SharkSSL™ Embedded SSL/TLS Stack
SharkSSL.h
1 /*
2  * ____ _________ __ _
3  * / __ \___ ____ _/ /_ __(_)___ ___ ___ / / ____ ____ _(_)____
4  * / /_/ / _ \/ __ `/ / / / / / __ `__ \/ _ \/ / / __ \/ __ `/ / ___/
5  * / _, _/ __/ /_/ / / / / / / / / / / / __/ /___/ /_/ / /_/ / / /__
6  * /_/ |_|\___/\__,_/_/ /_/ /_/_/ /_/ /_/\___/_____/\____/\__, /_/\___/
7  * /____/
8  *
9  * SharkSSL Embedded SSL/TLS Stack
10  ****************************************************************************
11  * PROGRAM MODULE
12  *
13  * $Id: SharkSSL.h 5131 2022-04-26 20:10:40Z gianluca $
14  *
15  * COPYRIGHT: Real Time Logic LLC, 2010 - 2021
16  *
17  * This software is copyrighted by and is the sole property of Real
18  * Time Logic LLC. All rights, title, ownership, or other interests in
19  * the software remain the property of Real Time Logic LLC. This
20  * software may only be used in accordance with the terms and
21  * conditions stipulated in the corresponding license agreement under
22  * which the software has been supplied. Any unauthorized use,
23  * duplication, transmission, distribution, or disclosure of this
24  * software is expressly forbidden.
25  *
26  * This Copyright notice may not be removed or modified without prior
27  * written consent of Real Time Logic LLC.
28  *
29  * Real Time Logic LLC. reserves the right to modify this software
30  * without notice.
31  *
32  * http://www.realtimelogic.com
33  * http://www.sharkssl.com
34  ****************************************************************************
35  *
36  */
37 #ifndef _SharkSsl_h
38 #define _SharkSsl_h
39 
40 #include "TargConfig.h" /* platform dependencies */
41 
42 /* Above TargConfig.h for BAS defines SHARKSSL_API, but not Shark's version */
43 #ifndef SHARKSSL_API
44 #define SHARKSSL_API
45 #else /* Barracuda */
46 #define SHARKSSL_BA 1
47 #include <ThreadLib.h>
48 #include <BaServerLib.h>
49 #endif
50 
51 #include "SharkSSL_cfg.h" /* SharkSSL configuration */
52 #ifdef __cplusplus
53 #include <stddef.h> /* size_t for new, delete */
54 #endif
55 
56 #include "SharkSslCrypto.h" /* Crypto API */
57 
58 #ifndef sharkCertSerialNumber2NetworkEndian
59 
63 typedef U64 SharkCertSerialNumber;
64 #ifdef B_BIG_ENDIAN
65 #define sharkCertSerialNumber2NetworkEndian(n)
66 #else
67 #define sharkCertSerialNumber2NetworkEndian(n) \
68  do { \
69  U64 nn=0; \
70  register U8* t=(U8*)&nn; \
71  register U8* f=(U8*)&n; \
72  t[7]=f[0]; \
73  t[6]=f[1]; \
74  t[5]=f[2]; \
75  t[4]=f[3]; \
76  t[3]=f[4]; \
77  t[2]=f[5]; \
78  t[1]=f[6]; \
79  t[0]=f[7]; \
80  n=nn; \
81  } while(0)
82 #endif
83 #endif
84 
85 /* Forward decl. */
86 struct SharkSslCertDN;
87 struct SharkSslASN1Create;
88 struct SharkSslBitExtReq;
89 
111 #define SHARKSSL_ALERT_LEVEL_WARNING 1
112 
114 #define SHARKSSL_ALERT_LEVEL_FATAL 2
115 
128 #define SHARKSSL_ALERT_CLOSE_NOTIFY 0
129 
130 #define SHARKSSL_ALERT_UNEXPECTED_MESSAGE 10
131 
132 #define SHARKSSL_ALERT_BAD_RECORD_MAC 20
133 
134 #define SHARKSSL_ALERT_DECRYPTION_FAILED 21
135 
136 #define SHARKSSL_ALERT_RECORD_OVERFLOW 22
137 
138 #define SHARKSSL_ALERT_DECOMPRESSION_FAILURE 30
139 
140 #define SHARKSSL_ALERT_HANDSHAKE_FAILURE 40
141 
142 #define SHARKSSL_ALERT_BAD_CERTIFICATE 42
143 
144 #define SHARKSSL_ALERT_UNSUPPORTED_CERTIFICATE 43
145 
146 #define SHARKSSL_ALERT_CERTIFICATE_REVOKED 44
147 
148 #define SHARKSSL_ALERT_CERTIFICATE_EXPIRED 45
149 
150 #define SHARKSSL_ALERT_CERTIFICATE_UNKNOWN 46
151 
152 #define SHARKSSL_ALERT_ILLEGAL_PARAMETER 47
153 
154 #define SHARKSSL_ALERT_UNKNOWN_CA 48
155 
156 #define SHARKSSL_ALERT_ACCESS_DENIED 49
157 
158 #define SHARKSSL_ALERT_DECODE_ERROR 50
159 
160 #define SHARKSSL_ALERT_DECRYPT_ERROR 51
161 
162 #define SHARKSSL_ALERT_EXPORT_RESTRICTION 60
163 
164 #define SHARKSSL_ALERT_PROTOCOL_VERSION 70
165 
166 #define SHARKSSL_ALERT_INSUFFICIENT_SECURITY 71
167 
168 #define SHARKSSL_ALERT_INTERNAL_ERROR 80
169 
170 #define SHARKSSL_ALERT_USER_CANCELED 90
171 
172 #define SHARKSSL_ALERT_NO_RENEGOTIATION 100
173 
174 #define SHARKSSL_ALERT_UNRECOGNIZED_NAME 112
175 
176 #define SHARKSSL_ALERT_NO_APPLICATION_PROTOCOL 120 /* RFC 7301 */
177  /* end group SharkSslAlertMsg */ /* end group SharkSslAlert */
180 
181 
191 #define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x009E
192 
193 #define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x009F
194 
195 #define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B
196 
197 #define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C
198 
199 #define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F
200 
201 #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030
202 
203 #define TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8
204 
205 #define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9
206 
207 #define TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA
208  /* end group SharkSslCiphers */
210 
211 
219 #define SHARKSSL_PROTOCOL_UNKNOWN 0x00
220 
221 #define SHARKSSL_PROTOCOL_TLS_1_2 0x03
222  /* end group SharkSslProtocol */
224 
225 
226 #if (SHARKSSL_ENABLE_RSA || SHARKSSL_ENABLE_ECDSA)
227 #ifndef BA_API /* standalone SharkSSL */
228 #define BA_API SHARKSSL_API
229 #ifdef _SHARKSSL_C_
230 #define SingleListCode 1
231 #endif
232 #endif
233 #include "SingleList.h"
234 #endif
235 
236 
237 #if SHARKSSL_ENABLE_SESSION_CACHE || SHARKSSL_NOPACK
238 
246 typedef struct SharkSslSession SharkSslSession;
247  /* end group SharkSslSessionApi */
249 
250 #ifndef _DOXYGEN
251 typedef struct SharkSslSessionCache
252 {
253  SharkSslSession *cache;
254  ThreadMutexBase cacheMutex;
255  U16 cacheSize;
256 } SharkSslSessionCache;
257 #endif
258 #endif
259 
260 
272 typedef enum
273 {
278  /* end group SharkSslInfoAndCodes */
280 
281 
282 #if (SHARKSSL_ENABLE_RSA || SHARKSSL_ENABLE_ECDSA)
283 
290 typedef U8* SharkSslKey;
291 
292 
298 typedef const U8 *SharkSslCert;
299 
300 #ifdef __cplusplus
301 extern "C" {
302 #endif
303 
309 SHARKSSL_API U16 SharkSslCert_len(SharkSslCert cert);
310 
313 #ifdef __DOXYGEN__
314 U32 baGetUnixTime(void);
315 #endif
316 
317 #if SHARKSSL_ENABLE_CSR_CREATION
318 
380 SHARKSSL_API int
382  SharkSslKey privKey,
383  U8 hashID,
384  struct SharkSslCertDN* certDN,
385  const char *SAN,
386  struct SharkSslBitExtReq* keyUsage,
387  struct SharkSslBitExtReq* nsCertType);
388 #endif
389 
390 #if SHARKSSL_ENABLE_CSR_SIGNING
391 
451 SHARKSSL_API int
453  const U8 *csrData,
454  int csrDataLen,
455  const SharkSslCert caCert,
456  const SharkSslKey privKey,
457  const char *validFrom,
458  const char *validTo,
459  SharkCertSerialNumber serialNumber,
460  U8 hashID);
461 #endif
462 
463 #if SHARKSSL_ENABLE_ASN1_KEY_CREATION
464 
470 SHARKSSL_API int
472 #endif
473 
474 
475 #ifdef __cplusplus
476 }
477 #endif
478 
479 
480 #if SHARKSSL_ENABLE_CA_LIST
481 
486 typedef const U8 *SharkSslCAList;
487 #endif
488  /* end group SharkSslInfoAndCodes */
490 #endif
491 
492 #ifndef _DOXYGEN
493 struct SharkSsl;
494 #endif
495 
496 
497 /* Non documented API used by SharkSslSCMgr when used indirectly by
498  Lua code in the Barracuda Application Server. The code manages
499  automatic destruction of SharkSslSCMgr.
