1%% 2%% %CopyrightBegin% 3%% 4%% Copyright Ericsson AB 2007-2020. All Rights Reserved. 5%% 6%% Licensed under the Apache License, Version 2.0 (the "License"); 7%% you may not use this file except in compliance with the License. 8%% You may obtain a copy of the License at 9%% 10%% http://www.apache.org/licenses/LICENSE-2.0 11%% 12%% Unless required by applicable law or agreed to in writing, software 13%% distributed under the License is distributed on an "AS IS" BASIS, 14%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15%% See the License for the specific language governing permissions and 16%% limitations under the License. 17%% 18%% %CopyrightEnd% 19%% 20 21%% 22%%---------------------------------------------------------------------- 23%% Purpose: Record and constant defenitions for the SSL-handshake protocol 24%% see RFC 5246. Also includes supported hello extensions. 25%%---------------------------------------------------------------------- 26 27-ifndef(ssl_handshake). 28-define(ssl_handshake, true). 29 30-include_lib("public_key/include/public_key.hrl"). 31 32-define(NO_PROTOCOL, <<>>). 33 34%% Signature algorithms 35-define(ANON, 0). 36-define(RSA, 1). 37-define(DSA, 2). 38-define(ECDSA, 3). 39 40-record(session, { 41 session_id, 42 internal_id, 43 peer_certificate, 44 own_certificates, 45 compression_method, 46 cipher_suite, 47 master_secret, 48 srp_username, 49 is_resumable, 50 time_stamp, 51 ecc, %% TLS 1.3 Group 52 sign_alg, %% TLS 1.3 Signature Algorithm 53 dh_public_value %% TLS 1.3 DH Public Value from peer 54 }). 55 56-define(NUM_OF_SESSION_ID_BYTES, 32). % TSL 1.1 & SSL 3 57-define(NUM_OF_PREMASTERSECRET_BYTES, 48). 58-define(DEFAULT_DIFFIE_HELLMAN_GENERATOR, ssl_dh_groups:modp2048_generator()). 59-define(DEFAULT_DIFFIE_HELLMAN_PRIME, ssl_dh_groups:modp2048_prime()). 60 61%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 62%%% Handsake protocol - RFC 4346 section 7.4 63%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 64 65%% enum { 66%% hello_request(0), client_hello(1), server_hello(2), 67%% certificate(11), server_key_exchange (12), 68%% certificate_request(13), server_hello_done(14), 69%% certificate_verify(15), client_key_exchange(16), 70%% finished(20), (255) 71%% } HandshakeType; 72 73-define(HELLO_REQUEST, 0). 74-define(CLIENT_HELLO, 1). 75-define(CLIENT_HELLO_V2, 3). 76-define(SERVER_HELLO, 2). 77-define(CERTIFICATE, 11). 78-define(SERVER_KEY_EXCHANGE, 12). 79-define(CERTIFICATE_REQUEST, 13). 80-define(SERVER_HELLO_DONE, 14). 81-define(CERTIFICATE_VERIFY, 15). 82-define(CLIENT_KEY_EXCHANGE, 16). 83-define(FINISHED, 20). 84 85-define(MAX_UNIT24, 8388607). 86-define(DEFAULT_MAX_HANDSHAKE_SIZE, (256*1024)). 87 88-record(random, { 89 gmt_unix_time, % uint32 90 random_bytes % opaque random_bytes[28] 91 }). 92 93%% enum { null(0), (255) } CompressionMethod; 94% -define(NULL, 0). %% Already defined by ssl_internal.hrl 95 96%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 97%%% Hello messages - RFC 5246 section 7.4.1 98%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 99 100%% client_hello defined in tls_handshake.hrl and dtls_handshake.hrl 101 102-record(hello_extensions, { 103 renegotiation_info, 104 signature_algs, % supported combinations of hashes/signature algos 105 alpn, 106 next_protocol_negotiation = undefined, % [binary()] 107 srp, 108 ec_point_formats, 109 elliptic_curves, 110 sni, 111 client_hello_versions, 112 server_hello_selected_version, 113 signature_algs_cert, 114 key_share 115 }). 