Mbed TLS v3.6.2
Loading...
Searching...
No Matches
mbedtls_ssl_context Struct Reference

#include <ssl.h>

Collaboration diagram for mbedtls_ssl_context:

Data Fields

const mbedtls_ssl_configprivate_conf
 
int private_state
 
int private_renego_status
 
int private_renego_records_seen
 
mbedtls_ssl_protocol_version private_tls_version
 
unsigned private_badmac_seen
 
int(* private_f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *)
 
void * private_p_vrfy
 
mbedtls_ssl_send_tprivate_f_send
 
mbedtls_ssl_recv_tprivate_f_recv
 
mbedtls_ssl_recv_timeout_tprivate_f_recv_timeout
 
void * private_p_bio
 
mbedtls_ssl_sessionprivate_session_in
 
mbedtls_ssl_sessionprivate_session_out
 
mbedtls_ssl_sessionprivate_session
 
mbedtls_ssl_sessionprivate_session_negotiate
 
mbedtls_ssl_handshake_paramsprivate_handshake
 
mbedtls_ssl_transformprivate_transform_in
 
mbedtls_ssl_transformprivate_transform_out
 
mbedtls_ssl_transformprivate_transform
 
mbedtls_ssl_transformprivate_transform_negotiate
 
mbedtls_ssl_transformprivate_transform_application
 
void * private_p_timer
 
mbedtls_ssl_set_timer_tprivate_f_set_timer
 
mbedtls_ssl_get_timer_tprivate_f_get_timer
 
unsigned char * private_in_buf
 
unsigned char * private_in_ctr
 
unsigned char * private_in_hdr
 
unsigned char * private_in_cid
 
unsigned char * private_in_len
 
unsigned char * private_in_iv
 
unsigned char * private_in_msg
 
unsigned char * private_in_offt
 
int private_in_msgtype
 
size_t private_in_msglen
 
size_t private_in_left
 
uint16_t private_in_epoch
 
size_t private_next_record_offset
 
uint64_t private_in_window_top
 
uint64_t private_in_window
 
size_t private_in_hslen
 
int private_nb_zero
 
int private_keep_current_message
 
unsigned char private_send_alert
 
unsigned char private_alert_type
 
int private_alert_reason
 
uint8_t private_disable_datagram_packing
 
unsigned char * private_out_buf
 
unsigned char * private_out_ctr
 
unsigned char * private_out_hdr
 
unsigned char * private_out_cid
 
unsigned char * private_out_len
 
unsigned char * private_out_iv
 
unsigned char * private_out_msg
 
int private_out_msgtype
 
size_t private_out_msglen
 
size_t private_out_left
 
unsigned char private_cur_out_ctr [MBEDTLS_SSL_SEQUENCE_NUMBER_LEN]
 
uint16_t private_mtu
 
char * private_hostname
 
const char * private_alpn_chosen
 
unsigned char * private_cli_id
 
size_t private_cli_id_len
 
int private_secure_renegotiation
 
size_t private_verify_data_len
 
char private_own_verify_data [MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]
 
char private_peer_verify_data [MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]
 
unsigned char private_own_cid [MBEDTLS_SSL_CID_IN_LEN_MAX]
 
uint8_t private_own_cid_len
 
uint8_t private_negotiate_cid
 
mbedtls_ssl_export_keys_tprivate_f_export_keys
 
void * private_p_export_keys
 
mbedtls_ssl_user_data_t private_user_data
 

Detailed Description

Definition at line 1687 of file ssl.h.

Field Documentation

◆ private_alert_reason

int mbedtls_ssl_context::private_alert_reason

The error code to be returned to the user once the fatal alert has been sent.

Definition at line 1834 of file ssl.h.

◆ private_alert_type

unsigned char mbedtls_ssl_context::private_alert_type

Type of alert if send_alert != 0

Definition at line 1832 of file ssl.h.

◆ private_alpn_chosen

const char* mbedtls_ssl_context::private_alpn_chosen

negotiated protocol

Definition at line 1892 of file ssl.h.

◆ private_badmac_seen

unsigned mbedtls_ssl_context::private_badmac_seen

records with a bad MAC received

Definition at line 1727 of file ssl.h.

