1 /* 2 * Copyright (C) 2011, 2012, 2013 Citrix Systems 3 * 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. Neither the name of the project nor the names of its contributors 15 * may be used to endorse or promote products derived from this software 16 * without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 */ 30 31 #ifndef __LIB_TURN_MSG_DEFS__ 32 #define __LIB_TURN_MSG_DEFS__ 33 34 #include "ns_turn_msg_defs_experimental.h" 35 36 /////////////////////////////////////////// 37 // http://www.iana.org/assignments/stun-parameters/stun-parameters.xhtml 38 /////////////////////////////////////////// 39 40 #define STUN_HEADER_LENGTH (20) 41 #define STUN_CHANNEL_HEADER_LENGTH (4) 42 43 #define STUN_MAX_USERNAME_SIZE (512) 44 #define STUN_MAX_REALM_SIZE (127) 45 #define STUN_MAX_NONCE_SIZE (127) 46 #define STUN_MAX_SERVER_NAME_SIZE (1025) 47 #define STUN_MAX_PWD_SIZE (256) 48 #define AUTH_SECRET_SIZE STUN_MAX_PWD_SIZE 49 50 #define STUN_MAGIC_COOKIE (0x2112A442) 51 52 #define IS_STUN_REQUEST(msg_type) (((msg_type) & 0x0110) == 0x0000) 53 #define IS_STUN_INDICATION(msg_type) (((msg_type) & 0x0110) == 0x0010) 54 #define IS_STUN_SUCCESS_RESP(msg_type) (((msg_type) & 0x0110) == 0x0100) 55 #define IS_STUN_ERR_RESP(msg_type) (((msg_type) & 0x0110) == 0x0110) 56 57 #define GET_STUN_REQUEST(msg_type) (msg_type & 0xFEEF) 58 #define GET_STUN_INDICATION(msg_type) ((msg_type & 0xFEEF)|0x0010) 59 #define GET_STUN_SUCCESS_RESP(msg_type) ((msg_type & 0xFEEF)|0x0100) 60 #define GET_STUN_ERR_RESP(msg_type) (msg_type | 0x0110) 61 62 /* Lifetimes: */ 63 #define STUN_DEFAULT_ALLOCATE_LIFETIME (600) 64 #define STUN_MIN_ALLOCATE_LIFETIME STUN_DEFAULT_ALLOCATE_LIFETIME 65 #define STUN_DEFAULT_MAX_ALLOCATE_LIFETIME (3600) 66 #define STUN_DEFAULT_CHANNEL_LIFETIME (600) 67 #define STUN_DEFAULT_NONCE_EXPIRATION_TIME (600) 68 #define STUN_DEFAULT_PERMISSION_LIFETIME (300) 69 /**/ 70 71 #define STUN_METHOD_BINDING (0x0001) 72 #define STUN_METHOD_ALLOCATE (0x0003) 73 #define STUN_METHOD_REFRESH (0x0004) 74 #define STUN_METHOD_SEND (0x0006) 75 #define STUN_METHOD_DATA (0x0007) 76 #define STUN_METHOD_CREATE_PERMISSION (0x0008) 77 #define STUN_METHOD_CHANNEL_BIND (0x0009) 78 79 /* RFC 6062 ==>>*/ 80 #define STUN_METHOD_CONNECT (0x000a) 81 #define STUN_METHOD_CONNECTION_BIND (0x000b) 82 #define STUN_METHOD_CONNECTION_ATTEMPT (0x000c) 83 /* <<== RFC 6062 */ 84 85 #define STUN_ATTRIBUTE_MAPPED_ADDRESS (0x0001) 86 #define OLD_STUN_ATTRIBUTE_RESPONSE_ADDRESS (0x0002) 87 #define STUN_ATTRIBUTE_CHANGE_REQUEST (0x0003) 88 #define OLD_STUN_ATTRIBUTE_SOURCE_ADDRESS (0x0004) 89 #define OLD_STUN_ATTRIBUTE_CHANGED_ADDRESS (0x0005) 90 #define STUN_ATTRIBUTE_USERNAME (0x0006) 