A library for setting up Secure Socket Layer (SSL) connections and verifying remote hosts using certificates. Contains only the source files for mbed platform implementation of the library.
Dependents: HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL
Embed:
(wiki syntax)
Show/hide line numbers
internal.h
00001 /* internal.h 00002 * 00003 * Copyright (C) 2006-2014 wolfSSL Inc. 00004 * 00005 * This file is part of CyaSSL. 00006 * 00007 * CyaSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * CyaSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA 00020 */ 00021 00022 00023 #ifndef CYASSL_INT_H 00024 #define CYASSL_INT_H 00025 00026 00027 #include <cyassl/ctaocrypt/types.h> 00028 #include <cyassl/ssl.h> 00029 #include <cyassl/crl.h> 00030 #include <cyassl/ctaocrypt/random.h> 00031 #include <cyassl/ctaocrypt/des3.h> 00032 #include <cyassl/ctaocrypt/hc128.h> 00033 #include <cyassl/ctaocrypt/rabbit.h> 00034 #include <cyassl/ctaocrypt/chacha.h> 00035 #include <cyassl/ctaocrypt/asn.h> 00036 #include <cyassl/ctaocrypt/md5.h> 00037 #include <cyassl/ctaocrypt/sha.h> 00038 #include <cyassl/ctaocrypt/aes.h> 00039 #include <cyassl/ctaocrypt/poly1305.h> 00040 #include <cyassl/ctaocrypt/camellia.h> 00041 #include <cyassl/ctaocrypt/logging.h> 00042 #include <cyassl/ctaocrypt/hmac.h> 00043 #ifndef NO_RC4 00044 #include <cyassl/ctaocrypt/arc4.h> 00045 #endif 00046 #ifdef HAVE_ECC 00047 #include <cyassl/ctaocrypt/ecc.h> 00048 #endif 00049 #ifndef NO_SHA256 00050 #include <cyassl/ctaocrypt/sha256.h> 00051 #endif 00052 #ifdef HAVE_OCSP 00053 #include <cyassl/ocsp.h> 00054 #endif 00055 #ifdef CYASSL_SHA512 00056 #include <cyassl/ctaocrypt/sha512.h> 00057 #endif 00058 00059 #ifdef HAVE_AESGCM 00060 #include <cyassl/ctaocrypt/sha512.h> 00061 #endif 00062 00063 #ifdef CYASSL_RIPEMD 00064 #include <cyassl/ctaocrypt/ripemd.h> 00065 #endif 00066 00067 #ifdef CYASSL_CALLBACKS 00068 #include <cyassl/callbacks.h> 00069 #include <signal.h> 00070 #endif 00071 00072 #ifdef USE_WINDOWS_API 00073 #ifdef CYASSL_GAME_BUILD 00074 #include "system/xtl.h" 00075 #else 00076 #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN) 00077 /* On WinCE winsock2.h must be included before windows.h */ 00078 #include <winsock2.h> 00079 #endif 00080 #include <windows.h> 00081 #endif 00082 #elif defined(THREADX) 00083 #ifndef SINGLE_THREADED 00084 #include "tx_api.h" 00085 #endif 00086 #elif defined(MICRIUM) 00087 /* do nothing, just don't pick Unix */ 00088 #elif defined(FREERTOS) || defined(CYASSL_SAFERTOS) 00089 /* do nothing */ 00090 #elif defined(EBSNET) 00091 /* do nothing */ 00092 #elif defined(FREESCALE_MQX) 00093 /* do nothing */ 00094 #elif defined(CYASSL_MDK_ARM) 00095 #if defined(CYASSL_MDK5) 00096 #include "cmsis_os.h" 00097 #else 00098 #include <rtl.h> 00099 #endif 00100 #elif defined(MBED) 00101 #elif defined(CYASSL_TIRTOS) 00102 /* do nothing */ 00103 #else 00104 #ifndef SINGLE_THREADED 00105 #define CYASSL_PTHREADS 00106 #include <pthread.h> 00107 #endif 00108 #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) 00109 #include <unistd.h> /* for close of BIO */ 00110 #endif 00111 #endif 00112 00113 00114 #ifdef HAVE_LIBZ 00115 #include "zlib.h" 00116 #endif 00117 00118 #ifdef _MSC_VER 00119 /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ 00120 #pragma warning(disable: 4996) 00121 #endif 00122 00123 #ifdef NO_AES 00124 #if !defined (ALIGN16) 00125 #define ALIGN16 00126 #endif 00127 #endif 00128 00129 #ifdef NO_SHA 00130 #define SHA_DIGEST_SIZE 20 00131 #endif 00132 00133 #ifdef NO_SHA256 00134 #define SHA256_DIGEST_SIZE 32 00135 #endif 00136 00137 #ifdef NO_MD5 00138 #define MD5_DIGEST_SIZE 16 00139 #endif 00140 00141 00142 #ifdef __cplusplus 00143 extern "C" { 00144 #endif 00145 00146 00147 #ifdef USE_WINDOWS_API 00148 typedef unsigned int SOCKET_T; 00149 #else 00150 typedef int SOCKET_T; 00151 #endif 00152 00153 00154 typedef byte word24[3]; 00155 00156 /* Define or comment out the cipher suites you'd like to be compiled in 00157 make sure to use at least one BUILD_SSL_xxx or BUILD_TLS_xxx is defined 00158 00159 When adding cipher suites, add name to cipher_names, idx to cipher_name_idx 00160 */ 00161 #if !defined(NO_RSA) && !defined(NO_RC4) 00162 #if !defined(NO_SHA) 00163 #define BUILD_SSL_RSA_WITH_RC4_128_SHA 00164 #endif 00165 #if !defined(NO_MD5) 00166 #define BUILD_SSL_RSA_WITH_RC4_128_MD5 00167 #endif 00168 #if !defined(NO_TLS) && defined(HAVE_NTRU) && !defined(NO_SHA) 00169 #define BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA 00170 #endif 00171 #endif 00172 00173 #if !defined(NO_RSA) && !defined(NO_DES3) 00174 #if !defined(NO_SHA) 00175 #define BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA 00176 #if !defined(NO_TLS) && defined(HAVE_NTRU) 00177 #define BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA 00178 #endif 00179 #endif 00180 #endif 00181 00182 #if !defined(NO_RSA) && !defined(NO_AES) && !defined(NO_TLS) 00183 #if !defined(NO_SHA) 00184 #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA 00185 #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA 00186 #if defined(HAVE_NTRU) 00187 #define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA 00188 #define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA 00189 #endif 00190 #endif 00191 #if !defined (NO_SHA256) 00192 #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256 00193 #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256 00194 #endif 00195 #if defined (HAVE_AESGCM) 00196 #define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256 00197 #if defined (CYASSL_SHA384) 00198 #define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384 00199 #endif 00200 #endif 00201 #if defined (HAVE_AESCCM) 00202 #define BUILD_TLS_RSA_WITH_AES_128_CCM_8 00203 #define BUILD_TLS_RSA_WITH_AES_256_CCM_8 00204 #endif 00205 #if defined(HAVE_BLAKE2) 00206 #define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 00207 #define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 00208 #endif 00209 #endif 00210 00211 #if defined(HAVE_CAMELLIA) && !defined(NO_TLS) 00212 #ifndef NO_RSA 00213 #if !defined(NO_SHA) 00214 #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 00215 #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 00216 #endif 00217 #ifndef NO_SHA256 00218 #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 00219 #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 00220 #endif 00221 #if !defined(NO_DH) 00222 #if !defined(NO_SHA) 00223 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 00224 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 00225 #endif 00226 #ifndef NO_SHA256 00227 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 00228 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 00229 #endif 00230 #endif 00231 #endif 00232 #endif 00233 00234 #if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS) 00235 #if !defined(NO_SHA) 00236 #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA 00237 #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA 00238 #endif 00239 #ifndef NO_SHA256 00240 #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 00241 #ifdef HAVE_AESGCM 00242 #define BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256 00243 #endif 00244 #ifdef HAVE_AESCCM 00245 #define BUILD_TLS_PSK_WITH_AES_128_CCM_8 00246 #define BUILD_TLS_PSK_WITH_AES_256_CCM_8 00247 #define BUILD_TLS_PSK_WITH_AES_128_CCM 00248 #define BUILD_TLS_PSK_WITH_AES_256_CCM 00249 #endif 00250 #endif 00251 #ifdef CYASSL_SHA384 00252 #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384 00253 #ifdef HAVE_AESGCM 00254 #define BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384 00255 #endif 00256 #endif 00257 #endif 00258 00259 #if !defined(NO_TLS) && defined(HAVE_NULL_CIPHER) 00260 #if !defined(NO_RSA) 00261 #if !defined(NO_SHA) 00262 #define BUILD_TLS_RSA_WITH_NULL_SHA 00263 #endif 00264 #ifndef NO_SHA256 00265 #define BUILD_TLS_RSA_WITH_NULL_SHA256 00266 #endif 00267 #endif 00268 #if !defined(NO_PSK) 00269 #if !defined(NO_SHA) 00270 #define BUILD_TLS_PSK_WITH_NULL_SHA 00271 #endif 00272 #ifndef NO_SHA256 00273 #define BUILD_TLS_PSK_WITH_NULL_SHA256 00274 #endif 00275 #ifdef CYASSL_SHA384 00276 #define BUILD_TLS_PSK_WITH_NULL_SHA384 00277 #endif 00278 #endif 00279 #endif 00280 00281 #if !defined(NO_HC128) && !defined(NO_RSA) && !defined(NO_TLS) 00282 #define BUILD_TLS_RSA_WITH_HC_128_MD5 00283 #if !defined(NO_SHA) 00284 #define BUILD_TLS_RSA_WITH_HC_128_SHA 00285 #endif 00286 #if defined(HAVE_BLAKE2) 00287 #define BUILD_TLS_RSA_WITH_HC_128_B2B256 00288 #endif 00289 #endif 00290 00291 #if !defined(NO_RABBIT) && !defined(NO_TLS) && !defined(NO_RSA) 00292 #if !defined(NO_SHA) 00293 #define BUILD_TLS_RSA_WITH_RABBIT_SHA 00294 #endif 00295 #endif 00296 00297 #if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \ 00298 !defined(NO_RSA) 00299 #if !defined(NO_SHA) 00300 #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 00301 #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 00302 #endif 00303 #if !defined (NO_SHA256) 00304 #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 00305 #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 00306 #if defined (HAVE_AESGCM) 00307 #define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 00308 #if defined (CYASSL_SHA384) 00309 #define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 00310 #endif 00311 #endif 00312 #endif 00313 #endif 00314 00315 #if defined(HAVE_ANON) && !defined(NO_TLS) && !defined(NO_DH) && \ 00316 !defined(NO_AES) && !defined(NO_SHA) 00317 #define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA 00318 #endif 00319 00320 #if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS) 00321 #ifndef NO_SHA256 00322 #define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 00323 #ifdef HAVE_NULL_CIPHER 00324 #define BUILD_TLS_DHE_PSK_WITH_NULL_SHA256 00325 #endif 00326 #ifdef HAVE_AESGCM 00327 #define BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 00328 #endif 00329 #ifdef HAVE_AESCCM 00330 #define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM 00331 #define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM 00332 #endif 00333 #endif 00334 #ifdef CYASSL_SHA384 00335 #define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 00336 #ifdef HAVE_NULL_CIPHER 00337 #define BUILD_TLS_DHE_PSK_WITH_NULL_SHA384 00338 #endif 00339 #ifdef HAVE_AESGCM 00340 #define BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 00341 #endif 00342 #endif 00343 #endif 00344 00345 #if defined(HAVE_ECC) && !defined(NO_TLS) 00346 #if !defined(NO_AES) 00347 #if !defined(NO_SHA) 00348 #if !defined(NO_RSA) 00349 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 00350 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 00351 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 00352 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 00353 #endif 00354 00355 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 00356 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 00357 00358 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 00359 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 00360 #endif /* NO_SHA */ 00361 #ifndef NO_SHA256 00362 #if !defined(NO_RSA) 00363 