package tls

  1. Overview
  2. Docs

Magic numbers of the TLS protocol.

val get_uint24_len : Cstruct.t -> int
val set_uint24_len : Cstruct.t -> int -> unit
type content_type =
  1. | CHANGE_CIPHER_SPEC
  2. | ALERT
  3. | HANDSHAKE
  4. | APPLICATION_DATA
  5. | HEARTBEAT
val int_to_content_type : int -> content_type option
val content_type_to_int : content_type -> int
val compare_content_type : content_type -> content_type -> int
val content_type_to_string : content_type -> string
val string_to_content_type : string -> content_type option
val sexp_of_content_type : content_type -> Sexplib.Sexp.t
val content_type_of_sexp : Sexplib.Sexp.t -> content_type
type alert_level =
  1. | WARNING
  2. | FATAL
val int_to_alert_level : int -> alert_level option
val alert_level_to_int : alert_level -> int
val compare_alert_level : alert_level -> alert_level -> int
val alert_level_to_string : alert_level -> string
val string_to_alert_level : string -> alert_level option
val sexp_of_alert_level : alert_level -> Sexplib.Sexp.t
val alert_level_of_sexp : Sexplib.Sexp.t -> alert_level
type alert_type =
  1. | CLOSE_NOTIFY
  2. | UNEXPECTED_MESSAGE
  3. | BAD_RECORD_MAC
  4. | DECRYPTION_FAILED
  5. | RECORD_OVERFLOW
  6. | DECOMPRESSION_FAILURE
  7. | HANDSHAKE_FAILURE
  8. | NO_CERTIFICATE_RESERVED
  9. | BAD_CERTIFICATE
  10. | UNSUPPORTED_CERTIFICATE
  11. | CERTIFICATE_REVOKED
  12. | CERTIFICATE_EXPIRED
  13. | CERTIFICATE_UNKNOWN
  14. | ILLEGAL_PARAMETER
  15. | UNKNOWN_CA
  16. | ACCESS_DENIED
  17. | DECODE_ERROR
  18. | DECRYPT_ERROR
  19. | EXPORT_RESTRICTION_RESERVED
  20. | PROTOCOL_VERSION
  21. | INSUFFICIENT_SECURITY
  22. | INTERNAL_ERROR
  23. | INAPPROPRIATE_FALLBACK
  24. | USER_CANCELED
  25. | NO_RENEGOTIATION
  26. | MISSING_EXTENSION
  27. | UNSUPPORTED_EXTENSION
  28. | CERTIFICATE_UNOBTAINABLE
  29. | UNRECOGNIZED_NAME
  30. | BAD_CERTIFICATE_STATUS_RESPONSE
  31. | BAD_CERTIFICATE_HASH_VALUE
  32. | UNKNOWN_PSK_IDENTITY
  33. | CERTIFICATE_REQUIRED
  34. | NO_APPLICATION_PROTOCOL
val int_to_alert_type : int -> alert_type option
val alert_type_to_int : alert_type -> int
val compare_alert_type : alert_type -> alert_type -> int
val alert_type_to_string : alert_type -> string
val string_to_alert_type : string -> alert_type option
val sexp_of_alert_type : alert_type -> Sexplib.Sexp.t
val alert_type_of_sexp : Sexplib.Sexp.t -> alert_type
type handshake_type =
  1. | HELLO_REQUEST
  2. | CLIENT_HELLO
  3. | SERVER_HELLO
  4. | HELLO_VERIFY_REQUEST
  5. | SESSION_TICKET
  6. | END_OF_EARLY_DATA
  7. | ENCRYPTED_EXTENSIONS
  8. | CERTIFICATE
  9. | SERVER_KEY_EXCHANGE
  10. | CERTIFICATE_REQUEST
  11. | SERVER_HELLO_DONE
  12. | CERTIFICATE_VERIFY
  13. | CLIENT_KEY_EXCHANGE
  14. | FINISHED
  15. | CERTIFICATE_URL
  16. | CERTIFICATE_STATUS
  17. | SUPPLEMENTAL_DATA
  18. | KEY_UPDATE
  19. | MESSAGE_HASH
val int_to_handshake_type : int -> handshake_type option
val handshake_type_to_int : handshake_type -> int
val compare_handshake_type : handshake_type -> handshake_type -> int
val handshake_type_to_string : handshake_type -> string
val string_to_handshake_type : string -> handshake_type option
val sexp_of_handshake_type : handshake_type -> Sexplib.Sexp.t
val handshake_type_of_sexp : Sexplib.Sexp.t -> handshake_type
