexp_of_server_handshake_state : server_handshake_state -> Sexplib0.Sexp.t
type client_handshake_state =
| ClientInitial
| AwaitServerHello of Core.client_hello * (Core.group * dh_secret) list * hs_log
| AwaitServerHelloRenegotiate of session_data * Core.client_hello * hs_log
| AwaitCertificate_RSA of session_data * hs_log
| AwaitCertificate_DHE of session_data * hs_log
| AwaitServerKeyExchange_DHE of session_data * hs_log
| AwaitCertificateRequestOrServerHelloDone of session_data * Cstruct_sexp.t * Cstruct_sexp.t * hs_log
| AwaitServerHelloDone of session_data * Core.signature_algorithm list option * Cstruct_sexp.t * Cstruct_sexp.t * hs_log
| AwaitServerChangeCipherSpec of session_data * crypto_context * Cstruct_sexp.t * hs_log
| AwaitServerChangeCipherSpecResume of session_data * crypto_context * crypto_context * hs_log
| AwaitServerFinished of session_data * Cstruct_sexp.t * hs_log
| AwaitServerFinishedResume of session_data * hs_log
| Established
val sexp_of_client_handshake_state : client_handshake_state -> Sexplib0.Sexp.t
val sexp_of_kdf : kdf -> Sexplib0.Sexp.t
type session_data13 = {
common_session_data13 : common_session_data;
ciphersuite13 : Ciphersuite.ciphersuite13;
master_secret : kdf;
resumption_secret : Cstruct_sexp.t;
state : Core.epoch_state;
resumed : bool;
client_app_secret : Cstruct_sexp.t;
server_app_secret : Cstruct_sexp.t;
}
val sexp_of_session_data13 : session_data13 -> Sexplib0.Sexp.t
type client13_handshake_state =
| AwaitServerHello13 of Core.client_hello * (Core.group * dh_secret) list * Cstruct_sexp.t
| AwaitServerEncryptedExtensions13 of session_data13 * Cstruct_sexp.t * Cstruct_sexp.t * Cstruct_sexp.t
| AwaitServerCertificateRequestOrCertificate13 of session_data13 * Cstruct_sexp.t * Cstruct_sexp.t * Cstruct_sexp.t
| AwaitServerCertificate13 of session_data13 * Cstruct_sexp.t * Cstruct_sexp.t * Core.signature_algorithm list option * Cstruct_sexp.t
| AwaitServerCertificateVerify13 of session_data13 * Cstruct_sexp.t * Cstruct_sexp.t * Core.signature_algorithm list option * Cstruct_sexp.t
| AwaitServerFinished13 of session_data13 * Cstruct_sexp.t * Cstruct_sexp.t * Core.signature_algorithm list option * Cstruct_sexp.t
| Established13
val sexp_of_client13_handshake_state :
client13_handshake_state ->
Sexplib0.Sexp.t
type server13_handshake_state =
| AwaitClientHelloHRR13
| AwaitClientCertificate13 of session_data13 * Cstruct_sexp.t * crypto_context * Core.session_ticket option * Cstruct_sexp.t
| AwaitClientCertificateVerify13 of session_data13 * Cstruct_sexp.t * crypto_context * Core.session_ticket option * Cstruct_sexp.t
| AwaitClientFinished13 of Cstruct_sexp.t * crypto_context * Core.session_ticket option * Cstruct_sexp.t
| AwaitEndOfEarlyData13 of Cstruct_sexp.t * crypto_context * crypto_context * Core.session_ticket option * Cstruct_sexp.t
| Established13
val sexp_of_server13_handshake_state :
server13_handshake_state ->
Sexplib0.Sexp.t
type handshake_machina_state =
| Client of client_handshake_state
| Server of server_handshake_state
| Client13 of client13_handshake_state
| Server13 of server13_handshake_state
val sexp_of_handshake_machina_state :
handshake_machina_state ->
Sexplib0.Sexp.t
type handshake_state = {
