 |
TrustCore SDK NanoSSL API reference
version 7.0
|
|
TrustCore SDK NanoSSL API reference
version 7.0
|
Configuration settings and callback function pointers for NanoSSL SSL/TLS clients and NanoDTLS DTLS clients. More...
Data Fields | |
| intBoolean | allowDSASigAlg |
| Enable or disable DSA signature algorithms. More... | |
| intBoolean | allowSha1SigAlg |
| Enable or disable SHA-1 for TLS 1.2 signature algorithms. More... | |
| sbyte4(* | funcPtrAlertCallback )(sbyte4 connectionInstance, sbyte4 alertId, sbyte4 alertClass) |
| Do application-specific work required when the alert is received. More... | |
| sbyte4(* | funcPtrCertStatusCallback )(sbyte4 connectionInstance, intBoolean certStatus) |
| sbyte4(* | funcPtrChooseECCCurve )(sbyte4 connectionInstance, ubyte2 cipherSuiteID, const enum tlsExtNamedCurves *pECCCurvesList, ubyte4 eccCurvesListLength, enum tlsExtNamedCurves *selectedCurve) |
| Specify the curve to use for this ECDHE or ECDH_ANON cipher suite. More... | |
| sbyte4(* | funcPtrChoosePSK )(sbyte4 connectionInstance, ubyte *pHintPSK, ubyte4 hintLength, ubyte retPskIdentity[SSL_PSK_SERVER_IDENTITY_LENGTH], ubyte4 *pRetPskIdentity, ubyte retPSK[SSL_PSK_MAX_LENGTH], ubyte4 *pRetLengthPSK) |
| Retrieve (based on the provided hint) the chosen PSK, its identifying name, and their lengths. More... | |
| sbyte4(* | funcPtrClientOpenStateUpcall )(sbyte4 connectionInstance, sbyte4 isRehandshake) |
| Indicate that a secure asynchronous session has been established between peers. More... | |
| void(* | funcPtrClientReceiveUpcall )(sbyte4 connectionInstance, ubyte *pMesg, ubyte4 mesgLen) |
| Retrieve data received from a server. More... | |
| sbyte4(* | funcPtrClientRehandshakeRequest )(sbyte4 connectionInstance) |
| Indicate time for SSL-rehandshake; applicable to clients and servers. More... | |
| void(* | funcPtrClientStartTimer )(sbyte4 connectionInstance, ubyte4 msTimerExpire, sbyte4 future) |
| Start a timer for timeout notifications. More... | |
| sbyte4(* | funcPtrExtensionApprovedCallback )(sbyte4 connectionInstance, ubyte4 extensionType, ubyte *pApproveExt, ubyte4 approveExtLength) |
| sbyte4(* | funcPtrExtensionRequestCallback )(sbyte4 connectionInstance, ubyte4 extensionType, ubyte *pExtension, ubyte4 extensionLength) |
| sbyte4(* | funcPtrGetHintPSK )(sbyte4 connectionInstance, ubyte hintPSK[SSL_PSK_SERVER_IDENTITY_LENGTH], ubyte4 *pRetHintLength) |
| Retrieve a server's preferred PSK. More... | |
| sbyte4(* | funcPtrInnerAppCallback )(sbyte4 connectionInstance, ubyte *data, ubyte4 dataLen) |
| sbyte4(* | funcPtrKeyUpdateRequest )(sbyte4 connectionInstance) |
| Application defined function pointer called to update the keys. More... | |
| sbyte4(* | funcPtrLookupPSK )(sbyte4 connectionInstance, ubyte *pIdentityPSK, ubyte4 identityLengthPSK, ubyte retPSK[SSL_PSK_MAX_LENGTH], ubyte4 *pRetLengthPSK) |
| Retrieve a (based on the provided PSK's name/identity) the preferred PSK. More... | |
| sbyte4(* | funcPtrLookupPSKParams )(sbyte4 connectionInstance, ubyte *pIdentityPSK, ubyte4 identityLengthPSK, ubyte **pPsk, ubyte4 *pPskLen, intBoolean *pFreeMemory) |
| Retrieve a (based on the provided PSK's name/identity) the preferred PSK params. More... | |
