18dbcf02cSchristos /* 262a52023Schristos * TLSv1 common definitions 336d97821Schristos * Copyright (c) 2006-2014, Jouni Malinen <j@w1.fi> 48dbcf02cSchristos * 562a52023Schristos * This software may be distributed under the terms of the BSD license. 662a52023Schristos * See README for more details. 78dbcf02cSchristos */ 88dbcf02cSchristos 98dbcf02cSchristos #ifndef TLSV1_COMMON_H 108dbcf02cSchristos #define TLSV1_COMMON_H 118dbcf02cSchristos 128dbcf02cSchristos #include "crypto/crypto.h" 138dbcf02cSchristos 1442669be3Schristos #define TLS_VERSION_1 0x0301 /* TLSv1 */ 1542669be3Schristos #define TLS_VERSION_1_1 0x0302 /* TLSv1.1 */ 1662a52023Schristos #define TLS_VERSION_1_2 0x0303 /* TLSv1.2 */ 1762a52023Schristos #ifdef CONFIG_TLSV12 1862a52023Schristos #define TLS_VERSION TLS_VERSION_1_2 1962a52023Schristos #else /* CONFIG_TLSV12 */ 2042669be3Schristos #ifdef CONFIG_TLSV11 2142669be3Schristos #define TLS_VERSION TLS_VERSION_1_1 2242669be3Schristos #else /* CONFIG_TLSV11 */ 2342669be3Schristos #define TLS_VERSION TLS_VERSION_1 2442669be3Schristos #endif /* CONFIG_TLSV11 */ 2562a52023Schristos #endif /* CONFIG_TLSV12 */ 268dbcf02cSchristos #define TLS_RANDOM_LEN 32 278dbcf02cSchristos #define TLS_PRE_MASTER_SECRET_LEN 48 288dbcf02cSchristos #define TLS_MASTER_SECRET_LEN 48 298dbcf02cSchristos #define TLS_SESSION_ID_MAX_LEN 32 308dbcf02cSchristos #define TLS_VERIFY_DATA_LEN 12 318dbcf02cSchristos 328dbcf02cSchristos /* HandshakeType */ 338dbcf02cSchristos enum { 348dbcf02cSchristos TLS_HANDSHAKE_TYPE_HELLO_REQUEST = 0, 358dbcf02cSchristos TLS_HANDSHAKE_TYPE_CLIENT_HELLO = 1, 368dbcf02cSchristos TLS_HANDSHAKE_TYPE_SERVER_HELLO = 2, 378dbcf02cSchristos TLS_HANDSHAKE_TYPE_NEW_SESSION_TICKET = 4 /* RFC 4507 */, 388dbcf02cSchristos TLS_HANDSHAKE_TYPE_CERTIFICATE = 11, 398dbcf02cSchristos TLS_HANDSHAKE_TYPE_SERVER_KEY_EXCHANGE = 12, 408dbcf02cSchristos TLS_HANDSHAKE_TYPE_CERTIFICATE_REQUEST = 13, 418dbcf02cSchristos TLS_HANDSHAKE_TYPE_SERVER_HELLO_DONE = 14, 428dbcf02cSchristos TLS_HANDSHAKE_TYPE_CERTIFICATE_VERIFY = 15, 438dbcf02cSchristos TLS_HANDSHAKE_TYPE_CLIENT_KEY_EXCHANGE = 16, 448dbcf02cSchristos TLS_HANDSHAKE_TYPE_FINISHED = 20, 458dbcf02cSchristos TLS_HANDSHAKE_TYPE_CERTIFICATE_URL = 21 /* RFC 4366 */, 468dbcf02cSchristos TLS_HANDSHAKE_TYPE_CERTIFICATE_STATUS = 22 /* RFC 4366 */ 478dbcf02cSchristos }; 488dbcf02cSchristos 498dbcf02cSchristos /* CipherSuite */ 508dbcf02cSchristos #define TLS_NULL_WITH_NULL_NULL 0x0000 /* RFC 2246 */ 518dbcf02cSchristos #define TLS_RSA_WITH_NULL_MD5 0x0001 /* RFC 2246 */ 528dbcf02cSchristos #define TLS_RSA_WITH_NULL_SHA 0x0002 /* RFC 2246 */ 538dbcf02cSchristos #define TLS_RSA_EXPORT_WITH_RC4_40_MD5 0x0003 /* RFC 2246 */ 548dbcf02cSchristos #define TLS_RSA_WITH_RC4_128_MD5 0x0004 /* RFC 2246 */ 558dbcf02cSchristos #define TLS_RSA_WITH_RC4_128_SHA 0x0005 /* RFC 2246 */ 568dbcf02cSchristos #define TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 0x0006 /* RFC 2246 */ 578dbcf02cSchristos #define TLS_RSA_WITH_IDEA_CBC_SHA 0x0007 /* RFC 2246 */ 588dbcf02cSchristos #define TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0008 /* RFC 2246 */ 598dbcf02cSchristos #define TLS_RSA_WITH_DES_CBC_SHA 0x0009 /* RFC 2246 */ 608dbcf02cSchristos #define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x000A /* RFC 2246 */ 618dbcf02cSchristos #define TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA 0x000B /* RFC 2246 */ 628dbcf02cSchristos #define TLS_DH_DSS_WITH_DES_CBC_SHA 0x000C /* RFC 2246 */ 638dbcf02cSchristos #define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA 0x000D /* RFC 2246 */ 648dbcf02cSchristos #define TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 0x000E /* RFC 2246 */ 658dbcf02cSchristos #define TLS_DH_RSA_WITH_DES_CBC_SHA 0x000F /* RFC 2246 */ 668dbcf02cSchristos #define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA 0x0010 /* RFC 2246 */ 678dbcf02cSchristos #define TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0011 /* RFC 2246 */ 688dbcf02cSchristos #define TLS_DHE_DSS_WITH_DES_CBC_SHA 0x0012 /* RFC 2246 */ 698dbcf02cSchristos #define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013 /* RFC 2246 */ 708dbcf02cSchristos #define TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0014 /* RFC 2246 */ 718dbcf02cSchristos #define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x0015 /* RFC 2246 */ 728dbcf02cSchristos #define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x0016 /* RFC 2246 */ 738dbcf02cSchristos #define TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 0x0017 /* RFC 2246 */ 748dbcf02cSchristos #define TLS_DH_anon_WITH_RC4_128_MD5 0x0018 /* RFC 2246 */ 758dbcf02cSchristos #define TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA 0x0019 /* RFC 2246 */ 768dbcf02cSchristos #define TLS_DH_anon_WITH_DES_CBC_SHA 0x001A /* RFC 2246 */ 778dbcf02cSchristos #define TLS_DH_anon_WITH_3DES_EDE_CBC_SHA 0x001B /* RFC 2246 */ 788dbcf02cSchristos #define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F /* RFC 3268 */ 798dbcf02cSchristos #define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030 /* RFC 3268 */ 808dbcf02cSchristos #define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031 /* RFC 3268 */ 818dbcf02cSchristos #define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032 /* RFC 3268 */ 828dbcf02cSchristos #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033 /* RFC 3268 */ 838dbcf02cSchristos #define TLS_DH_anon_WITH_AES_128_CBC_SHA 0x0034 /* RFC 3268 */ 848dbcf02cSchristos #define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 /* RFC 3268 */ 858dbcf02cSchristos #define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036 /* RFC 3268 */ 868dbcf02cSchristos #define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037 /* RFC 3268 */ 878dbcf02cSchristos #define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038 /* RFC 3268 */ 888dbcf02cSchristos #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039 /* RFC 3268 */ 898dbcf02cSchristos #define TLS_DH_anon_WITH_AES_256_CBC_SHA 0x003A /* RFC 3268 */ 9062a52023Schristos #define TLS_RSA_WITH_NULL_SHA256 0x003B /* RFC 5246 */ 9162a52023Schristos #define TLS_RSA_WITH_AES_128_CBC_SHA256 0x003C /* RFC 5246 */ 9262a52023Schristos #define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003D /* RFC 5246 */ 9362a52023Schristos #define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 0x003E /* RFC 5246 */ 9462a52023Schristos #define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 0x003F /* RFC 5246 */ 9562a52023Schristos #define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 0x0040 /* RFC 5246 */ 9662a52023Schristos #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x0067 /* RFC 5246 */ 9762a52023Schristos #define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 0x0068 /* RFC 5246 */ 9862a52023Schristos #define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 0x0069 /* RFC 5246 */ 9962a52023Schristos #define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 0x006A /* RFC 5246 */ 10062a52023Schristos #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x006B /* RFC 5246 */ 10162a52023Schristos #define TLS_DH_anon_WITH_AES_128_CBC_SHA256 0x006C /* RFC 5246 */ 10262a52023Schristos #define TLS_DH_anon_WITH_AES_256_CBC_SHA256 0x006D /* RFC 5246 */ 1038dbcf02cSchristos 1048dbcf02cSchristos /* CompressionMethod */ 1058dbcf02cSchristos #define TLS_COMPRESSION_NULL 0 1068dbcf02cSchristos 10762a52023Schristos /* HashAlgorithm */ 10862a52023Schristos enum { 10962a52023Schristos TLS_HASH_ALG_NONE = 0, 11062a52023Schristos TLS_HASH_ALG_MD5 = 1, 11162a52023Schristos TLS_HASH_ALG_SHA1 = 2, 11262a52023Schristos TLS_HASH_ALG_SHA224 = 3, 11362a52023Schristos TLS_HASH_ALG_SHA256 = 4, 11462a52023Schristos TLS_HASH_ALG_SHA384 = 5, 11562a52023Schristos TLS_HASH_ALG_SHA512 = 6 11662a52023Schristos }; 11762a52023Schristos 11862a52023Schristos /* SignatureAlgorithm */ 11962a52023Schristos enum { 12062a52023Schristos TLS_SIGN_ALG_ANONYMOUS = 0, 12162a52023Schristos TLS_SIGN_ALG_RSA = 1, 12262a52023Schristos TLS_SIGN_ALG_DSA = 2, 12362a52023Schristos TLS_SIGN_ALG_ECDSA = 3, 12462a52023Schristos }; 12562a52023Schristos 1268dbcf02cSchristos /* AlertLevel */ 1278dbcf02cSchristos #define TLS_ALERT_LEVEL_WARNING 1 1288dbcf02cSchristos #define TLS_ALERT_LEVEL_FATAL 2 1298dbcf02cSchristos 1308dbcf02cSchristos /* AlertDescription */ 1318dbcf02cSchristos #define TLS_ALERT_CLOSE_NOTIFY 0 1328dbcf02cSchristos #define TLS_ALERT_UNEXPECTED_MESSAGE 10 1338dbcf02cSchristos #define TLS_ALERT_BAD_RECORD_MAC 20 1348dbcf02cSchristos #define TLS_ALERT_DECRYPTION_FAILED 21 1358dbcf02cSchristos #define TLS_ALERT_RECORD_OVERFLOW 22 1368dbcf02cSchristos #define TLS_ALERT_DECOMPRESSION_FAILURE 30 1378dbcf02cSchristos #define TLS_ALERT_HANDSHAKE_FAILURE 40 1388dbcf02cSchristos #define TLS_ALERT_BAD_CERTIFICATE 42 1398dbcf02cSchristos #define TLS_ALERT_UNSUPPORTED_CERTIFICATE 43 1408dbcf02cSchristos #define TLS_ALERT_CERTIFICATE_REVOKED 44 1418dbcf02cSchristos #define TLS_ALERT_CERTIFICATE_EXPIRED 45 1428dbcf02cSchristos #define TLS_ALERT_CERTIFICATE_UNKNOWN 46 1438dbcf02cSchristos #define TLS_ALERT_ILLEGAL_PARAMETER 47 1448dbcf02cSchristos #define TLS_ALERT_UNKNOWN_CA 48 1458dbcf02cSchristos #define TLS_ALERT_ACCESS_DENIED 49 1468dbcf02cSchristos #define TLS_ALERT_DECODE_ERROR 50 1478dbcf02cSchristos #define TLS_ALERT_DECRYPT_ERROR 51 1488dbcf02cSchristos #define TLS_ALERT_EXPORT_RESTRICTION 60 