package tls

  1. Overview
  2. Docs

Ciphersuite definitions and some helper functions.

type key_exchange_algorithm_dhe = [
  1. | `FFDHE
  2. | `ECDHE
]

sum type of all possible key exchange methods

val sexp_of_key_exchange_algorithm_dhe : key_exchange_algorithm_dhe -> Ppx_sexp_conv_lib.Sexp.t
type key_exchange_algorithm = [
  1. | key_exchange_algorithm_dhe
  2. | `RSA
]
val sexp_of_key_exchange_algorithm : key_exchange_algorithm -> Ppx_sexp_conv_lib.Sexp.t
val required_usage : [< `ECDHE | `FFDHE | `RSA ] -> [> `Digital_signature | `Key_encipherment ]

required_usage kex is usage which a certificate must have if it is used in the given kex method

type block_cipher =
  1. | TRIPLE_DES_EDE_CBC
  2. | AES_128_CBC
  3. | AES_256_CBC
val sexp_of_block_cipher : block_cipher -> Ppx_sexp_conv_lib.Sexp.t
type aead_cipher =
  1. | AES_128_CCM
  2. | AES_256_CCM
  3. | AES_128_GCM
  4. | AES_256_GCM
  5. | CHACHA20_POLY1305
val sexp_of_aead_cipher : aead_cipher -> Ppx_sexp_conv_lib.Sexp.t
module H : sig ... end
type payload_protection13 = [
  1. | `AEAD of aead_cipher
]
val sexp_of_payload_protection13 : payload_protection13 -> Ppx_sexp_conv_lib.Sexp.t
type payload_protection = [
  1. | payload_protection13
  2. | `Block of block_cipher * H.t
]
val sexp_of_payload_protection : payload_protection -> Ppx_sexp_conv_lib.Sexp.t
val kn_13 : aead_cipher -> int * int
val key_length : unit option -> [< `AEAD of aead_cipher | `Block of block_cipher * [< Mirage_crypto.Hash.hash ] ] -> int * int * int

key_length iv payload_protection is (key size, IV size, mac size) where key IV, and mac sizes are the required bytes for the given payload_protection

type ciphersuite13 = [
  1. | `AES_128_GCM_SHA256
  2. | `AES_256_GCM_SHA384
  3. | `CHACHA20_POLY1305_SHA256
  4. | `AES_128_CCM_SHA256
]
val sexp_of_ciphersuite13 : ciphersuite13 -> Ppx_sexp_conv_lib.Sexp.t
val privprot13 : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 ] -> aead_cipher
val hash13 : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 ] -> [> `SHA256 | `SHA384 ]
val any_ciphersuite_to_ciphersuite13 : Packet.any_ciphersuite -> [> `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 ] option
type ciphersuite = [
  1. | ciphersuite13
  2. | `DHE_RSA_WITH_AES_128_GCM_SHA256
  3. | `DHE_RSA_WITH_AES_256_GCM_SHA384
  4. | `DHE_RSA_WITH_AES_256_CCM
  5. | `DHE_RSA_WITH_AES_128_CCM
  6. | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  7. | `DHE_RSA_WITH_AES_256_CBC_SHA256
  8. | `DHE_RSA_WITH_AES_128_CBC_SHA256
  9. | `DHE_RSA_WITH_AES_256_CBC_SHA
  10. | `DHE_RSA_WITH_AES_128_CBC_SHA
  11. | `DHE_RSA_WITH_3DES_EDE_CBC_SHA
  12. | `ECDHE_RSA_WITH_AES_128_GCM_SHA256
  13. | `ECDHE_RSA_WITH_AES_256_GCM_SHA384
  14. | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  15. | `ECDHE_RSA_WITH_AES_256_CBC_SHA384
  16. | `ECDHE_RSA_WITH_AES_128_CBC_SHA256
  17. | `ECDHE_RSA_WITH_AES_256_CBC_SHA
  18. | `ECDHE_RSA_WITH_AES_128_CBC_SHA
  19. | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  20. | `RSA_WITH_AES_256_CBC_SHA256
  21. | `RSA_WITH_AES_128_CBC_SHA256
  22. | `RSA_WITH_AES_256_CBC_SHA
  23. | `RSA_WITH_AES_128_CBC_SHA
  24. | `RSA_WITH_3DES_EDE_CBC_SHA
  25. | `RSA_WITH_AES_128_GCM_SHA256
  26. | `RSA_WITH_AES_256_GCM_SHA384
  27. | `RSA_WITH_AES_256_CCM
  28. | `RSA_WITH_AES_128_CCM
  29. | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
  30. | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  31. | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  32. | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  33. | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  34. | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  35. | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  36. | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
]
val sexp_of_ciphersuite : ciphersuite -> Ppx_sexp_conv_lib.Sexp.t
val ciphersuite_to_ciphersuite13 : ciphersuite -> ciphersuite13 option
val any_ciphersuite_to_ciphersuite : Packet.any_ciphersuite -> [> `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 ] option
val ciphersuite_to_any_ciphersuite : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 ] -> Packet.any_ciphersuite
val ciphersuite_to_string : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 ] -> string
val get_keytype_kex_privprot : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 ] -> [> `EC | `RSA ] * [> `ECDHE | `FFDHE | `RSA ] * [> `AEAD of aead_cipher | `Block of block_cipher * [> `SHA1 | `SHA256 | `SHA384 ] ]

get_kex_privprot ciphersuite is (kex, privacy_protection) where it dissects the ciphersuite into a pair containing the key exchange method kex, and its privacy_protection

val ciphersuite_kex : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 ] -> [> `ECDHE | `FFDHE | `RSA ]

ciphersuite_kex ciphersuite is kex, first projection of get_kex_privprot

val ciphersuite_privprot : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 ] -> [> `AEAD of aead_cipher | `Block of block_cipher * [> `SHA1 | `SHA256 | `SHA384 ] ]

ciphersuite_privprot ciphersuite is privprot, second projection of get_kex_privprot

val ciphersuite_keytype : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 ] -> [> `EC | `RSA ]
val ciphersuite_fs : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 ] -> bool
val ecdhe_only : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 AES_128_CCM_SHA256 AES_128_GCM_SHA256 AES_256_GCM_SHA384 CHACHA20_POLY1305_SHA256 ] -> bool
val dhe_only : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 AES_128_CCM_SHA256 AES_128_GCM_SHA256 AES_256_GCM_SHA384 CHACHA20_POLY1305_SHA256 ] -> bool
val ecdhe : [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 AES_128_CCM_SHA256 AES_128_GCM_SHA256 AES_256_GCM_SHA384 CHACHA20_POLY1305_SHA256 ] -> bool
val ciphersuite_tls12_only : [> `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 ] -> bool
val ciphersuite_tls13 : [> ciphersuite13 ] -> bool
OCaml

Innovation. Community. Security.