SharkSSL™ Embedded SSL/TLS Stack
SharkSsl info and status

Detailed Description

SharkSsl information classes and return values.

Modules

 SSL/TLS Alert Codes
 Alert messages are generated by SharkSSL or the peer side on errors.
 
 Supported Ciphersuites
 Supported Ciphersuites and values returned by SharkSslCon_getCiphersuite.
 
 SSL and TLS protocol version
 Return values from function SharkSslCon_getProtocol.
 
 Peer's certificate information
 Certificate information returned by SharkSslCon_getCertInfo.
 

Data Structures

struct  SharkSsl
 A SharkSsl object is the coordinator for managing SharkSslCon objects (See SharkSsl_constructor for details). More...
 

Macros

#define SHARKSSL_RSA_NO_PADDING   0
 SHARKSSL_RSA_NO_PADDING for raw RSA encryption (insecure).
 
#define SHARKSSL_RSA_PKCS1_PADDING   1
 SHARKSSL_RSA_PKCS1_PADDING for PKCS #1 v1.5.
 

Typedefs

typedef U8 * SharkSslKey
 The SharkSslKey type.
 
typedef const U8 * SharkSslCert
 The SharkSSL Certificate is in a binary format optimized for speed and size. More...
 
typedef const U8 * SharkSslCAList
 The SharkSSL Certificate Authority (CA) List is in a binary format optimized for speed and size. More...
 
typedef struct SharkSslCon SharkSslCon
 SharkSslCon is an opaque handle returned by function SharkSsl_createCon. More...
 
typedef struct SharkSsl SharkSsl
 A SharkSsl object is the coordinator for managing SharkSslCon objects (See SharkSsl_constructor for details).
 

Enumerations

enum  SharkSsl_Role { SharkSsl_Unspecified , SharkSsl_Server , SharkSsl_Client }
 Select one of client or server mode when creating a SharkSsl object. More...
 
enum  sharkssl_RSA_RetVal {
  SHARKSSL_RSA_OK = 0 , SHARKSSL_RSA_ALLOCATION_ERROR = -3000 , SHARKSSL_RSA_INTERNAL_ERROR = -3100 , SHARKSSL_RSA_WRONG_PARAMETERS ,
  SHARKSSL_RSA_WRONG_KEY_FORMAT , SHARKSSL_RSA_WRONG_KEY_LENGTH , SHARKSSL_RSA_INPUT_DATA_LENGTH_TOO_BIG , SHARKSSL_RSA_INPUT_DATA_LENGTH_AND_KEY_LENGTH_MISMATCH ,
  SHARKSSL_RSA_PKCS1_PADDING_ERROR
}
 Return values from functions sharkssl_RSA_public_encrypt, sharkssl_RSA_private_decrypt, sharkssl_RSA_public_decrypt, sharkssl_RSA_private_encrypt. More...
 
enum  sharkssl_ECDSA_RetVal {
  SHARKSSL_ECDSA_OK = 0 , SHARKSSL_ECDSA_ALLOCATION_ERROR = -3200 , SHARKSSL_ECDSA_INTERNAL_ERROR = -3300 , SHARKSSL_ECDSA_WRONG_PARAMETERS ,
  SHARKSSL_ECDSA_WRONG_KEY_FORMAT , SHARKSSL_ECDSA_KEY_NOT_PRIVATE , SHARKSSL_ECDSA_KEY_NOT_PUBLIC , SHARKSSL_ECDSA_SIGLEN_TOO_SMALL ,
  SHARKSSL_ECDSA_VERIFICATION_FAIL , SHARKSSL_ECDSA_WRONG_SIGNATURE
}
 Return values from functions sharkssl_ECDSA_sign_hash, sharkssl_ECDSA_verify_hash. More...
 
enum  SharkSslConTrust {
  SharkSslConTrust_NotSSL =10 , SharkSslConTrust_None , SharkSslConTrust_Cert , SharkSslConTrust_Cn ,
  SharkSslConTrust_CertCn , SharkSslConTrust_CertCnDate
}
 SharkSslCon_trusted return values More...
 

Functions

U32 baGetUnixTime (void)
 Platform dependent function returning seconds since Jan 1 1970.
 
SHARKSSL_API int SharkSslASN1Create_key (struct SharkSslASN1Create *o, const SharkSslKey key)
 Convert a SharkSslKey to ASN.1 representation. More...
 

Typedef Documentation

◆ SharkSslCAList

typedef const U8* SharkSslCAList

The SharkSSL Certificate Authority (CA) List is in a binary format optimized for speed and size.

The list can be created by calling SharkSslCertStore_assemble or by using the command line tool SharkSSLParseCAList.

◆ SharkSslCert

typedef const U8* SharkSslCert

The SharkSSL Certificate is in a binary format optimized for speed and size.