1498dbcf02cSchristos #define TLS_ALERT_PROTOCOL_VERSION 70 1508dbcf02cSchristos #define TLS_ALERT_INSUFFICIENT_SECURITY 71 1518dbcf02cSchristos #define TLS_ALERT_INTERNAL_ERROR 80 1528dbcf02cSchristos #define TLS_ALERT_USER_CANCELED 90 1538dbcf02cSchristos #define TLS_ALERT_NO_RENEGOTIATION 100 1548dbcf02cSchristos #define TLS_ALERT_UNSUPPORTED_EXTENSION 110 /* RFC 4366 */ 1558dbcf02cSchristos #define TLS_ALERT_CERTIFICATE_UNOBTAINABLE 111 /* RFC 4366 */ 1568dbcf02cSchristos #define TLS_ALERT_UNRECOGNIZED_NAME 112 /* RFC 4366 */ 1578dbcf02cSchristos #define TLS_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE 113 /* RFC 4366 */ 1588dbcf02cSchristos #define TLS_ALERT_BAD_CERTIFICATE_HASH_VALUE 114 /* RFC 4366 */ 1598dbcf02cSchristos 1608dbcf02cSchristos /* ChangeCipherSpec */ 1618dbcf02cSchristos enum { 1628dbcf02cSchristos TLS_CHANGE_CIPHER_SPEC = 1 1638dbcf02cSchristos }; 1648dbcf02cSchristos 1658dbcf02cSchristos /* TLS Extensions */ 1668dbcf02cSchristos #define TLS_EXT_SERVER_NAME 0 /* RFC 4366 */ 1678dbcf02cSchristos #define TLS_EXT_MAX_FRAGMENT_LENGTH 1 /* RFC 4366 */ 1688dbcf02cSchristos #define TLS_EXT_CLIENT_CERTIFICATE_URL 2 /* RFC 4366 */ 1698dbcf02cSchristos #define TLS_EXT_TRUSTED_CA_KEYS 3 /* RFC 4366 */ 1708dbcf02cSchristos #define TLS_EXT_TRUNCATED_HMAC 4 /* RFC 4366 */ 1718dbcf02cSchristos #define TLS_EXT_STATUS_REQUEST 5 /* RFC 4366 */ 172*928750b6Schristos #define TLS_EXT_SIGNATURE_ALGORITHMS 13 /* RFC 5246 */ 173*928750b6Schristos #define TLS_EXT_STATUS_REQUEST_V2 17 /* RFC 6961 */ 1748dbcf02cSchristos #define TLS_EXT_SESSION_TICKET 35 /* RFC 4507 */ 1758dbcf02cSchristos 1768dbcf02cSchristos #define TLS_EXT_PAC_OPAQUE TLS_EXT_SESSION_TICKET /* EAP-FAST terminology */ 1778dbcf02cSchristos 1788dbcf02cSchristos 1798dbcf02cSchristos typedef enum { 1808dbcf02cSchristos TLS_KEY_X_NULL, 1818dbcf02cSchristos TLS_KEY_X_RSA, 1828dbcf02cSchristos TLS_KEY_X_RSA_EXPORT, 1838dbcf02cSchristos TLS_KEY_X_DH_DSS_EXPORT, 1848dbcf02cSchristos TLS_KEY_X_DH_DSS, 1858dbcf02cSchristos TLS_KEY_X_DH_RSA_EXPORT, 1868dbcf02cSchristos TLS_KEY_X_DH_RSA, 1878dbcf02cSchristos TLS_KEY_X_DHE_DSS_EXPORT, 1888dbcf02cSchristos TLS_KEY_X_DHE_DSS, 1898dbcf02cSchristos TLS_KEY_X_DHE_RSA_EXPORT, 1908dbcf02cSchristos TLS_KEY_X_DHE_RSA, 1918dbcf02cSchristos TLS_KEY_X_DH_anon_EXPORT, 1928dbcf02cSchristos TLS_KEY_X_DH_anon 1938dbcf02cSchristos } tls_key_exchange; 1948dbcf02cSchristos 1958dbcf02cSchristos typedef enum { 1968dbcf02cSchristos TLS_CIPHER_NULL, 1978dbcf02cSchristos TLS_CIPHER_RC4_40, 1988dbcf02cSchristos TLS_CIPHER_RC4_128, 1998dbcf02cSchristos TLS_CIPHER_RC2_CBC_40, 2008dbcf02cSchristos TLS_CIPHER_IDEA_CBC, 2018dbcf02cSchristos TLS_CIPHER_DES40_CBC, 2028dbcf02cSchristos TLS_CIPHER_DES_CBC, 2038dbcf02cSchristos TLS_CIPHER_3DES_EDE_CBC, 2048dbcf02cSchristos TLS_CIPHER_AES_128_CBC, 2058dbcf02cSchristos TLS_CIPHER_AES_256_CBC 2068dbcf02cSchristos } tls_cipher; 2078dbcf02cSchristos 2088dbcf02cSchristos typedef enum { 2098dbcf02cSchristos TLS_HASH_NULL, 2108dbcf02cSchristos TLS_HASH_MD5, 21162a52023Schristos TLS_HASH_SHA, 21262a52023Schristos TLS_HASH_SHA256 2138dbcf02cSchristos } tls_hash; 2148dbcf02cSchristos 