sig
module type TLS_EXCEPTIONS =
sig
exception EAGAIN_RD
exception EAGAIN_WR
exception TLS_switch_request
exception TLS_switch_response of bool
exception TLS_error of string
exception TLS_warning of string
end
module type TLS_PROVIDER =
sig
type config
type credentials
type endpoint
module Exc : TLS_EXCEPTIONS
val error_message : string -> string
type dh_params =
[ `Generate of int
| `PKCS3_DER of string
| `PKCS3_PEM_file of string ]
val create_config :
?algorithms:string ->
?dh_params:Netsys_crypto_types.TLS_PROVIDER.dh_params ->
?verify:(Netsys_crypto_types.TLS_PROVIDER.endpoint ->
bool -> bool -> bool) ->
peer_auth:[ `None | `Optional | `Required ] ->
credentials:Netsys_crypto_types.TLS_PROVIDER.credentials ->
unit -> Netsys_crypto_types.TLS_PROVIDER.config
type crt_list = [ `DER of string list | `PEM_file of string ]
type crl_list = [ `DER of string list | `PEM_file of string ]
type private_key =
[ `DSA of string
| `EC of string
| `PEM_file of string
| `PKCS8 of string
| `PKCS8_encrypted of string
| `RSA of string ]
val create_x509_credentials :
?system_trust:bool ->
?trust:Netsys_crypto_types.TLS_PROVIDER.crt_list list ->
?revoke:Netsys_crypto_types.TLS_PROVIDER.crl_list list ->
?keys:(Netsys_crypto_types.TLS_PROVIDER.crt_list *
Netsys_crypto_types.TLS_PROVIDER.private_key * string option)
list ->
unit -> Netsys_crypto_types.TLS_PROVIDER.credentials
val create_endpoint :
role:[ `Client | `Server ] ->
recv:(Netsys_types.memory -> int) ->
send:(Netsys_types.memory -> int -> int) ->
peer_name:string option ->
Netsys_crypto_types.TLS_PROVIDER.config ->
Netsys_crypto_types.TLS_PROVIDER.endpoint
val stash_endpoint : Netsys_crypto_types.TLS_PROVIDER.endpoint -> exn
val restore_endpoint :
recv:(Netsys_types.memory -> int) ->
send:(Netsys_types.memory -> int -> int) ->
exn -> Netsys_crypto_types.TLS_PROVIDER.endpoint
val resume_client :
recv:(Netsys_types.memory -> int) ->
send:(Netsys_types.memory -> int -> int) ->
peer_name:string option ->
Netsys_crypto_types.TLS_PROVIDER.config ->
string -> Netsys_crypto_types.TLS_PROVIDER.endpoint
type state =
[ `Accepting
| `Data_r
| `Data_rs
| `Data_rw
| `Data_w
| `End
| `Handshake
| `Refusing
| `Start
| `Switching ]
val get_state :
Netsys_crypto_types.TLS_PROVIDER.endpoint ->
Netsys_crypto_types.TLS_PROVIDER.state
type raw_credentials = [ `Anonymous | `X509 of string ]
val at_transport_eof :
Netsys_crypto_types.TLS_PROVIDER.endpoint -> bool
val hello : Netsys_crypto_types.TLS_PROVIDER.endpoint -> unit
val bye :
Netsys_crypto_types.TLS_PROVIDER.endpoint ->
Unix.shutdown_command -> unit
val verify : Netsys_crypto_types.TLS_PROVIDER.endpoint -> unit
val get_config :
Netsys_crypto_types.TLS_PROVIDER.endpoint ->
Netsys_crypto_types.TLS_PROVIDER.config
val get_endpoint_creds :
Netsys_crypto_types.TLS_PROVIDER.endpoint ->
Netsys_crypto_types.TLS_PROVIDER.raw_credentials
val get_peer_creds :
Netsys_crypto_types.TLS_PROVIDER.endpoint ->
Netsys_crypto_types.TLS_PROVIDER.raw_credentials
val get_peer_creds_list :
Netsys_crypto_types.TLS_PROVIDER.endpoint ->
Netsys_crypto_types.TLS_PROVIDER.raw_credentials list
val switch :
Netsys_crypto_types.TLS_PROVIDER.endpoint ->
Netsys_crypto_types.TLS_PROVIDER.config -> unit
val accept_switch :
Netsys_crypto_types.TLS_PROVIDER.endpoint ->
Netsys_crypto_types.TLS_PROVIDER.config -> unit
val refuse_switch : Netsys_crypto_types.TLS_PROVIDER.endpoint -> unit
val send :
Netsys_crypto_types.TLS_PROVIDER.endpoint ->
Netsys_types.memory -> int -> int
val recv :
Netsys_crypto_types.TLS_PROVIDER.endpoint ->
Netsys_types.memory -> int
val recv_will_not_block :
Netsys_crypto_types.TLS_PROVIDER.endpoint -> bool
val get_session_id :
Netsys_crypto_types.TLS_PROVIDER.endpoint -> string
