285 lines
12 KiB
Nim
285 lines
12 KiB
Nim
const PTLS_MAX_DIGEST_SIZE* = 64
|
|
const PTLS_ALERT_BAD_CERTIFICATE* = 42
|
|
const PTLS_ALERT_UNKNOWN_CA* = 48
|
|
|
|
type
|
|
List*[T] = object
|
|
list*: ptr T
|
|
count*: csize_t
|
|
|
|
ptls_cipher_algorithm_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
name*: cstring
|
|
key_size*: csize_t
|
|
block_size*: csize_t
|
|
iv_size*: csize_t
|
|
context_size*: csize_t
|
|
setup_crypto*: proc(ctx: ptr ptls_cipher_context_t, is_enc: cint,
|
|
key: pointer): cint {.cdecl.}
|
|
|
|
ptls_aead_algorithm_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
name*: cstring
|
|
confidentiality_limit*: uint64
|
|
integrity_limit*: uint64
|
|
ctr_cipher*: ptr ptls_cipher_algorithm_t
|
|
ecb_cipher*: ptr ptls_cipher_algorithm_t
|
|
key_size*: csize_t
|
|
iv_size*: csize_t
|
|
tag_size*: csize_t
|
|
context_size*: csize_t
|
|
setup_crypto*: proc(ctx: ptr ptls_aead_context_t, is_enc: cint,
|
|
key: pointer, iv: pointer): cint {.cdecl.}
|
|
|
|
ptls_hash_final_mode_t* {.importc, header: "picotls.h", bycopy.} = enum
|
|
PTLS_HASH_FINAL_MODE_FREE = 0,
|
|
PTLS_HASH_FINAL_MODE_RESET = 1,
|
|
PTLS_HASH_FINAL_MODE_SNAPSHOT = 2
|
|
|
|
ptls_hash_context_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
update*: proc(ctx: ptr ptls_hash_context_t, src: pointer, len: csize_t)
|
|
{.cdecl.}
|
|
final*: proc(ctx: ptr ptls_hash_context_t, md: pointer,
|
|
mode: ptls_hash_final_mode_t) {.cdecl.}
|
|
clone*: proc(src: ptr ptls_hash_context_t): ptr ptls_hash_context_t
|
|
{.cdecl.}
|
|
|
|
ptls_hash_algorithm_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
block_size*: csize_t
|
|
digest_size*: csize_t
|
|
create*: proc(): ptr ptls_hash_context_t {.cdecl.}
|
|
empty_digest*: array[PTLS_MAX_DIGEST_SIZE, uint8]
|
|
|
|
ptls_cipher_suite_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
id*: uint16
|
|
aead*: ptr ptls_aead_algorithm_t
|
|
hash*: ptr ptls_hash_algorithm_t
|
|
|
|
CipherSuiteListElem* = object
|
|
cipher_suite*: ptr ptls_cipher_suite_t
|
|
record_digest*: array[PTLS_MAX_DIGEST_SIZE, uint8]
|
|
|
|
VerifySignCb* = proc(verify_ctx: pointer, data: ptls_iovec_t,
|
|
sign: ptls_iovec_t): cint {.cdecl.}
|
|
|
|
ptls_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
|
|
ptls_key_exchange_algorithm_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
id*: uint16
|
|
create*: proc(algo: ptr ptls_key_exchange_algorithm_t,
|
|
ctx: ptr ptr ptls_key_exchange_context_t): cint {.cdecl.}
|
|
exchange*: proc(algo: ptr ptls_key_exchange_algorithm_t,
|
|
pubkey: ptr ptls_iovec_t, secret: ptr ptls_iovec_t): cint
|
|
{.cdecl.}
|
|
data*: pointer
|
|
|
|
ptls_key_exchange_context_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
algo*: ptr ptls_key_exchange_algorithm_t
|
|
pubkey*: ptls_iovec_t
|
|
on_exchange*: proc(keyex: ptr ptr ptls_key_exchange_context_t, release: cint,
|
|
secret: ptr ptls_iovec_t, peerkey: ptls_iovec_t): cint
|
|
{.cdecl.}
|
|
|
|
ptls_esni_context_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
key_exchanges*: ptr ptr ptls_key_exchange_context_t
|
|
cipher_suites*: ptr CipherSuiteListElem
|
|
padded_length*: uint16
|
|
not_before*: uint64
|
|
not_after*: uint64
|
|
version*: uint16
|
|
|
|
ptls_iovec_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
base*: ptr uint8
|
|
len*: csize_t
|
|
|
|
ptls_on_client_hello_parameters_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
server_name*: ptls_iovec_t
|
|
raw_message*: ptls_iovec_t
|
|
negotiated_protocols*: List[ptls_iovec_t]
|
|
signature_algorithms*: List[uint16]
|
|
certificate_compression_algorithms*: List[uint16]
|
|
cipher_suites*: List[uint16]
|
|
esni* {.bitsize: 1.}: cuint
|
|
incompatible_version* {.bitsize: 1.}: cuint
|
|
|
|
ptls_traffic_protection_t* {.importc, header: "picotls.h", incompleteStruct.} = object
|
|
|
|
ptls_message_emitter_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
buf*: ptr ptls_buffer_t
|
|
enc*: ptr ptls_traffic_protection_t
|
|
record_header_length*: csize_t
|
|
begin_message*: proc (self: ptr ptls_message_emitter_t): cint {.cdecl.}
|
|
commit_message*: proc (self: ptr ptls_message_emitter_t): cint {.cdecl.}
|
|
|
|
ptls_key_schedule_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
|
|
ptls_buffer_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
base*: uint8
|
|
capacity*: csize_t
|
|
off*: csize_t
|
|
is_allocated*: cint
|
|
|
|
ptls_get_time_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_get_time_t): uint64 {.cdecl.}
|
|
|
|
ptls_on_client_hello_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_on_client_hello_t, tls: ptr ptls_t,
|
|
params: ptr ptls_on_client_hello_parameters_t): cint {.cdecl.}
|
|
|
|
ptls_emit_certificate_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_emit_certificate_t, tls: ptr ptls_t,
|
|
emitter: ptr ptls_message_emitter_t,
|
|
key_sched: ptr ptls_key_schedule_t, context: ptls_iovec_t,
|
|
push_status_request: cint, compress_algos: uint16,
|
|
num_compress_algos: csize_t): cint {.cdecl.}
|
|
|
|
ptls_sign_certificate_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_sign_certificate_t, tls: ptr ptls_t,
|
|
selected_algorithm: uint16, output: ptr ptls_buffer_t,
|
|
input: ptls_iovec_t, algorithms: uint16,
|
|
num_algorithms: csize_t): cint {.cdecl.}
|
|
|
|
ptls_verify_certificate_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_verify_certificate_t, tls: ptr ptls_t,
|
|
verify_sign: ptr VerifySignCb, verify_data: ptr pointer,
|
|
certs: ptr ptls_iovec_t, numCerts: csize_t): cint {.cdecl.}
|
|
|
|
ptls_encrypt_ticket_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_encrypt_ticket_t, tls: ptr ptls_t, is_encrypt: cint,
|
|
dst: ptr ptls_buffer_t, src: ptls_iovec_t): cint {.cdecl.}
|
|
|
|
ptls_save_ticket_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_save_ticket_t, tls: ptr ptls_t,
|
|
input: ptls_iovec_t): cint {.cdecl.}
|
|
|
|
ptls_log_event_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_log_event_t, tls: ptr ptls_t, `type`: cstring,
|
|
fmt: cstring) {.cdecl, varargs.}
|
|
|
|
ptls_update_open_count_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_update_open_count_t, delta: BiggestInt) {.cdecl.}
|
|
|
|
ptls_update_traffic_key_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_update_traffic_key_t, tls: ptr ptls_t, is_enc: cint,
|
|
epoch: csize_t, secret: pointer): cint {.cdecl.}
|
|
|
|
ptls_decompress_certificate_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
supported_algorithms*: uint16
|
|
cb*: proc(self: ptr ptls_decompress_certificate_t, tls: ptr ptls_t,
|
|
algorithm: uint16, output: ptls_iovec_t, input: ptls_iovec_t): cint
|
|
{.cdecl.}
|
|
|
|
ptls_update_esni_key_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_update_esni_key_t, tls: ptr ptls_t, secret: ptls_iovec_t,
|
|
hash: ptls_hash_algorithm_t, hashed_esni_contents: pointer): cint
|
|
{.cdecl.}
|
|
|
|
ptls_on_extension_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
cb*: proc(self: ptr ptls_on_extension_t, tls: ptr ptls_t, hstype: uint8,
|
|
exttype: uint16, extdata: ptls_iovec_t): cint {.cdecl.}
|
|
|
|
ptls_context_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
random_bytes*: proc (buf: pointer, len: csize_t) {.cdecl.}
|
|
get_time*: ptr ptls_get_time_t
|
|
key_exchanges*: ptr ptr ptls_key_exchange_algorithm_t
|
|
cipher_suites*: ptr ptr ptls_cipher_suite_t
|
|
certificates*: List[ptls_iovec_t]
|
|
esni*: ptr ptr ptls_esni_context_t
|
|
on_client_hello*: ptr ptls_on_client_hello_t
|
|
emit_certificate*: ptr ptls_emit_certificate_t
|
|
sign_certificate*: ptr ptls_sign_certificate_t
|
|
verify_certificate*: ptr ptls_verify_certificate_t
|
|
ticket_lifetime*: uint32
|
|
max_early_data_size*: uint32
|
|
max_buffer_size*: csize_t
|
|
hkdf_label_prefix_obsolete: cstring
|
|
