1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ 2 /* 3 * This file is PRIVATE to SSL. 4 * 5 * This Source Code Form is subject to the terms of the Mozilla Public 6 * License, v. 2.0. If a copy of the MPL was not distributed with this 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 8 9 #ifndef __ssl3ext_h_ 10 #define __ssl3ext_h_ 11 12 #include "sslencode.h" 13 14 typedef enum { 15 sni_nametype_hostname 16 } SNINameType; 17 typedef struct TLSExtensionDataStr TLSExtensionData; 18 19 /* Registerable callback function that either appends extension to buffer 20 * or returns length of data that it would have appended. 21 */ 22 typedef SECStatus (*sslExtensionBuilderFunc)(const sslSocket *ss, 23 TLSExtensionData *xtnData, 24 sslBuffer *buf, PRBool *added); 25 26 /* row in a table of hello extension senders */ 27 typedef struct { 28 PRInt32 ex_type; 29 sslExtensionBuilderFunc ex_sender; 30 } sslExtensionBuilder; 31 32 struct TLSExtensionDataStr { 33 /* registered callbacks that send server hello extensions */ 34 sslExtensionBuilder serverHelloSenders[SSL_MAX_EXTENSIONS]; 35 sslExtensionBuilder encryptedExtensionsSenders[SSL_MAX_EXTENSIONS]; 36 sslExtensionBuilder certificateSenders[SSL_MAX_EXTENSIONS]; 37 38 /* Keep track of the extensions that are advertised or negotiated. */ 39 PRUint16 numAdvertised; 40 PRUint16 *advertised; /* Allocated dynamically. */ 41 PRUint16 numNegotiated; 42 PRUint16 negotiated[SSL_MAX_EXTENSIONS]; 43 44 /* SessionTicket Extension related data. */ 45 PRBool ticketTimestampVerified; 46 PRBool emptySessionTicket; 47 PRBool sentSessionTicketInClientHello; 48 SECItem psk_ke_modes; 49 PRUint32 max_early_data_size; 50 51 /* SNI Extension related data 52 * Names data is not coppied from the input buffer. It can not be 53 * used outside the scope where input buffer is defined and that 54 * is beyond ssl3_HandleClientHello function. */ 55 SECItem *sniNameArr; 56 PRUint32 sniNameArrSize; 57 58 /* Signed Certificate Timestamps extracted from the TLS extension. 59 * (client only). 60 * This container holds a temporary pointer to the extension data, 61 * until a session structure (the sec.ci.sid of an sslSocket) is setup 62 * that can hold a permanent copy of the data 63 * (in sec.ci.sid.u.ssl3.signedCertTimestamps). 64 * The data pointed to by this structure is neither explicitly allocated 65 * nor copied: the pointer points to the handshake message buffer and is 66 * only valid in the scope of ssl3_HandleServerHello. 67 */ 68 SECItem signedCertTimestamps; 69 70 PRBool peerSupportsFfdheGroups; /* if the peer supports named ffdhe groups */ 71 72 /* clientSigAndHash contains the contents of the signature_algorithms 73 * extension (if any) the other side supports. This is only valid for TLS 74 * 1.2 or later. In TLS 1.3, it is also used for CertificateRequest. */ 75 SSLSignatureScheme *sigSchemes; 76 unsigned int numSigSchemes; 77 78 SECItem certReqContext; 79 CERTDistNames certReqAuthorities; 80 81 /* In a client: if the server supports Next Protocol Negotiation, then 82 * this is the protocol that was negotiated. 83 */ 84 SECItem nextProto; 85 SSLNextProtoState nextProtoState; 86 87 PRUint16 dtlsSRTPCipherSuite; /* 0 if not selected */ 88 89 unsigned int lastXtnOffset; /* Where to insert padding. 