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 00364 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 00365 #endif 00366 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 00367 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 00368 #endif 00369 00370 #ifdef CYASSL_SHA384 00371 #if !defined(NO_RSA) 00372 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 00373 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 00374 #endif 00375 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 00376 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 00377 #endif 00378 00379 #if defined (HAVE_AESGCM) 00380 #if !defined(NO_RSA) 00381 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 00382 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 00383 #if defined(CYASSL_SHA384) 00384 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 00385 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 00386 #endif 00387 #endif 00388 00389 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 00390 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 00391 00392 #if defined(CYASSL_SHA384) 00393 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 00394 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 00395 #endif 00396 #endif 00397 #if defined (HAVE_AESCCM) 00398 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 00399 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 00400 #endif 00401 #endif /* NO_AES */ 00402 #if !defined(NO_RC4) 00403 #if !defined(NO_SHA) 00404 #if !defined(NO_RSA) 00405 #define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA 00406 #define BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA 00407 #endif 00408 00409 #define BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 00410 #define BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 00411 #endif 00412 #endif 00413 #if !defined(NO_DES3) 00414 #if !defined(NO_RSA) 00415 #define BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 00416 #define BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 00417 #endif 00418 00419 #define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 00420 #define BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 00421 #endif 00422 #endif 00423 00424 00425 #if defined(BUILD_SSL_RSA_WITH_RC4_128_SHA) || \ 00426 defined(BUILD_SSL_RSA_WITH_RC4_128_MD5) 00427 #define BUILD_ARC4 00428 #endif 00429 00430 #if defined(BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA) 00431 #define BUILD_DES3 00432 #endif 00433 00434 #if defined(BUILD_TLS_RSA_WITH_AES_128_CBC_SHA) || \ 00435 defined(BUILD_TLS_RSA_WITH_AES_256_CBC_SHA) || \ 00436 defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) 00437 #undef BUILD_AES 00438 #define BUILD_AES 00439 #endif 00440 00441 #if defined(BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256) || \ 00442 defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) 00443 #define BUILD_AESGCM 00444 #endif 00445 00446 #if defined(BUILD_TLS_RSA_WITH_HC_128_SHA) || \ 00447 defined(BUILD_TLS_RSA_WITH_HC_128_MD5) || \ 00448 defined(BUILD_TLS_RSA_WITH_HC_128_B2B256) 00449 #define BUILD_HC128 00450 #endif 00451 00452 #if defined(BUILD_TLS_RSA_WITH_RABBIT_SHA) 00453 #define BUILD_RABBIT 00454 #endif 00455 00456 #ifdef NO_DES3 00457 #define DES_BLOCK_SIZE 8 00458 #else 00459 #undef BUILD_DES3 00460 #define BUILD_DES3 00461 #endif 00462 00463 #ifdef NO_AES 00464 #define AES_BLOCK_SIZE 16 00465 #else 00466 #undef BUILD_AES 00467 #define BUILD_AES 00468 #endif 00469 00470 #ifndef NO_RC4 00471 #undef BUILD_ARC4 00472 #define BUILD_ARC4 00473 #endif 00474 00475 #ifdef HAVE_CHACHA 00476 #define CHACHA20_BLOCK_SIZE 16 00477 /* ChaCha - Poly AEAD suites */ 00478 #if defined(HAVE_POLY1305) && !defined(NO_SHA256) 00479 #if defined(HAVE_ECC) 00480 #if !defined(NO_RSA) 00481 #define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 00482 #endif 00483 #define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 00484 #endif 00485 #if !defined(NO_DH) && !defined(NO_RSA) 00486 #define BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 00487 #endif 00488 #endif /* end of ChaCha - Poly AEAD suites */ 00489 #endif 00490 00491 #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_CHACHA) 00492 #define HAVE_AEAD 00493 #endif 00494 00495 00496 /* actual cipher values, 2nd byte */ 00497 enum { 00498 TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x39, 00499 TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x33, 00500 TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x34, 00501 TLS_RSA_WITH_AES_256_CBC_SHA = 0x35, 00502 TLS_RSA_WITH_AES_128_CBC_SHA = 0x2F, 00503 TLS_RSA_WITH_NULL_SHA = 0x02, 00504 TLS_PSK_WITH_AES_256_CBC_SHA = 0x8d, 00505 TLS_PSK_WITH_AES_128_CBC_SHA256 = 0xae, 00506 TLS_PSK_WITH_AES_256_CBC_SHA384 = 0xaf, 00507 TLS_PSK_WITH_AES_128_CBC_SHA = 0x8c, 00508 TLS_PSK_WITH_NULL_SHA256 = 0xb0, 00509 TLS_PSK_WITH_NULL_SHA384 = 0xb1, 00510 TLS_PSK_WITH_NULL_SHA = 0x2c, 00511 SSL_RSA_WITH_RC4_128_SHA = 0x05, 00512 SSL_RSA_WITH_RC4_128_MD5 = 0x04, 00513 SSL_RSA_WITH_3DES_EDE_CBC_SHA = 0x0A, 00514 00515 /* ECC suites, first byte is 0xC0 (ECC_BYTE) */ 00516 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0x14, 00517 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0x13, 00518 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0x0A, 00519 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0x09, 00520 TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0x11, 00521 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0x07, 00522 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x12, 00523 