tls 1.0.2 · OCaml Package

type hmac_key = string

type iv_mode =

| Iv of string
| Random_iv

type 'k cbc_cipher = (module Mirage_crypto.Block.CBC with type key = 'k)

type 'k cbc_state = {

cipher : 'k cbc_cipher;
cipher_secret : 'k;
iv_mode : iv_mode;
hmac : Digestif.hash';
hmac_secret : hmac_key;

}

type nonce = string

type 'k aead_cipher = (module Mirage_crypto.AEAD with type key = 'k)

type 'k aead_state = {

cipher : 'k aead_cipher;
cipher_secret : 'k;
nonce : nonce;
explicit_nonce : bool;

}

type cipher_st =

| CBC : 'k cbc_state -> cipher_st
| AEAD : 'k aead_state -> cipher_st

type crypto_context = {

sequence : int64;
cipher_st : cipher_st;

}

type hs_log = string list

type dh_secret = [

| `Finite_field of Mirage_crypto_pk.Dh.secret
| `P256 of Mirage_crypto_ec.P256.Dh.secret
| `P384 of Mirage_crypto_ec.P384.Dh.secret
| `P521 of Mirage_crypto_ec.P521.Dh.secret
| `X25519 of Mirage_crypto_ec.X25519.secret

]

type reneg_params = string * string

type common_session_data = {

server_random : string;
client_random : string;
peer_certificate_chain : X509.Certificate.t list;
peer_certificate : X509.Certificate.t option;
trust_anchor : X509.Certificate.t option;
received_certificates : X509.Certificate.t list;
own_certificate : X509.Certificate.t list;
own_private_key : X509.Private_key.t option;
own_name : [ `host ] Domain_name.t option;
client_auth : bool;
master_secret : Core.master_secret;
alpn_protocol : string option;

}

type session_data = {

common_session_data : common_session_data;
client_version : Core.tls_any_version;
ciphersuite : Ciphersuite.ciphersuite;
group : Core.group option;
renegotiation : reneg_params;
session_id : string;
extended_ms : bool;
tls_unique : string;

}

type server_handshake_state =

| AwaitClientHello
| AwaitClientHelloRenegotiate
| AwaitClientCertificate_RSA of session_data * hs_log
| AwaitClientCertificate_DHE of session_data * dh_secret * hs_log
| AwaitClientKeyExchange_RSA of session_data * hs_log
| AwaitClientKeyExchange_DHE of session_data * dh_secret * hs_log
| AwaitClientCertificateVerify of session_data * crypto_context * crypto_context * hs_log
| AwaitClientChangeCipherSpec of session_data * crypto_context * crypto_context * hs_log
| AwaitClientChangeCipherSpecResume of session_data * crypto_context * string * hs_log
| AwaitClientFinished of session_data * hs_log
| AwaitClientFinishedResume of session_data * string * hs_log
| Established

type client_handshake_state =

| ClientInitial
| AwaitServerHello of Core.client_hello * (Core.group * dh_secret) list * hs_log
| AwaitServerHelloRenegotiate of session_data * Core.client_hello * hs_log
| AwaitCertificate_RSA of session_data * hs_log
| AwaitCertificate_DHE of session_data * hs_log
| AwaitServerKeyExchange_DHE of session_data * hs_log
| AwaitCertificateRequestOrServerHelloDone of session_data * string * string * hs_log
| AwaitServerHelloDone of session_data * Core.signature_algorithm list option * string * string * hs_log
| AwaitServerChangeCipherSpec of session_data * crypto_context * string * hs_log
| AwaitServerChangeCipherSpecResume of session_data * crypto_context * crypto_context * hs_log
| AwaitServerFinished of session_data * string * hs_log
| AwaitServerFinishedResume of session_data * hs_log
| Established

type kdf = {

secret : string;
cipher : Ciphersuite.ciphersuite13;
hash : Digestif.hash';

}

type session_data13 = {

common_session_data13 : common_session_data;
ciphersuite13 : Ciphersuite.ciphersuite13;
master_secret : kdf;
exporter_master_secret : string;
resumption_secret : string;
state : Core.epoch_state;
resumed : bool;
client_app_secret : string;
server_app_secret : string;