500  */
501 #ifndef _DOXYGEN
502 struct SharkSslIntf;
503 typedef void (*SharkSslIntf_Terminate)(struct SharkSslIntf* o,
504  struct SharkSsl* ssl);
505 typedef struct SharkSslIntf
506 {
507  SharkSslIntf_Terminate terminate;
508 } SharkSslIntf;
509 #define SharkSslIntf_constructor(o,terminateFunc) (o)->terminate=terminateFunc
510 #endif
511 
512 
534 typedef struct SharkSslCon SharkSslCon;
535 
536 
540 typedef struct
541 SharkSsl
542 {
543 #ifdef __cplusplus
544  void *operator new(size_t s) { return ::baMalloc(s); }
545  void operator delete(void* d) { if(d) ::baFree(d); }
546  void *operator new(size_t, void *place) { return place; }
547  void operator delete(void*, void *) { }
548 
549  SharkSsl() {};
550 
551  SharkSsl(SharkSsl_Role role,
552  U16 cacheSize = 0,
553  U16 inBufStartSize = 4096,
554  U16 outBufSize = 4096
555  );
556 
557  ~SharkSsl();
558  SharkSslCon *createCon(void);
559  U8 setCAList(SharkSslCAList caList);
560  U8 addCertificate(SharkSslCert cert);
561  void terminateCon(SharkSslCon *sslCon);
562 #endif
563  #if (SHARKSSL_SSL_SERVER_CODE && SHARKSSL_SSL_CLIENT_CODE) || SHARKSSL_NOPACK
564  SharkSsl_Role role;
565  #endif
566  U16 outBufSize;
567  U16 inBufStartSize;
568  U16 nCon;
569  #if (SHARKSSL_ENABLE_RSA || (SHARKSSL_ENABLE_ECDSA)) || SHARKSSL_NOPACK
570  SingleList certList;
571  #if SHARKSSL_ENABLE_CA_LIST || SHARKSSL_NOPACK
572  SharkSslCAList caList;
573  #endif
574  #endif
575  #if SHARKSSL_ENABLE_SESSION_CACHE || SHARKSSL_NOPACK
576  SharkSslSessionCache sessionCache;
577  /* Reserved for use with one SharkSslSCMgr object */
578  SharkSslIntf* intf;
579  #endif
581  /* end group SharkSslInfoAndCodes */
583 
590 typedef enum
591 {
595 
599 
610 
623 
636 
650 
659 
671 
677 
684 
688 
690  /* end group SharkSslCoreApi */
692 
693 #if (SHARKSSL_ENABLE_RSA || SHARKSSL_ENABLE_ECDSA)
694 
706 #if SHARKSSL_ENABLE_CERT_KEYUSAGE
707 #define SHARKSSL_CERT_KEYUSAGE_DIGITALSIGNATURE 0x00000001
708 #define SHARKSSL_CERT_KEYUSAGE_NONREPUDIATION 0x00000002
709 #define SHARKSSL_CERT_KEYUSAGE_KEYENCIPHERMENT 0x00000004
710 #define SHARKSSL_CERT_KEYUSAGE_DATAENCIPHERMENT 0x00000008
711 #define SHARKSSL_CERT_KEYUSAGE_KEYAGREEMENT 0x00000010
712 #define SHARKSSL_CERT_KEYUSAGE_KEYCERTSIGN 0x00000020
713 #define SHARKSSL_CERT_KEYUSAGE_CRLSIGN 0x00000040
714 #define SHARKSSL_CERT_KEYUSAGE_ENCIPHERONLY 0x00000080
715 #define SHARKSSL_CERT_KEYUSAGE_DECIPHERONLY 0x00000100
716 #define SHARKSSL_CERT_KEYUSAGE_PRESENT 0x00000200
717 #define SHARKSSL_CERT_KEYUSAGE_CRITICAL 0x00000400
718 
719 #define SHARKSSL_CERT_KEYPURPOSE_SERVERAUTH 0x00010000
720 #define SHARKSSL_CERT_KEYPURPOSE_CLIENTAUTH 0x00020000
721 #define SHARKSSL_CERT_KEYPURPOSE_CODESIGNING 0x00040000
722 #define SHARKSSL_CERT_KEYPURPOSE_EMAILPROTECTION 0x00080000
723 #define SHARKSSL_CERT_KEYPURPOSE_TIMESTAMPING 0x00100000
724 #define SHARKSSL_CERT_KEYPURPOSE_OCSPSIGNING 0x00200000
725 
726 #define SharkSslCertInfo_KeyFlagSet(o,f) ((o)->keyUsagePurposes & f)
727 
731 #define SharkSslCertInfo_isKeyUsagePresent(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_PRESENT)
732 #define SharkSslCertInfo_isKeyUsageCritical(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_CRITICAL)
733 #define SharkSslCertInfo_KU_digitalSignature(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_DIGITALSIGNATURE)
734 #define SharkSslCertInfo_KU_nonRepudiation(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_NONREPUDIATION)
735 #define SharkSslCertInfo_KU_keyEncipherment(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_KEYENCIPHERMENT)
736 #define SharkSslCertInfo_KU_dataEncipherment(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_DATAENCIPHERMENT)
737 #define SharkSslCertInfo_KU_keyAgreement(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_KEYAGREEMENT)
738 #define SharkSslCertInfo_KU_keyCertSign(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_KEYCERTSIGN)
739 #define SharkSslCertInfo_KU_cRLSign(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_CRLSIGN)
740 #define SharkSslCertInfo_KU_encipherOnly(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_ENCIPHERONLY)
741 #define SharkSslCertInfo_KU_decipherOnly(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYUSAGE_DECIPHERONLY)
742 
743 #define SharkSslCertInfo_kp_serverAuth(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_SERVERAUTH)
744 #define SharkSslCertInfo_kp_clientAuth(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_CLIENTAUTH)
745 #define SharkSslCertInfo_kp_codeSigning(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_CODESIGNING)
746 #define SharkSslCertInfo_kp_emailProtection(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_EMAILPROTECTION)
747 #define SharkSslCertInfo_kp_timeStamping(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_TIMESTAMPING)
748 #define SharkSslCertInfo_kp_OCSPSigning(o) SharkSslCertInfo_KeyFlagSet(o, SHARKSSL_CERT_KEYPURPOSE_OCSPSIGNING)
749 #endif
750 
751 
763 typedef struct SharkSslCertDN
764 {
765  const U8 *countryName;
766  const U8 *province;
767  const U8 *locality;
768  const U8 *organization;
769  const U8 *unit;
773  const U8 *commonName;
774  const U8 *emailAddress;
775 
776  U8 countryNameLen;
780  U8 unitLen;
784 
785 #define SharkSslCertDN_constructor(o) memset(o,0,sizeof(SharkSslCertDN))
786 
787 #define SharkSslCertDN_setCountryName(o, countryNameMA) \
788  (o)->countryName=(const U8*)countryNameMA,(o)->countryNameLen=(U8)strlen(countryNameMA)
789 #define SharkSslCertDN_setProvince(o, provinceMA) \
790  (o)->province=(const U8*)provinceMA,(o)->provinceLen=(U8)strlen(provinceMA)
791 #define SharkSslCertDN_setLocality(o, localityMA) \
792  (o)->locality=(const U8*)localityMA,(o)->localityLen=(U8)strlen(localityMA)
793 #define SharkSslCertDN_setOrganization(o, organizationMA) \
794  (o)->organization=(const U8*)organizationMA,(o)->organizationLen=(U8)strlen(organizationMA)
795 #define SharkSslCertDN_setUnit(o, unitMA) \