type client_certificate_type =
  1. | RSA_SIGN
  2. | DSS_SIGN
  3. | RSA_FIXED_DH
  4. | DSS_FIXED_DH
  5. | RSA_EPHEMERAL_DH_RESERVED
  6. | DSS_EPHEMERAL_DH_RESERVED
  7. | FORTEZZA_DMS_RESERVED
  8. | ECDSA_SIGN
  9. | RSA_FIXED_ECDH
  10. | ECDSA_FIXED_ECDH
val int_to_client_certificate_type : int -> client_certificate_type option
val client_certificate_type_to_int : client_certificate_type -> int
val compare_client_certificate_type : client_certificate_type -> client_certificate_type -> int
val client_certificate_type_to_string : client_certificate_type -> string
val string_to_client_certificate_type : string -> client_certificate_type option
val sexp_of_client_certificate_type : client_certificate_type -> Sexplib.Sexp.t
val client_certificate_type_of_sexp : Sexplib.Sexp.t -> client_certificate_type
type compression_method =
  1. | NULL
  2. | DEFLATE
  3. | LZS
val int_to_compression_method : int -> compression_method option
val compression_method_to_int : compression_method -> int
val compare_compression_method : compression_method -> compression_method -> int
val compression_method_to_string : compression_method -> string
val string_to_compression_method : string -> compression_method option
val sexp_of_compression_method : compression_method -> Sexplib.Sexp.t
val compression_method_of_sexp : Sexplib.Sexp.t -> compression_method
type extension_type =
  1. | SERVER_NAME
  2. | MAX_FRAGMENT_LENGTH
  3. | CLIENT_CERTIFICATE_URL
  4. | TRUSTED_CA_KEYS
  5. | TRUNCATED_HMAC
  6. | STATUS_REQUEST
  7. | USER_MAPPING
  8. | CLIENT_AUTHZ
  9. | SERVER_AUTHZ
  10. | CERT_TYPE
  11. | SUPPORTED_GROUPS
  12. | EC_POINT_FORMATS
  13. | SRP
  14. | SIGNATURE_ALGORITHMS
  15. | USE_SRTP
  16. | HEARTBEAT
  17. | APPLICATION_LAYER_PROTOCOL_NEGOTIATION
  18. | STATUS_REQUEST_V2
  19. | SIGNED_CERTIFICATE_TIMESTAMP
  20. | CLIENT_CERTIFICATE_TYPE
  21. | SERVER_CERTIFICATE_TYPE
  22. | PADDING
  23. | ENCRYPT_THEN_MAC
  24. | EXTENDED_MASTER_SECRET
  25. | TOKEN_BINDING
  26. | CACHED_INFO
  27. | TLS_LTS
  28. | COMPRESSED_CERTIFICATE
  29. | RECORD_SIZE_LIMIT
  30. | PWD_PROTECT
  31. | PWD_CLEAR
  32. | PASSWORD_SALT
  33. | SESSION_TICKET
  34. | PRE_SHARED_KEY
  35. | EARLY_DATA
  36. | SUPPORTED_VERSIONS
  37. | COOKIE
  38. | PSK_KEY_EXCHANGE_MODES
  39. | CERTIFICATE_AUTHORITIES
  40. | OID_FILTERS
  41. | POST_HANDSHAKE_AUTH
  42. | SIGNATURE_ALGORITHMS_CERT
  43. | KEY_SHARE
  44. | RENEGOTIATION_INFO
  45. | DRAFT_SUPPORT
val int_to_extension_type : int -> extension_type option
val extension_type_to_int : extension_type -> int
val compare_extension_type : extension_type -> extension_type -> int
val extension_type_to_string : extension_type -> string
val string_to_extension_type : string -> extension_type option
val sexp_of_extension_type : extension_type -> Sexplib.Sexp.t
val extension_type_of_sexp : Sexplib.Sexp.t -> extension_type
type max_fragment_length =
  1. | TWO_9
  2. | TWO_10
  3. | TWO_11
  4. | TWO_12
val int_to_max_fragment_length : int -> max_fragment_length option
val max_fragment_length_to_int : max_fragment_length -> int
val compare_max_fragment_length : max_fragment_length -> max_fragment_length -> int
val max_fragment_length_to_string : max_fragment_length -> string
val string_to_max_fragment_length : string -> max_fragment_length option
