ssl_handshake

Types

---

certdb_ref() = reference()

db_handle() = term()

der_cert() = binary()

oid() = tuple()

public_key_info() =
            {oid(),
             #'RSAPublicKey'{} | integer() | #'ECPoint'{},
             public_key_params()}

public_key_params() = #'Dss-Parms'{}
                            | {namedCurve, oid()}
                            | #'ECParameters'{}
                            | term()

ssl_handshake() = #server_hello{}
                        | #server_hello_done{}
                        | #certificate{}
                        | #certificate_request{}
                        | #client_key_exchange{}
                        | #finished{}
                        | #certificate_verify{}
                        | #hello_request{}
                        | #next_protocol{}

ssl_handshake_history() = {[binary()], [binary()]}

Functions

---

hello_request() -> #hello_request{}

server_hello(Session::#session{}, Version::ssl_version() (see module ssl_record), Connection_states::#connection_states{}, Hello_extensions::#hello_extensions{}) -> #server_hello{}

server_hello_done() -> #server_hello_done{}

client_hello_extensions(Host, Version, CipherSuites, SslOpts, ConnectionStates, Renegotiation) -> term()

certificate(OwnCert::der_cert(), CertDbHandle::db_handle(), CertDbRef::certdb_ref(), X4::client | server) -> #certificate{} | #alert{}

next_protocol(SelectedProtocol::binary()) -> #next_protocol{}

client_certificate_verify(OwnCert::undefined | der_cert(), MasterSecret::binary(), Version::ssl_version() (see module ssl_record), X4::term(), PrivateKey::private_key() (see module public_key), X6::ssl_handshake_history()) -> #certificate_verify{} | ignore | #alert{}

certificate_request(CipherSuite::cipher_suite() (see module ssl_cipher), CertDbHandle::db_handle(), CertDbRef::certdb_ref(), Version::ssl_version() (see module ssl_record)) -> #certificate_request{}

key_exchange(X1::client | server, Version::ssl_version() (see module ssl_record), X3::{premaster_secret, binary(), public_key_info()} | {dh, binary()} | {dh, {binary(), binary()}, #'DHParameter'{}, {HashAlgo::atom(), SignAlgo::atom()}, binary(), binary(), private_key() (see module public_key)} | {ecdh, #'ECPrivateKey'{}} | {psk, binary()} | {dhe_psk, binary(), binary()} | {srp, {binary(), binary()}, #srp_user{generator=undefined | binary(), prime=undefined | binary(), salt=undefined | binary(), verifier=undefined | binary()}, {HashAlgo::atom(), SignAlgo::atom()}, binary(), binary(), private_key() (see module public_key)}) -> #client_key_exchange{} | #server_key_exchange{}

finished(Version::ssl_version() (see module ssl_record), Role::client | server, PrfAlgo::integer(), MasterSecret::binary(), X5::ssl_handshake_history()) -> #finished{}

verify_server_key(Server_key_params, HashSign, ConnectionStates, Version, PubKeyInfo) -> term()

certificate_verify(Signature::binary(), PublicKeyInfo::public_key_info(), Version::ssl_version() (see module ssl_record), HashSign::term(), MasterSecret::binary(), X6::ssl_handshake_history()) -> valid | #alert{}

verify_signature(Version::ssl_version() (see module ssl_record), Hash::binary(), HashAlgo::{term(), term()}, Signature::binary(), X5::public_key_info()) -> true | false

certify(Certificate::#certificate{}, CertDbHandle::db_handle(), CertDbRef::certdb_ref(), MaxPathLen::integer() | nolimit, Verify::verify_peer | verify_none, VerifyFunAndState::{function(), term}, PartialChain::function(), Role::client | server) -> {der_cert(), public_key_info()} | #alert{}

verify_connection(Version::ssl_version() (see module ssl_record), Finished::#finished{}, Role::client | server, PrfAlgo::integer(), MasterSecret::binary(), X6::ssl_handshake_history()) -> verified | #alert{}

init_handshake_history() -> ssl_handshake_history()

update_handshake_history(Handshake::ssl_handshake_history() (see module ssl_handshake), Data::term()) -> ssl_handshake_history() (see module ssl_handshake)

premaster_secret(OtherPublicDhKey, MyPrivateKey, DHParameter) -> term()

premaster_secret(Client_dhe_psk_identity, PrivateKey, DHParameter, PSKLookup) -> term()

premaster_secret(Client_psk_identity, PSKLookup) -> term()

server_key_exchange_hash(Hash::md5sha | md5 | sha | sha224 | sha256 | sha384 | sha512, Value::binary()) -> binary()

prf(X1::ssl_version() (see module ssl_record), Secret::binary(), Label::binary(), Seed::[binary()], WantedLength::non_neg_integer()) -> {ok, binary()} | {error, undefined}

select_hashsign(Hash_sign_algos::#hash_sign_algos{} | undefined, Cert::undefined | binary(), Version::ssl_version() (see module ssl_record)) -> {atom(), atom()} | undefined

select_hashsign_algs(HashSign::#hash_sign_algos{} | undefined, X2::oid(), X3::ssl_version() (see module ssl_record)) -> {atom(), atom()}

select_hashsign_algs(Alg::atom(), Version::ssl_version() (see module ssl_record)) -> {atom(), atom()}

master_secret(RecordCB::atom(), Version::ssl_version() (see module ssl_record), Session::#session{} | binary(), Connection_states::#connection_states{}, Role::client | server) -> {binary(), #connection_states{}} | #alert{}

encode_handshake(Next_protocol, Version) -> term()

encode_hello_extensions(Hello_extensions) -> term()

decode_client_key(ClientKey::binary(), Type::key_algo() (see module ssl_cipher), Version::ssl_version() (see module ssl_record)) -> #encrypted_premaster_secret{} | #client_diffie_hellman_public{} | #client_ec_diffie_hellman_public{} | #client_psk_identity{} | #client_dhe_psk_identity{} | #client_rsa_psk_identity{} | #client_srp_public{}

decode_server_key(ServerKey::binary(), Type::key_algo() (see module ssl_cipher), Version::ssl_version() (see module ssl_record)) -> #server_key_params{}

encode_client_protocol_negotiation(X1, X2) -> term()

encode_protocols_advertised_on_server(Protocols) -> term()

decode_handshake(Version, X2, Keys) -> term()

decode_hello_extensions(Extensions::{client, binary()} | binary()) -> #hello_extensions{}

decode_suites(X1::'2_bytes' | '3_bytes', Dec::binary()) -> list()

available_suites(UserSuites, Version) -> term()

cipher_suites(Suites, X2) -> term()

select_session(SuggestedSessionId, CipherSuites, Compressions, Port, Session, Version, Ssl_options, Cache, CacheCb, Cert) -> term()

supported_ecc(Version) -> term()

handle_client_hello_extensions(RecordCB, Random, ClientCipherSuites, Hello_extensions, Version, Ssl_options, Session, ConnectionStates0, Renegotiation) -> term()

handle_server_hello_extensions(RecordCB, Random, CipherSuite, Compression, Hello_extensions, Version, Ssl_options, ConnectionStates0, Renegotiation) -> term()

select_version(RecordCB, ClientVersion, Versions) -> term()

select_curve(Elliptic_curves, Rest) -> term()