libtase2  2.4.0
TASE.2/ICCP Protocol Source Code Library for C/C++
Loading...
Searching...
No Matches
Macros | Typedefs | Enumerations | Functions
tls_config.h File Reference

TLS API functions. More...

#include "hal_base.h"
#include "tls_ciphers.h"

Go to the source code of this file.

Macros

#define TLS_EVENT_CODE_ALM_ALGO_NOT_SUPPORTED   1
 
#define TLS_EVENT_CODE_ALM_UNSECURE_COMMUNICATION   2
 
#define TLS_EVENT_CODE_ALM_CERT_UNAVAILABLE   3
 
#define TLS_EVENT_CODE_ALM_BAD_CERT   4
 
#define TLS_EVENT_CODE_ALM_CERT_SIZE_EXCEEDED   5
 
#define TLS_EVENT_CODE_ALM_CERT_VALIDATION_FAILED   6
 
#define TLS_EVENT_CODE_ALM_CERT_REQUIRED   7
 
#define TLS_EVENT_CODE_ALM_HANDSHAKE_FAILED_UNKNOWN_REASON   8
 
#define TLS_EVENT_CODE_WRN_INSECURE_TLS_VERSION   9
 
#define TLS_EVENT_CODE_INF_SESSION_RENEGOTIATION   10
 
#define TLS_EVENT_CODE_ALM_CERT_EXPIRED   11
 
#define TLS_EVENT_CODE_ALM_CERT_REVOKED   12
 
#define TLS_EVENT_CODE_ALM_CERT_NOT_CONFIGURED   13
 
#define TLS_EVENT_CODE_ALM_CERT_NOT_TRUSTED   14
 
#define TLS_EVENT_CODE_ALM_NO_CIPHER   15
 
#define TLS_EVENT_CODE_INF_SESSION_ESTABLISHED   16
 

Typedefs

typedef struct sTLSConfiguration * TLSConfiguration
 
typedef struct sTLSConnection * TLSConnection
 
typedef void(* TLSConfiguration_EventHandler) (void *parameter, TLSEventLevel eventLevel, int eventCode, const char *message, TLSConnection con)
 

Enumerations

enum  TLSConfigVersion {
  TLS_VERSION_NOT_SELECTED = 0 , TLS_VERSION_SSL_3_0 = 3 , TLS_VERSION_TLS_1_0 = 4 , TLS_VERSION_TLS_1_1 = 5 ,
  TLS_VERSION_TLS_1_2 = 6 , TLS_VERSION_TLS_1_3 = 7
}
 
enum  TLSEventLevel { TLS_SEC_EVT_INFO = 0 , TLS_SEC_EVT_WARNING = 1 , TLS_SEC_EVT_INCIDENT = 2 }
 

Functions

PAL_API TLSConfiguration TLSConfiguration_create (void)
 Create a new TLSConfiguration object to represent TLS configuration and certificates and set owner count to 1.
 
PAL_API TLSConfiguration TLSConfiguration_claimOwnership (TLSConfiguration self)
 Increase the owner count.
 
PAL_API void TLSConfiguration_setClientMode (TLSConfiguration self)
 
PAL_API const char * TLSConfigVersion_toString (TLSConfigVersion version)
 Convert TLS version number to string.
 
PAL_API char * TLSConnection_getPeerAddress (TLSConnection self, char *peerAddrBuf)
 Get the peer address of the TLS connection.
 
PAL_API uint8_t * TLSConnection_getPeerCertificate (TLSConnection self, int *certSize)
 Get the TLS certificate used by the peer.
 
PAL_API TLSConfigVersion TLSConnection_getTLSVersion (TLSConnection self)
 Get the TLS version used by the connection.
 
PAL_API void TLSConfiguration_setEventHandler (TLSConfiguration self, TLSConfiguration_EventHandler handler, void *parameter)
 Set the security event handler.
 
PAL_API void TLSConfiguration_enableSessionResumption (TLSConfiguration self, bool enable)
 enable or disable TLS session resumption (default: enabled)
 
PAL_API void TLSConfiguration_setSessionResumptionInterval (TLSConfiguration self, int intervalInSeconds)
 Set the maximum life time of a cached TLS session for session resumption in seconds.
 
PAL_API void TLSConfiguration_setChainValidation (TLSConfiguration self, bool value)
 Enables the validation of the certificate trust chain (enabled by default)
 
PAL_API void TLSConfiguration_setAllowOnlyKnownCertificates (TLSConfiguration self, bool value)
 Set if only known certificates are accepted.
 
PAL_API bool TLSConfiguration_setOwnCertificate (TLSConfiguration self, uint8_t *certificate, int certLen)
 Set own certificate (identity) from a byte buffer.
 
PAL_API bool TLSConfiguration_setOwnCertificateFromFile (TLSConfiguration self, const char *filename)
 Set own certificate (identity) from a certificate file.
 
PAL_API bool TLSConfiguration_setOwnKey (TLSConfiguration self, uint8_t *key, int keyLen, const char *keyPassword)
 Set the own private key from a byte buffer.
 
PAL_API bool TLSConfiguration_setOwnKeyFromFile (TLSConfiguration self, const char *filename, const char *keyPassword)
 Set the own private key from a key file.
 
PAL_API bool TLSConfiguration_addAllowedCertificate (TLSConfiguration self, uint8_t *certificate, int certLen)
 
PAL_API bool TLSConfiguration_addAllowedCertificateFromFile (TLSConfiguration self, const char *filename)
 Add a certificate to the list of allowed peer certificates.
 
PAL_API bool TLSConfiguration_addCACertificate (TLSConfiguration self, uint8_t *certificate, int certLen)
 Add a CA certificate used to validate peer certificates from a byte buffer.
 
PAL_API bool TLSConfiguration_addCACertificateFromFile (TLSConfiguration self, const char *filename)
 Add a CA certificate used to validate peer certificates from a file.
 
PAL_API void TLSConfiguration_setRenegotiationTime (TLSConfiguration self, int timeInMs)
 Set the renegotiation timeout.
 
PAL_API void TLSConfiguration_setMinTlsVersion (TLSConfiguration self, TLSConfigVersion version)
 Set minimal allowed TLS version to use.
 
PAL_API void TLSConfiguration_setMaxTlsVersion (TLSConfiguration self, TLSConfigVersion version)
 Set maximal allowed TLS version to use.
 
PAL_API bool TLSConfiguration_addCRL (TLSConfiguration self, uint8_t *crl, int crlLen)
 Add a CRL (certificate revocation list) from buffer.
 
PAL_API bool TLSConfiguration_addCRLFromFile (TLSConfiguration self, const char *filename)
 Add a CRL (certificate revocation list) from a file.
 
PAL_API void TLSConfiguration_resetCRL (TLSConfiguration self)
 Removes any CRL (certificate revocation list) currently in use.
 
PAL_API void TLSConfiguration_addCipherSuite (TLSConfiguration self, int ciphersuite)
 Add an allowed ciphersuite to the list of allowed ciphersuites.
 
PAL_API void TLSConfiguration_clearCipherSuiteList (TLSConfiguration self)
 Clear the list of allowed ciphersuites.
 
PAL_API void TLSConfiguration_destroy (TLSConfiguration self)
 Release all resource allocated by the TLSConfiguration instance or decrease owner count.
 

Detailed Description

TLS API functions.

Generated on Thu Apr 3 2025 22:44:08 for libtase2 by   doxygen 1.12.0