| sbyte4(* | funcPtrMutualAuthCertificateVerify )(sbyte4 connectionInstance, const ubyte *hash, ubyte4 hashLen, ubyte *result, ubyte4 resultLength) |
| Compute the signature for a certificate verify message sent for client authentication. More... | |
| sbyte4(* | funcPtrNewHandshakeCallback )(sbyte4 connectionInstance, sbyte4 *pRetDoRehandshake, sbyte4 *pRetDoSessionResumption) |
| Determine whether to grant or ignore a client or server rehandshake request. More... | |
| sbyte4(* | funcPtrOpenStateUpcall )(sbyte4 connectionInstance, sbyte4 isRehandshake) |
| Indicate successful asynchronous session establishment. More... | |
| sbyte4(* | funcPtrPACOpaqueCallback )(sbyte4 connectionInstance, ubyte *pPACOpaque, ubyte4 pacOpaqueLen, ubyte pacKey[]) |
| void(* | funcPtrReceiveUpcall )(sbyte4 connectionInstance, ubyte *pMesg, ubyte4 mesgLen) |
| Decrypt and return data received through a connection context. More... | |
| sbyte4(* | funcPtrServerDeletePSK )(sbyte4 connectionInstance, sbyte *pServerName, ubyte4 serverNameLen, ubyte *pIdentityPSK, ubyte4 identityLengthPSK, ubyte *pPskParams) |
| Save server's preferred PSK. More... | |
| sbyte4(* | funcPtrServerSavePSK )(sbyte4 connectionInstance, ubyte *pServerName, ubyte4 serverNameLen, ubyte *pIdentityPSK, ubyte4 identityLengthPSK, ubyte *pPsk, ubyte4 pskLen) |
| Save server's preferred PSK. More... | |
| sbyte4(* | funcPtrSingleCertStatusCallback )(sbyte4 connectionInstance, const ubyte *pCert, ubyte4 certLen, ubyte *pOcspResp, ubyte4 ocspRespLen, sbyte4 ocspStatus) |
| sbyte4(* | funcPtrSRPCallback )(sbyte4 connectionInstance, const ubyte *identity, ubyte4 identityLength, sbyte4 *numBits, ubyte salt[SSL_PSK_SERVER_IDENTITY_LENGTH], ubyte4 *saltLength, ubyte **verifier, ubyte4 *verifierLength) |
| Specify the SRP parameters for the given identity. More... | |
| sbyte4(* | funcPtrSrtpEncodeCallback )(sbyte4 connectionInstance, peerDescr *pChannelDescr, const sbyte *pData, ubyte4 pDataLength, ubyte **encodedData, ubyte4 *encodedLength) |
| Apply SRTP profile to an RTP packet. More... | |
| sbyte4(* | funcPtrSrtpInitCallback )(sbyte4 connectionInstance, peerDescr *pChannelDescr, const SrtpProfileInfo *pProfile, void *keyMaterials, ubyte *mki) |
| Initialize SRTP cryptographic context. More... | |
| sbyte4(* | funcPtrSSLHandleTimeout )(sbyte4 connectionInstance, ubyte4 *msAdjustedTime) |
| Handle the SSL timeout. More... | |
| sbyte4(* | funcPtrSSLReceiveApplicationDataCallback )(sbyte4 connectoinInstance, ubyte *pData, ubyte4 dataLen, dataState state) |
| void(* | funcPtrStartTimer )(sbyte4 connectionInstance, ubyte4 msTimerExpire, sbyte4 future) |
| Start a timer to use for timeout notifications. More... | |
| ubyte4 | gLen |
| ubyte | helloCookieSecret [2][SSL_SHA512_FINGER_PRINT_SIZE] |
| Internal use only. More... | |
| ubyte4 | helloCookieSecretLastGenTime |
| Internal use only. More... | |
| ubyte4 | helloCookieSecretLen [2] |
| Internal use only. More... | |
| ubyte | helloCookieVersion |
| Internal use only. More... | |
| hwAccelDescr | hwAccelCookie |
| Internal use only. More... | |
| ubyte | isFIPSEnabled |
| ubyte4 | lengthY |
