The cl-tls Reference Manual

1 Introduction
2 Systems
- 2.1 cl-tls
3 Modules
4 Files
- 4.1 Lisp
- 4.2 Static
  - 4.2.1 cl-tls/README
  - 4.2.2 cl-tls/LICENSE
5 Packages
- 5.1 cl-tls
6 Definitions
- 6.1 Exported definitions
- 6.2 Internal definitions
Appendix A Indexes

The cl-tls Reference Manual

This is the cl-tls Reference Manual, generated automatically by Declt version 3.0 "Montgomery Scott" on Sun May 15 04:14:48 2022 GMT+0.

1 Introduction

CL-TLS is a prototype Common Lisp implementation of TLS and related protocols and standards including:

RFC5246
ASN.1
x{501,509}
PKCS{1,3,5,8}

TLS is the IETF-standardized successor of Netscape's SSL protocol. Sometimes TLS/SSL are used interchangeably. At this point, there is no intention to support the older versions of the protocols (SSLv3 and below)

The project is currently in its early development phase and should only be used for experimental purposes.

CL-TLS uses Ironclad as its cryptographic back-end (at the time of writing, the ironclad in quicklisp has not yet been updated to the new maintained repo, use sharplispers/ironclad). See the system definition file for other dependencies

The project started as an attempt to create a network-based TLS fuzzer, but soon morphed of its own volition into a full-fledged TLS implementation.

Extensive testing, fuzzing, and code review is needed. Style guidelines, optimizations, feature-completion patches, bug fixes, and other contributions are welcome.

For an overview of known attacks against TLS and other issues relevant to implementors and users, see https://tools.ietf.org/html/rfc7457 At a minimum, CL-TLS will follow the recommendations and considerations in the aforementioned document before a proper alpha release is announced.

I also intend to fully document the internals of CL-TLS.

So far:

You can initiate sessions and exchange data through a TLS tunnel either as a server or a client, for RSA, DSA, and Diffie-Hellman cipher suites. There is no support for ECDSA suites yet.
Certificate path validation works for certificates signed using RSA or DSA. As above, no support for ECDSA signature verification yet.
Support for PEM-encoded certificate chains.
Support for most features of the TLS 1.2 spec such as fragmentation and session renegotiation.

Major TODOs before alpha release:

Finalizing work on hello extensions.
Fuzzing.
Speed/Memory optimizations.

Features that would be nice, but are not essential

Support for initializing with multiple certificates
ECDSA/ECDH/ECDHE support
Session resumption support
Support for post-RFC5246 cipher suites
rfc{4346,2246,6520}
pkcs#{7,12}
DTLS
Tools for the generation and management of public/private keys and certificates
DANE

CL-TLS does not offer gray streams, threading, sockets, event-loop, or compression functionality. This limits the code of CL-TLS to simply opening and managing a TLS tunnel through an octet stream and enhances portability and extensibility. However, libraries that offer this functionality (such as threaded or evented servers), can be built trivially on top of CL-TLS. See https://github.com/shrdlu68/secure-sockets as an example.

Here is an example of a simple text echo server that implements a simple one-thread-per-request model using usocket and bordeaux-threads:

(require :cl-tls)

(ql:quickload :bordeaux-threads)
(ql:quickload :usockets)
(ql:quickload :babel)

(defun echo-server (port &optional (host "localhost"))
  (let ((sock (usocket:socket-listen host port
				     :reuse-address t
				     :element-type '(unsigned-byte 8))))
    (cl-tls:initialize-listener
     :certificate "/path/to/cert.pem"
     :private-key "/path/to/key.pem")
    (loop
      for thread-id upfrom 0
      for new-sock = (usocket:socket-accept sock)
      for session-stream = (usocket:socket-stream new-sock)
      for handler = (multiple-value-bind (reader writer)
			(cl-tls:accept-tunnel :io-stream session-stream)
		      (lambda ()
			(loop
			  with id = thread-id
			  for in = (funcall reader)
			  for line = (and in
					  (babel:octets-to-string in))
			  if line do
			    (format t "~&~:R thread received data: ~A~%"
				    id line)
			    (funcall writer in)
			  else do
			    (format t
				    "~&Peer closed tunnel, ~:R thread exiting~%" id)
			    (return nil))))
      do
	 (bordeaux-threads:make-thread handler))))

And here is an example using client functionality:

(require :cl-tls)
(ql:quickload :babel)

(defun client-test (port &optional (host "localhost"))
  (let* ((sock (usocket:socket-connect
		host port
		:protocol :stream
		:element-type '(unsigned-byte 8))))
    (multiple-value-bind (reader writer close-callback)
	(cl-tls:request-tunnel
	 :certificate "/path/to/cert.pem"
	 :private-key "/path/to/key.pem"
	 :io-stream (usocket:socket-stream sock)
	 :peer-ip-addresses '((127 0 0 1))
	 :ca-certificates "/path/to/CA/ca-cert.pem")
      (loop
	for out = (read-line *standard-input* nil nil)
	for line = (and out
			(babel:string-to-octets out))
	if line do
	  (funcall writer line)
	  (let ((in (funcall reader)))
	    (cond (in
		   (format t "~&Received data: ~A~%"
			   (babel:octets-to-string in)))
		  (t
		   (funcall close-callback)
		   (return nil))))
	else do
	  (format t "~&Closing tunnel...~%")
	  (funcall close-callback)
	  (return nil)))))

Preliminary API documentation:

request-tunnel (&key certificate private-key ca-certificates
	       	     io-stream input-stream output-stream
		     include-ciphers exclude-ciphers
		     peer-dns-name peer-ip-addresses)

		Attempts to request a TLS tunnel from a server
		through an octet stream
		
		:io-stream A duplex octet stream
		
		:input-stream In the case where separate input and output
			      streams are used, an octet input stream
			      
		:output-stream An octet output stream

		:private-key A (DER/PEM-encoded) private key
			     (currently only DSA, RSA and DH private keys are supported)
			     If the private key is encrypted, you will be prompted for
			     the passphrase
			     
		:certificate A file containing a PEM-encoded list of one
			     or more cerificates
			     The file should consist of one or more
			     ----- BEGIN CERTIFICATE -----
			     ----- END CERTIFICATE -----
			     blocks. White space and other information around these blocks
			     is permitted and will be ignored. Support for PKCS#12-encoded
			     certificate chains is not yet implemented.
		:ca-certificates Either: 1. A directory to look for .crt, .pem, and .der
				 	    CA certificates in
					 2. A PEM-encoded file containing CA certificates,
					    encoded as explained above.
				 For servers, these are only needed if the server
				 needs to authenticate clients, i.e the clients are
				 expected to have client certificates issued to them.
				 This is not used very widely in practice.
				 For clients, CA certificates are used to authenticate
				 servers.
				 TLS clients such as browsers typically use a collection
				 of root certificates that are included by some means of
				 vetting, either provided by the operating system or
				 by the creators/maintainers of the browser.
				 You can use the CAs that your OS/browser has vetted,
				 or you can select which CAs to trust by yourself.
				 For example, most GNU/Linux systems have a package that
				 provides vetted root certificates, typically found in
				 the file "/etc/ssl/certs/ca-certificates.crt"
				 See also: https://curl.haxx.se/docs/sslcerts.html
				 
				 If you want to or have issued your own certificates,
				 include your CA certificate here, either in
				 addition to other CA certificates or as the sole
				 CA certificates. The client and server will only
				 be able to validate remote endpoints whose certificates
				 are signed by a CA certificate that is included,
				 there is no way to "accept" unvalidated certificates.

		
		:include-ciphers A list of symbols of cipher suites to add to the
				 default cipher list.
				 The symbols denote one of the cryptographic characteristics
				 of a cipher suite: key exchange, authentication
				 bulk encryption, mac, digest algorithms, prf, and key sizes.
				 Currently supported options:
				 :rsa-ke (RSA key exchange)
				 :rsa-auth (RSA authentication)
				 :dh (static dh) :dhe (ephemeral dh)
				 :dsa :anon (no authentication-vulnerable to MITM attacks!)
				 :rc4 (broken and prohibited) :3des
				 :aes128 :aes256 :cbc (cipher block chaining mode)
				 :md5 :sha1 :sha256
				 
		:exclude-ciphers A list of symbols of cipher suites to exclude
				 from the default cipher list.
				 :anon and :rc4 are already excluded by default
				 
		:peer-dns-name DNS-name of the peer. This is checked against
			       the dns-name values in the subject alternative name extension
			       of the certificate presented by the peer.
			       It is also used in the SNI extension, which is important
			       for virtual servers to determine which server the client
			       wants to contact.
		
		:peer-ip-addresses List of IP addresses of the peer
				   This is checked against the ip-address values
				   in the subject alternative name extension
			       	   of the certificate presented by the peer.

initialize-listener (&key certificate private-key ca-certificates
				include-ciphers exclude-ciphers force-reinitialize
				authenticate-client-p require-authentication-p
				dh-params)
			
		Loads resources needed for a server session and
		sets configuration options
		Servers need to call this once when initializing.
						 
		:authenticate-client-p When true, an attempt to authenticate the client
				       will be made. However, the client may send back an
				       empty certificate if it does not have
				       (an appropriate) certificate. This option defaults
				       to nil
				       
		:require-authentication-p When true, the server will be asked for a
					  certificate, and the connection will
					  fail if the client fails to provide a certificate.
					  This option defaults to nil.

accept-tunnel (&key io-stream input-stream output-stream)
	      => read-callback,write-callback,close-callback

	      Attempts to accept a client's request for a
	      TLS tunnel through an octet stream

		read-callback A closure whose argument list is in the form
			      (&key (eof-error-p nil) (eof-value nil))
			      that returns the contents
			      of one TLS record (2^14 bytes or less).
			      If :eof-error-p is true, the condition cl:end-of-file
			      will be signaled if the TLS tunnel is closed properly
			      (i.e a close_notify alert is received)
			      If :eof-error-p is false, eof-value is returned rather
			      than isgnalling end-of-file.
			      If an error is encountered while attempting to read from
			      the underlying stream (for example is a socket connection
			      is terminated without properly closing the TLS tunnel),
			      the condition cl:stream-error will be signalled.
		write-callback A closure of one argument, an octet vector of arbitrary size,
			       to be sent down the tunnel
			       Attempting to write to a closed TLS tunnel will
			       signal the condition cl:stream-error
			       If an error is encountered while attempting to write to
			       the underlying stream (for example is a socket connection
			       is terminated without properly closing the TLS tunnel),
			       the condition cl:stream-error will be signalled.
		close-callback A closure of no arguments that politely closes the TLS
			       connection by sending a close_notify alert.

(defclass address ()
  ((host :initarg :host
	 :accessor host)
   (port :initarg :port
	 :accessor port)))

request-stream-to-address (address)
		 =>octet stream
	Specialize this generic function and provide socket functionality.
	This is needed by some of the functionality in cl-tls that may need
	to open sockets, such as contacting OCSP responders.
	For example, to if you are using usockets:
	(defmethod cl-tls:request-stream-to-address ((addr cl-tls:address))
	  (usocket:socket-stream (usocket:socket-connect
	  (cl-tls:host addr) (cl-tls:port addr)
	  :protocol :stream
	  :element-type '(unsigned-byte 8))))

This API will likely change as development continues.

2 Systems

The main system appears first, followed by any subsystem dependency.

2.1 `cl-tls`

Author

Brian Kamotho

License

BSD-3-Clause

Description

An implementation of the Transport Layer Security Protocols

Dependencies

babel
ironclad
alexandria
cl-base64
fast-io

Source

cl-tls.asd (file)

Components

readme (file)
license (file)
src (module)

3 Modules

Modules are listed depth-first from the system components tree.

3.1 `cl-tls/src`

Dependency

license (file)

Parent

cl-tls (system)

Location

src/

Components

package.lisp (file)
utils.lisp (file)
asn.1 (module)
pkcs (module)
x509 (module)
pem (module)
tls (module)

3.2 `cl-tls/src/ASN.1`

Parent: src (module)
Location: src/ASN.1/
Component: asn.1.lisp (file)

3.3 `cl-tls/src/pkcs`

Parent

src (module)

Location

src/pkcs/

Components

pkcs1.lisp (file)
pkcs3.lisp (file)
pkcs5.lisp (file)
pkcs8.lisp (file)

3.4 `cl-tls/src/x509`

Parent

src (module)

Location

src/x509/

Components

extensions.lisp (file)
x509.lisp (file)
ocsp.lisp (file)
validate.lisp (file)

3.5 `cl-tls/src/PEM`

Parent: src (module)
Location: src/PEM/
Component: rfc7468.lisp (file)

3.6 `cl-tls/src/tls`

Parent

src (module)

Location

src/tls/

Components

transport.lisp (file)
http.lisp (file)
ciphersuites.lisp (file)
alert.lisp (file)
crypto.lisp (file)
extensions.lisp (file)
tls.lisp (file)

4 Files

Files are sorted by type and then listed depth-first from the systems components trees.

4.1 Lisp

4.1.1 `cl-tls.asd`

Location: cl-tls.asd
Systems: cl-tls (system)

4.1.2 `cl-tls/src/package.lisp`

Parent: src (module)
Location: src/package.lisp
Packages: cl-tls

4.1.3 `cl-tls/src/utils.lisp`

Parent

src (module)

Location

src/utils.lisp

Internal Definitions

asn-type-matches-p (function)
bytes-in-int (function)
cat-vectors (function)
dns-match-p (function)
dump-to-file (function)
find-certificates (function)
get-contents (function)
get-random-octets (function)
get-sequence (function)
gmt-unix-time (function)
integer-to-octets (function)
make-octet-vector (function)
octet (type)
octet-vector (type)
octets-to-integer (function)
split-string (function)
stream-octets-to-integer (function)
timing-independent-compare (function)
with-specification-map (macro)

4.1.4 `cl-tls/src/ASN.1/asn.1.lisp`

Parent

asn.1 (module)

Location

src/ASN.1/asn.1.lisp

Exported Definitions

asn-sequence-to-list (function)
asn-serialize (function)
create-asn-sequence (function)
encode-oid (function)
parse-der (function)

Internal Definitions

*max-int-len* (special variable)
+asn1_application+ (constant)
+asn1_constructed+ (constant)
+asn1_context_specific+ (constant)
+asn1_primitive+ (constant)
+asn1_private+ (constant)
+asn1_universal+ (constant)
asn-sequence-to-indices (function)
asn.1-decoding-error (condition)
create-explicit-tag (function)
decode-oid (function)
from-stream-parse-der (function)
get-der-contents-indices (function)
integer-to-vlq (function)
make-octet-stream (function)
octet-stream (class)
ov-buffer-position (function)
ov-read-byte (generic function)
ov-read-byte (method)
ov-read-sequence (generic function)
ov-read-sequence (method)
text (method)

4.1.5 `cl-tls/src/pkcs/pkcs1.lisp`

Parent

pkcs (module)

Location

src/pkcs/pkcs1.lisp

Exported Definitions

rsa-decrypt (function)
rsa-encrypt (function)
rsassa-pkcs1.5-sign (function)
rsassa-pkcs1.5-verify (function)

Internal Definitions

emsa-pkcs1-v1.5-encode (function)
fill-random-nonzero-octets (function)

4.1.6 `cl-tls/src/pkcs/pkcs3.lisp`

Parent

pkcs (module)

Location

src/pkcs/pkcs3.lisp

Internal Definitions

compute-shared-secret (function)
dh-params (class)
generate-dh-params (function)
generator (method)
make-dh-key-pair (function)
prime-modulus (method)
strong-random-range (function)

4.1.7 `cl-tls/src/pkcs/pkcs5.lisp`

Parent

pkcs (module)

Location

src/pkcs/pkcs5.lisp

Exported Definitions

pbes2-decrypt (function)

Internal Definitions

parse-enc-scheme (function)
parse-kdf (function)
remove-padding (function)

4.1.8 `cl-tls/src/pkcs/pkcs8.lisp`

Parent

pkcs (module)

Location

src/pkcs/pkcs8.lisp

Internal Definitions

load-der-priv-key (function)
load-pem-priv-key (function)
load-priv-key (function)
parse-priv-key (function)

4.1.9 `cl-tls/src/x509/extensions.lisp`

Parent

x509 (module)

Location

src/x509/extensions.lisp

Internal Definitions

parse-access-description (function)
parse-general-name (function)
parse-general-names (function)
parse-qualifier (function)
process-extension (generic function)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)

4.1.10 `cl-tls/src/x509/x509.lisp`

Dependency

extensions.lisp (file)

Parent

x509 (module)

Location

src/x509/x509.lisp

Exported Definitions

x509-decode (function)

Internal Definitions

+md2withrsaencryption+ (constant)
+md5withrsaencryption+ (constant)
+sha1withrsaencryption+ (constant)
+sha224withrsaencryption+ (constant)
+sha256withrsaencryption+ (constant)
+sha384withrsaencryption+ (constant)
+sha512withrsaencryption+ (constant)
asn-time-to-universal-time (function)
authority-information-access (method)
(setf authority-information-access) (method)
authority-key-identifier (method)
(setf authority-key-identifier) (method)
basic-constraints (method)
(setf basic-constraints) (method)
bind-tbs (macro)
certificate-policies (method)
(setf certificate-policies) (method)
crl-distribution-points (method)
(setf crl-distribution-points) (method)
extended-key-usage (method)
(setf extended-key-usage) (method)
extensions (method)
(setf extensions) (method)
get-raw-tbs (function)
hash (method)
(setf hash) (method)
issuer (method)
(setf issuer) (method)
issuer-alternative-name (method)
(setf issuer-alternative-name) (method)
issuer-unique-id (method)
(setf issuer-unique-id) (method)
key-usage (method)
(setf key-usage) (method)
parse-directory-name (function)
parse-pka (function)
parse-pub-key (function)
parse-signature-algorithm (function)
parse-tbs-certificate (function)
policy-mappings (method)
(setf policy-mappings) (method)
process-extensions (function)
raw (method)
(setf raw) (method)
serial (method)
(setf serial) (method)
signature (method)
(setf signature) (method)
signature (method)
(setf signature) (method)
signature-algorithm (method)
(setf signature-algorithm) (method)
subject (method)
(setf subject) (method)
subject-alternative-name (method)
(setf subject-alternative-name) (method)
subject-information-access (method)
(setf subject-information-access) (method)
subject-key-identifier (method)
(setf subject-key-identifier) (method)
subject-pki (method)
(setf subject-pki) (method)
subject-unique-id (method)
(setf subject-unique-id) (method)
tbs-certificate (method)
(setf tbs-certificate) (method)
tbs-certificate (class)
text (method)
time-valid-p (function)
validity (method)
(setf validity) (method)
verify-signature (function)
version (method)
(setf version) (method)
x509-decoding-error (condition)
x509-extension (class)
x509v3-certificate (class)

4.1.11 `cl-tls/src/x509/ocsp.lisp`

Dependency

x509.lisp (file)

Parent

x509 (module)

Location

src/x509/ocsp.lisp

Internal Definitions

*id-ad-ocsp* (special variable)
check-ocsp (function)
create-cert-id (function)
create-request (function)
create-tbs-request (function)
log-info (method)
(setf log-info) (method)
ocsp-catch-asn-error (macro)
ocsp-error (condition)
parse-response-data (function)
prepare-ocsp-request (function)
verify-ocsp-signature (function)

4.1.12 `cl-tls/src/x509/validate.lisp`

Dependency

ocsp.lisp (file)

Parent

x509 (module)

Location

src/x509/validate.lisp

Internal Definitions

check-certificate-status (function)
get-issuer-octets (function)
get-pubkey-octets (function)
validate (function)

4.1.13 `cl-tls/src/PEM/rfc7468.lisp`

Parent

pem (module)

Location

src/PEM/rfc7468.lisp

Internal Definitions

decapsulate (function)
parse-pem (function)

4.1.14 `cl-tls/src/tls/transport.lisp`

Parent

tls (module)

Location

src/tls/transport.lisp

Exported Definitions

address (class)
host (method)
(setf host) (method)
port (method)
(setf port) (method)
request-stream-to-address (generic function)
request-stream-to-address (method)

4.1.15 `cl-tls/src/tls/http.lisp`

Parent

tls (module)

Location

src/tls/http.lisp

Exported Definitions

host (method)
(setf host) (method)
port (method)
(setf port) (method)

Internal Definitions

*crlf* (special variable)
*max-content-length* (special variable)
header-value (function)
http-error (condition)
http-request (function)
log-info (method)
(setf log-info) (method)
parse-headers-from-stream (function)
parse-uri (function)
path (method)
(setf path) (method)
read-chunk (function)
read-chunked-response (function)
read-header (function)
scheme (method)
(setf scheme) (method)
split-header (function)
trim-space (function)
uri (class)

4.1.16 `cl-tls/src/tls/ciphersuites.lisp`

Parent

tls (module)