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x08, 00524 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0x27, 00525 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0x23, 00526 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0x28, 00527 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0x24, 00528 00529 /* static ECDH, first byte is 0xC0 (ECC_BYTE) */ 00530 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0x0F, 00531 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0x0E, 00532 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0x05, 00533 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0x04, 00534 TLS_ECDH_RSA_WITH_RC4_128_SHA = 0x0C, 00535 TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0x02, 00536 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0D, 00537 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x03, 00538 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0x29, 00539 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0x25, 00540 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0x2A, 00541 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0x26, 00542 00543 /* CyaSSL extension - eSTREAM */ 00544 TLS_RSA_WITH_HC_128_MD5 = 0xFB, 00545 TLS_RSA_WITH_HC_128_SHA = 0xFC, 00546 TLS_RSA_WITH_RABBIT_SHA = 0xFD, 00547 00548 /* CyaSSL extension - Blake2b 256 */ 00549 TLS_RSA_WITH_AES_128_CBC_B2B256 = 0xF8, 00550 TLS_RSA_WITH_AES_256_CBC_B2B256 = 0xF9, 00551 TLS_RSA_WITH_HC_128_B2B256 = 0xFA, /* eSTREAM too */ 00552 00553 /* CyaSSL extension - NTRU */ 00554 TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5, 00555 TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6, 00556 TLS_NTRU_RSA_WITH_AES_128_CBC_SHA = 0xe7, /* clashes w/official SHA-256 */ 00557 TLS_NTRU_RSA_WITH_AES_256_CBC_SHA = 0xe8, 00558 00559 /* SHA256 */ 00560 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x6b, 00561 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x67, 00562 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d, 00563 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x3c, 00564 TLS_RSA_WITH_NULL_SHA256 = 0x3b, 00565 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0xb2, 00566 TLS_DHE_PSK_WITH_NULL_SHA256 = 0xb4, 00567 00568 /* SHA384 */ 00569 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0xb3, 00570 TLS_DHE_PSK_WITH_NULL_SHA384 = 0xb5, 00571 00572 /* AES-GCM */ 00573 TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x9c, 00574 TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x9d, 00575 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x9e, 00576 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x9f, 00577 TLS_PSK_WITH_AES_128_GCM_SHA256 = 0xa8, 00578 TLS_PSK_WITH_AES_256_GCM_SHA384 = 0xa9, 00579 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0xaa, 00580 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0xab, 00581 00582 /* ECC AES-GCM, first byte is 0xC0 (ECC_BYTE) */ 00583 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2b, 00584 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0x2c, 00585 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2d, 00586 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0x2e, 00587 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0x2f, 00588 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0x30, 00589 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0x31, 00590 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0x32, 00591 00592 /* AES-CCM, first byte is 0xC0 but isn't ECC, 00593 * also, in some of the other AES-CCM suites 00594 * there will be second byte number conflicts 00595 * with non-ECC AES-GCM */ 00596 TLS_RSA_WITH_AES_128_CCM_8 = 0xa0, 00597 TLS_RSA_WITH_AES_256_CCM_8 = 0xa1, 00598 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xae, 00599 TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xaf, 00600 TLS_PSK_WITH_AES_128_CCM = 0xa4, 00601 TLS_PSK_WITH_AES_256_CCM = 0xa5, 00602 TLS_PSK_WITH_AES_128_CCM_8 = 0xa8, 00603 TLS_PSK_WITH_AES_256_CCM_8 = 0xa9, 00604 TLS_DHE_PSK_WITH_AES_128_CCM = 0xa6, 00605 TLS_DHE_PSK_WITH_AES_256_CCM = 0xa7, 00606 00607 /* Camellia */ 00608 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x41, 00609 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x84, 00610 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xba, 00611 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc0, 00612 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x45, 00613 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x88, 00614 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe, 00615 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4, 00616 00617 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0x13, 00618 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0x14, 00619 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0x15, 00620 00621 /* Renegotiation Indication Extension Special Suite */ 00622 TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0xff 00623 }; 00624 00625 00626 #ifndef CYASSL_SESSION_TIMEOUT 00627 #define CYASSL_SESSION_TIMEOUT 500 00628 /* default session resumption cache timeout in seconds */ 00629 #endif 00630 00631 00632 enum Misc { 00633 ECC_BYTE = 0xC0, /* ECC first cipher suite byte */ 00634 CHACHA_BYTE = 0xCC, /* ChaCha first cipher suite */ 00635 00636 SEND_CERT = 1, 00637 SEND_BLANK_CERT = 2, 00638 00639 DTLS_MAJOR = 0xfe, /* DTLS major version number */ 00640 DTLS_MINOR = 0xff, /* DTLS minor version number */ 00641 DTLSv1_2_MINOR = 0xfd, /* DTLS minor version number */ 00642 SSLv3_MAJOR = 3, /* SSLv3 and TLSv1+ major version number */ 00643 SSLv3_MINOR = 0, /* TLSv1 