Module Tls.State

type hmac_key = string
type iv_mode =
  1. | Iv of string
  2. | Random_iv
type 'k cbc_cipher = (module Mirage_crypto.Block.CBC with type key = 'k)
type 'k cbc_state = {
  1. cipher : 'k cbc_cipher;
  2. cipher_secret : 'k;
  3. iv_mode : iv_mode;
  4. hmac : Digestif.hash';
  5. hmac_secret : hmac_key;
}
type nonce = string
type 'k aead_cipher = (module Mirage_crypto.AEAD with type key = 'k)
type 'k aead_state = {
  1. cipher : 'k aead_cipher;
  2. cipher_secret : 'k;
  3. nonce : nonce;
  4. explicit_nonce : bool;
}
type cipher_st =
  1. | CBC : 'k cbc_state -> cipher_st
  2. | AEAD : 'k aead_state -> cipher_st
type crypto_context = {
  1. sequence : int64;
  2. cipher_st : cipher_st;
}
type hs_log = string list
type dh_secret = [
  1. | `Finite_field of Mirage_crypto_pk.Dh.secret
  2. | `P256 of Mirage_crypto_ec.P256.Dh.secret
  3. | `P384 of Mirage_crypto_ec.P384.Dh.secret
  4. | `P521 of Mirage_crypto_ec.P521.Dh.secret
  5. | `X25519 of Mirage_crypto_ec.X25519.secret
]
type reneg_params = string * string
type common_session_data = {
  1. server_random : string;
  2. client_random : string;
  3. peer_certificate_chain : X509.Certificate.t list;
  4. peer_certificate : X509.Certificate.t option;
  5. trust_anchor : X509.Certificate.t option;
  6. received_certificates : X509.Certificate.t list;
  7. own_certificate : X509.Certificate.t list;
  8. own_private_key : X509.Private_key.t option;
  9. own_name : [ `host ] Domain_name.t option;
  10. client_auth : bool;
  11. master_secret : Core.master_secret;
  12. alpn_protocol : string option;
}
type session_data = {
  1. common_session_data : common_session_data;
  2. client_version : Core.tls_any_version;
  3. ciphersuite : Ciphersuite.ciphersuite;
  4. group : Core.group option;
  5. renegotiation : reneg_params;
  6. session_id : string;
  7. extended_ms : bool;
  8. tls_unique : string;
}
type server_handshake_state =
  1. | AwaitClientHello
  2. | AwaitClientHelloRenegotiate
  3. | AwaitClientCertificate_RSA of session_data * hs_log
  4. | AwaitClientCertificate_DHE of session_data * dh_secret * hs_log
  5. | AwaitClientKeyExchange_RSA of session_data * hs_log
  6. | AwaitClientKeyExchange_DHE of session_data * dh_secret * hs_log
  7. | AwaitClientCertificateVerify of session_data * crypto_context * crypto_context * hs_log
  8. | AwaitClientChangeCipherSpec of session_data * crypto_context * crypto_context * hs_log
  9. | AwaitClientChangeCipherSpecResume of session_data * crypto_context * string * hs_log
  10. | AwaitClientFinished of session_data * hs_log
  11. | AwaitClientFinishedResume of session_data * string * hs_log
  12. | Established
type client_handshake_state =
  1. | ClientInitial
  2. | AwaitServerHello of Core.client_hello * (Core.group * dh_secret) list * hs_log
  3. | AwaitServerHelloRenegotiate of session_data * Core.client_hello * hs_log
  4. | AwaitCertificate_RSA of session_data * hs_log
  5. | AwaitCertificate_DHE of session_data * hs_log
  6. | AwaitServerKeyExchange_DHE of session_data * hs_log
  7. | AwaitCertificateRequestOrServerHelloDone of session_data * string * string * hs_log
  8. | AwaitServerHelloDone of session_data * Core.signature_algorithm list option * string * string * hs_log
  9. | AwaitServerChangeCipherSpec of session_data * crypto_context * string * hs_log
  10. | AwaitServerChangeCipherSpecResume of session_data * crypto_context * crypto_context * hs_log
  11. | AwaitServerFinished of session_data * string * hs_log
  12. | AwaitServerFinishedResume of session_data * hs_log
  13. | Established
type kdf = {
  1. secret : string;
  2. cipher : Ciphersuite.ciphersuite13;
  3. hash : Digestif.hash';
}
type session_data13 = {
  1. common_session_data13 : common_session_data;
  2. ciphersuite13 : Ciphersuite.ciphersuite13;
  3. master_secret : kdf;
  4. exporter_master_secret : string;
  5. resumption_secret : string;
  6. state : Core.epoch_state;
  7. resumed : bool;
  8. client_app_secret : string;
  9. server_app_secret : string;
}
type client13_handshake_state =
  1. | AwaitServerHello13 of Core.client_hello * (Core.group * dh_secret) list * string
