1 /* 2 * Copyright (c) 2007, Cameron Rich 3 * 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions are met: 8 * 9 * * Redistributions of source code must retain the above copyright notice, 10 * this list of conditions and the following disclaimer. 11 * * Redistributions in binary form must reproduce the above copyright notice, 12 * this list of conditions and the following disclaimer in the documentation 13 * and/or other materials provided with the distribution. 14 * * Neither the name of the axTLS project nor the names of its contributors 15 * may be used to endorse or promote products derived from this software 16 * without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 22 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 23 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 24 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 /** 32 * @file tls1.h 33 * 34 * @brief The definitions for the TLS library. 35 */ 36 #ifndef HEADER_SSL_LIB_H 37 #define HEADER_SSL_LIB_H 38 39 #ifdef __cplusplus 40 extern "C" { 41 #endif 42 43 #include "version.h" 44 #include "config.h" 45 #include "os_int.h" 46 #include "crypto.h" 47 #include "crypto_misc.h" 48 49 #define SSL_PROTOCOL_MIN_VERSION 0x31 /* TLS v1.0 */ 50 #define SSL_PROTOCOL_MINOR_VERSION 0x02 /* TLS v1.1 */ 51 #define SSL_PROTOCOL_VERSION_MAX 0x32 /* TLS v1.1 */ 52 #define SSL_PROTOCOL_VERSION1_1 0x32 /* TLS v1.1 */ 53 #define SSL_RANDOM_SIZE 32 54 #define SSL_SECRET_SIZE 48 55 #define SSL_FINISHED_HASH_SIZE 12 56 #define SSL_RECORD_SIZE 5 57 #define SSL_SERVER_READ 0 58 #define SSL_SERVER_WRITE 1 59 #define SSL_CLIENT_READ 2 60 #define SSL_CLIENT_WRITE 3 61 #define SSL_HS_HDR_SIZE 4 62 63 /* the flags we use while establishing a connection */ 64 #define SSL_NEED_RECORD 0x0001 65 #define SSL_TX_ENCRYPTED 0x0002 66 #define SSL_RX_ENCRYPTED 0x0004 67 #define SSL_SESSION_RESUME 0x0008 68 #define SSL_IS_CLIENT 0x0010 69 #define SSL_HAS_CERT_REQ 0x0020 70 #define SSL_SENT_CLOSE_NOTIFY 0x0040 71 72 /* some macros to muck around with flag bits */ 73 #define SET_SSL_FLAG(A) (ssl->flag |= A) 74 #define CLR_SSL_FLAG(A) (ssl->flag &= ~A) 75 #define IS_SET_SSL_FLAG(A) (ssl->flag & A) 76 77 #define MAX_KEY_BYTE_SIZE 512 /* for a 4096 bit key */ 78 #define RT_MAX_PLAIN_LENGTH 16384 79 #define RT_EXTRA 1024 80 #define BM_RECORD_OFFSET 5 81 82 #ifdef CONFIG_SSL_SKELETON_MODE 83 #define NUM_PROTOCOLS 1 84 #else 85 #define NUM_PROTOCOLS 4 86 #endif 87 88 #define PARANOIA_CHECK(A, B) if (A < B) { \ 89 ret = SSL_ERROR_INVALID_HANDSHAKE; goto error; } 90 91 /* protocol types */ 92 enum 93 { 94 PT_CHANGE_CIPHER_SPEC = 20, 95 PT_ALERT_PROTOCOL, 96 PT_HANDSHAKE_PROTOCOL, 97 PT_APP_PROTOCOL_DATA 98 }; 99 100 /* handshaking types */ 101 enum 102 { 103 HS_HELLO_REQUEST, 104 HS_CLIENT_HELLO, 105 HS_SERVER_HELLO, 106 HS_CERTIFICATE = 11, 107 HS_SERVER_KEY_XCHG, 108 