val __tls13_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> tls13
val tls13_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> tls13
val sexp_of_tls13 : tls13 -> Ppx_sexp_conv_lib.Sexp.t
val __tls_before_13_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> tls_before_13
val tls_before_13_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> tls_before_13
val sexp_of_tls_before_13 : tls_before_13 -> Ppx_sexp_conv_lib.Sexp.t
val __tls_version_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> tls_version
val tls_version_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> tls_version
val sexp_of_tls_version : tls_version -> Ppx_sexp_conv_lib.Sexp.t
val compare_tls_version : [< `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ] -> [< `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ] -> int
val next : [< `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ] -> [> `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ] option
val all_versions : ([< `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 TLS_1_1 TLS_1_2 TLS_1_3 ] as 'a * [< `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ]) -> 'a list
val __tls_any_version_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> tls_any_version
val tls_any_version_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> tls_any_version
val sexp_of_tls_any_version : tls_any_version -> Ppx_sexp_conv_lib.Sexp.t
val any_version_to_version : [> tls_version ] -> [> `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ] option
val version_eq : [> tls_version ] -> [< `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ] -> bool
val version_ge : [< `SSL_3 | `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 | `TLS_1_X of 'a ] -> [< `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 ] -> bool
val tls_any_version_of_pair : (int * int) -> [> `SSL_3 | `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 | `TLS_1_X of int ] option
val pair_of_tls_any_version : [< `SSL_3 | `TLS_1_0 | `TLS_1_1 | `TLS_1_2 | `TLS_1_3 | `TLS_1_X of int ] -> int * int
val tls_hdr_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> tls_hdr
val sexp_of_tls_hdr : tls_hdr -> Ppx_sexp_conv_lib.Sexp.t
module SessionID : sig ... end
type psk_identity = (Cstruct_sexp.t * int32) * Cstruct_sexp.t
val psk_identity_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> psk_identity
val sexp_of_psk_identity : psk_identity -> Ppx_sexp_conv_lib.Sexp.t
val binders_len : ('a * Cstruct.t) list -> int
val __group_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> group
val group_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> group
val sexp_of_group : group -> Ppx_sexp_conv_lib.Sexp.t
val named_group_to_group : Packet.named_group -> [> `FFDHE2048 | `FFDHE3072 | `FFDHE4096 | `FFDHE6144 | `FFDHE8192 | `P256 | `X25519 ] option
val group_to_named_group : [< `FFDHE2048 | `FFDHE3072 | `FFDHE4096 | `FFDHE6144 | `FFDHE8192 | `P256 | `X25519 ] -> Packet.named_group
val group_to_impl : [< `FFDHE2048 | `FFDHE3072 | `FFDHE4096 | `FFDHE6144 | `FFDHE8192 | `P256 | `X25519 ] -> [> `Fiat of [> `P256 ] | `Hacl of [> `X25519 ] | `Mirage_crypto of Mirage_crypto_pk.Dh.group ]
type signature_algorithm = [
| `RSA_PKCS1_MD5 |
| `RSA_PKCS1_SHA1 |
| `RSA_PKCS1_SHA224 |
| `RSA_PKCS1_SHA256 |
| `RSA_PKCS1_SHA384 |
| `RSA_PKCS1_SHA512 |
| `RSA_PSS_RSAENC_SHA256 |
| `RSA_PSS_RSAENC_SHA384 |
| `RSA_PSS_RSAENC_SHA512 |
]
val __signature_algorithm_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> signature_algorithm
val signature_algorithm_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> signature_algorithm
val sexp_of_signature_algorithm : signature_algorithm -> Ppx_sexp_conv_lib.Sexp.t
val hash_of_signature_algorithm : [< `RSA_PKCS1_MD5 | `RSA_PKCS1_SHA1 | `RSA_PKCS1_SHA224 | `RSA_PKCS1_SHA256 | `RSA_PKCS1_SHA384 | `RSA_PKCS1_SHA512 | `RSA_PSS_RSAENC_SHA256 | `RSA_PSS_RSAENC_SHA384 | `RSA_PSS_RSAENC_SHA512 ] -> [> `MD5 | `SHA1 | `SHA224 | `SHA256 | `SHA384 | `SHA512 ]