Location

src/tls/ciphersuites.lisp

Internal Definitions

*supported-cipher-suites* (special variable)
+3des-block-size+ (special variable)
+3des-encryption-suites+ (special variable)
+aes-128-ciphers+ (special variable)
+aes-256-ciphers+ (special variable)
+aes-block-size+ (special variable)
+aes-encryption-suites+ (special variable)
+anon-authentication-suites+ (special variable)
+cbc-mode-ciphers+ (special variable)
+dh-key-exchange-suites+ (special variable)
+dhe-key-exchange-suites+ (special variable)
+dss-authentication-suites+ (special variable)
+md5-ciphers+ (special variable)
+rc4-encryption-suites+ (special variable)
+rsa-authentication-suites+ (special variable)
+rsa-key-exchange-suites+ (special variable)
+sha1-ciphers+ (special variable)
+sha256-ciphers+ (special variable)
+tls_dh_anon_with_3des_ede_cbc_sha+ (special variable)
+tls_dh_anon_with_aes_128_cbc_sha+ (special variable)
+tls_dh_anon_with_aes_128_cbc_sha256+ (special variable)
+tls_dh_anon_with_aes_256_cbc_sha+ (special variable)
+tls_dh_anon_with_aes_256_cbc_sha256+ (special variable)
+tls_dh_anon_with_rc4_128_md5+ (special variable)
+tls_dh_dss_with_3des_ede_cbc_sha+ (special variable)
+tls_dh_dss_with_aes_128_cbc_sha+ (special variable)
+tls_dh_dss_with_aes_128_cbc_sha256+ (special variable)
+tls_dh_dss_with_aes_256_cbc_sha+ (special variable)
+tls_dh_dss_with_aes_256_cbc_sha256+ (special variable)
+tls_dh_rsa_with_3des_ede_cbc_sha+ (special variable)
+tls_dh_rsa_with_aes_128_cbc_sha+ (special variable)
+tls_dh_rsa_with_aes_128_cbc_sha256+ (special variable)
+tls_dh_rsa_with_aes_256_cbc_sha+ (special variable)
+tls_dh_rsa_with_aes_256_cbc_sha256+ (special variable)
+tls_dhe_dss_with_3des_ede_cbc_sha+ (special variable)
+tls_dhe_dss_with_aes_128_cbc_sha+ (special variable)
+tls_dhe_dss_with_aes_128_cbc_sha256+ (special variable)
+tls_dhe_dss_with_aes_256_cbc_sha+ (special variable)
+tls_dhe_dss_with_aes_256_cbc_sha256+ (special variable)
+tls_dhe_rsa_with_3des_ede_cbc_sha+ (special variable)
+tls_dhe_rsa_with_aes_128_cbc_sha+ (special variable)
+tls_dhe_rsa_with_aes_128_cbc_sha256+ (special variable)
+tls_dhe_rsa_with_aes_256_cbc_sha+ (special variable)
+tls_dhe_rsa_with_aes_256_cbc_sha256+ (special variable)
+tls_rsa_with_3des_ede_cbc_sha+ (special variable)
+tls_rsa_with_aes_128_cbc_sha+ (special variable)
+tls_rsa_with_aes_128_cbc_sha256+ (special variable)
+tls_rsa_with_aes_256_cbc_sha+ (special variable)
+tls_rsa_with_aes_256_cbc_sha256+ (special variable)
+tls_rsa_with_null_md5+ (special variable)
+tls_rsa_with_null_sha+ (special variable)
+tls_rsa_with_null_sha256+ (special variable)
+tls_rsa_with_rc4_128_md5+ (special variable)
+tls_rsa_with_rc4_128_sha+ (special variable)

4.1.17 `cl-tls/src/tls/alert.lisp`

Parent

tls (module)

Location

src/tls/alert.lisp

Internal Definitions

+access-denied+ (constant)
+bad-certificate+ (constant)
+bad-record-mac+ (constant)
+certificate-expired+ (constant)
+certificate-revoked+ (constant)
+certificate-unknown+ (constant)
+close-notify+ (constant)
+decode-error+ (constant)
+decompression-failure+ (constant)
+decrypt-error+ (constant)
+decryption-failed-reserved+ (constant)
+export-restriction-reserved+ (constant)
+fatal+ (constant)
+handshake-failure+ (constant)
+illegal-parameter+ (constant)
+insufficient-security+ (constant)
+internal-error+ (constant)
+no-certificate-reserved+ (constant)
+no-renegotiation+ (constant)
+protocol-version+ (constant)
+record-overflow+ (constant)
+unexpected-message+ (constant)
+unknown-ca+ (constant)
+unsupported-certificate+ (constant)
+unsupported-extension+ (constant)
+user-canceled+ (constant)
+warning+ (constant)
alert-record-to-text (function)
send-alert (function)

4.1.18 `cl-tls/src/tls/crypto.lisp`

Parent

tls (module)

Location

src/tls/crypto.lisp

Internal Definitions

digitally-sign (function)
endpoint-decryption-key (symbol macro)
endpoint-encryption-key (symbol macro)
gen-key-material (function)
p-hash (function)
prf (function)
sign-dh-params (function)
verify-signed-data (function)
verify-signed-params (function)

4.1.19 `cl-tls/src/tls/extensions.lisp`

Parent

tls (module)

Location

src/tls/extensions.lisp

Internal Definitions

create-cert-status-request (function)
create-sni (function)
pack-extension (function)
parse-extension (generic function)
parse-extension (method)
parse-extension (method)
parse-extension (method)
parse-extension (method)
parse-extension (method)
parse-extension (method)
parse-extension (method)

4.1.20 `cl-tls/src/tls/tls.lisp`

Parent

tls (module)

Location

src/tls/tls.lisp

Exported Definitions

accept-tunnel (function)
initialize-listener (function)
request-tunnel (function)
tls-error (condition)
tls-stream-error (condition)

Internal Definitions

*certificate-request-msg* (special variable)
*debug-stream* (special variable)
*log-level* (special variable)
*max-certificate-chain-length* (special variable)
*max-fragment-length* (special variable)
*version* (special variable)
+alert+ (constant)
+application-data+ (constant)
+certificate+ (constant)
+certificate-request+ (constant)
+certificate-verify+ (constant)
+change-cipher-spec+ (constant)
+client-hello+ (constant)
+client-key-exchange+ (constant)
+finished+ (constant)
+handshake+ (constant)
+hello-request+ (constant)
+server-hello+ (constant)
+server-hello-done+ (constant)
+server-key-exchange+ (constant)
add-handshake-header (function)
alert (method)
(setf alert) (method)
calculate-mac (function)
calculate-verification-mac (function)
cipher-suite-supported-p (function)
ciphertext-to-compressed (generic function)
ciphertext-to-compressed (method)
client-certificate-url (method)
(setf client-certificate-url) (method)
client-session (class)
create-cipher-vector (function)
create-listener-session (function)
create-session (function)
decrypt (generic function)
decrypt (method)
dhparams-from-key-file (function)
encrypt (generic function)
encrypt (method)
encrypt-and-send (function)
endpoint-mac-decryption-key (symbol macro)
endpoint-mac-encryption-key (symbol macro)
exception (condition)
get-application-data (function)
get-ca-certificates (function)
get-change-cipher-spec (function)
get-dh-params (function)
get-handshake-message (function)
get-private-key (function)
get-record (generic function)
get-record (method)
get-session-id (function)
handle-handshake (generic function)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handshake-messages (method)
(setf handshake-messages) (method)
hello-extensions (class)
host-name (method)
(setf host-name) (method)
initiate-connection (generic function)
initiate-connection (method)
initiate-connection (method)
log-info (method)
(setf log-info) (method)
max-fragment-length (method)
(setf max-fragment-length) (method)
parse-cipher-suite (function)
pre-master-secret (method)
(setf pre-master-secret) (method)
pub-key (method)
(setf pub-key) (method)
reassemble-handshake-message (function)
send (generic function)
send (method)
send-change-cipher-spec (generic function)
send-change-cipher-spec (method)
send-handshake (generic function)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-record (generic function)
send-record (method)
server-session (class)
session (class)
shared-session-slots (class)
supported-signature-algorithms (method)
(setf supported-signature-algorithms) (method)
symbol-to-suite-list (function)
text (method)
(setf text) (method)

4.2 Static

4.2.1 `cl-tls/README`

Parent: cl-tls (system)
Location: /home/quickref/quicklisp/dists/quicklisp/software/cl-tls-20211209-git/README (not found)

4.2.2 `cl-tls/LICENSE`

Dependency: readme (file)
Parent: cl-tls (system)
Location: LICENSE

5 Packages

Packages are listed by definition order.

5.1 `cl-tls`

CL-TLS is a Common Lisp implemetation of TLS and related specifications

Source

package.lisp (file)

Nickname

tls

Use List

alexandria
common-lisp

Exported Definitions

accept-tunnel (function)
address (class)
asn-sequence-to-list (function)
asn-serialize (function)
create-asn-sequence (function)
encode-oid (function)
host (generic function)
host (method)
(setf host) (method)
host (method)
(setf host) (method)
(setf host) (generic function)
initialize-listener (function)
parse-der (function)
pbes2-decrypt (function)
port (generic function)
port (method)
(setf port) (method)
port (method)
(setf port) (method)
(setf port) (generic function)
request-stream-to-address (generic function)
request-stream-to-address (method)
request-tunnel (function)
rsa-decrypt (function)
rsa-encrypt (function)
rsassa-pkcs1.5-sign (function)
rsassa-pkcs1.5-verify (function)
tls-error (condition)
tls-stream-error (condition)
x509-decode (function)

Internal Definitions

*certificate-request-msg* (special variable)
*crlf* (special variable)
*debug-stream* (special variable)
*id-ad-ocsp* (special variable)
*log-level* (special variable)
*max-certificate-chain-length* (special variable)
*max-content-length* (special variable)
*max-fragment-length* (special variable)
*max-int-len* (special variable)
*supported-cipher-suites* (special variable)
*version* (special variable)
+3des-block-size+ (special variable)
+3des-encryption-suites+ (special variable)
+access-denied+ (constant)
+aes-128-ciphers+ (special variable)
+aes-256-ciphers+ (special variable)
+aes-block-size+ (special variable)
+aes-encryption-suites+ (special variable)
+alert+ (constant)
+anon-authentication-suites+ (special variable)
+application-data+ (constant)
+asn1_application+ (constant)
+asn1_constructed+ (constant)
+asn1_context_specific+ (constant)
+asn1_primitive+ (constant)
+asn1_private+ (constant)
+asn1_universal+ (constant)
+bad-certificate+ (constant)
+bad-record-mac+ (constant)
+cbc-mode-ciphers+ (special variable)
+certificate+ (constant)
+certificate-expired+ (constant)
+certificate-request+ (constant)
+certificate-revoked+ (constant)
+certificate-unknown+ (constant)
+certificate-verify+ (constant)
+change-cipher-spec+ (constant)
+client-hello+ (constant)
+client-key-exchange+ (constant)
+close-notify+ (constant)
+decode-error+ (constant)
+decompression-failure+ (constant)
+decrypt-error+ (constant)
+decryption-failed-reserved+ (constant)
+dh-key-exchange-suites+ (special variable)
+dhe-key-exchange-suites+ (special variable)
+dss-authentication-suites+ (special variable)
+export-restriction-reserved+ (constant)
+fatal+ (constant)
+finished+ (constant)
+handshake+ (constant)
+handshake-failure+ (constant)
+hello-request+ (constant)
+illegal-parameter+ (constant)
+insufficient-security+ (constant)
+internal-error+ (constant)
+md2withrsaencryption+ (constant)
+md5-ciphers+ (special variable)
+md5withrsaencryption+ (constant)
+no-certificate-reserved+ (constant)
+no-renegotiation+ (constant)
+protocol-version+ (constant)
+rc4-encryption-suites+ (special variable)
+record-overflow+ (constant)
+rsa-authentication-suites+ (special variable)
+rsa-key-exchange-suites+ (special variable)
+server-hello+ (constant)
+server-hello-done+ (constant)
+server-key-exchange+ (constant)
+sha1-ciphers+ (special variable)
+sha1withrsaencryption+ (constant)
+sha224withrsaencryption+ (constant)
+sha256-ciphers+ (special variable)
+sha256withrsaencryption+ (constant)
+sha384withrsaencryption+ (constant)
+sha512withrsaencryption+ (constant)
+tls_dh_anon_with_3des_ede_cbc_sha+ (special variable)
+tls_dh_anon_with_aes_128_cbc_sha+ (special variable)
+tls_dh_anon_with_aes_128_cbc_sha256+ (special variable)
+tls_dh_anon_with_aes_256_cbc_sha+ (special variable)
+tls_dh_anon_with_aes_256_cbc_sha256+ (special variable)
+tls_dh_anon_with_rc4_128_md5+ (special variable)
+tls_dh_dss_with_3des_ede_cbc_sha+ (special variable)
+tls_dh_dss_with_aes_128_cbc_sha+ (special variable)
+tls_dh_dss_with_aes_128_cbc_sha256+ (special variable)
+tls_dh_dss_with_aes_256_cbc_sha+ (special variable)
+tls_dh_dss_with_aes_256_cbc_sha256+ (special variable)
+tls_dh_rsa_with_3des_ede_cbc_sha+ (special variable)
+tls_dh_rsa_with_aes_128_cbc_sha+ (special variable)
+tls_dh_rsa_with_aes_128_cbc_sha256+ (special variable)
+tls_dh_rsa_with_aes_256_cbc_sha+ (special variable)
+tls_dh_rsa_with_aes_256_cbc_sha256+ (special variable)
+tls_dhe_dss_with_3des_ede_cbc_sha+ (special variable)
+tls_dhe_dss_with_aes_128_cbc_sha+ (special variable)
+tls_dhe_dss_with_aes_128_cbc_sha256+ (special variable)
+tls_dhe_dss_with_aes_256_cbc_sha+ (special variable)
+tls_dhe_dss_with_aes_256_cbc_sha256+ (special variable)
+tls_dhe_rsa_with_3des_ede_cbc_sha+ (special variable)
+tls_dhe_rsa_with_aes_128_cbc_sha+ (special variable)
+tls_dhe_rsa_with_aes_128_cbc_sha256+ (special variable)
+tls_dhe_rsa_with_aes_256_cbc_sha+ (special variable)
+tls_dhe_rsa_with_aes_256_cbc_sha256+ (special variable)
+tls_rsa_with_3des_ede_cbc_sha+ (special variable)
+tls_rsa_with_aes_128_cbc_sha+ (special variable)
+tls_rsa_with_aes_128_cbc_sha256+ (special variable)
+tls_rsa_with_aes_256_cbc_sha+ (special variable)
+tls_rsa_with_aes_256_cbc_sha256+ (special variable)
+tls_rsa_with_null_md5+ (special variable)
+tls_rsa_with_null_sha+ (special variable)
+tls_rsa_with_null_sha256+ (special variable)
+tls_rsa_with_rc4_128_md5+ (special variable)
+tls_rsa_with_rc4_128_sha+ (special variable)
+unexpected-message+ (constant)
+unknown-ca+ (constant)
+unsupported-certificate+ (constant)
+unsupported-extension+ (constant)
+user-canceled+ (constant)
+warning+ (constant)
add-handshake-header (function)
alert (generic function)
alert (method)
(setf alert) (method)
(setf alert) (generic function)
alert-record-to-text (function)
asn-sequence-to-indices (function)
asn-time-to-universal-time (function)
asn-type-matches-p (function)
asn.1-decoding-error (condition)
authority-information-access (generic function)
authority-information-access (method)
(setf authority-information-access) (method)
(setf authority-information-access) (generic function)
authority-key-identifier (generic function)
authority-key-identifier (method)
(setf authority-key-identifier) (method)
(setf authority-key-identifier) (generic function)
basic-constraints (generic function)
basic-constraints (method)
(setf basic-constraints) (method)
(setf basic-constraints) (generic function)
bind-tbs (macro)
bytes-in-int (function)
calculate-mac (function)
calculate-verification-mac (function)
cat-vectors (function)
certificate-policies (generic function)
certificate-policies (method)
(setf certificate-policies) (method)
(setf certificate-policies) (generic function)
check-certificate-status (function)
check-ocsp (function)
cipher-suite-supported-p (function)
ciphertext-to-compressed (generic function)
ciphertext-to-compressed (method)
client-certificate-url (generic function)
client-certificate-url (method)
(setf client-certificate-url) (method)
(setf client-certificate-url) (generic function)
client-session (class)
compute-shared-secret (function)
create-cert-id (function)
create-cert-status-request (function)
create-cipher-vector (function)
create-explicit-tag (function)
create-listener-session (function)
create-request (function)
create-session (function)
create-sni (function)
create-tbs-request (function)
crl-distribution-points (generic function)
crl-distribution-points (method)
(setf crl-distribution-points) (method)
(setf crl-distribution-points) (generic function)
decapsulate (function)
decode-oid (function)
decrypt (generic function)
decrypt (method)
dh-params (class)
dhparams-from-key-file (function)
digitally-sign (function)
dns-match-p (function)
dump-to-file (function)
emsa-pkcs1-v1.5-encode (function)
encrypt (generic function)
encrypt (method)
encrypt-and-send (function)
endpoint-decryption-key (symbol macro)
endpoint-encryption-key (symbol macro)
endpoint-mac-decryption-key (symbol macro)
endpoint-mac-encryption-key (symbol macro)
exception (condition)
extended-key-usage (generic function)
extended-key-usage (method)
(setf extended-key-usage) (method)
(setf extended-key-usage) (generic function)
extensions (generic function)
extensions (method)
(setf extensions) (method)
(setf extensions) (generic function)
fill-random-nonzero-octets (function)
find-certificates (function)
from-stream-parse-der (function)
gen-key-material (function)
generate-dh-params (function)
generator (generic function)
generator (method)
get-application-data (function)
get-ca-certificates (function)
get-change-cipher-spec (function)
get-contents (function)
get-der-contents-indices (function)
get-dh-params (function)
get-handshake-message (function)
get-issuer-octets (function)
get-private-key (function)
get-pubkey-octets (function)
get-random-octets (function)
get-raw-tbs (function)
get-record (generic function)
get-record (method)
get-sequence (function)
get-session-id (function)
gmt-unix-time (function)
handle-handshake (generic function)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handle-handshake (method)
handshake-messages (generic function)
handshake-messages (method)
(setf handshake-messages) (method)
(setf handshake-messages) (generic function)
hash (generic function)
hash (method)
(setf hash) (method)
(setf hash) (generic function)
header-value (function)
hello-extensions (class)
host-name (generic function)
host-name (method)
(setf host-name) (method)
(setf host-name) (generic function)
http-error (condition)
http-request (function)
initiate-connection (generic function)
initiate-connection (method)
initiate-connection (method)
integer-to-octets (function)
integer-to-vlq (function)
issuer (generic function)
issuer (method)
(setf issuer) (method)
(setf issuer) (generic function)
issuer-alternative-name (generic function)
issuer-alternative-name (method)
(setf issuer-alternative-name) (method)
(setf issuer-alternative-name) (generic function)
issuer-unique-id (generic function)
issuer-unique-id (method)
(setf issuer-unique-id) (method)
(setf issuer-unique-id) (generic function)
key-usage (generic function)
key-usage (method)
(setf key-usage) (method)
(setf key-usage) (generic function)
load-der-priv-key (function)
load-pem-priv-key (function)
load-priv-key (function)
log-info (generic function)
log-info (method)
(setf log-info) (method)
log-info (method)
(setf log-info) (method)
log-info (method)
(setf log-info) (method)
(setf log-info) (generic function)
make-dh-key-pair (function)
make-octet-stream (function)
make-octet-vector (function)
max-fragment-length (generic function)
max-fragment-length (method)
(setf max-fragment-length) (method)
(setf max-fragment-length) (generic function)
ocsp-catch-asn-error (macro)
ocsp-error (condition)
octet (type)
octet-stream (class)
octet-vector (type)
octets-to-integer (function)
ov-buffer-position (function)
ov-read-byte (generic function)
ov-read-byte (method)
ov-read-sequence (generic function)
ov-read-sequence (method)
p-hash (function)
pack-extension (function)
parse-access-description (function)
parse-cipher-suite (function)
parse-directory-name (function)
parse-enc-scheme (function)
parse-extension (generic function)
parse-extension (method)
parse-extension (method)
parse-extension (method)
parse-extension (method)
parse-extension (method)
parse-extension (method)
parse-extension (method)
parse-general-name (function)
parse-general-names (function)
parse-headers-from-stream (function)
parse-kdf (function)
parse-pem (function)
parse-pka (function)
parse-priv-key (function)
parse-pub-key (function)
parse-qualifier (function)
parse-response-data (function)
parse-signature-algorithm (function)
parse-tbs-certificate (function)
parse-uri (function)
path (generic function)
path (method)
(setf path) (method)
(setf path) (generic function)
policy-mappings (generic function)
policy-mappings (method)
(setf policy-mappings) (method)
(setf policy-mappings) (generic function)
pre-master-secret (generic function)
pre-master-secret (method)
(setf pre-master-secret) (method)
(setf pre-master-secret) (generic function)
prepare-ocsp-request (function)
prf (function)
prime-modulus (generic function)
prime-modulus (method)
process-extension (generic function)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extension (method)
process-extensions (function)
pub-key (generic function)
pub-key (method)
(setf pub-key) (method)
(setf pub-key) (generic function)
raw (generic function)
raw (method)
(setf raw) (method)
(setf raw) (generic function)
read-chunk (function)
read-chunked-response (function)
read-header (function)
reassemble-handshake-message (function)
remove-padding (function)
scheme (generic function)
scheme (method)
(setf scheme) (method)
(setf scheme) (generic function)
send (generic function)
send (method)
send-alert (function)
send-change-cipher-spec (generic function)
send-change-cipher-spec (method)
send-handshake (generic function)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-record (generic function)
send-record (method)
serial (generic function)
serial (method)
(setf serial) (method)
(setf serial) (generic function)
server-session (class)
session (class)
shared-session-slots (class)
sign-dh-params (function)
signature (generic function)
signature (method)
(setf signature) (method)
signature (method)
(setf signature) (method)
(setf signature) (generic function)
signature-algorithm (generic function)
signature-algorithm (method)
(setf signature-algorithm) (method)
(setf signature-algorithm) (generic function)
split-header (function)
split-string (function)
stream-octets-to-integer (function)
strong-random-range (function)
subject (generic function)
subject (method)
(setf subject) (method)
(setf subject) (generic function)
subject-alternative-name (generic function)
subject-alternative-name (method)
(setf subject-alternative-name) (method)
(setf subject-alternative-name) (generic function)
subject-information-access (generic function)
subject-information-access (method)
(setf subject-information-access) (method)
(setf subject-information-access) (generic function)
subject-key-identifier (generic function)
subject-key-identifier (method)
(setf subject-key-identifier) (method)
(setf subject-key-identifier) (generic function)
subject-pki (generic function)
subject-pki (method)
(setf subject-pki) (method)
(setf subject-pki) (generic function)
subject-unique-id (generic function)
subject-unique-id (method)
(setf subject-unique-id) (method)
(setf subject-unique-id) (generic function)
supported-signature-algorithms (generic function)
supported-signature-algorithms (method)
(setf supported-signature-algorithms) (method)
(setf supported-signature-algorithms) (generic function)
symbol-to-suite-list (function)
tbs-certificate (generic function)
tbs-certificate (method)
(setf tbs-certificate) (method)
(setf tbs-certificate) (generic function)
tbs-certificate (class)
text (generic function)
text (method)
(setf text) (method)
text (method)
text (method)
(setf text) (generic function)
time-valid-p (function)
timing-independent-compare (function)
trim-space (function)
uri (class)
validate (function)
validity (generic function)
validity (method)
(setf validity) (method)
(setf validity) (generic function)
verify-ocsp-signature (function)
verify-signature (function)
verify-signed-data (function)
verify-signed-params (function)
version (generic function)
version (method)
(setf version) (method)
(setf version) (generic function)
with-specification-map (macro)
x509-decoding-error (condition)
x509-extension (class)
x509v3-certificate (class)

6 Definitions

Definitions are sorted by export status, category, package, and then by lexicographic order.

