asciidoc added
diff --git a/doc/TLS_CNL113839_1551.adoc b/doc/TLS_CNL113839_1551.adoc
new file mode 100644
index 0000000..a629979
--- /dev/null
+++ b/doc/TLS_CNL113839_1551.adoc
@@ -0,0 +1,246 @@
+---
+Author: Tímea Moder
+Version: 1551-CNL 113 839, Rev. B
+Date: 2018-02-12
+
+---
+= TLS library for TTCN-3 Toolset with TITAN, Function Description
+:author: Tímea Moder
+:revnumber: 1551-CNL 113 839 Rev. B
+:revdate: 2018-02-12
+:toc:
+
+== How to Read This Document
+
+This is the Function Specification for the TLS library. The TLS library are developed for the TTCN-3 Toolset with TITAN.
+
+== Scope
+
+The purpose of this document is to specify the content of the TLS library. The document is primarily addressed to the end users of the product. Basic knowledge of TTCN-3 <<_2, [2]>> and TITAN TTCN-3 Test Executor <<_3, [3]>> is valuable when reading this document.
+
+== System Requirements
+
+The TLS library is a set of TTCN-3 source code files that can be used as part of TTCN-3 test suites only. Hence, TLS library alone do not put specific requirements on the system used. However, in order to compile and execute a TTCN-3 test suite using the set of protocol modules the following system requirements must be satisfied:
+
+* TITAN TTCN-3 Test Executor version CRL 113 200/6 R3A (6.3.pl0) or higher installed.
+
+NOTE: This version of the protocol module is not compatible with TITAN releases earlier than CRL 113 200/6 R3A. For installation guide see <<_2, [2]>>.
+
+* OpenSSL development library is installed. See <<_1, [1]>>.
+
+= Protocol Modules
+
+== Overview
+
+The TLS library implement the control functions in a formalized way. This allows defining of test data (templates) in the TTCN-3 language <<_2, [2]>> and correct encoding/decoding of messages when executing test suites using the TITAN TTCN-3 test environment.
+
+== Installation
+
+The set of protocol modules can be used in developing TTCN-3 test suites using any text editor. However, to make the work more efficient a TTCN-3-enabled text editor is recommended (e.g. `nedit`, `xemacs`). Since the TLS library is used as a part of a TTCN-3 test suite, this requires TTCN-3 Test Executor be installed before the module can be compiled and executed together with other parts of the test suite. For more details on the installation of TTCN-3 Test Executor see the relevant section of <<_3, [3]>>.
+
+== Configuration
+
+None.
+
+= Functional Specification
+
+== Supported TLS Versions
+
+The TLS library uses the OpenSSL, hence the supported SSL/TLS/DTLS versions are depends on the used version of the OpenSSL. The TLS library provides interface for:
+
+* SSLv3
+* TLSv1, TLSv1.1, TLSv1.2
+* DTLSv1.0, DTLSv1.2
+
+== TLS Object Handling Function
+
+In order to establish TLS/DTLS connections a TLS object should be created.
+
+[source]
+----
+external function TLS_New_object(
+ in TLS_descriptor descr
+ out integer object_id,
+ in integer user_idx := -1
+) return TLS_op_result;
+----
+
+The function returns the result of the object creation. The object can be referenced later by the `object_id`.
+
+The optional `user_idx` is not used by the TLS library directly, just stored as is. It can be used a reference to another object or connection.
+
+After the TLS/DTLS connection is not used any more the object should be destroyed.
+
+[source]
+external function TLS_Delete_object(in integer object_id) return TLS_op_result;
+
+== TLS Descriptor
+
+The TLS descriptor has the following fields:
+
+* `tls_method`: +
+Type: TLS_method, mandatory +
+Default value: `_TLS_method_TLS_` +
+Allowed values: `_TLS_method_TLS_`, `_TLS_method_DTLS_` +
+It specifies which method to use: TLS/SSL or DTLS.
+* `min_supported_version`, `max_supported_version` +
+Type: TLS_Supported_proto_versions, optional +
+Default value: `_omit_` +
+Allowed values: `_TLS_SSL3_VERSION_`, `_TLS_TLS1_VERSION_`, `_TLS_TLS1_1_VERSION_`, `_TLS_TLS1_2_VERSION_`, `_TLS_DTLS1_VERSION_`, `_TLS_DTLS1_2_VERSION_` +
+The minimum and the maximum version of the supported protocol.
+* `ssl_key_file`: +
+Type: charstring, optional +
+Default value: `_omit_` +
+It specifies a PEM encoded file’s path on the file system containing the server’s RSA private key.
+* `ssl_certificate_file`: +
+Type: charstring, optional +
+Default value: `_omit_` +
+It specifies a PEM encoded file’s path on the file system containing the certificate chain.
+* `ssl_trustedCAlist_file`: +
+Type: charstring, optional +
+Default value: `_omit_` +
+It specifies a PEM encoded file’s path on the file system containing the certificates of the trusted CA authorities to use.
+* `ssl_cipher_list`: +
+Type: charstring, optional +
+Default value: `_omit_` +
+It can be used to specify the allowed cipher list.
+* `ssl_password`: +
+Type: charstring, optional +
+Default value: `_omit_` +
+It specifies the password protecting the private key file.