minor version number */ 00644 TLSv1_MINOR = 1, /* TLSv1 minor version number */ 00645 TLSv1_1_MINOR = 2, /* TLSv1_1 minor version number */ 00646 TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */ 00647 OLD_HELLO_ID = 0x01, /* SSLv2 Client Hello Indicator */ 00648 INVALID_BYTE = 0xff, /* Used to initialize cipher specs values */ 00649 NO_COMPRESSION = 0, 00650 ZLIB_COMPRESSION = 221, /* CyaSSL zlib compression */ 00651 HELLO_EXT_SIG_ALGO = 13, /* ID for the sig_algo hello extension */ 00652 SECRET_LEN = 48, /* pre RSA and all master */ 00653 ENCRYPT_LEN = 512, /* allow 4096 bit static buffer */ 00654 SIZEOF_SENDER = 4, /* clnt or srvr */ 00655 FINISHED_SZ = 36, /* MD5_DIGEST_SIZE + SHA_DIGEST_SIZE */ 00656 MAX_RECORD_SIZE = 16384, /* 2^14, max size by standard */ 00657 MAX_MSG_EXTRA = 38 + MAX_DIGEST_SIZE, 00658 /* max added to msg, mac + pad from */ 00659 /* RECORD_HEADER_SZ + BLOCK_SZ (pad) + Max 00660 digest sz + BLOC_SZ (iv) + pad byte (1) */ 00661 MAX_COMP_EXTRA = 1024, /* max compression extra */ 00662 MAX_MTU = 1500, /* max expected MTU */ 00663 MAX_UDP_SIZE = 8192 - 100, /* was MAX_MTU - 100 */ 00664 MAX_DH_SZ = 1036, /* 4096 p, pub, g + 2 byte size for each */ 00665 MAX_STR_VERSION = 8, /* string rep of protocol version */ 00666 00667 PAD_MD5 = 48, /* pad length for finished */ 00668 PAD_SHA = 40, /* pad length for finished */ 00669 MAX_PAD_SIZE = 256, /* maximum length of padding */ 00670 COMPRESS_DUMMY_SIZE = 64, /* compression dummy round size */ 00671 COMPRESS_CONSTANT = 13, /* compression calc constant */ 00672 COMPRESS_UPPER = 55, /* compression calc numerator */ 00673 COMPRESS_LOWER = 64, /* compression calc denominator */ 00674 00675 PEM_LINE_LEN = 80, /* PEM line max + fudge */ 00676 LENGTH_SZ = 2, /* length field for HMAC, data only */ 00677 VERSION_SZ = 2, /* length of proctocol version */ 00678 SEQ_SZ = 8, /* 64 bit sequence number */ 00679 BYTE3_LEN = 3, /* up to 24 bit byte lengths */ 00680 ALERT_SIZE = 2, /* level + description */ 00681 VERIFY_HEADER = 2, /* always use 2 bytes */ 00682 EXT_ID_SZ = 2, /* always use 2 bytes */ 00683 MAX_DH_SIZE = 513, /* 4096 bit plus possible leading 0 */ 00684 00685 MAX_SUITE_SZ = 200, /* 100 suites for now! */ 00686 RAN_LEN = 32, /* random length */ 00687 SEED_LEN = RAN_LEN * 2, /* tls prf seed length */ 00688 ID_LEN = 32, /* session id length */ 00689 MAX_COOKIE_LEN = 32, /* max dtls cookie size */ 00690 COOKIE_SZ = 20, /* use a 20 byte cookie */ 00691 SUITE_LEN = 2, /* cipher suite sz length */ 00692 ENUM_LEN = 1, /* always a byte */ 00693 OPAQUE8_LEN = 1, /* 1 byte */ 00694 OPAQUE16_LEN = 2, /* 2 bytes */ 00695 OPAQUE24_LEN = 3, /* 3 bytes */ 00696 OPAQUE32_LEN = 4, /* 4 bytes */ 00697 COMP_LEN = 1, /* compression length */ 00698 CURVE_LEN = 2, /* ecc named curve length */ 00699 SERVER_ID_LEN = 20, /* server session id length */ 00700 00701 HANDSHAKE_HEADER_SZ = 4, /* type + length(3) */ 00702 RECORD_HEADER_SZ = 5, /* type + version + len(2) */ 00703 CERT_HEADER_SZ = 3, /* always 3 bytes */ 00704 REQ_HEADER_SZ = 2, /* cert request header sz */ 00705 HINT_LEN_SZ = 2, /* length of hint size field */ 00706 TRUNCATED_HMAC_SZ = 10, /* length of hmac w/ truncated hmac extension */ 00707 HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */ 00708 HELLO_EXT_SZ = 8, /* total length of the lazy hello extensions */ 00709 HELLO_EXT_LEN = 6, /* length of the lazy hello extensions */ 00710 HELLO_EXT_SIGALGO_SZ = 2, /* length of signature algo extension */ 00711 HELLO_EXT_SIGALGO_MAX = 32, /* number of items in the signature algo list */ 00712 00713 DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */ 00714 DTLS_RECORD_HEADER_SZ = 13, /* normal + epoch(2) + seq_num(6) */ 00715 DTLS_HANDSHAKE_EXTRA = 8, /* diff from normal */ 00716 DTLS_RECORD_EXTRA = 8, /* diff from normal */ 00717 DTLS_HANDSHAKE_SEQ_SZ = 2, /* handshake header sequence number */ 00718 DTLS_HANDSHAKE_FRAG_SZ = 3, /* fragment offset and length are 24 bit */ 00719 DTLS_POOL_SZ = 5, /* buffers to hold in the retry pool */ 00720 00721 FINISHED_LABEL_SZ = 15, /* TLS finished label size */ 00722 TLS_FINISHED_SZ = 12, /* TLS has a shorter size */ 00723 MASTER_LABEL_SZ = 13, /* TLS master secret label sz */ 00724 KEY_LABEL_SZ = 13, /* TLS key block expansion sz */ 00725 MAX_PRF_HALF = 256, /* Maximum half secret len */ 00726 MAX_PRF_LABSEED = 128, /* Maximum label + seed len */ 00727 MAX_PRF_DIG = 224, /* Maximum digest len */ 00728 MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */ 00729 SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */ 00730 00731 RC4_KEY_SIZE = 16, /* always 128bit */ 00732 DES_KEY_SIZE = 8, /* des */ 00733 DES3_KEY_SIZE = 24, /* 3 des ede */ 00734 DES_IV_SIZE = DES_BLOCK_SIZE, 00735 AES_256_KEY_SIZE = 32, /* for 256 bit */ 00736 AES_192_KEY_SIZE = 24, /* for 192 bit */ 00737 AES_IV_SIZE = 16, /* always block size */ 00738 AES_128_KEY_SIZE = 16, /* for 128 bit */ 00739 00740 AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */ 00741 AEAD_TYPE_OFFSET = 8, /* Auth Data: Type */ 00742 AEAD_VMAJ_OFFSET = 9, /* Auth Data: Major Version */ 00743 AEAD_VMIN_OFFSET = 10, /* Auth Data: Minor Version */ 00744 AEAD_LEN_OFFSET = 11, /* Auth Data: Length */ 00745 AEAD_AUTH_DATA_SZ = 13, /* Size of the data to authenticate */ 00746 AEAD_IMP_IV_SZ = 4, /* Size of the implicit IV */ 00747 AEAD_EXP_IV_SZ = 8, /* Size of the explicit IV */ 00748 AEAD_NONCE_SZ = AEAD_EXP_IV_SZ + AEAD_IMP_IV_SZ, 00749 00750 AES_GCM_AUTH_SZ = 16, /* AES-GCM Auth Tag length */ 00751 AES_CCM_16_AUTH_SZ = 16, /* AES-CCM-16 Auth Tag length */ 00752 AES_CCM_8_AUTH_SZ = 8, /* AES-CCM-8 Auth Tag Length */ 00753 00754 CAMELLIA_128_KEY_SIZE = 16, /* for 128 bit */ 00755 CAMELLIA_192_KEY_SIZE = 24, /* for 192 bit */ 00756 CAMELLIA_256_KEY_SIZE = 32, /* for 256 bit */ 00757 CAMELLIA_IV_SIZE = 16, /* always block size */ 00758 00759 CHACHA20_256_KEY_SIZE = 32, /* for 256 bit */ 00760 CHACHA20_128_KEY_SIZE = 16, /* for 128 bit */ 00761 CHACHA20_IV_SIZE = 8, /* 64 bits for iv */ 00762 00763 POLY1305_AUTH_SZ = 16, /* 128 bits */ 00764 00765 HC_128_KEY_SIZE = 16, /* 128 bits */ 00766 HC_128_IV_SIZE = 16, /* also 128 bits */ 00767 00768 RABBIT_KEY_SIZE = 16, /* 128 bits */ 00769 RABBIT_IV_SIZE = 8, /* 64 bits for iv */ 00770 00771 EVP_SALT_SIZE = 8, /* evp salt size 64 bits */ 00772 00773 ECDHE_SIZE = 32, /* ECHDE server size defaults to 256 bit */ 00774 MAX_EXPORT_ECC_SZ = 256, /* Export ANS X9.62 max future size */ 00775 00776 MAX_HELLO_SZ = 128, /* max client or server hello */ 00777 MAX_CERT_VERIFY_SZ = 1024, /* max */ 00778 CLIENT_HELLO_FIRST = 35, /* Protocol + RAN_LEN + sizeof(id_len) */ 00779 MAX_SUITE_NAME = 48, /* maximum length of cipher suite string */ 00780 00781 DTLS_TIMEOUT_INIT = 1, /* default timeout init for DTLS receive */ 00782 DTLS_TIMEOUT_MAX = 64, /* default max timeout for DTLS receive */ 00783 DTLS_TIMEOUT_MULTIPLIER = 2, /* default timeout multiplier for DTLS recv */ 00784 00785 MAX_PSK_ID_LEN = 128, /* max psk identity/hint supported */ 00786 MAX_PSK_KEY_LEN = 64, /* max psk key supported */ 00787 00788 MAX_CYASSL_FILE_SIZE = 1024 * 1024 * 4, /* 4 mb file size alloc limit */ 00789 00790 #ifdef FORTRESS 00791 MAX_EX_DATA = 3, /* allow for three items of ex_data */ 00792 #endif 00793 00794 MAX_X509_SIZE = 2048, /* max static x509 buffer size */ 00795 CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */ 00796 MAX_FILENAME_SZ = 256, /* max file name length */ 00797 FILE_BUFFER_SIZE = 1024, /* default static file buffer size for input, 00798 will use dynamic buffer if not big enough */ 00799 00800 MAX_NTRU_PUB_KEY_SZ = 1027, /* NTRU max for now */ 00801 MAX_NTRU_ENCRYPT_SZ = 1027, /* NTRU max for now */ 00802 MAX_NTRU_BITS = 256, /* max symmetric bit strength */ 00803 NO_SNIFF = 0, /* not sniffing */ 00804 SNIFF = 1, /* currently sniffing */ 00805 00806 HASH_SIG_SIZE = 2, /* default SHA1 RSA */ 00807 00808 NO_CAVIUM_DEVICE = -2, /* invalid cavium device id */ 00809 00810 NO_COPY = 0, /* should we copy static buffer for write */ 00811 COPY = 1 /* should we copy static buffer for write */ 00812 }; 00813 00814 #ifdef SESSION_INDEX 00815 /* Shift values for making a session index */ 00816 #define SESSIDX_ROW_SHIFT 4 00817 #define SESSIDX_IDX_MASK 0x0F 00818 #endif 00819 00820 00821 /* max cert chain peer depth */ 00822 #ifndef MAX_CHAIN_DEPTH 00823 #define MAX_CHAIN_DEPTH 9 00824 #endif 00825 00826 #ifndef SESSION_TICKET_LEN 00827 #define SESSION_TICKET_LEN 256 00828 #endif 00829 00830 00831 /* don't use extra 3/4k stack space unless need to */ 00832 #ifdef HAVE_NTRU 00833 #define MAX_ENCRYPT_SZ MAX_NTRU_ENCRYPT_SZ 00834 #else 00835 #define MAX_ENCRYPT_SZ ENCRYPT_LEN 00836 #endif 00837 00838 00839 /* states */ 00840 enum states { 00841 NULL_STATE = 0, 00842 00843 SERVER_HELLOVERIFYREQUEST_COMPLETE, 00844 SERVER_HELLO_COMPLETE, 00845 SERVER_CERT_COMPLETE, 00846 SERVER_KEYEXCHANGE_COMPLETE, 00847 SERVER_HELLODONE_COMPLETE, 00848 SERVER_FINISHED_COMPLETE, 00849 00850 CLIENT_HELLO_COMPLETE, 00851 CLIENT_KEYEXCHANGE_COMPLETE, 00852 CLIENT_FINISHED_COMPLETE, 00853 00854 HANDSHAKE_DONE 00855 }; 00856 00857 00858 #if defined(__GNUC__) 00859 #define CYASSL_PACK __attribute__ ((packed)) 00860 #else 00861 #define CYASSL_PACK 00862 #endif 00863 00864 /* SSL Version */ 00865 typedef struct ProtocolVersion { 00866 byte major; 00867 byte minor; 00868 } CYASSL_PACK ProtocolVersion; 00869 00870 00871 CYASSL_LOCAL ProtocolVersion MakeSSLv3(void); 00872 CYASSL_LOCAL ProtocolVersion MakeTLSv1(void); 00873 CYASSL_LOCAL ProtocolVersion MakeTLSv1_1(void); 00874 CYASSL_LOCAL ProtocolVersion MakeTLSv1_2(void); 00875 00876 #ifdef CYASSL_DTLS 00877 CYASSL_LOCAL ProtocolVersion MakeDTLSv1(void); 00878 CYASSL_LOCAL ProtocolVersion MakeDTLSv1_2(void); 00879 #endif 00880 00881 00882 enum BIO_TYPE { 00883 BIO_BUFFER = 1, 00884 BIO_SOCKET = 2, 00885 BIO_SSL = 3, 00886 BIO_MEMORY = 4 00887 }; 00888 00889 00890 /* CyaSSL BIO_METHOD type */ 00891 struct CYASSL_BIO_METHOD { 00892 byte type; /* method type */ 00893 }; 00894 00895 00896 /* CyaSSL BIO type */ 00897 struct CYASSL_BIO { 00898 byte type; /* method type */ 00899 byte close; /* close flag */ 00900 byte eof; /* eof flag */ 00901 CYASSL* ssl; /* possible associated ssl */ 00902 byte* mem; /* memory buffer */ 00903 int memLen; /* memory buffer length */ 00904 int fd; /* possible file descriptor */ 00905 CYASSL_BIO* prev; /* previous in chain */ 00906 CYASSL_BIO* next; /* next in chain */ 00907 }; 00908 00909 00910 /* CyaSSL method type */ 00911 struct CYASSL_METHOD { 00912 ProtocolVersion version; 00913 byte side; /* connection side, server or client */ 00914 byte downgrade; /* whether to downgrade version, default no */ 00915 }; 00916 00917 00918 /* defautls to client */ 00919 CYASSL_LOCAL void InitSSL_Method(CYASSL_METHOD*, ProtocolVersion); 00920 00921 /* for sniffer */ 00922 CYASSL_LOCAL int DoFinished(CYASSL* ssl, const byte* input, word32* inOutIdx, 00923 word32 size, word32 totalSz, int sniff); 00924 CYASSL_LOCAL int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx); 00925 00926 00927 /* CyaSSL buffer type */ 00928 typedef struct buffer { 00929 word32 length; 00930 byte* buffer; 00931 } buffer; 00932 00933 