1 /* $OpenBSD: ssl_tlsext.h,v 1.32 2022/08/04 09:27:36 tb Exp $ */ 2 /* 3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 5 * Copyright (c) 2019 Bob Beck <beck@openbsd.org> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #ifndef HEADER_SSL_TLSEXT_H 21 #define HEADER_SSL_TLSEXT_H 22 23 /* TLSv1.3 - RFC 8446 Section 4.2. */ 24 #define SSL_TLSEXT_MSG_CH 0x0001 /* ClientHello */ 25 #define SSL_TLSEXT_MSG_SH 0x0002 /* ServerHello */ 26 #define SSL_TLSEXT_MSG_EE 0x0004 /* EncryptedExtension */ 27 #define SSL_TLSEXT_MSG_CT 0x0008 /* Certificate */ 28 #define SSL_TLSEXT_MSG_CR 0x0010 /* CertificateRequest */ 29 #define SSL_TLSEXT_MSG_NST 0x0020 /* NewSessionTicket */ 30 #define SSL_TLSEXT_MSG_HRR 0x0040 /* HelloRetryRequest */ 31 32 __BEGIN_HIDDEN_DECLS 33 34 int tlsext_alpn_check_format(CBS *cbs); 35 int tlsext_sni_is_valid_hostname(CBS *cbs, int *is_ip); 36 37 int tlsext_client_build(SSL *s, uint16_t msg_type, CBB *cbb); 38 int tlsext_client_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert); 39 40 int tlsext_server_build(SSL *s, uint16_t msg_type, CBB *cbb); 41 int tlsext_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert); 42 43 int tlsext_extension_seen(SSL *s, uint16_t); 44 45 __END_HIDDEN_DECLS 46 47 #endif 48