waku-org/nwaku
1
0
Fork 0
mirror of https://github.com/waku-org/nwaku.git synced 2025-02-11 22:47:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
nwaku/vendor/nim-bearssl/bearssl/abi/bearssl_ssl.nim

1426 lines
51 KiB
Nim
Raw Blame History

import
"."/[
bearssl_aead, bearssl_block, bearssl_ec, bearssl_hash, bearssl_hmac,
bearssl_prf, bearssl_rand, bearssl_rsa, bearssl_x509, csources]
{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].}
{.used.}
const
bearSslPath = bearSrcPath & "ssl/"
{.compile: bearSslPath & "ssl_ccert_single_ec.c".}
{.compile: bearSslPath & "ssl_ccert_single_rsa.c".}
{.compile: bearSslPath & "ssl_client.c".}
{.compile: bearSslPath & "ssl_client_default_rsapub.c".}
{.compile: bearSslPath & "ssl_client_full.c".}
{.compile: bearSslPath & "ssl_engine.c".}
{.compile: bearSslPath & "ssl_engine_default_aescbc.c".}
{.compile: bearSslPath & "ssl_engine_default_aesccm.c".}
{.compile: bearSslPath & "ssl_engine_default_aesgcm.c".}
{.compile: bearSslPath & "ssl_engine_default_chapol.c".}
{.compile: bearSslPath & "ssl_engine_default_descbc.c".}
{.compile: bearSslPath & "ssl_engine_default_ec.c".}
{.compile: bearSslPath & "ssl_engine_default_ecdsa.c".}
{.compile: bearSslPath & "ssl_engine_default_rsavrfy.c".}
{.compile: bearSslPath & "ssl_hashes.c".}
{.compile: bearSslPath & "ssl_hs_client.c".}
{.compile: bearSslPath & "ssl_hs_server.c".}
{.compile: bearSslPath & "ssl_io.c".}
{.compile: bearSslPath & "ssl_keyexport.c".}
{.compile: bearSslPath & "ssl_lru.c".}
{.compile: bearSslPath & "ssl_rec_cbc.c".}
{.compile: bearSslPath & "ssl_rec_ccm.c".}
{.compile: bearSslPath & "ssl_rec_chapol.c".}
{.compile: bearSslPath & "ssl_rec_gcm.c".}
{.compile: bearSslPath & "ssl_scert_single_ec.c".}
{.compile: bearSslPath & "ssl_scert_single_rsa.c".}
{.compile: bearSslPath & "ssl_server.c".}
{.compile: bearSslPath & "ssl_server_full_ec.c".}
{.compile: bearSslPath & "ssl_server_full_rsa.c".}
{.compile: bearSslPath & "ssl_server_mine2c.c".}
{.compile: bearSslPath & "ssl_server_mine2g.c".}
{.compile: bearSslPath & "ssl_server_minf2c.c".}
{.compile: bearSslPath & "ssl_server_minf2g.c".}
{.compile: bearSslPath & "ssl_server_minr2g.c".}
{.compile: bearSslPath & "ssl_server_minu2g.c".}
{.compile: bearSslPath & "ssl_server_minv2g.c".}
const
SSL_BUFSIZE_INPUT* = (16384 + 325)
const
SSL_BUFSIZE_OUTPUT* = (16384 + 85)
const
SSL_BUFSIZE_MONO* = SSL_BUFSIZE_INPUT
const
SSL_BUFSIZE_BIDI* = (SSL_BUFSIZE_INPUT + SSL_BUFSIZE_OUTPUT)
const
SSL30* = 0x0300
const
TLS10* = 0x0301
const
TLS11* = 0x0302
const
TLS12* = 0x0303
const
ERR_OK* = 0
const
ERR_BAD_PARAM* = 1
const
ERR_BAD_STATE* = 2
const
ERR_UNSUPPORTED_VERSION* = 3
const
ERR_BAD_VERSION* = 4
const
ERR_BAD_LENGTH* = 5
const
ERR_TOO_LARGE* = 6
const
ERR_BAD_MAC* = 7
const
ERR_NO_RANDOM* = 8
const
ERR_UNKNOWN_TYPE* = 9
const
ERR_UNEXPECTED* = 10
const
ERR_BAD_CCS* = 12
const
ERR_BAD_ALERT* = 13
const
ERR_BAD_HANDSHAKE* = 14
const
ERR_OVERSIZED_ID* = 15
const
ERR_BAD_CIPHER_SUITE* = 16
const
ERR_BAD_COMPRESSION* = 17
const
ERR_BAD_FRAGLEN* = 18
const
ERR_BAD_SECRENEG* = 19
const
ERR_EXTRA_EXTENSION* = 20
const
ERR_BAD_SNI* = 21
const
ERR_BAD_HELLO_DONE* = 22
const
ERR_LIMIT_EXCEEDED* = 23
const
ERR_BAD_FINISHED* = 24
const
ERR_RESUME_MISMATCH* = 25
const
ERR_INVALID_ALGORITHM* = 26
const
ERR_BAD_SIGNATURE* = 27
const
ERR_WRONG_KEY_USAGE* = 28
const
ERR_NO_CLIENT_AUTH* = 29
const
ERR_IO* = 31
const
ERR_RECV_FATAL_ALERT* = 256
const
ERR_SEND_FATAL_ALERT* = 512
type
SslrecInClass* {.importc: "br_sslrec_in_class", header: "bearssl_ssl.h", bycopy.} = object
contextSize* {.importc: "context_size".}: uint
checkLength* {.importc: "check_length".}: proc (ctx: ptr ptr SslrecInClass;
recordLen: uint): cint {.importcFunc.}
decrypt* {.importc: "decrypt".}: proc (ctx: ptr ptr SslrecInClass; recordType: cint;
version: cuint; payload: pointer;
len: var uint): ptr byte {.importcFunc.}
type
SslrecOutClass* {.importc: "br_sslrec_out_class", header: "bearssl_ssl.h", bycopy.} = object
contextSize* {.importc: "context_size".}: uint
maxPlaintext* {.importc: "max_plaintext".}: proc (ctx: ptr ptr SslrecOutClass;
start: ptr uint; `end`: ptr uint) {.importcFunc.}
encrypt* {.importc: "encrypt".}: proc (ctx: ptr ptr SslrecOutClass;
recordType: cint; version: cuint;
plaintext: pointer; len: var uint): ptr byte {.
