18dbcf02cSchristos /* 28dbcf02cSchristos * TLSv1 server - internal structures 38dbcf02cSchristos * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi> 48dbcf02cSchristos * 562a52023Schristos * This software may be distributed under the terms of the BSD license. 662a52023Schristos * See README for more details. 78dbcf02cSchristos */ 88dbcf02cSchristos 98dbcf02cSchristos #ifndef TLSV1_SERVER_I_H 108dbcf02cSchristos #define TLSV1_SERVER_I_H 118dbcf02cSchristos 128dbcf02cSchristos struct tlsv1_server { 138dbcf02cSchristos enum { 148dbcf02cSchristos CLIENT_HELLO, SERVER_HELLO, SERVER_CERTIFICATE, 158dbcf02cSchristos SERVER_KEY_EXCHANGE, SERVER_CERTIFICATE_REQUEST, 168dbcf02cSchristos SERVER_HELLO_DONE, CLIENT_CERTIFICATE, CLIENT_KEY_EXCHANGE, 178dbcf02cSchristos CERTIFICATE_VERIFY, CHANGE_CIPHER_SPEC, CLIENT_FINISHED, 188dbcf02cSchristos SERVER_CHANGE_CIPHER_SPEC, SERVER_FINISHED, 198dbcf02cSchristos ESTABLISHED, FAILED 208dbcf02cSchristos } state; 218dbcf02cSchristos 228dbcf02cSchristos struct tlsv1_record_layer rl; 238dbcf02cSchristos 248dbcf02cSchristos u8 session_id[TLS_SESSION_ID_MAX_LEN]; 258dbcf02cSchristos size_t session_id_len; 268dbcf02cSchristos u8 client_random[TLS_RANDOM_LEN]; 278dbcf02cSchristos u8 server_random[TLS_RANDOM_LEN]; 288dbcf02cSchristos u8 master_secret[TLS_MASTER_SECRET_LEN]; 298dbcf02cSchristos 308dbcf02cSchristos u8 alert_level; 318dbcf02cSchristos u8 alert_description; 328dbcf02cSchristos 338dbcf02cSchristos struct crypto_public_key *client_rsa_key; 348dbcf02cSchristos 358dbcf02cSchristos struct tls_verify_hash verify; 368dbcf02cSchristos 378dbcf02cSchristos #define MAX_CIPHER_COUNT 30 388dbcf02cSchristos u16 cipher_suites[MAX_CIPHER_COUNT]; 398dbcf02cSchristos size_t num_cipher_suites; 408dbcf02cSchristos 418dbcf02cSchristos u16 cipher_suite; 428dbcf02cSchristos 438dbcf02cSchristos struct tlsv1_credentials *cred; 448dbcf02cSchristos 458dbcf02cSchristos int verify_peer; 468dbcf02cSchristos u16 client_version; 478dbcf02cSchristos 488dbcf02cSchristos u8 *session_ticket; 498dbcf02cSchristos size_t session_ticket_len; 508dbcf02cSchristos 518dbcf02cSchristos tlsv1_server_session_ticket_cb session_ticket_cb; 528dbcf02cSchristos void *session_ticket_cb_ctx; 538dbcf02cSchristos 54*36d97821Schristos void (*log_cb)(void *ctx, const char *msg); 55*36d97821Schristos void *log_cb_ctx; 56*36d97821Schristos 578dbcf02cSchristos int use_session_ticket; 588dbcf02cSchristos 598dbcf02cSchristos u8 *dh_secret; 608dbcf02cSchristos size_t dh_secret_len; 61*36d97821Schristos 62*36d97821Schristos #ifdef CONFIG_TESTING_OPTIONS 63*36d97821Schristos u32 test_flags; 64*36d97821Schristos int test_failure_reported; 65*36d97821Schristos #endif /* CONFIG_TESTING_OPTIONS */ 668dbcf02cSchristos }; 678dbcf02cSchristos 688dbcf02cSchristos 69*36d97821Schristos void tlsv1_server_log(struct tlsv1_server *conn, const char *fmt, ...) 70*36d97821Schristos PRINTF_FORMAT(2, 3); 71*36d97821Schristos 728dbcf02cSchristos void tlsv1_server_alert(struct tlsv1_server *conn, u8 level, u8 description); 738dbcf02cSchristos int tlsv1_server_derive_keys(struct tlsv1_server *conn, 748dbcf02cSchristos const u8 *pre_master_secret, 758dbcf02cSchristos size_t pre_master_secret_len); 768dbcf02cSchristos u8 * tlsv1_server_handshake_write(struct tlsv1_server *conn, size_t *out_len); 778dbcf02cSchristos u8 * tlsv1_server_send_alert(struct tlsv1_server *conn, u8 level, 788dbcf02cSchristos u8 description, size_t *out_len); 798dbcf02cSchristos int tlsv1_server_process_handshake(struct tlsv1_server *conn, u8 ct, 808dbcf02cSchristos const u8 *buf, size_t *len); 81*36d97821Schristos void tlsv1_server_get_dh_p(struct tlsv1_server *conn, const u8 **dh_p, 82*36d97821Schristos size_t *dh_p_len); 838dbcf02cSchristos 848dbcf02cSchristos #endif /* TLSV1_SERVER_I_H */ 85