val signature_scheme_of_signature_algorithm : [< `RSA_PKCS1_MD5 | `RSA_PKCS1_SHA1 | `RSA_PKCS1_SHA224 | `RSA_PKCS1_SHA256 | `RSA_PKCS1_SHA384 | `RSA_PKCS1_SHA512 | `RSA_PSS_RSAENC_SHA256 | `RSA_PSS_RSAENC_SHA384 | `RSA_PSS_RSAENC_SHA512 ] -> [> `PKCS1 | `PSS ]
type client_extension = [
| `Hostname of string |
| `MaxFragmentLength of Packet.max_fragment_length |
| `SupportedGroups of Packet.named_group list |
| `SecureRenegotiation of Cstruct_sexp.t |
| `Padding of int |
| `SignatureAlgorithms of signature_algorithm list |
| `ExtendedMasterSecret |
| `ALPN of string list |
| `KeyShare of (Packet.named_group * Cstruct_sexp.t) list |
| `EarlyDataIndication |
| `PreSharedKeys of psk_identity list |
| `SupportedVersions of tls_any_version list |
| `PostHandshakeAuthentication |
| `Cookie of Cstruct_sexp.t |
| `PskKeyExchangeModes of Packet.psk_key_exchange_mode list |
| `UnknownExtension of int * Cstruct_sexp.t |
]
val __client_extension_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> client_extension
val client_extension_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> client_extension
val sexp_of_client_extension : client_extension -> Ppx_sexp_conv_lib.Sexp.t
type server13_extension = [
| `KeyShare of group * Cstruct_sexp.t |
| `PreSharedKey of int |
| `SelectedVersion of tls_version |
]
val __server13_extension_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> server13_extension
val server13_extension_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> server13_extension
val sexp_of_server13_extension : server13_extension -> Ppx_sexp_conv_lib.Sexp.t
type server_extension = [
| server13_extension |
| `Hostname |
| `MaxFragmentLength of Packet.max_fragment_length |
| `SecureRenegotiation of Cstruct_sexp.t |
| `ExtendedMasterSecret |
| `ALPN of string |
| `UnknownExtension of int * Cstruct_sexp.t |
]
val __server_extension_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> server_extension
val server_extension_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> server_extension
val sexp_of_server_extension : server_extension -> Ppx_sexp_conv_lib.Sexp.t
type encrypted_extension = [
| `Hostname |
| `MaxFragmentLength of Packet.max_fragment_length |
| `SupportedGroups of group list |
| `ALPN of string |
| `EarlyDataIndication |
| `UnknownExtension of int * Cstruct_sexp.t |
]
val __encrypted_extension_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> encrypted_extension
val encrypted_extension_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> encrypted_extension
val sexp_of_encrypted_extension : encrypted_extension -> Ppx_sexp_conv_lib.Sexp.t
type hello_retry_extension = [
| `SelectedGroup of group |
| `Cookie of Cstruct_sexp.t |
| `SelectedVersion of tls_version |
| `UnknownExtension of int * Cstruct_sexp.t |
]
val __hello_retry_extension_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> hello_retry_extension
val hello_retry_extension_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> hello_retry_extension
val sexp_of_hello_retry_extension : hello_retry_extension -> Ppx_sexp_conv_lib.Sexp.t
type client_hello = {
client_version : tls_any_version; |
client_random : Cstruct_sexp.t; |
sessionid : SessionID.t option; |
ciphersuites : Packet.any_ciphersuite list; |
extensions : client_extension list; |
}
val client_hello_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> client_hello
val sexp_of_client_hello : client_hello -> Ppx_sexp_conv_lib.Sexp.t
type server_hello = {
server_version : tls_version; |
server_random : Cstruct_sexp.t; |
sessionid : SessionID.t option; |
ciphersuite : Ciphersuite.ciphersuite; |
extensions : server_extension list; |
}
val server_hello_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> server_hello
val sexp_of_server_hello : server_hello -> Ppx_sexp_conv_lib.Sexp.t
val dh_parameters_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> dh_parameters
val sexp_of_dh_parameters : dh_parameters -> Ppx_sexp_conv_lib.Sexp.t
