tls 0.15.4 · OCaml Package

val answer_client_hello : 
  hrr:bool ->
  State.handshake_state ->
  Core.client_hello ->
  Cstruct.t ->
  (State.handshake_state
   * [> `Change_dec of State.crypto_context
     | `Change_enc of State.crypto_context
     | `Record of Packet.content_type * Cstruct.t ]
       list,
    [> `Error of
         [> `CouldntSelectCertificate
         | `NoCertificateConfigured
         | `NoConfiguredCiphersuite of
           [> `AES_128_CCM_SHA256
           | `AES_128_GCM_SHA256
           | `AES_256_GCM_SHA384
           | `CHACHA20_POLY1305_SHA256 ]
             list
         | `NoConfiguredSignatureAlgorithm of Core.signature_algorithm list
         | `NoMatchingCertificateFound of string ]
    | `Fatal of
      [> `BadECDH of Mirage_crypto_ec.error
      | `HandshakeFragmentsNotEmpty
      | `InvalidClientHello of
        [> `EmptyCiphersuites
        | `Has0rttAfterHRR
        | `HasSignatureAlgorithmsExtension
        | `NoCookie
        | `NoGoodSignatureAlgorithms of Core.signature_algorithm list
        | `NoKeyShareExtension
        | `NoSignatureAlgorithmsExtension
        | `NoSupportedCiphersuite of Packet.any_ciphersuite list
        | `NoSupportedGroupExtension
        | `NotSetExtension of Core.client_extension list
        | `NotSetKeyShare of (Packet.named_group * Cstruct_sexp.t) list
        | `NotSetSupportedGroup of Packet.named_group list
        | `NotSubsetKeyShareSupportedGroup of
          Packet.named_group list * (Packet.named_group * Cstruct_sexp.t) list ]
      | `InvalidDH
      | `InvalidSession
      | `KeyTooSmall
      | `NoApplicationProtocol
      | `NoSupportedGroup
      | `SigningFailed of string ] ])
    result

val answer_client_certificate : 
  State.handshake_state ->
  Cstruct.t ->
  State.session_data13 ->
  Cstruct_sexp.t ->
  State.crypto_context ->
  Core.session_ticket option ->
  Cstruct.t ->
  Cstruct.t ->
  (State.handshake_state * 'a list,
    [> `Error of
         [> `AuthenticationFailure of X509.Validation.validation_error ]
    | `Fatal of
      [> `BadCertificateChain
      | `InvalidSession
      | `KeyTooSmall
      | `ReaderError of Reader.error ] ])
    result

val answer_client_certificate_verify : 
  State.handshake_state ->
  Cstruct.t ->
  State.session_data13 ->
  Cstruct_sexp.t ->
  State.crypto_context ->
  Core.session_ticket option ->
  Cstruct.t ->
  Cstruct.t ->
  (State.handshake_state * 'a list,
    [> `Error of
         [> `NoConfiguredSignatureAlgorithm of Core.signature_algorithm list ]
    | `Fatal of
      [> `NoCertificateReceived
      | `ReaderError of Reader.error
      | `SignatureVerificationFailed of string ] ])
    result

val answer_client_finished : 
  State.handshake_state ->
  Cstruct.t ->
  Cstruct.t ->
  'a ->
  Core.session_ticket option ->
  Cstruct.t ->
  Cstruct.t ->
  (State.handshake_state * [> `Change_dec of 'a ] list,
    [> `Fatal of
         [> `BadFinished | `HandshakeFragmentsNotEmpty | `InvalidSession ] ])
    result

val handle_end_of_early_data : 
  State.handshake_state ->
  Cstruct_sexp.t ->
  'a ->
  State.crypto_context ->
  Core.session_ticket option ->
  Cstruct.t ->
  Cstruct.t ->
  (State.handshake_state * [> `Change_dec of 'a ] list,
    [> `Fatal of [> `InvalidSession ] ])
    result

val handle_key_update : 
  State.handshake_state ->
  Packet.key_update_request_type ->
  (State.handshake_state
   * [> `Change_dec of State.crypto_context
     | `Change_enc of State.crypto_context
     | `Record of Packet.content_type * Cstruct.t ]
       list,
    [> `Fatal of [> `HandshakeFragmentsNotEmpty | `InvalidSession ] ])
    result

val handle_handshake : 
  State.server13_handshake_state ->
  State.handshake_state ->
  Cstruct.t ->
  (State.handshake_state
   * [> `Change_dec of State.crypto_context
     | `Change_enc of State.crypto_context
     | `Record of Packet.content_type * Cstruct.t ]
       list,
    [> `Error of
         [> `AuthenticationFailure of X509.Validation.validation_error
         | `CouldntSelectCertificate
         | `NoCertificateConfigured
         | `NoConfiguredCiphersuite of
           [> `AES_128_CCM_SHA256
           | `AES_128_GCM_SHA256
           | `AES_256_GCM_SHA384
           | `CHACHA20_POLY1305_SHA256 ]
             list
         | `NoConfiguredSignatureAlgorithm of Core.signature_algorithm list
         | `NoMatchingCertificateFound of string ]
    | `Fatal of
      [> `BadCertificateChain
      | `BadECDH of Mirage_crypto_ec.error
      | `BadFinished
      | `HandshakeFragmentsNotEmpty
      | `InvalidClientHello of
        [> `EmptyCiphersuites
        | `Has0rttAfterHRR
        | `HasSignatureAlgorithmsExtension
        | `NoCookie
        | `NoGoodSignatureAlgorithms of Core.signature_algorithm list
        | `NoKeyShareExtension
        | `NoSignatureAlgorithmsExtension
        | `NoSupportedCiphersuite of Packet.any_ciphersuite list
        | `NoSupportedGroupExtension
        | `NotSetExtension of Core.client_extension list
        | `NotSetKeyShare of (Packet.named_group * Cstruct_sexp.t) list
        | `NotSetSupportedGroup of Packet.named_group list
        | `NotSubsetKeyShareSupportedGroup of
          Packet.named_group list * (Packet.named_group * Cstruct_sexp.t) list ]
      | `InvalidDH
      | `InvalidSession
      | `KeyTooSmall
      | `NoApplicationProtocol
      | `NoCertificateReceived
      | `NoSupportedGroup
      | `ReaderError of Reader.error
      | `SignatureVerificationFailed of string
      | `SigningFailed of string
      | `UnexpectedHandshake of Core.tls_handshake ] ])
    result

package tls