Module Netsys_tls

module Netsys_tls: sig .. end

User-level TLS API


The following functions are a very thin layer on top of Netsys_crypto_types.TLS_PROVIDER. The provider is passed here as first-class value together with the configuration and with the endpoint (socket). In particular, we have

module type FILE_TLS_ENDPOINT =
  sig
    module TLS : TLS_PROVIDER
    val endpoint : TLS.endpoint
    val rd_file : Unix.file_descr
    val wr_file : Unix.file_descr
  end
    

(see Netsys_crypto_types). In many cases, you can consider the packed modules as opaque values. Sometimes, however, it is useful to call functions of the provider directly. You can do this as follows, demonstrated by calling the provider function get_peer_crt_list for endpoint:

let module Endpoint =
  (val endpoint : Netsys_crypto_types.FILE_TLS_ENDPOINT) in
let certificates =
  Endpoint.TLS.get_peer_crt_list Endpoint.endpoint
    

If you do this, be aware that the inner types of the provider are meaningless outside, and you get a compiler error "type ... would escape its scope" if you try to export such typed values. Exceptions thrown by the provider should be caught and translated to Error with Netsys_tls.translate_exn.

type dh_params = [ `Generate of int | `PKCS3_DER of string | `PKCS3_PEM_file of string ] 

Diffie-Hellman parameters:

type crt_list = [ `DER of string list | `PEM_file of string ] 

Certificates are given either as:

See also Credentials.tls.

type crl_list = [ `DER of string list | `PEM_file of string ] 

Certificate revocation lists are given either as:

See also Credentials.tls.

type private_key = [ `DSA of string
| `EC of string
| `PEM_file of string
| `PKCS8 of string
| `PKCS8_encrypted of string
| `RSA of string ]

Private keys are given either as:

See also Credentials.tls.

val error_message : (module Netsys_crypto_types.TLS_PROVIDER) -> string -> string

Returns the message for humans (display, log files etc.) when called with an error or warning symbol.

val create_x509_config : ?algorithms:string ->
?dh_params:dh_params ->
?verify:((module Netsys_crypto_types.TLS_ENDPOINT) -> bool -> bool -> bool) ->
?system_trust:bool ->
?trust:crt_list list ->
?revoke:crl_list list ->
?keys:(crt_list * private_key * string option) list ->
peer_auth:[ `None | `Optional | `Required ] ->
(module Netsys_crypto_types.TLS_PROVIDER) ->
(module Netsys_crypto_types.TLS_CONFIG)

The configuration includes:

A configuration is read-only once created, and can be used for several endpoints. In particular, it does not cache TLS sessions.

A client should set trust to the list of CAs it can accept on the server side. It is not required to specify a key.

A server must specify a key (but can also specify several keys). If a server requests authentication from the client, it must also set trust.

The keys must include the full certificate path cert_path, starting with the endpoint certificate, followed by all middle certificates, and ending with the certificate of the CA. The private_key is the key of the endpoint. If it is password-encrypted, the password must be given.

val create_file_endpoint : ?resume:string ->
role:[ `Client | `Server ] ->
rd:Unix.file_descr ->
wr:Unix.file_descr ->
peer_name:string option ->
(module Netsys_crypto_types.TLS_CONFIG) ->
(module Netsys_crypto_types.FILE_TLS_ENDPOINT)

create_file_endpoint ~role ~rd ~wr ~peer_name tls_config: Creates a new TLS endpoint (encapsulated as module, together with the provider) for the case that the data flows over file descriptors. rd is used for reading data, and wr for writing (of course, both descriptors may be identical).

peer_name is the expected common name or DNS name of the peer. peer_name has an option type as it is not always required to pass it. However, keep in mind that clients normally authenticate servers (peer_auth=`Required). In order to do so, they need to check whether the name in the server certificate equals the DNS name of the service they are connected to. This check is done by comparing peer_name with the name in the certificate.

peer_name is also used for the SNI extension.

Servers normally need not to set peer_name. You can also omit it when there is no name-driven authentication at all.

resume: The endpoint resumes an old session whose data are passed here. This is only possible for client endpoints.

val endpoint : (module Netsys_crypto_types.FILE_TLS_ENDPOINT) ->
(module Netsys_crypto_types.TLS_ENDPOINT)

Coercion

val handshake : (module Netsys_crypto_types.TLS_ENDPOINT) -> unit

Procedes the TLS protocol until payload data can be exchanged. This includes the initial handshake (if not yet done), and the verification.

val recv : ?on_rehandshake:((module Netsys_crypto_types.TLS_ENDPOINT) -> bool) ->
(module Netsys_crypto_types.TLS_ENDPOINT) ->
Stdlib.Bytes.t -> int -> int -> int

recv endpoint buffer pos len: Receives data from endpoint, and puts the received bytes into buffer at byte position pos. At most len bytes can be received. Returns the actually received number of bytes.

If the TLS protocol is not yet at the stage where data can be received, the protocol is proceeded until this point (i.e. handshake is "included"). Also, renegotiation alerts are interpreted. Both phenomenons can cause that data needs to be written first.

on_rehandshake: returns whether renegotiations are allowed. Defaults to true. Also, this function is guaranteed to be called when a renegotiation request arrives. In this case, recv will raise an exception such as Netsys_types.EAGAIN_RD or Netsys_types.EAGAIN_WR, but never return normally.

If interrupted the function can be safely invoked again.

May raise Netsys_types.EAGAIN_RD, Netsys_types.EAGAIN_WR, Unix_error(EINTR,_,_), and Error.

val mem_recv : ?on_rehandshake:((module Netsys_crypto_types.TLS_ENDPOINT) -> bool) ->
(module Netsys_crypto_types.TLS_ENDPOINT) ->
Netsys_types.memory -> int -> int -> int

Same for a memory-backed buffer

val send : (module Netsys_crypto_types.TLS_ENDPOINT) ->
Stdlib.Bytes.t -> int -> int -> int

send endpoint buffer pos len: Sends data via endpoint, and takes the emitted bytes from buffer at byte position pos. At most len bytes can be sent. Returns the actually sent number of bytes.

If the TLS protocol is not yet at the stage where data can be received, the protocol is proceeded until this point (i.e. handshake is "included"). Also, renegotiation alerts are interpreted. Both phenomenons can cause that data needs to be received as well as sent.

If interrupted the function can be safely invoked again.

May raise Netsys_types.EAGAIN_RD, Netsys_types.EAGAIN_WR, Unix_error(EINTR,_,_), and Error.

val mem_send : (module Netsys_crypto_types.TLS_ENDPOINT) ->
Netsys_types.memory -> int -> int -> int

Same for a memory-backed buffer

val str_send : (module Netsys_crypto_types.TLS_ENDPOINT) -> string -> int -> int -> int

Same for immutable string

val shutdown : (module Netsys_crypto_types.TLS_ENDPOINT) -> Unix.shutdown_command -> unit

Ends the TLS encapsulation of data:

The mode SHUTDOWN_RECEIVE is unsupported and silently ignored.

The function does not shut down or close the underlying file descriptors.

If interrupted the function can be safely invoked again.

May raise Netsys_types.EAGAIN_RD, Netsys_types.EAGAIN_WR, Unix_error(EINTR,_,_), and Error.

val at_transport_eof : (module Netsys_crypto_types.TLS_ENDPOINT) -> bool

Whether the underlying transport channel has seen the end of input. Use this after recv or mem_recv returned 0 to check whether only the TLS enf-of-input message has been read, or the underlying channel (usually the file descriptor) has indicated EOF.

module Debug: sig .. end