require_dhe_on_psk* {.bitsize: 1.}: cuint
|
|
use_exporter* {.bitsize: 1.}: cuint
|
|
send_change_cipher_spec* {.bitsize: 1.}: cuint
|
|
require_client_authentication* {.bitsize: 1.}: cuint
|
|
omit_end_of_early_data* {.bitsize: 1.}: cuint
|
|
encrypt_ticket*: ptr ptls_encrypt_ticket_t
|
|
save_ticket*: ptr ptls_save_ticket_t
|
|
log_event*: ptr ptls_log_event_t
|
|
update_open_count*: ptr ptls_update_open_count_t
|
|
update_traffic_key*: ptr ptls_update_traffic_key_t
|
|
decompress_certificate*: ptr ptls_decompress_certificate_t
|
|
update_esni_key*: ptr ptls_update_esni_key_t
|
|
on_extension*: ptr ptls_on_extension_t
|
|
|
|
ptls_cipher_context_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
algo*: ptr ptls_cipher_algorithm_t
|
|
do_dispose*: proc(ctx: ptr ptls_cipher_context_t) {.cdecl.}
|
|
do_init*: proc(ctx: ptr ptls_cipher_context_t, iv: pointer) {.cdecl.}
|
|
do_transform*: proc(ctx: ptr ptls_cipher_context_t, output: pointer,
|
|
input: pointer, len: csize_t) {.cdecl.}
|
|
|
|
ptls_aead_supplementary_encryption_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
ctx*: ptr ptls_cipher_context_t
|
|
input*: pointer
|
|
output*: array[16, uint8]
|
|
|
|
ptls_aead_context_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
algo*: ptr ptls_aead_algorithm_t
|
|
dispose_crypto*: proc(ctx: ptr ptls_aead_context_t) {.cdecl.}
|
|
do_encrypt_init*: proc(ctx: ptr ptls_aead_context_t, seq: uint64,
|
|
aad: pointer, aadlen: csize_t) {.cdecl.}
|
|
do_encrypt_update*: proc(ctx: ptr ptls_aead_context_t, output: pointer,
|
|
input: pointer, inlen: csize_t): csize_t {.cdecl.}
|
|
do_encrypt_final*: proc(ctx: ptr ptls_aead_context_t, output: pointer):
|
|
csize_t {.cdecl.}
|
|
do_encrypt*: proc(ctx: ptr ptls_aead_context_t, output: pointer,
|
|
input: pointer, inlen: csize_t, seq: uint64, aad: pointer,
|
|
aadlen: csize_t,
|
|
supp: ptr ptls_aead_supplementary_encryption_t) {.cdecl.}
|
|
|
|
ClientProperties* {.importc, header: "picotls.h", bycopy.} = object
|
|
negotiated_protocols*: List[ptls_iovec_t]
|
|
session_ticket*: ptls_iovec_t
|
|
max_early_data_size*: ptr csize_t
|
|
early_data_acceptance*: ptls_early_data_acceptance_t
|
|
negotiate_before_key_exchange* {.bitsize: 1.}: cuint
|
|
esni_keys*: ptls_iovec_t
|
|
|
|
PskBinder* {.importc, header: "picotls.h", bycopy.} = object
|
|
base*: array[64, uint8]
|
|
len*: csize_t
|
|
|
|
Cookie* {.importc, header: "picotls.h", bycopy.} = object
|
|
key*: pointer
|
|
additional_data*: ptls_iovec_t
|
|
|
|
ServerProperties* {.importc, header: "picotls.h", bycopy.} = object
|
|
selected_psk_binder*: PskBinder
|
|
cookie*: Cookie
|
|
enforce_retry* {.bitsize: 1.}: cuint
|
|
retry_uses_cookie* {.bitsize: 1.}: cuint
|
|
|
|
ClientOrServer* {.union, bycopy.} = object
|
|
client*: ClientProperties
|
|
server*: ServerProperties
|
|
|
|
ptls_raw_extension_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
`type`*: uint16
|
|
data*: ptls_iovec_t
|
|
|
|
ptls_early_data_acceptance_t* {.importc, header: "picotls.h", bycopy.} = enum
|
|
PTLS_EARLY_DATA_ACCEPTANCE_UNKNOWN = 0,
|
|
PTLS_EARLY_DATA_REJECTED,
|
|
PTLS_EARLY_DATA_ACCEPTED
|
|
|
|
ptls_handshake_properties_t* {.importc, header: "picotls.h", bycopy.} = object
|
|
properties*: ClientOrServer
|
|
additional_extensions*: ptr ptls_raw_extension_t
|
|
collect_extension*: proc (tls: ptr ptls_t;
|
|
properties: ptr ptls_handshake_properties_t;
|
|
`type`: uint16): cint {.cdecl.}
|
|
collected_extensions*: proc (tls: ptr ptls_t;
|
|
properties: ptr ptls_handshake_properties_t;
|
|
extensions: ptr ptls_raw_extension_t): cint {.cdecl.}
|
|
|
|
var ptls_get_time* {.importc, header: "picotls.h".}: ptls_get_time_t
|
|
|
|
proc ptls_iovec_init*(p: pointer, len: csize_t): ptls_iovec_t {.importc, header: "picotls.h", cdecl.}
|
|
|
|
proc ptls_load_certificates*(ctx: ptr ptls_context_t, cert_pem_file: cstring):
|
|
cint {.importc, header: "picotls.h", cdecl.}
|