| sbyte4 | maxByteCount |
| Max number of bytes sent. More... | |
| sbyte4 | maxTimerCountForRehandShake |
| Max timer count for rehandshake. More... | |
| ubyte4 | minDHKeySize |
| Minimum DH Key Size allowed. More... | |
| ubyte4 | minRSAKeySize |
| Minimum RSA Key Size allowed. More... | |
| ubyte4 | numClientCANames |
| SizedBuffer * | pClientCANameList |
| ubyte * | pDHG |
| ubyte * | pDHP |
| ubyte4 | pLen |
| ubyte4 | recvEarlyDataSize |
| ubyte4 | sslListenPort |
| Port number for the connection context. More... | |
| ubyte4 | sslMaxProtoVersion |
| ubyte4 | sslMinProtoVersion |
| ubyte4 | sslTimeOutConnectTimedWait |
| Number of seconds to wait for connection timeout. More... | |
| ubyte4 | sslTimeOutHello |
Number of seconds to wait for a Hello message. More... | |
| ubyte4 | sslTimeOutReceive |
Number of seconds to wait for a Receive message. More... | |
This structure is used for NanoSSL and NanoDTLS client configuration.
Which products and features you've included (by defining the appropriate flags in moptions.h) determine which data fields and callback functions are present in this structure. Each included callback function should be customized for your application and then registered by assigning it to the appropriate structure function pointer(s).
To use this structure, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_SSL_CLIENT__ __ENABLE_MOCANA_SSL_ASYNC_CLIENT_API__ __ENABLE_MOCANA_SSL_SERVER__ __ENABLE_MOCANA_SSL_ASYNC_SERVER_API__ | intBoolean sslSettings::allowDSASigAlg |
Enable or disable DSA signature algorithms.
| intBoolean sslSettings::allowSha1SigAlg |
Enable or disable SHA-1 for TLS 1.2 signature algorithms.
| sbyte4(* sslSettings::funcPtrSSLHandleTimeout) (sbyte4 connectionInstance, ubyte4 *msAdjustedTime) |
This callback incerease the timeout for SSL timer
| connectionInstance | Connection instance returned from SSL_ASYNC_acceptConnection(). |
| msTime | Pointer to adjusted timeout value. |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| ubyte sslSettings::helloCookieSecret |
Internal use only.
| ubyte4 sslSettings::helloCookieSecretLastGenTime |
Internal use only.
| ubyte4 sslSettings::helloCookieSecretLen[2] |
Internal use only.
| ubyte sslSettings::helloCookieVersion |
Internal use only.
| hwAccelDescr sslSettings::hwAccelCookie |
Internal use only.
| sbyte4 sslSettings::maxByteCount |
Max number of bytes sent.
| sbyte4 sslSettings::maxTimerCountForRehandShake |
Max timer count for rehandshake.
| ubyte4 sslSettings::minDHKeySize |
Minimum DH Key Size allowed
| ubyte4 sslSettings::minRSAKeySize |
Minimum RSA Key Size allowed
| ubyte4 sslSettings::sslListenPort |
Port number for the connection context. This field is defined only if the __ENABLE_MOCANA_SSL_SERVER__ flag is defined in moptions.h.
| ubyte4 sslSettings::sslTimeOutConnectTimedWait |
Number of seconds to wait for connection timeout. This field is defined only if the __ENABLE_MOCANA_SSL_SERVER__ and __ENABLE_MOCANA_DTLS_SERVER__ flags are defined in moptions.h.
| ubyte4 sslSettings::sslTimeOutHello |
Number of seconds to wait for a Hello message.
| ubyte4 sslSettings::sslTimeOutReceive |
Number of seconds to wait for a Receive message.