2158dbcf02cSchristos struct tls_cipher_suite { 2168dbcf02cSchristos u16 suite; 2178dbcf02cSchristos tls_key_exchange key_exchange; 2188dbcf02cSchristos tls_cipher cipher; 2198dbcf02cSchristos tls_hash hash; 2208dbcf02cSchristos }; 2218dbcf02cSchristos 2228dbcf02cSchristos typedef enum { 2238dbcf02cSchristos TLS_CIPHER_STREAM, 2248dbcf02cSchristos TLS_CIPHER_BLOCK 2258dbcf02cSchristos } tls_cipher_type; 2268dbcf02cSchristos 2278dbcf02cSchristos struct tls_cipher_data { 2288dbcf02cSchristos tls_cipher cipher; 2298dbcf02cSchristos tls_cipher_type type; 2308dbcf02cSchristos size_t key_material; 2318dbcf02cSchristos size_t expanded_key_material; 2328dbcf02cSchristos size_t block_size; /* also iv_size */ 2338dbcf02cSchristos enum crypto_cipher_alg alg; 2348dbcf02cSchristos }; 2358dbcf02cSchristos 2368dbcf02cSchristos 2378dbcf02cSchristos struct tls_verify_hash { 2388dbcf02cSchristos struct crypto_hash *md5_client; 2398dbcf02cSchristos struct crypto_hash *sha1_client; 24062a52023Schristos struct crypto_hash *sha256_client; 2418dbcf02cSchristos struct crypto_hash *md5_server; 2428dbcf02cSchristos struct crypto_hash *sha1_server; 24362a52023Schristos struct crypto_hash *sha256_server; 2448dbcf02cSchristos struct crypto_hash *md5_cert; 2458dbcf02cSchristos struct crypto_hash *sha1_cert; 24662a52023Schristos struct crypto_hash *sha256_cert; 2478dbcf02cSchristos }; 2488dbcf02cSchristos 2498dbcf02cSchristos 2508dbcf02cSchristos const struct tls_cipher_suite * tls_get_cipher_suite(u16 suite); 2518dbcf02cSchristos const struct tls_cipher_data * tls_get_cipher_data(tls_cipher cipher); 2528dbcf02cSchristos int tls_server_key_exchange_allowed(tls_cipher cipher); 2538dbcf02cSchristos int tls_parse_cert(const u8 *buf, size_t len, struct crypto_public_key **pk); 2548dbcf02cSchristos int tls_verify_hash_init(struct tls_verify_hash *verify); 2558dbcf02cSchristos void tls_verify_hash_add(struct tls_verify_hash *verify, const u8 *buf, 2568dbcf02cSchristos size_t len); 2578dbcf02cSchristos void tls_verify_hash_free(struct tls_verify_hash *verify); 25862a52023Schristos int tls_version_ok(u16 ver); 25962a52023Schristos const char * tls_version_str(u16 ver); 26062a52023Schristos int tls_prf(u16 ver, const u8 *secret, size_t secret_len, const char *label, 26162a52023Schristos const u8 *seed, size_t seed_len, u8 *out, size_t outlen); 262*928750b6Schristos int tlsv12_key_x_server_params_hash(u16 tls_version, u8 hash_Alg, 263*928750b6Schristos const u8 *client_random, 26436d97821Schristos const u8 *server_random, 26536d97821Schristos const u8 *server_params, 26636d97821Schristos size_t server_params_len, u8 *hash); 26736d97821Schristos int tls_key_x_server_params_hash(u16 tls_version, const u8 *client_random, 26836d97821Schristos const u8 *server_random, 26936d97821Schristos const u8 *server_params, 27036d97821Schristos size_t server_params_len, u8 *hash); 27136d97821Schristos int tls_verify_signature(u16 tls_version, struct crypto_public_key *pk, 27236d97821Schristos const u8 *data, size_t data_len, 27336d97821Schristos const u8 *pos, size_t len, u8 *alert); 2748dbcf02cSchristos 2758dbcf02cSchristos #endif /* TLSV1_COMMON_H */ 276