importcFunc.}
type
SslrecOutClearContext* {.importc: "br_sslrec_out_clear_context",
header: "bearssl_ssl.h", bycopy.} = object
vtable* {.importc: "vtable".}: ptr SslrecOutClass
var sslrecOutClearVtable* {.importc: "br_sslrec_out_clear_vtable", header: "bearssl_ssl.h".}: SslrecOutClass
type
SslrecInCbcClass* {.importc: "br_sslrec_in_cbc_class", header: "bearssl_ssl.h",
bycopy.} = object
inner* {.importc: "inner".}: SslrecInClass
init* {.importc: "init".}: proc (ctx: ptr ptr SslrecInCbcClass;
bcImpl: ptr BlockCbcdecClass; bcKey: pointer;
bcKeyLen: uint; digImpl: ptr HashClass;
macKey: pointer; macKeyLen: uint;
macOutLen: uint; iv: pointer) {.importcFunc.}
type
SslrecOutCbcClass* {.importc: "br_sslrec_out_cbc_class",
header: "bearssl_ssl.h", bycopy.} = object
inner* {.importc: "inner".}: SslrecOutClass
init* {.importc: "init".}: proc (ctx: ptr ptr SslrecOutCbcClass;
bcImpl: ptr BlockCbcencClass; bcKey: pointer;
bcKeyLen: uint; digImpl: ptr HashClass;
macKey: pointer; macKeyLen: uint;
macOutLen: uint; iv: pointer) {.importcFunc.}
type
INNER_C_UNION_bearssl_ssl_1* {.importc: "br_sslrec_in_cbc_context::no_name",
header: "bearssl_ssl.h", bycopy, union.} = object
vtable* {.importc: "vtable".}: ptr BlockCbcdecClass
aes* {.importc: "aes".}: AesGenCbcdecKeys
des* {.importc: "des".}: DesGenCbcdecKeys
SslrecInCbcContext* {.importc: "br_sslrec_in_cbc_context",
header: "bearssl_ssl.h", bycopy.} = object
vtable* {.importc: "vtable".}: ptr SslrecInCbcClass
seq* {.importc: "seq".}: uint64
bc* {.importc: "bc".}: INNER_C_UNION_bearssl_ssl_1
mac* {.importc: "mac".}: HmacKeyContext
macLen* {.importc: "mac_len".}: uint
iv* {.importc: "iv".}: array[16, byte]
explicitIV* {.importc: "explicit_IV".}: cint
var sslrecInCbcVtable* {.importc: "br_sslrec_in_cbc_vtable", header: "bearssl_ssl.h".}: SslrecInCbcClass
type
INNER_C_UNION_bearssl_ssl_3* {.importc: "br_sslrec_out_cbc_context::no_name",
header: "bearssl_ssl.h", bycopy, union.} = object
vtable* {.importc: "vtable".}: ptr BlockCbcencClass
aes* {.importc: "aes".}: AesGenCbcencKeys
des* {.importc: "des".}: DesGenCbcencKeys
SslrecOutCbcContext* {.importc: "br_sslrec_out_cbc_context",
header: "bearssl_ssl.h", bycopy.} = object
vtable* {.importc: "vtable".}: ptr SslrecOutCbcClass
seq* {.importc: "seq".}: uint64
bc* {.importc: "bc".}: INNER_C_UNION_bearssl_ssl_3
mac* {.importc: "mac".}: HmacKeyContext
macLen* {.importc: "mac_len".}: uint
iv* {.importc: "iv".}: array[16, byte]
explicitIV* {.importc: "explicit_IV".}: cint
var sslrecOutCbcVtable* {.importc: "br_sslrec_out_cbc_vtable", header: "bearssl_ssl.h".}: SslrecOutCbcClass
type
SslrecInGcmClass* {.importc: "br_sslrec_in_gcm_class", header: "bearssl_ssl.h",
bycopy.} = object
inner* {.importc: "inner".}: SslrecInClass
init* {.importc: "init".}: proc (ctx: ptr ptr SslrecInGcmClass;
bcImpl: ptr BlockCtrClass; key: pointer;
keyLen: uint; ghImpl: Ghash; iv: pointer) {.importcFunc.}
type
SslrecOutGcmClass* {.importc: "br_sslrec_out_gcm_class",
header: "bearssl_ssl.h", bycopy.} = object
inner* {.importc: "inner".}: SslrecOutClass
init* {.importc: "init".}: proc (ctx: ptr ptr SslrecOutGcmClass;
bcImpl: ptr BlockCtrClass; key: pointer;
keyLen: uint; ghImpl: Ghash; iv: pointer) {.importcFunc.}
type
INNER_C_UNION_bearssl_ssl_6* {.importc: "br_sslrec_gcm_context::no_name",
header: "bearssl_ssl.h", bycopy, union.} = object
gen* {.importc: "gen".}: pointer
`in`* {.importc: "in".}: ptr SslrecInGcmClass
`out`* {.importc: "out".}: ptr SslrecOutGcmClass
INNER_C_UNION_bearssl_ssl_7* {.importc: "br_sslrec_gcm_context::no_name",
header: "bearssl_ssl.h", bycopy, union.} = object
vtable* {.importc: "vtable".}: ptr BlockCtrClass
aes* {.importc: "aes".}: AesGenCtrKeys
SslrecGcmContext* {.importc: "br_sslrec_gcm_context", header: "bearssl_ssl.h",
bycopy.} = object
vtable* {.importc: "vtable".}: INNER_C_UNION_bearssl_ssl_6
seq* {.importc: "seq".}: uint64
bc* {.importc: "bc".}: INNER_C_UNION_bearssl_ssl_7
gh* {.importc: "gh".}: Ghash
iv* {.importc: "iv".}: array[4, byte]
h* {.importc: "h".}: array[16, byte]
var sslrecInGcmVtable* {.importc: "br_sslrec_in_gcm_vtable", header: "bearssl_ssl.h".}: SslrecInGcmClass
var sslrecOutGcmVtable* {.importc: "br_sslrec_out_gcm_vtable", header: "bearssl_ssl.h".}: SslrecOutGcmClass
type
SslrecInChapolClass* {.importc: "br_sslrec_in_chapol_class",
header: "bearssl_ssl.h", bycopy.} = object
inner* {.importc: "inner".}: SslrecInClass
init* {.importc: "init".}: proc (ctx: ptr ptr SslrecInChapolClass;
ichacha: Chacha20Run; ipoly: Poly1305Run;
key: pointer; iv: pointer) {.importcFunc.}
type
SslrecOutChapolClass* {.importc: "br_sslrec_out_chapol_class",
header: "bearssl_ssl.h", bycopy.} = object
inner* {.importc: "inner".}: SslrecOutClass
init* {.importc: "init".}: proc (ctx: ptr ptr SslrecOutChapolClass;
ichacha: Chacha20Run; ipoly: Poly1305Run;
key: pointer; iv: pointer) {.importcFunc.}
type
INNER_C_UNION_bearssl_ssl_9* {.importc: "br_sslrec_chapol_context::no_name",
header: "bearssl_ssl.h", bycopy, union.} = object
gen* {.importc: "gen".}: pointer
`in`* {.importc: "in".}: ptr SslrecInChapolClass
`out`* {.importc: "out".}: ptr SslrecOutChapolClass
SslrecChapolContext* {.importc: "br_sslrec_chapol_context",
header: "bearssl_ssl.h", bycopy.} = object
vtable* {.importc: "vtable".}: INNER_C_UNION_bearssl_ssl_9
seq* {.importc: "seq".}: uint64
key* {.importc: "key".}: array[32, byte]
iv* {.importc: "iv".}: array[12, byte]
ichacha* {.importc: "ichacha".}: Chacha20Run
ipoly* {.importc: "ipoly".}: Poly1305Run
var sslrecInChapolVtable* {.importc: "br_sslrec_in_chapol_vtable", header: "bearssl_ssl.h".}: SslrecInChapolClass
var sslrecOutChapolVtable* {.importc: "br_sslrec_out_chapol_vtable", header: "bearssl_ssl.h".}: SslrecOutChapolClass
type
SslrecInCcmClass* {.importc: "br_sslrec_in_ccm_class", header: "bearssl_ssl.h",
bycopy.} = object
inner* {.importc: "inner".}: SslrecInClass
init* {.importc: "init".}: proc (ctx: ptr ptr SslrecInCcmClass;
bcImpl: ptr BlockCtrcbcClass; key: pointer;
keyLen: uint; iv: pointer; tagLen: uint) {.
importcFunc.}
type
SslrecOutCcmClass* {.importc: "br_sslrec_out_ccm_class",
header: "bearssl_ssl.h", bycopy.} = object
inner* {.importc: "inner".}: SslrecOutClass
init* {.importc: "init".}: proc (ctx: ptr ptr SslrecOutCcmClass;
bcImpl: ptr BlockCtrcbcClass; key: pointer;
keyLen: uint; iv: pointer; tagLen: uint) {.
