tls

Transport Layer Security purely in OCaml
Library tls
val answer_server_hello : State.handshake_state -> Core.client_hello -> Core.server_hello -> (Core.group * [< `Finite_field of Mirage_crypto_pk.Dh.secret | `P256 of Mirage_crypto_ec.P256.Dh.secret | `P384 of Mirage_crypto_ec.P384.Dh.secret | `P521 of Mirage_crypto_ec.P521.Dh.secret | `X25519 of Mirage_crypto_ec.X25519.secret ]) list -> Cstruct.t -> Cstruct.t -> ( State.handshake_state * [> `Change_dec of State.crypto_context | `Change_enc of State.crypto_context ] list, [> `Fatal of [> `BadECDH of Mirage_crypto_ec.error | `HandshakeFragmentsNotEmpty | `InvalidDH | `InvalidServerHello ] ] ) result
val answer_hello_retry_request : State.handshake_state -> Core.client_hello -> Core.hello_retry -> 'a -> Mirage_crypto.Hash.digest -> Cstruct.t -> ( State.handshake_state * [> `Record of Packet.content_type * Cstruct.t ] list, [> `Fatal of [> `InvalidMessage ] ] ) result
val answer_encrypted_extensions : State.handshake_state -> State.session_data13 -> Cstruct_sexp.t -> Cstruct_sexp.t -> [> `ALPN of string ] list -> Cstruct.t -> Cstruct.t -> ( State.handshake_state * 'a list, 'b ) result
val answer_certificate : State.handshake_state -> State.session_data13 -> Cstruct_sexp.t -> Cstruct_sexp.t -> Core.signature_algorithm list option -> (Cstruct.t * 'a) list -> Cstruct.t -> Cstruct.t -> ( State.handshake_state * 'b list, [> `Error of [> `AuthenticationFailure of X509.Validation.validation_error ] | `Fatal of [> `BadCertificateChain | `KeyTooSmall ] ] ) result
val answer_certificate_verify : State.handshake_state -> State.session_data13 -> Cstruct_sexp.t -> Cstruct_sexp.t -> Core.signature_algorithm list option -> Cstruct.t -> Cstruct.t -> Cstruct.t -> ( State.handshake_state * 'a list, [> `Error of [> `NoConfiguredSignatureAlgorithm of Core.signature_algorithm list ] | `Fatal of [> `NoCertificateReceived | `ReaderError of Reader.error | `SignatureVerificationFailed of string ] ] ) result
val answer_certificate_request : State.handshake_state -> State.session_data13 -> Cstruct_sexp.t -> Cstruct_sexp.t -> [> `SignatureAlgorithms of Core.signature_algorithm list ] list -> Cstruct.t -> Cstruct.t -> ( State.handshake_state * 'a list, 'b ) result
val answer_finished : State.handshake_state -> State.session_data13 -> Cstruct.t -> Cstruct.t -> Core.signature_algorithm list option -> Cstruct.t -> Cstruct.t -> Cstruct.t -> ( State.handshake_state * [> `Change_dec of State.crypto_context | `Change_enc of State.crypto_context | `Record of Packet.content_type * Cstruct.t ] list, [> `Error of [> `NoConfiguredSignatureAlgorithm of Core.signature_algorithm list ] | `Fatal of [> `BadFinished | `HandshakeFragmentsNotEmpty | `KeyTooSmall | `SigningFailed of string ] ] ) result
val answer_session_ticket : State.handshake_state -> Core.session_ticket -> ( State.handshake_state * 'a list, 'b ) result
val handle_key_update : State.handshake_state -> Packet.key_update_request_type -> ( State.handshake_state * [> `Change_dec of State.crypto_context | `Change_enc of State.crypto_context | `Record of Packet.content_type * Cstruct.t ] list, [> `Fatal of [> `HandshakeFragmentsNotEmpty | `InvalidSession ] ] ) result
val handle_handshake : State.client13_handshake_state -> State.handshake_state -> Cstruct.t -> ( State.handshake_state * [> `Change_dec of State.crypto_context | `Change_enc of State.crypto_context | `Record of Packet.content_type * Cstruct.t ] list, [> `Error of [> `AuthenticationFailure of X509.Validation.validation_error | `NoConfiguredSignatureAlgorithm of Core.signature_algorithm list ] | `Fatal of [> `BadCertificateChain | `BadECDH of Mirage_crypto_ec.error | `BadFinished | `HandshakeFragmentsNotEmpty | `InvalidDH | `InvalidMessage | `InvalidServerHello | `InvalidSession | `KeyTooSmall | `NoCertificateReceived | `ReaderError of Reader.error | `SignatureVerificationFailed of string | `SigningFailed of string | `UnexpectedHandshake of Core.tls_handshake ] ] ) result