18dbcf02cSchristos /* 28dbcf02cSchristos * TLSv1 server - internal structures 38dbcf02cSchristos * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi> 48dbcf02cSchristos * 562a52023Schristos * This software may be distributed under the terms of the BSD license. 662a52023Schristos * See README for more details. 78dbcf02cSchristos */ 88dbcf02cSchristos 98dbcf02cSchristos #ifndef TLSV1_SERVER_I_H 108dbcf02cSchristos #define TLSV1_SERVER_I_H 118dbcf02cSchristos 128dbcf02cSchristos struct tlsv1_server { 138dbcf02cSchristos enum { 148dbcf02cSchristos CLIENT_HELLO, SERVER_HELLO, SERVER_CERTIFICATE, 158dbcf02cSchristos SERVER_KEY_EXCHANGE, SERVER_CERTIFICATE_REQUEST, 168dbcf02cSchristos SERVER_HELLO_DONE, CLIENT_CERTIFICATE, CLIENT_KEY_EXCHANGE, 178dbcf02cSchristos CERTIFICATE_VERIFY, CHANGE_CIPHER_SPEC, CLIENT_FINISHED, 188dbcf02cSchristos SERVER_CHANGE_CIPHER_SPEC, SERVER_FINISHED, 198dbcf02cSchristos ESTABLISHED, FAILED 208dbcf02cSchristos } state; 218dbcf02cSchristos 228dbcf02cSchristos struct tlsv1_record_layer rl; 238dbcf02cSchristos 248dbcf02cSchristos u8 session_id[TLS_SESSION_ID_MAX_LEN]; 258dbcf02cSchristos size_t session_id_len; 268dbcf02cSchristos u8 client_random[TLS_RANDOM_LEN]; 278dbcf02cSchristos u8 server_random[TLS_RANDOM_LEN]; 288dbcf02cSchristos u8 master_secret[TLS_MASTER_SECRET_LEN]; 298dbcf02cSchristos 308dbcf02cSchristos u8 alert_level; 318dbcf02cSchristos u8 alert_description; 328dbcf02cSchristos 33*0d69f216Schristos int read_alerts, write_alerts; 34*0d69f216Schristos 358dbcf02cSchristos struct crypto_public_key *client_rsa_key; 368dbcf02cSchristos 378dbcf02cSchristos struct tls_verify_hash verify; 388dbcf02cSchristos 398dbcf02cSchristos #define MAX_CIPHER_COUNT 30 408dbcf02cSchristos u16 cipher_suites[MAX_CIPHER_COUNT]; 418dbcf02cSchristos size_t num_cipher_suites; 428dbcf02cSchristos 438dbcf02cSchristos u16 cipher_suite; 448dbcf02cSchristos 458dbcf02cSchristos struct tlsv1_credentials *cred; 468dbcf02cSchristos 478dbcf02cSchristos int verify_peer; 488dbcf02cSchristos u16 client_version; 498dbcf02cSchristos 508dbcf02cSchristos u8 *session_ticket; 518dbcf02cSchristos size_t session_ticket_len; 528dbcf02cSchristos 538dbcf02cSchristos tlsv1_server_session_ticket_cb session_ticket_cb; 548dbcf02cSchristos void *session_ticket_cb_ctx; 558dbcf02cSchristos 5636d97821Schristos void (*log_cb)(void *ctx, const char *msg); 5736d97821Schristos void *log_cb_ctx; 5836d97821Schristos 598dbcf02cSchristos int use_session_ticket; 60928750b6Schristos unsigned int status_request:1; 61928750b6Schristos unsigned int status_request_v2:1; 62928750b6Schristos unsigned int status_request_multi:1; 638dbcf02cSchristos 648dbcf02cSchristos u8 *dh_secret; 658dbcf02cSchristos size_t dh_secret_len; 6636d97821Schristos 6736d97821Schristos #ifdef CONFIG_TESTING_OPTIONS 6836d97821Schristos u32 test_flags; 6936d97821Schristos int test_failure_reported; 7036d97821Schristos #endif /* CONFIG_TESTING_OPTIONS */ 718dbcf02cSchristos }; 728dbcf02cSchristos 738dbcf02cSchristos 7436d97821Schristos void tlsv1_server_log(struct tlsv1_server *conn, const char *fmt, ...) 7536d97821Schristos PRINTF_FORMAT(2, 3); 7636d97821Schristos 778dbcf02cSchristos void tlsv1_server_alert(struct tlsv1_server *conn, u8 level, u8 description); 788dbcf02cSchristos int tlsv1_server_derive_keys(struct tlsv1_server *conn, 798dbcf02cSchristos const u8 *pre_master_secret, 808dbcf02cSchristos size_t pre_master_secret_len); 818dbcf02cSchristos u8 * tlsv1_server_handshake_write(struct tlsv1_server *conn, size_t *out_len); 828dbcf02cSchristos u8 * tlsv1_server_send_alert(struct tlsv1_server *conn, u8 level, 838dbcf02cSchristos u8 description, size_t *out_len); 848dbcf02cSchristos int tlsv1_server_process_handshake(struct tlsv1_server *conn, u8 ct, 858dbcf02cSchristos const u8 *buf, size_t *len); 8636d97821Schristos void tlsv1_server_get_dh_p(struct tlsv1_server *conn, const u8 **dh_p, 8736d97821Schristos size_t *dh_p_len); 888dbcf02cSchristos 898dbcf02cSchristos #endif /* TLSV1_SERVER_I_H */ 90