91 #define OLD_STUN_ATTRIBUTE_PASSWORD (0x0007) 92 #define STUN_ATTRIBUTE_MESSAGE_INTEGRITY (0x0008) 93 #define STUN_ATTRIBUTE_ERROR_CODE (0x0009) 94 #define STUN_ATTRIBUTE_UNKNOWN_ATTRIBUTES (0x000A) 95 #define OLD_STUN_ATTRIBUTE_REFLECTED_FROM (0x000B) 96 #define STUN_ATTRIBUTE_REALM (0x0014) 97 #define STUN_ATTRIBUTE_NONCE (0x0015) 98 #define STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY (0x0017) 99 #define STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS (0x0020) 100 #define OLD_STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS (0x8020) 101 102 #define STUN_ATTRIBUTE_SOFTWARE (0x8022) 103 #define OLD_STUN_ATTRIBUTE_SERVER STUN_ATTRIBUTE_SOFTWARE 104 #define STUN_ATTRIBUTE_ALTERNATE_SERVER (0x8023) 105 #define STUN_ATTRIBUTE_FINGERPRINT (0x8028) 106 107 #define STUN_ATTRIBUTE_CHANNEL_NUMBER (0x000C) 108 #define STUN_ATTRIBUTE_LIFETIME (0x000D) 109 #define STUN_ATTRIBUTE_BANDWIDTH (0x0010) 110 #define STUN_ATTRIBUTE_XOR_PEER_ADDRESS (0x0012) 111 #define STUN_ATTRIBUTE_DATA (0x0013) 112 #define STUN_ATTRIBUTE_XOR_RELAYED_ADDRESS (0x0016) 113 #define STUN_ATTRIBUTE_EVEN_PORT (0x0018) 114 #define STUN_ATTRIBUTE_REQUESTED_TRANSPORT (0x0019) 115 #define STUN_ATTRIBUTE_DONT_FRAGMENT (0x001A) 116 #define STUN_ATTRIBUTE_TIMER_VAL (0x0021) 117 #define STUN_ATTRIBUTE_RESERVATION_TOKEN (0x0022) 118 119 /* ICE */ 120 #define STUN_ATTRIBUTE_PRIORITY (0x0024) 121 #define STUN_ATTRIBUTE_ICE_CONTROLLED (0x8029) 122 123 /* RFC 5780 */ 124 #define STUN_ATTRIBUTE_PADDING (0x0026) 125 #define STUN_ATTRIBUTE_RESPONSE_PORT (0x0027) 126 #define STUN_ATTRIBUTE_RESPONSE_ORIGIN (0x802B) 127 #define STUN_ATTRIBUTE_OTHER_ADDRESS (0x802C) 128 129 /* RFC 6062 ==>> */ 130 #define STUN_ATTRIBUTE_CONNECTION_ID (0x002A) 131 /* <<== RFC 6062 */ 132 133 #define STUN_VALID_CHANNEL(chn) ((chn)>=0x4000 && (chn)<=0x7FFF) 134 135 ///////// extra values ////////////////// 136 137 /* RFC 6156 ==>> */ 138 #define STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV4 (0x01) 139 #define STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6 (0x02) 140 #define STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_DEFAULT (0x00) 141 #define STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_INVALID (-1) 142 /* <<== RFC 6156 */ 143 144 /* RFC 6062 ==>> */ 145 #define STUN_ATTRIBUTE_TRANSPORT_TCP_VALUE (6) 146 #define STUN_ATTRIBUTE_TRANSPORT_UDP_VALUE (17) 147 #define STUN_ATTRIBUTE_TRANSPORT_TLS_VALUE (56) 148 #define STUN_ATTRIBUTE_TRANSPORT_DTLS_VALUE (250) 149 /* <<== RFC 6062 */ 150 151 /* SHA ==>> */ 152 153 #define SHA1SIZEBYTES (20) 154 #define SHA256SIZEBYTES (32) 155 #define SHA384SIZEBYTES (48) 156 #define SHA512SIZEBYTES (64) 157 