|
Tor 0.4.9.2-alpha-dev
|
•All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Modules Pages
|
Tor 0.4.9.2-alpha-dev
|
Wrapper functions to present a consistent interface to TLS and SSL X.509 functions from NSS. More...
#include "orconfig.h"#include "lib/crypt_ops/crypto_cipher.h"#include "lib/crypt_ops/crypto_rand.h"#include "lib/crypt_ops/crypto_dh.h"#include "lib/crypt_ops/crypto_util.h"#include "lib/crypt_ops/crypto_nss_mgt.h"#include "lib/string/printf.h"#include "lib/tls/x509.h"#include "lib/tls/x509_internal.h"#include "lib/tls/tortls.h"#include "lib/tls/tortls_st.h"#include "lib/tls/tortls_internal.h"#include "lib/tls/nss_countbytes.h"#include "lib/log/util_bug.h"#include <prio.h>#include <private/pprio.h>#include <ssl.h>#include <sslt.h>#include <sslproto.h>#include <certt.h>Go to the source code of this file.
Macros | |
| #define | TORTLS_PRIVATE |
| #define | TOR_X509_PRIVATE |
| #define | SEC_OID_TOR_DEFAULT_ECDHE_GROUP SEC_OID_ANSIX962_EC_PRIME256V1 |
Functions | |
| static SECStatus | always_accept_cert_cb (void *, PRFileDesc *, PRBool, PRBool) |
| static bool | we_like_ssl_cipher (SSLCipherAlgorithm ca) |
| static bool | we_like_ssl_kea (SSLKEAType kt) |
| static bool | we_like_mac_algorithm (SSLMACAlgorithm ma) |
| static bool | we_like_auth_type (SSLAuthType at) |
| static bool | ciphersuite_has_nss_export_bug (const SSLCipherSuiteInfo *info) |
| tor_tls_context_t * | tor_tls_context_new (crypto_pk_t *identity, unsigned int key_lifetime, unsigned flags, int is_client) |
| void | tor_tls_context_impl_free_ (tor_tls_context_impl_t *ctx) |
| void | tor_tls_get_state_description (tor_tls_t *tls, char *buf, size_t sz) |
| void | tor_tls_init (void) |
| void | tls_log_errors (tor_tls_t *tls, int severity, int domain, const char *doing) |
| const char * | tor_tls_get_last_error_msg (const tor_tls_t *tls) |
| tor_tls_t * | tor_tls_new (tor_socket_t sock, int is_server) |
| void | tor_tls_release_socket (tor_tls_t *tls) |
| void | tor_tls_impl_free_ (tor_tls_impl_t *tls) |
| int | tor_tls_peer_has_cert (tor_tls_t *tls) |
| tor_x509_cert_t * | tor_tls_get_peer_cert (tor_tls_t *tls) |
| tor_x509_cert_t * | tor_tls_get_own_cert (tor_tls_t *tls) |
| int | tor_tls_read (tor_tls_t *tls, char *cp, size_t len) |
| int | tor_tls_write (tor_tls_t *tls, const char *cp, size_t n) |
| int | tor_tls_handshake (tor_tls_t *tls) |
| int | tor_tls_get_pending_bytes (tor_tls_t *tls) |
| size_t | tor_tls_get_forced_write_size (tor_tls_t *tls) |
| void | tor_tls_get_n_raw_bytes (tor_tls_t *tls, size_t *n_read, size_t *n_written) |
| int | tor_tls_get_buffer_sizes (tor_tls_t *tls, size_t *rbuf_capacity, size_t *rbuf_bytes, size_t *wbuf_capacity, size_t *wbuf_bytes) |
| double | tls_get_write_overhead_ratio (void) |
| int | tor_tls_cert_matches_key (const tor_tls_t *tls, const struct tor_x509_cert_t *cert) |
| int | tor_tls_export_key_material (tor_tls_t *tls, uint8_t *secrets_out, const uint8_t *context, size_t context_len, const char *label) |
| int | evaluate_ecgroup_for_tls (const char *ecgroup) |
Wrapper functions to present a consistent interface to TLS and SSL X.509 functions from NSS.
Definition in file tortls_nss.c.
| #define SEC_OID_TOR_DEFAULT_ECDHE_GROUP SEC_OID_ANSIX962_EC_PRIME256V1 |
The group we should use for ecdhe when none was selected.
Definition at line 748 of file tortls_nss.c.
| #define TOR_X509_PRIVATE |
Definition at line 15 of file tortls_nss.c.
| #define TORTLS_PRIVATE |
Definition at line 14 of file tortls_nss.c.
|
static |
Definition at line 771 of file tortls_nss.c.
|
static |
Return true iff this ciphersuite will be hit by a mozilla bug 1312976, which makes TLS key exporters not work with TLS 1.2 non-SHA256 ciphersuites.