importcFunc.}
type
INNER_C_UNION_bearssl_ssl_12* {.importc: "br_sslrec_ccm_context::no_name",
header: "bearssl_ssl.h", bycopy, union.} = object
gen* {.importc: "gen".}: pointer
`in`* {.importc: "in".}: ptr SslrecInCcmClass
`out`* {.importc: "out".}: ptr SslrecOutCcmClass
INNER_C_UNION_bearssl_ssl_13* {.importc: "br_sslrec_ccm_context::no_name",
header: "bearssl_ssl.h", bycopy, union.} = object
vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass
aes* {.importc: "aes".}: AesGenCtrcbcKeys
SslrecCcmContext* {.importc: "br_sslrec_ccm_context", header: "bearssl_ssl.h",
bycopy.} = object
vtable* {.importc: "vtable".}: INNER_C_UNION_bearssl_ssl_12
seq* {.importc: "seq".}: uint64
bc* {.importc: "bc".}: INNER_C_UNION_bearssl_ssl_13
iv* {.importc: "iv".}: array[4, byte]
tagLen* {.importc: "tag_len".}: uint
var sslrecInCcmVtable* {.importc: "br_sslrec_in_ccm_vtable", header: "bearssl_ssl.h".}: SslrecInCcmClass
var sslrecOutCcmVtable* {.importc: "br_sslrec_out_ccm_vtable", header: "bearssl_ssl.h".}: SslrecOutCcmClass
type
SslSessionParameters* {.importc: "br_ssl_session_parameters",
header: "bearssl_ssl.h", bycopy.} = object
sessionId* {.importc: "session_id".}: array[32, byte]
sessionIdLen* {.importc: "session_id_len".}: byte
version* {.importc: "version".}: uint16
cipherSuite* {.importc: "cipher_suite".}: uint16
masterSecret* {.importc: "master_secret".}: array[48, byte]
const
MAX_CIPHER_SUITES* = 48
type
INNER_C_UNION_bearssl_ssl_17* {.importc: "br_ssl_engine_context::no_name",
header: "bearssl_ssl.h", bycopy, union.} = object
vtable* {.importc: "vtable".}: ptr SslrecInClass
cbc* {.importc: "cbc".}: SslrecInCbcContext
gcm* {.importc: "gcm".}: SslrecGcmContext
chapol* {.importc: "chapol".}: SslrecChapolContext
ccm* {.importc: "ccm".}: SslrecCcmContext
INNER_C_UNION_bearssl_ssl_18* {.importc: "br_ssl_engine_context::no_name",
header: "bearssl_ssl.h", bycopy, union.} = object
vtable* {.importc: "vtable".}: ptr SslrecOutClass
clear* {.importc: "clear".}: SslrecOutClearContext
cbc* {.importc: "cbc".}: SslrecOutCbcContext
gcm* {.importc: "gcm".}: SslrecGcmContext
chapol* {.importc: "chapol".}: SslrecChapolContext
ccm* {.importc: "ccm".}: SslrecCcmContext
INNER_C_STRUCT_bearssl_ssl_19* {.importc: "br_ssl_engine_context::no_name",
header: "bearssl_ssl.h", bycopy.} = object
dp* {.importc: "dp".}: ptr uint32
rp* {.importc: "rp".}: ptr uint32
ip* {.importc: "ip".}: ptr byte
SslEngineContext* {.importc: "br_ssl_engine_context", header: "bearssl_ssl.h",
bycopy.} = object
err* {.importc: "err".}: cint
ibuf* {.importc: "ibuf".}: ptr byte
obuf* {.importc: "obuf".}: ptr byte
ibufLen* {.importc: "ibuf_len".}: uint
obufLen* {.importc: "obuf_len".}: uint
maxFragLen* {.importc: "max_frag_len".}: uint16
logMaxFragLen* {.importc: "log_max_frag_len".}: byte
peerLogMaxFragLen* {.importc: "peer_log_max_frag_len".}: byte
ixa* {.importc: "ixa".}: uint
ixb* {.importc: "ixb".}: uint
ixc* {.importc: "ixc".}: uint
oxa* {.importc: "oxa".}: uint
oxb* {.importc: "oxb".}: uint
oxc* {.importc: "oxc".}: uint
iomode* {.importc: "iomode".}: byte
incrypt* {.importc: "incrypt".}: byte
shutdownRecv* {.importc: "shutdown_recv".}: byte
recordTypeIn* {.importc: "record_type_in".}: byte
recordTypeOut* {.importc: "record_type_out".}: byte
versionIn* {.importc: "version_in".}: uint16
versionOut* {.importc: "version_out".}: uint16
`in`* {.importc: "in".}: INNER_C_UNION_bearssl_ssl_17
`out`* {.importc: "out".}: INNER_C_UNION_bearssl_ssl_18
applicationData* {.importc: "application_data".}: byte
rng* {.importc: "rng".}: HmacDrbgContext
rngInitDone* {.importc: "rng_init_done".}: cint
rngOsRandDone* {.importc: "rng_os_rand_done".}: cint
versionMin* {.importc: "version_min".}: uint16
versionMax* {.importc: "version_max".}: uint16
suitesBuf* {.importc: "suites_buf".}: array[MAX_CIPHER_SUITES, uint16]
suitesNum* {.importc: "suites_num".}: byte
serverName* {.importc: "server_name".}: array[256, char]
clientRandom* {.importc: "client_random".}: array[32, byte]
serverRandom* {.importc: "server_random".}: array[32, byte]
session* {.importc: "session".}: SslSessionParameters
ecdheCurve* {.importc: "ecdhe_curve".}: byte
ecdhePoint* {.importc: "ecdhe_point".}: array[133, byte]
ecdhePointLen* {.importc: "ecdhe_point_len".}: byte
reneg* {.importc: "reneg".}: byte
savedFinished* {.importc: "saved_finished".}: array[24, byte]
flags* {.importc: "flags".}: uint32
cpu* {.importc: "cpu".}: INNER_C_STRUCT_bearssl_ssl_19
dpStack* {.importc: "dp_stack".}: array[32, uint32]
rpStack* {.importc: "rp_stack".}: array[32, uint32]
pad* {.importc: "pad".}: array[512, byte]
hbufIn* {.importc: "hbuf_in".}: ptr byte
hbufOut* {.importc: "hbuf_out".}: ptr byte
savedHbufOut* {.importc: "saved_hbuf_out".}: ptr byte
hlenIn* {.importc: "hlen_in".}: uint
hlenOut* {.importc: "hlen_out".}: uint
hsrun* {.importc: "hsrun".}: proc (ctx: pointer) {.importcFunc.}
action* {.importc: "action".}: byte
alert* {.importc: "alert".}: byte
closeReceived* {.importc: "close_received".}: byte
mhash* {.importc: "mhash".}: MultihashContext
x509ctx* {.importc: "x509ctx".}: ptr ptr X509Class
chain* {.importc: "chain".}: ptr X509Certificate
chainLen* {.importc: "chain_len".}: uint
certCur* {.importc: "cert_cur".}: ptr byte
certLen* {.importc: "cert_len".}: uint
protocolNames* {.importc: "protocol_names".}: cstringArray
protocolNamesNum* {.importc: "protocol_names_num".}: uint16
selectedProtocol* {.importc: "selected_protocol".}: uint16
prf10* {.importc: "prf10".}: TlsPrfImpl
prfSha256* {.importc: "prf_sha256".}: TlsPrfImpl
prfSha384* {.importc: "prf_sha384".}: TlsPrfImpl
iaesCbcenc* {.importc: "iaes_cbcenc".}: ptr BlockCbcencClass
iaesCbcdec* {.importc: "iaes_cbcdec".}: ptr BlockCbcdecClass
iaesCtr* {.importc: "iaes_ctr".}: ptr BlockCtrClass
iaesCtrcbc* {.importc: "iaes_ctrcbc".}: ptr BlockCtrcbcClass
idesCbcenc* {.importc: "ides_cbcenc".}: ptr BlockCbcencClass
idesCbcdec* {.importc: "ides_cbcdec".}: ptr BlockCbcdecClass
ighash* {.importc: "ighash".}: Ghash
ichacha* {.importc: "ichacha".}: Chacha20Run
ipoly* {.importc: "ipoly".}: Poly1305Run
icbcIn* {.importc: "icbc_in".}: ptr SslrecInCbcClass