6.1 Exported definitions

6.1.1 Functions

Function: accept-tunnel &key IO-STREAM INPUT-STREAM OUTPUT-STREAM

As a server, accept a new connection from a client

Package: cl-tls
Source: tls.lisp (file)

Function: asn-sequence-to-list VEC &key MODE

Given an asn sequence, return a list of the raw der elements

Package: cl-tls
Source: asn.1.lisp (file)

Function: asn-serialize OBJ TYPE &key CLASS PRIMITIVEP

Create an ASN structure

Package: cl-tls
Source: asn.1.lisp (file)

Function: create-asn-sequence &rest COLL

Package: cl-tls
Source: asn.1.lisp (file)

Function: encode-oid NUMS

Package: cl-tls
Source: asn.1.lisp (file)

Function: initialize-listener &key CERTIFICATE PRIVATE-KEY CA-CERTIFICATES INCLUDE-CIPHERS EXCLUDE-CIPHERS FORCE-REINITIALIZE AUTHENTICATE-CLIENT-P REQUIRE-AUTHENTICATION-P DH-PARAMS

Initialize a TLS server session with the given arguments

Package: cl-tls
Source: tls.lisp (file)

Function: parse-der OBJ &key START MODE

Serialized mode returns the plain contents octets. deserialized mode deserializes the contents octets. Octet strings and Bit Strings are not deserialized

Package: cl-tls
Source: asn.1.lisp (file)

Function: pbes2-decrypt OV &optional PASSPHRASE

Package: cl-tls
Source: pkcs5.lisp (file)

Function: request-tunnel &key CERTIFICATE PRIVATE-KEY CA-CERTIFICATES IO-STREAM INPUT-STREAM OUTPUT-STREAM INCLUDE-CIPHERS EXCLUDE-CIPHERS PEER-DNS-NAME PEER-IP-ADDRESSES

As a client, request a TLS connection from a server

Package: cl-tls
Source: tls.lisp (file)

Function: rsa-decrypt DATA PRIVATE-KEY

Returns raw data after decrypting and parsing the Encryption-block

Package: cl-tls
Source: pkcs1.lisp (file)

Function: rsa-encrypt DATA KEY

Converts data into an encryption block then calls ironclad

Package: cl-tls
Source: pkcs1.lisp (file)

Function: rsassa-pkcs1.5-sign PRIV-KEY MSG HASH-ALGORITHM

Package: cl-tls
Source: pkcs1.lisp (file)

Function: rsassa-pkcs1.5-verify PUB-KEY MSG SIGNATURE HASH-ALGORITHM

Package: cl-tls
Source: pkcs1.lisp (file)

Function: x509-decode OCTET-VECTOR

Deserialize an x509 certificate from an octet-vector

Package: cl-tls
Source: x509.lisp (file)

6.1.2 Generic functions

Generic Function: host OBJECT

Generic Function: (setf host) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: host (URI uri)

automatically generated reader method

Source: http.lisp (file)

Method: (setf host) NEW-VALUE (URI uri)

automatically generated writer method

Source: http.lisp (file)

Method: host (ADDRESS address)

automatically generated reader method

Source: transport.lisp (file)

Method: (setf host) NEW-VALUE (ADDRESS address)

automatically generated writer method

Source: transport.lisp (file)

Generic Function: port OBJECT

Generic Function: (setf port) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: port (URI uri)

automatically generated reader method

Source: http.lisp (file)

Method: (setf port) NEW-VALUE (URI uri)

automatically generated writer method

Source: http.lisp (file)

Method: port (ADDRESS address)

automatically generated reader method

Source: transport.lisp (file)

Method: (setf port) NEW-VALUE (ADDRESS address)

automatically generated writer method

Source: transport.lisp (file)

Generic Function: request-stream-to-address ADDRESS

Package

cl-tls

Source

transport.lisp (file)

Methods

Method: request-stream-to-address (ADDR address)

6.1.3 Conditions

Condition: tls-error ()

Package

cl-tls

Source

tls.lisp (file)

Direct superclasses

error (condition)

Direct methods

text (method)
text (method)

Direct slots

Slot: text

Initargs: :text
Readers: text (generic function)
Writers: (setf text) (generic function)

Condition: tls-stream-error ()

Package: cl-tls
Source: tls.lisp (file)
Direct superclasses: stream-error (condition)

6.1.4 Classes

Class: address ()

Package

cl-tls

Source

transport.lisp (file)

Direct superclasses

standard-object (class)

Direct methods

request-stream-to-address (method)
port (method)
port (method)
host (method)
host (method)

Direct slots

Slot: host

Initargs: :host
Readers: host (generic function)
Writers: (setf host) (generic function)

Slot: port

Initargs: :port
Readers: port (generic function)
Writers: (setf port) (generic function)

6.2 Internal definitions

6.2.1 Constants

Constant: +access-denied+

Package: cl-tls
Source: alert.lisp (file)

Constant: +alert+

Package: cl-tls
Source: tls.lisp (file)

Constant: +application-data+

Package: cl-tls
Source: tls.lisp (file)

Constant: +asn1_application+

Package: cl-tls
Source: asn.1.lisp (file)

Constant: +asn1_constructed+

Package: cl-tls
Source: asn.1.lisp (file)

Constant: +asn1_context_specific+

Package: cl-tls
Source: asn.1.lisp (file)

Constant: +asn1_primitive+

Package: cl-tls
Source: asn.1.lisp (file)

Constant: +asn1_private+

Package: cl-tls
Source: asn.1.lisp (file)

Constant: +asn1_universal+

Package: cl-tls
Source: asn.1.lisp (file)

Constant: +bad-certificate+

Package: cl-tls
Source: alert.lisp (file)

Constant: +bad-record-mac+

Package: cl-tls
Source: alert.lisp (file)

Constant: +certificate+

Package: cl-tls
Source: tls.lisp (file)

Constant: +certificate-expired+

Package: cl-tls
Source: alert.lisp (file)

Constant: +certificate-request+

Package: cl-tls
Source: tls.lisp (file)

Constant: +certificate-revoked+

Package: cl-tls
Source: alert.lisp (file)

Constant: +certificate-unknown+

Package: cl-tls
Source: alert.lisp (file)

Constant: +certificate-verify+

Package: cl-tls
Source: tls.lisp (file)

Constant: +change-cipher-spec+

Package: cl-tls
Source: tls.lisp (file)

Constant: +client-hello+

Package: cl-tls
Source: tls.lisp (file)

Constant: +client-key-exchange+

Package: cl-tls
Source: tls.lisp (file)

Constant: +close-notify+

Package: cl-tls
Source: alert.lisp (file)

Constant: +decode-error+

Package: cl-tls
Source: alert.lisp (file)

Constant: +decompression-failure+

Package: cl-tls
Source: alert.lisp (file)

Constant: +decrypt-error+

Package: cl-tls
Source: alert.lisp (file)

Constant: +decryption-failed-reserved+

Package: cl-tls
Source: alert.lisp (file)

Constant: +export-restriction-reserved+

Package: cl-tls
Source: alert.lisp (file)

Constant: +fatal+

Package: cl-tls
Source: alert.lisp (file)

Constant: +finished+

Package: cl-tls
Source: tls.lisp (file)

Constant: +handshake+

Package: cl-tls
Source: tls.lisp (file)

Constant: +handshake-failure+

Package: cl-tls
Source: alert.lisp (file)

Constant: +hello-request+

Package: cl-tls
Source: tls.lisp (file)

Constant: +illegal-parameter+

Package: cl-tls
Source: alert.lisp (file)

Constant: +insufficient-security+

Package: cl-tls
Source: alert.lisp (file)

Constant: +internal-error+

Package: cl-tls
Source: alert.lisp (file)

Constant: +md2withrsaencryption+

Package: cl-tls
Source: x509.lisp (file)

Constant: +md5withrsaencryption+

Package: cl-tls
Source: x509.lisp (file)

Constant: +no-certificate-reserved+

Package: cl-tls
Source: alert.lisp (file)

Constant: +no-renegotiation+

Package: cl-tls
Source: alert.lisp (file)

Constant: +protocol-version+

Package: cl-tls
Source: alert.lisp (file)

Constant: +record-overflow+

Package: cl-tls
Source: alert.lisp (file)

Constant: +server-hello+

Package: cl-tls
Source: tls.lisp (file)

Constant: +server-hello-done+

Package: cl-tls
Source: tls.lisp (file)

Constant: +server-key-exchange+

Package: cl-tls
Source: tls.lisp (file)

Constant: +sha1withrsaencryption+

Package: cl-tls
Source: x509.lisp (file)

Constant: +sha224withrsaencryption+

Package: cl-tls
Source: x509.lisp (file)

Constant: +sha256withrsaencryption+

Package: cl-tls
Source: x509.lisp (file)

Constant: +sha384withrsaencryption+

Package: cl-tls
Source: x509.lisp (file)

Constant: +sha512withrsaencryption+

Package: cl-tls
Source: x509.lisp (file)

Constant: +unexpected-message+

Package: cl-tls
Source: alert.lisp (file)

Constant: +unknown-ca+

Package: cl-tls
Source: alert.lisp (file)

Constant: +unsupported-certificate+

Package: cl-tls
Source: alert.lisp (file)

Constant: +unsupported-extension+

Package: cl-tls
Source: alert.lisp (file)

Constant: +user-canceled+

Package: cl-tls
Source: alert.lisp (file)

Constant: +warning+

Package: cl-tls
Source: alert.lisp (file)

6.2.2 Special variables

Special Variable: *certificate-request-msg*

Package: cl-tls
Source: tls.lisp (file)

Special Variable: *crlf*

Package: cl-tls
Source: http.lisp (file)

Special Variable: *debug-stream*

Package: cl-tls
Source: tls.lisp (file)

Special Variable: *id-ad-ocsp*

Package: cl-tls
Source: ocsp.lisp (file)

Special Variable: *log-level*

Package: cl-tls
Source: tls.lisp (file)

Special Variable: *max-certificate-chain-length*

Package: cl-tls
Source: tls.lisp (file)

Special Variable: *max-content-length*

Package: cl-tls
Source: http.lisp (file)

Special Variable: *max-fragment-length*

Package: cl-tls
Source: tls.lisp (file)

Special Variable: *max-int-len*

Package: cl-tls
Source: asn.1.lisp (file)

Special Variable: *supported-cipher-suites*

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: *version*

Package: cl-tls
Source: tls.lisp (file)

Special Variable: +3des-block-size+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +3des-encryption-suites+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +aes-128-ciphers+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +aes-256-ciphers+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +aes-block-size+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +aes-encryption-suites+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +anon-authentication-suites+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +cbc-mode-ciphers+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +dh-key-exchange-suites+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +dhe-key-exchange-suites+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +dss-authentication-suites+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +md5-ciphers+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +rc4-encryption-suites+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +rsa-authentication-suites+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +rsa-key-exchange-suites+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +sha1-ciphers+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +sha256-ciphers+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_anon_with_3des_ede_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_anon_with_aes_128_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_anon_with_aes_128_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_anon_with_aes_256_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_anon_with_aes_256_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_anon_with_rc4_128_md5+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_dss_with_3des_ede_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_dss_with_aes_128_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_dss_with_aes_128_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_dss_with_aes_256_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_dss_with_aes_256_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_rsa_with_3des_ede_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_rsa_with_aes_128_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_rsa_with_aes_128_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_rsa_with_aes_256_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dh_rsa_with_aes_256_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dhe_dss_with_3des_ede_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dhe_dss_with_aes_128_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dhe_dss_with_aes_128_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dhe_dss_with_aes_256_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dhe_dss_with_aes_256_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dhe_rsa_with_3des_ede_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dhe_rsa_with_aes_128_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dhe_rsa_with_aes_128_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dhe_rsa_with_aes_256_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_dhe_rsa_with_aes_256_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_rsa_with_3des_ede_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_rsa_with_aes_128_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_rsa_with_aes_128_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_rsa_with_aes_256_cbc_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_rsa_with_aes_256_cbc_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_rsa_with_null_md5+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_rsa_with_null_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_rsa_with_null_sha256+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_rsa_with_rc4_128_md5+

Package: cl-tls
Source: ciphersuites.lisp (file)

Special Variable: +tls_rsa_with_rc4_128_sha+

Package: cl-tls
Source: ciphersuites.lisp (file)

6.2.3 Symbol macros

Symbol Macro: endpoint-decryption-key

Package: cl-tls
Source: crypto.lisp (file)
Expansion: (if (eql cl-tls::role :client) cl-tls::server-write-key cl-tls::client-write-key)

Symbol Macro: endpoint-encryption-key

Package: cl-tls
Source: crypto.lisp (file)
Expansion: (if (eql cl-tls::role :client) cl-tls::client-write-key cl-tls::server-write-key)

Symbol Macro: endpoint-mac-decryption-key

Package: cl-tls
Source: tls.lisp (file)
Expansion: (if (eql cl-tls::role :client) cl-tls::server-write-mac-key cl-tls::client-write-mac-key)

Symbol Macro: endpoint-mac-encryption-key

Package: cl-tls
Source: tls.lisp (file)
Expansion: (if (eql cl-tls::role :client) cl-tls::client-write-mac-key cl-tls::server-write-mac-key)

6.2.4 Macros

Macro: bind-tbs TBS &body BODY

Package: cl-tls
Source: x509.lisp (file)

Macro: ocsp-catch-asn-error &body BODY

Package: cl-tls
Source: ocsp.lisp (file)

Macro: with-specification-map MAP VEC ERROR-CLAUSE &body B

Package: cl-tls
Source: utils.lisp (file)

6.2.5 Functions

Function: add-handshake-header HANDSHAKE-TYPE BUFFER

Package: cl-tls
Source: tls.lisp (file)

Function: alert-record-to-text CONTENT

Package: cl-tls
Source: alert.lisp (file)

Function: asn-sequence-to-indices VEC &optional CONTENTS-START

Given an asn sequence, return a list of the types of elements in them and their start and end positions in the vector

Package: cl-tls
Source: asn.1.lisp (file)

Function: asn-time-to-universal-time TIME-STRING

Converts utcTime or GeneralTime to universal time

Package: cl-tls
Source: x509.lisp (file)

Function: asn-type-matches-p TYPE INFO

Package: cl-tls
Source: utils.lisp (file)

Function: bytes-in-int INT

Return the least number of octets needed to represent an integer

Package: cl-tls
Source: utils.lisp (file)

Function: calculate-mac SESSION CONTENT-TYPE MESSAGE

Package: cl-tls
Source: tls.lisp (file)

Function: calculate-verification-mac SESSION CONTENT-TYPE MESSAGE

Package: cl-tls
Source: tls.lisp (file)

Function: cat-vectors &rest VECTORS

Package: cl-tls
Source: utils.lisp (file)

Function: check-certificate-status SESSION SUBJECT ISSUER

Check certificate status via OCSP.
If the OCSP request is successful and the status os good, return true. Return false in every other case

Package: cl-tls
Source: validate.lisp (file)

Function: check-ocsp SUBJECT ISSUER

Return the status of the certificate or signal an error

Package: cl-tls
Source: ocsp.lisp (file)

Function: cipher-suite-supported-p CS SESSION

Package: cl-tls
Source: tls.lisp (file)

Function: compute-shared-secret DH-PARAMS SECRET-EXP DH-PUBLIC-VALUE

Generates the final secret, given the dh-params and the dh-public-value of the other party

Package: cl-tls
Source: pkcs3.lisp (file)

Function: create-cert-id ISSUER-DN ISSUER-PUB-KEY CERT-SERIAL-NUMBER &optional HASH-ALGORITHM

Package: cl-tls
Source: ocsp.lisp (file)

Function: create-cert-status-request ()

Package: cl-tls
Source: extensions.lisp (file)

Function: create-cipher-vector INCLUDE EXCLUDE &optional AUTHENTICATION-METHOD

Package: cl-tls
Source: tls.lisp (file)

Function: create-explicit-tag CONTENTS NUMBER &optional CLASS

Package: cl-tls
Source: asn.1.lisp (file)

Function: create-listener-session &key PRIVATE-KEY CERTIFICATE CA-CERTIFICATES INCLUDE-CIPHERS EXCLUDE-CIPHERS DH-PARAMS AUTHENTICATE-CLIENT-P REQUIRE-AUTHENTICATION-P

Package: cl-tls
Source: tls.lisp (file)

Function: create-request CERT-ID

Package: cl-tls
Source: ocsp.lisp (file)

Function: create-session ROLE &key CERTIFICATE PRIVATE-KEY CA-CERTIFICATES IO-STREAM INPUT-STREAM OUTPUT-STREAM INCLUDE-CIPHERS EXCLUDE-CIPHERS PEER-DNS-NAME PEER-IP-ADDRESSES

Package: cl-tls
Source: tls.lisp (file)

Function: create-sni FQDN

Package: cl-tls
Source: extensions.lisp (file)

Function: create-tbs-request IDENTIFIERS

identifiers is a list of lists with identifier-dn identifier-pub-key, and serial number

Package: cl-tls
Source: ocsp.lisp (file)

Function: decapsulate TXT PREFIX SUFFIX &key START END

Read string encapsulated between a prefix and suffix

Package: cl-tls
Source: rfc7468.lisp (file)

Function: decode-oid VEC

Decode an OID into a list of integers

Package: cl-tls
Source: asn.1.lisp (file)

Function: dhparams-from-key-file PATH

Package: cl-tls
Source: tls.lisp (file)

Function: digitally-sign SESSION DATA

Create a digitally-signed-struct

Package: cl-tls
Source: crypto.lisp (file)

Function: dns-match-p PATTERN DNS-NAME

Simple pattern matching for dns names. Only accepts one wildcard subdomain name.

Package: cl-tls
Source: utils.lisp (file)

Function: dump-to-file OV FILE-SPEC

Package: cl-tls
Source: utils.lisp (file)

Function: emsa-pkcs1-v1.5-encode M EMLEN HASH-ALGORITHM

Package: cl-tls
Source: pkcs1.lisp (file)

Function: encrypt-and-send SESSION CONTENT-TYPE CONTENT &key START END

Package: cl-tls
Source: tls.lisp (file)

Function: fill-random-nonzero-octets BUFFER &optional START END

Package: cl-tls
Source: pkcs1.lisp (file)

Function: find-certificates DIR

Package: cl-tls
Source: utils.lisp (file)

Function: from-stream-parse-der OCTET-STREAM &key MODE

Parse a single DER element from the stream. Maximum length
of integer values is max-int-len
If mode is :serialized, this function returns the plain contents octets
If mode is :deserialized, this function attempt to convert the contents octets into a lisp object if the class type is universal.

Package: cl-tls
Source: asn.1.lisp (file)

Function: gen-key-material CLIENT

Generate the session keying material

Package: cl-tls
Source: crypto.lisp (file)

Function: generate-dh-params &key L P G

Package: cl-tls
Source: pkcs3.lisp (file)

Function: get-application-data SESSION EOF-ERROR-P EOF-VALUE

Get application data, take care of renegotiation transparently

Package: cl-tls
Source: tls.lisp (file)

Function: get-ca-certificates PATH

Package: cl-tls
Source: tls.lisp (file)

Function: get-change-cipher-spec SESSION

Package: cl-tls
Source: tls.lisp (file)

Function: get-contents PATH

Get the contents of the file, either as text if it is text content or as an octet vector otherwise

Package: cl-tls
Source: utils.lisp (file)

Function: get-der-contents-indices OCTET-STREAM

Decodes the Type and length fields, and returns bounding array indices of the contents octets.

Package: cl-tls
Source: asn.1.lisp (file)

Function: get-dh-params PATH

Package: cl-tls
Source: tls.lisp (file)

Function: get-handshake-message SESSION &optional HANDSHAKE-FRAGMENT

Package: cl-tls
Source: tls.lisp (file)

Function: get-issuer-octets CERT

Get the raw der-encoded contents of the issuer field in the certificate

Package: cl-tls
Source: validate.lisp (file)

Function: get-private-key PATH

Package: cl-tls
Source: tls.lisp (file)

Function: get-pubkey-octets CERT

Get the raw der-encoded contents of the public key field in the certificate

Package: cl-tls
Source: validate.lisp (file)

Function: get-random-octets N &optional BUFFER

Return a series of n octets from a cryptographically secure source

Package: cl-tls
Source: utils.lisp (file)

Function: get-raw-tbs CERT

Get the raw octets of the DER-encoded tbsCertificate structure

Package: cl-tls
Source: x509.lisp (file)

Function: get-sequence STREAM LENGTH

Package: cl-tls
Source: utils.lisp (file)

Function: get-session-id ()

Package: cl-tls
Source: tls.lisp (file)

Function: gmt-unix-time ()

Return a number representing the seconds that have elapsed since January 1, 1970

Package: cl-tls
Source: utils.lisp (file)

Function: header-value HEADER-KEY HEADERS

Package: cl-tls
Source: http.lisp (file)

Function: http-request URL &key METHOD BODY CONTENT-TYPE

Retrieve response body of http transaction

Package: cl-tls
Source: http.lisp (file)

Function: integer-to-octets INT &optional LENGTH

Convert an integer into a network-byte-ordered vector of octets, padded with zeros if the number of octets in int is less than length.

Package: cl-tls
Source: utils.lisp (file)

Function: integer-to-vlq N

Package: cl-tls
Source: asn.1.lisp (file)

Function: load-der-priv-key OCTET-VECTOR

Load a PKCS#8-encoded (rfc5208) private key file

Package: cl-tls
Source: pkcs8.lisp (file)

Function: load-pem-priv-key CHARACTER-VECTOR

Load a PEM-encoded Private key; PEM-encoded keys should be just base64-encoded PKCS#8 PrivateKeyInfo structures with a header and a footer. But they’re sometimes not, instead being just the privateKey-RSAPrivateKey and DSAPrivateKey.