Definition at line 138 of file tortls_nss.c.
| int evaluate_ecgroup_for_tls | ( | const char * | ecgroup | ) |
Definition at line 751 of file tortls_nss.c.
| double tls_get_write_overhead_ratio | ( | void | ) |
Definition at line 651 of file tortls_nss.c.
| void tls_log_errors | ( | tor_tls_t * | tls, |
| int | severity, | ||
| int | domain, | ||
| const char * | doing | ||
| ) |
Definition at line 339 of file tortls_nss.c.
| int tor_tls_cert_matches_key | ( | const tor_tls_t * | tls, |
| const struct tor_x509_cert_t * | cert | ||
| ) |
Definition at line 660 of file tortls_nss.c.
| void tor_tls_context_impl_free_ | ( | tor_tls_context_impl_t * | ctx | ) |
Definition at line 315 of file tortls_nss.c.
| tor_tls_context_t * tor_tls_context_new | ( | crypto_pk_t * | identity, |
| unsigned int | key_lifetime, | ||
| unsigned | flags, | ||
| int | is_client | ||
| ) |
Definition at line 159 of file tortls_nss.c.
| int tor_tls_export_key_material | ( | tor_tls_t * | tls, |
| uint8_t * | secrets_out, | ||
| const uint8_t * | context, | ||
| size_t | context_len, | ||
| const char * | label | ||
| ) |
Definition at line 721 of file tortls_nss.c.
| int tor_tls_get_buffer_sizes | ( | tor_tls_t * | tls, |
| size_t * | rbuf_capacity, | ||
| size_t * | rbuf_bytes, | ||
| size_t * | wbuf_capacity, | ||
| size_t * | wbuf_bytes | ||
| ) |
Definition at line 636 of file tortls_nss.c.
| size_t tor_tls_get_forced_write_size | ( | tor_tls_t * | tls | ) |
Definition at line 608 of file tortls_nss.c.
| const char * tor_tls_get_last_error_msg | ( | const tor_tls_t * | tls | ) |
Definition at line 374 of file tortls_nss.c.
| void tor_tls_get_n_raw_bytes | ( | tor_tls_t * | tls, |
| size_t * | n_read, | ||
| size_t * | n_written | ||
| ) |
Definition at line 616 of file tortls_nss.c.
| tor_x509_cert_t * tor_tls_get_own_cert | ( | tor_tls_t * | tls | ) |
Definition at line 516 of file tortls_nss.c.
| tor_x509_cert_t * tor_tls_get_peer_cert | ( | tor_tls_t * | tls | ) |
Definition at line 506 of file tortls_nss.c.
| int tor_tls_get_pending_bytes | ( | tor_tls_t * | tls | ) |
Definition at line 596 of file tortls_nss.c.
| void tor_tls_get_state_description | ( | tor_tls_t * | tls, |
| char * | buf, | ||
| size_t | sz | ||
| ) |
Definition at line 323 of file tortls_nss.c.
| int tor_tls_handshake | ( | tor_tls_t * | tls | ) |
Definition at line 578 of file tortls_nss.c.
| void tor_tls_impl_free_ | ( | tor_tls_impl_t * | tls | ) |
Definition at line 486 of file tortls_nss.c.
| void tor_tls_init | ( | void | ) |
Definition at line 333 of file tortls_nss.c.
| tor_tls_t * tor_tls_new | ( | tor_socket_t | sock, |
| int | is_server | ||
| ) |
Definition at line 386 of file tortls_nss.c.
| int tor_tls_peer_has_cert | ( | tor_tls_t * | tls | ) |
Definition at line 497 of file tortls_nss.c.
| int tor_tls_read | ( | tor_tls_t * | tls, |
| char * | cp, | ||
| size_t | len | ||
| ) |
Definition at line 527 of file tortls_nss.c.
| void tor_tls_release_socket | ( | tor_tls_t * | tls | ) |
Tell the TLS library that the underlying socket for tls has been closed, and the library should not attempt to free that socket itself.
Definition at line 449 of file tortls_nss.c.
| int tor_tls_write | ( | tor_tls_t * | tls, |
| const char * | cp, | ||
| size_t | n | ||
| ) |
Definition at line 550 of file tortls_nss.c.
|
static |
Definition at line 111 of file tortls_nss.c.
|
static |
Definition at line 94 of file tortls_nss.c.
|
static |
Definition at line 50 of file tortls_nss.c.
|
static |
Definition at line 70 of file tortls_nss.c.
1.9.4