#include "base64.h"#include "buffer.h"#include "crypto.h"#include "session_id.h"#include "ssl_common.h"
Include dependency graph for tls_crypt.h:
This graph shows which files directly or indirectly include this file:
Go to the source code of this file.
Macros | |
| #define | TLS_CRYPT_TAG_SIZE (256/8) |
| #define | TLS_CRYPT_PID_SIZE (sizeof(packet_id_type) + sizeof(net_time_t)) |
| #define | TLS_CRYPT_BLOCK_SIZE (128/8) |
| #define | TLS_CRYPT_OFF_PID (1 + SID_SIZE) |
| #define | TLS_CRYPT_OFF_TAG (TLS_CRYPT_OFF_PID + TLS_CRYPT_PID_SIZE) |
| #define | TLS_CRYPT_OFF_CT (TLS_CRYPT_OFF_TAG + TLS_CRYPT_TAG_SIZE) |
| #define | TLS_CRYPT_V2_MAX_WKC_LEN (1024) |
| #define | TLS_CRYPT_V2_CLIENT_KEY_LEN (2048 / 8) |
| #define | TLS_CRYPT_V2_SERVER_KEY_LEN (sizeof(struct key)) |
| #define | TLS_CRYPT_V2_TAG_SIZE (TLS_CRYPT_TAG_SIZE) |
| #define | TLS_CRYPT_V2_MAX_METADATA_LEN |
Functions | |
| void | tls_crypt_init_key (struct key_ctx_bi *key, struct key2 *keydata, const char *key_file, bool key_inline, bool tls_server) |
| Initialize a key_ctx_bi structure for use with –tls-crypt. More... | |
| bool | tls_session_generate_dynamic_tls_crypt_key (struct tls_multi *multi, struct tls_session *session) |
| Generates a TLS-Crypt key to be used with dynamic tls-crypt using the TLS EKM exporter function. More... | |
| int | tls_crypt_buf_overhead (void) |
| Returns the maximum overhead (in bytes) added to the destination buffer by tls_crypt_wrap(). More... | |
| bool | tls_crypt_wrap (const struct buffer *src, struct buffer *dst, struct crypto_options *opt) |
| Wrap a control channel packet (both authenticates and encrypts the data). More... | |
| bool | tls_crypt_unwrap (const struct buffer *src, struct buffer *dst, struct crypto_options *opt) |
| Unwrap a control channel packet (decrypts, authenticates and performs replay checks). More... | |
| void | tls_crypt_v2_init_server_key (struct key_ctx *key_ctx, bool encrypt, const char *key_file, bool key_inline) |
| Initialize a tls-crypt-v2 server key (used to encrypt/decrypt client keys). More... | |
| void | tls_crypt_v2_init_client_key (struct key_ctx_bi *key, struct key2 *original_key, struct buffer *wrapped_key_buf, const char *key_file, bool key_inline) |
| Initialize a tls-crypt-v2 client key. More... | |
| bool | tls_crypt_v2_extract_client_key (struct buffer *buf, struct tls_wrap_ctx *ctx, const struct tls_options *opt) |
| Extract a tls-crypt-v2 client key from a P_CONTROL_HARD_RESET_CLIENT_V3 message, and load the key into the supplied tls wrap context. More... | |
| void | tls_crypt_v2_write_server_key_file (const char *filename) |
| Generate a tls-crypt-v2 server key, and write to file. More... | |
| void | tls_crypt_v2_write_client_key_file (const char *filename, const char *b64_metadata, const char *key_file, bool key_inline) |
| Generate a tls-crypt-v2 client key, and write to file. More... | |
