1%% 2%% %CopyrightBegin% 3%% 4%% Copyright Ericsson AB 2007-2020. All Rights Reserved. 5%% 6%% Licensed under the Apache License, Version 2.0 (the "License"); 7%% you may not use this file except in compliance with the License. 8%% You may obtain a copy of the License at 9%% 10%% http://www.apache.org/licenses/LICENSE-2.0 11%% 12%% Unless required by applicable law or agreed to in writing, software 13%% distributed under the License is distributed on an "AS IS" BASIS, 14%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15%% See the License for the specific language governing permissions and 16%% limitations under the License. 17%% 18%% %CopyrightEnd% 19%% 20 21%% 22 23-ifndef(ssl_internal). 24-define(ssl_internal, true). 25 26-include_lib("public_key/include/public_key.hrl"). 27 28-define(VSN, "8.2.6"). 29-define(SECRET_PRINTOUT, "***"). 30 31-type reason() :: any(). 32-type reply() :: any(). 33-type msg() :: any(). 34-type from() :: any(). 35-type certdb_ref() :: reference(). 36-type db_handle() :: any(). 37-type der_cert() :: binary(). 38-type issuer() :: tuple(). 39-type serialnumber() :: integer(). 40-type cert_key() :: {reference(), integer(), issuer()}. 41-type secret_printout() :: list(). 42 43%% basic binary constructors 44-define(BOOLEAN(X), X:8/unsigned-big-integer). 45-define(BYTE(X), X:8/unsigned-big-integer). 46-define(UINT16(X), X:16/unsigned-big-integer). 47-define(UINT24(X), X:24/unsigned-big-integer). 48-define(UINT32(X), X:32/unsigned-big-integer). 49-define(UINT48(X), X:48/unsigned-big-integer). 50-define(UINT64(X), X:64/unsigned-big-integer). 51-define(STRING(X), ?UINT32((size(X))), (X)/binary). 52 53-define(byte(X), << ?BYTE(X) >> ). 54-define(uint16(X), << ?UINT16(X) >> ). 55-define(uint24(X), << ?UINT24(X) >> ). 56-define(uint32(X), << ?UINT32(X) >> ). 57-define(uint48(X), << ?UINT48(X) >> ). 58-define(uint64(X), << ?UINT64(X) >> ). 59 60-define(CDR_MAGIC, "GIOP"). 61-define(CDR_HDR_SIZE, 12). 62-define(INTERNAL_ACTIVE_N, 100). 63-define(DEPTH, 20). 64 65-define(DEFAULT_TIMEOUT, 5000). 66-define(NO_DIST_POINT, "http://dummy/no_distribution_point"). 67-define(NO_DIST_POINT_PATH, "dummy/no_distribution_point"). 68 69%% Common enumerate values in for SSL-protocols 70-define(NULL, 0). 71-define(TRUE, 0). 72-define(FALSE, 1). 73 74%% sslv3 is considered insecure due to lack of padding check (Poodle attack) 75%% Keep as interop with legacy software but do not support as default 76%% tlsv1.0 and tlsv1.1 is now also considered legacy 77%% tlsv1.3 is under development (experimental). 78-define(ALL_AVAILABLE_VERSIONS, ['tlsv1.3', 'tlsv1.2', 'tlsv1.1', tlsv1, sslv3]). 79-define(ALL_AVAILABLE_DATAGRAM_VERSIONS, ['dtlsv1.2', dtlsv1]). 80%% Defines the default versions when not specified by an ssl option. 81-define(ALL_SUPPORTED_VERSIONS, ['tlsv1.2']). 82-define(MIN_SUPPORTED_VERSIONS, ['tlsv1.1']). 83 84%% Versions allowed in TLSCiphertext.version (TLS 1.2 and prior) and 85%% TLSCiphertext.legacy_record_version (TLS 1.3). 86%% TLS 1.3 sets TLSCiphertext.legacy_record_version to 0x0303 for all records 87%% generated other than an than an initial ClientHello, where it MAY also be 0x0301. 88%% Thus, the allowed range is limited to 0x0300 - 0x0303. 89-define(ALL_TLS_RECORD_VERSIONS, ['tlsv1.2', 'tlsv1.1', tlsv1, sslv3]). 90 91-define(ALL_DATAGRAM_SUPPORTED_VERSIONS, ['dtlsv1.2']). 92-define(MIN_DATAGRAM_SUPPORTED_VERSIONS, [dtlsv1]). 93 94%% TLS 1.3 - Section 4.1.3 95%% 96%% If negotiating TLS 1.2, TLS 1.3 servers MUST set the last eight bytes 97%% of their Random value to the bytes: 98%% 99%% 44 4F 57 4E 47 52 44 01 100%% 101%% If negotiating TLS 1.1 or below, TLS 1.3 servers MUST and TLS 1.2 102%% servers SHOULD set the last eight bytes of their Random value to the 103%% bytes: 104%% 105%% 44 4F 57 4E 47 52 44 00 106-define(RANDOM_OVERRIDE_TLS12, <<16#44,16#4F,16#57,16#4E,16#47,16#52,16#44,16#01>>). 107-define(RANDOM_OVERRIDE_TLS11, <<16#44,16#4F,16#57,16#4E,16#47,16#52,16#44,16#00>>). 108 109-define('24H_in_msec', 86400000). 110-define('24H_in_sec', 86400). 111 112%% https://tools.ietf.org/html/rfc8446#section-5.5 113%% Limits on Key Usage 114%% http://www.isg.rhul.ac.uk/~kp/TLS-AEbounds.pdf 115%% Number of records * Record length 116%% 2^24.5 * 2^14 = 2^38.5 117-define(KEY_USAGE_LIMIT_AES_GCM, 388736063997). 