796  (o)->unit=(const U8*)unitMA,(o)->unitLen=(U8)strlen(unitMA)
797 #define SharkSslCertDN_setCommonName(o, commonNameMA) \
798  (o)->commonName=(const U8*)commonNameMA,(o)->commonNameLen=(U8)strlen(commonNameMA)
799 #define SharkSslCertDN_setEmailAddress(o, emailAddressMA) \
800  (o)->emailAddress=(const U8*)emailAddressMA,(o)->emailAddressLen=(U8)strlen(emailAddressMA)
801 
802 
806 typedef struct SharkSslCertInfo
807 {
809  U16 snLen;
810 
814  U8 version;
815 
819  U8 CAflag;
820 
823  U8 *sn;
824 
828  U8 *timeFrom; /* declaration of U8 timeFromLen below */
829 
834  U8 *timeTo; /* declaration of U8 timeToLen below */
835 
841 
847 
860  U16 subjectAltNamesLen;
861 
864 
867 
868  #if SHARKSSL_ENABLE_CERT_KEYUSAGE
869 
891  U32 keyUsagePurposes;
892  #endif
893 
899  /* end group SharkSslCertInfo */
901 #endif
902 
908 #ifdef __cplusplus
909 extern "C" {
910 #endif
911 
939 SHARKSSL_API void SharkSsl_constructor(
940  SharkSsl *o,
941  SharkSsl_Role role,
942  U16 cacheSize,
943  U16 inBufStartSize,
944  U16 outBufSize
945  );
946 
954 SHARKSSL_API void SharkSsl_destructor(SharkSsl *o);
955 
956 
977 
978 
994 
995 
996 #if SHARKSSL_ENABLE_SESSION_CACHE
997 
1002 SHARKSSL_API U16 SharkSsl_getCacheSize(SharkSsl *o);
1003 
1004 #define SharkSsl_setIntf(o, sharkSslIntf) (o)->intf=sharkSslIntf
1005 #define SharkSsl_getIntf(o) (o)->intf
1006 
1007 #endif
1008 
1009 
1016 #define SharkSslCon_terminate(o) SharkSsl_terminateCon(0, o)
1040 
1041 
1067 
1068 
1073 
1074 
1092 
1093 
1104 
1116 
1117 
1132 
1163 U16 SharkSslCon_copyDecData(SharkSslCon *o, U8 *buf, U16 maxLen);
1164 
1165 
1175 SHARKSSL_API U16 SharkSslCon_getDecData(SharkSslCon *o, U8 **bufPtr);
1176 
1177 
1190 
1191 
1205 
1206 
1217 
1218 
1231 
1232 
1240 
1241 
1245 
1246 
1257 
1258 
1269 
1270 
1280 #define SharkSslCon_getAlertData(o) SharkSslCon_getEncData(o)
1282 
1292 #define SharkSslCon_getAlertDataLen(o) SharkSslCon_getEncDataLen(o)
1293  /* end group SharkSslCoreApi */
1295 
1296 #if SHARKSSL_ENABLE_INFO_API
1297 
1301 
1304 #define SharkSslCon_getProtocol(o) (SHARKSSL_PROTOCOL_TLS_1_2)
1306 #endif
1307 
1308 #if SHARKSSL_ENABLE_SNI
1309 
1310 #if SHARKSSL_SSL_CLIENT_CODE
1311 
1313 SHARKSSL_API U8 SharkSslCon_setSNI(SharkSslCon *o, const char *name, U16 length);
1314 #endif
1315 
1316 #endif
1317 
1318 
1319 #if (SHARKSSL_ENABLE_RSA || SHARKSSL_ENABLE_ECDSA)
1320 #if (SHARKSSL_SSL_CLIENT_CODE && SHARKSSL_ENABLE_CLIENT_AUTH)
1321 
1325 #endif
1326 
1335 
1336 
1348 
1349 #if SHARKSSL_ENABLE_CA_LIST
1350 
1371 SHARKSSL_API U8 SharkSsl_setCAList(SharkSsl *o, SharkSslCAList caList);
1372 
1387 
1388 U8 SharkSslCon_isCAListEmpty(SharkSslCon *o);
1389 #endif /* SHARKSSL_ENABLE_CA_LIST */
1390 
1391 #if (SHARKSSL_SSL_SERVER_CODE && SHARKSSL_ENABLE_RSA)
1392 
1395 /* to be used as 'flag' param */
1396 #define SHARKSSL_SET_FAVOR_RSA 1
1397 #define SHARKSSL_CLEAR_FAVOR_RSA 0
1398 
1417 #endif /* SHARKSSL_SSL_SERVER_CODE */
1418 #endif /* SHARKSSL_ENABLE_RSA || SHARKSSL_ENABLE_ECDSA */
1419 
1424 #if SHARKSSL_ENABLE_SESSION_CACHE
1425 
1429 
1430 #if SHARKSSL_SSL_SERVER_CODE
1431 
1434 #endif
1435 
1436 #if SHARKSSL_SSL_CLIENT_CODE
1437 
1446 
1447 
1455 
1461 #endif
1462 #endif
1463  /* end group SharkSslSessionApi */
1465 
1466 #if (SHARKSSL_SSL_SERVER_CODE && SHARKSSL_ENABLE_CLIENT_AUTH && \
1467  (SHARKSSL_ENABLE_RSA || SHARKSSL_ENABLE_ECDSA))
1468 
1500  SharkSslCon *o, const void *caList);
1501 #endif
1502 
1503 #if SHARKSSL_ENABLE_ALPN_EXTENSION
1504 #if SHARKSSL_SSL_CLIENT_CODE
1505 
1521  SharkSslCon* o, const char* protList);
1522 
1536 SHARKSSL_API const char *SharkSslCon_getALPNProtocol(SharkSslCon* o);
1537 #endif
1538 #if SHARKSSL_SSL_SERVER_CODE
1539 typedef int(*ALPNFunction)(SharkSslCon*, const char*, void *);
1540 SHARKSSL_API U8 SharkSslCon_setALPNFunction(
1541  SharkSslCon *o, ALPNFunction func, void *pvoid);
1542 #endif
1543 #endif /* SHARKSSL_ENABLE_ALPN_EXTENSION */
1544 
1545 #if ((SHARKSSL_SSL_SERVER_CODE || SHARKSSL_SSL_CLIENT_CODE) && \
1546  SHARKSSL_ENABLE_SELECT_CIPHERSUITE)
1547 
1576 SHARKSSL_API U8 SharkSslCon_selectCiphersuite(SharkSslCon *o, U16 cipherSuite);
1577 
1581 #endif
1582 
1583 #if (SHARKSSL_SSL_SERVER_CODE && SHARKSSL_ENABLE_SECURE_RENEGOTIATION)
1584 
1604 #endif
1605  /* end group SharkSslApi */
1607 
1608 
1609 #if SHARKSSL_ENABLE_PEM_API
1610 
1617 typedef enum
1618 {
1621 
1624 
1627 
1630 
1633 
1636 
1639 
1642 
1645 
1648 
1651 
1654 
1657 
1660 
1663 
1666 
1669 
1672 
1676 
1677 
1707  const char *certPEM, const char *keyPEM,
1708  const char *passphrase, SharkSslCert *sharkSslCert);
1709 
1710 #if SHARKSSL_ENABLE_ENCRYPTED_PKCS8_SUPPORT
1711 
1714 SHARKSSL_API int sharkssl_PEM_PBKDF2(
1715  U8 *dk, const char *passphrase,
1716  const char *salt, U32 saltLen,
1717  U32 iterations, U16 dkLen, U8 hashID);
1718 #endif
1719  /* end group RayCryptoApi */
1721 #endif
1722 
1723 #if SHARKSSL_ENABLE_RSA
1724 
1731 #define SHARKSSL_RSA_NO_PADDING 0
1733 
1737 #define SHARKSSL_RSA_PKCS1_PADDING 1
1739 
1744 typedef enum
1745 {
1748 
1751 
1754 
1757 
1760 
1763 
1766 
1769 
1773 #endif
1774  /* end group SharkSslInfoAndCodes */
1776 
1777 #if SHARKSSL_ENABLE_RSA_API
1778 
1789 typedef U8* SharkSslRSAKey;
1790 
1791 #if SHARKSSL_ENABLE_PEM_API
1792 
1816  const char *PEMKey, const char *passphrase);
1817 
1841 SHARKSSL_API SharkSslKey
1842 sharkssl_PEM_extractPublicKey(const char *certPEM);
1843 
1844 SHARKSSL_API SharkSslKey
1845 sharkssl_PEM_extractPublicKey_ext(const char *certPEM, U8 *keyType);
1846 #endif /* SHARKSSL_ENABLE_PEM_API */
1847 
1848 #if (SHARKSSL_ENABLE_PEM_API || (SHARKSSL_ENABLE_RSA && SHARKSSL_ENABLE_RSAKEY_CREATE))
1849 
1852 SHARKSSL_API void SharkSslRSAKey_free(SharkSslRSAKey key);
1853 #define _SHARKSSLRSAKEY_FREE 1
1854 #endif
1855 
1856 #if SHARKSSL_ENABLE_RSA
1857 #if SHARKSSL_ENABLE_RSAKEY_CREATE
1858 
1879 SHARKSSL_API int SharkSslRSAKey_create(SharkSslRSAKey *privKey, U16 keyLength);
1880 
1894 SHARKSSL_API U8 *SharkSslRSAKey_getPublic(SharkSslRSAKey privKey);
