Samsung Internal API reference  2.0
Data Structures | Typedefs | Enumerations | Variables
tee_tlssocket.h File Reference

GP iSockets TLS API (GPD_SPE_103) More...

Go to the source code of this file.

Data Structures

struct  TEE_tlsSocket_PSK_Info_s
 Pre-Shared Key (PSK). When PSK is used, the TA needs to provide the key and a key identity to the TLS implementation. This structure holds that information Not supported. More...
 
struct  TEE_tlsSocket_SRP_Info_s
 Secure Remote Password (SRP). When SRP is used, the TA needs to provide the password and the user identity to the TLS implementation. This structure holds that information. Not supported. More...
 
struct  TEE_tlsSocket_ClientPDC_s
 This structure holds the opaque client certificate for the TA as well as the corresponding private key. This is used to provide pre-installed certificates for the TA authentication on Server. More...
 
struct  TEE_tlsSocket_ServerPDC_s
 If the server Root public key has been pre-distributed to the TA, this structure holds the TEE_ObjectHandle to that key. If desirable, Server Root credentials could be provided as bulkCertChain - this is GP specs extension. publicKey is used by default. More...
 
struct  TEE_tlsSocket_CertStorageCred_s
 Void type for future usage. Applications SHALL pass a NULL pointer. The intention is to have this structure hold handles or references to either trusted root certificates or a proper client certificate inside a future certificate storage of the TEE. More...
 
struct  TEE_tlsSocket_Credentials_s
 Structure holding server and client credentials. More...
 
struct  TEE_tlsSocket_CallbackInfo_s
 Callback description structure. More...
 
struct  TEE_tlsSocket_Setup_s
 TLS Setup structure. More...
 
struct  TEE_tlsSocket_CB_Data_s
 IOCTL definitions. More...
 
union  TEE_tlsSocket_Credentials_s.__unnamed__
 
union  TEE_tlsSocket_Credentials_s.__unnamed__
 
union  TEE_tlsSocket_Setup_s.__unnamed__
 

Typedefs

typedef enum TEE_tlsSocket_tlsVersion_e TEE_tlsSocket_tlsVersion
 TLS protocol version to use.
 
typedef enum TEE_tlsSocket_CipherSuites_e TEE_tlsSocket_CipherSuites
 Cryptosuite ID definitions.
 
typedef struct TEE_tlsSocket_PSK_Info_s TEE_tlsSocket_PSK_Info
 Pre-Shared Key (PSK). When PSK is used, the TA needs to provide the key and a key identity to the TLS implementation. This structure holds that information Not supported.
 
typedef struct TEE_tlsSocket_SRP_Info_s TEE_tlsSocket_SRP_Info
 Secure Remote Password (SRP). When SRP is used, the TA needs to provide the password and the user identity to the TLS implementation. This structure holds that information. Not supported.
 
typedef struct TEE_tlsSocket_ClientPDC_s TEE_tlsSocket_ClientPDC
 This structure holds the opaque client certificate for the TA as well as the corresponding private key. This is used to provide pre-installed certificates for the TA authentication on Server.
 
typedef struct TEE_tlsSocket_ServerPDC_s TEE_tlsSocket_ServerPDC
 If the server Root public key has been pre-distributed to the TA, this structure holds the TEE_ObjectHandle to that key. If desirable, Server Root credentials could be provided as bulkCertChain - this is GP specs extension. publicKey is used by default.
 
typedef struct TEE_tlsSocket_CertStorageCred_s TEE_tlsSocket_CertStorageCred
 Void type for future usage. Applications SHALL pass a NULL pointer. The intention is to have this structure hold handles or references to either trusted root certificates or a proper client certificate inside a future certificate storage of the TEE.
 
typedef enum TEE_tlsSocket_ClientCredentialType_e TEE_tlsSocket_ClientCredentialType
 This specifies what kind of client credentials the TA has.
 
typedef enum TEE_tlsSocket_ServerCredentialType_e TEE_tlsSocket_ServerCredentialType
 This specifies what kind of server credentials a remote node has.
 
typedef struct TEE_tlsSocket_Credentials_s TEE_tlsSocket_Credentials
 Structure holding server and client credentials.
 
typedef enum TEE_tlsSocket_CallbackReasonType_e TEE_tlsSocket_CallbackReasonType
 Callback types.
 
typedef struct TEE_tlsSocket_CallbackInfo_s TEE_tlsSocket_CallbackInfo
 Callback description structure.
 
typedef TEE_Result(* TEE_tlsCallback) (TEE_iSocketHandle ctx, TEE_tlsSocket_CallbackInfo *cbInfo, void *cbData, uint32_t *cbDataLength)
 Callback function. This is specification extension. Used to allow client perform custom checks of certificate chain, OCSP response. etc. cbData buffer is valid only in the callback context.
 
typedef enum TEE_tlsSocket_StatusRequestType_e TEE_tlsSocket_StatusRequestType
 OCSP stapling certificate status request type.
 
typedef enum TEE_tlsSocket_ExtensionFlags_e TEE_tlsSocket_ExtensionFlags
 Certificate/OCSP validation mode and callback control flags.
 
typedef struct TEE_tlsSocket_Setup_s TEE_tlsSocket_Setup
 TLS Setup structure.
 
typedef struct TEE_tlsSocket_CB_Data_s TEE_tlsSocket_CB_Data
 IOCTL definitions. More...
 

