1 /* ==================================================================== 2 * The Kannel Software License, Version 1.0 3 * 4 * Copyright (c) 2001-2014 Kannel Group 5 * Copyright (c) 1998-2001 WapIT Ltd. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. The end-user documentation included with the redistribution, 21 * if any, must include the following acknowledgment: 22 * "This product includes software developed by the 23 * Kannel Group (http://www.kannel.org/)." 24 * Alternately, this acknowledgment may appear in the software itself, 25 * if and wherever such third-party acknowledgments normally appear. 26 * 27 * 4. The names "Kannel" and "Kannel Group" must not be used to 28 * endorse or promote products derived from this software without 29 * prior written permission. For written permission, please 30 * contact org@kannel.org. 31 * 32 * 5. Products derived from this software may not be called "Kannel", 33 * nor may "Kannel" appear in their name, without prior written 34 * permission of the Kannel Group. 35 * 36 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 37 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 38 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 39 * DISCLAIMED. IN NO EVENT SHALL THE KANNEL GROUP OR ITS CONTRIBUTORS 40 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 41 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT 42 * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 43 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 44 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE 45 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, 46 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 47 * ==================================================================== 48 * 49 * This software consists of voluntary contributions made by many 50 * individuals on behalf of the Kannel Group. For more information on 51 * the Kannel Group, please see <http://www.kannel.org/>. 52 * 53 * Portions of this software are based upon software originally written at 54 * WapIT Ltd., Helsinki, Finland for the Kannel project. 55 */ 56 57 /* wtls_pdu.h - definitions for unpacked WTLS protocol data units 58 * 59 * Nikos Balkanas, Inaccess Networks (2009) 60 */ 61 62 #ifndef PDU_H 63 #define PDU_H 64 65 #include "gwlib/list.h" 66 #include "gwlib/octstr.h" 67 #include "wtls.h" 68 69 typedef enum wtls_pdu_modes { 70 ChangeCipher_PDU = 1, 71 Alert_PDU, 72 Handshake_PDU, 73 Application_PDU 74 } wtls_pdu_modes; 75 76 typedef enum handshake_type { 77 hello_request = 0, 78 client_hello = 1, 79 server_hello = 2, 80 certificate = 11, 81 server_key_exchange = 12, 82 certificate_request = 13, 83 server_hello_done = 14, 84 certificate_verify = 15, 85 client_key_exchange = 16, 86 finished = 20 87 } HandshakeType; 88 89 typedef enum compmethod { 90 null_comp = 0 91 } CompressionMethod; 92 93 typedef enum certificateformat { 94 WTLSCert = 1, 95 X509Cert, 96 X968Cert 97 } CertificateFormat; 98 99 typedef enum sig_algo { 100 anonymous, 101 ecdsa_sha, 102 rsa_sha, 103 } SignatureAlgorithm; 104 105 typedef enum keyex_suite { 106 null_k, 107 shared_secret, 108 dh_anon, 109 dh_anon_512, 110 dh_anon_768, 111 rsa_anon, 112 rsa_anon_512, 113 rsa_anon_768, 114 rsa, 115 rsa_512, 116 rsa_768, 117 ecdh_anon, 118 ecdh_anon_113, 119 ecdh_anon_131, 120 ecdh_ecdsa, 121 } KeyExchangeSuite; 122 123 typedef enum pubkey_algo { 124 rsa_pubkey, 125 diffie_hellman_pubkey, 126 elliptic_curve_pubkey, 127 } PublicKeyAlgorithm; 128 129 typedef enum identifier_type { 130 null = 0, 131 text, 132 binary, 133 key_hash_sha = 254, 134 x509_name = 255 135 } IdentifierType; 136 137 typedef enum public_key_type { 138 rsa_key = 2, 139 ecdh_key = 3, 140 ecdsa_key = 4 141 } PublicKeyType; 142 143 typedef enum ecbasistype { 144 ec_basis_onb = 1, 145 ec_basis_trinomial, 146 ec_basis_pentanomial, 147 ec_basis_polynomial 148 } ECBasisType; 149 150 typedef enum ecfield { 151 ec_prime_p, 152 ec_characteristic_two 