icbcOut* {.importc: "icbc_out".}: ptr SslrecOutCbcClass
igcmIn* {.importc: "igcm_in".}: ptr SslrecInGcmClass
igcmOut* {.importc: "igcm_out".}: ptr SslrecOutGcmClass
ichapolIn* {.importc: "ichapol_in".}: ptr SslrecInChapolClass
ichapolOut* {.importc: "ichapol_out".}: ptr SslrecOutChapolClass
iccmIn* {.importc: "iccm_in".}: ptr SslrecInCcmClass
iccmOut* {.importc: "iccm_out".}: ptr SslrecOutCcmClass
iec* {.importc: "iec".}: ptr EcImpl
irsavrfy* {.importc: "irsavrfy".}: RsaPkcs1Vrfy
iecdsa* {.importc: "iecdsa".}: EcdsaVrfy
proc sslEngineGetFlags*(cc: var SslEngineContext): uint32 {.inline.} =
return cc.flags
proc sslEngineSetAllFlags*(cc: var SslEngineContext; flags: uint32) {.inline.} =
cc.flags = flags
proc sslEngineAddFlags*(cc: var SslEngineContext; flags: uint32) {.inline.} =
cc.flags = cc.flags or flags
proc sslEngineRemoveFlags*(cc: var SslEngineContext; flags: uint32) {.inline.} =
cc.flags = cc.flags and not flags
const
OPT_ENFORCE_SERVER_PREFERENCES* = (1'u32 shl 0)
const
OPT_NO_RENEGOTIATION* = (1'u32 shl 1)
const
OPT_TOLERATE_NO_CLIENT_AUTH* = (1'u32 shl 2)
const
OPT_FAIL_ON_ALPN_MISMATCH* = (1'u32 shl 3)
proc sslEngineSetVersions*(cc: var SslEngineContext; versionMin: uint16;
versionMax: uint16) {.inline.} =
cc.versionMin = versionMin
cc.versionMax = versionMax
proc sslEngineSetSuites*(cc: var SslEngineContext; suites: ptr uint16;
suitesNum: uint) {.importcFunc,
importc: "br_ssl_engine_set_suites", header: "bearssl_ssl.h".}
proc sslEngineSetX509*(cc: var SslEngineContext; x509ctx: ptr ptr X509Class) {.inline,
importcFunc.} =
cc.x509ctx = x509ctx
proc sslEngineSetProtocolNames*(ctx: var SslEngineContext; names: cstringArray;
num: uint) {.inline.} =
ctx.protocolNames = names
ctx.protocolNamesNum = uint16 num
proc sslEngineGetSelectedProtocol*(ctx: var SslEngineContext): cstring {.inline.} =
var k: cuint
k = ctx.selectedProtocol
return if (k == 0 or k == 0xFFFF): nil else: ctx.protocolNames[k - 1]
proc sslEngineSetHash*(ctx: var SslEngineContext; id: cint; impl: ptr HashClass) {.
inline.} =
multihashSetimpl(ctx.mhash, id, impl)
proc sslEngineGetHash*(ctx: var SslEngineContext; id: cint): ptr HashClass {.inline,
importcFunc.} =
return multihashGetimpl(ctx.mhash, id)
proc sslEngineSetPrf10*(cc: var SslEngineContext; impl: TlsPrfImpl) {.inline.} =
cc.prf10 = impl
proc sslEngineSetPrfSha256*(cc: var SslEngineContext; impl: TlsPrfImpl) {.inline.} =
cc.prfSha256 = impl
proc sslEngineSetPrfSha384*(cc: var SslEngineContext; impl: TlsPrfImpl) {.inline.} =
cc.prfSha384 = impl
proc sslEngineSetAesCbc*(cc: var SslEngineContext; implEnc: ptr BlockCbcencClass;
implDec: ptr BlockCbcdecClass) {.inline.} =
cc.iaesCbcenc = implEnc
cc.iaesCbcdec = implDec
proc sslEngineSetDefaultAesCbc*(cc: var SslEngineContext) {.importcFunc,
importc: "br_ssl_engine_set_default_aes_cbc", header: "bearssl_ssl.h".}
proc sslEngineSetAesCtr*(cc: var SslEngineContext; impl: ptr BlockCtrClass) {.inline,
importcFunc.} =
cc.iaesCtr = impl
proc sslEngineSetDefaultAesGcm*(cc: var SslEngineContext) {.importcFunc,
importc: "br_ssl_engine_set_default_aes_gcm", header: "bearssl_ssl.h".}
proc sslEngineSetDesCbc*(cc: var SslEngineContext; implEnc: ptr BlockCbcencClass;
implDec: ptr BlockCbcdecClass) {.inline.} =
cc.idesCbcenc = implEnc
cc.idesCbcdec = implDec
proc sslEngineSetDefaultDesCbc*(cc: var SslEngineContext) {.importcFunc,
importc: "br_ssl_engine_set_default_des_cbc", header: "bearssl_ssl.h".}
proc sslEngineSetGhash*(cc: var SslEngineContext; impl: Ghash) {.inline.} =
cc.ighash = impl
proc sslEngineSetChacha20*(cc: var SslEngineContext; ichacha: Chacha20Run) {.inline,
importcFunc.} =
cc.ichacha = ichacha
proc sslEngineSetPoly1305*(cc: var SslEngineContext; ipoly: Poly1305Run) {.inline,
importcFunc.} =
cc.ipoly = ipoly
proc sslEngineSetDefaultChapol*(cc: var SslEngineContext) {.importcFunc,
importc: "br_ssl_engine_set_default_chapol", header: "bearssl_ssl.h".}
proc sslEngineSetAesCtrcbc*(cc: var SslEngineContext; impl: ptr BlockCtrcbcClass) {.
inline.} =
cc.iaesCtrcbc = impl
proc sslEngineSetDefaultAesCcm*(cc: var SslEngineContext) {.importcFunc,
importc: "br_ssl_engine_set_default_aes_ccm", header: "bearssl_ssl.h".}
proc sslEngineSetCbc*(cc: var SslEngineContext; implIn: ptr SslrecInCbcClass;
implOut: ptr SslrecOutCbcClass) {.inline.} =
cc.icbcIn = implIn
cc.icbcOut = implOut
proc sslEngineSetGcm*(cc: var SslEngineContext; implIn: ptr SslrecInGcmClass;
implOut: ptr SslrecOutGcmClass) {.inline.} =
cc.igcmIn = implIn
cc.igcmOut = implOut
proc sslEngineSetCcm*(cc: var SslEngineContext; implIn: ptr SslrecInCcmClass;
implOut: ptr SslrecOutCcmClass) {.inline.} =
cc.iccmIn = implIn
cc.iccmOut = implOut
proc sslEngineSetChapol*(cc: var SslEngineContext; implIn: ptr SslrecInChapolClass;
implOut: ptr SslrecOutChapolClass) {.inline.} =
cc.ichapolIn = implIn
cc.ichapolOut = implOut
proc sslEngineSetEc*(cc: var SslEngineContext; iec: ptr EcImpl) {.inline.} =
cc.iec = iec
proc sslEngineSetDefaultEc*(cc: var SslEngineContext) {.importcFunc,
importc: "br_ssl_engine_set_default_ec", header: "bearssl_ssl.h".}
proc sslEngineGetEc*(cc: var SslEngineContext): ptr EcImpl {.inline.} =
return cc.iec
proc sslEngineSetRsavrfy*(cc: var SslEngineContext; irsavrfy: RsaPkcs1Vrfy) {.inline,
importcFunc.} =
cc.irsavrfy = irsavrfy
proc sslEngineSetDefaultRsavrfy*(cc: var SslEngineContext) {.importcFunc,
importc: "br_ssl_engine_set_default_rsavrfy", header: "bearssl_ssl.h".}
proc sslEngineGetRsavrfy*(cc: var SslEngineContext): RsaPkcs1Vrfy {.inline.} =
return cc.irsavrfy
proc sslEngineSetEcdsa*(cc: var SslEngineContext; iecdsa: EcdsaVrfy) {.inline.} =
cc.iecdsa = iecdsa
proc sslEngineSetDefaultEcdsa*(cc: var SslEngineContext) {.importcFunc,
importc: "br_ssl_engine_set_default_ecdsa", header: "bearssl_ssl.h".}
proc sslEngineGetEcdsa*(cc: var SslEngineContext): EcdsaVrfy {.inline.} =
return cc.iecdsa
proc sslEngineSetBuffer*(cc: var SslEngineContext; iobuf: pointer; iobufLen: uint;
bidi: cint) {.importcFunc, importc: "br_ssl_engine_set_buffer",
header: "bearssl_ssl.h".}
proc sslEngineSetBuffersBidi*(cc: var SslEngineContext; ibuf: pointer;
ibufLen: uint; obuf: pointer; obufLen: uint) {.