116 117-record(server_hello, { 118 server_version, 119 random, 120 session_id, % opaque SessionID<0..32> 121 cipher_suite, % cipher_suites 122 compression_method, % compression_method 123 extensions 124 }). 125 126%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 127%%% Server authentication and key exchange messages - RFC 5246 section 7.4.3 128%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 129 130%% opaque ASN.1Cert<2^24-1>; 131 132-record(certificate, { 133 asn1_certificates %% certificate_list<1..2^24-1> 134 }). 135 136%% enum { rsa, diffie_hellman } KeyExchangeAlgorithm; 137 138-define(KEY_EXCHANGE_RSA, 0). 139-define(KEY_EXCHANGE_DIFFIE_HELLMAN, 1). 140-define(KEY_EXCHANGE_EC_DIFFIE_HELLMAN, 6). 141-define(KEY_EXCHANGE_PSK, 2). 142-define(KEY_EXCHANGE_EC_DIFFIE_HELLMAN_PSK, 7). 143-define(KEY_EXCHANGE_DHE_PSK, 3). 144-define(KEY_EXCHANGE_RSA_PSK, 4). 145-define(KEY_EXCHANGE_SRP, 5). 146 147-record(server_rsa_params, { 148 rsa_modulus, %% opaque RSA_modulus<1..2^16-1> 149 rsa_exponent %% opaque RSA_exponent<1..2^16-1> 150 }). 151 152-record(server_dh_params, { 153 dh_p, %% opaque DH_p<1..2^16-1> 154 dh_g, %% opaque DH_g<1..2^16-1> 155 dh_y %% opaque DH_Ys<1..2^16-1> 156 }). 157 158-record(server_ecdh_params, { 159 curve, 160 public %% opaque encoded ECpoint 161 }). 162 163-record(server_psk_params, { 164 hint 165 }). 166 167-record(server_dhe_psk_params, { 168 hint, 169 dh_params 170 }). 171 172-record(server_ecdhe_psk_params, { 173 hint, 174 dh_params 175 }). 176 177-record(server_srp_params, { 178 srp_n, %% opaque srp_N<1..2^16-1> 179 srp_g, %% opaque srp_g<1..2^16-1> 180 srp_s, %% opaque srp_s<1..2^8-1> 181 srp_b %% opaque srp_B<1..2^16-1> 182 }). 183 184-record(server_key_exchange, { 185 exchange_keys 186 }). 187 188-record(server_key_params, { 189 params, %% #server_rsa_params{} | #server_dh_params{} 190 params_bin, 191 hashsign, %% term(atom(), atom()) 192 signature %% #signature{} 193 }). 194 195%% enum { anonymous, rsa, dsa } SignatureAlgorithm; 196 197-define(SIGNATURE_ANONYMOUS, 0). 198-define(SIGNATURE_RSA, 1). 199-define(SIGNATURE_DSA, 2). 200 201-record(hello_request, {}). 202-record(server_hello_done, {}). 203 204%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 205%%% Certificate request - RFC 5246 section 7.4.4 206%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 207 208%% enum { 209%% rsa_sign(1), dss_sign(2), rsa_fixed_dh(3), dss_fixed_dh(4), 210%% (255) 211%% } ClientCertificateType; 212 213-define(RSA_SIGN, 1). 214-define(DSS_SIGN, 2). 215-define(RSA_FIXED_DH, 3). 216-define(DSS_FIXED_DH, 4). 217-define(ECDSA_SIGN, 64). 218-define(RSA_FIXED_ECDH, 65). 219-define(ECDSA_FIXED_ECDH, 66). 220 221% opaque DistinguishedName<1..2^16-1>; 222 223-record(certificate_request, { 224 certificate_types, %ClientCertificateType <1..2^8-1> 225 hashsign_algorithms, %%SignatureAndHashAlgorithm <2^16-1>; 226 certificate_authorities %DistinguishedName <0..2^16-1> 227 }). 228 229%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 230%%% Client authentication and key exchange messages - RFC 4346 section 7.4.7 231%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 232 233-record(client_key_exchange, { 234 exchange_keys %% #encrypted_premaster_secret{} (rsa ) | 235 %% DiffieHellmanClientPublicValue 236 }). 237 238-record(pre_master_secret, { 239 client_version, % ProtocolVersion client_version 240 random % opaque random[46]; 241 }). 242 243-record(encrypted_premaster_secret, { 244 premaster_secret 245 }). 