Package: cl-tls
Source: pkcs8.lisp (file)

Function: load-priv-key OBJ

Package: cl-tls
Source: pkcs8.lisp (file)

Function: make-dh-key-pair DH-PARAMS &optional STATIC

Generate a Private/Public key pair

Package: cl-tls
Source: pkcs3.lisp (file)

Function: make-octet-stream OCTET-VECTOR

Package: cl-tls
Source: asn.1.lisp (file)

Function: make-octet-vector &key LENGTH INITIAL-CONTENTS

Package: cl-tls
Source: utils.lisp (file)

Function: octets-to-integer OV &key START END

Package: cl-tls
Source: utils.lisp (file)

Function: ov-buffer-position OS

Package: cl-tls
Source: asn.1.lisp (file)

Function: p-hash SECRET DATA OUTPUT-LENGTH &optional DIGEST-ALGORITHM

Package: cl-tls
Source: crypto.lisp (file)

Function: pack-extension EXTENSION-TYPE EXTENSION-DATA

Package: cl-tls
Source: extensions.lisp (file)

Function: parse-access-description VALUE

Package: cl-tls
Source: extensions.lisp (file)

Function: parse-cipher-suite CIPHER-SUITE SESSION

Package: cl-tls
Source: tls.lisp (file)

Function: parse-directory-name RDNS

Parse DER-encoded distinguishedName sequence

Package: cl-tls
Source: x509.lisp (file)

Function: parse-enc-scheme ENC-SCHEME

Package: cl-tls
Source: pkcs5.lisp (file)

Function: parse-general-name GENERAL-NAME

Package: cl-tls
Source: extensions.lisp (file)

Function: parse-general-names GENERAL-NAMES

Return a bag of generalNames

Package: cl-tls
Source: extensions.lisp (file)

Function: parse-headers-from-stream STREAM

Repeatedly read headers from stream

Package: cl-tls
Source: http.lisp (file)

Function: parse-kdf KDF

Package: cl-tls
Source: pkcs5.lisp (file)

Function: parse-pem TEXT

Package: cl-tls
Source: rfc7468.lisp (file)

Function: parse-pka PUBLIC-KEY-ALGORITHM

Parse the OID in the SubjectPublicKeyInfo and the parameters

Package: cl-tls
Source: x509.lisp (file)

Function: parse-priv-key OV PRIVATE-KEY-ALGORITHM

Package: cl-tls
Source: pkcs8.lisp (file)

Function: parse-pub-key OV ALGORITHM

Package: cl-tls
Source: x509.lisp (file)

Function: parse-qualifier POLICY-QUALIFIER-ID QUALIFIER

Package: cl-tls
Source: extensions.lisp (file)

Function: parse-response-data DATA SERIAL

Package: cl-tls
Source: ocsp.lisp (file)

Function: parse-signature-algorithm SIG

Parse the sequence containing OID + optional parameters

Package: cl-tls
Source: x509.lisp (file)

Function: parse-tbs-certificate TBS-CERTIFICATE

Package: cl-tls
Source: x509.lisp (file)

Function: parse-uri URI

Parse URI into its components as specified in rfc3986

Package: cl-tls
Source: http.lisp (file)

Function: prepare-ocsp-request IDENTIFIERS

Package: cl-tls
Source: ocsp.lisp (file)

Function: prf SECRET LABEL SEED OUTPUT-LENGTH

Package: cl-tls
Source: crypto.lisp (file)

Function: process-extensions EXTENSIONS

Package: cl-tls
Source: x509.lisp (file)

Function: read-chunk STREAM

Read a single chunk, or nil upon receiving 0-length header

Package: cl-tls
Source: http.lisp (file)

Function: read-chunked-response STREAM

Package: cl-tls
Source: http.lisp (file)

Function: read-header STREAM

Read one header from stream

Package: cl-tls
Source: http.lisp (file)

Function: reassemble-handshake-message SESSION &optional HANDSHAKE-FRAGMENT

Handle defragmentation of handshake messages

Package: cl-tls
Source: tls.lisp (file)

Function: remove-padding OV

Remove rfc1423 padding from octet-vector ov

Package: cl-tls
Source: pkcs5.lisp (file)

Function: send-alert SESSION LEVEL DESCRIPTION

Send an alert record

Package: cl-tls
Source: alert.lisp (file)

Function: sign-dh-params SESSION PARAMS

Package: cl-tls
Source: crypto.lisp (file)

Function: split-header HEADER

Split header into its key and value components

Package: cl-tls
Source: http.lisp (file)

Function: split-string STR TARGET

Package: cl-tls
Source: utils.lisp (file)

Function: stream-octets-to-integer STREAM LENGTH

Package: cl-tls
Source: utils.lisp (file)

Function: strong-random-range A B

Generate a random integer between a and b, inclusive

Package: cl-tls
Source: pkcs3.lisp (file)

Function: symbol-to-suite-list SYM

Package: cl-tls
Source: tls.lisp (file)

Function: time-valid-p CERT

Package: cl-tls
Source: x509.lisp (file)

Function: timing-independent-compare VEC1 VEC2

Compare octet vectors in a time-independent manner

Package: cl-tls
Source: utils.lisp (file)

Function: trim-space STR

Package: cl-tls
Source: http.lisp (file)

Function: validate SESSION CHAIN

Certificate Path validation, including status checking

Package: cl-tls
Source: validate.lisp (file)

Function: verify-ocsp-signature SIGNING-CERTIFICATE RESPONSE-DATA SIGNATURE SIGNATURE-ALGORITHM

Package: cl-tls
Source: ocsp.lisp (file)

Function: verify-signature SUBJECT ISSUER

Package: cl-tls
Source: x509.lisp (file)

Function: verify-signed-data SESSION DATA ALGORITHM SIGNATURE

Package: cl-tls
Source: crypto.lisp (file)

Function: verify-signed-params SESSION DH-PARAMS ALGORITHM SIGNATURE

Package: cl-tls
Source: crypto.lisp (file)

6.2.6 Generic functions

Generic Function: alert CONDITION

Generic Function: (setf alert) NEW-VALUE CONDITION

Package

cl-tls

Methods

Method: alert (CONDITION exception)

Method: (setf alert) NEW-VALUE (CONDITION exception)

Source: tls.lisp (file)

Generic Function: authority-information-access OBJECT

Generic Function: (setf authority-information-access) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: authority-information-access (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf authority-information-access) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: authority-key-identifier OBJECT

Generic Function: (setf authority-key-identifier) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: authority-key-identifier (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf authority-key-identifier) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: basic-constraints OBJECT

Generic Function: (setf basic-constraints) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: basic-constraints (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf basic-constraints) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: certificate-policies OBJECT

Generic Function: (setf certificate-policies) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: certificate-policies (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf certificate-policies) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: ciphertext-to-compressed SESSION CONTENT-TYPE CIPHERTEXT

Package

cl-tls

Source

tls.lisp (file)

Methods

Method: ciphertext-to-compressed (SESSION session) CONTENT-TYPE CIPHERTEXT

Generic Function: client-certificate-url OBJECT

Generic Function: (setf client-certificate-url) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: client-certificate-url (HELLO-EXTENSIONS hello-extensions)

automatically generated reader method

Source: tls.lisp (file)

Method: (setf client-certificate-url) NEW-VALUE (HELLO-EXTENSIONS hello-extensions)

automatically generated writer method

Source: tls.lisp (file)

Generic Function: crl-distribution-points OBJECT

Generic Function: (setf crl-distribution-points) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: crl-distribution-points (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf crl-distribution-points) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: decrypt SESSION CIPHERTEXT

Package

cl-tls

Source

tls.lisp (file)

Methods

Method: decrypt (SESSION session) CIPHERTEXT

Generic Function: encrypt SESSION PLAINTEXT

Package

cl-tls

Source

tls.lisp (file)

Methods

Method: encrypt (SESSION session) PLAINTEXT

Generic Function: extended-key-usage OBJECT

Generic Function: (setf extended-key-usage) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: extended-key-usage (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf extended-key-usage) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: extensions OBJECT

Generic Function: (setf extensions) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: extensions (TBS-CERTIFICATE tbs-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf extensions) NEW-VALUE (TBS-CERTIFICATE tbs-certificate)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: generator OBJECT

Package

cl-tls

Methods

Method: generator (DH-PARAMS dh-params)

automatically generated reader method

Source: pkcs3.lisp (file)

Generic Function: get-record SESSION

Package

cl-tls

Source

tls.lisp (file)

Methods

Method: get-record (SESSION session)

Generic Function: handle-handshake MESSAGE SESSION TYPE

Package

cl-tls

Source

tls.lisp (file)

Methods

Method: handle-handshake BUFFER SESSION (TYPE (eql server-hello))

Method: handle-handshake BUFFER SESSION (TYPE (eql certificate))

Method: handle-handshake BUFFER SESSION (TYPE (eql server-hello-done))

Method: handle-handshake BUFFER SESSION (TYPE (eql certificate-request))

Method: handle-handshake BUFFER SESSION (TYPE (eql finished))

Method: handle-handshake BUFFER SESSION (TYPE (eql server-key-exchange))

Method: handle-handshake BUFFER SESSION (TYPE (eql client-hello))

Method: handle-handshake BUFFER SESSION (TYPE (eql certificate-verify))

Method: handle-handshake BUFFER SESSION (TYPE (eql client-key-exchange))

Generic Function: handshake-messages OBJECT

Generic Function: (setf handshake-messages) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: handshake-messages (SESSION session)

automatically generated reader method

Source: tls.lisp (file)

Method: (setf handshake-messages) NEW-VALUE (SESSION session)

automatically generated writer method

Source: tls.lisp (file)

Generic Function: hash OBJECT

Generic Function: (setf hash) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: hash (X509V3-CERTIFICATE x509v3-certificate)

Method: (setf hash) NEW-VALUE (X509V3-CERTIFICATE x509v3-certificate)

The hash of the raw octets of the certificate

Source: x509.lisp (file)

Generic Function: host-name OBJECT

Generic Function: (setf host-name) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: host-name (HELLO-EXTENSIONS hello-extensions)

automatically generated reader method

Source: tls.lisp (file)

Method: (setf host-name) NEW-VALUE (HELLO-EXTENSIONS hello-extensions)

automatically generated writer method

Source: tls.lisp (file)

Generic Function: initiate-connection SESSION &key SKIP-HELLO

Package

cl-tls

Source

tls.lisp (file)

Methods

Method: initiate-connection (SESSION server-session) &key SKIP-HELLO: Attempt a handshake as a server

Method: initiate-connection (SESSION client-session) &key: Attempt a handshake as a client

Generic Function: issuer OBJECT

Generic Function: (setf issuer) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: issuer (TBS-CERTIFICATE tbs-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf issuer) NEW-VALUE (TBS-CERTIFICATE tbs-certificate)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: issuer-alternative-name OBJECT

Generic Function: (setf issuer-alternative-name) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: issuer-alternative-name (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf issuer-alternative-name) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: issuer-unique-id OBJECT

Generic Function: (setf issuer-unique-id) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: issuer-unique-id (TBS-CERTIFICATE tbs-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf issuer-unique-id) NEW-VALUE (TBS-CERTIFICATE tbs-certificate)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: key-usage OBJECT

Generic Function: (setf key-usage) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: key-usage (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf key-usage) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: log-info CONDITION

Generic Function: (setf log-info) NEW-VALUE CONDITION

Package

cl-tls

Methods

Method: log-info (CONDITION exception)

Method: (setf log-info) NEW-VALUE (CONDITION exception)

Source: tls.lisp (file)

Method: log-info (CONDITION http-error)

Method: (setf log-info) NEW-VALUE (CONDITION http-error)

Source: http.lisp (file)

Method: log-info (CONDITION ocsp-error)

Method: (setf log-info) NEW-VALUE (CONDITION ocsp-error)

Source: ocsp.lisp (file)

Generic Function: max-fragment-length OBJECT

Generic Function: (setf max-fragment-length) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: max-fragment-length (HELLO-EXTENSIONS hello-extensions)

automatically generated reader method

Source: tls.lisp (file)

Method: (setf max-fragment-length) NEW-VALUE (HELLO-EXTENSIONS hello-extensions)

automatically generated writer method

Source: tls.lisp (file)

Generic Function: ov-read-byte OS

Package

cl-tls

Source

asn.1.lisp (file)

Methods

Method: ov-read-byte (OS octet-stream)

Generic Function: ov-read-sequence OV OS

Package

cl-tls

Source

asn.1.lisp (file)

Methods

Method: ov-read-sequence OV (OS octet-stream)

Generic Function: parse-extension SESSION EXTENSION-DATA TYPE

Package

cl-tls

Source

extensions.lisp (file)

Methods

Method: parse-extension SESSION EXTENSION-DATA (TYPE (eql status-request))

Method: parse-extension SESSION EXTENSION-DATA (TYPE (eql truncated-hmac))

Method: parse-extension SESSION EXTENSION-DATA (TYPE (eql trusted-ca-keys))

Method: parse-extension SESSION EXTENSION-DATA (TYPE (eql signature-algorithm))

Method: parse-extension SESSION EXTENSION-DATA (TYPE (eql client-certificate-url))

Method: parse-extension SESSION EXTENSION-DATA (TYPE (eql max-fragment-length))

Method: parse-extension SESSION EXTENSION-DATA (TYPE (eql server-name))

Generic Function: path OBJECT

Generic Function: (setf path) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: path (URI uri)

automatically generated reader method

Source: http.lisp (file)

Method: (setf path) NEW-VALUE (URI uri)

automatically generated writer method

Source: http.lisp (file)

Generic Function: policy-mappings OBJECT

Generic Function: (setf policy-mappings) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: policy-mappings (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf policy-mappings) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: pre-master-secret OBJECT

Generic Function: (setf pre-master-secret) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: pre-master-secret (SESSION session)

automatically generated reader method

Source: tls.lisp (file)

Method: (setf pre-master-secret) NEW-VALUE (SESSION session)

automatically generated writer method

Source: tls.lisp (file)

Generic Function: prime-modulus OBJECT

Package

cl-tls

Methods

Method: prime-modulus (DH-PARAMS dh-params)

automatically generated reader method

Source: pkcs3.lisp (file)

Generic Function: process-extension X509-EXTENSION CRITICAL-P VALUE TYPE

Package

cl-tls

Source

extensions.lisp (file)

Methods

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql subject-information-access))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql authority-information-access))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql freshest-crl))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql inhibit-any-policy))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql crl-distribution-points))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql extended-key-usage))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql policy-constraints))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql name-constraints))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql basic-constraints))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql policy-mappings))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql certificate-policies))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql key-usage))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql subject-key-identifier))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql authority-key-identifier))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql issuer-alternative-name))

Method: process-extension X509 CRITICAL-P VALUE (TYPE (eql subject-alternative-name))

Generic Function: pub-key OBJECT

Generic Function: (setf pub-key) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: pub-key (SESSION session)

automatically generated reader method

Source: tls.lisp (file)

Method: (setf pub-key) NEW-VALUE (SESSION session)

automatically generated writer method

Source: tls.lisp (file)

Generic Function: raw OBJECT

Generic Function: (setf raw) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: raw (X509V3-CERTIFICATE x509v3-certificate)

Method: (setf raw) NEW-VALUE (X509V3-CERTIFICATE x509v3-certificate)

The raw octets of the certificate

Source: x509.lisp (file)

Generic Function: scheme OBJECT

Generic Function: (setf scheme) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: scheme (URI uri)

automatically generated reader method

Source: http.lisp (file)

Method: (setf scheme) NEW-VALUE (URI uri)

automatically generated writer method

Source: http.lisp (file)

Generic Function: send SESSION CONTENT-TYPE PAYLOAD

Package

cl-tls

Source

tls.lisp (file)

Methods

Method: send (SESSION session) CONTENT-TYPE PAYLOAD: Fragment -> (optionally) Compress -> Apply MAC -> Encrypt -> Transmit

Generic Function: send-change-cipher-spec SESSION

Package

cl-tls

Source

tls.lisp (file)

Methods

Method: send-change-cipher-spec SESSION

Generic Function: send-handshake SESSION HANDSHAKE-TYPE

Package

cl-tls

Source

tls.lisp (file)

Methods

Method: send-handshake (SESSION session) (HANDSHAKE-TYPE (eql client-hello))

Method: send-handshake (SESSION session) (HANDSHAKE-TYPE (eql client-key-exchange))

Method: send-handshake (SESSION session) (HANDSHAKE-TYPE (eql finished))

Method: send-handshake (SESSION session) (HANDSHAKE-TYPE (eql server-hello-done))

Method: send-handshake (SESSION session) (HANDSHAKE-TYPE (eql server-key-exchange))

Method: send-handshake (SESSION session) (HANDSHAKE-TYPE (eql certificate-request))

Method: send-handshake (SESSION session) (HANDSHAKE-TYPE (eql certificate-verify))

Method: send-handshake (SESSION session) (HANDSHAKE-TYPE (eql client-certificate))

Method: send-handshake (SESSION session) (HANDSHAKE-TYPE (eql certificate))

Method: send-handshake (SESSION session) (HANDSHAKE-TYPE (eql server-hello))

Generic Function: send-record SESSION CONTENT-TYPE PAYLOAD &key START END

Package

cl-tls

Source

tls.lisp (file)

Methods

Method: send-record (SESSION session) CONTENT-TYPE PAYLOAD &key START END

Generic Function: serial OBJECT

Generic Function: (setf serial) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: serial (TBS-CERTIFICATE tbs-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf serial) NEW-VALUE (TBS-CERTIFICATE tbs-certificate)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: signature OBJECT

Generic Function: (setf signature) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: signature (X509V3-CERTIFICATE x509v3-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf signature) NEW-VALUE (X509V3-CERTIFICATE x509v3-certificate)

automatically generated writer method

Source: x509.lisp (file)

Method: signature (TBS-CERTIFICATE tbs-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf signature) NEW-VALUE (TBS-CERTIFICATE tbs-certificate)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: signature-algorithm OBJECT

Generic Function: (setf signature-algorithm) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: signature-algorithm (X509V3-CERTIFICATE x509v3-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf signature-algorithm) NEW-VALUE (X509V3-CERTIFICATE x509v3-certificate)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: subject OBJECT

Generic Function: (setf subject) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: subject (TBS-CERTIFICATE tbs-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf subject) NEW-VALUE (TBS-CERTIFICATE tbs-certificate)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: subject-alternative-name OBJECT

Generic Function: (setf subject-alternative-name) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: subject-alternative-name (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf subject-alternative-name) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: subject-information-access OBJECT

Generic Function: (setf subject-information-access) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: subject-information-access (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf subject-information-access) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: subject-key-identifier OBJECT

Generic Function: (setf subject-key-identifier) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: subject-key-identifier (X509-EXTENSION x509-extension)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf subject-key-identifier) NEW-VALUE (X509-EXTENSION x509-extension)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: subject-pki OBJECT

Generic Function: (setf subject-pki) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: subject-pki (TBS-CERTIFICATE tbs-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf subject-pki) NEW-VALUE (TBS-CERTIFICATE tbs-certificate)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: subject-unique-id OBJECT

Generic Function: (setf subject-unique-id) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: subject-unique-id (TBS-CERTIFICATE tbs-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf subject-unique-id) NEW-VALUE (TBS-CERTIFICATE tbs-certificate)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: supported-signature-algorithms OBJECT

Generic Function: (setf supported-signature-algorithms) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: supported-signature-algorithms (HELLO-EXTENSIONS hello-extensions)

automatically generated reader method

Source: tls.lisp (file)

Method: (setf supported-signature-algorithms) NEW-VALUE (HELLO-EXTENSIONS hello-extensions)

automatically generated writer method

Source: tls.lisp (file)

Generic Function: tbs-certificate OBJECT

Generic Function: (setf tbs-certificate) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: tbs-certificate (X509V3-CERTIFICATE x509v3-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf tbs-certificate) NEW-VALUE (X509V3-CERTIFICATE x509v3-certificate)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: text CONDITION

Generic Function: (setf text) NEW-VALUE CONDITION

Package

cl-tls

Methods

Method: text (CONDITION tls-error)

Method: (setf text) NEW-VALUE (CONDITION tls-error)

Source: tls.lisp (file)

Method: text (CONDITION x509-decoding-error)

Source: x509.lisp (file)

Method: text (CONDITION asn.1-decoding-error)

Source: asn.1.lisp (file)

Generic Function: validity OBJECT

Generic Function: (setf validity) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: validity (TBS-CERTIFICATE tbs-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf validity) NEW-VALUE (TBS-CERTIFICATE tbs-certificate)

automatically generated writer method

Source: x509.lisp (file)

Generic Function: version OBJECT

Generic Function: (setf version) NEW-VALUE OBJECT

Package

cl-tls

Methods

Method: version (TBS-CERTIFICATE tbs-certificate)

automatically generated reader method

Source: x509.lisp (file)

Method: (setf version) NEW-VALUE (TBS-CERTIFICATE tbs-certificate)

automatically generated writer method

Source: x509.lisp (file)

6.2.7 Conditions

Condition: asn.1-decoding-error ()

Package

cl-tls

Source

asn.1.lisp (file)

Direct superclasses

error (condition)

Direct methods

text (method)

Direct slots

Slot: text

Initargs: :text
Readers: text (generic function)

Condition: exception ()

Package

cl-tls

Source

tls.lisp (file)

Direct superclasses

error (condition)

Direct methods

alert (method)
alert (method)
log-info (method)
log-info (method)

Direct slots

Slot: log

Initargs: :log
Readers: log-info (generic function)
Writers: (setf log-info) (generic function)

Slot: alert

Initargs: :alert
Readers: alert (generic function)
Writers: (setf alert) (generic function)

Condition: http-error ()

Package

cl-tls

Source

http.lisp (file)

Direct superclasses

error (condition)

Direct methods

log-info (method)
log-info (method)

Direct slots

Slot: log

Initargs: :log
Readers: log-info (generic function)
Writers: (setf log-info) (generic function)

Condition: ocsp-error ()

Package

cl-tls

Source

ocsp.lisp (file)