}

type client13_handshake_state =

| AwaitServerHello13 of Core.client_hello * (Core.group * dh_secret) list * string
| AwaitServerEncryptedExtensions13 of session_data13 * string * string * string
| AwaitServerCertificateRequestOrCertificate13 of session_data13 * string * string * string
| AwaitServerCertificate13 of session_data13 * string * string * Core.signature_algorithm list option * string
| AwaitServerCertificateVerify13 of session_data13 * string * string * Core.signature_algorithm list option * string
| AwaitServerFinished13 of session_data13 * string * string * Core.signature_algorithm list option * string
| Established13

type server13_handshake_state =

| AwaitClientHelloHRR13
| AwaitClientCertificate13 of session_data13 * string * crypto_context * Core.session_ticket option * string
| AwaitClientCertificateVerify13 of session_data13 * string * crypto_context * Core.session_ticket option * string
| AwaitClientFinished13 of string * crypto_context * Core.session_ticket option * string
| AwaitEndOfEarlyData13 of string * crypto_context * crypto_context * Core.session_ticket option * string
| Established13

type handshake_machina_state =

| Client of client_handshake_state
| Server of server_handshake_state
| Client13 of client13_handshake_state
| Server13 of server13_handshake_state

type handshake_state = {

session : [ `TLS of session_data | `TLS13 of session_data13 ] list;
protocol_version : Core.tls_version;
early_data_left : int32;
machina : handshake_machina_state;
config : Config.config;
hs_fragment : string;

}

type crypto_state = crypto_context option

type record = Packet.content_type * string

type rec_resp = [

| `Change_enc of crypto_context
| `Change_dec of crypto_context
| `Record of record

]

type handshake_return = handshake_state * rec_resp list

type state = {

handshake : handshake_state;
decryptor : crypto_state;
encryptor : crypto_state;
fragment : string;
read_closed : bool;
write_closed : bool;

}

type error = [

| `AuthenticationFailure of X509.Validation.validation_error
| `NoConfiguredCiphersuite of Ciphersuite.ciphersuite list
| `NoConfiguredVersions of Core.tls_version list
| `NoConfiguredSignatureAlgorithm of Core.signature_algorithm list
| `NoMatchingCertificateFound of string
| `CouldntSelectCertificate

]

val pp_error : 
  Stdlib.Format.formatter ->
  [< `AuthenticationFailure of X509.Validation.validation_error
  | `CouldntSelectCertificate
  | `NoConfiguredCiphersuite of
    [< `AES_128_CCM_SHA256
    | `AES_128_GCM_SHA256
    | `AES_256_GCM_SHA384
    | `CHACHA20_POLY1305_SHA256
    | `DHE_RSA_WITH_3DES_EDE_CBC_SHA
    | `DHE_RSA_WITH_AES_128_CBC_SHA
    | `DHE_RSA_WITH_AES_128_CBC_SHA256
    | `DHE_RSA_WITH_AES_128_CCM
    | `DHE_RSA_WITH_AES_128_GCM_SHA256
    | `DHE_RSA_WITH_AES_256_CBC_SHA
    | `DHE_RSA_WITH_AES_256_CBC_SHA256
    | `DHE_RSA_WITH_AES_256_CCM
    | `DHE_RSA_WITH_AES_256_GCM_SHA384
    | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
    | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
    | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA
    | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
    | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA
    | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
    | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
    | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
    | `ECDHE_RSA_WITH_AES_128_CBC_SHA
    | `ECDHE_RSA_WITH_AES_128_CBC_SHA256
    | `ECDHE_RSA_WITH_AES_128_GCM_SHA256
    | `ECDHE_RSA_WITH_AES_256_CBC_SHA
    | `ECDHE_RSA_WITH_AES_256_CBC_SHA384
    | `ECDHE_RSA_WITH_AES_256_GCM_SHA384
    | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
    | `RSA_WITH_3DES_EDE_CBC_SHA
    | `RSA_WITH_AES_128_CBC_SHA
    | `RSA_WITH_AES_128_CBC_SHA256
    | `RSA_WITH_AES_128_CCM
    | `RSA_WITH_AES_128_GCM_SHA256
    | `RSA_WITH_AES_256_CBC_SHA
    | `RSA_WITH_AES_256_CBC_SHA256
    | `RSA_WITH_AES_256_CCM
    | `RSA_WITH_AES_256_GCM_SHA384 AES_128_CCM_SHA256 AES_128_GCM_SHA256 AES_256_GCM_SHA384 CHACHA20_POLY1305_SHA256 ]
      list
  | `NoConfiguredSignatureAlgorithm of
    [< `ECDSA_SECP256R1_SHA1
    | `ECDSA_SECP256R1_SHA256
    | `ECDSA_SECP384R1_SHA384
    | `ECDSA_SECP521R1_SHA512
    | `ED25519
    | `RSA_PKCS1_MD5
    | `RSA_PKCS1_SHA1
    | `RSA_PKCS1_SHA224
    | `RSA_PKCS1_SHA256
    | `RSA_PKCS1_SHA384
    | `RSA_PKCS1_SHA512
    | `RSA_PSS_RSAENC_SHA256
    | `RSA_PSS_RSAENC_SHA384
    | `RSA_PSS_RSAENC_SHA512 ECDSA_SECP256R1_SHA1 ECDSA_SECP256R1_SHA256 ECDSA_SECP384R1_SHA384 ECDSA_SECP521R1_SHA512 ]
      list
  | `NoConfiguredVersions of
    [< `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ] list
  | `NoMatchingCertificateFound of string ] ->
  unit