  2. | AwaitServerEncryptedExtensions13 of session_data13 * string * string * string
  3. | AwaitServerCertificateRequestOrCertificate13 of session_data13 * string * string * string
  4. | AwaitServerCertificate13 of session_data13 * string * string * Core.signature_algorithm list option * string
  5. | AwaitServerCertificateVerify13 of session_data13 * string * string * Core.signature_algorithm list option * string
  6. | AwaitServerFinished13 of session_data13 * string * string * Core.signature_algorithm list option * string
  7. | Established13
type server13_handshake_state =
  1. | AwaitClientHelloHRR13
  2. | AwaitClientCertificate13 of session_data13 * string * crypto_context * Core.session_ticket option * string
  3. | AwaitClientCertificateVerify13 of session_data13 * string * crypto_context * Core.session_ticket option * string
  4. | AwaitClientFinished13 of string * crypto_context * Core.session_ticket option * string
  5. | AwaitEndOfEarlyData13 of string * crypto_context * crypto_context * Core.session_ticket option * string
  6. | Established13
type handshake_machina_state =
  1. | Client of client_handshake_state
  2. | Server of server_handshake_state
  3. | Client13 of client13_handshake_state
  4. | Server13 of server13_handshake_state
type handshake_state = {
  1. session : [ `TLS of session_data | `TLS13 of session_data13 ] list;
  2. protocol_version : Core.tls_version;
  3. early_data_left : int32;
  4. machina : handshake_machina_state;
  5. config : Config.config;
  6. hs_fragment : string;
}
type crypto_state = crypto_context option
type record = Packet.content_type * string
type rec_resp = [
  1. | `Change_enc of crypto_context
  2. | `Change_dec of crypto_context
  3. | `Record of record
]
type handshake_return = handshake_state * rec_resp list
type state = {
  1. handshake : handshake_state;
  2. decryptor : crypto_state;
  3. encryptor : crypto_state;
  4. fragment : string;
  5. read_closed : bool;
  6. write_closed : bool;
}
type error = [
  1. | `AuthenticationFailure of X509.Validation.validation_error
  2. | `NoConfiguredCiphersuite of Ciphersuite.ciphersuite list
  3. | `NoConfiguredVersions of Core.tls_version list
  4. | `NoConfiguredSignatureAlgorithm of Core.signature_algorithm list
  5. | `NoMatchingCertificateFound of string
  6. | `CouldntSelectCertificate
]
val pp_error : Stdlib.Format.formatter -> [< `AuthenticationFailure of X509.Validation.validation_error | `CouldntSelectCertificate | `NoConfiguredCiphersuite of [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 AES_128_CCM_SHA256 AES_128_GCM_SHA256 AES_256_GCM_SHA384 CHACHA20_POLY1305_SHA256 ] list | `NoConfiguredSignatureAlgorithm of [< `ECDSA_SECP256R1_SHA1 | `ECDSA_SECP256R1_SHA256 | `ECDSA_SECP384R1_SHA384 | `ECDSA_SECP521R1_SHA512 | `ED25519 | `RSA_PKCS1_MD5 | `RSA_PKCS1_SHA1 | `RSA_PKCS1_SHA224 | `RSA_PKCS1_SHA256 | `RSA_PKCS1_SHA384 | `RSA_PKCS1_SHA512 | `RSA_PSS_RSAENC_SHA256 | `RSA_PSS_RSAENC_SHA384 | `RSA_PSS_RSAENC_SHA512 ECDSA_SECP256R1_SHA1 ECDSA_SECP256R1_SHA256 ECDSA_SECP384R1_SHA384 ECDSA_SECP521R1_SHA512 ] list | `NoConfiguredVersions of [< `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ] list | `NoMatchingCertificateFound of string ] -> unit
type fatal = [
  1. | `Protocol_version of [ `None_supported of Core.tls_any_version list | `Unknown_record of int * int | `Bad_record of Core.tls_any_version ]
  2. | `Unexpected of [ `Content_type of int | `Message of string | `Handshake of Core.tls_handshake ]
  3. | `Decode of string
  4. | `Handshake of [ `Message of string | `Fragments | `BadDH of string | `BadECDH of Mirage_crypto_ec.error ]
  5. | `Bad_certificate of string
  6. | `Missing_extension of string
  7. | `Bad_mac
  8. | `Record_overflow of int
  9. | `Unsupported_extension
  10. | `Inappropriate_fallback
  11. | `No_application_protocol
]
val pp_protocol_version : Stdlib.Format.formatter -> [< `Bad_record of [< `SSL_3 | `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 | `TLS_1_X of int ] | `None_supported of [< `SSL_3 | `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 | `TLS_1_X of int ] list | `Unknown_record of int * int ] -> unit