Direct superclasses

error (condition)

Direct methods

log-info (method)
log-info (method)

Direct slots

Slot: log

Initargs: :log
Readers: log-info (generic function)
Writers: (setf log-info) (generic function)

Condition: x509-decoding-error ()

Package

cl-tls

Source

x509.lisp (file)

Direct superclasses

error (condition)

Direct methods

text (method)

Direct slots

Slot: text

Initargs: :text
Readers: text (generic function)

6.2.8 Classes

Class: client-session ()

Package

cl-tls

Source

tls.lisp (file)

Direct superclasses

session (class)

Direct methods

initiate-connection (method)

Direct slots

Slot: role

Initform: :client

Class: dh-params ()

Package

cl-tls

Source

pkcs3.lisp (file)

Direct superclasses

standard-object (class)

Direct methods

generator (method)
prime-modulus (method)

Direct slots

Slot: p

Type: integer
Initargs: :p
Readers: prime-modulus (generic function)

Slot: g

Type: integer
Initargs: :g
Readers: generator (generic function)

Class: hello-extensions ()

Package

cl-tls

Source

tls.lisp (file)

Direct superclasses

standard-object (class)

Direct methods

supported-signature-algorithms (method)
supported-signature-algorithms (method)
client-certificate-url (method)
client-certificate-url (method)
max-fragment-length (method)
max-fragment-length (method)
host-name (method)
host-name (method)

Direct slots

Slot: host-name

Initargs: :host-name
Readers: host-name (generic function)
Writers: (setf host-name) (generic function)

Slot: max-fragment-length

Initargs: :max-fragment-length
Readers: max-fragment-length (generic function)
Writers: (setf max-fragment-length) (generic function)

Slot: client-certificate-url

Initargs: :client-certificate-url
Readers: client-certificate-url (generic function)
Writers: (setf client-certificate-url) (generic function)

Slot: supported-signature-algorithms

Initargs: :supported-signature-algorithms
Readers: supported-signature-algorithms (generic function)
Writers: (setf supported-signature-algorithms) (generic function)

Class: octet-stream ()

Package

cl-tls

Source

asn.1.lisp (file)

Direct superclasses

standard-object (class)

Direct methods

ov-read-sequence (method)
ov-read-byte (method)

Direct slots

Slot: octet-vector

Initargs: :ov

Slot: length

Initargs: :len

Slot: position

Initform: 0

Class: server-session ()

Package

cl-tls

Source

tls.lisp (file)

Direct superclasses

session (class)
shared-session-slots (class)

Direct methods

initiate-connection (method)

Class: session ()

Package

cl-tls

Source

tls.lisp (file)

Direct superclasses

standard-object (class)

Direct subclasses

server-session (class)
client-session (class)

Direct methods

get-record (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send-handshake (method)
send (method)
ciphertext-to-compressed (method)
decrypt (method)
encrypt (method)
send-record (method)
handshake-messages (method)
handshake-messages (method)
pre-master-secret (method)
pre-master-secret (method)
pub-key (method)
pub-key (method)

Direct slots

Slot: role

Initargs: :role

Slot: version

Initargs: :version
Initform: (cl-tls::make-octet-vector :initial-contents #(3 3))

Slot: hello-version

Initargs: :version
Initform: (cl-tls::make-octet-vector :initial-contents #(3 3))

Slot: resumable

Initargs: :resumable

Slot: ciphers

Initargs: :ciphers

Slot: state

Initform: :connecting

Slot: handshake-stage

Slot: certificate-requested

Slot: remote-certificate-type

Slot: cipher-suite

Slot: session-id

Slot: sequence-number-write

Initform: 0

Slot: sequence-number-read

Initform: 0

Slot: session-read-state

Initform: :null

Slot: session-write-state

Initform: :null

Slot: client-random

Slot: server-random

Slot: master-secret

Slot: key-exchange-method

Slot: authentication-method

Slot: encryption-algorithm

Slot: cipher-mode

Slot: mac-algorithm

Slot: block-size

Slot: cipher-type

Slot: requested-cert-type

Slot: supported-sig-algos

Slot: dh-params

Slot: dh-y

Slot: dhe-private-key

Slot: extensions-data

Initform: (make-instance (quote cl-tls::hello-extensions))

Slot: mac-key-length

Initform: 0

Slot: enc-key-length

Initform: 0

Slot: record-iv-length

Initform: 0

Slot: key_block

Slot: client-write-mac-key

Slot: server-write-mac-key

Slot: client-write-key

Slot: server-write-key

Slot: client-write-iv

Slot: server-write-iv

Slot: peer-dns-name

Initargs: :peer-dns-name

Slot: peer-ip-addresses

Initargs: :peer-ip-addresses

Slot: certificate

Initargs: :certificate

Slot: ca-certificates

Initargs: :ca-certificates

Slot: io-stream

Initargs: :io-stream

Slot: input-stream

Initargs: :input-stream

Slot: output-stream

Initargs: :output-stream

Slot: pub-key

Readers: pub-key (generic function)
Writers: (setf pub-key) (generic function)

Slot: priv-key

Initargs: :private-key

Slot: encrypting-cipher-object

Slot: decrypting-cipher-object

Slot: pre-master-secret

Readers: pre-master-secret (generic function)
Writers: (setf pre-master-secret) (generic function)

Slot: handshake-messages

Initform: (fast-io:make-octet-vector 0)
Readers: handshake-messages (generic function)
Writers: (setf handshake-messages) (generic function)

Class: shared-session-slots ()

Package

cl-tls

Source

tls.lisp (file)

Direct superclasses

standard-object (class)

Direct subclasses

server-session (class)

Direct slots

Slot: role

Allocation: :class
Initargs: :role
Initform: :server

Slot: certificate

Allocation: :class
Initargs: :certificate

Slot: ca-certificates

Allocation: :class
Initargs: :ca-certificates

Slot: resumable

Allocation: :class
Initargs: :resumable

Slot: ciphers

Allocation: :class
Initargs: :ciphers

Slot: pub-key

Allocation: :class

Slot: priv-key

Allocation: :class
Initargs: :private-key

Slot: dh-params

Allocation: :class
Initargs: :dh-params

Slot: version

Allocation: :class
Initargs: :version
Initform: (fast-io:octets-from #(3 3))

Slot: authenticate-client-p

Allocation: :class
Initargs: :authenticate-client-p

Slot: require-authentication-p

Allocation: :class
Initargs: :require-authentication-p

Class: tbs-certificate ()

Package

cl-tls

Source

x509.lisp (file)

Direct superclasses

standard-object (class)

Direct methods

extensions (method)
extensions (method)
subject-unique-id (method)
subject-unique-id (method)
issuer-unique-id (method)
issuer-unique-id (method)
subject-pki (method)
subject-pki (method)
subject (method)
subject (method)
validity (method)
validity (method)
issuer (method)
issuer (method)
signature (method)
signature (method)
serial (method)
serial (method)
version (method)
version (method)

Direct slots

Slot: version

Initargs: :version
Initform: 0
Readers: version (generic function)
Writers: (setf version) (generic function)

Slot: serial

Initargs: :serial
Readers: serial (generic function)
Writers: (setf serial) (generic function)

Slot: signature

Initargs: :signature
Readers: signature (generic function)
Writers: (setf signature) (generic function)

Slot: issuer

Initargs: :issuer
Readers: issuer (generic function)
Writers: (setf issuer) (generic function)

Slot: validity

Type: cl-tls::validity
Initargs: :validity
Readers: validity (generic function)
Writers: (setf validity) (generic function)

Slot: subject

Initargs: :subject
Readers: subject (generic function)
Writers: (setf subject) (generic function)

Slot: subject-pki

Type: cl-tls::algorithm-identifier
Initargs: :subject-pki
Readers: subject-pki (generic function)
Writers: (setf subject-pki) (generic function)

Slot: issuer-unique-id

Initargs: :issuer-unique-id
Readers: issuer-unique-id (generic function)
Writers: (setf issuer-unique-id) (generic function)

Slot: subject-unique-id

Initargs: cl-tls::subject-unique-id
Readers: subject-unique-id (generic function)
Writers: (setf subject-unique-id) (generic function)

Slot: extensions

Initargs: :extensions
Readers: extensions (generic function)
Writers: (setf extensions) (generic function)

Class: uri ()

Package

cl-tls

Source

http.lisp (file)

Direct superclasses

standard-object (class)

Direct methods

path (method)
path (method)
port (method)
port (method)
host (method)
host (method)
scheme (method)
scheme (method)

Direct slots

Slot: scheme

Initargs: :scheme
Readers: scheme (generic function)
Writers: (setf scheme) (generic function)

Slot: host

Initargs: :host
Readers: host (generic function)
Writers: (setf host) (generic function)

Slot: port

Initargs: :port
Readers: port (generic function)
Writers: (setf port) (generic function)

Slot: path

Initargs: :path
Readers: path (generic function)
Writers: (setf path) (generic function)

Class: x509-extension ()

Package

cl-tls

Source

x509.lisp (file)

Direct superclasses

standard-object (class)

Direct methods

subject-information-access (method)
subject-information-access (method)
authority-information-access (method)
authority-information-access (method)
crl-distribution-points (method)
crl-distribution-points (method)
extended-key-usage (method)
extended-key-usage (method)
basic-constraints (method)
basic-constraints (method)
policy-mappings (method)
policy-mappings (method)
certificate-policies (method)
certificate-policies (method)
key-usage (method)
key-usage (method)
subject-key-identifier (method)
subject-key-identifier (method)
authority-key-identifier (method)
authority-key-identifier (method)
issuer-alternative-name (method)
issuer-alternative-name (method)
subject-alternative-name (method)
subject-alternative-name (method)

Direct slots

Slot: subject-alternative-name

Readers: subject-alternative-name (generic function)
Writers: (setf subject-alternative-name) (generic function)

Slot: issuer-alternative-name

Readers: issuer-alternative-name (generic function)
Writers: (setf issuer-alternative-name) (generic function)

Slot: authority-key-identifier

Readers: authority-key-identifier (generic function)
Writers: (setf authority-key-identifier) (generic function)

Slot: subject-key-identifier

Readers: subject-key-identifier (generic function)
Writers: (setf subject-key-identifier) (generic function)

Slot: key-usage

Readers: key-usage (generic function)
Writers: (setf key-usage) (generic function)

Slot: certificate-policies

Readers: certificate-policies (generic function)
Writers: (setf certificate-policies) (generic function)

Slot: policy-mappings

Readers: policy-mappings (generic function)
Writers: (setf policy-mappings) (generic function)

Slot: basic-constraints

Readers: basic-constraints (generic function)
Writers: (setf basic-constraints) (generic function)

Slot: extended-key-usage

Readers: extended-key-usage (generic function)
Writers: (setf extended-key-usage) (generic function)

Slot: crl-distribution-points

Readers: crl-distribution-points (generic function)
Writers: (setf crl-distribution-points) (generic function)

Slot: authority-information-access

Readers: authority-information-access (generic function)
Writers: (setf authority-information-access) (generic function)

Slot: subject-information-access

Readers: subject-information-access (generic function)
Writers: (setf subject-information-access) (generic function)

Class: x509v3-certificate ()

Package

cl-tls

Source

x509.lisp (file)

Direct superclasses

standard-object (class)

Direct methods

print-object (method)
signature (method)
signature (method)
signature-algorithm (method)
signature-algorithm (method)
tbs-certificate (method)
tbs-certificate (method)
hash (method)
hash (method)
raw (method)
raw (method)

Direct slots

Slot: raw

The raw octets of the certificate

Initargs: :raw
Readers: raw (generic function)
Writers: (setf raw) (generic function)

Slot: hash

The hash of the raw octets of the certificate

Initargs: :hash
Readers: hash (generic function)
Writers: (setf hash) (generic function)

Slot: tbs-certificate

Initargs: :tbs-certificate
Readers: tbs-certificate (generic function)
Writers: (setf tbs-certificate) (generic function)

Slot: signature-algorithm

Initargs: :signature-algorithm
Readers: signature-algorithm (generic function)
Writers: (setf signature-algorithm) (generic function)

Slot: signature

Initargs: :signature
Readers: signature (generic function)
Writers: (setf signature) (generic function)

6.2.9 Types

Type: octet ()

Package: cl-tls
Source: utils.lisp (file)

Type: octet-vector ()

Package: cl-tls
Source: utils.lisp (file)

Appendix A Indexes

A.1 Concepts

Jump to:	C F L M S

	Index Entry	Section

C
	`cl-tls.asd`:	The cl-tls․asd file
	`cl-tls/LICENSE`:	The cl-tls/license file
	`cl-tls/README`:	The cl-tls/readme file
	`cl-tls/src`:	The cl-tls/src module
	`cl-tls/src/ASN.1`:	The cl-tls/src/asn․1 module
	`cl-tls/src/ASN.1/asn.1.lisp`:	The cl-tls/src/asn․1/asn․1․lisp file
	`cl-tls/src/package.lisp`:	The cl-tls/src/package․lisp file
	`cl-tls/src/PEM`:	The cl-tls/src/pem module
	`cl-tls/src/PEM/rfc7468.lisp`:	The cl-tls/src/pem/rfc7468․lisp file
	`cl-tls/src/pkcs`:	The cl-tls/src/pkcs module
	`cl-tls/src/pkcs/pkcs1.lisp`:	The cl-tls/src/pkcs/pkcs1․lisp file
	`cl-tls/src/pkcs/pkcs3.lisp`:	The cl-tls/src/pkcs/pkcs3․lisp file
	`cl-tls/src/pkcs/pkcs5.lisp`:	The cl-tls/src/pkcs/pkcs5․lisp file
	`cl-tls/src/pkcs/pkcs8.lisp`:	The cl-tls/src/pkcs/pkcs8․lisp file
	`cl-tls/src/tls`:	The cl-tls/src/tls module
	`cl-tls/src/tls/alert.lisp`:	The cl-tls/src/tls/alert․lisp file
	`cl-tls/src/tls/ciphersuites.lisp`:	The cl-tls/src/tls/ciphersuites․lisp file
	`cl-tls/src/tls/crypto.lisp`:	The cl-tls/src/tls/crypto․lisp file
	`cl-tls/src/tls/extensions.lisp`:	The cl-tls/src/tls/extensions․lisp file
	`cl-tls/src/tls/http.lisp`:	The cl-tls/src/tls/http․lisp file
	`cl-tls/src/tls/tls.lisp`:	The cl-tls/src/tls/tls․lisp file
	`cl-tls/src/tls/transport.lisp`:	The cl-tls/src/tls/transport․lisp file
	`cl-tls/src/utils.lisp`:	The cl-tls/src/utils․lisp file
	`cl-tls/src/x509`:	The cl-tls/src/x509 module
	`cl-tls/src/x509/extensions.lisp`:	The cl-tls/src/x509/extensions․lisp file
	`cl-tls/src/x509/ocsp.lisp`:	The cl-tls/src/x509/ocsp․lisp file
	`cl-tls/src/x509/validate.lisp`:	The cl-tls/src/x509/validate․lisp file
	`cl-tls/src/x509/x509.lisp`:	The cl-tls/src/x509/x509․lisp file

F
	File, Lisp, `cl-tls.asd`:	The cl-tls․asd file
	File, Lisp, `cl-tls/src/ASN.1/asn.1.lisp`:	The cl-tls/src/asn․1/asn․1․lisp file
	File, Lisp, `cl-tls/src/package.lisp`:	The cl-tls/src/package․lisp file
	File, Lisp, `cl-tls/src/PEM/rfc7468.lisp`:	The cl-tls/src/pem/rfc7468․lisp file
	File, Lisp, `cl-tls/src/pkcs/pkcs1.lisp`:	The cl-tls/src/pkcs/pkcs1․lisp file
	File, Lisp, `cl-tls/src/pkcs/pkcs3.lisp`:	The cl-tls/src/pkcs/pkcs3․lisp file
	File, Lisp, `cl-tls/src/pkcs/pkcs5.lisp`:	The cl-tls/src/pkcs/pkcs5․lisp file
	File, Lisp, `cl-tls/src/pkcs/pkcs8.lisp`:	The cl-tls/src/pkcs/pkcs8․lisp file
	File, Lisp, `cl-tls/src/tls/alert.lisp`:	The cl-tls/src/tls/alert․lisp file
	File, Lisp, `cl-tls/src/tls/ciphersuites.lisp`:	The cl-tls/src/tls/ciphersuites․lisp file
	File, Lisp, `cl-tls/src/tls/crypto.lisp`:	The cl-tls/src/tls/crypto․lisp file
	File, Lisp, `cl-tls/src/tls/extensions.lisp`:	The cl-tls/src/tls/extensions․lisp file
	File, Lisp, `cl-tls/src/tls/http.lisp`:	The cl-tls/src/tls/http․lisp file
	File, Lisp, `cl-tls/src/tls/tls.lisp`:	The cl-tls/src/tls/tls․lisp file
	File, Lisp, `cl-tls/src/tls/transport.lisp`:	The cl-tls/src/tls/transport․lisp file
	File, Lisp, `cl-tls/src/utils.lisp`:	The cl-tls/src/utils․lisp file
	File, Lisp, `cl-tls/src/x509/extensions.lisp`:	The cl-tls/src/x509/extensions․lisp file
	File, Lisp, `cl-tls/src/x509/ocsp.lisp`:	The cl-tls/src/x509/ocsp․lisp file
	File, Lisp, `cl-tls/src/x509/validate.lisp`:	The cl-tls/src/x509/validate․lisp file
	File, Lisp, `cl-tls/src/x509/x509.lisp`:	The cl-tls/src/x509/x509․lisp file
	File, static, `cl-tls/LICENSE`:	The cl-tls/license file
	File, static, `cl-tls/README`:	The cl-tls/readme file

L
	Lisp File, `cl-tls.asd`:	The cl-tls․asd file
	Lisp File, `cl-tls/src/ASN.1/asn.1.lisp`:	The cl-tls/src/asn․1/asn․1․lisp file
	Lisp File, `cl-tls/src/package.lisp`:	The cl-tls/src/package․lisp file
	Lisp File, `cl-tls/src/PEM/rfc7468.lisp`:	The cl-tls/src/pem/rfc7468․lisp file
	Lisp File, `cl-tls/src/pkcs/pkcs1.lisp`:	The cl-tls/src/pkcs/pkcs1․lisp file
	Lisp File, `cl-tls/src/pkcs/pkcs3.lisp`:	The cl-tls/src/pkcs/pkcs3․lisp file
	Lisp File, `cl-tls/src/pkcs/pkcs5.lisp`:	The cl-tls/src/pkcs/pkcs5․lisp file
	Lisp File, `cl-tls/src/pkcs/pkcs8.lisp`:	The cl-tls/src/pkcs/pkcs8․lisp file
	Lisp File, `cl-tls/src/tls/alert.lisp`:	The cl-tls/src/tls/alert․lisp file
	Lisp File, `cl-tls/src/tls/ciphersuites.lisp`:	The cl-tls/src/tls/ciphersuites․lisp file
	Lisp File, `cl-tls/src/tls/crypto.lisp`:	The cl-tls/src/tls/crypto․lisp file
	Lisp File, `cl-tls/src/tls/extensions.lisp`:	The cl-tls/src/tls/extensions․lisp file
	Lisp File, `cl-tls/src/tls/http.lisp`:	The cl-tls/src/tls/http․lisp file
	Lisp File, `cl-tls/src/tls/tls.lisp`:	The cl-tls/src/tls/tls․lisp file
	Lisp File, `cl-tls/src/tls/transport.lisp`:	The cl-tls/src/tls/transport․lisp file
	Lisp File, `cl-tls/src/utils.lisp`:	The cl-tls/src/utils․lisp file
	Lisp File, `cl-tls/src/x509/extensions.lisp`:	The cl-tls/src/x509/extensions․lisp file
	Lisp File, `cl-tls/src/x509/ocsp.lisp`:	The cl-tls/src/x509/ocsp․lisp file
	Lisp File, `cl-tls/src/x509/validate.lisp`:	The cl-tls/src/x509/validate․lisp file
	Lisp File, `cl-tls/src/x509/x509.lisp`:	The cl-tls/src/x509/x509․lisp file

M
	Module, `cl-tls/src`:	The cl-tls/src module
	Module, `cl-tls/src/ASN.1`:	The cl-tls/src/asn․1 module
	Module, `cl-tls/src/PEM`:	The cl-tls/src/pem module
	Module, `cl-tls/src/pkcs`:	The cl-tls/src/pkcs module
	Module, `cl-tls/src/tls`:	The cl-tls/src/tls module
	Module, `cl-tls/src/x509`:	The cl-tls/src/x509 module

S
	Static File, `cl-tls/LICENSE`:	The cl-tls/license file
	Static File, `cl-tls/README`:	The cl-tls/readme file

