|
BearSSL
|
Encryption engine for SSL. More...
#include <bearssl_ssl.h>
Data Fields | |
| size_t | context_size |
| Context size (in bytes). More... | |
| void(* | max_plaintext )(const br_sslrec_out_class *const *ctx, size_t *start, size_t *end) |
| Compute maximum plaintext sizes and offsets. More... | |
| unsigned char *(* | encrypt )(const br_sslrec_out_class **ctx, int record_type, unsigned version, void *plaintext, size_t *len) |
| Perform record encryption. More... | |
Encryption engine for SSL.
When building outgoing records, the SSL engine will use an encryption engine that uses a specific context structure, and has a set of methods (a vtable) that follows this template.
The encryption engine is responsible for applying encryption and MAC, and keeping track of the record sequence number.
| size_t br_sslrec_out_class::context_size |
Context size (in bytes).
| unsigned char *(* br_sslrec_out_class::encrypt) (const br_sslrec_out_class **ctx, int record_type, unsigned version, void *plaintext, size_t *len) |
Perform record encryption.
This function encrypts the record. The plaintext address and length are provided. Returned value is the start of the encrypted record (or sequence of records, if a split was performed), including the 5-byte header, and *len is adjusted to the total size of the record(s), there again including the header(s).
| ctx | decryption engine context. |
| record_type | record type (23 for application data, etc). |
| version | record version. |
| plaintext | address of plaintext. |
| len | pointer to plaintext length (updated). |
| void(* br_sslrec_out_class::max_plaintext) (const br_sslrec_out_class *const *ctx, size_t *start, size_t *end) |
Compute maximum plaintext sizes and offsets.
When this function is called, the *start and *end values contain offsets designating the free area in the outgoing buffer for plaintext data; that free area is preceded by a 5-byte space which will receive the record header.
The max_plaintext() function is responsible for adjusting both *start and *end to make room for any record-specific header, MAC, padding, and possible split.
| ctx | encryption engine context. |
| start | pointer to start of plaintext offset (updated). |
| end | pointer to start of plaintext offset (updated). |