00934 enum { 00935 FORCED_FREE = 1, 00936 NO_FORCED_FREE = 0 00937 }; 00938 00939 00940 /* only use compression extra if using compression */ 00941 #ifdef HAVE_LIBZ 00942 #define COMP_EXTRA MAX_COMP_EXTRA 00943 #else 00944 #define COMP_EXTRA 0 00945 #endif 00946 00947 /* only the sniffer needs space in the buffer for extra MTU record(s) */ 00948 #ifdef CYASSL_SNIFFER 00949 #define MTU_EXTRA MAX_MTU * 3 00950 #else 00951 #define MTU_EXTRA 0 00952 #endif 00953 00954 00955 /* embedded callbacks require large static buffers, make sure on */ 00956 #ifdef CYASSL_CALLBACKS 00957 #undef LARGE_STATIC_BUFFERS 00958 #define LARGE_STATIC_BUFFERS 00959 #endif 00960 00961 00962 /* give user option to use 16K static buffers */ 00963 #if defined(LARGE_STATIC_BUFFERS) 00964 #define RECORD_SIZE MAX_RECORD_SIZE 00965 #else 00966 #ifdef CYASSL_DTLS 00967 #define RECORD_SIZE MAX_MTU 00968 #else 00969 #define RECORD_SIZE 128 00970 #endif 00971 #endif 00972 00973 00974 /* user option to turn off 16K output option */ 00975 /* if using small static buffers (default) and SSL_write tries to write data 00976 larger than the record we have, dynamically get it, unless user says only 00977 write in static buffer chuncks */ 00978 #ifndef STATIC_CHUNKS_ONLY 00979 #define OUTPUT_RECORD_SIZE MAX_RECORD_SIZE 00980 #else 00981 #define OUTPUT_RECORD_SIZE RECORD_SIZE 00982 #endif 00983 00984 /* CyaSSL input buffer 00985 00986 RFC 2246: 00987 00988 length 00989 The length (in bytes) of the following TLSPlaintext.fragment. 00990 The length should not exceed 2^14. 00991 */ 00992 #if defined(LARGE_STATIC_BUFFERS) 00993 #define STATIC_BUFFER_LEN RECORD_HEADER_SZ + RECORD_SIZE + COMP_EXTRA + \ 00994 MTU_EXTRA + MAX_MSG_EXTRA 00995 #else 00996 /* don't fragment memory from the record header */ 00997 #define STATIC_BUFFER_LEN RECORD_HEADER_SZ 00998 #endif 00999 01000 typedef struct { 01001 word32 length; /* total buffer length used */ 01002 word32 idx; /* idx to part of length already consumed */ 01003 byte* buffer; /* place holder for static or dynamic buffer */ 01004 word32 bufferSize; /* current buffer size */ 01005 ALIGN16 byte staticBuffer[STATIC_BUFFER_LEN]; 01006 byte dynamicFlag; /* dynamic memory currently in use */ 01007 byte offset; /* alignment offset attempt */ 01008 } bufferStatic; 01009 01010 /* Cipher Suites holder */ 01011 typedef struct Suites { 01012 int setSuites; /* user set suites from default */ 01013 byte suites[MAX_SUITE_SZ]; 01014 word16 suiteSz; /* suite length in bytes */ 01015 byte hashSigAlgo[HELLO_EXT_SIGALGO_MAX]; /* sig/algo to offer */ 01016 word16 hashSigAlgoSz; /* SigAlgo extension length in bytes */ 01017 byte hashAlgo; /* selected hash algorithm */ 01018 byte sigAlgo; /* selected sig algorithm */ 01019 } Suites; 01020 01021 01022 CYASSL_LOCAL 01023 void InitSuites(Suites*, ProtocolVersion, 01024 byte, byte, byte, byte, byte, byte, int); 01025 CYASSL_LOCAL 01026 int SetCipherList(Suites*, const char* list); 01027 01028 #ifndef PSK_TYPES_DEFINED 01029 typedef unsigned int (*psk_client_callback)(CYASSL*, const char*, char*, 01030 unsigned int, unsigned char*, unsigned int); 01031 typedef unsigned int (*psk_server_callback)(CYASSL*, const char*, 01032 unsigned char*, unsigned int); 01033 #endif /* PSK_TYPES_DEFINED */ 01034 01035 01036 #ifdef HAVE_NETX 01037 CYASSL_LOCAL int NetX_Receive(CYASSL *ssl, char *buf, int sz, void *ctx); 01038 CYASSL_LOCAL int NetX_Send(CYASSL *ssl, char *buf, int sz, void *ctx); 01039 #endif /* HAVE_NETX */ 01040 01041 01042 /* CyaSSL Cipher type just points back to SSL */ 01043 struct CYASSL_CIPHER { 01044 CYASSL* ssl; 01045 }; 01046 01047 01048 typedef struct OCSP_Entry OCSP_Entry; 01049 01050 #ifdef SHA_DIGEST_SIZE 01051 #define OCSP_DIGEST_SIZE SHA_DIGEST_SIZE 01052 #else 01053 #define OCSP_DIGEST_SIZE 160 01054 #endif 01055 01056 #ifdef NO_ASN 01057 /* no_asn won't have */ 01058 typedef struct CertStatus CertStatus; 01059 #endif 01060 01061 struct OCSP_Entry { 01062 OCSP_Entry* next; /* next entry */ 01063 byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */ 01064 byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */ 01065 CertStatus* status; /* OCSP response list */ 01066 int totalStatus; /* number on list */ 01067 }; 01068 01069 01070 #ifndef HAVE_OCSP 01071 typedef struct CYASSL_OCSP CYASSL_OCSP; 01072 #endif 01073 01074 /* CyaSSL OCSP controller */ 01075 struct CYASSL_OCSP { 01076 CYASSL_CERT_MANAGER* cm; /* pointer back to cert manager */ 01077 OCSP_Entry* ocspList; /* OCSP response list */ 01078 CyaSSL_Mutex ocspLock; /* OCSP list lock */ 01079 }; 01080 01081 #ifndef MAX_DATE_SIZE 01082 #define MAX_DATE_SIZE 32 01083 #endif 01084 01085 typedef struct CRL_Entry CRL_Entry; 01086 01087 #ifdef SHA_DIGEST_SIZE 01088 #define CRL_DIGEST_SIZE SHA_DIGEST_SIZE 01089 #else 01090 #define CRL_DIGEST_SIZE 160 01091 #endif 01092 01093 #ifdef NO_ASN 01094 typedef struct RevokedCert RevokedCert; 01095 #endif 01096 01097 /* Complete CRL */ 01098 struct CRL_Entry { 01099 CRL_Entry* next; /* next entry */ 01100 byte issuerHash[CRL_DIGEST_SIZE]; /* issuer hash */ 01101 /* byte crlHash[CRL_DIGEST_SIZE]; raw crl data hash */ 01102 /* restore the hash here if needed for optimized comparisons */ 01103 byte lastDate[MAX_DATE_SIZE]; /* last date updated */ 01104 byte nextDate[MAX_DATE_SIZE]; /* next update date */ 01105 byte lastDateFormat; /* last date format */ 01106 byte nextDateFormat; /* next date format */ 01107 RevokedCert* certs; /* revoked cert list */ 01108 int totalCerts; /* number on list */ 01109 }; 01110 01111 01112 typedef struct CRL_Monitor CRL_Monitor; 01113 