◆ private_cli_id

unsigned char* mbedtls_ssl_context::private_cli_id

transport-level ID of the client

Definition at line 1906 of file ssl.h.

◆ private_cli_id_len

size_t mbedtls_ssl_context::private_cli_id_len

length of cli_id

Definition at line 1907 of file ssl.h.

◆ private_conf

const mbedtls_ssl_config* mbedtls_ssl_context::private_conf

configuration information

Definition at line 1688 of file ssl.h.

◆ private_cur_out_ctr

unsigned char mbedtls_ssl_context::private_cur_out_ctr[MBEDTLS_SSL_SEQUENCE_NUMBER_LEN]

Outgoing record sequence number.

Definition at line 1877 of file ssl.h.

◆ private_disable_datagram_packing

uint8_t mbedtls_ssl_context::private_disable_datagram_packing

Disable packing multiple records within a single datagram.

Definition at line 1839 of file ssl.h.

◆ private_f_export_keys

mbedtls_ssl_export_keys_t* mbedtls_ssl_context::private_f_export_keys

Callback to export key block and master secret

Definition at line 1938 of file ssl.h.

◆ private_f_get_timer

mbedtls_ssl_get_timer_t* mbedtls_ssl_context::private_f_get_timer

get timer callback

Definition at line 1783 of file ssl.h.

◆ private_f_recv

mbedtls_ssl_recv_t* mbedtls_ssl_context::private_f_recv

Callback for network receive

Definition at line 1736 of file ssl.h.

◆ private_f_recv_timeout

mbedtls_ssl_recv_timeout_t* mbedtls_ssl_context::private_f_recv_timeout

Callback for network receive with timeout

Definition at line 1737 of file ssl.h.

◆ private_f_send

mbedtls_ssl_send_t* mbedtls_ssl_context::private_f_send

Callback for network send

Definition at line 1735 of file ssl.h.

◆ private_f_set_timer

mbedtls_ssl_set_timer_t* mbedtls_ssl_context::private_f_set_timer

set timer callback

Definition at line 1782 of file ssl.h.

◆ private_f_vrfy

int(* mbedtls_ssl_context::private_f_vrfy) (void *, mbedtls_x509_crt *, int, uint32_t *)

Callback to customize X.509 certificate chain verification

Definition at line 1731 of file ssl.h.

◆ private_handshake

mbedtls_ssl_handshake_params* mbedtls_ssl_context::private_handshake

params required only during the handshake process

Definition at line 1750 of file ssl.h.

◆ private_hostname

char* mbedtls_ssl_context::private_hostname

expected peer CN for verification (and SNI if available)

Definition at line 1887 of file ssl.h.

◆ private_in_buf

unsigned char* mbedtls_ssl_context::private_in_buf

input buffer

Definition at line 1788 of file ssl.h.

◆ private_in_cid

unsigned char* mbedtls_ssl_context::private_in_cid

The start of the CID; (the end is marked by in_len).

Definition at line 1794 of file ssl.h.

◆ private_in_ctr

unsigned char* mbedtls_ssl_context::private_in_ctr

64-bit incoming message counter TLS: maintained by us DTLS: read from peer

Definition at line 1789 of file ssl.h.

◆ private_in_epoch

uint16_t mbedtls_ssl_context::private_in_epoch

DTLS epoch for incoming records

Definition at line 1809 of file ssl.h.

◆ private_in_hdr

unsigned char* mbedtls_ssl_context::private_in_hdr

start of record header

Definition at line 1792 of file ssl.h.

◆ private_in_hslen

size_t mbedtls_ssl_context::private_in_hslen

current handshake message length, including the handshake header

Definition at line 1818 of file ssl.h.

◆ private_in_iv

unsigned char* mbedtls_ssl_context::private_in_iv

ivlen-byte IV

Definition at line 1798 of file ssl.h.

◆ private_in_left

size_t mbedtls_ssl_context::private_in_left

amount of data read so far

Definition at line 1804 of file ssl.h.

◆ private_in_len

unsigned char* mbedtls_ssl_context::private_in_len

two-bytes message length field

Definition at line 1797 of file ssl.h.

◆ private_in_msg

unsigned char* mbedtls_ssl_context::private_in_msg

message contents (in_iv+ivlen)

Definition at line 1799 of file ssl.h.