session : [ `TLS of session_data | `TLS13 of session_data13 ] list;
protocol_version : Core.tls_version;
early_data_left : int32;
machina : handshake_machina_state;
config : Config.config;
hs_fragment : Cstruct_sexp.t;
}
val sexp_of_handshake_state : handshake_state -> Sexplib0.Sexp.t
type crypto_state = crypto_context option
val sexp_of_crypto_state : crypto_state -> Sexplib0.Sexp.t
type record = Packet.content_type * Cstruct_sexp.t
val sexp_of_record : record -> Sexplib0.Sexp.t
type rec_resp = [
|
`Change_enc of crypto_context
|
`Change_dec of crypto_context
|
`Record of record
]
type handshake_return = handshake_state * rec_resp list
type state = {
handshake : handshake_state;
decryptor : crypto_state;
encryptor : crypto_state;
fragment : Cstruct_sexp.t;
}
val sexp_of_state : state -> Sexplib0.Sexp.t
module V_err : sig ... end
module Ec_err : sig ... end
type error = [
|
`AuthenticationFailure of V_err.t
|
`NoConfiguredCiphersuite of Ciphersuite.ciphersuite list
|
`NoConfiguredVersions of Core.tls_version list
|
`NoConfiguredSignatureAlgorithm of Core.signature_algorithm list
|
`NoMatchingCertificateFound of string
|
`NoCertificateConfigured
|
`CouldntSelectCertificate
]
val sexp_of_error : error -> Sexplib0.Sexp.t
type client_hello_errors = [
|
`EmptyCiphersuites
|
`NotSetCiphersuites of Packet.any_ciphersuite list
|
`NoSupportedCiphersuite of Packet.any_ciphersuite list
|
`NotSetExtension of Core.client_extension list
|
`HasSignatureAlgorithmsExtension
|
`NoSignatureAlgorithmsExtension
|
`NoGoodSignatureAlgorithms of Core.signature_algorithm list
|
`NoSupportedGroupExtension
|
`NotSetSupportedGroup of Packet.named_group list
|
`Has0rttAfterHRR
|
`NoCookie
]
val sexp_of_client_hello_errors : client_hello_errors -> Sexplib0.Sexp.t
type fatal = [
|
`NoSecureRenegotiation
|
`NoSupportedGroup
|
`NoVersions of Core.tls_any_version list
|
`ReaderError of Reader.error
|
`NoCertificateReceived
|
`NoCertificateVerifyReceived
|
`NotRSACertificate
|
`KeyTooSmall
|
`SignatureVerificationFailed of string
|
`SigningFailed of string
|
`BadCertificateChain
|
`MACMismatch
|
`MACUnderflow
|
`RecordOverflow of int
|
`UnknownRecordVersion of int * int
|
`UnknownContentType of int
|
`CannotHandleApplicationDataYet
|
`NoHeartbeat
|
`BadRecordVersion of Core.tls_any_version
|
`BadFinished
|
`HandshakeFragmentsNotEmpty
|
`InsufficientDH
|
`InvalidDH
|
`BadECDH of Ec_err.t
|
`InvalidRenegotiation
|
`InvalidClientHello of client_hello_errors
|
`InvalidServerHello
|
`InvalidRenegotiationVersion of Core.tls_version
|
`InappropriateFallback
|
`UnexpectedCCS
|
`UnexpectedHandshake of Core.tls_handshake
|
`InvalidCertificateUsage
|
`InvalidCertificateExtendedUsage
|
`InvalidSession
|
`NoApplicationProtocol
|
`HelloRetryRequest
|
`InvalidMessage
|
`Toomany0rttbytes
|
`MissingContentType
|
`Downgrade12
|
`Downgrade11
]
val sexp_of_fatal : fatal -> Sexplib0.Sexp.t
val sexp_of_failure : failure -> Sexplib0.Sexp.t
val common_data_to_epoch :
common_session_data ->
bool ->
Core.Peer_name.t option ->
Core.epoch_data
val epoch_of_session :
bool ->
Core.Peer_name.t option ->
Core.tls_version ->
[< `TLS of session_data | `TLS13 of session_data13 ] ->
Core.epoch_data
val epoch_of_hs : handshake_state -> Core.epoch_data option