type fatal = [

| `Protocol_version of [ `None_supported of Core.tls_any_version list | `Unknown_record of int * int | `Bad_record of Core.tls_any_version ]
| `Unexpected of [ `Content_type of int | `Message of string | `Handshake of Core.tls_handshake ]
| `Decode of string
| `Handshake of [ `Message of string | `Fragments | `BadDH of string | `BadECDH of Mirage_crypto_ec.error ]
| `Bad_certificate of string
| `Missing_extension of string
| `Bad_mac
| `Record_overflow of int
| `Unsupported_extension
| `Inappropriate_fallback
| `No_application_protocol

]

val pp_protocol_version : 
  Stdlib.Format.formatter ->
  [< `Bad_record of
       [< `SSL_3
       | `TLS_1_0
       | `TLS_1_1
       | `TLS_1_2
       | `TLS_1_3
       | `TLS_1_X of int ]
  | `None_supported of
    [< `SSL_3 | `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 | `TLS_1_X of int ]
      list
  | `Unknown_record of int * int ] ->
  unit

val pp_unexpected : 
  Stdlib.Format.formatter ->
  [< `Content_type of int
  | `Handshake of Core.tls_handshake
  | `Message of string ] ->
  unit

val pp_handshake_error : 
  Stdlib.Format.formatter ->
  [< `BadDH of string
  | `BadECDH of Mirage_crypto_ec.error
  | `Fragments
  | `Message of string ] ->
  unit

val pp_fatal : 
  Stdlib.Format.formatter ->
  [< `Bad_certificate of string
  | `Bad_mac
  | `Decode of string
  | `Handshake of
    [< `BadDH of string
    | `BadECDH of Mirage_crypto_ec.error
    | `Fragments
    | `Message of string ]
  | `Inappropriate_fallback
  | `Missing_extension of string
  | `No_application_protocol
  | `Protocol_version of
    [< `Bad_record of
         [< `SSL_3
         | `TLS_1_0
         | `TLS_1_1
         | `TLS_1_2
         | `TLS_1_3
         | `TLS_1_X of int ]
    | `None_supported of
      [< `SSL_3 | `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 | `TLS_1_X of int ]
        list
    | `Unknown_record of int * int ]
  | `Record_overflow of int
  | `Unexpected of
    [< `Content_type of int
    | `Handshake of Core.tls_handshake
    | `Message of string ]
  | `Unsupported_extension ] ->
  unit

type failure = [

| `Error of error
| `Fatal of fatal
| `Alert of Packet.alert_type

]

