diff options
| author | Paul Bakker <p.j.bakker@polarssl.org> | 2012-04-11 12:09:53 +0000 |
|---|---|---|
| committer | Paul Bakker <p.j.bakker@polarssl.org> | 2012-04-11 12:09:53 +0000 |
| commit | 1ef83d66dd5a94a1b1985fd3e1706367e587e892 (patch) | |
| tree | f6816e7f4d92ce8f07646574f8e9f69ca1b15a5a /include/polarssl/ssl.h | |
| parent | 570267f01a8131dd397482c792dd385714d1371b (diff) | |
| download | mbedtls-1ef83d66dd5a94a1b1985fd3e1706367e587e892.zip mbedtls-1ef83d66dd5a94a1b1985fd3e1706367e587e892.tar.gz mbedtls-1ef83d66dd5a94a1b1985fd3e1706367e587e892.tar.bz2 | |
- Initial bare version of TLS 1.2
Diffstat (limited to 'include/polarssl/ssl.h')
| -rw-r--r-- | include/polarssl/ssl.h | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index bd2c939..69e7a06 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -34,6 +34,7 @@ #include "rsa.h" #include "md5.h" #include "sha1.h" +#include "sha2.h" #include "x509.h" #include "config.h" @@ -90,6 +91,7 @@ #define SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */ #define SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ #define SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ +#define SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ #define SSL_IS_CLIENT 0 #define SSL_IS_SERVER 1 @@ -131,6 +133,19 @@ #define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88 /* + * Supported Signature and Hash algorithms (For TLS 1.2) + */ +#define SSL_HASH_NONE 0 +#define SSL_HASH_MD5 1 +#define SSL_HASH_SHA1 2 +#define SSL_HASH_SHA224 3 +#define SSL_HASH_SHA256 4 +#define SSL_HASH_SHA384 5 +#define SSL_HASH_SHA512 6 + +#define SSL_SIG_RSA 1 + +/* * Message, alert and handshake types */ #define SSL_MSG_CHANGE_CIPHER_SPEC 20 @@ -310,6 +325,12 @@ struct _ssl_context dhm_context dhm_ctx; /*!< DHM key exchange */ md5_context fin_md5; /*!< Finished MD5 checksum */ sha1_context fin_sha1; /*!< Finished SHA-1 checksum */ + sha2_context fin_sha2; /*!< Finished SHA-256 checksum */ + + void (*calc_finished)(ssl_context *, unsigned char *, int); + int (*tls_prf)(unsigned char *, size_t, char *, + unsigned char *, size_t, + unsigned char *, size_t); int do_crypt; /*!< en(de)cryption flag */ int *ciphersuites; /*!< allowed ciphersuites */ @@ -578,7 +599,8 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname ); * \param ssl SSL context * \param major Major version number (only SSL_MAJOR_VERSION_3 supported) * \param minor Minor version number (SSL_MINOR_VERSION_0, - * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2 supported) + * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2, + * SSL_MINOR_VERSION_3 supported) */ void ssl_set_max_version( ssl_context *ssl, int major, int minor ); |