ExDTLS (ExDTLS v0.8.0) View Source
Module that allows performing DTLS handshake including DTLS-SRTP one.
ExDTLS
spawns CNode that uses OpenSSL functions to perform DTLS handshake.
It doesn't create or require any socket. Instead it returns generated DTLS packets which then have
to be transported to the peer.
Link to this section Summary
Types
Type describing data returned after successful handshake.
Type describing ExDTLS configuration.
Supported protection profiles.
Functions
Returns a specification to start this module under a supervisor.
Starts performing DTLS handshake.
Generates new certificate.
Gets current certificate.
Returns a digest of the DER representation of the X509 certificate.
Returns max retransmission timeout after which ExDTLS
will raise an error.
Gets current private key.
Processes peer's packets.
Works similarly to start_link/1
, but does not link to the current process.
Starts ExDTLS GenServer process linked to the current process.
Stops ExDTLS instance.
Link to this section Types
Specs
handshake_data_t() :: {local_keying_material :: binary(), remote_keying_material :: binary(), protection_profile :: protection_profile_t()}
Type describing data returned after successful handshake.
Both local and remote keying materials consist of master key
and master salt
.
Specs
Type describing ExDTLS configuration.
It's a keyword list containing the following keys:
client_mode
- true if ExDTLS module should work as a client or false if as a serverdtls_srtp
- true if DTLS-SRTP handshake should be performed or false if a normal onepkey
- private key to use in this SSL context. Must corespond tocert
.cert
- certificate to use in this SSL context. Must corespond topkey
.
pkey
and cert
are optional. If not provided ExDTLS
will generate them.
Specs
protection_profile_t() :: 1 | 2 | 7 | 8
Supported protection profiles.
For meaning of these values please refer to https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
Link to this section Functions
Returns a specification to start this module under a supervisor.
See Supervisor
.
Specs
Starts performing DTLS handshake.
Generates initial DTLS packets that have to be passed to the second host. Has to be called by a host working in the client mode.
Specs
Generates new certificate.
Returns DER representation in binary format.
Specs
Gets current certificate.
Returns DER representation in binary format.
Specs
Returns a digest of the DER representation of the X509 certificate.
Specs
get_max_retransmit_timeout() :: non_neg_integer()
Returns max retransmission timeout after which ExDTLS
will raise an error.
Timer starts at one second and is doubled each time ExDTLS
does not receive a response.
After reaching @max_retransmission_timeout
ExDTLS
will raise an error.
Specs
Gets current private key.
Returns key specific representation in binary format.
Specs
process(pid :: pid(), packets :: binary()) :: {:ok, packets :: binary()} | :handshake_want_read | {:handshake_packets, packets :: binary()} | {:handshake_finished, handshake_data_t(), packets :: binary()} | {:handshake_finished, handshake_data_t()} | {:connection_closed, reason :: atom()}
Processes peer's packets.
If handshake is finished it returns {:ok, binary()}
which is decoded data
or {:error, value}
if error occurred.
{:handshake_packets, binary()}
contains handshake data that has to be sent to the peer.
:handshake_want_read
means some additional data is needed for continuing handshake. It can be returned
when retransmitted packet was passed but timer didn't expired yet.
Specs
Works similarly to start_link/1
, but does not link to the current process.
Specs
Starts ExDTLS GenServer process linked to the current process.
Specs
stop(pid :: pid()) :: :ok
Stops ExDTLS instance.