ssl_handshake

DATA TYPES

certdb_ref() = reference()
cipher() = null | rc4_128 | idea_cbc | des40_cbc | des_cbc | '3des_ede_cbc' | aes_128_cbc | aes_256_cbc
db_handle() = term()
der_cert() = binary()
erl_cipher_suite() = {key_algo(), cipher(), hash()}
hash() = null | sha | md5 | sha224 | sha256 | sha384 | sha512
key_algo() = null | rsa | dhe_rsa | dhe_dss | ecdhe_ecdsa | ecdh_ecdsa | ecdh_rsa | srp_rsa | srp_dss | psk | dhe_psk | rsa_psk | dh_anon | ecdh_anon | srp_anon
oid() = tuple()
private_key() = #'RSAPrivateKey'{} | #'DSAPrivateKey'{} | #'ECPrivateKey'{}
public_key_info() = {oid(), #'RSAPublicKey'{} | integer() | #'ECPoint'{}, public_key_params()}
public_key_params() = #'Dss-Parms'{} | {namedCurve, oid()} | #'ECParameters'{} | term()
tls_handshake_history() = {[binary()], [binary()]}
tls_version() = {integer(), integer()}

Functions


hello_request() -> #hello_request{}

server_hello_done() -> #server_hello_done{}

client_hello_extensions(Version, CipherSuites, SslOpts, ConnectionStates, Renegotiation) -> term()

certificate(OwnCert::der_cert(), CertDbHandle::db_handle(), CertDbRef::certdb_ref(), X4::client | server) -> #certificate{} | #alert{}

next_protocol(SelectedProtocol::binary()) -> #next_protocol{}

client_certificate_verify(OwnCert::undefined | der_cert(), MasterSecret::binary(), Version::tls_version(), X4::term(), PrivateKey::private_key(), X6::tls_handshake_history()) -> #certificate_verify{} | ignore | #alert{}

certificate_request(CipherSuite::erl_cipher_suite(), CertDbHandle::db_handle(), CertDbRef::certdb_ref(), Version::tls_version()) -> #certificate_request{}

key_exchange(X1::client | server, Version::tls_version(), X3::{premaster_secret, binary(), public_key_info()} | {dh, binary()} | {dh, {binary(), binary()}, #'DHParameter'{}, {HashAlgo::atom(), SignAlgo::atom()}, binary(), binary(), private_key()} | {ecdh, #'ECPrivateKey'{}} | {psk, binary()} | {dhe_psk, binary(), binary()} | {srp, {binary(), binary()}, #srp_user{generator=undefined | binary(), prime=undefined | binary(), salt=undefined | binary(), verifier=undefined | binary()}, {HashAlgo::atom(), SignAlgo::atom()}, binary(), binary(), private_key()}) -> #client_key_exchange{} | #server_key_exchange{}

finished(Version::tls_version(), Role::client | server, PrfAlgo::integer(), MasterSecret::binary(), X5::tls_handshake_history()) -> #finished{}

certificate_verify(Signature::binary(), PublicKeyInfo::public_key_info(), Version::tls_version(), HashSign::term(), MasterSecret::binary(), X6::tls_handshake_history()) -> valid | #alert{}

verify_signature(Version::tls_version(), Hash::binary(), HashAlgo::{term(), term()}, Signature::binary(), X5::public_key_info()) -> true | false

certify(Certificate::#certificate{}, CertDbHandle::db_handle(), CertDbRef::certdb_ref(), MaxPathLen::integer() | nolimit, Verify::verify_peer | verify_none, VerifyFunAndState::{function(), term}, Role::client | server) -> {der_cert(), public_key_info()} | #alert{}

verify_connection(Version::tls_version(), Finished::#finished{}, Role::client | server, PrfAlgo::integer(), MasterSecret::binary(), X6::tls_handshake_history()) -> verified | #alert{}

decrypt_premaster_secret(Secret::binary(), RSAPrivateKey::#'RSAPrivateKey'{}) -> binary()

server_key_exchange_hash(Hash::md5sha | md5 | sha | sha224 | sha256 | sha384 | sha512, Value::binary()) -> binary()

prf(X1::tls_version(), Secret::binary(), Label::binary(), Seed::[binary()], WantedLength::non_neg_integer()) -> {ok, binary()} | {error, undefined}

select_hashsign(Hash_sign_algos::#hash_sign_algos{} | undefined, Cert::undefined | binary()) -> [{atom(), atom()}] | undefined

select_cert_hashsign(HashSign::#hash_sign_algos{} | undefined, X2::oid(), X3::tls_version() | {undefined, undefined}) -> {atom(), atom()}

master_secret(RecordCB::atom(), Version::tls_version(), Session::#session{} | binary(), Connection_states::#connection_states{}, Role::client | server) -> {binary(), #connection_states{}} | #alert{}

encode_handshake(Next_protocol, Version) -> term()

encode_hello_extensions(Hello_extensions) -> term()

decode_client_key(ClientKey::binary(), Type::key_algo(), Version::tls_version()) -> #encrypted_premaster_secret{} | #client_diffie_hellman_public{} | #client_ec_diffie_hellman_public{} | #client_psk_identity{} | #client_dhe_psk_identity{} | #client_rsa_psk_identity{} | #client_srp_public{}

decode_server_key(ServerKey::binary(), Type::key_algo(), Version::tls_version()) -> #server_key_params{}

encode_client_protocol_negotiation(X1, X2) -> term()

encode_protocols_advertised_on_server(Protocols) -> term()

decode_handshake(Version, X2, Keys) -> term()

decode_hello_extensions(Extensions::{client, binary()} | binary()) -> #hello_extensions{}

decode_suites(X1::'2_bytes' | '3_bytes', Dec::binary()) -> list()

available_suites(UserSuites, Version) -> term()

available_suites(ServerCert, UserSuites, Version) -> term()

cipher_suites(Suites, X2) -> term()

select_session(SuggestedSessionId, CipherSuites, Compressions, Port, Session, Version, Ssl_options, Cache, CacheCb, Cert) -> term()

handle_client_hello_extensions(RecordCB, Random, Hello_extensions, Version, Ssl_options, Session, ConnectionStates0, Renegotiation) -> term()

handle_server_hello_extensions(RecordCB, Random, CipherSuite, Compression, Hello_extensions, Version, Ssl_options, ConnectionStates0, Renegotiation) -> term()

select_version(RecordCB, ClientVersion, Versions) -> term()