Crypto context for TLS_PSK_WITH_AES_128_CCM_8 cipher suite.

Represents AEAD parameters for dtls_encrypt_params().

dtls_client_hello_t

Structure of the Client Hello message.

dtls_context_t

Holds global information of the DTLS engine.

dtls_ecdsa_key_t

dtls_ephemeral_peer_t

Holds ClientHello’s sequence numbers for the stateless address verification.

dtls_handler_t

This structure contains callback functions used by tinydtls to communicate with the application. At least the write function must be provided. It is called by the DTLS state machine to send packets over the network. The read function is invoked to deliver decrypted and verfified application data. The third callback is an event handler function that is called when alert messages are encountered or events generated by the library have occured.

dtls_handshake_header_t

Header structure for the DTLS handshake protocol.

dtls_handshake_parameters_ecdsa_t

dtls_handshake_parameters_psk_t

dtls_handshake_parameters_t

dtls_handshake_parameters_t__bindgen_ty_1_random_t

dtls_hello_verify_t

Structure of the Hello Verify Request.

dtls_hmac_context_t

Context for HMAC generation. This object is initialized with dtls_hmac_init() and must be passed to dtls_hmac_update() and dtls_hmac_finalize(). Once, finalized, the component \c H is invalid and must be initialized again with dtls_hmac_init() before the structure can be used again.

dtls_hs_state_t

dtls_peer_t

Holds security parameters, local state and the transport address for each peer.

dtls_record_header_t

Generic header structure of the DTLS record layer.

dtls_security_parameters_t

session_t__bindgen_ty_1

Enums

Known cipher suites.

Known compression suites.

dtls_credentials_type_t

dtls_crypto_alg

dtls_ecdh_curve

dtls_hashfunc_t

List of known hash functions for use in dtls_hmac_init(). The identifiers are the same as the HashAlgorithm defined in Section 7.4.1.4.1 of RFC 5246.

dtls_peer_type

dtls_state_t

Constants

DTLS_COOKIE_SECRET_LENGTH

DTLS_CT_ALERT

DTLS_CT_APPLICATION_DATA

DTLS_CT_CHANGE_CIPHER_SPEC

DTLS_CT_HANDSHAKE

DTLS_DEFAULT_MAX_RETRANSMIT

DTLS_EVENT_RENEGOTIATE

DTLS_HMAC_BLOCKSIZE

DTLS_HMAC_DIGEST_SIZE

DTLS_HMAC_MAX

DTLS_HT_CERTIFICATE

DTLS_HT_CERTIFICATE_REQUEST

DTLS_HT_CERTIFICATE_VERIFY

DTLS_HT_CLIENT_HELLO

DTLS_HT_CLIENT_KEY_EXCHANGE

DTLS_HT_FINISHED

DTLS_HT_HELLO_REQUEST

DTLS_HT_HELLO_VERIFY_REQUEST

DTLS_HT_NO_OPTIONAL_MESSAGE

DTLS_HT_SERVER_HELLO

DTLS_HT_SERVER_HELLO_DONE

DTLS_HT_SERVER_KEY_EXCHANGE

DTLS_MASTER_SECRET_LENGTH

DTLS_MAX_BUF

DTLS_PSK

DTLS_PSK_MAX_CLIENT_IDENTITY_LEN

DTLS_PSK_MAX_KEY_LEN

DTLS_RANDOM_LENGTH

DTLS_SHA256_BLOCK_LENGTH

DTLS_SHA256_DIGEST_LENGTH

DTLS_SHA256_DIGEST_STRING_LENGTH

DTLS_SHA384_BLOCK_LENGTH

DTLS_SHA384_DIGEST_LENGTH

DTLS_SHA384_DIGEST_STRING_LENGTH

DTLS_SHA512_BLOCK_LENGTH

DTLS_SHA512_DIGEST_LENGTH

DTLS_SHA512_DIGEST_STRING_LENGTH

DTLS_TICKS_PER_SECOND

TLS_CERT_TYPE_RAW_PUBLIC_KEY

TLS_CLIENT_CERTIFICATE_TYPE_ECDSA_SIGN

TLS_EC_CURVE_TYPE_NAMED_CURVE

TLS_EXT_CLIENT_CERTIFICATE_TYPE

TLS_EXT_EC_POINT_FORMATS

TLS_EXT_EC_POINT_FORMATS_UNCOMPRESSED

TLS_EXT_ELLIPTIC_CURVES

TLS_EXT_ELLIPTIC_CURVES_SECP256R1

TLS_EXT_ENCRYPT_THEN_MAC

TLS_EXT_EXTENDED_MASTER_SECRET

TLS_EXT_SERVER_CERTIFICATE_TYPE

TLS_EXT_SIG_HASH_ALGO

TLS_EXT_SIG_HASH_ALGO_ECDSA

TLS_EXT_SIG_HASH_ALGO_SHA256

WITH_POSIX

WITH_SHA256

Functions

dtls_ccm_decrypt_message^⚠

dtls_ccm_encrypt_message^⚠

Authenticates and encrypts a message using AES in CCM mode. Please see also RFC 3610 for the meaning of \p M, \p L, \p lm and \p la.

dtls_check_retransmit^⚠

Checks sendqueue of given DTLS context object for any outstanding packets to be transmitted.

dtls_clock_init^⚠

dtls_close^⚠

Closes the DTLS connection associated with @p remote. This function returns zero on success, and a value less than zero on error.

dtls_connect^⚠

Establishes a DTLS channel with the specified remote peer @p dst. This function returns @c 0 if that channel already exists, a value greater than zero when a new ClientHello message was sent, and a value less than zero on error.