1895 #endif
1896 
1901 SHARKSSL_API U16 SharkSslRSAKey_size(SharkSslRSAKey key);
1902 
1926  U16 len, U8 *in, U8 *out, SharkSslRSAKey key, U8 padding);
1927 
1928 
1947  U16 len, U8 *in, U8 *out, SharkSslRSAKey privkey, U8 padding);
1948 
1949 
1950 #if SHARKSSL_ENABLE_RSA_OAEP
1951 #if (!SHARKSSL_USE_SHA1)
1952 #error SHARKSSL_USE_SHA1 must be selected when SHARKSSL_ENABLE_RSA_OAEP is enabled
1953 #endif
1954 
1978 SHARKSSL_API sharkssl_RSA_RetVal sharkssl_RSA_private_decrypt_OAEP(
1979  U16 len, U8 *in, U8 *out, SharkSslRSAKey privkey, U8 hashID, char *label, U16 labelLen);
1980 #endif
1981 
1982 
2004  U16 len, U8 *in, U8 *out, SharkSslRSAKey privkey, U8 padding);
2005 
2006 
2028  U16 len, U8 *in, U8 *out, SharkSslRSAKey key, U8 padding);
2029 
2030 #endif
2031  /* end group RSA */
2033 #endif
2034 
2035 
2048 #if SHARKSSL_USE_ECC
2049 
2050 /*
2051  * NamedCurve, use as curveID parameter
2052  * SECPxxxR1 - RFC 4492 section 5.1.1
2053  * BRAINPOOLPxxxR1 - RFC 7027 section 2
2054  */
2055 #define SHARKSSL_EC_CURVE_ID_SECP256R1 23
2056 #define SHARKSSL_EC_CURVE_ID_SECP384R1 24
2057 #define SHARKSSL_EC_CURVE_ID_SECP521R1 25
2058 #define SHARKSSL_EC_CURVE_ID_BRAINPOOLP256R1 26
2059 #define SHARKSSL_EC_CURVE_ID_BRAINPOOLP384R1 27
2060 #define SHARKSSL_EC_CURVE_ID_BRAINPOOLP512R1 28
2061 
2062 
2069 typedef U8* SharkSslECCKey;
2070 
2071 #if SHARKSSL_ENABLE_PEM_API
2072 
2098  const char *PEMKey, const char *passphrase);
2099 
2100 
2101 #if (SHARKSSL_ENABLE_RSA || SHARKSSL_ENABLE_ECDSA)
2102 
2109 SHARKSSL_API U16 SharkSslKey_vectSize(const SharkSslKey key);
2110 #define SharkSslCert_vectSize(c) SharkSslKey_vectSize((const SharkSslCert)c)
2111 #if SHARKSSL_ENABLE_RSA
2112 #define SharkSslRSAKey_vectSize(k) SharkSslKey_vectSize(k)
2113 #endif
2114 #if SHARKSSL_ENABLE_ECDSA
2115 #define SharkSslECCKey_vectSize(k) SharkSslKey_vectSize(k)
2116 #endif
2117 #endif
2118 #endif
2119 
2120 
2121 #if SHARKSSL_ENABLE_ECCKEY_CREATE
2122 
2168 SHARKSSL_API int SharkSslECCKey_create(SharkSslECCKey *privKey, U16 curveID);
2169 #endif
2170 
2171 
2172 #if (SHARKSSL_ENABLE_PEM_API || SHARKSSL_ENABLE_ECCKEY_CREATE)
2173 
2178 SHARKSSL_API void SharkSslECCKey_free(SharkSslECCKey key);
2179 #define _SHARKSSLECCKEY_FREE 1
2180 #endif
2181 
2182 
2183 /*
2184  *-----------------------------------------------------------------------------
2185  * To free up the memory allocated by SharkSslECCKey_create and
2186  * SharkSslRSAKey_create, the following macro is provided
2187  * For instance, this function could be called after saving the key to a file
2188  *-----------------------------------------------------------------------------
2189  * key: input parameter, points to a buffer allocated by either
2190  * SharkSslECCKey_create or SharkSslRSAKey_create
2191  */
2192 #if defined(_SHARKSSLRSAKEY_FREE)
2193 #define SharkSslKey_free SharkSslRSAKey_free
2194 #elif defined (_SHARKSSLECCKEY_FREE)
2195 #define SharkSslKey_free SharkSslECCKey_free
2196 #else
2197 #define SharkSslKey_free
2198 #endif
2199 #undef _SHARKSSLRSAKEY_FREE
2200 #undef _SHARKSSLECCKEY_FREE
2201 
2202 
2208 #if SHARKSSL_ENABLE_ECDSA
2209 
2212 /* ECDSA API and also internal sharkssl_ECDSA_signASN1 */
2213 typedef enum
2214 {
2217 
2220 
2223 
2226 
2229 
2232 
2235 
2238 
2241 
2245  /* end group SharkSslInfoAndCodes */
2247 
2253 #if SHARKSSL_ENABLE_ECDSA_API
2254 #if (!SHARKSSL_ECDSA_ONLY_VERIFY)
2255 
2263 SHARKSSL_API U16 sharkssl_ECDSA_siglen(SharkSslECCKey privkey);
2264 
2288  SharkSslECCKey privkey, U8 *sig, U16 *siglen, U8 *hash, U8 hashlen);
2289 #endif
2290 
2309  SharkSslECCKey pubkey, U8 *sig, U16 siglen, U8 *hash, U8 hashlen);
2310 
2311 #endif /* SHARKSSL_ENABLE_ECDSA_API */
2312 #endif /* SHARKSSL_ENABLE_ECDSA */
2313  /* end group ECC */
2315 #endif
2316 
2317 
2318 #if (SHARKSSL_ENABLE_CA_LIST && SHARKSSL_ENABLE_CERTSTORE_API)
2319 
2325 #ifndef BA_API /* standalone SharkSSL */
2326 #define BA_API SHARKSSL_API
2327 typedef U8 BaBool;
2328 #endif
2329 #include "DoubleList.h"
2330 
2350 typedef struct SharkSslCertStore
2351 {
2352  DoubleList certList;
2353  SharkSslCAList caList;
2354  U16 elements; /* number of elements in list */
2356 
2366 
2370 
2372 #define SharkSslCertStore_release(o) SharkSslCertStore_destructor(o)
2386 SHARKSSL_API U16 SharkSslCertStore_add(
2387  SharkSslCertStore *o, const char *cert, U32 certlen);
2388 
2400  SharkSslCertStore *o, SharkSslCAList *outList);
2401  /* end group SharkSslCertApi */
2403 #endif /* SHARKSSL_ENABLE_CA_LIST && SHARKSSL_ENABLE_CERTSTORE_API */
2404 
2405 #if ((SHARKSSL_ENABLE_PEM_API) || (SHARKSSL_ENABLE_CERTSTORE_API))
2406 SHARKSSL_API U32 sharkssl_B64Decode(
2407  U8 *outStr, U32 outStrSize, const char *b64beg, const char *b64end);
2408 #endif
2409 
2410 
2411 
2412 #ifdef __cplusplus
2413 }
2414 
2415 inline SharkSsl::SharkSsl(
2416  SharkSsl_Role role, U16 cacheSize, U16 inBufStartSize, U16 outBufSize) {
2417  SharkSsl_constructor(this, role, cacheSize, inBufStartSize, outBufSize);
2418 }
2419 inline SharkSsl::~SharkSsl() {
2420  SharkSsl_destructor(this);
2421 }
2422 inline SharkSslCon *SharkSsl::createCon(void) {
2423  return SharkSsl_createCon(this);
2424 }
2425 inline void SharkSsl::terminateCon(SharkSslCon *sslCon) {
2426  SharkSsl_terminateCon(this, sslCon);
2427 }
2428 
2429 #if (SHARKSSL_ENABLE_RSA || SHARKSSL_ENABLE_ECDSA)
2430 inline U8 SharkSsl::addCertificate(SharkSslCert cert) {
2431  return SharkSsl_addCertificate(this, cert);
2432 }
2433 #if SHARKSSL_ENABLE_CA_LIST
2434 inline U8 SharkSsl::setCAList(SharkSslCAList caList) {
2435  return SharkSsl_setCAList(this, caList);
2436 }
2437 #endif /* SHARKSSL_ENABLE_CA_LIST */
2438 #endif /* SHARKSSL_ENABLE_RSA || SHARKSSL_ENABLE_ECDSA */
2439 
2440 #endif /* __cplusplus */
2441 
2442 
2443 #endif
SharkSslASN1Create_key
SHARKSSL_API int SharkSslASN1Create_key(struct SharkSslASN1Create *o, const SharkSslKey key)
Convert a SharkSslKey to ASN.1 representation.
