1 // Copyright 2011 Dolphin Emulator Project
2 // Licensed under GPLv2+
3 // Refer to the license.txt file included.
4
5 #pragma once
6
7 // These imports need to be in this order for mbed to be included correctly.
8 // clang-format off
9
10 #include <mbedtls/ctr_drbg.h>
11 #include <mbedtls/entropy.h>
12 #include <mbedtls/net_sockets.h>
13 #include <mbedtls/pk.h>
14 #include <mbedtls/platform.h>
15 #include <mbedtls/ssl.h>
16 #include <mbedtls/x509_crt.h>
17 #include <string>
18
19 // clang-format on
20
21 #include "Common/CommonTypes.h"
22 #include "Core/IOS/IOS.h"
23 #include "Core/IOS/Device.h"
24
25 namespace IOS::HLE
26 {
27 constexpr int NET_SSL_MAXINSTANCES = 4;
28
29 enum ssl_err_t : s32
30 {
31 SSL_OK = 0,
32 SSL_ERR_FAILED = -1,
33 SSL_ERR_RAGAIN = -2,
34 SSL_ERR_WAGAIN = -3,
35 SSL_ERR_SYSCALL = -5,
36 SSL_ERR_ZERO = -6, // read or write returned 0
37 SSL_ERR_CAGAIN = -7, // BIO not connected
38 SSL_ERR_ID = -8, // invalid SSL id
39 SSL_ERR_VCOMMONNAME = -9, // verify failed: common name
40 SSL_ERR_VROOTCA = -10, // verify failed: root ca
41 SSL_ERR_VCHAIN = -11, // verify failed: certificate chain
42 SSL_ERR_VDATE = -12, // verify failed: date invalid
43 SSL_ERR_SERVER_CERT = -13, // certificate cert invalid
44 };
45
46 enum SSL_IOCTL
47 {
48 IOCTLV_NET_SSL_NEW = 0x01,
49 IOCTLV_NET_SSL_CONNECT = 0x02,
50 IOCTLV_NET_SSL_DOHANDSHAKE = 0x03,
51 IOCTLV_NET_SSL_READ = 0x04,
52 IOCTLV_NET_SSL_WRITE = 0x05,
53 IOCTLV_NET_SSL_SHUTDOWN = 0x06,
54 IOCTLV_NET_SSL_SETCLIENTCERT = 0x07,
55 IOCTLV_NET_SSL_SETCLIENTCERTDEFAULT = 0x08,
56 IOCTLV_NET_SSL_REMOVECLIENTCERT = 0x09,
57 IOCTLV_NET_SSL_SETROOTCA = 0x0A,
58 IOCTLV_NET_SSL_SETROOTCADEFAULT = 0x0B,
59 IOCTLV_NET_SSL_DOHANDSHAKEEX = 0x0C,
60 IOCTLV_NET_SSL_SETBUILTINROOTCA = 0x0D,
61 IOCTLV_NET_SSL_SETBUILTINCLIENTCERT = 0x0E,
62 IOCTLV_NET_SSL_DISABLEVERIFYOPTIONFORDEBUG = 0x0F,
63 IOCTLV_NET_SSL_DEBUGGETVERSION = 0x14,
64 IOCTLV_NET_SSL_DEBUGGETTIME = 0x15,
65 };
66
67 struct WII_SSL
68 {
69 mbedtls_ssl_context ctx;
70 mbedtls_ssl_config config;
71 mbedtls_ssl_session session;
72 mbedtls_entropy_context entropy;
73 mbedtls_ctr_drbg_context ctr_drbg;
74 mbedtls_x509_crt cacert;
75 mbedtls_x509_crt clicert;
76 mbedtls_pk_context pk;
77 int sockfd;
78 int hostfd;
79 std::string hostname;
80 bool active;
81 };
82
83 namespace Device
84 {
85 class NetSSL : public Device
86 {
87 public:
88 NetSSL(Kernel& ios, const std::string& device_name);
89
90 virtual ~NetSSL();
91
92 IPCCommandResult IOCtl(const IOCtlRequest& request) override;
93 IPCCommandResult IOCtlV(const IOCtlVRequest& request) override;
94
95 int GetSSLFreeID() const;
96
97 static WII_SSL _SSL[NET_SSL_MAXINSTANCES];
98
99 private:
100 bool m_cert_error_shown = false;
101 };
102
IsSSLIDValid(int id)103 constexpr bool IsSSLIDValid(int id)
104 {
105 return (id >= 0 && id < NET_SSL_MAXINSTANCES && IOS::HLE::Device::NetSSL::_SSL[id].active);
106 }
107 } // namespace Device
108 } // namespace IOS::HLE
109