158 #define MAXSHASIZE (128) 159 160 enum _SHATYPE { 161 SHATYPE_ERROR = -1, 162 SHATYPE_DEFAULT=0, 163 SHATYPE_SHA1=SHATYPE_DEFAULT, 164 SHATYPE_SHA256, 165 SHATYPE_SHA384, 166 SHATYPE_SHA512 167 }; 168 169 typedef enum _SHATYPE SHATYPE; 170 171 #define shatype_name(sht) ((sht == SHATYPE_SHA1) ? "SHA1" : ((sht == SHATYPE_SHA256) ? "SHA256" : ((sht == SHATYPE_SHA384) ? "SHA384" : "SHA512"))) 172 173 /* <<== SHA */ 174 175 /* OAUTH TOKEN ENC ALG ==> */ 176 177 enum _ENC_ALG { 178 ENC_ALG_ERROR=-1, 179 #if !defined(TURN_NO_GCM) 180 ENC_ALG_DEFAULT=0, 181 A256GCM=ENC_ALG_DEFAULT, 182 A128GCM, 183 #endif 184 ENC_ALG_NUM 185 }; 186 187 typedef enum _ENC_ALG ENC_ALG; 188 189 /* <<== OAUTH TOKEN ENC ALG */ 190 191 /** 192 * oAuth struct 193 */ 194 195 #define STUN_ATTRIBUTE_THIRD_PARTY_AUTHORIZATION (0x802E) 196 #define STUN_ATTRIBUTE_OAUTH_ACCESS_TOKEN (0x001B) 197 198 #define OAUTH_KID_SIZE (128) 199 #define OAUTH_HASH_FUNC_SIZE (64) 200 #define OAUTH_ALG_SIZE (64) 201 #define OAUTH_KEY_SIZE (256) 202 #define OAUTH_GCM_NONCE_SIZE (12) 203 #define OAUTH_MAX_NONCE_SIZE (256) 204 #define OAUTH_GCM_TAG_SIZE (16) 205 #define OAUTH_ENC_ALG_BLOCK_SIZE (16) 206 207 #define OAUTH_DEFAULT_LIFETIME (0) 208 #define OAUTH_DEFAULT_TIMESTAMP (turn_time()) 209 210 #define OAUTH_TIME_DELTA (5) 211 212 struct _oauth_key_data { 213 char kid[OAUTH_KID_SIZE+1]; 214 char ikm_key[OAUTH_KEY_SIZE+1]; 215 size_t ikm_key_size; 216 turn_time_t timestamp; 217 turn_time_t lifetime; 218 char as_rs_alg[OAUTH_ALG_SIZE+1]; 219 }; 220 221 typedef struct _oauth_key_data oauth_key_data; 222 223 struct _oauth_key { 224 char kid[OAUTH_KID_SIZE+1]; 225 char ikm_key[OAUTH_KEY_SIZE+1]; 226 size_t ikm_key_size; 227 turn_time_t timestamp; 228 turn_time_t lifetime; 229 ENC_ALG as_rs_alg; 230 char as_rs_key[OAUTH_KEY_SIZE+1]; 231 size_t as_rs_key_size; 232 char auth_key[OAUTH_KEY_SIZE+1]; 233 size_t auth_key_size; 234 }; 235 236 typedef struct _oauth_key oauth_key; 237 238 struct _oauth_encrypted_block { 239 uint16_t nonce_length; 240 uint8_t nonce[OAUTH_MAX_NONCE_SIZE]; 241 uint16_t key_length; 242 uint8_t mac_key[MAXSHASIZE]; 243 uint64_t timestamp; 244 uint32_t lifetime; 245 }; 246 247 typedef struct _oauth_encrypted_block oauth_encrypted_block; 248 249 struct _oauth_token { 250 oauth_encrypted_block enc_block; 251 }; 252 253 typedef struct _oauth_token oauth_token; 254 255 #define MAX_ENCODED_OAUTH_TOKEN_SIZE (1024) 256 257 struct _encoded_oauth_token { 258 char token[MAX_ENCODED_OAUTH_TOKEN_SIZE]; 259 size_t size; 260 }; 261 262 typedef struct _encoded_oauth_token encoded_oauth_token; 263 264 //////////////////////////////////////////////// 265 266 #endif //__LIB_TURN_MSG_DEFS__ 267