1 // Copyright 2011 Dolphin Emulator Project
2 // Licensed under GPLv2+
3 // Refer to the license.txt file included.
4 
5 #pragma once
6 
7 // These imports need to be in this order for mbed to be included correctly.
8 // clang-format off
9 
10 #include <mbedtls/ctr_drbg.h>
11 #include <mbedtls/entropy.h>
12 #include <mbedtls/net_sockets.h>
13 #include <mbedtls/pk.h>
14 #include <mbedtls/platform.h>
15 #include <mbedtls/ssl.h>
16 #include <mbedtls/x509_crt.h>
17 #include <string>
18 
19 // clang-format on
20 
21 #include "Common/CommonTypes.h"
22 #include "Core/IOS/IOS.h"
23 #include "Core/IOS/Device.h"
24 
25 namespace IOS::HLE
26 {
27 constexpr int NET_SSL_MAXINSTANCES = 4;
28 
29 enum ssl_err_t : s32
30 {
31   SSL_OK = 0,
32   SSL_ERR_FAILED = -1,
33   SSL_ERR_RAGAIN = -2,
34   SSL_ERR_WAGAIN = -3,
35   SSL_ERR_SYSCALL = -5,
36   SSL_ERR_ZERO = -6,          // read or write returned 0
37   SSL_ERR_CAGAIN = -7,        // BIO not connected
38   SSL_ERR_ID = -8,            // invalid SSL id
39   SSL_ERR_VCOMMONNAME = -9,   // verify failed: common name
40   SSL_ERR_VROOTCA = -10,      // verify failed: root ca
41   SSL_ERR_VCHAIN = -11,       // verify failed: certificate chain
42   SSL_ERR_VDATE = -12,        // verify failed: date invalid
43   SSL_ERR_SERVER_CERT = -13,  // certificate cert invalid
44 };
45 
46 enum SSL_IOCTL
47 {
48   IOCTLV_NET_SSL_NEW = 0x01,
49   IOCTLV_NET_SSL_CONNECT = 0x02,
50   IOCTLV_NET_SSL_DOHANDSHAKE = 0x03,
51   IOCTLV_NET_SSL_READ = 0x04,
52   IOCTLV_NET_SSL_WRITE = 0x05,
53   IOCTLV_NET_SSL_SHUTDOWN = 0x06,
54   IOCTLV_NET_SSL_SETCLIENTCERT = 0x07,
55   IOCTLV_NET_SSL_SETCLIENTCERTDEFAULT = 0x08,
56   IOCTLV_NET_SSL_REMOVECLIENTCERT = 0x09,
57   IOCTLV_NET_SSL_SETROOTCA = 0x0A,
58   IOCTLV_NET_SSL_SETROOTCADEFAULT = 0x0B,
59   IOCTLV_NET_SSL_DOHANDSHAKEEX = 0x0C,
60   IOCTLV_NET_SSL_SETBUILTINROOTCA = 0x0D,
61   IOCTLV_NET_SSL_SETBUILTINCLIENTCERT = 0x0E,
62   IOCTLV_NET_SSL_DISABLEVERIFYOPTIONFORDEBUG = 0x0F,
63   IOCTLV_NET_SSL_DEBUGGETVERSION = 0x14,
64   IOCTLV_NET_SSL_DEBUGGETTIME = 0x15,
65 };
66 
67 struct WII_SSL
68 {
69   mbedtls_ssl_context ctx;
70   mbedtls_ssl_config config;
71   mbedtls_ssl_session session;
72   mbedtls_entropy_context entropy;
73   mbedtls_ctr_drbg_context ctr_drbg;
74   mbedtls_x509_crt cacert;
75   mbedtls_x509_crt clicert;
76   mbedtls_pk_context pk;
77   int sockfd;
78   int hostfd;
79   std::string hostname;
80   bool active;
81 };
82 
83 namespace Device
84 {
85 class NetSSL : public Device
86 {
87 public:
88   NetSSL(Kernel& ios, const std::string& device_name);
89 
90   virtual ~NetSSL();
91 
92   IPCCommandResult IOCtl(const IOCtlRequest& request) override;
93   IPCCommandResult IOCtlV(const IOCtlVRequest& request) override;
94 
95   int GetSSLFreeID() const;
96 
97   static WII_SSL _SSL[NET_SSL_MAXINSTANCES];
98 
99 private:
100   bool m_cert_error_shown = false;
101 };
102 
IsSSLIDValid(int id)103 constexpr bool IsSSLIDValid(int id)
104 {
105   return (id >= 0 && id < NET_SSL_MAXINSTANCES && IOS::HLE::Device::NetSSL::_SSL[id].active);
106 }
107 }  // namespace Device
108 }  // namespace IOS::HLE
109