Jump to:	C F L M S

A.2 Functions

Jump to:	( A B C D E F G H I K L M O P R S T V W X

	Index Entry	Section

(
	`(setf alert)`:	Internal generic functions
	`(setf alert)`:	Internal generic functions
	`(setf authority-information-access)`:	Internal generic functions
	`(setf authority-information-access)`:	Internal generic functions
	`(setf authority-key-identifier)`:	Internal generic functions
	`(setf authority-key-identifier)`:	Internal generic functions
	`(setf basic-constraints)`:	Internal generic functions
	`(setf basic-constraints)`:	Internal generic functions
	`(setf certificate-policies)`:	Internal generic functions
	`(setf certificate-policies)`:	Internal generic functions
	`(setf client-certificate-url)`:	Internal generic functions
	`(setf client-certificate-url)`:	Internal generic functions
	`(setf crl-distribution-points)`:	Internal generic functions
	`(setf crl-distribution-points)`:	Internal generic functions
	`(setf extended-key-usage)`:	Internal generic functions
	`(setf extended-key-usage)`:	Internal generic functions
	`(setf extensions)`:	Internal generic functions
	`(setf extensions)`:	Internal generic functions
	`(setf handshake-messages)`:	Internal generic functions
	`(setf handshake-messages)`:	Internal generic functions
	`(setf hash)`:	Internal generic functions
	`(setf hash)`:	Internal generic functions
	`(setf host)`:	Exported generic functions
	`(setf host)`:	Exported generic functions
	`(setf host)`:	Exported generic functions
	`(setf host-name)`:	Internal generic functions
	`(setf host-name)`:	Internal generic functions
	`(setf issuer)`:	Internal generic functions
	`(setf issuer)`:	Internal generic functions
	`(setf issuer-alternative-name)`:	Internal generic functions
	`(setf issuer-alternative-name)`:	Internal generic functions
	`(setf issuer-unique-id)`:	Internal generic functions
	`(setf issuer-unique-id)`:	Internal generic functions
	`(setf key-usage)`:	Internal generic functions
	`(setf key-usage)`:	Internal generic functions
	`(setf log-info)`:	Internal generic functions
	`(setf log-info)`:	Internal generic functions
	`(setf log-info)`:	Internal generic functions
	`(setf log-info)`:	Internal generic functions
	`(setf max-fragment-length)`:	Internal generic functions
	`(setf max-fragment-length)`:	Internal generic functions
	`(setf path)`:	Internal generic functions
	`(setf path)`:	Internal generic functions
	`(setf policy-mappings)`:	Internal generic functions
	`(setf policy-mappings)`:	Internal generic functions
	`(setf port)`:	Exported generic functions
	`(setf port)`:	Exported generic functions
	`(setf port)`:	Exported generic functions
	`(setf pre-master-secret)`:	Internal generic functions
	`(setf pre-master-secret)`:	Internal generic functions
	`(setf pub-key)`:	Internal generic functions
	`(setf pub-key)`:	Internal generic functions
	`(setf raw)`:	Internal generic functions
	`(setf raw)`:	Internal generic functions
	`(setf scheme)`:	Internal generic functions
	`(setf scheme)`:	Internal generic functions
	`(setf serial)`:	Internal generic functions
	`(setf serial)`:	Internal generic functions
	`(setf signature)`:	Internal generic functions
	`(setf signature)`:	Internal generic functions
	`(setf signature)`:	Internal generic functions
	`(setf signature-algorithm)`:	Internal generic functions
	`(setf signature-algorithm)`:	Internal generic functions
	`(setf subject)`:	Internal generic functions
	`(setf subject)`:	Internal generic functions
	`(setf subject-alternative-name)`:	Internal generic functions
	`(setf subject-alternative-name)`:	Internal generic functions
	`(setf subject-information-access)`:	Internal generic functions
	`(setf subject-information-access)`:	Internal generic functions
	`(setf subject-key-identifier)`:	Internal generic functions
	`(setf subject-key-identifier)`:	Internal generic functions
	`(setf subject-pki)`:	Internal generic functions
	`(setf subject-pki)`:	Internal generic functions
	`(setf subject-unique-id)`:	Internal generic functions
	`(setf subject-unique-id)`:	Internal generic functions
	`(setf supported-signature-algorithms)`:	Internal generic functions
	`(setf supported-signature-algorithms)`:	Internal generic functions
	`(setf tbs-certificate)`:	Internal generic functions
	`(setf tbs-certificate)`:	Internal generic functions
	`(setf text)`:	Internal generic functions
	`(setf text)`:	Internal generic functions
	`(setf validity)`:	Internal generic functions
	`(setf validity)`:	Internal generic functions
	`(setf version)`:	Internal generic functions
	`(setf version)`:	Internal generic functions

A
	`accept-tunnel`:	Exported functions
	`add-handshake-header`:	Internal functions
	`alert`:	Internal generic functions
	`alert`:	Internal generic functions
	`alert-record-to-text`:	Internal functions
	`asn-sequence-to-indices`:	Internal functions
	`asn-sequence-to-list`:	Exported functions
	`asn-serialize`:	Exported functions
	`asn-time-to-universal-time`:	Internal functions
	`asn-type-matches-p`:	Internal functions
	`authority-information-access`:	Internal generic functions
	`authority-information-access`:	Internal generic functions
	`authority-key-identifier`:	Internal generic functions
	`authority-key-identifier`:	Internal generic functions

B
	`basic-constraints`:	Internal generic functions
	`basic-constraints`:	Internal generic functions
	`bind-tbs`:	Internal macros
	`bytes-in-int`:	Internal functions

C
	`calculate-mac`:	Internal functions
	`calculate-verification-mac`:	Internal functions
	`cat-vectors`:	Internal functions
	`certificate-policies`:	Internal generic functions
	`certificate-policies`:	Internal generic functions
	`check-certificate-status`:	Internal functions
	`check-ocsp`:	Internal functions
	`cipher-suite-supported-p`:	Internal functions
	`ciphertext-to-compressed`:	Internal generic functions
	`ciphertext-to-compressed`:	Internal generic functions
	`client-certificate-url`:	Internal generic functions
	`client-certificate-url`:	Internal generic functions
	`compute-shared-secret`:	Internal functions
	`create-asn-sequence`:	Exported functions
	`create-cert-id`:	Internal functions
	`create-cert-status-request`:	Internal functions
	`create-cipher-vector`:	Internal functions
	`create-explicit-tag`:	Internal functions
	`create-listener-session`:	Internal functions
	`create-request`:	Internal functions
	`create-session`:	Internal functions
	`create-sni`:	Internal functions
	`create-tbs-request`:	Internal functions
	`crl-distribution-points`:	Internal generic functions
	`crl-distribution-points`:	Internal generic functions

D
	`decapsulate`:	Internal functions
	`decode-oid`:	Internal functions
	`decrypt`:	Internal generic functions
	`decrypt`:	Internal generic functions
	`dhparams-from-key-file`:	Internal functions
	`digitally-sign`:	Internal functions
	`dns-match-p`:	Internal functions
	`dump-to-file`:	Internal functions

E
	`emsa-pkcs1-v1.5-encode`:	Internal functions
	`encode-oid`:	Exported functions
	`encrypt`:	Internal generic functions
	`encrypt`:	Internal generic functions
	`encrypt-and-send`:	Internal functions
	`extended-key-usage`:	Internal generic functions
	`extended-key-usage`:	Internal generic functions
	`extensions`:	Internal generic functions
	`extensions`:	Internal generic functions

F
	`fill-random-nonzero-octets`:	Internal functions
	`find-certificates`:	Internal functions
	`from-stream-parse-der`:	Internal functions
	`Function, accept-tunnel`:	Exported functions
	`Function, add-handshake-header`:	Internal functions
	`Function, alert-record-to-text`:	Internal functions
	`Function, asn-sequence-to-indices`:	Internal functions
	`Function, asn-sequence-to-list`:	Exported functions
	`Function, asn-serialize`:	Exported functions
	`Function, asn-time-to-universal-time`:	Internal functions
	`Function, asn-type-matches-p`:	Internal functions
	`Function, bytes-in-int`:	Internal functions
	`Function, calculate-mac`:	Internal functions
	`Function, calculate-verification-mac`:	Internal functions
	`Function, cat-vectors`:	Internal functions
	`Function, check-certificate-status`:	Internal functions
	`Function, check-ocsp`:	Internal functions
	`Function, cipher-suite-supported-p`:	Internal functions
	`Function, compute-shared-secret`:	Internal functions
	`Function, create-asn-sequence`:	Exported functions
	`Function, create-cert-id`:	Internal functions
	`Function, create-cert-status-request`:	Internal functions
	`Function, create-cipher-vector`:	Internal functions
	`Function, create-explicit-tag`:	Internal functions
	`Function, create-listener-session`:	Internal functions
	`Function, create-request`:	Internal functions
	`Function, create-session`:	Internal functions
	`Function, create-sni`:	Internal functions
	`Function, create-tbs-request`:	Internal functions
	`Function, decapsulate`:	Internal functions
	`Function, decode-oid`:	Internal functions
	`Function, dhparams-from-key-file`:	Internal functions
	`Function, digitally-sign`:	Internal functions
	`Function, dns-match-p`:	Internal functions
	`Function, dump-to-file`:	Internal functions
	`Function, emsa-pkcs1-v1.5-encode`:	Internal functions
	`Function, encode-oid`:	Exported functions
	`Function, encrypt-and-send`:	Internal functions
	`Function, fill-random-nonzero-octets`:	Internal functions
	`Function, find-certificates`:	Internal functions
	`Function, from-stream-parse-der`:	Internal functions
	`Function, gen-key-material`:	Internal functions
	`Function, generate-dh-params`:	Internal functions
	`Function, get-application-data`:	Internal functions
	`Function, get-ca-certificates`:	Internal functions
	`Function, get-change-cipher-spec`:	Internal functions
	`Function, get-contents`:	Internal functions
	`Function, get-der-contents-indices`:	Internal functions
	`Function, get-dh-params`:	Internal functions
	`Function, get-handshake-message`:	Internal functions
	`Function, get-issuer-octets`:	Internal functions
	`Function, get-private-key`:	Internal functions
	`Function, get-pubkey-octets`:	Internal functions
	`Function, get-random-octets`:	Internal functions
	`Function, get-raw-tbs`:	Internal functions
	`Function, get-sequence`:	Internal functions
	`Function, get-session-id`:	Internal functions
	`Function, gmt-unix-time`:	Internal functions
	`Function, header-value`:	Internal functions
	`Function, http-request`:	Internal functions
	`Function, initialize-listener`:	Exported functions
	`Function, integer-to-octets`:	Internal functions
	`Function, integer-to-vlq`:	Internal functions
	`Function, load-der-priv-key`:	Internal functions
	`Function, load-pem-priv-key`:	Internal functions
	`Function, load-priv-key`:	Internal functions
	`Function, make-dh-key-pair`:	Internal functions
	`Function, make-octet-stream`:	Internal functions
	`Function, make-octet-vector`:	Internal functions
	`Function, octets-to-integer`:	Internal functions
	`Function, ov-buffer-position`:	Internal functions
	`Function, p-hash`:	Internal functions
	`Function, pack-extension`:	Internal functions
	`Function, parse-access-description`:	Internal functions
	`Function, parse-cipher-suite`:	Internal functions
	`Function, parse-der`:	Exported functions
	`Function, parse-directory-name`:	Internal functions
	`Function, parse-enc-scheme`:	Internal functions
	`Function, parse-general-name`:	Internal functions
	`Function, parse-general-names`:	Internal functions
	`Function, parse-headers-from-stream`:	Internal functions
	`Function, parse-kdf`:	Internal functions
	`Function, parse-pem`:	Internal functions
	`Function, parse-pka`:	Internal functions
	`Function, parse-priv-key`:	Internal functions
	`Function, parse-pub-key`:	Internal functions
	`Function, parse-qualifier`:	Internal functions
	`Function, parse-response-data`:	Internal functions
	`Function, parse-signature-algorithm`:	Internal functions
	`Function, parse-tbs-certificate`:	Internal functions
	`Function, parse-uri`:	Internal functions
	`Function, pbes2-decrypt`:	Exported functions
	`Function, prepare-ocsp-request`:	Internal functions
	`Function, prf`:	Internal functions
	`Function, process-extensions`:	Internal functions
	`Function, read-chunk`:	Internal functions
	`Function, read-chunked-response`:	Internal functions
	`Function, read-header`:	Internal functions
	`Function, reassemble-handshake-message`:	Internal functions
	`Function, remove-padding`:	Internal functions
	`Function, request-tunnel`:	Exported functions
	`Function, rsa-decrypt`:	Exported functions
	`Function, rsa-encrypt`:	Exported functions
	`Function, rsassa-pkcs1.5-sign`:	Exported functions
	`Function, rsassa-pkcs1.5-verify`:	Exported functions
	`Function, send-alert`:	Internal functions
	`Function, sign-dh-params`:	Internal functions
	`Function, split-header`:	Internal functions
	`Function, split-string`:	Internal functions
	`Function, stream-octets-to-integer`:	Internal functions
	`Function, strong-random-range`:	Internal functions
	`Function, symbol-to-suite-list`:	Internal functions
	`Function, time-valid-p`:	Internal functions
	`Function, timing-independent-compare`:	Internal functions
	`Function, trim-space`:	Internal functions
	`Function, validate`:	Internal functions
	`Function, verify-ocsp-signature`:	Internal functions
	`Function, verify-signature`:	Internal functions
	`Function, verify-signed-data`:	Internal functions
	`Function, verify-signed-params`:	Internal functions
	`Function, x509-decode`:	Exported functions

G
	`gen-key-material`:	Internal functions
	`generate-dh-params`:	Internal functions
	`generator`:	Internal generic functions
	`generator`:	Internal generic functions
	`Generic Function, (setf alert)`:	Internal generic functions
	`Generic Function, (setf authority-information-access)`:	Internal generic functions
	`Generic Function, (setf authority-key-identifier)`:	Internal generic functions
	`Generic Function, (setf basic-constraints)`:	Internal generic functions
	`Generic Function, (setf certificate-policies)`:	Internal generic functions
	`Generic Function, (setf client-certificate-url)`:	Internal generic functions
	`Generic Function, (setf crl-distribution-points)`:	Internal generic functions
	`Generic Function, (setf extended-key-usage)`:	Internal generic functions
	`Generic Function, (setf extensions)`:	Internal generic functions
	`Generic Function, (setf handshake-messages)`:	Internal generic functions
	`Generic Function, (setf hash)`:	Internal generic functions
	`Generic Function, (setf host)`:	Exported generic functions
	`Generic Function, (setf host-name)`:	Internal generic functions
	`Generic Function, (setf issuer)`:	Internal generic functions
	`Generic Function, (setf issuer-alternative-name)`:	Internal generic functions
	`Generic Function, (setf issuer-unique-id)`:	Internal generic functions
	`Generic Function, (setf key-usage)`:	Internal generic functions
	`Generic Function, (setf log-info)`:	Internal generic functions
	`Generic Function, (setf max-fragment-length)`:	Internal generic functions
	`Generic Function, (setf path)`:	Internal generic functions
	`Generic Function, (setf policy-mappings)`:	Internal generic functions
	`Generic Function, (setf port)`:	Exported generic functions
	`Generic Function, (setf pre-master-secret)`:	Internal generic functions
	`Generic Function, (setf pub-key)`:	Internal generic functions
	`Generic Function, (setf raw)`:	Internal generic functions
	`Generic Function, (setf scheme)`:	Internal generic functions
	`Generic Function, (setf serial)`:	Internal generic functions
	`Generic Function, (setf signature)`:	Internal generic functions
	`Generic Function, (setf signature-algorithm)`:	Internal generic functions
	`Generic Function, (setf subject)`:	Internal generic functions
	`Generic Function, (setf subject-alternative-name)`:	Internal generic functions
	`Generic Function, (setf subject-information-access)`:	Internal generic functions
	`Generic Function, (setf subject-key-identifier)`:	Internal generic functions
	`Generic Function, (setf subject-pki)`:	Internal generic functions
	`Generic Function, (setf subject-unique-id)`:	Internal generic functions
	`Generic Function, (setf supported-signature-algorithms)`:	Internal generic functions
	`Generic Function, (setf tbs-certificate)`:	Internal generic functions
	`Generic Function, (setf text)`:	Internal generic functions
	`Generic Function, (setf validity)`:	Internal generic functions
	`Generic Function, (setf version)`:	Internal generic functions
	`Generic Function, alert`:	Internal generic functions
	`Generic Function, authority-information-access`:	Internal generic functions
	`Generic Function, authority-key-identifier`:	Internal generic functions
	`Generic Function, basic-constraints`:	Internal generic functions
	`Generic Function, certificate-policies`:	Internal generic functions
	`Generic Function, ciphertext-to-compressed`:	Internal generic functions
	`Generic Function, client-certificate-url`:	Internal generic functions
	`Generic Function, crl-distribution-points`:	Internal generic functions
	`Generic Function, decrypt`:	Internal generic functions
	`Generic Function, encrypt`:	Internal generic functions
	`Generic Function, extended-key-usage`:	Internal generic functions
	`Generic Function, extensions`:	Internal generic functions
	`Generic Function, generator`:	Internal generic functions
	`Generic Function, get-record`:	Internal generic functions
	`Generic Function, handle-handshake`:	Internal generic functions
	`Generic Function, handshake-messages`:	Internal generic functions
	`Generic Function, hash`:	Internal generic functions
	`Generic Function, host`:	Exported generic functions
	`Generic Function, host-name`:	Internal generic functions
	`Generic Function, initiate-connection`:	Internal generic functions
	`Generic Function, issuer`:	Internal generic functions
	`Generic Function, issuer-alternative-name`:	Internal generic functions
	`Generic Function, issuer-unique-id`:	Internal generic functions
	`Generic Function, key-usage`:	Internal generic functions
	`Generic Function, log-info`:	Internal generic functions
	`Generic Function, max-fragment-length`:	Internal generic functions
	`Generic Function, ov-read-byte`:	Internal generic functions
	`Generic Function, ov-read-sequence`:	Internal generic functions
	`Generic Function, parse-extension`:	Internal generic functions
	`Generic Function, path`:	Internal generic functions
	`Generic Function, policy-mappings`:	Internal generic functions
	`Generic Function, port`:	Exported generic functions
	`Generic Function, pre-master-secret`:	Internal generic functions
	`Generic Function, prime-modulus`:	Internal generic functions
	`Generic Function, process-extension`:	Internal generic functions
	`Generic Function, pub-key`:	Internal generic functions
	`Generic Function, raw`:	Internal generic functions
	`Generic Function, request-stream-to-address`:	Exported generic functions
	`Generic Function, scheme`:	Internal generic functions
	`Generic Function, send`:	Internal generic functions
	`Generic Function, send-change-cipher-spec`:	Internal generic functions
	`Generic Function, send-handshake`:	Internal generic functions
	`Generic Function, send-record`:	Internal generic functions
	`Generic Function, serial`:	Internal generic functions
	`Generic Function, signature`:	Internal generic functions
	`Generic Function, signature-algorithm`:	Internal generic functions
	`Generic Function, subject`:	Internal generic functions
	`Generic Function, subject-alternative-name`:	Internal generic functions
	`Generic Function, subject-information-access`:	Internal generic functions
	`Generic Function, subject-key-identifier`:	Internal generic functions
	`Generic Function, subject-pki`:	Internal generic functions
	`Generic Function, subject-unique-id`:	Internal generic functions
	`Generic Function, supported-signature-algorithms`:	Internal generic functions
	`Generic Function, tbs-certificate`:	Internal generic functions
	`Generic Function, text`:	Internal generic functions
	`Generic Function, validity`:	Internal generic functions
	`Generic Function, version`:	Internal generic functions
	`get-application-data`:	Internal functions
	`get-ca-certificates`:	Internal functions
	`get-change-cipher-spec`:	Internal functions
	`get-contents`:	Internal functions
	`get-der-contents-indices`:	Internal functions
	`get-dh-params`:	Internal functions
	`get-handshake-message`:	Internal functions
	`get-issuer-octets`:	Internal functions
	`get-private-key`:	Internal functions
	`get-pubkey-octets`:	Internal functions
	`get-random-octets`:	Internal functions
	`get-raw-tbs`:	Internal functions
	`get-record`:	Internal generic functions
	`get-record`:	Internal generic functions
	`get-sequence`:	Internal functions
	`get-session-id`:	Internal functions
	`gmt-unix-time`:	Internal functions

H
	`handle-handshake`:	Internal generic functions
	`handle-handshake`:	Internal generic functions
	`handle-handshake`:	Internal generic functions
	`handle-handshake`:	Internal generic functions
	`handle-handshake`:	Internal generic functions
	`handle-handshake`:	Internal generic functions
	`handle-handshake`:	Internal generic functions
	`handle-handshake`:	Internal generic functions
	`handle-handshake`:	Internal generic functions
	`handle-handshake`:	Internal generic functions
	`handshake-messages`:	Internal generic functions
	`handshake-messages`:	Internal generic functions
	`hash`:	Internal generic functions
	`hash`:	Internal generic functions
	`header-value`:	Internal functions
	`host`:	Exported generic functions
	`host`:	Exported generic functions
	`host`:	Exported generic functions
	`host-name`:	Internal generic functions
	`host-name`:	Internal generic functions
	`http-request`:	Internal functions

I
	`initialize-listener`:	Exported functions
	`initiate-connection`:	Internal generic functions
	`initiate-connection`:	Internal generic functions
	`initiate-connection`:	Internal generic functions
	`integer-to-octets`:	Internal functions
	`integer-to-vlq`:	Internal functions
	`issuer`:	Internal generic functions
	`issuer`:	Internal generic functions
	`issuer-alternative-name`:	Internal generic functions
	`issuer-alternative-name`:	Internal generic functions
	`issuer-unique-id`:	Internal generic functions
	`issuer-unique-id`:	Internal generic functions

K
	`key-usage`:	Internal generic functions
	`key-usage`:	Internal generic functions

L
	`load-der-priv-key`:	Internal functions
	`load-pem-priv-key`:	Internal functions
	`load-priv-key`:	Internal functions
	`log-info`:	Internal generic functions
	`log-info`:	Internal generic functions
	`log-info`:	Internal generic functions
	`log-info`:	Internal generic functions