SHARKSSL_ECDSA_OK
@ SHARKSSL_ECDSA_OK
OK.
Definition: SharkSSL.h:2216
SharkSslCon_AllocationError
@ SharkSslCon_AllocationError
The memory pool is too small.
Definition: SharkSSL.h:598
SharkSslCertStore
SharkSslCertStore is a container object used when assembling a SharkSslCAList.
Definition: SharkSSL.h:2351
SHARKSSL_PEM_OK
@ SHARKSSL_PEM_OK
OK.
Definition: SharkSSL.h:1620
SharkSslCertDN::commonNameLen
U8 commonNameLen
length in bytes of the field "unit"
Definition: SharkSSL.h:781
SHARKSSL_PEM_OK_PUBLIC
@ SHARKSSL_PEM_OK_PUBLIC
OK_PUBLIC.
Definition: SharkSSL.h:1623
SharkSslRSAKey_create
SHARKSSL_API int SharkSslRSAKey_create(SharkSslRSAKey *privKey, U16 keyLength)
SHARKSSL_PEM_KEY_WRONG_LENGTH
@ SHARKSSL_PEM_KEY_WRONG_LENGTH
KEY_WRONG_LENGTH.
Definition: SharkSSL.h:1635
SharkSslCon_getEncData
U8 * SharkSslCon_getEncData(SharkSslCon *o)
This function is used in conjunction with state SharkSslCon_Encrypted returned by function SharkSslCo...
sharkssl_PEM_extractPublicKey
SHARKSSL_API SharkSslKey sharkssl_PEM_extractPublicKey(const char *certPEM)
Extract the public key form a certificate in PEM format.
SharkSslASN1Create_CSR
SHARKSSL_API int SharkSslASN1Create_CSR(struct SharkSslASN1Create *o, SharkSslKey privKey, U8 hashID, struct SharkSslCertDN *certDN, const char *SAN, struct SharkSslBitExtReq *keyUsage, struct SharkSslBitExtReq *nsCertType)
SharkSsl_createCon
SharkSslCon * SharkSsl_createCon(SharkSsl *o)
Create a SharkSslCon object.
SharkSslCertDN
Certificate KeyUsage and ExtendedKeyUsage flags and relative pseudofunctions.
Definition: SharkSSL.h:764
SharkSslCertInfo::timeTo
U8 * timeTo
Certificate expiration date (in Time format: [YY]YYMMDDHHMMSSZ) UTCTime: 2-digit year; GeneralizedTim...
Definition: SharkSSL.h:834
SHARKSSL_PEM_KEY_UNSUPPORTED_EXPONENT_LENGTH
@ SHARKSSL_PEM_KEY_UNSUPPORTED_EXPONENT_LENGTH
KEY_UNSUPPORTED_EXPONENT_LENGTH.
Definition: SharkSSL.h:1650
SharkSslKey_vectSize
SHARKSSL_API U16 SharkSslKey_vectSize(const SharkSslKey key)
SHARKSSL_PEM_KEY_CERT_MISMATCH
@ SHARKSSL_PEM_KEY_CERT_MISMATCH
KEY_CERT_MISMATCH.
Definition: SharkSSL.h:1656
SharkSslCon_releaseSession
SHARKSSL_API U8 SharkSslCon_releaseSession(SharkSslCon *o)
experimental
SharkSslCon_trustedCA
SHARKSSL_API U8 SharkSslCon_trustedCA(SharkSslCon *o)
Returns TRUE if the certificate is valid and is signed with a root certificate trusted by SharkSSL.
SharkSslRSAKey_size
SHARKSSL_API U16 SharkSslRSAKey_size(SharkSslRSAKey key)
SharkSslRSAKey_free
SHARKSSL_API void SharkSslRSAKey_free(SharkSslRSAKey key)
Release a SharkSslRSAKey allocated by functions sharkssl_PEM_to_RSAKey and sharkssl_PEM_extractPublic...
SharkSslCon_getHandshakeDataLen
U16 SharkSslCon_getHandshakeDataLen(SharkSslCon *o)
This function is used in conjunction with state SharkSslCon_Handshake returned by function SharkSslCo...
sharkssl_RSA_public_decrypt
SHARKSSL_API sharkssl_RSA_RetVal sharkssl_RSA_public_decrypt(U16 len, U8 *in, U8 *out, SharkSslRSAKey key, U8 padding)
Bring back a message digest using the public key or private key.
SHARKSSL_PEM_KEY_UNRECOGNIZED_FORMAT
@ SHARKSSL_PEM_KEY_UNRECOGNIZED_FORMAT
KEY_UNRECOGNIZED_FORMAT.
Definition: SharkSSL.h:1641
SharkSslCertStore_assemble
SHARKSSL_API U8 SharkSslCertStore_assemble(SharkSslCertStore *o, SharkSslCAList *outList)
Assemble all certificates added by calling SharkSslCertStore_add.
SHARKSSL_PEM_KEY_PARSE_ERROR
@ SHARKSSL_PEM_KEY_PARSE_ERROR
KEY_PARSE_ERROR.
Definition: SharkSSL.h:1629
SharkSslCon_NeedMoreData
@ SharkSslCon_NeedMoreData
Returned when SharkSSL holds an incomplete SSL/TLS record or when the connection is initially establi...
Definition: SharkSSL.h:635
SharkSslCert
const U8 * SharkSslCert
The SharkSSL Certificate is in a binary format optimized for speed and size.
Definition: SharkSSL.h:298
SharkSsl_Server
@ SharkSsl_Server
Definition: SharkSSL.h:275
SharkSslSession_release
SHARKSSL_API U8 SharkSslSession_release(SharkSslSession *o, SharkSsl *s)
Release a session created by function SharkSslCon_acquireSession.
SHARKSSL_PEM_KEY_PASSPHRASE_REQUIRED
@ SHARKSSL_PEM_KEY_PASSPHRASE_REQUIRED
KEY_PASSPHRASE_REQUIRED.
Definition: SharkSSL.h:1638
SHARKSSL_ECDSA_WRONG_SIGNATURE
@ SHARKSSL_ECDSA_WRONG_SIGNATURE
WRONG SIGNATURE.
Definition: SharkSSL.h:2243
SharkSslRSAKey
U8 * SharkSslRSAKey
SharkSslRSAKey is an alias for the SharkSslCert type and is a private/public key converted by sharkss...
Definition: SharkSSL.h:1789
SharkSslCon_decrypt
SharkSslCon_RetVal SharkSslCon_decrypt(SharkSslCon *o, U16 readLen)
Decrypt the received data copied into the SharkSslCon receive buffer (the buffer returned by SharkSsl...
