Plasma GitLab Archive
Projects Blog Knowledge 

(* $Id: netsys_crypto_types.ml 2208 2015-01-12 23:40:51Z gerd $ *)

module type TLS_EXCEPTIONS =
  sig
    exception EAGAIN_RD
    exception EAGAIN_WR
    exception TLS_switch_request
    exception TLS_switch_response of bool
    exception TLS_error of string
    exception TLS_warning of string
  end

module type TLS_PROVIDER =
  sig
    type config
    type credentials
    type endpoint

    module Exc : TLS_EXCEPTIONS

    val error_message : string -> string

    type dh_params =
        [ `PKCS3_PEM_file of string
        | `PKCS3_DER of string
        | `Generate of int
        ]

    val create_config :
          ?algorithms : string ->
          ?dh_params : dh_params ->
          ?verify : (endpoint -> bool -> bool -> bool) ->
          peer_auth : [ `None | `Optional | `Required ] ->
          credentials : credentials ->
          unit ->
            config

    type crt_list =
        [`PEM_file of string | `DER of string list]
    type crl_list =
        [`PEM_file of string | `DER of string list]
    type private_key =
        [ `PEM_file of string 
        | `RSA of string 
        | `DSA of string
        | `EC of string
        | `PKCS8 of string
        | `PKCS8_encrypted of string
        ]
    val create_x509_credentials :
          ?system_trust:bool ->
          ?trust : crt_list list ->
          ?revoke : crl_list list ->
          ?keys : (crt_list * private_key * string option) list ->
          unit ->
            credentials

    val create_endpoint :
          role : [ `Server | `Client ] ->
          recv : (Netsys_types.memory -> int) ->
          send : (Netsys_types.memory -> int -> int) ->
          peer_name : string option ->
          config ->
            endpoint
    val stash_endpoint : endpoint -> exn
    val restore_endpoint : 
          recv : (Netsys_types.memory -> int) ->
          send : (Netsys_types.memory -> int -> int) ->
          exn ->
            endpoint
    val resume_client :
          recv : (Netsys_types.memory -> int) ->
          send : (Netsys_types.memory -> int -> int) ->
          peer_name : string option ->
          config ->
          string ->
            endpoint

    type state =
        [ `Start | `Handshake | `Data_rw | `Data_r | `Data_w | `Data_rs
        | `Switching | `Accepting | `Refusing | `End
        ]

    val get_state : endpoint -> state

    type raw_credentials =
      [ `X509 of string
      | `Anonymous
      ]

    val at_transport_eof : endpoint -> bool
    val hello : endpoint -> unit
    val bye : endpoint -> Unix.shutdown_command -> unit
    val verify : endpoint -> unit
    val get_config : endpoint -> config
    val get_endpoint_creds : endpoint -> raw_credentials
    val get_peer_creds : endpoint -> raw_credentials
    val get_peer_creds_list : endpoint -> raw_credentials list
    val switch : endpoint -> config -> unit
    val accept_switch : endpoint -> config -> unit
    val refuse_switch : endpoint -> unit
    val send : endpoint -> Netsys_types.memory -> int -> int
    val recv : endpoint -> Netsys_types.memory -> int
    val recv_will_not_block : endpoint -> bool
    val get_session_id : endpoint -> string
    val get_session_data : endpoint -> string
    val get_cipher_suite_type : endpoint -> string
    val get_cipher_algo : endpoint -> string
    val get_kx_algo : endpoint -> string
    val get_mac_algo : endpoint -> string
    val get_compression_algo : endpoint -> string
    val get_cert_type : endpoint -> string
    val get_protocol : endpoint -> string

    type server_name = [ `Domain of string ]

    val get_addressed_servers : endpoint -> server_name list
    val set_session_cache : store:(string -> string -> unit) ->
                            remove:(string -> unit) ->
                            retrieve:(string -> string) ->
                            endpoint ->
                            unit
    val implementation_name : string
    val implementation : unit -> exn
  end


module type TLS_CONFIG =
  sig
    module TLS : TLS_PROVIDER
    val config : TLS.config
  end


module type TLS_ENDPOINT =
  sig
    module TLS : TLS_PROVIDER
    val endpoint : TLS.endpoint
  end


module type FILE_TLS_ENDPOINT =
  sig
    module TLS : TLS_PROVIDER
    val endpoint : TLS.endpoint
    val rd_file : Unix.file_descr
    val wr_file : Unix.file_descr
  end

module type SYMMETRIC_CRYPTO = sig
  type scipher
  val ciphers : scipher list
  val find : (string * string) -> scipher
  val name : scipher -> string
  val mode : scipher -> string
  val key_lengths : scipher -> (int * int) list
  val iv_lengths : scipher -> (int * int) list
  val block_constraint : scipher -> int
  val supports_aead : scipher -> bool
  type scipher_ctx
  val create : scipher -> string -> scipher_ctx
  val set_iv : scipher_ctx -> string -> unit
  val set_header : scipher_ctx -> string -> unit
  val encrypt : scipher_ctx -> 
                Netsys_types.memory ->
                Netsys_types.memory ->
                  unit
  val decrypt : scipher_ctx -> 
                Netsys_types.memory ->
                Netsys_types.memory ->
                  bool
  val mac : scipher_ctx -> string
end


module type DIGESTS = sig
    type digest
    val digests : digest list
    val find : string -> digest
    val name : digest -> string
    val size : digest -> int
    val block_length : digest -> int
    type digest_ctx
    val create : digest -> digest_ctx
    val add : digest_ctx -> Netsys_types.memory -> unit
    val finish : digest_ctx -> string
end

type tls_provider = (module TLS_PROVIDER)
type tls_config = (module TLS_CONFIG)
type tls_endpoint = (module TLS_ENDPOINT)
type file_tls_endpoint = (module FILE_TLS_ENDPOINT)
type symmetric_crypto = (module SYMMETRIC_CRYPTO)
type digests = (module DIGESTS)
This web site is published by Informatikbüro Gerd Stolpmann
Powered by Caml