The certificate can be created by calling sharkssl_PEM or by using the command line tool SharkSslParseCert

◆ SharkSslCon

typedef struct SharkSslCon SharkSslCon

SharkSslCon is an opaque handle returned by function SharkSsl_createCon.

The lifetime of a SharkSslCon object is as follows:

See also
SharkSsl

Enumeration Type Documentation

◆ sharkssl_ECDSA_RetVal

Return values from functions sharkssl_ECDSA_sign_hash, sharkssl_ECDSA_verify_hash.

Enumerator
SHARKSSL_ECDSA_OK 

OK.

SHARKSSL_ECDSA_ALLOCATION_ERROR 

ALLOCATION_ERROR.

SHARKSSL_ECDSA_INTERNAL_ERROR 

INTERNAL_ERROR.

SHARKSSL_ECDSA_WRONG_PARAMETERS 

WRONG_PARAMETERS.

SHARKSSL_ECDSA_WRONG_KEY_FORMAT 

WRONG_KEY_FORMAT.

SHARKSSL_ECDSA_KEY_NOT_PRIVATE 

KEY_IS_NOT_PRIVATE.

SHARKSSL_ECDSA_KEY_NOT_PUBLIC 

KEY_IS_NOT_PUBLIC.

SHARKSSL_ECDSA_SIGLEN_TOO_SMALL 

SIGLEN_TOO_SMALL.

SHARKSSL_ECDSA_VERIFICATION_FAIL 

VERIFICATION_FAIL.

SHARKSSL_ECDSA_WRONG_SIGNATURE 

WRONG SIGNATURE.

◆ SharkSsl_Role

Select one of client or server mode when creating a SharkSsl object.

Note: A SharkSsl instance in server mode requires that you install at a minimum one certificate by calling function SharkSsl_addCertificate.

Enumerator
SharkSsl_Unspecified 

Invalid value

SharkSsl_Server 

Select SSL server mode

SharkSsl_Client 

Select SSL client mode

◆ sharkssl_RSA_RetVal

Return values from functions sharkssl_RSA_public_encrypt, sharkssl_RSA_private_decrypt, sharkssl_RSA_public_decrypt, sharkssl_RSA_private_encrypt.

Enumerator
SHARKSSL_RSA_OK 

OK.

SHARKSSL_RSA_ALLOCATION_ERROR 

ALLOCATION_ERROR.

SHARKSSL_RSA_INTERNAL_ERROR 

INTERNAL_ERROR.

SHARKSSL_RSA_WRONG_PARAMETERS 

WRONG_PARAMETERS.

SHARKSSL_RSA_WRONG_KEY_FORMAT 

WRONG_KEY_FORMAT.

SHARKSSL_RSA_WRONG_KEY_LENGTH 

WRONG_KEY_LENGTH.

SHARKSSL_RSA_INPUT_DATA_LENGTH_TOO_BIG 

INPUT_DATA_LENGTH_TOO_BIG.

SHARKSSL_RSA_INPUT_DATA_LENGTH_AND_KEY_LENGTH_MISMATCH 

INPUT_DATA_LENGTH_AND_KEY_LENGTH_MISMATCH.

SHARKSSL_RSA_PKCS1_PADDING_ERROR 

PKCS1_PADDING_ERROR.

◆ SharkSslConTrust

SharkSslCon_trusted return values

Enumerator
SharkSslConTrust_NotSSL 

Not a secure connection (SSL handshake not completed).

SharkSslConTrust_None 

The SSL certificate is not trusted and the subject's common name does not matches the host name of the URL.

SharkSslConTrust_Cert 

Domain mismatch: The SSL certificate is trusted but the subject's common name does not matches the host name of the URL.

SharkSslConTrust_Cn 

The subject's common name matches the host name of the URL, but the certificate is not trusted.

This is typical for expired certificates.

SharkSslConTrust_CertCn 

The peer's SSL certificate is trusted and the subject's common name matches the host name of the URL.

SharkSslConTrust_CertCnDate 

This value is returned instead of SharkSslConTrust_CertCn when a certificate is trusted and the SharkSSL code is compiled with SHARKSSL_CHECK_DATE=1.

This mode also checks the certificate's 'from' and 'to' dates with the time returned by baGetUnixTime. The certificate and all intermediates are checked, except for the root certificate. Unfortunately, many root certifies are expired and must simply be accepted.

Function Documentation

◆ SharkSslASN1Create_key()

SHARKSSL_API int SharkSslASN1Create_key ( struct SharkSslASN1Create o,
const SharkSslKey  key 
)

Convert a SharkSslKey to ASN.1 representation.

See the example file CSR.c for how to use this function.

Parameters
othe ASN.1 instance
keya valid SharkSslKey
Returns
zero on success, otherwise a negative value is returned.