HS_CERT_REQ, 109 HS_SERVER_HELLO_DONE, 110 HS_CERT_VERIFY, 111 HS_CLIENT_KEY_XCHG, 112 HS_FINISHED = 20 113 }; 114 115 typedef struct 116 { 117 uint8_t cipher; 118 uint8_t key_size; 119 uint8_t iv_size; 120 uint8_t key_block_size; 121 uint8_t padding_size; 122 uint8_t digest_size; 123 hmac_func hmac; 124 crypt_func encrypt; 125 crypt_func decrypt; 126 } cipher_info_t; 127 128 struct _SSLObjLoader 129 { 130 uint8_t *buf; 131 int len; 132 }; 133 134 typedef struct _SSLObjLoader SSLObjLoader; 135 136 typedef struct 137 { 138 time_t conn_time; 139 uint8_t session_id[SSL_SESSION_ID_SIZE]; 140 uint8_t master_secret[SSL_SECRET_SIZE]; 141 } SSL_SESSION; 142 143 typedef struct 144 { 145 uint8_t *buf; 146 int size; 147 } SSL_CERT; 148 149 typedef struct 150 { 151 MD5_CTX md5_ctx; 152 SHA1_CTX sha1_ctx; 153 uint8_t final_finish_mac[SSL_FINISHED_HASH_SIZE]; 154 uint8_t *key_block; 155 uint8_t master_secret[SSL_SECRET_SIZE]; 156 uint8_t client_random[SSL_RANDOM_SIZE]; /* client's random sequence */ 157 uint8_t server_random[SSL_RANDOM_SIZE]; /* server's random sequence */ 158 uint16_t bm_proc_index; 159 } DISPOSABLE_CTX; 160 161 struct _SSL 162 { 163 uint32_t flag; 164 uint16_t need_bytes; 165 uint16_t got_bytes; 166 uint8_t record_type; 167 uint8_t cipher; 168 uint8_t sess_id_size; 169 uint8_t version; 170 uint8_t client_version; 171 int16_t next_state; 172 int16_t hs_status; 173 DISPOSABLE_CTX *dc; /* temporary data which we'll get rid of soon */ 174 int client_fd; 175 const cipher_info_t *cipher_info; 176 void *encrypt_ctx; 177 void *decrypt_ctx; 178 uint8_t bm_all_data[RT_MAX_PLAIN_LENGTH+RT_EXTRA]; 179 uint8_t *bm_data; 180 uint16_t bm_index; 181 uint16_t bm_read_index; 182 struct _SSL *next; /* doubly linked list */ 183 struct _SSL *prev; 184 struct _SSL_CTX *ssl_ctx; /* back reference to a clnt/svr ctx */ 185 #ifndef CONFIG_SSL_SKELETON_MODE 186 uint16_t session_index; 187 SSL_SESSION *session; 188 #endif 189 #ifdef CONFIG_SSL_CERT_VERIFICATION 190 X509_CTX *x509_ctx; 191 #endif 192 193 uint8_t session_id[SSL_SESSION_ID_SIZE]; 194 uint8_t client_mac[SHA1_SIZE]; /* for HMAC verification */ 195 uint8_t server_mac[SHA1_SIZE]; /* for HMAC verification */ 196 uint8_t read_sequence[8]; /* 64 bit sequence number */ 197 uint8_t write_sequence[8]; /* 64 bit sequence number */ 198 uint8_t hmac_header[SSL_RECORD_SIZE]; /* rx hmac */ 199 }; 200 201 typedef struct _SSL SSL; 202 203 struct _SSL_CTX 204 { 205 uint32_t options; 206 uint8_t chain_length; 207 RSA_CTX *rsa_ctx; 208 #ifdef CONFIG_SSL_CERT_VERIFICATION 209 CA_CERT_CTX *ca_cert_ctx; 210 #endif 211 SSL *head; 212 SSL *tail; 213 SSL_CERT certs[CONFIG_SSL_MAX_CERTS]; 214 #ifndef CONFIG_SSL_SKELETON_MODE 215 uint16_t num_sessions; 216 SSL_SESSION **ssl_sessions; 217 #endif 218 #ifdef CONFIG_SSL_CTX_MUTEXING 219 SSL_CTX_MUTEX_TYPE mutex; 220 #endif 221 #ifdef CONFIG_OPENSSL_COMPATIBLE 222 void *bonus_attr; 223 #endif 224 }; 225 226 typedef struct _SSL_CTX SSL_CTX; 227 228 /* backwards compatibility */ 229 typedef struct _SSL_CTX SSLCTX; 230 231 extern const uint8_t ssl_prot_prefs[NUM_PROTOCOLS]; 232 233 SSL *ssl_new(SSL_CTX *ssl_ctx, int client_fd); 234 void disposable_new(SSL *ssl); 235 void disposable_free(SSL *ssl); 236 int send_packet(SSL *ssl, uint8_t protocol, 237 const uint8_t *in, int length); 238 int do_svr_handshake(SSL *ssl, int handshake_type, uint8_t *buf, int hs_len); 239 int do_clnt_handshake(SSL *ssl, int handshake_type, uint8_t *buf, int hs_len); 240 int process_finished(SSL *ssl, uint8_t *buf, int hs_len); 241 int process_sslv23_client_hello(SSL *ssl); 242 int send_alert(SSL *ssl, int error_code); 243 int send_finished(SSL *ssl); 244 int send_certificate(SSL *ssl); 245 int basic_read(SSL *ssl, uint8_t **in_data); 246 int send_change_cipher_spec(SSL *ssl); 247 void finished_digest(SSL *ssl, const char *label, uint8_t *digest); 248 void generate_master_secret(SSL *ssl, const uint8_t *premaster_secret); 249 void add_packet(SSL *ssl, const uint8_t *pkt, int len); 250 int add_cert(SSL_CTX *ssl_ctx, const uint8_t *buf, int len); 251 int add_private_key(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj); 252 void ssl_obj_free(SSLObjLoader *ssl_obj); 253 int pkcs8_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password); 254 int pkcs12_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password); 255 int load_key_certs(SSL_CTX *ssl_ctx); 256 #ifdef CONFIG_SSL_CERT_VERIFICATION 257 int add_cert_auth(SSL_CTX *ssl_ctx, const uint8_t *buf, int len); 258 void remove_ca_certs(CA_CERT_CTX *ca_cert_ctx); 259 #endif 260 #ifdef CONFIG_SSL_ENABLE_CLIENT 261 int do_client_connect(SSL *ssl); 262 #endif 263 264 #ifdef CONFIG_SSL_FULL_MODE 265 void DISPLAY_STATE(SSL *ssl, int is_send, uint8_t state, int not_ok); 266 void DISPLAY_BYTES(SSL *ssl, const char *format, 267 const uint8_t *data, int size, ...); 268 void DISPLAY_CERT(SSL *ssl, const X509_CTX *x509_ctx); 269 void DISPLAY_RSA(SSL *ssl, const RSA_CTX *rsa_ctx); 270 void DISPLAY_ALERT(SSL *ssl, int alert); 271 #else 272 #define DISPLAY_STATE(A,B,C,D) 273 #define DISPLAY_CERT(A,B) 274 #define DISPLAY_RSA(A,B) 275 #define DISPLAY_ALERT(A, B) 276 #ifdef WIN32 277 void DISPLAY_BYTES(SSL *ssl, const char *format,/* win32 has no variadic macros */ 278 const uint8_t *data, int size, ...); 279 #else 280 #define DISPLAY_BYTES(A,B,C,D,...) 281 #endif 282 #endif 283 284 #ifdef CONFIG_SSL_CERT_VERIFICATION 285 int process_certificate(SSL *ssl, X509_CTX **x509_ctx); 286 #endif 287 288 SSL_SESSION *ssl_session_update(int max_sessions, 289 SSL_SESSION *ssl_sessions[], SSL *ssl, 290 const uint8_t *session_id); 291 void kill_ssl_session(SSL_SESSION **ssl_sessions, SSL *ssl); 292 293 #ifdef __cplusplus 294 } 295 #endif 296 297 #endif 298