◆ private_in_msglen

size_t mbedtls_ssl_context::private_in_msglen

record header: message length

Definition at line 1803 of file ssl.h.

◆ private_in_msgtype

int mbedtls_ssl_context::private_in_msgtype

record header: message type

Definition at line 1802 of file ssl.h.

◆ private_in_offt

unsigned char* mbedtls_ssl_context::private_in_offt

read offset in application data

Definition at line 1800 of file ssl.h.

◆ private_in_window

uint64_t mbedtls_ssl_context::private_in_window

bitmask for replay detection

Definition at line 1815 of file ssl.h.

◆ private_in_window_top

uint64_t mbedtls_ssl_context::private_in_window_top

last validated record seq_num

Definition at line 1814 of file ssl.h.

◆ private_keep_current_message

int mbedtls_ssl_context::private_keep_current_message

drop or reuse current message on next call to record layer?

Definition at line 1822 of file ssl.h.

◆ private_mtu

uint16_t mbedtls_ssl_context::private_mtu

path mtu, used to fragment outgoing messages

Definition at line 1880 of file ssl.h.

◆ private_nb_zero

int mbedtls_ssl_context::private_nb_zero

of 0-length encrypted messages

Definition at line 1820 of file ssl.h.

◆ private_negotiate_cid

uint8_t mbedtls_ssl_context::private_negotiate_cid

This indicates whether the CID extension should be negotiated in the next handshake or not. Possible values are MBEDTLS_SSL_CID_ENABLED and MBEDTLS_SSL_CID_DISABLED.

Definition at line 1931 of file ssl.h.

◆ private_next_record_offset

size_t mbedtls_ssl_context::private_next_record_offset

offset of the next record in datagram (equal to in_left if none)

Definition at line 1810 of file ssl.h.

◆ private_out_buf

unsigned char* mbedtls_ssl_context::private_out_buf

output buffer

Definition at line 1859 of file ssl.h.

◆ private_out_cid

unsigned char* mbedtls_ssl_context::private_out_cid

The start of the CID; (the end is marked by in_len).

Definition at line 1863 of file ssl.h.

◆ private_out_ctr

unsigned char* mbedtls_ssl_context::private_out_ctr

64-bit outgoing message counter

Definition at line 1860 of file ssl.h.

◆ private_out_hdr

unsigned char* mbedtls_ssl_context::private_out_hdr

start of record header

Definition at line 1861 of file ssl.h.

◆ private_out_iv

unsigned char* mbedtls_ssl_context::private_out_iv

ivlen-byte IV

Definition at line 1867 of file ssl.h.

◆ private_out_left

size_t mbedtls_ssl_context::private_out_left

amount of data not yet written

Definition at line 1872 of file ssl.h.

◆ private_out_len

unsigned char* mbedtls_ssl_context::private_out_len

two-bytes message length field

Definition at line 1866 of file ssl.h.

◆ private_out_msg

unsigned char* mbedtls_ssl_context::private_out_msg

message contents (out_iv+ivlen)

Definition at line 1868 of file ssl.h.

◆ private_out_msglen

size_t mbedtls_ssl_context::private_out_msglen

record header: message length

Definition at line 1871 of file ssl.h.

◆ private_out_msgtype

int mbedtls_ssl_context::private_out_msgtype

record header: message type

Definition at line 1870 of file ssl.h.

◆ private_own_cid

unsigned char mbedtls_ssl_context::private_own_cid[MBEDTLS_SSL_CID_IN_LEN_MAX]

The next incoming CID, chosen by the user and applying to all subsequent handshakes. This may be different from the CID currently used in case the user has re-configured the CID after an initial handshake.

Definition at line 1929 of file ssl.h.

◆ private_own_cid_len

uint8_t mbedtls_ssl_context::private_own_cid_len

The length of own_cid.

Definition at line 1930 of file ssl.h.

◆ private_own_verify_data

char mbedtls_ssl_context::private_own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]

previous handshake verify data

Definition at line 1918 of file ssl.h.

◆ private_p_bio

void* mbedtls_ssl_context::private_p_bio

context for I/O operations

Definition at line 1740 of file ssl.h.

◆ private_p_export_keys

void* mbedtls_ssl_context::private_p_export_keys

context for key export callback

Definition at line 1939 of file ssl.h.