val get_session_data :
Netsys_crypto_types.TLS_PROVIDER.endpoint -> string
val get_cipher_suite_type :
Netsys_crypto_types.TLS_PROVIDER.endpoint -> string
val get_cipher_algo :
Netsys_crypto_types.TLS_PROVIDER.endpoint -> string
val get_kx_algo : Netsys_crypto_types.TLS_PROVIDER.endpoint -> string
val get_mac_algo : Netsys_crypto_types.TLS_PROVIDER.endpoint -> string
val get_compression_algo :
Netsys_crypto_types.TLS_PROVIDER.endpoint -> string
val get_cert_type : Netsys_crypto_types.TLS_PROVIDER.endpoint -> string
val get_protocol : Netsys_crypto_types.TLS_PROVIDER.endpoint -> string
type server_name = [ `Domain of string ]
val get_addressed_servers :
Netsys_crypto_types.TLS_PROVIDER.endpoint ->
Netsys_crypto_types.TLS_PROVIDER.server_name list
val set_session_cache :
store:(string -> string -> unit) ->
remove:(string -> unit) ->
retrieve:(string -> string) ->
Netsys_crypto_types.TLS_PROVIDER.endpoint -> unit
val implementation_name : string
val implementation : unit -> exn
end
module type TLS_CONFIG =
sig module TLS : TLS_PROVIDER val config : TLS.config end
module type TLS_ENDPOINT =
sig module TLS : TLS_PROVIDER val endpoint : TLS.endpoint end
module type FILE_TLS_ENDPOINT =
sig
module TLS : TLS_PROVIDER
val endpoint : TLS.endpoint
val rd_file : Unix.file_descr
val wr_file : Unix.file_descr
end
module type SYMMETRIC_CRYPTO =
sig
type scipher
val ciphers : Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher list
val find :
string * string -> Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher
val name : Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher -> string
val mode : Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher -> string
val key_lengths :
Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher -> (int * int) list
val iv_lengths :
Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher -> (int * int) list
val block_constraint :
Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher -> int
val supports_aead :
Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher -> bool
type scipher_ctx
val create :
Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher ->
string -> Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher_ctx
val set_iv :
Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher_ctx -> string -> unit
val set_header :
Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher_ctx -> string -> unit
val encrypt :
Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher_ctx ->
Netsys_types.memory -> Netsys_types.memory -> unit
val decrypt :
Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher_ctx ->
Netsys_types.memory -> Netsys_types.memory -> bool
val mac : Netsys_crypto_types.SYMMETRIC_CRYPTO.scipher_ctx -> string
end
module type DIGESTS =
sig
type digest
val digests : Netsys_crypto_types.DIGESTS.digest list
val find : string -> Netsys_crypto_types.DIGESTS.digest
val name : Netsys_crypto_types.DIGESTS.digest -> string
val size : Netsys_crypto_types.DIGESTS.digest -> int
val block_length : Netsys_crypto_types.DIGESTS.digest -> int
type digest_ctx
val create :
Netsys_crypto_types.DIGESTS.digest ->
Netsys_crypto_types.DIGESTS.digest_ctx
val add :
Netsys_crypto_types.DIGESTS.digest_ctx -> Netsys_types.memory -> unit
val finish : Netsys_crypto_types.DIGESTS.digest_ctx -> string
end
type tls_provider = (module Netsys_crypto_types.TLS_PROVIDER)
type tls_config = (module Netsys_crypto_types.TLS_CONFIG)
type tls_endpoint = (module Netsys_crypto_types.TLS_ENDPOINT)
type file_tls_endpoint = (module Netsys_crypto_types.FILE_TLS_ENDPOINT)
type symmetric_crypto = (module Netsys_crypto_types.SYMMETRIC_CRYPTO)
type digests = (module Netsys_crypto_types.DIGESTS)
end