Enumerations

enum  { TEE_ISOCKET_TLS_API_VERSION = 0x01030000 }
 TLS iSocket API version. Used to enshure API structures matching. More...
 
enum  { TEE_ISOCKET_PROTOCOLID_TLS = 0x67 }
 TLS Protocol identifier. More...
 
enum  {
  TEE_ISOCKET_TLS_ERROR_REJECTED_SUITE = 0xF1030001, TEE_ISOCKET_TLS_ERROR_VERSION = 0xF1030002, TEE_ISOCKET_TLS_ERROR_UNSUPPORTED_SUITE = 0xF1030003, TEE_ISOCKET_TLS_ERROR_HANDSHAKE = 0xF1030004,
  TEE_ISOCKET_TLS_ERROR_AUTHENTICATION = 0xF1030005, TEE_ISOCKET_TLS_ERROR_DATA = 0xF1030006
}
 TLS Instance specific errors. More...
 
enum  TEE_tlsSocket_tlsVersion_e { TEE_TLS_VERSION_ALL = 0, TEE_TLS_VERSION_1v2 = 1 }
 TLS protocol version to use. More...
 
enum  TEE_tlsSocket_CipherSuites_e {
  TLS_NULL_WITH_NULL_NULL = 0x0000, TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A, TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013, TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016,
  TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F, TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032, TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033, TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035,
  TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038, TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039, TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C, TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D,
  TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B,
  TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B, TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C, TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D, TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F,
  TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090, TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091, TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093, TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094,
  TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095, TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C, TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E,
  TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3, TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8,
  TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9, TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA, TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB, TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC,
  TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD, TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE, TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF, TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2,
  TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3, TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6, TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008,
  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013,
  TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014, TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A, TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B, TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C,
  TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D, TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E, TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F, TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020,
  TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021, TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024,
  TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C,
  TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030, TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034, TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035,
  TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036, TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037, TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038, TLS_RSA_WITH_AES_128_CCM = 0xC09C,
  TLS_RSA_WITH_AES_256_CCM = 0xC09D, TLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E, TLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F, TLS_PSK_WITH_AES_128_CCM = 0xC0A4,
  TLS_PSK_WITH_AES_256_CCM = 0xC0A5, TLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6, TLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7
}
 Cryptosuite ID definitions.
 
enum  TEE_tlsSocket_ClientCredentialType_e { TEE_TLS_CLIENT_CRED_NONE = 0, TEE_TLS_CLIENT_CRED_PDC = 1, TEE_TLS_CLIENT_CRED_CSC = 2 }
 This specifies what kind of client credentials the TA has. More...
 
enum  TEE_tlsSocket_ServerCredentialType_e { TEE_TLS_SERVER_CRED_PDC = 0, TEE_TLS_SERVER_CRED_CSC = 1 }
 This specifies what kind of server credentials a remote node has. More...
 
enum  TEE_tlsSocket_CallbackReasonType_e {
  TEE_ISOCKET_TLS_CB_CHECK_CERT_CHAIN = 1, TEE_ISOCKET_TLS_CB_BAD_CERT_CHAIN = 2, TEE_ISOCKET_TLS_CB_CHECK_OCSP_STATUS = 11, TEE_ISOCKET_TLS_CB_UNKNOWN_OCSP_STATUS = 12,
  TEE_ISOCKET_TLS_CB_REVOKED_OCSP_STATUS = 13
}
 Callback types. More...
 
enum  TEE_tlsSocket_StatusRequestType_e { TEE_ISOCKET_TLS_OCSP_STATUS_REQUEST_NO = 0, TEE_ISOCKET_TLS_OCSP_STATUS_REQUEST = 1 }
 OCSP stapling certificate status request type. More...
 
enum  TEE_tlsSocket_ExtensionFlags_e {
  TEE_ISOCKET_TLS_CERT_NAME_CHECK_CLIENT = 0x00000001, TEE_ISOCKET_TLS_CERT_KEYUSAGE_CHECK_CLIENT = 0x00000002, TEE_ISOCKET_TLS_CERT_NOTIFY_CLIENT = 0x00000004, TEE_ISOCKET_TLS_OCSP_CHECK_CLIENT = 0x00010000,
  TEE_ISOCKET_TLS_OCSP_CHECK_ADVISORY = 0x00020000, TEE_ISOCKET_TLS_OCSP_CHECK_MANDATORY = 0x00040000
}
 Certificate/OCSP validation mode and callback control flags. More...
 
enum  { TEE_ISOCKET_TLS_MAX_ALPN_LIST_LENGTH = 16 }
 
enum  { TEE_TLS_BINDING_INFO = 0x67000001 }
 IOCTL codes.
 

Variables

const TEE_iSocket *const TEE_tlsSocket
 Public TLS instance pointer.
 

Detailed Description

GP iSockets TLS API (GPD_SPE_103)

Copyright
(C) 2012-2019, Samsung Electronics Co., Ltd.