◆ private_p_timer

void* mbedtls_ssl_context::private_p_timer

context for the timer callbacks

Definition at line 1780 of file ssl.h.

◆ private_p_vrfy

void* mbedtls_ssl_context::private_p_vrfy

context for X.509 verify callback

Definition at line 1732 of file ssl.h.

◆ private_peer_verify_data

char mbedtls_ssl_context::private_peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]

previous handshake verify data

Definition at line 1919 of file ssl.h.

◆ private_renego_records_seen

int mbedtls_ssl_context::private_renego_records_seen

Records since renego request, or with DTLS, number of retransmissions of request if renego_max_records is < 0

Definition at line 1696 of file ssl.h.

◆ private_renego_status

int mbedtls_ssl_context::private_renego_status

Initial, in progress, pending?

Definition at line 1695 of file ssl.h.

◆ private_secure_renegotiation

int mbedtls_ssl_context::private_secure_renegotiation

does peer support legacy or secure renegotiation

Definition at line 1914 of file ssl.h.

◆ private_send_alert

unsigned char mbedtls_ssl_context::private_send_alert

Determines if a fatal alert should be sent. Values:

  • 0 , no alert is to be sent.
  • 1 , alert is to be sent.

Definition at line 1828 of file ssl.h.

◆ private_session

mbedtls_ssl_session* mbedtls_ssl_context::private_session

negotiated session data

Definition at line 1747 of file ssl.h.

◆ private_session_in

mbedtls_ssl_session* mbedtls_ssl_context::private_session_in

current session data (in)

Definition at line 1745 of file ssl.h.

◆ private_session_negotiate

mbedtls_ssl_session* mbedtls_ssl_context::private_session_negotiate

session data in negotiation

Definition at line 1748 of file ssl.h.

◆ private_session_out

mbedtls_ssl_session* mbedtls_ssl_context::private_session_out

current session data (out)

Definition at line 1746 of file ssl.h.

◆ private_state

int mbedtls_ssl_context::private_state

SSL handshake: current state

Definition at line 1693 of file ssl.h.

◆ private_tls_version

mbedtls_ssl_protocol_version mbedtls_ssl_context::private_tls_version

Maximum TLS version to be negotiated, then negotiated TLS version.

It is initialized as the configured maximum TLS version to be negotiated by mbedtls_ssl_setup().

When renegotiating or resuming a session, it is overwritten in the ClientHello writing preparation stage with the previously negotiated TLS version.

On client side, it is updated to the TLS version selected by the server for the handshake when the ServerHello is received.

On server side, it is updated to the TLS version the server selects for the handshake when the ClientHello is received.

Definition at line 1717 of file ssl.h.

◆ private_transform

mbedtls_ssl_transform* mbedtls_ssl_context::private_transform

negotiated transform params This pointer owns the transform it references.

Definition at line 1762 of file ssl.h.

◆ private_transform_application

mbedtls_ssl_transform* mbedtls_ssl_context::private_transform_application

The application data transform in TLS 1.3. This pointer owns the transform it references.

Definition at line 1774 of file ssl.h.

◆ private_transform_in

mbedtls_ssl_transform* mbedtls_ssl_context::private_transform_in

current transform params (in) This is always a reference, never an owning pointer.

Definition at line 1756 of file ssl.h.

◆ private_transform_negotiate

mbedtls_ssl_transform* mbedtls_ssl_context::private_transform_negotiate

transform params in negotiation This pointer owns the transform it references.

Definition at line 1766 of file ssl.h.

◆ private_transform_out

mbedtls_ssl_transform* mbedtls_ssl_context::private_transform_out

current transform params (out) This is always a reference, never an owning pointer.

Definition at line 1759 of file ssl.h.

◆ private_user_data

mbedtls_ssl_user_data_t mbedtls_ssl_context::private_user_data

User data pointer or handle.

The library sets this to 0 when creating a context and does not access it afterwards.

Warning
Serializing and restoring an SSL context with mbedtls_ssl_context_save() and mbedtls_ssl_context_load() does not currently restore the user data.

Definition at line 1950 of file ssl.h.

◆ private_verify_data_len

size_t mbedtls_ssl_context::private_verify_data_len

length of verify data stored

Definition at line 1917 of file ssl.h.


The documentation for this struct was generated from the following file: