package tls

  1. Overview
  2. Docs

Magic numbers of the TLS protocol.

val get_uint24_len : Cstruct.t -> int
val set_uint24_len : Cstruct.t -> int -> unit
type content_type =
  1. | CHANGE_CIPHER_SPEC
  2. | ALERT
  3. | HANDSHAKE
  4. | APPLICATION_DATA
val content_type_to_int : content_type -> int
val int_to_content_type : int -> content_type option
val pp_content_type : Stdlib.Format.formatter -> content_type -> unit
type alert_level =
  1. | WARNING
  2. | FATAL
val pp_alert_level : Stdlib.Format.formatter -> alert_level -> unit
val alert_level_to_int : alert_level -> int
val int_to_alert_level : int -> alert_level option
type alert_type =
  1. | CLOSE_NOTIFY
  2. | UNEXPECTED_MESSAGE
  3. | BAD_RECORD_MAC
  4. | DECRYPTION_FAILED
  5. | RECORD_OVERFLOW
  6. | DECOMPRESSION_FAILURE
  7. | HANDSHAKE_FAILURE
  8. | NO_CERTIFICATE_RESERVED
  9. | BAD_CERTIFICATE
  10. | UNSUPPORTED_CERTIFICATE
  11. | CERTIFICATE_REVOKED
  12. | CERTIFICATE_EXPIRED
  13. | CERTIFICATE_UNKNOWN
  14. | ILLEGAL_PARAMETER
  15. | UNKNOWN_CA
  16. | ACCESS_DENIED
  17. | DECODE_ERROR
  18. | DECRYPT_ERROR
  19. | EXPORT_RESTRICTION_RESERVED
  20. | PROTOCOL_VERSION
  21. | INSUFFICIENT_SECURITY
  22. | INTERNAL_ERROR
  23. | INAPPROPRIATE_FALLBACK
  24. | USER_CANCELED
  25. | NO_RENEGOTIATION
  26. | MISSING_EXTENSION
  27. | UNSUPPORTED_EXTENSION
  28. | CERTIFICATE_UNOBTAINABLE
  29. | UNRECOGNIZED_NAME
  30. | BAD_CERTIFICATE_STATUS_RESPONSE
  31. | BAD_CERTIFICATE_HASH_VALUE
  32. | UNKNOWN_PSK_IDENTITY
  33. | CERTIFICATE_REQUIRED
  34. | NO_APPLICATION_PROTOCOL
val alert_type_to_string : alert_type -> string
val alert_type_to_int : alert_type -> int
val int_to_alert_type : int -> alert_type option
val pp_alert : Stdlib.Format.formatter -> (alert_level * alert_type) -> unit
type handshake_type =
  1. | HELLO_REQUEST
  2. | CLIENT_HELLO
  3. | SERVER_HELLO
  4. | HELLO_VERIFY_REQUEST
  5. | SESSION_TICKET
  6. | END_OF_EARLY_DATA
  7. | ENCRYPTED_EXTENSIONS
  8. | CERTIFICATE
  9. | SERVER_KEY_EXCHANGE
  10. | CERTIFICATE_REQUEST
  11. | SERVER_HELLO_DONE
  12. | CERTIFICATE_VERIFY
  13. | CLIENT_KEY_EXCHANGE
  14. | FINISHED
  15. | CERTIFICATE_URL
  16. | CERTIFICATE_STATUS
  17. | SUPPLEMENTAL_DATA
  18. | KEY_UPDATE
  19. | MESSAGE_HASH
val handshake_type_to_int : handshake_type -> int
val int_to_handshake_type : int -> handshake_type option
type client_certificate_type =
  1. | RSA_SIGN
  2. | DSS_SIGN
  3. | RSA_FIXED_DH
  4. | DSS_FIXED_DH
  5. | RSA_EPHEMERAL_DH_RESERVED
  6. | DSS_EPHEMERAL_DH_RESERVED
  7. | FORTEZZA_DMS_RESERVED
  8. | ECDSA_SIGN
  9. | RSA_FIXED_ECDH
  10. | ECDSA_FIXED_ECDH
val client_certificate_type_to_int : client_certificate_type -> int
val int_to_client_certificate_type : int -> client_certificate_type option
type compression_method =
  1. | NULL
  2. | DEFLATE
  3. | LZS
val compression_method_to_int : compression_method -> int
val int_to_compression_method : int -> compression_method option
type extension_type =
  1. | SERVER_NAME
  2. | MAX_FRAGMENT_LENGTH
  3. | CLIENT_CERTIFICATE_URL
  4. | TRUSTED_CA_KEYS
  5. | TRUNCATED_HMAC
  6. | STATUS_REQUEST
  7. | USER_MAPPING
  8. | CLIENT_AUTHZ
  9. | SERVER_AUTHZ
  10. | CERT_TYPE
  11. | SUPPORTED_GROUPS
  12. | EC_POINT_FORMATS
  13. | SRP
  14. | SIGNATURE_ALGORITHMS
  15. | USE_SRTP
  16. | HEARTBEAT
  17. | APPLICATION_LAYER_PROTOCOL_NEGOTIATION
  18. | STATUS_REQUEST_V2
  19. | SIGNED_CERTIFICATE_TIMESTAMP
  20. | CLIENT_CERTIFICATE_TYPE
  21. | SERVER_CERTIFICATE_TYPE
  22. | PADDING
  23. | ENCRYPT_THEN_MAC
  24. | EXTENDED_MASTER_SECRET
  25. | TOKEN_BINDING
  26. | CACHED_INFO
  27. | TLS_LTS
  28. | COMPRESSED_CERTIFICATE
  29. | RECORD_SIZE_LIMIT
  30. | PWD_PROTECT
  31. | PWD_CLEAR
  32. | PASSWORD_SALT
  33. | SESSION_TICKET
  34. | PRE_SHARED_KEY
  35. | EARLY_DATA
  36. | SUPPORTED_VERSIONS
  37. | COOKIE
  38. | PSK_KEY_EXCHANGE_MODES
  39. | CERTIFICATE_AUTHORITIES
  40. | OID_FILTERS
  41. | POST_HANDSHAKE_AUTH
  42. | SIGNATURE_ALGORITHMS_CERT
  43. | KEY_SHARE
  44. | RENEGOTIATION_INFO
  45. | DRAFT_SUPPORT
val extension_type_to_int : extension_type -> int
val int_to_extension_type : int -> extension_type option
val extension_type_to_string : extension_type -> string
type max_fragment_length =
  1. | TWO_9
  2. | TWO_10
  3. | TWO_11
  4. | TWO_12
val max_fragment_length_to_int : max_fragment_length -> int
val int_to_max_fragment_length : int -> max_fragment_length option
type psk_key_exchange_mode =
  1. | PSK_KE
  2. | PSK_KE_DHE
val psk_key_exchange_mode_to_int : psk_key_exchange_mode -> int
val int_to_psk_key_exchange_mode : int -> psk_key_exchange_mode option
type signature_alg =
  1. | RSA_PKCS1_MD5
  2. | RSA_PKCS1_SHA1
  3. | RSA_PKCS1_SHA224
  4. | RSA_PKCS1_SHA256
  5. | RSA_PKCS1_SHA384
  6. | RSA_PKCS1_SHA512
  7. | ECDSA_SECP256R1_SHA1
  8. | ECDSA_SECP256R1_SHA256
  9. | ECDSA_SECP384R1_SHA384
  10. | ECDSA_SECP521R1_SHA512
  11. | RSA_PSS_RSAENC_SHA256
  12. | RSA_PSS_RSAENC_SHA384
  13. | RSA_PSS_RSAENC_SHA512
  14. | ED25519
  15. | ED448
  16. | RSA_PSS_PSS_SHA256
  17. | RSA_PSS_PSS_SHA384
  18. | RSA_PSS_PSS_SHA512
val signature_alg_to_int : signature_alg -> int
val int_to_signature_alg : int -> signature_alg option
val to_signature_alg : [< `ECDSA_SECP256R1_SHA1 | `ECDSA_SECP256R1_SHA256 | `ECDSA_SECP384R1_SHA384 | `ECDSA_SECP521R1_SHA512 | `ED25519 | `RSA_PKCS1_MD5 | `RSA_PKCS1_SHA1 | `RSA_PKCS1_SHA224 | `RSA_PKCS1_SHA256 | `RSA_PKCS1_SHA384 | `RSA_PKCS1_SHA512 | `RSA_PSS_RSAENC_SHA256 | `RSA_PSS_RSAENC_SHA384 | `RSA_PSS_RSAENC_SHA512 ] -> signature_alg
val of_signature_alg : signature_alg -> [> `ECDSA_SECP256R1_SHA1 | `ECDSA_SECP256R1_SHA256 | `ECDSA_SECP384R1_SHA384 | `ECDSA_SECP521R1_SHA512 | `ED25519 | `RSA_PKCS1_MD5 | `RSA_PKCS1_SHA1 | `RSA_PKCS1_SHA224 | `RSA_PKCS1_SHA256 | `RSA_PKCS1_SHA384 | `RSA_PKCS1_SHA512 | `RSA_PSS_RSAENC_SHA256 | `RSA_PSS_RSAENC_SHA384 | `RSA_PSS_RSAENC_SHA512 ] option
type ec_curve_type =
  1. | NAMED_CURVE
val ec_curve_type_to_int : ec_curve_type -> int
val int_to_ec_curve_type : int -> ec_curve_type option
type named_group =
  1. | SECP256R1
  2. | SECP384R1
  3. | SECP521R1
  4. | X25519
  5. | X448
  6. | FFDHE2048
  7. | FFDHE3072
  8. | FFDHE4096
  9. | FFDHE6144
  10. | FFDHE8192
val named_group_to_int : named_group -> int
val int_to_named_group : int -> named_group option
type any_ciphersuite =
  1. | TLS_RSA_WITH_3DES_EDE_CBC_SHA
  2. | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  3. | TLS_RSA_WITH_AES_128_CBC_SHA
  4. | TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  5. | TLS_RSA_WITH_AES_256_CBC_SHA
  6. | TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  7. | TLS_RSA_WITH_AES_128_CBC_SHA256
  8. | TLS_RSA_WITH_AES_256_CBC_SHA256
  9. | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  10. | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  11. | TLS_RSA_WITH_AES_128_GCM_SHA256
  12. | TLS_RSA_WITH_AES_256_GCM_SHA384
  13. | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  14. | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  15. | TLS_EMPTY_RENEGOTIATION_INFO_SCSV
  16. | TLS_AES_128_GCM_SHA256
  17. | TLS_AES_256_GCM_SHA384
  18. | TLS_CHACHA20_POLY1305_SHA256
  19. | TLS_AES_128_CCM_SHA256
  20. | TLS_FALLBACK_SCSV
  21. | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
  22. | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  23. | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  24. | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  25. | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  26. | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  27. | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  28. | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  29. | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  30. | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  31. | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  32. | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  33. | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  34. | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  35. | TLS_RSA_WITH_AES_128_CCM
  36. | TLS_RSA_WITH_AES_256_CCM
  37. | TLS_DHE_RSA_WITH_AES_128_CCM
  38. | TLS_DHE_RSA_WITH_AES_256_CCM
  39. | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  40. | TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
  41. | TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256

enum of all TLS ciphersuites

val any_ciphersuite_to_int : any_ciphersuite -> int
val int_to_any_ciphersuite : int -> any_ciphersuite option
type key_update_request_type =
  1. | UPDATE_NOT_REQUESTED
  2. | UPDATE_REQUESTED
val key_update_request_type_to_int : key_update_request_type -> int
val int_to_key_update_request_type : int -> key_update_request_type option
val helloretryrequest : Mirage_crypto.Hash.digest
val downgrade12 : Cstruct.t
val downgrade11 : Cstruct.t
OCaml

Innovation. Community. Security.