dtls_connect_peer^⚠

Establishes a DTLS channel with the specified remote peer. This function returns @c 0 if that channel already exists and a renegotiate was initiated, a value greater than zero when a new ClientHello message was sent, and a value less than zero on error.

dtls_decrypt^⚠

Decrypts the given buffer \p src of given \p length, writing the result to \p buf. The function returns \c -1 in case of an error, or the number of bytes written. Note that for block ciphers, \p length must be a multiple of the cipher’s block size. A return value between \c 0 and the actual length indicates that only \c n-1 block have been processed. The provided \p src and \p buf may overlap.

dtls_decrypt_params^⚠

Decrypts the given buffer \p src of given \p length, writing the result to \p buf. The function returns \c -1 in case of an error, or the number of bytes written. Note that for block ciphers, \p length must be a multiple of the cipher’s block size. A return value between \c 0 and the actual length indicates that only \c n-1 block have been processed. The provided \p src and \p buf may overlap.

dtls_ec_key_asn1_from_uint32^⚠

dtls_ecdh_pre_master_secret^⚠

dtls_ecdsa_create_sig^⚠

dtls_ecdsa_create_sig_hash^⚠

dtls_ecdsa_generate_key^⚠

dtls_ecdsa_verify_sig^⚠

dtls_ecdsa_verify_sig_hash^⚠

dtls_encrypt^⚠

Encrypts the specified \p src of given \p length, writing the result to \p buf. The cipher implementation may add more data to the result buffer such as an initialization vector or padding (e.g. for block ciphers in CBC mode). The caller therefore must ensure that \p buf provides sufficient storage to hold the result. Usually this means ( 2 + \p length / blocksize ) * blocksize. The function returns a value less than zero on error or otherwise the number of bytes written. The provided \p src and \p buf may overlap.

dtls_encrypt_params^⚠

Encrypts the specified \p src of given \p length, writing the result to \p buf. The cipher implementation may add more data to the result buffer such as an initialization vector or padding (e.g. for block ciphers in CBC mode). The caller therefore must ensure that \p buf provides sufficient storage to hold the result. Usually this means ( 2 + \p length / blocksize ) * blocksize. The function returns a value less than zero on error or otherwise the number of bytes written. The provided \p src and \p buf may overlap.

dtls_free_context^⚠

Releases any storage that has been allocated for \p ctx.

dtls_free_peer^⚠

Releases the storage allocated to @p peer.

dtls_free_session^⚠

Frees memory allocated for a session using ::dtls_new_session.

dtls_get_peer^⚠

Check if @p session is associated with a peer object in @p context. This function returns a pointer to the peer if found, NULL otherwise.

dtls_handle_message^⚠

Handles incoming data as DTLS message from given peer.

dtls_handshake_free^⚠

dtls_handshake_new^⚠

dtls_hmac_finalize^⚠

Completes the HMAC generation and writes the result to the given output parameter \c result. The buffer must be large enough to hold the message digest created by the actual hash function. If in doubt, use \c DTLS_HMAC_MAX. The function returns the number of bytes written to \c result.

dtls_hmac_init^⚠

Initializes an existing HMAC context.

dtls_hmac_update^⚠

Updates the HMAC context with data from \p input.

dtls_init^⚠

This function initializes the tinyDTLS memory management and must be called first.

dtls_mac^⚠

Calculates MAC for record + cleartext packet and places the result in \p buf. The given \p hmac_ctx must be initialized with the HMAC function to use and the proper secret. As the DTLS mac calculation requires data from the record header, \p record must point to a buffer of at least \c sizeof(dtls_record_header_t) bytes. Usually, the remaining packet will be encrypted, therefore, the cleartext is passed separately in \p packet.

dtls_new_context^⚠

Creates a new context object. The storage allocated for the new object must be released with dtls_free_context().

dtls_new_peer^⚠

Creates a new peer for given @p session. The current configuration is initialized with the cipher suite TLS_NULL_WITH_NULL_NULL (i.e. no security at all). This function returns a pointer to the new peer or NULL on error. The caller is responsible for releasing the storage allocated for this peer using dtls_free_peer().

dtls_new_session^⚠

Creates a new ::session_t for the given address.

dtls_p_hash^⚠

Expands the secret and key to a block of DTLS_HMAC_MAX size according to the algorithm specified in section 5 of RFC 4346.

dtls_prf^⚠

This function implements the TLS PRF for DTLS_VERSION. For version 1.0, the PRF is P_MD5 ^ P_SHA1 while version 1.2 uses P_SHA256. Currently, the actual PRF is selected at compile time.

dtls_psk_pre_master_secret^⚠

Generates pre_master_sercet from given PSK and fills the result according to the “plain PSK” case in section 2 of RFC 4279. Diffie-Hellman and RSA key exchange are currently not supported.

dtls_renegotiate^⚠

Renegotiates a DTLS channel based on the specified session. This function returns a value greater than zero when a new ClientHello message was sent, and a value less than zero on error.

dtls_reset_peer^⚠

Resets all connections with @p peer.

dtls_security_free^⚠

dtls_security_new^⚠

dtls_session_addr^⚠

Extracts the address of the given ::session_t.

dtls_session_equals^⚠

Compares the given session objects. This function returns @c 0 when @p a and @p b differ, @c 1 otherwise.

dtls_session_init^⚠

Resets the given session_t object @p sess to its default values. In particular, the member rlen must be initialized to the available size for storing addresses.

dtls_sha256_end^⚠

dtls_ticks^⚠

dtls_write^⚠

Writes the application data given in @p buf to the peer specified by @p session.

dtls_writev^⚠

Writes the application data given in multiple buffers to the peer specified by @p session.