importcFunc, importc: "br_ssl_engine_set_buffers_bidi", header: "bearssl_ssl.h".}
proc sslEngineInjectEntropy*(cc: var SslEngineContext; data: pointer; len: uint) {.
importcFunc, importc: "br_ssl_engine_inject_entropy", header: "bearssl_ssl.h".}
proc sslEngineGetServerName*(cc: var SslEngineContext): cstring {.inline.} =
return addr cc.serverName
proc sslEngineGetVersion*(cc: var SslEngineContext): cuint {.inline.} =
return cc.session.version
proc sslEngineGetSessionParameters*(cc: var SslEngineContext;
pp: ptr SslSessionParameters) {.inline.} =
copyMem(pp, addr(cc.session), sizeof(pp[]))
proc sslEngineSetSessionParameters*(cc: var SslEngineContext;
pp: ptr SslSessionParameters) {.inline.} =
copyMem(addr(cc.session), pp, sizeof(pp[]))
proc sslEngineGetEcdheCurve*(cc: var SslEngineContext): cint {.inline.} =
return cint cc.ecdheCurve
proc sslEngineCurrentState*(cc: var SslEngineContext): cuint {.importcFunc,
importc: "br_ssl_engine_current_state", header: "bearssl_ssl.h".}
const
SSL_CLOSED* = 0x0001
const
SSL_SENDREC* = 0x0002
const
SSL_RECVREC* = 0x0004
const
SSL_SENDAPP* = 0x0008
const
SSL_RECVAPP* = 0x0010
proc sslEngineLastError*(cc: var SslEngineContext): cint {.inline.} =
return cc.err
proc sslEngineSendappBuf*(cc: var SslEngineContext; len: var uint): ptr byte {.
importcFunc, importc: "br_ssl_engine_sendapp_buf", header: "bearssl_ssl.h".}
proc sslEngineSendappAck*(cc: var SslEngineContext; len: uint) {.importcFunc,
importc: "br_ssl_engine_sendapp_ack", header: "bearssl_ssl.h".}
proc sslEngineRecvappBuf*(cc: var SslEngineContext; len: var uint): ptr byte {.
importcFunc, importc: "br_ssl_engine_recvapp_buf", header: "bearssl_ssl.h".}
proc sslEngineRecvappAck*(cc: var SslEngineContext; len: uint) {.importcFunc,
importc: "br_ssl_engine_recvapp_ack", header: "bearssl_ssl.h".}
proc sslEngineSendrecBuf*(cc: var SslEngineContext; len: var uint): ptr byte {.
importcFunc, importc: "br_ssl_engine_sendrec_buf", header: "bearssl_ssl.h".}
proc sslEngineSendrecAck*(cc: var SslEngineContext; len: uint) {.importcFunc,
importc: "br_ssl_engine_sendrec_ack", header: "bearssl_ssl.h".}
proc sslEngineRecvrecBuf*(cc: var SslEngineContext; len: var uint): ptr byte {.
importcFunc, importc: "br_ssl_engine_recvrec_buf", header: "bearssl_ssl.h".}
proc sslEngineRecvrecAck*(cc: var SslEngineContext; len: uint) {.importcFunc,
importc: "br_ssl_engine_recvrec_ack", header: "bearssl_ssl.h".}
proc sslEngineFlush*(cc: var SslEngineContext; force: cint) {.importcFunc,
importc: "br_ssl_engine_flush", header: "bearssl_ssl.h".}
proc sslEngineClose*(cc: var SslEngineContext) {.importcFunc,
importc: "br_ssl_engine_close", header: "bearssl_ssl.h".}
proc sslEngineRenegotiate*(cc: var SslEngineContext): cint {.importcFunc,
importc: "br_ssl_engine_renegotiate", header: "bearssl_ssl.h".}
proc sslKeyExport*(cc: var SslEngineContext; dst: pointer; len: uint; label: cstring;
context: pointer; contextLen: uint): cint {.importcFunc,
importc: "br_ssl_key_export", header: "bearssl_ssl.h".}
type
SslClientCertificate* {.importc: "br_ssl_client_certificate",
header: "bearssl_ssl.h", bycopy.} = object
authType* {.importc: "auth_type".}: cint
hashId* {.importc: "hash_id".}: cint
chain* {.importc: "chain".}: ptr X509Certificate
chainLen* {.importc: "chain_len".}: uint
const
AUTH_ECDH* = 0
const
AUTH_RSA* = 1
const
AUTH_ECDSA* = 3
type
SslClientCertificateClass* {.importc: "br_ssl_client_certificate_class",
header: "bearssl_ssl.h", bycopy.} = object
contextSize* {.importc: "context_size".}: uint
startNameList* {.importc: "start_name_list".}: proc (
pctx: ptr ptr SslClientCertificateClass) {.importcFunc.}
startName* {.importc: "start_name".}: proc (
pctx: ptr ptr SslClientCertificateClass; len: uint) {.importcFunc.}
appendName* {.importc: "append_name".}: proc (
pctx: ptr ptr SslClientCertificateClass; data: ptr byte; len: uint) {.importcFunc.}
endName* {.importc: "end_name".}: proc (pctx: ptr ptr SslClientCertificateClass) {.
importcFunc.}
endNameList* {.importc: "end_name_list".}: proc (
pctx: ptr ptr SslClientCertificateClass) {.importcFunc.}
choose* {.importc: "choose".}: proc (pctx: ptr ptr SslClientCertificateClass;
cc: var SslClientContext; authTypes: uint32;
choices: ptr SslClientCertificate) {.importcFunc.}
doKeyx* {.importc: "do_keyx".}: proc (pctx: ptr ptr SslClientCertificateClass;
data: ptr byte; len: var uint): uint32 {.
importcFunc.}
doSign* {.importc: "do_sign".}: proc (pctx: ptr ptr SslClientCertificateClass;
hashId: cint; hvLen: uint;
data: ptr byte; len: uint): uint {.importcFunc.}
SslClientCertificateRsaContext* {.importc: "br_ssl_client_certificate_rsa_context",
header: "bearssl_ssl.h", bycopy.} = object
vtable* {.importc: "vtable".}: ptr SslClientCertificateClass
chain* {.importc: "chain".}: ptr X509Certificate
chainLen* {.importc: "chain_len".}: uint
sk* {.importc: "sk".}: ptr RsaPrivateKey
irsasign* {.importc: "irsasign".}: RsaPkcs1Sign
SslClientCertificateEcContext* {.importc: "br_ssl_client_certificate_ec_context",
header: "bearssl_ssl.h", bycopy.} = object
vtable* {.importc: "vtable".}: ptr SslClientCertificateClass
chain* {.importc: "chain".}: ptr X509Certificate
chainLen* {.importc: "chain_len".}: uint
sk* {.importc: "sk".}: ptr EcPrivateKey
allowedUsages* {.importc: "allowed_usages".}: cuint
issuerKeyType* {.importc: "issuer_key_type".}: cuint
mhash* {.importc: "mhash".}: ptr MultihashContext
iec* {.importc: "iec".}: ptr EcImpl
iecdsa* {.importc: "iecdsa".}: EcdsaSign
INNER_C_UNION_bearssl_ssl_20* {.importc: "no_name", header: "bearssl_ssl.h",
bycopy, union.} = object
vtable* {.importc: "vtable".}: ptr SslClientCertificateClass
singleRsa* {.importc: "single_rsa".}: SslClientCertificateRsaContext
singleEc* {.importc: "single_ec".}: SslClientCertificateEcContext
SslClientContext* {.importc: "br_ssl_client_context", header: "bearssl_ssl.h",
bycopy.} = object
eng* {.importc: "eng".}: SslEngineContext
minClienthelloLen* {.importc: "min_clienthello_len".}: uint16
hashes* {.importc: "hashes".}: uint32
serverCurve* {.importc: "server_curve".}: cint
clientAuthVtable* {.importc: "client_auth_vtable".}: ptr ptr SslClientCertificateClass
authType* {.importc: "auth_type".}: byte
hashId* {.importc: "hash_id".}: byte
clientAuth* {.importc: "client_auth".}: INNER_C_UNION_bearssl_ssl_20
irsapub* {.importc: "irsapub".}: RsaPublic
proc sslClientGetServerHashes*(cc: var SslClientContext): uint32 {.inline.} =
return cc.hashes
proc sslClientGetServerCurve*(cc: var SslClientContext): cint {.inline.} =
return cc.serverCurve
proc sslClientInitFull*(cc: var SslClientContext; xc: ptr X509MinimalContext;
trustAnchors: ptr X509TrustAnchor; trustAnchorsNum: uint) {.