246 247%% enum { implicit, explicit } PublicValueEncoding; 248 249-define(IMPLICIT, 0). 250-define(EXPLICIT, 1). 251 252-record(client_diffie_hellman_public, { 253 dh_public 254 }). 255 256-record(client_ec_diffie_hellman_public, { 257 dh_public 258 }). 259 260-record(client_psk_identity, { 261 identity 262 }). 263 264-record(client_dhe_psk_identity, { 265 identity, 266 dh_public 267 }). 268 269-record(client_ecdhe_psk_identity, { 270 identity, 271 dh_public 272 }). 273 274-record(client_rsa_psk_identity, { 275 identity, 276 exchange_keys 277 }). 278 279-record(client_srp_public, { 280 srp_a 281 }). 282 283%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 284%%% Certificate verify - RFC 4346 section 7.4.8 285%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 286-record(certificate_verify, { 287 hashsign_algorithm, 288 signature % binary() 289 }). 290 291 292%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 293%% Handshake finalization message RFC 4346 section 7.4.9 294%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 295-record(finished, { 296 verify_data %opaque verify_data[12] 297 }). 298 299%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 300%% Renegotiation info RFC 5746 section 3.2 301%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 302-define(RENEGOTIATION_EXT, 16#ff01). 303 304-record(renegotiation_info,{ 305 renegotiated_connection 306 }). 307 308%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 309%% SRP RFC 5054 section 2.8.1. 310%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 311-define(SRP_EXT, 12). 312 313-record(srp, { 314 username 315 }). 316 317%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 318%% Signature Algorithms RFC 5746 section 7.4.1.4.1. 319%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 320-define(SIGNATURE_ALGORITHMS_EXT, 13). 321 322-record(hash_sign_algos, {hash_sign_algos}). 323%% RFC 8446 (TLS 1.3) 324-record(signature_algorithms, {signature_scheme_list}). 325 326%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 327%% RFC 7301 Application-Layer Protocol Negotiation 328%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 329 330-define(ALPN_EXT, 16). 331 332-record(alpn, {extension_data}). 333 334%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 335%% Next Protocol Negotiation 336%% (http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-02) 337%% (http://technotes.googlecode.com/git/nextprotoneg.html) 338%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 339 340-define(NEXTPROTONEG_EXT, 13172). 341-define(NEXT_PROTOCOL, 67). 342-record(next_protocol_negotiation, {extension_data}). 343 344-record(next_protocol, {selected_protocol}). 345 346%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 347%% ECC Extensions RFC 8422 section 4 and 5 348%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 349-define(ELLIPTIC_CURVES_EXT, 10). 350-define(EC_POINT_FORMATS_EXT, 11). 351 352-record(elliptic_curves, { 353 elliptic_curve_list 354 }). 355 356%% RFC 8446 (TLS 1.3) renamed the "elliptic_curve" extension. 357-record(supported_groups, { 358 supported_groups 359 }). 360 361-record(ec_point_formats, { 362 ec_point_format_list 363 }). 364 365-define(ECPOINT_UNCOMPRESSED, 0). 366%% Defined in RFC 4492, deprecated by RFC 8422 367%% RFC 8422 compliant implementations MUST not support the two formats below 368-define(ECPOINT_ANSIX962_COMPRESSED_PRIME, 1). 369-define(ECPOINT_ANSIX962_COMPRESSED_CHAR2, 2). 370 371%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 372%% ECC RFC 4492 Handshake Messages, Section 5 373%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 374 375-define(EXPLICIT_PRIME, 1). 376-define(EXPLICIT_CHAR2, 2). 377-define(NAMED_CURVE, 3). 378 379%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 380%% RFC 6066 TLS Extensions: Extension Definitions 381%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 382 383%% section 3 384-define(SNI_EXT, 0). 385 386%% enum { host_name(0), (255) } NameType; 387-define(SNI_NAMETYPE_HOST_NAME, 0). 388 389-record(sni, { 390 hostname = undefined 391 }). 392 393%% enum{ 2^9(1), 2^10(2), 2^11(3), 2^12(4), (255) } MaxFragmentLength; 394-define(MAX_FRAGMENT_LENGTH_EXT, 1). 395-define(MAX_FRAGMENT_LENGTH_BYTES_1, 512). 396-define(MAX_FRAGMENT_LENGTH_BYTES_2, 1024). 397-define(MAX_FRAGMENT_LENGTH_BYTES_3, 2048). 398-define(MAX_FRAGMENT_LENGTH_BYTES_4, 4096). 399 400-record(max_frag_enum, { 401 enum = undefined %% contains the enum value 1..4 402 }). 403 404%% Section 8, Certificate Status Request 405-define(STATUS_REQUEST, 5). 406-define(CERTIFICATE_STATUS_TYPE_OCSP, 1). 407-define(CERTIFICATE_STATUS, 22). 408 409%% status request record defined in RFC 6066, section 8 410-record(certificate_status_request, { 411 status_type, 412 request 413}). 414 415-record(ocsp_status_request, { 416 responder_id_list = [], 417 request_extensions = [] 418}). 419 420-record(certificate_status, { 421 status_type, 422 response 423}). 424 425%% Other possible values from RFC 6066, not supported 426-define(CLIENT_CERTIFICATE_URL, 2). 427-define(TRUSTED_CA_KEYS, 3). 428-define(TRUNCATED_HMAC, 4). 429 430%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 431%% RFC 7250 Using Raw Public Keys in Transport Layer Security (TLS) 432%% and Datagram Transport Layer Security (DTLS) 433%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 434%% Not supported 435-define(CLIENT_CERTIFICATE_TYPE, 19). 436-define(SERVER_CERTIFICATE_TYPE, 20). 437 438%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 439%% RFC 6520 Transport Layer Security (TLS) and 440%% Datagram Transport Layer Security (DTLS) Heartbeat Extension 441%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 442%% Not supported 443-define(HS_HEARTBEAT, 15). 444 445%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 446%% RFC 6962 Certificate Transparency 447%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 448%% Not supported 449-define(SIGNED_CERTIFICATE_TIMESTAMP, 18). 450 451%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 452%% RFC 7685 A Transport Layer Security (TLS) ClientHello Padding Extension 453%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 454%% Not supported 455-define(PADDING, 21). 456 457 458%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 459%% Supported Versions RFC 8446 (TLS 1.3) section 4.2.1 also affects TLS-1.2 460%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 461 462-define(SUPPORTED_VERSIONS_EXT, 43). 463 464-record(client_hello_versions, {versions}). 465-record(server_hello_selected_version, {selected_version}). 466 467%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 468%% Signature Algorithms RFC 8446 (TLS 1.3) section 4.2.3 also affects TLS-1.2 469%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 470 471-define(SIGNATURE_ALGORITHMS_CERT_EXT, 50). 472 473-record(signature_algorithms_cert, {signature_scheme_list}). 474 475-endif. % -ifdef(ssl_handshake). 476