Unofficial Dub Package Documentation 
1 /* $OpenBSD: tls.h,v 1.58 2020/01/22 06:44:02 beck Exp $ */
2 /*
3  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 module libressl_d.tls;
18 
19 
20 private static import libressl_d.compat.time;
21 public import core.stdc.stddef;
22 public import core.stdc.stdint;
23 public import libressl_d.compat.sys.types;
24 
25 extern (C):
26 nothrow @nogc:
27 
28 enum TLS_API = 20200120;
29 
30 enum TLS_PROTOCOL_TLSv1_0 = 1 << 1;
31 enum TLS_PROTOCOL_TLSv1_1 = 1 << 2;
32 enum TLS_PROTOCOL_TLSv1_2 = 1 << 3;
33 enum TLS_PROTOCOL_TLSv1_3 = 1 << 4;
34 enum TLS_PROTOCOL_TLSv1 = .TLS_PROTOCOL_TLSv1_0 | .TLS_PROTOCOL_TLSv1_1 | .TLS_PROTOCOL_TLSv1_2 | .TLS_PROTOCOL_TLSv1_3;
35 
36 enum TLS_PROTOCOLS_ALL = .TLS_PROTOCOL_TLSv1;
37 enum TLS_PROTOCOLS_DEFAULT = .TLS_PROTOCOL_TLSv1_2 | .TLS_PROTOCOL_TLSv1_3;
38 
39 enum TLS_WANT_POLLIN = -2;
40 enum TLS_WANT_POLLOUT = -3;
41 
42 /* RFC 6960 Section 2.3 */
43 enum TLS_OCSP_RESPONSE_SUCCESSFUL = 0;
44 enum TLS_OCSP_RESPONSE_MALFORMED = 1;
45 enum TLS_OCSP_RESPONSE_INTERNALERROR = 2;
46 enum TLS_OCSP_RESPONSE_TRYLATER = 3;
47 enum TLS_OCSP_RESPONSE_SIGREQUIRED = 4;
48 enum TLS_OCSP_RESPONSE_UNAUTHORIZED = 5;
49 
50 /* RFC 6960 Section 2.2 */
51 enum TLS_OCSP_CERT_GOOD = 0;
52 enum TLS_OCSP_CERT_REVOKED = 1;
53 enum TLS_OCSP_CERT_UNKNOWN = 2;
54 
55 /* RFC 5280 Section 5.3.1 */
56 enum TLS_CRL_REASON_UNSPECIFIED = 0;
57 enum TLS_CRL_REASON_KEY_COMPROMISE = 1;
58 enum TLS_CRL_REASON_CA_COMPROMISE = 2;
59 enum TLS_CRL_REASON_AFFILIATION_CHANGED = 3;
60 enum TLS_CRL_REASON_SUPERSEDED = 4;
61 enum TLS_CRL_REASON_CESSATION_OF_OPERATION = 5;
62 enum TLS_CRL_REASON_CERTIFICATE_HOLD = 6;
63 enum TLS_CRL_REASON_REMOVE_FROM_CRL = 8;
64 enum TLS_CRL_REASON_PRIVILEGE_WITHDRAWN = 9;
65 enum TLS_CRL_REASON_AA_COMPROMISE = 10;
66 
67 enum TLS_MAX_SESSION_ID_LENGTH = 32;
68 enum TLS_TICKET_KEY_SIZE = 48;
69 
70 struct tls;
71 struct tls_config;
72 
73 alias tls_read_cb = extern (C) nothrow @nogc libressl_d.compat.sys.types.ssize_t function(.tls* _ctx, void* _buf, size_t _buflen, void* _cb_arg);
74 alias tls_write_cb = extern (C) nothrow @nogc libressl_d.compat.sys.types.ssize_t function(.tls* _ctx, const (void)* _buf, size_t _buflen, void* _cb_arg);
75 
76 int tls_init();
77 
78 const (char)* tls_config_error(.tls_config* _config);
79 const (char)* tls_error(.tls* _ctx);
80 
81 .tls_config* tls_config_new();
82 void tls_config_free(.tls_config* _config);
83 
84 const (char)* tls_default_ca_cert_file();
85 
86 int tls_config_add_keypair_file(.tls_config* _config, const (char)* _cert_file, const (char)* _key_file);
87 int tls_config_add_keypair_mem(.tls_config* _config, const (core.stdc.stdint.uint8_t)* _cert, size_t _cert_len, const (core.stdc.stdint.uint8_t)* _key, size_t _key_len);
88 int tls_config_add_keypair_ocsp_file(.tls_config* _config, const (char)* _cert_file, const (char)* _key_file, const (char)* _ocsp_staple_file);
89 int tls_config_add_keypair_ocsp_mem(.tls_config* _config, const (core.stdc.stdint.uint8_t)* _cert, size_t _cert_len, const (core.stdc.stdint.uint8_t)* _key, size_t _key_len, const (core.stdc.stdint.uint8_t)* _staple, size_t _staple_len);