val sexp_of_max_fragment_length : max_fragment_length -> Sexplib.Sexp.t
val max_fragment_length_of_sexp : Sexplib.Sexp.t -> max_fragment_length
type psk_key_exchange_mode =
  1. | PSK_KE
  2. | PSK_KE_DHE
val int_to_psk_key_exchange_mode : int -> psk_key_exchange_mode option
val psk_key_exchange_mode_to_int : psk_key_exchange_mode -> int
val compare_psk_key_exchange_mode : psk_key_exchange_mode -> psk_key_exchange_mode -> int
val psk_key_exchange_mode_to_string : psk_key_exchange_mode -> string
val string_to_psk_key_exchange_mode : string -> psk_key_exchange_mode option
val sexp_of_psk_key_exchange_mode : psk_key_exchange_mode -> Sexplib.Sexp.t
val psk_key_exchange_mode_of_sexp : Sexplib.Sexp.t -> psk_key_exchange_mode
type signature_alg =
  1. | RSA_PKCS1_MD5
  2. | RSA_PKCS1_SHA1
  3. | RSA_PKCS1_SHA224
  4. | RSA_PKCS1_SHA256
  5. | RSA_PKCS1_SHA384
  6. | RSA_PKCS1_SHA512
  7. | ECDSA_SECP256R1_SHA1
  8. | ECDSA_SECP256R1_SHA256
  9. | ECDSA_SECP384R1_SHA384
  10. | ECDSA_SECP521R1_SHA512
  11. | RSA_PSS_RSAENC_SHA256
  12. | RSA_PSS_RSAENC_SHA384
  13. | RSA_PSS_RSAENC_SHA512
  14. | ED25519
  15. | ED448
  16. | RSA_PSS_PSS_SHA256
  17. | RSA_PSS_PSS_SHA384
  18. | RSA_PSS_PSS_SHA512
val int_to_signature_alg : int -> signature_alg option
val signature_alg_to_int : signature_alg -> int
val compare_signature_alg : signature_alg -> signature_alg -> int
val signature_alg_to_string : signature_alg -> string
val string_to_signature_alg : string -> signature_alg option
val sexp_of_signature_alg : signature_alg -> Sexplib.Sexp.t
val signature_alg_of_sexp : Sexplib.Sexp.t -> signature_alg
val to_signature_alg : [< `ECDSA_SECP256R1_SHA1 | `ECDSA_SECP256R1_SHA256 | `ECDSA_SECP384R1_SHA384 | `ECDSA_SECP521R1_SHA512 | `ED25519 | `RSA_PKCS1_MD5 | `RSA_PKCS1_SHA1 | `RSA_PKCS1_SHA224 | `RSA_PKCS1_SHA256 | `RSA_PKCS1_SHA384 | `RSA_PKCS1_SHA512 | `RSA_PSS_RSAENC_SHA256 | `RSA_PSS_RSAENC_SHA384 | `RSA_PSS_RSAENC_SHA512 ] -> signature_alg
val of_signature_alg : signature_alg -> [> `ECDSA_SECP256R1_SHA1 | `ECDSA_SECP256R1_SHA256 | `ECDSA_SECP384R1_SHA384 | `ECDSA_SECP521R1_SHA512 | `ED25519 | `RSA_PKCS1_MD5 | `RSA_PKCS1_SHA1 | `RSA_PKCS1_SHA224 | `RSA_PKCS1_SHA256 | `RSA_PKCS1_SHA384 | `RSA_PKCS1_SHA512 | `RSA_PSS_RSAENC_SHA256 | `RSA_PSS_RSAENC_SHA384 | `RSA_PSS_RSAENC_SHA512 ] option
type ec_curve_type =
  1. | NAMED_CURVE
val int_to_ec_curve_type : int -> ec_curve_type option
val ec_curve_type_to_int : ec_curve_type -> int
val compare_ec_curve_type : ec_curve_type -> ec_curve_type -> int
val ec_curve_type_to_string : ec_curve_type -> string
val string_to_ec_curve_type : string -> ec_curve_type option
val sexp_of_ec_curve_type : ec_curve_type -> Sexplib.Sexp.t
val ec_curve_type_of_sexp : Sexplib.Sexp.t -> ec_curve_type
type named_group =
  1. | SECP256R1
  2. | SECP384R1
  3. | SECP521R1
  4. | X25519
  5. | X448
  6. | FFDHE2048
  7. | FFDHE3072
  8. | FFDHE4096
  9. | FFDHE6144
  10. | FFDHE8192
val int_to_named_group : int -> named_group option
val named_group_to_int : named_group -> int
val compare_named_group : named_group -> named_group -> int
val named_group_to_string : named_group -> string
val string_to_named_group : string -> named_group option
val sexp_of_named_group : named_group -> Sexplib.Sexp.t