importcFunc, importc: "br_ssl_client_init_full", header: "bearssl_ssl.h".}
proc sslClientZero*(cc: var SslClientContext) {.importcFunc, importc: "br_ssl_client_zero",
header: "bearssl_ssl.h".}
proc sslClientSetClientCertificate*(cc: var SslClientContext;
pctx: ptr ptr SslClientCertificateClass) {.
inline.} =
cc.clientAuthVtable = pctx
proc sslClientSetRsapub*(cc: var SslClientContext; irsapub: RsaPublic) {.inline.} =
cc.irsapub = irsapub
proc sslClientSetDefaultRsapub*(cc: var SslClientContext) {.importcFunc,
importc: "br_ssl_client_set_default_rsapub", header: "bearssl_ssl.h".}
proc sslClientSetMinClienthelloLen*(cc: var SslClientContext; len: uint16) {.inline,
importcFunc.} =
cc.minClienthelloLen = len
proc sslClientReset*(cc: var SslClientContext; serverName: cstring;
resumeSession: cint): cint {.importcFunc,
importc: "br_ssl_client_reset", header: "bearssl_ssl.h".}
proc sslClientForgetSession*(cc: var SslClientContext) {.inline.} =
cc.eng.session.sessionIdLen = byte(0)
proc sslClientSetSingleRsa*(cc: var SslClientContext; chain: ptr X509Certificate;
chainLen: int; sk: ptr RsaPrivateKey;
irsasign: RsaPkcs1Sign) {.importcFunc,
importc: "br_ssl_client_set_single_rsa", header: "bearssl_ssl.h".}
proc sslClientSetSingleEc*(cc: var SslClientContext; chain: ptr X509Certificate;
chainLen: int; sk: ptr EcPrivateKey;
allowedUsages: cuint; certIssuerKeyType: cuint;
iec: ptr EcImpl; iecdsa: EcdsaSign) {.importcFunc,
importc: "br_ssl_client_set_single_ec", header: "bearssl_ssl.h".}
type
SuiteTranslated* = array[2, uint16]
const
SSLKEYX_RSA* = 0
SSLKEYX_ECDHE_RSA* = 1
SSLKEYX_ECDHE_ECDSA* = 2
SSLKEYX_ECDH_RSA* = 3
SSLKEYX_ECDH_ECDSA* = 4
SSLENC_3DES_CBC* = 0
SSLENC_AES128_CBC* = 1
SSLENC_AES256_CBC* = 2
SSLENC_AES128_GCM* = 3
SSLENC_AES256_GCM* = 4
SSLENC_CHACHA20* = 5
SSLMAC_AEAD* = 0
SSLMAC_SHA1* = sha1ID
SSLMAC_SHA256* = sha256ID
SSLMAC_SHA384* = sha384ID
SSLPRF_SHA256* = sha256ID
SSLPRF_SHA384* = sha384ID
type
SslServerChoices* {.importc: "br_ssl_server_choices", header: "bearssl_ssl.h",
bycopy.} = object
cipherSuite* {.importc: "cipher_suite".}: uint16
algoId* {.importc: "algo_id".}: cuint
chain* {.importc: "chain".}: ptr X509Certificate
chainLen* {.importc: "chain_len".}: uint
type
SslServerPolicyClass* {.importc: "br_ssl_server_policy_class",
header: "bearssl_ssl.h", bycopy.} = object
contextSize* {.importc: "context_size".}: uint
choose* {.importc: "choose".}: proc (pctx: ptr ptr SslServerPolicyClass;
cc: var SslServerContext;
choices: ptr SslServerChoices): cint {.importcFunc.}
doKeyx* {.importc: "do_keyx".}: proc (pctx: ptr ptr SslServerPolicyClass;
data: ptr byte; len: var uint): uint32 {.
importcFunc.}
doSign* {.importc: "do_sign".}: proc (pctx: ptr ptr SslServerPolicyClass;
algoId: cuint; data: ptr byte;
hvLen: uint; len: uint): uint {.importcFunc.}
SslServerPolicyRsaContext* {.importc: "br_ssl_server_policy_rsa_context",
header: "bearssl_ssl.h", bycopy.} = object
vtable* {.importc: "vtable".}: ptr SslServerPolicyClass
chain* {.importc: "chain".}: ptr X509Certificate
chainLen* {.importc: "chain_len".}: uint
sk* {.importc: "sk".}: ptr RsaPrivateKey
allowedUsages* {.importc: "allowed_usages".}: cuint
irsacore* {.importc: "irsacore".}: RsaPrivate
irsasign* {.importc: "irsasign".}: RsaPkcs1Sign
SslServerPolicyEcContext* {.importc: "br_ssl_server_policy_ec_context",
header: "bearssl_ssl.h", bycopy.} = object
vtable* {.importc: "vtable".}: ptr SslServerPolicyClass
chain* {.importc: "chain".}: ptr X509Certificate
chainLen* {.importc: "chain_len".}: uint
sk* {.importc: "sk".}: ptr EcPrivateKey
allowedUsages* {.importc: "allowed_usages".}: cuint
certIssuerKeyType* {.importc: "cert_issuer_key_type".}: cuint
mhash* {.importc: "mhash".}: ptr MultihashContext
iec* {.importc: "iec".}: ptr EcImpl
iecdsa* {.importc: "iecdsa".}: EcdsaSign
SslSessionCacheClass* {.importc: "br_ssl_session_cache_class",
header: "bearssl_ssl.h", bycopy.} = object
contextSize* {.importc: "context_size".}: uint
save* {.importc: "save".}: proc (ctx: ptr ptr SslSessionCacheClass;
serverCtx: ptr SslServerContext;
params: ptr SslSessionParameters) {.importcFunc.}
load* {.importc: "load".}: proc (ctx: ptr ptr SslSessionCacheClass;
serverCtx: ptr SslServerContext;
params: ptr SslSessionParameters): cint {.importcFunc.}
SslSessionCacheLru* {.importc: "br_ssl_session_cache_lru",
header: "bearssl_ssl.h", bycopy.} = object
vtable* {.importc: "vtable".}: ptr SslSessionCacheClass
store* {.importc: "store".}: ptr byte
storeLen* {.importc: "store_len".}: uint
storePtr* {.importc: "store_ptr".}: uint
indexKey* {.importc: "index_key".}: array[32, byte]
hash* {.importc: "hash".}: ptr HashClass
initDone* {.importc: "init_done".}: cint
head* {.importc: "head".}: uint32
tail* {.importc: "tail".}: uint32
root* {.importc: "root".}: uint32
INNER_C_UNION_bearssl_ssl_21* {.importc: "no_name", header: "bearssl_ssl.h",
bycopy, union.} = object
vtable* {.importc: "vtable".}: ptr SslServerPolicyClass
singleRsa* {.importc: "single_rsa".}: SslServerPolicyRsaContext
singleEc* {.importc: "single_ec".}: SslServerPolicyEcContext
SslServerContext* {.importc: "br_ssl_server_context", header: "bearssl_ssl.h",
bycopy.} = object
eng* {.importc: "eng".}: SslEngineContext
clientMaxVersion* {.importc: "client_max_version".}: uint16
cacheVtable* {.importc: "cache_vtable".}: ptr ptr SslSessionCacheClass
clientSuites* {.importc: "client_suites".}: array[MAX_CIPHER_SUITES,
SuiteTranslated]
clientSuitesNum* {.importc: "client_suites_num".}: byte
hashes* {.importc: "hashes".}: uint32
curves* {.importc: "curves".}: uint32
policyVtable* {.importc: "policy_vtable".}: ptr ptr SslServerPolicyClass
signHashId* {.importc: "sign_hash_id".}: uint16
chainHandler* {.importc: "chain_handler".}: INNER_C_UNION_bearssl_ssl_21
ecdheKey* {.importc: "ecdhe_key".}: array[70, byte]
ecdheKeyLen* {.importc: "ecdhe_key_len".}: uint
taNames* {.importc: "ta_names".}: ptr X500Name
tas* {.importc: "tas".}: ptr X509TrustAnchor
numTas* {.importc: "num_tas".}: uint
curDnIndex* {.importc: "cur_dn_index".}: uint