90 int tls_config_set_alpn(.tls_config* _config, const (char)* _alpn);
91 int tls_config_set_ca_file(.tls_config* _config, const (char)* _ca_file);
92 int tls_config_set_ca_path(.tls_config* _config, const (char)* _ca_path);
93 int tls_config_set_ca_mem(.tls_config* _config, const (core.stdc.stdint.uint8_t)* _ca, size_t _len);
94 int tls_config_set_cert_file(.tls_config* _config, const (char)* _cert_file);
95 int tls_config_set_cert_mem(.tls_config* _config, const (core.stdc.stdint.uint8_t)* _cert, size_t _len);
96 int tls_config_set_ciphers(.tls_config* _config, const (char)* _ciphers);
97 int tls_config_set_crl_file(.tls_config* _config, const (char)* _crl_file);
98 int tls_config_set_crl_mem(.tls_config* _config, const (core.stdc.stdint.uint8_t)* _crl, size_t _len);
99 int tls_config_set_dheparams(.tls_config* _config, const (char)* _params);
100 int tls_config_set_ecdhecurve(.tls_config* _config, const (char)* _curve);
101 int tls_config_set_ecdhecurves(.tls_config* _config, const (char)* _curves);
102 int tls_config_set_key_file(.tls_config* _config, const (char)* _key_file);
103 int tls_config_set_key_mem(.tls_config* _config, const (core.stdc.stdint.uint8_t)* _key, size_t _len);
104 int tls_config_set_keypair_file(.tls_config* _config, const (char)* _cert_file, const (char)* _key_file);
105 int tls_config_set_keypair_mem(.tls_config* _config, const (core.stdc.stdint.uint8_t)* _cert, size_t _cert_len, const (core.stdc.stdint.uint8_t)* _key, size_t _key_len);
106 int tls_config_set_keypair_ocsp_file(.tls_config* _config, const (char)* _cert_file, const (char)* _key_file, const (char)* _staple_file);
107 int tls_config_set_keypair_ocsp_mem(.tls_config* _config, const (core.stdc.stdint.uint8_t)* _cert, size_t _cert_len, const (core.stdc.stdint.uint8_t)* _key, size_t _key_len, const (core.stdc.stdint.uint8_t)* _staple, size_t staple_len);
108 int tls_config_set_ocsp_staple_mem(.tls_config* _config, const (core.stdc.stdint.uint8_t)* _staple, size_t _len);
109 int tls_config_set_ocsp_staple_file(.tls_config* _config, const (char)* _staple_file);
110 int tls_config_set_protocols(.tls_config* _config, core.stdc.stdint.uint32_t _protocols);
111 int tls_config_set_session_fd(.tls_config* _config, int _session_fd);
112 int tls_config_set_verify_depth(.tls_config* _config, int _verify_depth);
113 
114 void tls_config_prefer_ciphers_client(.tls_config* _config);
115 void tls_config_prefer_ciphers_server(.tls_config* _config);
116 
117 void tls_config_insecure_noverifycert(.tls_config* _config);
118 void tls_config_insecure_noverifyname(.tls_config* _config);
119 void tls_config_insecure_noverifytime(.tls_config* _config);
120 void tls_config_verify(.tls_config* _config);
121 
122 void tls_config_ocsp_require_stapling(.tls_config* _config);
123 void tls_config_verify_client(.tls_config* _config);
124 void tls_config_verify_client_optional(.tls_config* _config);
125 
126 void tls_config_clear_keys(.tls_config* _config);