M
	`Macro, bind-tbs`:	Internal macros
	`Macro, ocsp-catch-asn-error`:	Internal macros
	`Macro, with-specification-map`:	Internal macros
	`make-dh-key-pair`:	Internal functions
	`make-octet-stream`:	Internal functions
	`make-octet-vector`:	Internal functions
	`max-fragment-length`:	Internal generic functions
	`max-fragment-length`:	Internal generic functions
	`Method, (setf alert)`:	Internal generic functions
	`Method, (setf authority-information-access)`:	Internal generic functions
	`Method, (setf authority-key-identifier)`:	Internal generic functions
	`Method, (setf basic-constraints)`:	Internal generic functions
	`Method, (setf certificate-policies)`:	Internal generic functions
	`Method, (setf client-certificate-url)`:	Internal generic functions
	`Method, (setf crl-distribution-points)`:	Internal generic functions
	`Method, (setf extended-key-usage)`:	Internal generic functions
	`Method, (setf extensions)`:	Internal generic functions
	`Method, (setf handshake-messages)`:	Internal generic functions
	`Method, (setf hash)`:	Internal generic functions
	`Method, (setf host)`:	Exported generic functions
	`Method, (setf host)`:	Exported generic functions
	`Method, (setf host-name)`:	Internal generic functions
	`Method, (setf issuer)`:	Internal generic functions
	`Method, (setf issuer-alternative-name)`:	Internal generic functions
	`Method, (setf issuer-unique-id)`:	Internal generic functions
	`Method, (setf key-usage)`:	Internal generic functions
	`Method, (setf log-info)`:	Internal generic functions
	`Method, (setf log-info)`:	Internal generic functions
	`Method, (setf log-info)`:	Internal generic functions
	`Method, (setf max-fragment-length)`:	Internal generic functions
	`Method, (setf path)`:	Internal generic functions
	`Method, (setf policy-mappings)`:	Internal generic functions
	`Method, (setf port)`:	Exported generic functions
	`Method, (setf port)`:	Exported generic functions
	`Method, (setf pre-master-secret)`:	Internal generic functions
	`Method, (setf pub-key)`:	Internal generic functions
	`Method, (setf raw)`:	Internal generic functions
	`Method, (setf scheme)`:	Internal generic functions
	`Method, (setf serial)`:	Internal generic functions
	`Method, (setf signature)`:	Internal generic functions
	`Method, (setf signature)`:	Internal generic functions
	`Method, (setf signature-algorithm)`:	Internal generic functions
	`Method, (setf subject)`:	Internal generic functions
	`Method, (setf subject-alternative-name)`:	Internal generic functions
	`Method, (setf subject-information-access)`:	Internal generic functions
	`Method, (setf subject-key-identifier)`:	Internal generic functions
	`Method, (setf subject-pki)`:	Internal generic functions
	`Method, (setf subject-unique-id)`:	Internal generic functions
	`Method, (setf supported-signature-algorithms)`:	Internal generic functions
	`Method, (setf tbs-certificate)`:	Internal generic functions
	`Method, (setf text)`:	Internal generic functions
	`Method, (setf validity)`:	Internal generic functions
	`Method, (setf version)`:	Internal generic functions
	`Method, alert`:	Internal generic functions
	`Method, authority-information-access`:	Internal generic functions
	`Method, authority-key-identifier`:	Internal generic functions
	`Method, basic-constraints`:	Internal generic functions
	`Method, certificate-policies`:	Internal generic functions
	`Method, ciphertext-to-compressed`:	Internal generic functions
	`Method, client-certificate-url`:	Internal generic functions
	`Method, crl-distribution-points`:	Internal generic functions
	`Method, decrypt`:	Internal generic functions
	`Method, encrypt`:	Internal generic functions
	`Method, extended-key-usage`:	Internal generic functions
	`Method, extensions`:	Internal generic functions
	`Method, generator`:	Internal generic functions
	`Method, get-record`:	Internal generic functions
	`Method, handle-handshake`:	Internal generic functions
	`Method, handle-handshake`:	Internal generic functions
	`Method, handle-handshake`:	Internal generic functions
	`Method, handle-handshake`:	Internal generic functions
	`Method, handle-handshake`:	Internal generic functions
	`Method, handle-handshake`:	Internal generic functions
	`Method, handle-handshake`:	Internal generic functions
	`Method, handle-handshake`:	Internal generic functions
	`Method, handle-handshake`:	Internal generic functions
	`Method, handshake-messages`:	Internal generic functions
	`Method, hash`:	Internal generic functions
	`Method, host`:	Exported generic functions
	`Method, host`:	Exported generic functions
	`Method, host-name`:	Internal generic functions
	`Method, initiate-connection`:	Internal generic functions
	`Method, initiate-connection`:	Internal generic functions
	`Method, issuer`:	Internal generic functions
	`Method, issuer-alternative-name`:	Internal generic functions
	`Method, issuer-unique-id`:	Internal generic functions
	`Method, key-usage`:	Internal generic functions
	`Method, log-info`:	Internal generic functions
	`Method, log-info`:	Internal generic functions
	`Method, log-info`:	Internal generic functions
	`Method, max-fragment-length`:	Internal generic functions
	`Method, ov-read-byte`:	Internal generic functions
	`Method, ov-read-sequence`:	Internal generic functions
	`Method, parse-extension`:	Internal generic functions
	`Method, parse-extension`:	Internal generic functions
	`Method, parse-extension`:	Internal generic functions
	`Method, parse-extension`:	Internal generic functions
	`Method, parse-extension`:	Internal generic functions
	`Method, parse-extension`:	Internal generic functions
	`Method, parse-extension`:	Internal generic functions
	`Method, path`:	Internal generic functions
	`Method, policy-mappings`:	Internal generic functions
	`Method, port`:	Exported generic functions
	`Method, port`:	Exported generic functions
	`Method, pre-master-secret`:	Internal generic functions
	`Method, prime-modulus`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, process-extension`:	Internal generic functions
	`Method, pub-key`:	Internal generic functions
	`Method, raw`:	Internal generic functions
	`Method, request-stream-to-address`:	Exported generic functions
	`Method, scheme`:	Internal generic functions
	`Method, send`:	Internal generic functions
	`Method, send-change-cipher-spec`:	Internal generic functions
	`Method, send-handshake`:	Internal generic functions
	`Method, send-handshake`:	Internal generic functions
	`Method, send-handshake`:	Internal generic functions
	`Method, send-handshake`:	Internal generic functions
	`Method, send-handshake`:	Internal generic functions
	`Method, send-handshake`:	Internal generic functions
	`Method, send-handshake`:	Internal generic functions
	`Method, send-handshake`:	Internal generic functions
	`Method, send-handshake`:	Internal generic functions
	`Method, send-handshake`:	Internal generic functions
	`Method, send-record`:	Internal generic functions
	`Method, serial`:	Internal generic functions
	`Method, signature`:	Internal generic functions
	`Method, signature`:	Internal generic functions
	`Method, signature-algorithm`:	Internal generic functions
	`Method, subject`:	Internal generic functions
	`Method, subject-alternative-name`:	Internal generic functions
	`Method, subject-information-access`:	Internal generic functions
	`Method, subject-key-identifier`:	Internal generic functions
	`Method, subject-pki`:	Internal generic functions
	`Method, subject-unique-id`:	Internal generic functions
	`Method, supported-signature-algorithms`:	Internal generic functions
	`Method, tbs-certificate`:	Internal generic functions
	`Method, text`:	Internal generic functions
	`Method, text`:	Internal generic functions
	`Method, text`:	Internal generic functions
	`Method, validity`:	Internal generic functions
	`Method, version`:	Internal generic functions

O
	`ocsp-catch-asn-error`:	Internal macros
	`octets-to-integer`:	Internal functions
	`ov-buffer-position`:	Internal functions
	`ov-read-byte`:	Internal generic functions
	`ov-read-byte`:	Internal generic functions
	`ov-read-sequence`:	Internal generic functions
	`ov-read-sequence`:	Internal generic functions

P
	`p-hash`:	Internal functions
	`pack-extension`:	Internal functions
	`parse-access-description`:	Internal functions
	`parse-cipher-suite`:	Internal functions
	`parse-der`:	Exported functions
	`parse-directory-name`:	Internal functions
	`parse-enc-scheme`:	Internal functions
	`parse-extension`:	Internal generic functions
	`parse-extension`:	Internal generic functions
	`parse-extension`:	Internal generic functions
	`parse-extension`:	Internal generic functions
	`parse-extension`:	Internal generic functions
	`parse-extension`:	Internal generic functions
	`parse-extension`:	Internal generic functions
	`parse-extension`:	Internal generic functions
	`parse-general-name`:	Internal functions
	`parse-general-names`:	Internal functions
	`parse-headers-from-stream`:	Internal functions
	`parse-kdf`:	Internal functions
	`parse-pem`:	Internal functions
	`parse-pka`:	Internal functions
	`parse-priv-key`:	Internal functions
	`parse-pub-key`:	Internal functions
	`parse-qualifier`:	Internal functions
	`parse-response-data`:	Internal functions
	`parse-signature-algorithm`:	Internal functions
	`parse-tbs-certificate`:	Internal functions
	`parse-uri`:	Internal functions
	`path`:	Internal generic functions
	`path`:	Internal generic functions
	`pbes2-decrypt`:	Exported functions
	`policy-mappings`:	Internal generic functions
	`policy-mappings`:	Internal generic functions
	`port`:	Exported generic functions
	`port`:	Exported generic functions
	`port`:	Exported generic functions
	`pre-master-secret`:	Internal generic functions
	`pre-master-secret`:	Internal generic functions
	`prepare-ocsp-request`:	Internal functions
	`prf`:	Internal functions
	`prime-modulus`:	Internal generic functions
	`prime-modulus`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extension`:	Internal generic functions
	`process-extensions`:	Internal functions
	`pub-key`:	Internal generic functions
	`pub-key`:	Internal generic functions

R
	`raw`:	Internal generic functions
	`raw`:	Internal generic functions
	`read-chunk`:	Internal functions
	`read-chunked-response`:	Internal functions
	`read-header`:	Internal functions
	`reassemble-handshake-message`:	Internal functions
	`remove-padding`:	Internal functions
	`request-stream-to-address`:	Exported generic functions
	`request-stream-to-address`:	Exported generic functions
	`request-tunnel`:	Exported functions
	`rsa-decrypt`:	Exported functions
	`rsa-encrypt`:	Exported functions
	`rsassa-pkcs1.5-sign`:	Exported functions
	`rsassa-pkcs1.5-verify`:	Exported functions

S
	`scheme`:	Internal generic functions
	`scheme`:	Internal generic functions
	`send`:	Internal generic functions
	`send`:	Internal generic functions
	`send-alert`:	Internal functions
	`send-change-cipher-spec`:	Internal generic functions
	`send-change-cipher-spec`:	Internal generic functions
	`send-handshake`:	Internal generic functions
	`send-handshake`:	Internal generic functions
	`send-handshake`:	Internal generic functions
	`send-handshake`:	Internal generic functions
	`send-handshake`:	Internal generic functions
	`send-handshake`:	Internal generic functions
	`send-handshake`:	Internal generic functions
	`send-handshake`:	Internal generic functions
	`send-handshake`:	Internal generic functions
	`send-handshake`:	Internal generic functions
	`send-handshake`:	Internal generic functions
	`send-record`:	Internal generic functions
	`send-record`:	Internal generic functions
	`serial`:	Internal generic functions
	`serial`:	Internal generic functions
	`sign-dh-params`:	Internal functions
	`signature`:	Internal generic functions
	`signature`:	Internal generic functions
	`signature`:	Internal generic functions
	`signature-algorithm`:	Internal generic functions
	`signature-algorithm`:	Internal generic functions
	`split-header`:	Internal functions
	`split-string`:	Internal functions
	`stream-octets-to-integer`:	Internal functions
	`strong-random-range`:	Internal functions
	`subject`:	Internal generic functions
	`subject`:	Internal generic functions
	`subject-alternative-name`:	Internal generic functions
	`subject-alternative-name`:	Internal generic functions
	`subject-information-access`:	Internal generic functions
	`subject-information-access`:	Internal generic functions
	`subject-key-identifier`:	Internal generic functions
	`subject-key-identifier`:	Internal generic functions
	`subject-pki`:	Internal generic functions
	`subject-pki`:	Internal generic functions
	`subject-unique-id`:	Internal generic functions
	`subject-unique-id`:	Internal generic functions
	`supported-signature-algorithms`:	Internal generic functions
	`supported-signature-algorithms`:	Internal generic functions
	`symbol-to-suite-list`:	Internal functions

T
	`tbs-certificate`:	Internal generic functions
	`tbs-certificate`:	Internal generic functions
	`text`:	Internal generic functions
	`text`:	Internal generic functions
	`text`:	Internal generic functions
	`text`:	Internal generic functions
	`time-valid-p`:	Internal functions
	`timing-independent-compare`:	Internal functions
	`trim-space`:	Internal functions

V
	`validate`:	Internal functions
	`validity`:	Internal generic functions
	`validity`:	Internal generic functions
	`verify-ocsp-signature`:	Internal functions
	`verify-signature`:	Internal functions
	`verify-signed-data`:	Internal functions
	`verify-signed-params`:	Internal functions
	`version`:	Internal generic functions
	`version`:	Internal generic functions

W
	`with-specification-map`:	Internal macros

X
	`x509-decode`:	Exported functions

Jump to:	( A B C D E F G H I K L M O P R S T V W X

A.3 Variables

Jump to:	* + A B C D E G H I K L M O P R S T V

	Index Entry	Section

*
	`certificate-request-msg`:	Internal special variables
	`crlf`:	Internal special variables
	`debug-stream`:	Internal special variables
	`id-ad-ocsp`:	Internal special variables
	`log-level`:	Internal special variables
	`max-certificate-chain-length`:	Internal special variables
	`max-content-length`:	Internal special variables
	`max-fragment-length`:	Internal special variables
	`max-int-len`:	Internal special variables
	`supported-cipher-suites`:	Internal special variables
	`version`:	Internal special variables

+
	`+3des-block-size+`:	Internal special variables
	`+3des-encryption-suites+`:	Internal special variables
	`+access-denied+`:	Internal constants
	`+aes-128-ciphers+`:	Internal special variables
	`+aes-256-ciphers+`:	Internal special variables
	`+aes-block-size+`:	Internal special variables
	`+aes-encryption-suites+`:	Internal special variables
	`+alert+`:	Internal constants
	`+anon-authentication-suites+`:	Internal special variables
	`+application-data+`:	Internal constants
	`+asn1_application+`:	Internal constants
	`+asn1_constructed+`:	Internal constants
	`+asn1_context_specific+`:	Internal constants
	`+asn1_primitive+`:	Internal constants
	`+asn1_private+`:	Internal constants
	`+asn1_universal+`:	Internal constants
	`+bad-certificate+`:	Internal constants
	`+bad-record-mac+`:	Internal constants
	`+cbc-mode-ciphers+`:	Internal special variables
	`+certificate+`:	Internal constants
	`+certificate-expired+`:	Internal constants
	`+certificate-request+`:	Internal constants
	`+certificate-revoked+`:	Internal constants
	`+certificate-unknown+`:	Internal constants
	`+certificate-verify+`:	Internal constants
	`+change-cipher-spec+`:	Internal constants
	`+client-hello+`:	Internal constants
	`+client-key-exchange+`:	Internal constants
	`+close-notify+`:	Internal constants
	`+decode-error+`:	Internal constants
	`+decompression-failure+`:	Internal constants
	`+decrypt-error+`:	Internal constants
	`+decryption-failed-reserved+`:	Internal constants
	`+dh-key-exchange-suites+`:	Internal special variables
	`+dhe-key-exchange-suites+`:	Internal special variables
	`+dss-authentication-suites+`:	Internal special variables
	`+export-restriction-reserved+`:	Internal constants
	`+fatal+`:	Internal constants
	`+finished+`:	Internal constants
	`+handshake+`:	Internal constants
	`+handshake-failure+`:	Internal constants
	`+hello-request+`:	Internal constants
	`+illegal-parameter+`:	Internal constants
	`+insufficient-security+`:	Internal constants
	`+internal-error+`:	Internal constants
	`+md2withrsaencryption+`:	Internal constants
	`+md5-ciphers+`:	Internal special variables
	`+md5withrsaencryption+`:	Internal constants
	`+no-certificate-reserved+`:	Internal constants
	`+no-renegotiation+`:	Internal constants
	`+protocol-version+`:	Internal constants
	`+rc4-encryption-suites+`:	Internal special variables
	`+record-overflow+`:	Internal constants
	`+rsa-authentication-suites+`:	Internal special variables
	`+rsa-key-exchange-suites+`:	Internal special variables
	`+server-hello+`:	Internal constants
	`+server-hello-done+`:	Internal constants
	`+server-key-exchange+`:	Internal constants
	`+sha1-ciphers+`:	Internal special variables
	`+sha1withrsaencryption+`:	Internal constants
	`+sha224withrsaencryption+`:	Internal constants
	`+sha256-ciphers+`:	Internal special variables
	`+sha256withrsaencryption+`:	Internal constants
	`+sha384withrsaencryption+`:	Internal constants
	`+sha512withrsaencryption+`:	Internal constants
	`+tls_dhe_dss_with_3des_ede_cbc_sha+`:	Internal special variables
	`+tls_dhe_dss_with_aes_128_cbc_sha+`:	Internal special variables
	`+tls_dhe_dss_with_aes_128_cbc_sha256+`:	Internal special variables
	`+tls_dhe_dss_with_aes_256_cbc_sha+`:	Internal special variables
	`+tls_dhe_dss_with_aes_256_cbc_sha256+`:	Internal special variables
	`+tls_dhe_rsa_with_3des_ede_cbc_sha+`:	Internal special variables
	`+tls_dhe_rsa_with_aes_128_cbc_sha+`:	Internal special variables
	`+tls_dhe_rsa_with_aes_128_cbc_sha256+`:	Internal special variables
	`+tls_dhe_rsa_with_aes_256_cbc_sha+`:	Internal special variables
	`+tls_dhe_rsa_with_aes_256_cbc_sha256+`:	Internal special variables
	`+tls_dh_anon_with_3des_ede_cbc_sha+`:	Internal special variables
	`+tls_dh_anon_with_aes_128_cbc_sha+`:	Internal special variables
	`+tls_dh_anon_with_aes_128_cbc_sha256+`:	Internal special variables
	`+tls_dh_anon_with_aes_256_cbc_sha+`:	Internal special variables
	`+tls_dh_anon_with_aes_256_cbc_sha256+`:	Internal special variables
	`+tls_dh_anon_with_rc4_128_md5+`:	Internal special variables
	`+tls_dh_dss_with_3des_ede_cbc_sha+`:	Internal special variables
	`+tls_dh_dss_with_aes_128_cbc_sha+`:	Internal special variables
	`+tls_dh_dss_with_aes_128_cbc_sha256+`:	Internal special variables
	`+tls_dh_dss_with_aes_256_cbc_sha+`:	Internal special variables
	`+tls_dh_dss_with_aes_256_cbc_sha256+`:	Internal special variables
	`+tls_dh_rsa_with_3des_ede_cbc_sha+`:	Internal special variables
	`+tls_dh_rsa_with_aes_128_cbc_sha+`:	Internal special variables
	`+tls_dh_rsa_with_aes_128_cbc_sha256+`:	Internal special variables
	`+tls_dh_rsa_with_aes_256_cbc_sha+`:	Internal special variables
	`+tls_dh_rsa_with_aes_256_cbc_sha256+`:	Internal special variables
	`+tls_rsa_with_3des_ede_cbc_sha+`:	Internal special variables
	`+tls_rsa_with_aes_128_cbc_sha+`:	Internal special variables
	`+tls_rsa_with_aes_128_cbc_sha256+`:	Internal special variables
	`+tls_rsa_with_aes_256_cbc_sha+`:	Internal special variables
	`+tls_rsa_with_aes_256_cbc_sha256+`:	Internal special variables
	`+tls_rsa_with_null_md5+`:	Internal special variables
	`+tls_rsa_with_null_sha+`:	Internal special variables
	`+tls_rsa_with_null_sha256+`:	Internal special variables
	`+tls_rsa_with_rc4_128_md5+`:	Internal special variables
	`+tls_rsa_with_rc4_128_sha+`:	Internal special variables
	`+unexpected-message+`:	Internal constants
	`+unknown-ca+`:	Internal constants
	`+unsupported-certificate+`:	Internal constants
	`+unsupported-extension+`:	Internal constants
	`+user-canceled+`:	Internal constants
	`+warning+`:	Internal constants

A
	`alert`:	Internal conditions
	`authenticate-client-p`:	Internal classes
	`authentication-method`:	Internal classes
	`authority-information-access`:	Internal classes
	`authority-key-identifier`:	Internal classes

B
	`basic-constraints`:	Internal classes
	`block-size`:	Internal classes

C
	`ca-certificates`:	Internal classes
	`ca-certificates`:	Internal classes
	`certificate`:	Internal classes
	`certificate`:	Internal classes
	`certificate-policies`:	Internal classes
	`certificate-requested`:	Internal classes
	`cipher-mode`:	Internal classes
	`cipher-suite`:	Internal classes
	`cipher-type`:	Internal classes
	`ciphers`:	Internal classes
	`ciphers`:	Internal classes
	`client-certificate-url`:	Internal classes
	`client-random`:	Internal classes
	`client-write-iv`:	Internal classes
	`client-write-key`:	Internal classes
	`client-write-mac-key`:	Internal classes
	`Constant, +access-denied+`:	Internal constants
	`Constant, +alert+`:	Internal constants
	`Constant, +application-data+`:	Internal constants
	`Constant, +asn1_application+`:	Internal constants
	`Constant, +asn1_constructed+`:	Internal constants
	`Constant, +asn1_context_specific+`:	Internal constants
	`Constant, +asn1_primitive+`:	Internal constants
	`Constant, +asn1_private+`:	Internal constants
	`Constant, +asn1_universal+`:	Internal constants
	`Constant, +bad-certificate+`:	Internal constants
	`Constant, +bad-record-mac+`:	Internal constants
	`Constant, +certificate+`:	Internal constants
	`Constant, +certificate-expired+`:	Internal constants
	`Constant, +certificate-request+`:	Internal constants
	`Constant, +certificate-revoked+`:	Internal constants
	`Constant, +certificate-unknown+`:	Internal constants
	`Constant, +certificate-verify+`:	Internal constants
	`Constant, +change-cipher-spec+`:	Internal constants
	`Constant, +client-hello+`:	Internal constants
	`Constant, +client-key-exchange+`:	Internal constants
	`Constant, +close-notify+`:	Internal constants
	`Constant, +decode-error+`:	Internal constants
	`Constant, +decompression-failure+`:	Internal constants
	`Constant, +decrypt-error+`:	Internal constants
	`Constant, +decryption-failed-reserved+`:	Internal constants
	`Constant, +export-restriction-reserved+`:	Internal constants
	`Constant, +fatal+`:	Internal constants
	`Constant, +finished+`:	Internal constants
	`Constant, +handshake+`:	Internal constants
	`Constant, +handshake-failure+`:	Internal constants
	`Constant, +hello-request+`:	Internal constants
	`Constant, +illegal-parameter+`:	Internal constants
	`Constant, +insufficient-security+`:	Internal constants
	`Constant, +internal-error+`:	Internal constants
	`Constant, +md2withrsaencryption+`:	Internal constants
	`Constant, +md5withrsaencryption+`:	Internal constants
	`Constant, +no-certificate-reserved+`:	Internal constants
	`Constant, +no-renegotiation+`:	Internal constants
	`Constant, +protocol-version+`:	Internal constants
	`Constant, +record-overflow+`:	Internal constants
	`Constant, +server-hello+`:	Internal constants
	`Constant, +server-hello-done+`:	Internal constants
	`Constant, +server-key-exchange+`:	Internal constants
	`Constant, +sha1withrsaencryption+`:	Internal constants
	`Constant, +sha224withrsaencryption+`:	Internal constants
	`Constant, +sha256withrsaencryption+`:	Internal constants
	`Constant, +sha384withrsaencryption+`:	Internal constants
	`Constant, +sha512withrsaencryption+`:	Internal constants
	`Constant, +unexpected-message+`:	Internal constants
	`Constant, +unknown-ca+`:	Internal constants
	`Constant, +unsupported-certificate+`:	Internal constants
	`Constant, +unsupported-extension+`:	Internal constants
	`Constant, +user-canceled+`:	Internal constants
	`Constant, +warning+`:	Internal constants
	`crl-distribution-points`:	Internal classes