curDn* {.importc: "cur_dn".}: ptr byte
curDnLen* {.importc: "cur_dn_len".}: uint
hashCV* {.importc: "hash_CV".}: array[64, byte]
hashCV_len* {.importc: "hash_CV_len".}: uint
hashCV_id* {.importc: "hash_CV_id".}: cint
proc sslSessionCacheLruInit*(cc: var SslSessionCacheLru; store: ptr cuchar;
storeLen: int) {.importcFunc,
importc: "br_ssl_session_cache_lru_init", header: "bearssl_ssl.h".}
proc sslSessionCacheLruForget*(cc: var SslSessionCacheLru; id: ptr cuchar) {.importcFunc,
importc: "br_ssl_session_cache_lru_forget", header: "bearssl_ssl.h".}
proc sslServerInitFullRsa*(cc: var SslServerContext; chain: ptr X509Certificate;
chainLen: uint; sk: ptr RsaPrivateKey) {.importcFunc,
importc: "br_ssl_server_init_full_rsa", header: "bearssl_ssl.h".}
proc sslServerInitFullEc*(cc: var SslServerContext; chain: ptr X509Certificate;
chainLen: uint; certIssuerKeyType: cuint;
sk: ptr EcPrivateKey) {.importcFunc,
importc: "br_ssl_server_init_full_ec", header: "bearssl_ssl.h".}
proc sslServerInitMinr2g*(cc: var SslServerContext; chain: ptr X509Certificate;
chainLen: uint; sk: ptr RsaPrivateKey) {.importcFunc,
importc: "br_ssl_server_init_minr2g", header: "bearssl_ssl.h".}
proc sslServerInitMine2g*(cc: var SslServerContext; chain: ptr X509Certificate;
chainLen: uint; sk: ptr RsaPrivateKey) {.importcFunc,
importc: "br_ssl_server_init_mine2g", header: "bearssl_ssl.h".}
proc sslServerInitMinf2g*(cc: var SslServerContext; chain: ptr X509Certificate;
chainLen: uint; sk: ptr EcPrivateKey) {.importcFunc,
importc: "br_ssl_server_init_minf2g", header: "bearssl_ssl.h".}
proc sslServerInitMinu2g*(cc: var SslServerContext; chain: ptr X509Certificate;
chainLen: uint; sk: ptr EcPrivateKey) {.importcFunc,
importc: "br_ssl_server_init_minu2g", header: "bearssl_ssl.h".}
proc sslServerInitMinv2g*(cc: var SslServerContext; chain: ptr X509Certificate;
chainLen: uint; sk: ptr EcPrivateKey) {.importcFunc,
importc: "br_ssl_server_init_minv2g", header: "bearssl_ssl.h".}
proc sslServerInitMine2c*(cc: var SslServerContext; chain: ptr X509Certificate;
chainLen: uint; sk: ptr RsaPrivateKey) {.importcFunc,
importc: "br_ssl_server_init_mine2c", header: "bearssl_ssl.h".}
proc sslServerInitMinf2c*(cc: var SslServerContext; chain: ptr X509Certificate;
chainLen: uint; sk: ptr EcPrivateKey) {.importcFunc,
importc: "br_ssl_server_init_minf2c", header: "bearssl_ssl.h".}
proc sslServerGetClientSuites*(cc: var SslServerContext; num: ptr uint):
ptr array[MAX_CIPHER_SUITES, SuiteTranslated] {.
inline.} =
num[] = cc.clientSuitesNum
return addr cc.clientSuites
proc sslServerGetClientHashes*(cc: var SslServerContext): uint32 {.inline.} =
return cc.hashes
proc sslServerGetClientCurves*(cc: var SslServerContext): uint32 {.inline.} =
return cc.curves
proc sslServerZero*(cc: var SslServerContext) {.importcFunc, importc: "br_ssl_server_zero",
header: "bearssl_ssl.h".}
proc sslServerSetPolicy*(cc: var SslServerContext;
pctx: ptr ptr SslServerPolicyClass) {.inline.} =
cc.policyVtable = pctx
proc sslServerSetSingleRsa*(cc: var SslServerContext; chain: ptr X509Certificate;
chainLen: uint; sk: ptr RsaPrivateKey;
allowedUsages: cuint; irsacore: RsaPrivate;
irsasign: RsaPkcs1Sign) {.importcFunc,
importc: "br_ssl_server_set_single_rsa", header: "bearssl_ssl.h".}
proc sslServerSetSingleEc*(cc: var SslServerContext; chain: ptr X509Certificate;
chainLen: uint; sk: ptr EcPrivateKey;
allowedUsages: cuint; certIssuerKeyType: cuint;
iec: ptr EcImpl; iecdsa: EcdsaSign) {.importcFunc,
importc: "br_ssl_server_set_single_ec", header: "bearssl_ssl.h".}
proc sslServerSetTrustAnchorNames*(cc: var SslServerContext; taNames: ptr X500Name;
num: uint) {.inline.} =
cc.taNames = taNames
cc.tas = nil
cc.numTas = num
proc sslServerSetTrustAnchorNamesAlt*(cc: var SslServerContext;
tas: ptr X509TrustAnchor; num: uint) {.inline.} =
cc.taNames = nil
cc.tas = tas
cc.numTas = num
proc sslServerSetCache*(cc: var SslServerContext;
vtable: ptr ptr SslSessionCacheClass) {.inline.} =
cc.cacheVtable = vtable
proc sslServerReset*(cc: var SslServerContext): cint {.importcFunc,
importc: "br_ssl_server_reset", header: "bearssl_ssl.h".}
type
SslioContext* {.importc: "br_sslio_context", header: "bearssl_ssl.h", bycopy.} = object
engine* {.importc: "engine".}: ptr SslEngineContext
lowRead* {.importc: "low_read".}: proc (readContext: pointer; data: ptr byte;
len: uint): cint {.importcFunc.}
readContext* {.importc: "read_context".}: pointer
lowWrite* {.importc: "low_write".}: proc (writeContext: pointer; data: ptr byte;
len: uint): cint {.importcFunc.}
writeContext* {.importc: "write_context".}: pointer
proc sslioInit*(ctx: var SslioContext; engine: ptr SslEngineContext; lowRead: proc (
readContext: pointer; data: ptr byte; len: uint): cint {.importcFunc.};
readContext: pointer; lowWrite: proc (writeContext: pointer;
data: ptr byte; len: uint): cint {.importcFunc.}; writeContext: pointer) {.importcFunc,
importc: "br_sslio_init", header: "bearssl_ssl.h".}
proc sslioRead*(cc: var SslioContext; dst: pointer; len: uint): cint {.importcFunc,
importc: "br_sslio_read", header: "bearssl_ssl.h".}
proc sslioReadAll*(cc: var SslioContext; dst: pointer; len: uint): cint {.importcFunc,
importc: "br_sslio_read_all", header: "bearssl_ssl.h".}
proc sslioWrite*(cc: var SslioContext; src: pointer; len: uint): cint {.importcFunc,
importc: "br_sslio_write", header: "bearssl_ssl.h".}
proc sslioWriteAll*(cc: var SslioContext; src: pointer; len: uint): cint {.importcFunc,
importc: "br_sslio_write_all", header: "bearssl_ssl.h".}
proc sslioFlush*(cc: var SslioContext): cint {.importcFunc, importc: "br_sslio_flush",
header: "bearssl_ssl.h".}
proc sslioClose*(cc: var SslioContext): cint {.importcFunc, importc: "br_sslio_close",
header: "bearssl_ssl.h".}
const
TLS_NULL_WITH_NULL_NULL* = 0x0000
TLS_RSA_WITH_NULL_MD5* = 0x0001
TLS_RSA_WITH_NULL_SHA* = 0x0002
TLS_RSA_WITH_NULL_SHA256* = 0x003B
TLS_RSA_WITH_RC4_128_MD5* = 0x0004
TLS_RSA_WITH_RC4_128_SHA* = 0x0005
TLS_RSA_WITH_3DES_EDE_CBC_SHA* = 0x000A
TLS_RSA_WITH_AES_128_CBC_SHA* = 0x002F
TLS_RSA_WITH_AES_256_CBC_SHA* = 0x0035