127 int tls_config_parse_protocols(core.stdc.stdint.uint32_t* _protocols, const (char)* _protostr);
128 
129 int tls_config_set_session_id(.tls_config* _config, const (ubyte)* _session_id, size_t _len);
130 int tls_config_set_session_lifetime(.tls_config* _config, int _lifetime);
131 int tls_config_add_ticket_key(.tls_config* _config, core.stdc.stdint.uint32_t _keyrev, ubyte* _key, size_t _keylen);
132 
133 .tls* tls_client();
134 .tls* tls_server();
135 int tls_configure(.tls* _ctx, .tls_config* _config);
136 void tls_reset(.tls* _ctx);
137 void tls_free(.tls* _ctx);
138 
139 int tls_accept_fds(.tls* _ctx, .tls** _cctx, int _fd_read, int _fd_write);
140 int tls_accept_socket(.tls* _ctx, .tls** _cctx, int _socket);
141 int tls_accept_cbs(.tls* _ctx, .tls** _cctx, .tls_read_cb _read_cb, .tls_write_cb _write_cb, void* _cb_arg);
142 int tls_connect(.tls* _ctx, const (char)* _host, const (char)* _port);
143 int tls_connect_fds(.tls* _ctx, int _fd_read, int _fd_write, const (char)* _servername);
144 int tls_connect_servername(.tls* _ctx, const (char)* _host, const (char)* _port, const (char)* _servername);
145 int tls_connect_socket(.tls* _ctx, int _s, const (char)* _servername);
146 int tls_connect_cbs(.tls* _ctx, .tls_read_cb _read_cb, .tls_write_cb _write_cb, void* _cb_arg, const (char)* _servername);
147 int tls_handshake(.tls* _ctx);
148 libressl_d.compat.sys.types.ssize_t tls_read(.tls* _ctx, void* _buf, size_t _buflen);
149 libressl_d.compat.sys.types.ssize_t tls_write(.tls* _ctx, const (void)* _buf, size_t _buflen);
150 int tls_close(.tls* _ctx);
151 
152 int tls_peer_cert_provided(.tls* _ctx);
153 int tls_peer_cert_contains_name(.tls* _ctx, const (char)* _name);
154 
155 const (char)* tls_peer_cert_hash(.tls* _ctx);
156 const (char)* tls_peer_cert_issuer(.tls* _ctx);
157 const (char)* tls_peer_cert_subject(.tls* _ctx);
158 libressl_d.compat.time.time_t tls_peer_cert_notbefore(.tls* _ctx);
159 libressl_d.compat.time.time_t tls_peer_cert_notafter(.tls* _ctx);
160 const (core.stdc.stdint.uint8_t)* tls_peer_cert_chain_pem(.tls* _ctx, size_t* _len);
161 
162 const (char)* tls_conn_alpn_selected(.tls* _ctx);
163 const (char)* tls_conn_cipher(.tls* _ctx);
164 int tls_conn_cipher_strength(.tls* _ctx);
165 const (char)* tls_conn_servername(.tls* _ctx);
166 int tls_conn_session_resumed(.tls* _ctx);
167 const (char)* tls_conn_version(.tls* _ctx);
168 
169 core.stdc.stdint.uint8_t* tls_load_file(const (char)* _file, size_t* _len, char* _password);
170 void tls_unload_file(core.stdc.stdint.uint8_t* _buf, size_t len);
171 
172 int tls_ocsp_process_response(.tls* _ctx, const (ubyte)* _response, size_t _size);
173 int tls_peer_ocsp_cert_status(.tls* _ctx);
174 int tls_peer_ocsp_crl_reason(.tls* _ctx);
175 libressl_d.compat.time.time_t tls_peer_ocsp_next_update(.tls* _ctx);
176 int tls_peer_ocsp_response_status(.tls* _ctx);
177 const (char)* tls_peer_ocsp_result(.tls* _ctx);
178 libressl_d.compat.time.time_t tls_peer_ocsp_revocation_time(.tls* _ctx);
179 libressl_d.compat.time.time_t tls_peer_ocsp_this_update(.tls* _ctx);
180 const (char)* tls_peer_ocsp_url(.tls* _ctx);

Page generated by adrdox