val pp_failure : 
  Stdlib.Format.formatter ->
  [< `Alert of Packet.alert_type
  | `Error of
    [< `AuthenticationFailure of X509.Validation.validation_error
    | `CouldntSelectCertificate
    | `NoConfiguredCiphersuite of
      [< `AES_128_CCM_SHA256
      | `AES_128_GCM_SHA256
      | `AES_256_GCM_SHA384
      | `CHACHA20_POLY1305_SHA256
      | `DHE_RSA_WITH_3DES_EDE_CBC_SHA
      | `DHE_RSA_WITH_AES_128_CBC_SHA
      | `DHE_RSA_WITH_AES_128_CBC_SHA256
      | `DHE_RSA_WITH_AES_128_CCM
      | `DHE_RSA_WITH_AES_128_GCM_SHA256
      | `DHE_RSA_WITH_AES_256_CBC_SHA
      | `DHE_RSA_WITH_AES_256_CBC_SHA256
      | `DHE_RSA_WITH_AES_256_CCM
      | `DHE_RSA_WITH_AES_256_GCM_SHA384
      | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
      | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
      | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA
      | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
      | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
      | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA
      | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
      | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
      | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
      | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
      | `ECDHE_RSA_WITH_AES_128_CBC_SHA
      | `ECDHE_RSA_WITH_AES_128_CBC_SHA256
      | `ECDHE_RSA_WITH_AES_128_GCM_SHA256
      | `ECDHE_RSA_WITH_AES_256_CBC_SHA
      | `ECDHE_RSA_WITH_AES_256_CBC_SHA384
      | `ECDHE_RSA_WITH_AES_256_GCM_SHA384
      | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
      | `RSA_WITH_3DES_EDE_CBC_SHA
      | `RSA_WITH_AES_128_CBC_SHA
      | `RSA_WITH_AES_128_CBC_SHA256
      | `RSA_WITH_AES_128_CCM
      | `RSA_WITH_AES_128_GCM_SHA256
      | `RSA_WITH_AES_256_CBC_SHA
      | `RSA_WITH_AES_256_CBC_SHA256
      | `RSA_WITH_AES_256_CCM
      | `RSA_WITH_AES_256_GCM_SHA384 AES_128_CCM_SHA256 AES_128_GCM_SHA256 AES_256_GCM_SHA384 CHACHA20_POLY1305_SHA256 ]
        list
    | `NoConfiguredSignatureAlgorithm of
      [< `ECDSA_SECP256R1_SHA1
      | `ECDSA_SECP256R1_SHA256
      | `ECDSA_SECP384R1_SHA384
      | `ECDSA_SECP521R1_SHA512
      | `ED25519
      | `RSA_PKCS1_MD5
      | `RSA_PKCS1_SHA1
      | `RSA_PKCS1_SHA224
      | `RSA_PKCS1_SHA256
      | `RSA_PKCS1_SHA384
      | `RSA_PKCS1_SHA512
      | `RSA_PSS_RSAENC_SHA256
      | `RSA_PSS_RSAENC_SHA384
      | `RSA_PSS_RSAENC_SHA512 ECDSA_SECP256R1_SHA1 ECDSA_SECP256R1_SHA256 ECDSA_SECP384R1_SHA384 ECDSA_SECP521R1_SHA512 ]
        list
    | `NoConfiguredVersions of
      [< `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ] list
    | `NoMatchingCertificateFound of string ]
  | `Fatal of
    [< `Bad_certificate of string
    | `Bad_mac
    | `Decode of string
    | `Handshake of
      [< `BadDH of string
      | `BadECDH of Mirage_crypto_ec.error
      | `Fragments
      | `Message of string ]
    | `Inappropriate_fallback
    | `Missing_extension of string
    | `No_application_protocol
    | `Protocol_version of
      [< `Bad_record of
           [< `SSL_3
           | `TLS_1_0
           | `TLS_1_1
           | `TLS_1_2
           | `TLS_1_3
           | `TLS_1_X of int ]
      | `None_supported of
        [< `SSL_3
        | `TLS_1_0
        | `TLS_1_1
        | `TLS_1_2
        | `TLS_1_3
        | `TLS_1_X of int ]
          list
      | `Unknown_record of int * int ]
    | `Record_overflow of int
    | `Unexpected of
      [< `Content_type of int
      | `Handshake of Core.tls_handshake
      | `Message of string ]
    | `Unsupported_extension ] ] ->
  unit

val common_data_to_epoch : 
  common_session_data ->
  bool ->
  [ `host ] Domain_name.t option ->
  Core.epoch_data

val epoch_of_session : 
  bool ->
  [ `host ] Domain_name.t option ->
  Core.tls_version ->
  [< `TLS of session_data | `TLS13 of session_data13 ] ->
  Core.epoch_data

val epoch_of_hs : handshake_state -> Core.epoch_data option

package tls