SharkSslCon_encrypt
SharkSslCon_RetVal SharkSslCon_encrypt(SharkSslCon *o, U8 *buf, U16 maxLen)
Encrypt the data provided by parameter 'buf' or encrypt data in the SharkSslCon send buffer.
SharkSslCertInfo::subjectAltNamesPtr
U8 * subjectAltNamesPtr
Subject Alternative Names subjectAltNamesPtr is a pointer to an ASN1 sequence, whose length is subjec...
Definition: SharkSSL.h:859
SharkSslCon_Handshake
@ SharkSslCon_Handshake
Returned when an SSL/TLS handshake message has been received or is to be sent.
Definition: SharkSSL.h:622
SHARKSSL_ECDSA_ALLOCATION_ERROR
@ SHARKSSL_ECDSA_ALLOCATION_ERROR
ALLOCATION_ERROR.
Definition: SharkSSL.h:2219
SharkSslCert_signCSR
SHARKSSL_API int SharkSslCert_signCSR(SharkSslCert *signedCSR, const U8 *csrData, int csrDataLen, const SharkSslCert caCert, const SharkSslKey privKey, const char *validFrom, const char *validTo, SharkCertSerialNumber serialNumber, U8 hashID)
SHARKSSL_PEM_ALLOCATION_ERROR
@ SHARKSSL_PEM_ALLOCATION_ERROR
ALLOCATION_ERROR.
Definition: SharkSSL.h:1626
SHARKSSL_PEM_KEY_PRIVATE_KEY_REQUIRED
@ SHARKSSL_PEM_KEY_PRIVATE_KEY_REQUIRED
A PRIVATE KEY IS REQUIRED.
Definition: SharkSSL.h:1671
SharkSslCertInfo
The peer's certificate information returned by SharkSslCon_getCertInfo.
Definition: SharkSSL.h:807
SharkSslCon_encryptMore
U8 SharkSslCon_encryptMore(SharkSslCon *o)
This function is used in conjunction with state SharkSslCon_Encrypted returned by function SharkSslCo...
SharkSslCertInfo::sn
U8 * sn
Binary serial number.
Definition: SharkSSL.h:823
SharkSslRSAKey_getPublic
SHARKSSL_API U8 * SharkSslRSAKey_getPublic(SharkSslRSAKey privKey)
SharkSsl_Client
@ SharkSsl_Client
Definition: SharkSSL.h:276
SHARKSSL_ECDSA_WRONG_KEY_FORMAT
@ SHARKSSL_ECDSA_WRONG_KEY_FORMAT
WRONG_KEY_FORMAT.
Definition: SharkSSL.h:2228
SharkSslCon_acquireSession
SHARKSSL_API SharkSslSession * SharkSslCon_acquireSession(SharkSslCon *o)
Request a SharkSslSession object from the client's session pool.
SharkSslCon_renegotiate
SHARKSSL_API U8 SharkSslCon_renegotiate(SharkSslCon *o)
This function enables you to renegotiate an already established SSL/TLS connection.
SHARKSSL_PEM_KEY_UNSUPPORTED_ENCRYPTION_TYPE
@ SHARKSSL_PEM_KEY_UNSUPPORTED_ENCRYPTION_TYPE
KEY_UNSUPPORTED_ENCRYPTION_TYPE.
Definition: SharkSSL.h:1653
SharkSslKey
U8 * SharkSslKey
The SharkSslKey type.
Definition: SharkSSL.h:290
SHARKSSL_PEM_INTERNAL_ERROR
@ SHARKSSL_PEM_INTERNAL_ERROR
INTERNAL ERROR.
Definition: SharkSSL.h:1674
SharkSslCon
struct SharkSslCon SharkSslCon
SharkSslCon is an opaque handle returned by function SharkSsl_createCon.
Definition: SharkSSL.h:534
SHARKSSL_ECDSA_KEY_NOT_PRIVATE
@ SHARKSSL_ECDSA_KEY_NOT_PRIVATE
KEY_IS_NOT_PRIVATE.
Definition: SharkSSL.h:2231
sharkssl_RSA_private_decrypt
SHARKSSL_API sharkssl_RSA_RetVal sharkssl_RSA_private_decrypt(U16 len, U8 *in, U8 *out, SharkSslRSAKey privkey, U8 padding)
Decrypt ciphertext using the private key.
SharkSslCon_Certificate
@ SharkSslCon_Certificate
Returned by function SharkSslCon_encrypt if SHARKSSL_ENABLE_CLONE_CERTINFO is disabled and when a com...
Definition: SharkSSL.h:683
SharkSsl_constructor
SHARKSSL_API void SharkSsl_constructor(SharkSsl *o, SharkSsl_Role role, U16 cacheSize, U16 inBufStartSize, U16 outBufSize)
A SharkSsl object is the coordinator for managing SharkSslCon objects.
sharkssl_ECDSA_verify_hash
SHARKSSL_API sharkssl_ECDSA_RetVal sharkssl_ECDSA_verify_hash(SharkSslECCKey pubkey, U8 *sig, U16 siglen, U8 *hash, U8 hashlen)
Verify a message using the ECC public key and a hash algorithm.
SharkSslCon_decryptMore
U8 SharkSslCon_decryptMore(SharkSslCon *o)
This function is used in conjunction with state SharkSslCon_Decrypted returned by function SharkSslCo...
sharkssl_PEM_to_RSAKey
SHARKSSL_API SharkSslRSAKey sharkssl_PEM_to_RSAKey(const char *PEMKey, const char *passphrase)
Convert an RSA private or public key in PEM format to the SharkSslRSAKey format.
SharkSslCon_Encrypted
@ SharkSslCon_Encrypted
SharkSSL has successfully decrypted a chunk of data.
Definition: SharkSSL.h:670
sharkssl_PEM_RetVal
sharkssl_PEM_RetVal
Return values from function sharkssl_PEM.
Definition: SharkSSL.h:1618
SharkSsl_addCertificate
SHARKSSL_API U8 SharkSsl_addCertificate(SharkSsl *o, SharkSslCert cert)
Add a certificate to the SharkSsl object.
SharkSslCon_CertificateError
@ SharkSslCon_CertificateError
Unrecognized format of a provided certificate.
Definition: SharkSSL.h:687
SharkSslCertDN::organization
const U8 * organization
Organization Name (company or department)
Definition: SharkSSL.h:768
SharkSslSession_getLatestAccessTime
SHARKSSL_API U32 SharkSslSession_getLatestAccessTime(SharkSslSession *o)
Returns the last time the session was accessed.
sharkssl_PEM_to_ECCKey
SHARKSSL_API SharkSslECCKey sharkssl_PEM_to_ECCKey(const char *PEMKey, const char *passphrase)
SharkSslCertDN::provinceLen
U8 provinceLen
length in bytes of the field "country"
Definition: SharkSSL.h:777
SHARKSSL_PEM_KEY_UNSUPPORTED_MODULUS_LENGTH
@ SHARKSSL_PEM_KEY_UNSUPPORTED_MODULUS_LENGTH
KEY_UNSUPPORTED_MODULUS_LENGTH.
Definition: SharkSSL.h:1647
SharkSslCertDN::countryName
const U8 * countryName
ISO3166 country code.
Definition: SharkSSL.h:765
SharkSslECCKey_create
SHARKSSL_API int SharkSslECCKey_create(SharkSslECCKey *privKey, U16 curveID)
SharkSslCon_resumeSession
SHARKSSL_API U8 SharkSslCon_resumeSession(SharkSslCon *o, SharkSslSession *s)
Resume an existing session.
SharkSsl
struct SharkSsl SharkSsl
A SharkSsl object is the coordinator for managing SharkSslCon objects (See SharkSsl_constructor for d...
SharkSslCertInfo::CAflag
U8 CAflag
The Certificate Authority flag (CA) is set to one if the certificate is a CA i.e.
Definition: SharkSSL.h:819
SHARKSSL_ECDSA_INTERNAL_ERROR
@ SHARKSSL_ECDSA_INTERNAL_ERROR
INTERNAL_ERROR.
Definition: SharkSSL.h:2222
SharkSslBitExtReq
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/nss_tech_notes/nss_tech_note3 http://to...
