BearSSL
Data Fields
br_sslrec_in_class Struct Reference

Decryption engine for SSL. More...

Data Fields

size_t context_size
 Context size (in bytes). More...
 
int(* check_length )(const br_sslrec_in_class *const *ctx, size_t record_len)
 Test validity of the incoming record length. More...
 
unsigned char *(* decrypt )(const br_sslrec_in_class **ctx, int record_type, unsigned version, void *payload, size_t *len)
 Decrypt the incoming record. More...
 

Detailed Description

Decryption engine for SSL.

When processing incoming records, the SSL engine will use a decryption engine that uses a specific context structure, and has a set of methods (a vtable) that follows this template.

The decryption engine is responsible for applying decryption, verifying MAC, and keeping track of the record sequence number.

Field Documentation

◆ check_length

int(* br_sslrec_in_class::check_length) (const br_sslrec_in_class *const *ctx, size_t record_len)

Test validity of the incoming record length.

This function returns 1 if the announced length for an incoming record is valid, 0 otherwise,

Parameters
ctxdecryption engine context.
record_lenincoming record length.
Returns
1 of a valid length, 0 otherwise.

◆ context_size

size_t br_sslrec_in_class::context_size

Context size (in bytes).

◆ decrypt

unsigned char*(* br_sslrec_in_class::decrypt) (const br_sslrec_in_class **ctx, int record_type, unsigned version, void *payload, size_t *len)

Decrypt the incoming record.

This function may assume that the record length is valid (it has been previously tested with check_length()). Decryption is done in place; *len is updated with the cleartext length, and the address of the first plaintext byte is returned. If the record is correct but empty, then *len is set to 0 and a non-NULL pointer is returned.

On decryption/MAC error, NULL is returned.

Parameters
ctxdecryption engine context.
record_typerecord type (23 for application data, etc).
versionrecord version.
payloadaddress of encrypted payload.
lenpointer to payload length (updated).
Returns
pointer to plaintext, or NULL on error.

The documentation for this struct was generated from the following file: