Lines Matching full:handshake
4 In-Kernel TLS Handshake
15 does not handle the TLS handshake subprotocol which is used to establish
19 There are several possible ways to provide a handshake service in the
22 aware of how the handshake gets done.
25 User handshake agent
28 As of this writing, there is no TLS handshake implementation in the
29 Linux kernel. To provide a handshake service, a handshake agent
31 kernel consumer might require a TLS handshake. Handshake agents listen
32 for events sent from the kernel that indicate a handshake request is
35 An open socket is passed to a handshake agent via a netlink operation,
37 If the handshake completes successfully, the handshake agent promotes
39 SOL_TLS socket options. The handshake agent returns the socket to the
43 Kernel Handshake API
46 A kernel TLS consumer initiates a client-side TLS handshake on an open
67 while the handshake is in progress. The consumer must also have
71 @ta_done contains a callback function that is invoked when the handshake
72 has completed. Further explanation of this function is in the "Handshake
80 handshake agent to exit after a number of milliseconds. This enables the
81 socket to be fully closed once both the kernel and the handshake agent
85 keys, and pre-shared keys are provided to the handshake agent in keys
86 that are instantiated by the consumer before making the handshake
88 the handshake agent's process keyring in the @ta_keyring field to prevent
100 The function returns zero when the handshake request is under way. A
102 for this socket. The function returns a negative errno if the handshake
107 To initiate a client-side TLS handshake with a pre-shared key, use:
119 To initiate an anonymous client-side TLS handshake use:
125 The handshake agent presents no peer identity information to the remote
126 during this type of handshake. Only server authentication (ie the client
127 verifies the server's identity) is performed during the handshake. Thus
146 If the consumer needs to cancel the handshake request, say, due to a ^C
153 This function returns true if the handshake request associated with
154 @sock has been canceled. The consumer's handshake completion callback
159 Handshake Completion
162 When the handshake agent has completed processing, it notifies the
164 the consumer's handshake completion callback, provided in the @ta_done
177 thread waiting for the handshake to complete.
179 The success status of the handshake is returned via the @status
187 | -EACCESS | Remote peer rejected the handshake or |
204 handshake failed.
210 While a handshake is under way, the kernel consumer must alter the
212 Once the handshake completion callback function has been invoked, normal
221 (decrypted) application data, alerts, and handshake packets once the