0 = end. */ 90 PRCList remoteKeyShares; /* The other side's public keys (TLS 1.3) */ 91 92 /* The following are used by a TLS 1.3 server. */ 93 SECItem pskBinder; /* The binder for the first PSK. */ 94 unsigned int pskBindersLen; /* The length of the binders. */ 95 PRUint32 ticketAge; /* Used to accept early data. */ 96 SECItem cookie; /* HRR Cookie. */ 97 const sslNamedGroupDef *selectedGroup; /* For HRR. */ 98 /* The application token contains a value that was passed to the client via 99 * a session ticket, or the cookie in a HelloRetryRequest. */ 100 SECItem applicationToken; 101 }; 102 103 typedef struct TLSExtensionStr { 104 PRCList link; /* The linked list link */ 105 PRUint16 type; /* Extension type */ 106 SECItem data; /* Pointers into the handshake data. */ 107 } TLSExtension; 108 109 typedef struct sslCustomExtensionHooks { 110 PRCList link; 111 PRUint16 type; 112 SSLExtensionWriter writer; 113 void *writerArg; 114 SSLExtensionHandler handler; 115 void *handlerArg; 116 } sslCustomExtensionHooks; 117 118 SECStatus ssl3_HandleExtensions(sslSocket *ss, 119 PRUint8 **b, PRUint32 *length, 120 SSLHandshakeType handshakeMessage); 121 SECStatus ssl3_ParseExtensions(sslSocket *ss, 122 PRUint8 **b, PRUint32 *length); 123 SECStatus ssl3_HandleParsedExtensions(sslSocket *ss, 124 SSLHandshakeType handshakeMessage); 125 TLSExtension *ssl3_FindExtension(sslSocket *ss, 126 SSLExtensionType extension_type); 127 void ssl3_DestroyRemoteExtensions(PRCList *list); 128 void ssl3_InitExtensionData(TLSExtensionData *xtnData, const sslSocket *ss); 129 void ssl3_DestroyExtensionData(TLSExtensionData *xtnData); 130 void ssl3_ResetExtensionData(TLSExtensionData *xtnData, const sslSocket *ss); 131 132 PRBool ssl3_ExtensionNegotiated(const sslSocket *ss, PRUint16 ex_type); 133 PRBool ssl3_ExtensionAdvertised(const sslSocket *ss, PRUint16 ex_type); 134 135 SECStatus ssl3_RegisterExtensionSender(const sslSocket *ss, 136 TLSExtensionData *xtnData, 137 PRUint16 ex_type, 138 sslExtensionBuilderFunc cb); 139 SECStatus ssl_ConstructExtensions(sslSocket *ss, sslBuffer *buf, 140 SSLHandshakeType message); 141 SECStatus ssl_SendEmptyExtension(const sslSocket *ss, TLSExtensionData *xtnData, 142 sslBuffer *buf, PRBool *append); 143 SECStatus ssl_InsertPaddingExtension(const sslSocket *ss, unsigned int prefixLen, 144 sslBuffer *buf); 145 146 /* Thunks to let us operate on const sslSocket* objects. */ 147 void ssl3_ExtSendAlert(const sslSocket *ss, SSL3AlertLevel level, 148 SSL3AlertDescription desc); 149 void ssl3_ExtDecodeError(const sslSocket *ss); 150 SECStatus ssl3_ExtConsumeHandshake(const sslSocket *ss, void *v, PRUint32 bytes, 151 PRUint8 **b, PRUint32 *length); 152 SECStatus ssl3_ExtConsumeHandshakeNumber(const sslSocket *ss, PRUint32 *num, 153 PRUint32 bytes, PRUint8 **b, 154 PRUint32 *length); 155 SECStatus ssl3_ExtConsumeHandshakeVariable(const sslSocket *ss, SECItem *i, 156 PRUint32 bytes, PRUint8 **b, 157 PRUint32 *length); 158 159 SECStatus SSLExp_GetExtensionSupport(PRUint16 type, 160 SSLExtensionSupport *support); 161 SECStatus SSLExp_InstallExtensionHooks( 162 PRFileDesc *fd, PRUint16 extension, SSLExtensionWriter writer, 163 void *writerArg, SSLExtensionHandler handler, void *handlerArg); 164 165 #endif 166