118 119%% This map stores all supported options with default values and 120%% list of dependencies: 121%% #{<option> => {<default_value>, [<option>]}, 122%% ...} 123-define(RULES, 124 #{ 125 alpn_advertised_protocols => {undefined, [versions]}, 126 alpn_preferred_protocols => {undefined, [versions]}, 127 beast_mitigation => {one_n_minus_one, [versions]}, 128 cacertfile => {undefined, [versions, 129 verify_fun, 130 cacerts]}, 131 cacerts => {undefined, [versions]}, 132 cert => {undefined, [versions]}, 133 certfile => {<<>>, [versions]}, 134 ciphers => {[], [versions]}, 135 client_renegotiation => {undefined, [versions]}, 136 crl_cache => {{ssl_crl_cache, {internal, []}}, [versions]}, 137 crl_check => {false, [versions]}, 138 customize_hostname_check => {[], [versions]}, 139 depth => {1, [versions]}, 140 dh => {undefined, [versions]}, 141 dhfile => {undefined, [versions]}, 142 eccs => {undefined, [versions]}, 143 erl_dist => {false, [versions]}, 144 fail_if_no_peer_cert => {false, [versions]}, 145 fallback => {false, [versions]}, 146 handshake => {full, [versions]}, 147 hibernate_after => {infinity, [versions]}, 148 honor_cipher_order => {false, [versions]}, 149 honor_ecc_order => {undefined, [versions]}, 150 key => {undefined, [versions]}, 151 keyfile => {undefined, [versions, 152 certfile]}, 153 key_update_at => {?KEY_USAGE_LIMIT_AES_GCM, [versions]}, 154 log_level => {notice, [versions]}, 155 max_handshake_size => {?DEFAULT_MAX_HANDSHAKE_SIZE, [versions]}, 156 next_protocol_selector => {undefined, [versions]}, 157 next_protocols_advertised => {undefined, [versions]}, 158 padding_check => {true, [versions]}, 159 partial_chain => {fun(_) -> unknown_ca end, [versions]}, 160 password => {"", [versions]}, 161 protocol => {tls, []}, 162 psk_identity => {undefined, [versions]}, 163 renegotiate_at => {?DEFAULT_RENEGOTIATE_AT, [versions]}, 164 reuse_session => {undefined, [versions]}, 165 reuse_sessions => {true, [versions]}, 166 anti_replay => {undefined, [versions, session_tickets]}, 167 secure_renegotiate => {true, [versions]}, 168 server_name_indication => {undefined, [versions]}, 169 session_tickets => {disabled, [versions]}, 170 signature_algs => {undefined, [versions]}, 171 signature_algs_cert => {undefined, [versions]}, 172 sni_fun => {undefined, [versions, 173 sni_hosts]}, 174 sni_hosts => {[], [versions]}, 175 srp_identity => {undefined, [versions]}, 176 supported_groups => {undefined, [versions]}, 177 use_ticket => {undefined, [versions]}, 178 user_lookup_fun => {undefined, [versions]}, 179 validate_extensions_fun => {undefined, [versions]}, 180 verify => {verify_none, [versions, 181 fail_if_no_peer_cert, 182 partial_chain, 183 verify_client_once]}, 184 verify_client_once => {false, [versions]}, 185 verify_fun => 186 { 187 {fun(_,{bad_cert, _}, UserState) -> 188 {valid, UserState}; 189 (_,{extension, #'Extension'{critical = true}}, UserState) -> 190 %% This extension is marked as critical, so 191 %% certificate verification should fail if we don't 192 %% understand the extension. However, this is 193 %% `verify_none', so let's accept it anyway. 194 {valid, UserState}; 195 (_,{extension, _}, UserState) -> 196 {unknown, UserState}; 197 (_, valid, UserState) -> 198 {valid, UserState}; 199 (_, valid_peer, UserState) -> 200 {valid, UserState} 201 end, []}, 202 [versions, verify]}, 203 versions => {[], [protocol]} 204 }). 205 206-record(socket_options, 207 { 208 mode = list, 209 packet = 0, 210 packet_size = 0, 211 header = 0, 212 active = true 213 }). 214 215-record(config, {ssl, %% SSL parameters 216 inet_user, %% User set inet options 217 emulated, %% Emulated option list or 218 trackers, 219 dtls_handler, 220 inet_ssl, %% inet options for internal ssl socket 221 transport_info, %% Callback info 222 connection_cb 223 }). 224 225-type state_name() :: hello | abbreviated | certify | cipher | connection. 226-type gen_fsm_state_return() :: {next_state, state_name(), any()} | 227 {next_state, state_name(), any(), timeout()} | 228 {stop, any(), any()}. 229-type ssl_options() :: map(). 230 231-endif. % -ifdef(ssl_internal). 232 233 234 235 236 237