TLS_RSA_WITH_AES_128_CBC_SHA256* = 0x003C
TLS_RSA_WITH_AES_256_CBC_SHA256* = 0x003D
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA* = 0x000D
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA* = 0x0010
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA* = 0x0013
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA* = 0x0016
TLS_DH_DSS_WITH_AES_128_CBC_SHA* = 0x0030
TLS_DH_RSA_WITH_AES_128_CBC_SHA* = 0x0031
TLS_DHE_DSS_WITH_AES_128_CBC_SHA* = 0x0032
TLS_DHE_RSA_WITH_AES_128_CBC_SHA* = 0x0033
TLS_DH_DSS_WITH_AES_256_CBC_SHA* = 0x0036
TLS_DH_RSA_WITH_AES_256_CBC_SHA* = 0x0037
TLS_DHE_DSS_WITH_AES_256_CBC_SHA* = 0x0038
TLS_DHE_RSA_WITH_AES_256_CBC_SHA* = 0x0039
TLS_DH_DSS_WITH_AES_128_CBC_SHA256* = 0x003E
TLS_DH_RSA_WITH_AES_128_CBC_SHA256* = 0x003F
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256* = 0x0040
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256* = 0x0067
TLS_DH_DSS_WITH_AES_256_CBC_SHA256* = 0x0068
TLS_DH_RSA_WITH_AES_256_CBC_SHA256* = 0x0069
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256* = 0x006A
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256* = 0x006B
TLS_DH_anonWITH_RC4128MD5* = 0x0018
TLS_DH_anonWITH_3DES_EDE_CBC_SHA* = 0x001B
TLS_DH_anonWITH_AES_128CBC_SHA* = 0x0034
TLS_DH_anonWITH_AES_256CBC_SHA* = 0x003A
TLS_DH_anonWITH_AES_128CBC_SHA256* = 0x006C
TLS_DH_anonWITH_AES_256CBC_SHA256* = 0x006D
const
TLS_ECDH_ECDSA_WITH_NULL_SHA* = 0xC001
TLS_ECDH_ECDSA_WITH_RC4_128_SHA* = 0xC002
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA* = 0xC003
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA* = 0xC004
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA* = 0xC005
TLS_ECDHE_ECDSA_WITH_NULL_SHA* = 0xC006
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA* = 0xC007
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA* = 0xC008
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA* = 0xC009
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA* = 0xC00A
TLS_ECDH_RSA_WITH_NULL_SHA* = 0xC00B
TLS_ECDH_RSA_WITH_RC4_128_SHA* = 0xC00C
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA* = 0xC00D
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA* = 0xC00E
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA* = 0xC00F
TLS_ECDHE_RSA_WITH_NULL_SHA* = 0xC010
TLS_ECDHE_RSA_WITH_RC4_128_SHA* = 0xC011
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA* = 0xC012
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA* = 0xC013
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA* = 0xC014
TLS_ECDH_anonWITH_NULL_SHA* = 0xC015
TLS_ECDH_anonWITH_RC4128SHA* = 0xC016
TLS_ECDH_anonWITH_3DES_EDE_CBC_SHA* = 0xC017
TLS_ECDH_anonWITH_AES_128CBC_SHA* = 0xC018
TLS_ECDH_anonWITH_AES_256CBC_SHA* = 0xC019
const
TLS_RSA_WITH_AES_128_GCM_SHA256* = 0x009C
TLS_RSA_WITH_AES_256_GCM_SHA384* = 0x009D
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256* = 0x009E
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384* = 0x009F
TLS_DH_RSA_WITH_AES_128_GCM_SHA256* = 0x00A0
TLS_DH_RSA_WITH_AES_256_GCM_SHA384* = 0x00A1
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256* = 0x00A2
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384* = 0x00A3
TLS_DH_DSS_WITH_AES_128_GCM_SHA256* = 0x00A4
TLS_DH_DSS_WITH_AES_256_GCM_SHA384* = 0x00A5
TLS_DH_anonWITH_AES_128GCM_SHA256* = 0x00A6
TLS_DH_anonWITH_AES_256GCM_SHA384* = 0x00A7
const
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256* = 0xC023
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384* = 0xC024
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256* = 0xC025
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384* = 0xC026
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256* = 0xC027
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384* = 0xC028
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256* = 0xC029
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384* = 0xC02A
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256* = 0xC02B
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384* = 0xC02C
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256* = 0xC02D
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384* = 0xC02E
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256* = 0xC02F
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384* = 0xC030
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256* = 0xC031
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384* = 0xC032
const
TLS_RSA_WITH_AES_128_CCM* = 0xC09C
TLS_RSA_WITH_AES_256_CCM* = 0xC09D
TLS_RSA_WITH_AES_128_CCM_8* = 0xC0A0
TLS_RSA_WITH_AES_256_CCM_8* = 0xC0A1
TLS_ECDHE_ECDSA_WITH_AES_128_CCM* = 0xC0AC
TLS_ECDHE_ECDSA_WITH_AES_256_CCM* = 0xC0AD
TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8* = 0xC0AE
TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8* = 0xC0AF
const
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256* = 0xCCA8
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256* = 0xCCA9
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256* = 0xCCAA
TLS_PSK_WITH_CHACHA20_POLY1305_SHA256* = 0xCCAB
TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256* = 0xCCAC
TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256* = 0xCCAD
TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256* = 0xCCAE
const
TLS_FALLBACK_SCSV* = 0x5600
const
ALERT_CLOSE_NOTIFY* = 0
ALERT_UNEXPECTED_MESSAGE* = 10
ALERT_BAD_RECORD_MAC* = 20
ALERT_RECORD_OVERFLOW* = 22
ALERT_DECOMPRESSION_FAILURE* = 30
ALERT_HANDSHAKE_FAILURE* = 40
ALERT_BAD_CERTIFICATE* = 42
ALERT_UNSUPPORTED_CERTIFICATE* = 43
ALERT_CERTIFICATE_REVOKED* = 44
ALERT_CERTIFICATE_EXPIRED* = 45
ALERT_CERTIFICATE_UNKNOWN* = 46
ALERT_ILLEGAL_PARAMETER* = 47
ALERT_UNKNOWN_CA* = 48
ALERT_ACCESS_DENIED* = 49
ALERT_DECODE_ERROR* = 50
ALERT_DECRYPT_ERROR* = 51
ALERT_PROTOCOL_VERSION* = 70
ALERT_INSUFFICIENT_SECURITY* = 71
ALERT_INTERNAL_ERROR* = 80
ALERT_USER_CANCELED* = 90
ALERT_NO_RENEGOTIATION* = 100
ALERT_UNSUPPORTED_EXTENSION* = 110
ALERT_NO_APPLICATION_PROTOCOL* = 120
Reference in New Issue View Git Blame Copy Permalink