type hello_retry = {
retry_version : tls_version; |
ciphersuite : Ciphersuite.ciphersuite13; |
sessionid : SessionID.t option; |
selected_group : group; |
extensions : hello_retry_extension list; |
}
val hello_retry_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> hello_retry
val sexp_of_hello_retry : hello_retry -> Ppx_sexp_conv_lib.Sexp.t
type session_ticket_extension = [
| `EarlyDataIndication of int32 |
| `UnknownExtension of int * Cstruct_sexp.t |
]
val __session_ticket_extension_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> session_ticket_extension
val session_ticket_extension_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> session_ticket_extension
val sexp_of_session_ticket_extension : session_ticket_extension -> Ppx_sexp_conv_lib.Sexp.t
type session_ticket = {
lifetime : int32; |
age_add : int32; |
nonce : Cstruct_sexp.t; |
ticket : Cstruct_sexp.t; |
extensions : session_ticket_extension list; |
}
val session_ticket_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> session_ticket
val sexp_of_session_ticket : session_ticket -> Ppx_sexp_conv_lib.Sexp.t
type certificate_request_extension = [
| `SignatureAlgorithms of signature_algorithm list |
| `CertificateAuthorities of X509.Distinguished_name.t list |
| `UnknownExtension of int * Cstruct_sexp.t |
]
type tls_handshake =
| HelloRequest |
| HelloRetryRequest of hello_retry |
| EncryptedExtensions of encrypted_extension list |
| ServerHelloDone |
| ClientHello of client_hello |
| ServerHello of server_hello |
| Certificate of Cstruct_sexp.t |
| ServerKeyExchange of Cstruct_sexp.t |
| CertificateRequest of Cstruct_sexp.t |
| ClientKeyExchange of Cstruct_sexp.t |
| CertificateVerify of Cstruct_sexp.t |
| Finished of Cstruct_sexp.t |
| SessionTicket of session_ticket |
| KeyUpdate of Packet.key_update_request_type |
| EndOfEarlyData |
val tls_handshake_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> tls_handshake
val sexp_of_tls_handshake : tls_handshake -> Ppx_sexp_conv_lib.Sexp.t
type tls_alert = Packet.alert_level * Packet.alert_type
val tls_alert_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> tls_alert
val sexp_of_tls_alert : tls_alert -> Ppx_sexp_conv_lib.Sexp.t
type master_secret = Cstruct_sexp.t
the master secret of a TLS connection
val master_secret_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> master_secret
val sexp_of_master_secret : master_secret -> Ppx_sexp_conv_lib.Sexp.t
module Cert : sig ... end
module Ptime : sig ... end
type psk13 = {
identifier : Cstruct_sexp.t; |
obfuscation : int32; |
secret : Cstruct_sexp.t; |
lifetime : int32; |
early_data : int32; |
issued_at : Ptime.t; |
}
val psk13_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> psk13
val sexp_of_psk13 : psk13 -> Ppx_sexp_conv_lib.Sexp.t
val __epoch_state_of_sexp__ : Ppx_sexp_conv_lib.Sexp.t -> epoch_state
val epoch_state_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> epoch_state
val sexp_of_epoch_state : epoch_state -> Ppx_sexp_conv_lib.Sexp.t
type epoch_data = {
state : epoch_state; |
protocol_version : tls_version; |
ciphersuite : Ciphersuite.ciphersuite; |
peer_random : Cstruct_sexp.t; |
peer_certificate_chain : Cert.t list; |
peer_certificate : Cert.t option; |
peer_name : string option; |
trust_anchor : Cert.t option; |
received_certificates : Cert.t list; |
own_random : Cstruct_sexp.t; |
own_certificate : Cert.t list; |
own_private_key : Mirage_crypto_pk.Rsa.priv option; |
own_name : string option; |
master_secret : master_secret; |
session_id : SessionID.t; |
extended_ms : bool; |
alpn_protocol : string option; |
}
information about an open session
val epoch_data_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> epoch_data
val sexp_of_epoch_data : epoch_data -> Ppx_sexp_conv_lib.Sexp.t
val supports_key_usage : ?not_present:bool -> X509.Certificate.t -> X509.Extension.key_usage -> bool
val supports_extended_key_usage : ?not_present:bool -> X509.Certificate.t -> X509.Extension.extended_key_usage -> bool