val pp_unexpected : Stdlib.Format.formatter -> [< `Content_type of int | `Handshake of Core.tls_handshake | `Message of string ] -> unit
val pp_handshake_error : Stdlib.Format.formatter -> [< `BadDH of string | `BadECDH of Mirage_crypto_ec.error | `Fragments | `Message of string ] -> unit
val pp_fatal : Stdlib.Format.formatter -> [< `Bad_certificate of string | `Bad_mac | `Decode of string | `Handshake of [< `BadDH of string | `BadECDH of Mirage_crypto_ec.error | `Fragments | `Message of string ] | `Inappropriate_fallback | `Missing_extension of string | `No_application_protocol | `Protocol_version of [< `Bad_record of [< `SSL_3 | `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 | `TLS_1_X of int ] | `None_supported of [< `SSL_3 | `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 | `TLS_1_X of int ] list | `Unknown_record of int * int ] | `Record_overflow of int | `Unexpected of [< `Content_type of int | `Handshake of Core.tls_handshake | `Message of string ] | `Unsupported_extension ] -> unit
type failure = [
  1. | `Error of error
  2. | `Fatal of fatal
  3. | `Alert of Packet.alert_type
]
val pp_failure : Stdlib.Format.formatter -> [< `Alert of Packet.alert_type | `Error of [< `AuthenticationFailure of X509.Validation.validation_error | `CouldntSelectCertificate | `NoConfiguredCiphersuite of [< `AES_128_CCM_SHA256 | `AES_128_GCM_SHA256 | `AES_256_GCM_SHA384 | `CHACHA20_POLY1305_SHA256 | `DHE_RSA_WITH_3DES_EDE_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA | `DHE_RSA_WITH_AES_128_CBC_SHA256 | `DHE_RSA_WITH_AES_128_CCM | `DHE_RSA_WITH_AES_128_GCM_SHA256 | `DHE_RSA_WITH_AES_256_CBC_SHA | `DHE_RSA_WITH_AES_256_CBC_SHA256 | `DHE_RSA_WITH_AES_256_CCM | `DHE_RSA_WITH_AES_256_GCM_SHA384 | `DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA | `ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA | `ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | `ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA | `ECDHE_RSA_WITH_AES_128_CBC_SHA256 | `ECDHE_RSA_WITH_AES_128_GCM_SHA256 | `ECDHE_RSA_WITH_AES_256_CBC_SHA | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 | `ECDHE_RSA_WITH_AES_256_GCM_SHA384 | `ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | `RSA_WITH_3DES_EDE_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA | `RSA_WITH_AES_128_CBC_SHA256 | `RSA_WITH_AES_128_CCM | `RSA_WITH_AES_128_GCM_SHA256 | `RSA_WITH_AES_256_CBC_SHA | `RSA_WITH_AES_256_CBC_SHA256 | `RSA_WITH_AES_256_CCM | `RSA_WITH_AES_256_GCM_SHA384 AES_128_CCM_SHA256 AES_128_GCM_SHA256 AES_256_GCM_SHA384 CHACHA20_POLY1305_SHA256 ] list | `NoConfiguredSignatureAlgorithm of [< `ECDSA_SECP256R1_SHA1 | `ECDSA_SECP256R1_SHA256 | `ECDSA_SECP384R1_SHA384 | `ECDSA_SECP521R1_SHA512 | `ED25519 | `RSA_PKCS1_MD5 | `RSA_PKCS1_SHA1 | `RSA_PKCS1_SHA224 | `RSA_PKCS1_SHA256 | `RSA_PKCS1_SHA384 | `RSA_PKCS1_SHA512 | `RSA_PSS_RSAENC_SHA256 | `RSA_PSS_RSAENC_SHA384 | `RSA_PSS_RSAENC_SHA512 ECDSA_SECP256R1_SHA1 ECDSA_SECP256R1_SHA256 ECDSA_SECP384R1_SHA384 ECDSA_SECP521R1_SHA512 ] list | `NoConfiguredVersions of [< `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ] list | `NoMatchingCertificateFound of string ] | `Fatal of [< `Bad_certificate of string | `Bad_mac | `Decode of string | `Handshake of [< `BadDH of string | `BadECDH of Mirage_crypto_ec.error | `Fragments | `Message of string ] | `Inappropriate_fallback | `Missing_extension of string | `No_application_protocol | `Protocol_version of [< `Bad_record of [< `SSL_3 | `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 | `TLS_1_X of int ] | `None_supported of [< `SSL_3 | `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 | `TLS_1_X of int ] list | `Unknown_record of int * int ] | `Record_overflow of int | `Unexpected of [< `Content_type of int | `Handshake of Core.tls_handshake | `Message of string ] | `Unsupported_extension ] ] -> unit
val common_data_to_epoch : common_session_data -> bool -> [ `host ] Domain_name.t option -> Core.epoch_data
val epoch_of_session : bool -> [ `host ] Domain_name.t option -> Core.tls_version -> [< `TLS of session_data | `TLS13 of session_data13 ] -> Core.epoch_data
val epoch_of_hs : handshake_state -> Core.epoch_data option