ddn.net.tls.types

TLS protocol constants and types.

Defines content types, handshake types, alert codes, extension types, cipher suite identifiers, and other constants from RFC 5246 (TLS 1.2) and RFC 8446 (TLS 1.3).

var TLS13_DOWNGRADE_SENTINEL TLS_RECORD_HEADER_SIZE TLS_RECORD_MAX_SIZE

enum AlertDescription AlertLevel CipherSuiteId ContentType ExtensionType HandshakeType KeyUpdateRequest NamedGroup ProtocolVersion PskKeyExchangeMode ServerNameType SignatureScheme

fn isGcm

Types 12

enumContentType : ubyte

INVALID = 0

CHANGE_CIPHER_SPEC = 20

ALERT = 21

HANDSHAKE = 22

APPLICATION_DATA = 23

HEARTBEAT = 24

enumProtocolVersion : ushort

SSL_3_0 = 0x0300

TLS_1_0 = 0x0301

TLS_1_1 = 0x0302

TLS_1_2 = 0x0303

TLS_1_3 = 0x0304

enumHandshakeType : ubyte

HELLO_REQUEST = 0

CLIENT_HELLO = 1

SERVER_HELLO = 2

HELLO_VERIFY_REQUEST = 3

NEW_SESSION_TICKET = 4

END_OF_EARLY_DATA = 5

HELLO_RETRY_REQUEST = 6

ENCRYPTED_EXTENSIONS = 8

CERTIFICATE = 11

SERVER_KEY_EXCHANGE = 12

CERTIFICATE_REQUEST = 13

SERVER_HELLO_DONE = 14

CERTIFICATE_VERIFY = 15

CLIENT_KEY_EXCHANGE = 16

FINISHED = 20

CERTIFICATE_URL = 21

CERTIFICATE_STATUS = 22

KEY_UPDATE = 24

ACK = 0xFEDTLS 1.3 ACK message (RFC 9147 §5.4). Same value as MESSAGE_HASH (0xFE).

enumAlertLevel : ubyte

WARNING = 1

FATAL = 2

enumAlertDescription : ubyte

CLOSE_NOTIFY = 0

UNEXPECTED_MESSAGE = 10

BAD_RECORD_MAC = 20

DECRYPTION_FAILED = 21

RECORD_OVERFLOW = 22

DECOMPRESSION_FAILURE = 30

HANDSHAKE_FAILURE = 40

NO_CERTIFICATE = 41

BAD_CERTIFICATE = 42

UNSUPPORTED_CERTIFICATE = 43

CERTIFICATE_REVOKED = 44

CERTIFICATE_EXPIRED = 45

CERTIFICATE_UNKNOWN = 46

ILLEGAL_PARAMETER = 47

UNKNOWN_CA = 48

ACCESS_DENIED = 49

DECODE_ERROR = 50

DECRYPT_ERROR = 51

EXPORT_RESTRICTION = 60

PROTOCOL_VERSION = 70

INSUFFICIENT_SECURITY = 71

INTERNAL_ERROR = 80

INAPPROPRIATE_FALLBACK = 86

USER_CANCELED = 90

NO_RENEGOTIATION = 100

MISSING_EXTENSION = 109

UNSUPPORTED_EXTENSION = 110

CERTIFICATE_UNOBTAINABLE = 111

UNRECOGNIZED_NAME = 112

BAD_CERTIFICATE_STATUS_RESPONSE = 113

BAD_CERTIFICATE_HASH_VALUE = 114

UNKNOWN_PSK_IDENTITY = 115

CERTIFICATE_REQUIRED = 116

NO_APPLICATION_PROTOCOL = 120

enumExtensionType : ushort

SERVER_NAME = 0

MAX_FRAGMENT_LENGTH = 1

CLIENT_CERTIFICATE_URL = 2

TRUSTED_CA_KEYS = 3

TRUNCATED_HMAC = 4

STATUS_REQUEST = 5

USER_MAPPING = 6

CLIENT_AUTHZ = 7

SERVER_AUTHZ = 8

CERT_TYPE = 9

SUPPORTED_GROUPS = 10

EC_POINT_FORMATS = 11

SRP = 12

SIGNATURE_ALGORITHMS = 13

USE_SRTP = 14

HEARTBEAT = 15

APPLICATION_LAYER_PROTOCOL_NEGOTIATION = 16

STATUS_REQUEST_V2 = 17

SIGNED_CERTIFICATE_TIMESTAMP = 18

CLIENT_CERTIFICATE_TYPE = 19

SERVER_CERTIFICATE_TYPE = 20

PADDING = 21

ENCRYPT_THEN_MAC = 22

EXTENDED_MASTER_SECRET = 23

SESSION_TICKET = 35

PRE_SHARED_KEY = 41

EARLY_DATA = 42

SUPPORTED_VERSIONS = 43

COOKIE = 44

PSK_KEY_EXCHANGE_MODES = 45

CERTIFICATE_AUTHORITIES = 47

OID_FILTERS = 48

POST_HANDSHAKE_AUTH = 49

SIGNATURE_ALGORITHMS_CERT = 50

KEY_SHARE = 51

CONNECTION_ID = 54

enumNamedGroup : ushort

NONE = 0

SECP256R1 = 0x0017

SECP384R1 = 0x0018

SECP521R1 = 0x0019

X25519 = 0x001D

X448 = 0x001E

FFDHE2048 = 0x0100

FFDHE3072 = 0x0101

FFDHE4096 = 0x0102

FFDHE6144 = 0x0103

FFDHE8192 = 0x0104

enumSignatureScheme : ushort

RSA_PKCS1_SHA256 = 0x0401

RSA_PKCS1_SHA384 = 0x0501

RSA_PKCS1_SHA512 = 0x0601

ECDSA_SECP256R1_SHA256 = 0x0403

ECDSA_SECP384R1_SHA384 = 0x0503

ECDSA_SECP521R1_SHA512 = 0x0603

RSA_PSS_RSAE_SHA256 = 0x0804

RSA_PSS_RSAE_SHA384 = 0x0805

RSA_PSS_RSAE_SHA512 = 0x0806

ED25519 = 0x0807

ED448 = 0x0808

RSA_PSS_PSS_SHA256 = 0x0809

RSA_PSS_PSS_SHA384 = 0x080A

RSA_PSS_PSS_SHA512 = 0x080B

enumCipherSuiteId : ushort

TLS_AES_128_GCM_SHA256 = 0x1301

TLS_AES_256_GCM_SHA384 = 0x1302

TLS_CHACHA20_POLY1305_SHA256 = 0x1303

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030

TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9

TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F

TLS_ECDHE_ECDSA_WITH_AES_128_CCM = 0xC0AC

TLS_ECDHE_ECDSA_WITH_AES_256_CCM = 0xC0AD

TLS_ECDHE_RSA_WITH_AES_128_CCM = 0xC0AE

TLS_ECDHE_RSA_WITH_AES_256_CCM = 0xC0AF

enumPskKeyExchangeMode : ubyte

PSK_KE = 0

PSK_DHE_KE = 1

enumKeyUpdateRequest : ubyte

UPDATE_NOT_REQUESTED = 0

UPDATE_REQUESTED = 1

enumServerNameType : ubyte

HOST_NAME = 0

Functions 1

fnbool isGcm(CipherSuiteId id)

Variables 3

enumvarTLS_RECORD_MAX_SIZE = 16384

enumvarTLS_RECORD_HEADER_SIZE = 5

varubyte[8] TLS13_DOWNGRADE_SENTINEL