Definition: SharkSslASN1.h:238
SHARKSSL_RSA_WRONG_KEY_FORMAT
@ SHARKSSL_RSA_WRONG_KEY_FORMAT
WRONG_KEY_FORMAT.
Definition: SharkSSL.h:1759
SharkSslCon_selectCiphersuite
SHARKSSL_API U8 SharkSslCon_selectCiphersuite(SharkSslCon *o, U16 cipherSuite)
This function enables you to limit the number of ciphers at runtime.
SHARKSSL_RSA_INPUT_DATA_LENGTH_AND_KEY_LENGTH_MISMATCH
@ SHARKSSL_RSA_INPUT_DATA_LENGTH_AND_KEY_LENGTH_MISMATCH
INPUT_DATA_LENGTH_AND_KEY_LENGTH_MISMATCH.
Definition: SharkSSL.h:1768
SharkSsl_Role
SharkSsl_Role
Select one of client or server mode when creating a SharkSsl object.
Definition: SharkSSL.h:273
SharkSslCertStore
struct SharkSslCertStore SharkSslCertStore
SharkSslCertStore is a container object used when assembling a SharkSslCAList.
SHARKSSL_ECDSA_KEY_NOT_PUBLIC
@ SHARKSSL_ECDSA_KEY_NOT_PUBLIC
KEY_IS_NOT_PUBLIC.
Definition: SharkSSL.h:2234
sharkssl_ECDSA_RetVal
sharkssl_ECDSA_RetVal
Return values from functions sharkssl_ECDSA_sign_hash, sharkssl_ECDSA_verify_hash.
Definition: SharkSSL.h:2214
baGetUnixTime
U32 baGetUnixTime(void)
Platform dependent function returning seconds since Jan 1 1970.
SharkSslCertInfo
struct SharkSslCertInfo SharkSslCertInfo
The peer's certificate information returned by SharkSslCon_getCertInfo.
SharkSslCertInfo::snLen
U16 snLen
Length of 'sn' (serial number)
Definition: SharkSSL.h:809
SharkSslCertDN::unitLen
U8 unitLen
length in bytes of the field "organization"
Definition: SharkSSL.h:780
SHARKSSL_RSA_WRONG_KEY_LENGTH
@ SHARKSSL_RSA_WRONG_KEY_LENGTH
WRONG_KEY_LENGTH.
Definition: SharkSSL.h:1762
SharkSslCertDN::emailAddressLen
U8 emailAddressLen
length in bytes of the field "common name"
Definition: SharkSSL.h:782
SharkSslCertStore_constructor
SHARKSSL_API void SharkSslCertStore_constructor(SharkSslCertStore *o)
Initialize a SharkSslCertStore object.
SharkSsl_getCacheSize
SHARKSSL_API U16 SharkSsl_getCacheSize(SharkSsl *o)
Returns the SharkSsl session cache size.
SharkSslECCKey_free
SHARKSSL_API void SharkSslECCKey_free(SharkSslECCKey key)
SharkSslCon_AlertSend
@ SharkSslCon_AlertSend
Returned when an SSL/TLS alert message must be sent to the peer side.
Definition: SharkSSL.h:649
SharkSslCon_getCiphersuite
SHARKSSL_API U16 SharkSslCon_getCiphersuite(SharkSslCon *o)
Returns the active session's chiper suite.
SharkSslCertInfo::timeFrom
U8 * timeFrom
Certificate is valid from date (in Time format: [YY]YYMMDDHHMMSSZ) UTCTime: 2-digit year; Generalized...
Definition: SharkSSL.h:828
SHARKSSL_RSA_INTERNAL_ERROR
@ SHARKSSL_RSA_INTERNAL_ERROR
INTERNAL_ERROR.
Definition: SharkSSL.h:1753
SharkSslCon_requestClientCert
SHARKSSL_API U8 SharkSslCon_requestClientCert(SharkSslCon *o, const void *caList)
This function is used by server solutions that require client SSL certificate authentication.
SHARKSSL_PEM_KEY_REQUIRED
@ SHARKSSL_PEM_KEY_REQUIRED
KEY_REQUIRED.
Definition: SharkSSL.h:1668
SharkSslCon_getDecData
SHARKSSL_API U16 SharkSslCon_getDecData(SharkSslCon *o, U8 **bufPtr)
Get a pointer to the decoded data.
SharkSslCon_getHandshakeData
U8 * SharkSslCon_getHandshakeData(SharkSslCon *o)
This function is used in conjunction with state SharkSslCon_Handshake returned by function SharkSslCo...
sharkssl_ECDSA_siglen
SHARKSSL_API U16 sharkssl_ECDSA_siglen(SharkSslECCKey privkey)
Returns the maximum length (in bytes) of a DER-encoded ECDSA signature generated with the private key...
SharkSslCertDN::unit
const U8 * unit
Organizational Unit (OU: department or organization unit)
Definition: SharkSSL.h:769
SharkSslCon_isHandshakeComplete
U8 SharkSslCon_isHandshakeComplete(SharkSslCon *o)
Returns TRUE if the SSL handshake phase is completed.
SharkSslCertDN::province
const U8 * province
State or Province.
Definition: SharkSSL.h:766
SHARKSSL_PEM_KEY_WRONG_IV
@ SHARKSSL_PEM_KEY_WRONG_IV
KEY_WRONG_IV.
Definition: SharkSSL.h:1632
SharkSslCon_getALPNProtocol
SHARKSSL_API const char * SharkSslCon_getALPNProtocol(SharkSslCon *o)
This function is used by client solutions to return the application layer protocol selected by the se...
SHARKSSL_PEM_CERT_UNRECOGNIZED_FORMAT
@ SHARKSSL_PEM_CERT_UNRECOGNIZED_FORMAT
CERT_UNRECOGNIZED_FORMAT.
Definition: SharkSSL.h:1659
SharkSslECCKey
U8 * SharkSslECCKey
Definition: SharkSSL.h:2069
sharkssl_PEM
SHARKSSL_API sharkssl_PEM_RetVal sharkssl_PEM(const char *certPEM, const char *keyPEM, const char *passphrase, SharkSslCert *sharkSslCert)
Create a SharkSslCert certificate by using a certificate and key in PEM format.
SharkSslCon_getAlertDescription
U8 SharkSslCon_getAlertDescription(SharkSslCon *o)
This function is used in conjunction with state SharkSslCon_AlertSend returned by function SharkSslCo...
SharkSslCon_getEncBufPtr
U8 * SharkSslCon_getEncBufPtr(SharkSslCon *o)
This function is used in conjunction with SharkSslCon_encrypt when using the zero copy send API.
SharkSslCon_getEncBufSize
U16 SharkSslCon_getEncBufSize(SharkSslCon *o)
Returns the length of the buffer returned by SharkSslCon_getEncBufPtr.
sharkssl_ECDSA_sign_hash
SHARKSSL_API sharkssl_ECDSA_RetVal sharkssl_ECDSA_sign_hash(SharkSslECCKey privkey, U8 *sig, U16 *siglen, U8 *hash, U8 hashlen)
Generate the signature using the ECC private key and a hash.
SharkSslCertInfo::timeFromLen
U8 timeFromLen
Length of 'timeFrom'.
Definition: SharkSSL.h:863
SHARKSSL_ECDSA_VERIFICATION_FAIL
@ SHARKSSL_ECDSA_VERIFICATION_FAIL
VERIFICATION_FAIL.
Definition: SharkSSL.h:2240
SHARKSSL_RSA_ALLOCATION_ERROR
@ SHARKSSL_RSA_ALLOCATION_ERROR
ALLOCATION_ERROR.
Definition: SharkSSL.h:1750
SharkSslCon_favorRSA
U8 SharkSslCon_favorRSA(SharkSslCon *o, U8 flag)
A SharkSSL server can have multiple certificates, such as RSA certificates with various strengths,...
SHARKSSL_RSA_PKCS1_PADDING_ERROR
@ SHARKSSL_RSA_PKCS1_PADDING_ERROR
PKCS1_PADDING_ERROR.
Definition: SharkSSL.h:1771
SharkSsl_destructor
SHARKSSL_API void SharkSsl_destructor(SharkSsl *o)
Close the SharkSsl object.
SHARKSSL_RSA_WRONG_PARAMETERS
@ SHARKSSL_RSA_WRONG_PARAMETERS
WRONG_PARAMETERS.