153 } ECField; 154 155 typedef struct random { 156 long gmt_unix_time; 157 Octstr *random_bytes; 158 } Random; 159 160 typedef struct ecpoint { 161 Octstr *point; 162 } ECPoint; 163 164 typedef ECPoint ECPublicKey; 165 166 typedef struct dhpublickey { 167 Octstr *dh_Y; 168 } DHPublicKey; 169 170 typedef struct rsa_public_key { 171 Octstr *rsa_exponent; 172 Octstr *rsa_modulus; 173 } RSAPublicKey; 174 175 typedef struct public_key { 176 /* ecdh */ 177 ECPublicKey *ecdh_pubkey; 178 /* ecdsa */ 179 ECPublicKey *ecdsa_pubkey; 180 /* rsa */ 181 RSAPublicKey *rsa_pubkey; 182 } PublicKey; 183 184 typedef struct identifier { 185 IdentifierType id_type; 186 /* text */ 187 int charset; 188 Octstr *name; 189 /* binary */ 190 Octstr *identifier; 191 /* key_hash_sha */ 192 Octstr *key_hash; 193 /* x509 */ 194 Octstr *distinguished_name; 195 } Identifier; 196 197 typedef struct eccurve { 198 Octstr *a; 199 Octstr *b; 200 Octstr *seed; 201 } ECCurve; 202 203 typedef struct dh_parameters { 204 int dh_e; 205 Octstr *dh_p; 206 Octstr *dh_g; 207 } DHParameters; 208 209 typedef struct ec_parameters { 210 ECField field; 211 /* case ec_prime_p */ 212 Octstr *prime_p; 213 /* case ec_characteristic_two */ 214 int m; 215 ECBasisType basis; 216 /* case ec_basis_onb : nothing */ 217 /* case ec_trinomial */ 218 int k; 219 /* case ec_pentanomial */ 220 int k1; 221 int k2; 222 int k3; 223 /* case ec_basis_polynomial */ 224 Octstr *irreducible; 225 ECCurve *curve; 226 ECPoint *base; 227 Octstr *order; 228 Octstr *cofactor; 229 } ECParameters; 230 231 typedef struct parameter_set { 232 long length; 233 /* rsa: empty */ 234 /* diffie-hellman */ 235 DHParameters *dhparams; 236 /* eliptic curve */ 237 ECParameters *ecparams; 238 } ParameterSet; 239 240 typedef struct parameter_specifier { 241 int param_index; 242 ParameterSet *param_set; 243 } ParameterSpecifier; 244 245 typedef struct key_exchange_id { 246 int key_exchange_suite; 247 ParameterSpecifier *param_specif; 248 Identifier *identifier; 249 } KeyExchangeId; 250 251 typedef struct signature { 252 /* case anonymous */ 253 /* nothing */ 254 /* case ecdsa_sha and rsa_sha */ 255 List *sha_hash; 256 } Signature; 257 258 typedef struct to_be_signed_cert { 259 int certificate_version; 260 SignatureAlgorithm signature_algo; 261 Identifier *issuer; 262 long valid_not_before; 263 long valid_not_after; 264 Identifier *subject; 265 PublicKeyType pubkey_type; 266 ParameterSpecifier *param_spec; 267 PublicKey *pubkey; 268 } ToBeSignedCertificate; 269 270 typedef struct wtls_cert { 271 ToBeSignedCertificate *tobesigned_cert; 272 Signature *signature; 273 } WTLSCertificate; 274 275 typedef struct rsa_secret { 276 int client_version; 277 List *random; 278 } RSASecret; 279 280 typedef struct rsa_encrypted_secret { 281 Octstr *encrypted_secret; 282 } RSAEncryptedSecret; 283 284 typedef struct cipher_suite { 285 int bulk_cipher_algo; 286 int mac_algo; 287 } CipherSuite; 288 289 typedef struct cert_request { 290 List *trusted_authorities; // List of KeyExchangeIds 291 } CertificateRequest; 292 293 typedef struct cert_verify { 294 Signature *signature; 295 } CertificateVerify; 296 297 typedef struct hello_request { 298 int dummy; /* nothing here */ 299 } HelloRequest; 300 301 typedef struct client_hello { 302 int clientversion; 303 Random *random; 304 Octstr *session_id; 305 List *client_key_ids; 306 List *trusted_key_ids; 307 List *ciphersuites; // list of CipherSuites 308 List *comp_methods; 309 int snmode; 310 int krefresh; 311 } ClientHello; 312 313 typedef struct server_hello { 314 int serverversion; 315 Random *random; 316 Octstr *session_id; 317 int client_key_id; 318 CipherSuite *ciphersuite; 319 CompressionMethod comp_method; 320 int snmode; 321 int krefresh; 322 } ServerHello; 323 324 typedef struct certificate { 325 CertificateFormat certificateformat; 326 /* case WTLS */ 327 WTLSCertificate *wtls_certificate; 328 /* case X509 */ 329 Octstr *x509_certificate; 330 /* X968 */ 331 Octstr *x968_certificate; 332 } Certificate; 333 334 typedef struct server_key_exchange { 335 ParameterSpecifier *param_spec; 336 /* case rsa_anon */ 337 RSAPublicKey *rsa_params; 338 /* case dh_anon */ 339 DHPublicKey *dh_params; 340 /* case ecdh_anon */ 341 ECPublicKey *ecdh_params; 342 } ServerKeyExchange; 343 344 typedef struct client_key_exchange { 345 /* case rsa and rsa_anon */ 346 RSAEncryptedSecret *rsa_params; 347 /* case dh_anon */ 348 DHPublicKey *dh_anon_params; 349 /* case ecdh_anon and ecdh_ecdsa */ 350 ECPublicKey *ecdh_params; 351 } ClientKeyExchange; 352 353 typedef struct finished { 354 Octstr *verify_data; 355 } Finished; 356 357 typedef struct server_hello_done { 358 int dummy; /* nothing here */ 359 } ServerHelloDone; 360 361 typedef struct cc { 362 int change; 363 } ChangeCipher; 364 365 typedef enum { 366 warning_alert = 1, 367 critical_alert, 368 fatal_alert 369 } AlertLevel; 370 371 typedef enum { 372 connection_close_notify = 0, 373 session_close_notify, 374 no_connection = 5, 375 unexpected_message = 10, 376 time_required, 377 bad_record_mac = 20, 378 decryption_failed, 379 record_overflow, 380 decompression_failure = 30, 381 handshake_failure = 40, 382 bad_certificate = 42, 383 unsupported_certificate, 384 certificate_revoked, 385 certificate_expired, 386 certificate_unknown, 387 illegal_parameter, 388 unknown_ca, 389 access_denied, 390 decode_error, 391 decrypt_error, 392 unknown_key_id, 393 disabled_key_id, 394 key_exchange_disabled, 395 session_not_ready, 396 unknown_parameter_index, 397 duplicate_finished_received, 398 export_restriction = 60, 399 protocol_version = 70, 400 insufficient_security, 401 internal_error = 80, 402 user_canceled = 90, 403 no_renegotiation = 100 404 } AlertDescription; 405 406 typedef struct alert { 407 int level; 408 AlertDescription desc; 409 Octstr *chksum; 410 } Alert; 411 412 typedef struct certificates { 413 List *certList; 414 } Certificates; 415 416 typedef struct handshake { 417 HandshakeType msg_type; 418 int length; 419 /* case hello_request */ 420 421 /* case client_hello */ 422 ClientHello *client_hello; 423 /* case server_hello */ 424 ServerHello *server_hello; 425 /* case certificate */ 426 Certificates *certificates; 427 /* case server_key_exchange */ 428 ServerKeyExchange *server_key_exchange; 429 /* case certificate_request */ 430 CertificateRequest *certificate_request; 431 /* case server_hello_done */ 432 ServerHelloDone *server_hello_done; 433 /* case certificate_verify */ 434 CertificateVerify *cert_verify; 435 /* case client_key_exchange */ 436 ClientKeyExchange *client_key_exchange; 437 /* case finished */ 438 Finished *finished; 439 } Handshake; 440 441 typedef struct application { 442 Octstr *data; 443 } Application; 444 445 typedef struct wtls_pdu { 446 int type; 447 int reserved; 448 int cipher; 449 int snMode; 450 int seqNum; 451 int rlen; 452 453 union { 454 ChangeCipher cc; 455 Alert alert; 456 Handshake handshake; 457 Application application; 458 } u; 459 } wtls_PDU; 460 461 typedef struct wtls_payload { 462 int type; 463 int reserved; 464 int cipher; 465 int snMode; 466 int seqNum; 467 int rlen; 468 469 Octstr *data; 470 } wtls_Payload; 471 472 /* Prototypes */ 473 wtls_PDU *wtls_pdu_create(int type); 474 void wtls_pdu_destroy(wtls_PDU * msg); 475 void wtls_pdu_dump(wtls_PDU * msg, int level); 476 wtls_PDU *wtls_pdu_unpack(wtls_Payload * payload, WTLSMachine * wtls_machine); 477 wtls_Payload *wtls_pdu_pack(wtls_PDU * pdu, WTLSMachine * wtls_machine); 478 479 wtls_Payload *wtls_payload_unpack(Octstr * data); 480 Octstr *wtls_payload_pack(wtls_Payload * payload, int seqnum); 481 void wtls_payload_dump(wtls_Payload * msg, int level); 482 void wtls_pldList_destroy(List * pldList); 483 void wtls_payload_destroy(wtls_Payload * payload); 484 485 List *wtls_unpack_payloadlist(Octstr * data); 486 Octstr *wtls_pack_payloadlist(List * payloadlist, int seqnum); 487 488 #endif /* PDU_H */ 489