+* `ssl_verify_certificate`: +
+Type: boolean, optional +
+Default value: `_true_` +
+It can be used to specify whether to check the certificate of the other side.
+* `psk_hint`: +
+Type: charstring, optional +
+Default value: `_omit_` +
+The server can provide a "PSK identity hint" in the `ServerKeyExchange` message. In the case where PSK identity hint is omit, the server does not send the `ServerKeyExchange` message to the client.
+* `psk_identity`: +
+Type: charstring, optional +
+Default value: `_omit_` +
+The "PSK identity" is included in the `ClientKeyExchange` message and transmitted to the server. After the negotiation for "PSK identity" is done, the client and the server can generate their pre-master secrets with the pre-shared key.
+* `psk_key`: +
+Type: charstring, optional +
+Default value: `_omit_` +
+It is the psk key in hexadecimal representation form.
+* `psk_for_server`: +
+Type: boolean, optional +
+Default value: `_omit_` +
+It can be used to specify the used psk callback function, the psk server callback or the psk client callback function will be called.
+
+== Connection Establishment
+
+The function to use to establish connection:
+
+[source]
+----
+external function TLS_Handshake(in integer object_id,
+ in boolean is_server
+ in octetstring input_stream,
+ out octetstring output_stream
+) return TLS_op_result;
+----
+
+The function should be called repeatedly until the handshake is finished.
+
+The return values:
+
+* `_TLS_OK_`: handshake finished
+* `_TLS_NEED_MORE_DATA_`: send the output stream to the peer if len >0, call the function again with more data from peer
+* `_TLS_DATA_TO_SEND_`: send the output stream to the peer, and call the function again
+* `_TLS_ERROR_`: something went wrong.
+
+Parameters:
+
+* `object_id`: The TLS object, created by the TLS_New_object
+* `is_server`: true: server side, false: client side
+* `input_stream`: The data received from the peer, or empty string
+* `output_stream`: The function places the data should be sent to the peer.
+
+== Data Exchange Function
+
+=== Send Data to the Peer
+
+The following function can be used to send data to the peer:
+
+[source]
+----
+external function TLS_Write(in integer object_id,
+ in octetstring user_data
+ in octetstring input_stream,
+ out octetstring output_stream
+) return TLS_op_result;
+----
+
+Should be called repeatedly until returns `TLS_OK`.
+
+The return values:
+
+* `_TLS_OK_`: all data ready to be sent.
+* `_TLS_NEED_MORE_DATA_`: send the output stream to the peer if `len >0`, call the function again with more data from peer
+* `_TLS_DATA_TO_SEND_`: send the output stream to the peer, and call the function again
+* `_TLS_ERROR_`: something went wrong.
+
+Parameters:
+
+* `object_id`: The TLS object, created by the `TLS_New_object`
+* `user_data`: the data to be sent
+* `input_stream`: The data received from the peer, or empty string
+* `output_stream`: The function places the data should be sent to the peer.
+
+=== Receive Data from the Peer
+
+The following function can be used to decrypt the data received from the peer:
+
+[source]
+----
+external function TLS_Read(in integer object_id,
+ out octetstring user_data,
+ in octetstring input_stream,
+ out octetstring output_stream
+) return TLS_op_result;
+----
+
+Should be called repeatedly until returns `TLS_OK`.
+
+The return values:
+
+* `_TLS_OK_`: all data received.
+* `_TLS_NEED_MORE_DATA_`: send the output stream to the peer if `len >0`, call the function again with more data from peer
+* `_TLS_DATA_TO_SEND_`: send the output stream to the peer, and call the function again
+* `_TLS_ERROR_`: something went wrong.
+
+Parameters:
+
+* `object_id`: The TLS object, created by the `TLS_New_object`
+* `user_data`: the received data
+* `input_stream`: The data received from the peer, or empty string
+* `output_stream`: The function places the data should be sent to the peer.
+
+= Terminology
+
+No specific terminology is used.
+
+= Abbreviations
+
+DTLS:: Datagram Transport Layer Security
+
+TLS:: Transport Layer Secuity
+
+TTCN-3:: Testing and Test Control Notation version 3
+
+SSL:: Secure Socket Layer
+
+= References
+
+[[_1]]
+[1] OpenSSL +
+https://www.openssl.org/
+
+[[_2]]
+[2] ETSI ES 201 873-1 v3.2.1 (2007-02) +
+The Testing and Test Control Notation version 3; Part 1: Core Language
+
+[[_3]]
+[3] User Guide for the TITAN TTCN-3 Test Executor
diff --git a/doc/TLS_CNL113839_1551.doc b/doc/TLS_CNL113839_1551.doc
deleted file mode 100644
index 2727c7f..0000000
--- a/doc/TLS_CNL113839_1551.doc
+++ /dev/null
Binary files differ
diff --git a/doc/TLS_CNL113839_1551.pdf b/doc/TLS_CNL113839_1551.pdf
new file mode 100644
index 0000000..e99c824
--- /dev/null
+++ b/doc/TLS_CNL113839_1551.pdf
Binary files differ
diff --git a/doc/change.log b/doc/change.log
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/doc/change.log