val named_group_of_sexp : Sexplib.Sexp.t -> named_group
type any_ciphersuite =
  1. | TLS_RSA_WITH_3DES_EDE_CBC_SHA
  2. | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  3. | TLS_RSA_WITH_AES_128_CBC_SHA
  4. | TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  5. | TLS_RSA_WITH_AES_256_CBC_SHA
  6. | TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  7. | TLS_RSA_WITH_AES_128_CBC_SHA256
  8. | TLS_RSA_WITH_AES_256_CBC_SHA256
  9. | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  10. | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  11. | TLS_RSA_WITH_AES_128_GCM_SHA256
  12. | TLS_RSA_WITH_AES_256_GCM_SHA384
  13. | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  14. | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  15. | TLS_EMPTY_RENEGOTIATION_INFO_SCSV
  16. | TLS_AES_128_GCM_SHA256
  17. | TLS_AES_256_GCM_SHA384
  18. | TLS_CHACHA20_POLY1305_SHA256
  19. | TLS_AES_128_CCM_SHA256
  20. | TLS_FALLBACK_SCSV
  21. | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
  22. | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  23. | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  24. | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  25. | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  26. | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  27. | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  28. | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  29. | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  30. | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  31. | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  32. | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  33. | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  34. | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  35. | TLS_RSA_WITH_AES_128_CCM
  36. | TLS_RSA_WITH_AES_256_CCM
  37. | TLS_DHE_RSA_WITH_AES_128_CCM
  38. | TLS_DHE_RSA_WITH_AES_256_CCM
  39. | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  40. | TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
  41. | TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
val int_to_any_ciphersuite : int -> any_ciphersuite option
val any_ciphersuite_to_int : any_ciphersuite -> int
val compare_any_ciphersuite : any_ciphersuite -> any_ciphersuite -> int
val any_ciphersuite_to_string : any_ciphersuite -> string
val string_to_any_ciphersuite : string -> any_ciphersuite option
val sexp_of_any_ciphersuite : any_ciphersuite -> Sexplib.Sexp.t
val any_ciphersuite_of_sexp : Sexplib.Sexp.t -> any_ciphersuite
type key_update_request_type =
  1. | UPDATE_NOT_REQUESTED
  2. | UPDATE_REQUESTED
val int_to_key_update_request_type : int -> key_update_request_type option
val key_update_request_type_to_int : key_update_request_type -> int
val compare_key_update_request_type : key_update_request_type -> key_update_request_type -> int
val key_update_request_type_to_string : key_update_request_type -> string
val string_to_key_update_request_type : string -> key_update_request_type option
val sexp_of_key_update_request_type : key_update_request_type -> Sexplib.Sexp.t
val key_update_request_type_of_sexp : Sexplib.Sexp.t -> key_update_request_type
val helloretryrequest : Mirage_crypto.Hash.digest
val downgrade12 : Cstruct.t
val downgrade11 : Cstruct.t