D
	`decrypting-cipher-object`:	Internal classes
	`dh-params`:	Internal classes
	`dh-params`:	Internal classes
	`dh-y`:	Internal classes
	`dhe-private-key`:	Internal classes

E
	`enc-key-length`:	Internal classes
	`encrypting-cipher-object`:	Internal classes
	`encryption-algorithm`:	Internal classes
	`endpoint-decryption-key`:	Internal symbol macros
	`endpoint-encryption-key`:	Internal symbol macros
	`endpoint-mac-decryption-key`:	Internal symbol macros
	`endpoint-mac-encryption-key`:	Internal symbol macros
	`extended-key-usage`:	Internal classes
	`extensions`:	Internal classes
	`extensions-data`:	Internal classes

G
	`g`:	Internal classes

H
	`handshake-messages`:	Internal classes
	`handshake-stage`:	Internal classes
	`hash`:	Internal classes
	`hello-version`:	Internal classes
	`host`:	Exported classes
	`host`:	Internal classes
	`host-name`:	Internal classes

I
	`input-stream`:	Internal classes
	`io-stream`:	Internal classes
	`issuer`:	Internal classes
	`issuer-alternative-name`:	Internal classes
	`issuer-unique-id`:	Internal classes

K
	`key-exchange-method`:	Internal classes
	`key-usage`:	Internal classes
	`key_block`:	Internal classes

L
	`length`:	Internal classes
	`log`:	Internal conditions
	`log`:	Internal conditions
	`log`:	Internal conditions

M
	`mac-algorithm`:	Internal classes
	`mac-key-length`:	Internal classes
	`master-secret`:	Internal classes
	`max-fragment-length`:	Internal classes

O
	`octet-vector`:	Internal classes
	`output-stream`:	Internal classes

P
	`p`:	Internal classes
	`path`:	Internal classes
	`peer-dns-name`:	Internal classes
	`peer-ip-addresses`:	Internal classes
	`policy-mappings`:	Internal classes
	`port`:	Exported classes
	`port`:	Internal classes
	`position`:	Internal classes
	`pre-master-secret`:	Internal classes
	`priv-key`:	Internal classes
	`priv-key`:	Internal classes
	`pub-key`:	Internal classes
	`pub-key`:	Internal classes

R
	`raw`:	Internal classes
	`record-iv-length`:	Internal classes
	`remote-certificate-type`:	Internal classes
	`requested-cert-type`:	Internal classes
	`require-authentication-p`:	Internal classes
	`resumable`:	Internal classes
	`resumable`:	Internal classes
	`role`:	Internal classes
	`role`:	Internal classes
	`role`:	Internal classes

S
	`scheme`:	Internal classes
	`sequence-number-read`:	Internal classes
	`sequence-number-write`:	Internal classes
	`serial`:	Internal classes
	`server-random`:	Internal classes
	`server-write-iv`:	Internal classes
	`server-write-key`:	Internal classes
	`server-write-mac-key`:	Internal classes
	`session-id`:	Internal classes
	`session-read-state`:	Internal classes
	`session-write-state`:	Internal classes
	`signature`:	Internal classes
	`signature`:	Internal classes
	`signature-algorithm`:	Internal classes
	`Slot, alert`:	Internal conditions
	`Slot, authenticate-client-p`:	Internal classes
	`Slot, authentication-method`:	Internal classes
	`Slot, authority-information-access`:	Internal classes
	`Slot, authority-key-identifier`:	Internal classes
	`Slot, basic-constraints`:	Internal classes
	`Slot, block-size`:	Internal classes
	`Slot, ca-certificates`:	Internal classes
	`Slot, ca-certificates`:	Internal classes
	`Slot, certificate`:	Internal classes
	`Slot, certificate`:	Internal classes
	`Slot, certificate-policies`:	Internal classes
	`Slot, certificate-requested`:	Internal classes
	`Slot, cipher-mode`:	Internal classes
	`Slot, cipher-suite`:	Internal classes
	`Slot, cipher-type`:	Internal classes
	`Slot, ciphers`:	Internal classes
	`Slot, ciphers`:	Internal classes
	`Slot, client-certificate-url`:	Internal classes
	`Slot, client-random`:	Internal classes
	`Slot, client-write-iv`:	Internal classes
	`Slot, client-write-key`:	Internal classes
	`Slot, client-write-mac-key`:	Internal classes
	`Slot, crl-distribution-points`:	Internal classes
	`Slot, decrypting-cipher-object`:	Internal classes
	`Slot, dh-params`:	Internal classes
	`Slot, dh-params`:	Internal classes
	`Slot, dh-y`:	Internal classes
	`Slot, dhe-private-key`:	Internal classes
	`Slot, enc-key-length`:	Internal classes
	`Slot, encrypting-cipher-object`:	Internal classes
	`Slot, encryption-algorithm`:	Internal classes
	`Slot, extended-key-usage`:	Internal classes
	`Slot, extensions`:	Internal classes
	`Slot, extensions-data`:	Internal classes
	`Slot, g`:	Internal classes
	`Slot, handshake-messages`:	Internal classes
	`Slot, handshake-stage`:	Internal classes
	`Slot, hash`:	Internal classes
	`Slot, hello-version`:	Internal classes
	`Slot, host`:	Exported classes
	`Slot, host`:	Internal classes
	`Slot, host-name`:	Internal classes
	`Slot, input-stream`:	Internal classes
	`Slot, io-stream`:	Internal classes
	`Slot, issuer`:	Internal classes
	`Slot, issuer-alternative-name`:	Internal classes
	`Slot, issuer-unique-id`:	Internal classes
	`Slot, key-exchange-method`:	Internal classes
	`Slot, key-usage`:	Internal classes
	`Slot, key_block`:	Internal classes
	`Slot, length`:	Internal classes
	`Slot, log`:	Internal conditions
	`Slot, log`:	Internal conditions
	`Slot, log`:	Internal conditions
	`Slot, mac-algorithm`:	Internal classes
	`Slot, mac-key-length`:	Internal classes
	`Slot, master-secret`:	Internal classes
	`Slot, max-fragment-length`:	Internal classes
	`Slot, octet-vector`:	Internal classes
	`Slot, output-stream`:	Internal classes
	`Slot, p`:	Internal classes
	`Slot, path`:	Internal classes
	`Slot, peer-dns-name`:	Internal classes
	`Slot, peer-ip-addresses`:	Internal classes
	`Slot, policy-mappings`:	Internal classes
	`Slot, port`:	Exported classes
	`Slot, port`:	Internal classes
	`Slot, position`:	Internal classes
	`Slot, pre-master-secret`:	Internal classes
	`Slot, priv-key`:	Internal classes
	`Slot, priv-key`:	Internal classes
	`Slot, pub-key`:	Internal classes
	`Slot, pub-key`:	Internal classes
	`Slot, raw`:	Internal classes
	`Slot, record-iv-length`:	Internal classes
	`Slot, remote-certificate-type`:	Internal classes
	`Slot, requested-cert-type`:	Internal classes
	`Slot, require-authentication-p`:	Internal classes
	`Slot, resumable`:	Internal classes
	`Slot, resumable`:	Internal classes
	`Slot, role`:	Internal classes
	`Slot, role`:	Internal classes
	`Slot, role`:	Internal classes
	`Slot, scheme`:	Internal classes
	`Slot, sequence-number-read`:	Internal classes
	`Slot, sequence-number-write`:	Internal classes
	`Slot, serial`:	Internal classes
	`Slot, server-random`:	Internal classes
	`Slot, server-write-iv`:	Internal classes
	`Slot, server-write-key`:	Internal classes
	`Slot, server-write-mac-key`:	Internal classes
	`Slot, session-id`:	Internal classes
	`Slot, session-read-state`:	Internal classes
	`Slot, session-write-state`:	Internal classes
	`Slot, signature`:	Internal classes
	`Slot, signature`:	Internal classes
	`Slot, signature-algorithm`:	Internal classes
	`Slot, state`:	Internal classes
	`Slot, subject`:	Internal classes
	`Slot, subject-alternative-name`:	Internal classes
	`Slot, subject-information-access`:	Internal classes
	`Slot, subject-key-identifier`:	Internal classes
	`Slot, subject-pki`:	Internal classes
	`Slot, subject-unique-id`:	Internal classes
	`Slot, supported-sig-algos`:	Internal classes
	`Slot, supported-signature-algorithms`:	Internal classes
	`Slot, tbs-certificate`:	Internal classes
	`Slot, text`:	Exported conditions
	`Slot, text`:	Internal conditions
	`Slot, text`:	Internal conditions
	`Slot, validity`:	Internal classes
	`Slot, version`:	Internal classes
	`Slot, version`:	Internal classes
	`Slot, version`:	Internal classes
	`Special Variable, certificate-request-msg`:	Internal special variables
	`Special Variable, crlf`:	Internal special variables
	`Special Variable, debug-stream`:	Internal special variables
	`Special Variable, id-ad-ocsp`:	Internal special variables
	`Special Variable, log-level`:	Internal special variables
	`Special Variable, max-certificate-chain-length`:	Internal special variables
	`Special Variable, max-content-length`:	Internal special variables
	`Special Variable, max-fragment-length`:	Internal special variables
	`Special Variable, max-int-len`:	Internal special variables
	`Special Variable, supported-cipher-suites`:	Internal special variables
	`Special Variable, version`:	Internal special variables
	`Special Variable, +3des-block-size+`:	Internal special variables
	`Special Variable, +3des-encryption-suites+`:	Internal special variables
	`Special Variable, +aes-128-ciphers+`:	Internal special variables
	`Special Variable, +aes-256-ciphers+`:	Internal special variables
	`Special Variable, +aes-block-size+`:	Internal special variables
	`Special Variable, +aes-encryption-suites+`:	Internal special variables
	`Special Variable, +anon-authentication-suites+`:	Internal special variables
	`Special Variable, +cbc-mode-ciphers+`:	Internal special variables
	`Special Variable, +dh-key-exchange-suites+`:	Internal special variables
	`Special Variable, +dhe-key-exchange-suites+`:	Internal special variables
	`Special Variable, +dss-authentication-suites+`:	Internal special variables
	`Special Variable, +md5-ciphers+`:	Internal special variables
	`Special Variable, +rc4-encryption-suites+`:	Internal special variables
	`Special Variable, +rsa-authentication-suites+`:	Internal special variables
	`Special Variable, +rsa-key-exchange-suites+`:	Internal special variables
	`Special Variable, +sha1-ciphers+`:	Internal special variables
	`Special Variable, +sha256-ciphers+`:	Internal special variables
	`Special Variable, +tls_dhe_dss_with_3des_ede_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dhe_dss_with_aes_128_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dhe_dss_with_aes_128_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_dhe_dss_with_aes_256_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dhe_dss_with_aes_256_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_dhe_rsa_with_3des_ede_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dhe_rsa_with_aes_128_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dhe_rsa_with_aes_128_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_dhe_rsa_with_aes_256_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dhe_rsa_with_aes_256_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_dh_anon_with_3des_ede_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dh_anon_with_aes_128_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dh_anon_with_aes_128_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_dh_anon_with_aes_256_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dh_anon_with_aes_256_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_dh_anon_with_rc4_128_md5+`:	Internal special variables
	`Special Variable, +tls_dh_dss_with_3des_ede_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dh_dss_with_aes_128_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dh_dss_with_aes_128_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_dh_dss_with_aes_256_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dh_dss_with_aes_256_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_dh_rsa_with_3des_ede_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dh_rsa_with_aes_128_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dh_rsa_with_aes_128_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_dh_rsa_with_aes_256_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_dh_rsa_with_aes_256_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_rsa_with_3des_ede_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_rsa_with_aes_128_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_rsa_with_aes_128_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_rsa_with_aes_256_cbc_sha+`:	Internal special variables
	`Special Variable, +tls_rsa_with_aes_256_cbc_sha256+`:	Internal special variables
	`Special Variable, +tls_rsa_with_null_md5+`:	Internal special variables
	`Special Variable, +tls_rsa_with_null_sha+`:	Internal special variables
	`Special Variable, +tls_rsa_with_null_sha256+`:	Internal special variables
	`Special Variable, +tls_rsa_with_rc4_128_md5+`:	Internal special variables
	`Special Variable, +tls_rsa_with_rc4_128_sha+`:	Internal special variables
	`state`:	Internal classes
	`subject`:	Internal classes
	`subject-alternative-name`:	Internal classes
	`subject-information-access`:	Internal classes
	`subject-key-identifier`:	Internal classes
	`subject-pki`:	Internal classes
	`subject-unique-id`:	Internal classes
	`supported-sig-algos`:	Internal classes
	`supported-signature-algorithms`:	Internal classes
	`Symbol Macro, endpoint-decryption-key`:	Internal symbol macros
	`Symbol Macro, endpoint-encryption-key`:	Internal symbol macros
	`Symbol Macro, endpoint-mac-decryption-key`:	Internal symbol macros
	`Symbol Macro, endpoint-mac-encryption-key`:	Internal symbol macros

T
	`tbs-certificate`:	Internal classes
	`text`:	Exported conditions
	`text`:	Internal conditions
	`text`:	Internal conditions

V
	`validity`:	Internal classes
	`version`:	Internal classes
	`version`:	Internal classes
	`version`:	Internal classes

Jump to:	* + A B C D E G H I K L M O P R S T V

A.4 Data types

Jump to:	A C D E H O P S T U X

	Index Entry	Section

A
	`address`:	Exported classes
	`asn.1-decoding-error`:	Internal conditions

C
	`cl-tls`:	The cl-tls system
	`cl-tls`:	The cl-tls package
	`Class, address`:	Exported classes
	`Class, client-session`:	Internal classes
	`Class, dh-params`:	Internal classes
	`Class, hello-extensions`:	Internal classes
	`Class, octet-stream`:	Internal classes
	`Class, server-session`:	Internal classes
	`Class, session`:	Internal classes
	`Class, shared-session-slots`:	Internal classes
	`Class, tbs-certificate`:	Internal classes
	`Class, uri`:	Internal classes
	`Class, x509-extension`:	Internal classes
	`Class, x509v3-certificate`:	Internal classes
	`client-session`:	Internal classes
	`Condition, asn.1-decoding-error`:	Internal conditions
	`Condition, exception`:	Internal conditions
	`Condition, http-error`:	Internal conditions
	`Condition, ocsp-error`:	Internal conditions
	`Condition, tls-error`:	Exported conditions
	`Condition, tls-stream-error`:	Exported conditions
	`Condition, x509-decoding-error`:	Internal conditions

D
	`dh-params`:	Internal classes

E
	`exception`:	Internal conditions

H
	`hello-extensions`:	Internal classes
	`http-error`:	Internal conditions

O
	`ocsp-error`:	Internal conditions
	`octet`:	Internal types
	`octet-stream`:	Internal classes
	`octet-vector`:	Internal types

P
	`Package, cl-tls`:	The cl-tls package

S
	`server-session`:	Internal classes
	`session`:	Internal classes
	`shared-session-slots`:	Internal classes
	`System, cl-tls`:	The cl-tls system

T
	`tbs-certificate`:	Internal classes
	`tls-error`:	Exported conditions
	`tls-stream-error`:	Exported conditions
	`Type, octet`:	Internal types
	`Type, octet-vector`:	Internal types

U
	`uri`:	Internal classes

X
	`x509-decoding-error`:	Internal conditions
	`x509-extension`:	Internal classes
	`x509v3-certificate`:	Internal classes

Jump to:	A C D E H O P S T U X

• Introduction		What cl-tls is all about
• Systems		The systems documentation
• Modules		The modules documentation
• Files		The files documentation
• Packages		The packages documentation
• Definitions		The symbols documentation
• Indexes		Concepts, functions, variables and data types

• The cl-tls/src module
• The cl-tls/src/asn.1 module
• The cl-tls/src/pkcs module
• The cl-tls/src/x509 module
• The cl-tls/src/pem module
• The cl-tls/src/tls module

• The cl-tls.asd file
• The cl-tls/src/package.lisp file
• The cl-tls/src/utils.lisp file
• The cl-tls/src/asn.1/asn.1.lisp file
• The cl-tls/src/pkcs/pkcs1.lisp file
• The cl-tls/src/pkcs/pkcs3.lisp file
• The cl-tls/src/pkcs/pkcs5.lisp file
• The cl-tls/src/pkcs/pkcs8.lisp file
• The cl-tls/src/x509/extensions.lisp file
• The cl-tls/src/x509/x509.lisp file
• The cl-tls/src/x509/ocsp.lisp file
• The cl-tls/src/x509/validate.lisp file
• The cl-tls/src/pem/rfc7468.lisp file
• The cl-tls/src/tls/transport.lisp file
• The cl-tls/src/tls/http.lisp file
• The cl-tls/src/tls/ciphersuites.lisp file
• The cl-tls/src/tls/alert.lisp file
• The cl-tls/src/tls/crypto.lisp file
• The cl-tls/src/tls/extensions.lisp file
• The cl-tls/src/tls/tls.lisp file

• Exported functions
• Exported generic functions
• Exported conditions
• Exported classes

• Internal constants
• Internal special variables
• Internal symbol macros
• Internal macros
• Internal functions
• Internal generic functions
• Internal conditions
• Internal classes
• Internal types

• Concept index
• Function index
• Variable index
• Data type index

The cl-tls Reference Manual

Table of Contents

The cl-tls Reference Manual

1 Introduction

2 Systems

2.1 cl-tls

3 Modules

3.1 cl-tls/src

3.2 cl-tls/src/ASN.1

3.3 cl-tls/src/pkcs

3.4 cl-tls/src/x509

3.5 cl-tls/src/PEM

3.6 cl-tls/src/tls

4 Files

4.1 Lisp

4.1.1 cl-tls.asd

4.1.2 cl-tls/src/package.lisp

4.1.3 cl-tls/src/utils.lisp

4.1.4 cl-tls/src/ASN.1/asn.1.lisp

4.1.5 cl-tls/src/pkcs/pkcs1.lisp

4.1.6 cl-tls/src/pkcs/pkcs3.lisp

4.1.7 cl-tls/src/pkcs/pkcs5.lisp

4.1.8 cl-tls/src/pkcs/pkcs8.lisp

4.1.9 cl-tls/src/x509/extensions.lisp

4.1.10 cl-tls/src/x509/x509.lisp

4.1.11 cl-tls/src/x509/ocsp.lisp

4.1.12 cl-tls/src/x509/validate.lisp

4.1.13 cl-tls/src/PEM/rfc7468.lisp

4.1.14 cl-tls/src/tls/transport.lisp

4.1.15 cl-tls/src/tls/http.lisp

4.1.16 cl-tls/src/tls/ciphersuites.lisp

4.1.17 cl-tls/src/tls/alert.lisp

4.1.18 cl-tls/src/tls/crypto.lisp

4.1.19 cl-tls/src/tls/extensions.lisp

4.1.20 cl-tls/src/tls/tls.lisp

4.2 Static

4.2.1 cl-tls/README

4.2.2 cl-tls/LICENSE

5 Packages

5.1 cl-tls

6 Definitions

6.1 Exported definitions

6.1.1 Functions

6.1.2 Generic functions

6.1.3 Conditions

6.1.4 Classes

6.2 Internal definitions

6.2.1 Constants

6.2.2 Special variables

6.2.3 Symbol macros

6.2.4 Macros

6.2.5 Functions

6.2.6 Generic functions

6.2.7 Conditions

6.2.8 Classes

6.2.9 Types

Appendix A Indexes

A.1 Concepts

A.2 Functions

A.3 Variables

A.4 Data types

2.1 `cl-tls`

3.1 `cl-tls/src`

3.2 `cl-tls/src/ASN.1`

3.3 `cl-tls/src/pkcs`

3.4 `cl-tls/src/x509`

3.5 `cl-tls/src/PEM`

3.6 `cl-tls/src/tls`

4.1.1 `cl-tls.asd`

4.1.2 `cl-tls/src/package.lisp`

4.1.3 `cl-tls/src/utils.lisp`

4.1.4 `cl-tls/src/ASN.1/asn.1.lisp`

4.1.5 `cl-tls/src/pkcs/pkcs1.lisp`

4.1.6 `cl-tls/src/pkcs/pkcs3.lisp`

4.1.7 `cl-tls/src/pkcs/pkcs5.lisp`

4.1.8 `cl-tls/src/pkcs/pkcs8.lisp`

4.1.9 `cl-tls/src/x509/extensions.lisp`

4.1.10 `cl-tls/src/x509/x509.lisp`

4.1.11 `cl-tls/src/x509/ocsp.lisp`

4.1.12 `cl-tls/src/x509/validate.lisp`

4.1.13 `cl-tls/src/PEM/rfc7468.lisp`

4.1.14 `cl-tls/src/tls/transport.lisp`

4.1.15 `cl-tls/src/tls/http.lisp`

4.1.16 `cl-tls/src/tls/ciphersuites.lisp`

4.1.17 `cl-tls/src/tls/alert.lisp`

4.1.18 `cl-tls/src/tls/crypto.lisp`

4.1.19 `cl-tls/src/tls/extensions.lisp`

4.1.20 `cl-tls/src/tls/tls.lisp`

4.2.1 `cl-tls/README`

4.2.2 `cl-tls/LICENSE`

5.1 `cl-tls`