Definition: SharkSSL.h:1756
SharkSslCon_getBuf
U8 * SharkSslCon_getBuf(SharkSslCon *o)
Returns a pointer to the SharkSslCon input/receive buffer.
SharkSslCertDN
struct SharkSslCertDN SharkSslCertDN
Certificate KeyUsage and ExtendedKeyUsage flags and relative pseudofunctions.
SharkSslCert_len
SHARKSSL_API U16 SharkSslCert_len(SharkSslCert cert)
SharkSslCertInfo::parent
struct SharkSslCertInfo * parent
Pointer to parent node when the SharkSslCertInfo object is part of a certificate chain.
Definition: SharkSSL.h:897
SharkSslCon_getEncDataLen
U16 SharkSslCon_getEncDataLen(SharkSslCon *o)
This function is used in conjunction with state SharkSslCon_Encrypted returned by function SharkSslCo...
sharkssl_RSA_public_encrypt
SHARKSSL_API sharkssl_RSA_RetVal sharkssl_RSA_public_encrypt(U16 len, U8 *in, U8 *out, SharkSslRSAKey key, U8 padding)
Encrypt data using the public key or private key.
SHARKSSL_ECDSA_SIGLEN_TOO_SMALL
@ SHARKSSL_ECDSA_SIGLEN_TOO_SMALL
SIGLEN_TOO_SMALL.
Definition: SharkSSL.h:2237
SharkSsl_terminateCon
void SharkSsl_terminateCon(const SharkSsl *o, SharkSslCon *con)
Terminate a SharkSslCon object created by function SharkSsl_createCon.
SharkSslCertInfo::issuer
SharkSslCertDN issuer
The entity who has signed and issued the certificate (RFC2459 4.1.2.4)
Definition: SharkSSL.h:840
SharkSslCertDN::organizationLen
U8 organizationLen
length in bytes of the field "locality"
Definition: SharkSSL.h:779
SharkSslCon_copyDecData
U16 SharkSslCon_copyDecData(SharkSslCon *o, U8 *buf, U16 maxLen)
Copy decoded data to 'buf'.
SharkSslCon_Error
@ SharkSslCon_Error
Indicates general errors, including configuration errors.
Definition: SharkSSL.h:594
SHARKSSL_PEM_KEY_UNSUPPORTED_FORMAT
@ SHARKSSL_PEM_KEY_UNSUPPORTED_FORMAT
KEY_UNSUPPORTED_FORMAT.
Definition: SharkSSL.h:1644
SharkSslCertInfo::subject
SharkSslCertDN subject
The entity associated with the public key (RFC2459 4.1.2.6).
Definition: SharkSSL.h:846
SHARKSSL_PEM_CERT_UNSUPPORTED_TYPE
@ SHARKSSL_PEM_CERT_UNSUPPORTED_TYPE
CERT_UNSUPPORTED_TYPE.
Definition: SharkSSL.h:1662
SharkSslCertDN::locality
const U8 * locality
The city or town name.
Definition: SharkSSL.h:767
SharkSslCon_getBufLen
U16 SharkSslCon_getBufLen(SharkSslCon *o)
Returns the length of the SharkSslCon input buffer.
SharkSslCon_Decrypted
@ SharkSslCon_Decrypted
Returned when a block of received data has been successfully decrypted.
Definition: SharkSSL.h:609
SharkSslSession
struct SharkSslSession SharkSslSession
SharkSslSession is an opaque handle returned by function SharkSslCon_acquireSession.
Definition: SharkSSL.h:246
SharkSslCertInfo::version
U8 version
Certificate version is offset at 0 so add +1 for actual version number.
Definition: SharkSSL.h:814
SharkSsl
A SharkSsl object is the coordinator for managing SharkSslCon objects (See SharkSsl_constructor for d...
Definition: SharkSSL.h:542
SharkSslCon_setSNI
SHARKSSL_API U8 SharkSslCon_setSNI(SharkSslCon *o, const char *name, U16 length)
set Server Name Indication for TLS client connections
SharkSslCon_HandshakeNotComplete
@ SharkSslCon_HandshakeNotComplete
An error condition returned by function SharkSslCon_encrypt if the SSL handshake is not completed.
Definition: SharkSSL.h:676
sharkssl_RSA_RetVal
sharkssl_RSA_RetVal
Return values from functions sharkssl_RSA_public_encrypt, sharkssl_RSA_private_decrypt,...
Definition: SharkSSL.h:1745
SharkSslCertInfo::timeToLen
U8 timeToLen
Length of 'timeTo'.
Definition: SharkSSL.h:866
SharkSsl_Unspecified
@ SharkSsl_Unspecified
Definition: SharkSSL.h:274
sharkssl_RSA_private_encrypt
SHARKSSL_API sharkssl_RSA_RetVal sharkssl_RSA_private_encrypt(U16 len, U8 *in, U8 *out, SharkSslRSAKey privkey, U8 padding)
Sign a message digest using the private key.
SharkSslCertStore_add
SHARKSSL_API U16 SharkSslCertStore_add(SharkSslCertStore *o, const char *cert, U32 certlen)
add a certificate in PEM or p7b format to the CA store.
SharkSslCon_getAlertLevel
U8 SharkSslCon_getAlertLevel(SharkSslCon *o)
This function is used in conjunction with state SharkSslCon_AlertSend returned by function SharkSslCo...
SharkSslCon_certificateRequested
U8 SharkSslCon_certificateRequested(SharkSslCon *o)
Returns TRUE if the server requested a certificate from the client to verify that the client's identi...
SharkSsl_setCAList
SHARKSSL_API U8 SharkSsl_setCAList(SharkSsl *o, SharkSslCAList caList)
Set a Certificate Authority (CA) list so the SharkSSL object can permform certificate validation on t...
SharkSslCertStore_destructor
SHARKSSL_API void SharkSslCertStore_destructor(SharkSslCertStore *o)
Cleanup all memory used by the SharkSslCAList object.
SharkSslCertDN::localityLen
U8 localityLen
length in bytes of the field "province"
Definition: SharkSSL.h:778
SHARKSSL_RSA_OK
@ SHARKSSL_RSA_OK
OK.
Definition: SharkSSL.h:1747
SharkSslCAList
const U8 * SharkSslCAList
The SharkSSL Certificate Authority (CA) List is in a binary format optimized for speed and size.
Definition: SharkSSL.h:486
SHARKSSL_ECDSA_WRONG_PARAMETERS
@ SHARKSSL_ECDSA_WRONG_PARAMETERS
WRONG_PARAMETERS.
Definition: SharkSSL.h:2225
SharkSslCon_getCertInfo
SHARKSSL_API SharkSslCertInfo * SharkSslCon_getCertInfo(SharkSslCon *o)
Returns the peer's certificate if the handshaking has completed.
SharkSslCertDN::commonName
const U8 * commonName
Common Name is the Host + Domain Name (example: www.mycompany.com, where www is host and mycompany....
Definition: SharkSSL.h:773
SharkSslCon_RetVal
SharkSslCon_RetVal
The SharkSslCon_decrypt and SharkSslCon_encrypt return values.
Definition: SharkSSL.h:591
SHARKSSL_PEM_KEY_UNSUPPORTED_VERSION
@ SHARKSSL_PEM_KEY_UNSUPPORTED_VERSION
KEY_UNSUPPORTED_VERSION.
Definition: SharkSSL.h:1665
SHARKSSL_RSA_INPUT_DATA_LENGTH_TOO_BIG
@ SHARKSSL_RSA_INPUT_DATA_LENGTH_TOO_BIG
INPUT_DATA_LENGTH_TOO_BIG.
Definition: SharkSSL.h:1765
SharkSslASN1Create
Opaque object used when creating ASN.1 encoded data.
Definition: SharkSslASN1.h:227
SharkSslCon_clearCiphersuiteSelection
SHARKSSL_API U8 SharkSslCon_clearCiphersuiteSelection(SharkSslCon *o)
Clears the selection, thus enabling all ciphers.
SharkSslCon_setALPNProtocols
SHARKSSL_API U8 SharkSslCon_setALPNProtocols(SharkSslCon *o, const char *protList)
This function is used by client solutions to specify a list of application layer protocols according ...
SharkSslCon_AlertRecv
@ SharkSslCon_AlertRecv
SharkSSL received an SSL/TLS alert message from the peer, which means that the peer either failed to ...
Definition: SharkSSL.h:658