01114 /* CRL directory monitor */ 01115 struct CRL_Monitor { 01116 char* path; /* full dir path, if valid pointer we're using */ 01117 int type; /* PEM or ASN1 type */ 01118 }; 01119 01120 01121 #ifndef HAVE_CRL 01122 typedef struct CYASSL_CRL CYASSL_CRL; 01123 #endif 01124 01125 /* CyaSSL CRL controller */ 01126 struct CYASSL_CRL { 01127 CYASSL_CERT_MANAGER* cm; /* pointer back to cert manager */ 01128 CRL_Entry* crlList; /* our CRL list */ 01129 CyaSSL_Mutex crlLock; /* CRL list lock */ 01130 CRL_Monitor monitors[2]; /* PEM and DER possible */ 01131 #ifdef HAVE_CRL_MONITOR 01132 pthread_t tid; /* monitoring thread */ 01133 int mfd; /* monitor fd, -1 if no init yet */ 01134 #endif 01135 }; 01136 01137 01138 #ifdef NO_ASN 01139 typedef struct Signer Signer; 01140 #endif 01141 01142 01143 #ifndef CA_TABLE_SIZE 01144 #define CA_TABLE_SIZE 11 01145 #endif 01146 01147 /* CyaSSL Certificate Manager */ 01148 struct CYASSL_CERT_MANAGER { 01149 Signer* caTable[CA_TABLE_SIZE]; /* the CA signer table */ 01150 CyaSSL_Mutex caLock; /* CA list lock */ 01151 CallbackCACache caCacheCallback; /* CA cache addition callback */ 01152 void* heap; /* heap helper */ 01153 CYASSL_CRL* crl; /* CRL checker */ 01154 byte crlEnabled; /* is CRL on ? */ 01155 byte crlCheckAll; /* always leaf, but all ? */ 01156 CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */ 01157 CYASSL_OCSP* ocsp; /* OCSP checker */ 01158 byte ocspEnabled; /* is OCSP on ? */ 01159 byte ocspSendNonce; /* send the OCSP nonce ? */ 01160 byte ocspUseOverrideURL; /* ignore cert's responder, override */ 01161 char* ocspOverrideURL; /* use this responder */ 01162 void* ocspIOCtx; /* I/O callback CTX */ 01163 CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */ 01164 CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */ 01165 }; 01166 01167 CYASSL_LOCAL int CM_SaveCertCache(CYASSL_CERT_MANAGER*, const char*); 01168 CYASSL_LOCAL int CM_RestoreCertCache(CYASSL_CERT_MANAGER*, const char*); 01169 CYASSL_LOCAL int CM_MemSaveCertCache(CYASSL_CERT_MANAGER*, void*, int, int*); 01170 CYASSL_LOCAL int CM_MemRestoreCertCache(CYASSL_CERT_MANAGER*, const void*, int); 01171 CYASSL_LOCAL int CM_GetCertCacheMemSize(CYASSL_CERT_MANAGER*); 01172 01173 /* CyaSSL Sock Addr */ 01174 struct CYASSL_SOCKADDR { 01175 unsigned int sz; /* sockaddr size */ 01176 void* sa; /* pointer to the sockaddr_in or sockaddr_in6 */ 01177 }; 01178 01179 typedef struct CYASSL_DTLS_CTX { 01180 CYASSL_SOCKADDR peer; 01181 int fd; 01182 } CYASSL_DTLS_CTX; 01183 01184 01185 #ifdef CYASSL_DTLS 01186 01187 #ifdef WORD64_AVAILABLE 01188 typedef word64 DtlsSeq; 01189 #else 01190 typedef word32 DtlsSeq; 01191 #endif 01192 #define DTLS_SEQ_BITS (sizeof(DtlsSeq) * CHAR_BIT) 01193 01194 typedef struct DtlsState { 01195 DtlsSeq window; /* Sliding window for current epoch */ 01196 word16 nextEpoch; /* Expected epoch in next record */ 01197 word32 nextSeq; /* Expected sequence in next record */ 01198 01199 word16 curEpoch; /* Received epoch in current record */ 01200 word32 curSeq; /* Received sequence in current record */ 01201 01202 DtlsSeq prevWindow; /* Sliding window for old epoch */ 01203 word32 prevSeq; /* Next sequence in allowed old epoch */ 01204 } DtlsState; 01205 01206 #endif /* CYASSL_DTLS */ 01207 01208 01209 /* keys and secrets */ 01210 typedef struct Keys { 01211 byte client_write_MAC_secret[MAX_DIGEST_SIZE]; /* max sizes */ 01212 byte server_write_MAC_secret[MAX_DIGEST_SIZE]; 01213 byte client_write_key[AES_256_KEY_SIZE]; /* max sizes */ 01214 byte server_write_key[AES_256_KEY_SIZE]; 01215 byte client_write_IV[AES_IV_SIZE]; /* max sizes */ 01216 byte server_write_IV[AES_IV_SIZE]; 01217 #ifdef HAVE_AEAD 01218 byte aead_exp_IV[AEAD_EXP_IV_SZ]; 01219 byte aead_enc_imp_IV[AEAD_IMP_IV_SZ]; 01220 byte aead_dec_imp_IV[AEAD_IMP_IV_SZ]; 01221 #endif 01222 01223 word32 peer_sequence_number; 01224 word32 sequence_number; 01225 01226 #ifdef CYASSL_DTLS 01227 DtlsState dtls_state; /* Peer's state */ 01228 word16 dtls_peer_handshake_number; 01229 word16 dtls_expected_peer_handshake_number; 01230 01231 word16 dtls_epoch; /* Current tx epoch */ 01232 word32 dtls_sequence_number; /* Current tx sequence */ 01233 word16 dtls_handshake_number; /* Current tx handshake seq */ 01234 #endif 01235 01236 word32 encryptSz; /* last size of encrypted data */ 01237 word32 padSz; /* how much to advance after decrypt part */ 01238 byte encryptionOn; /* true after change cipher spec */ 01239 byte decryptedCur; /* only decrypt current record once */ 01240 } Keys; 01241 01242 01243 01244 /* RFC 6066 TLS Extensions */ 01245 #ifdef HAVE_TLS_EXTENSIONS 01246 01247 typedef enum { 01248 SERVER_NAME_INDICATION = 0x0000, 01249 MAX_FRAGMENT_LENGTH = 0x0001, 01250 TRUNCATED_HMAC = 0x0004, 01251 ELLIPTIC_CURVES = 0x000a, 01252 SESSION_TICKET = 0x0023, 01253 SECURE_RENEGOTIATION = 0xff01 01254 } TLSX_Type; 01255 01256 typedef struct TLSX { 01257 TLSX_Type type; /* Extension Type */ 01258 void* data; /* Extension Data */ 01259 byte resp; /* IsResponse Flag */ 01260 struct TLSX* next; /* List Behavior */ 01261 } TLSX; 01262 01263 CYASSL_LOCAL TLSX* TLSX_Find(TLSX* list, TLSX_Type type); 01264 CYASSL_LOCAL void TLSX_FreeAll(TLSX* list); 01265 CYASSL_LOCAL int TLSX_SupportExtensions(CYASSL* ssl); 01266 01267 #ifndef NO_CYASSL_CLIENT 01268 CYASSL_LOCAL word16 TLSX_GetRequestSize(CYASSL* ssl); 01269 CYASSL_LOCAL word16 TLSX_WriteRequest(CYASSL* ssl, byte* output); 01270 #endif 01271 01272 #ifndef NO_CYASSL_SERVER 01273 CYASSL_LOCAL word16 TLSX_GetResponseSize(CYASSL* ssl); 01274 CYASSL_LOCAL word16 TLSX_WriteResponse(CYASSL* ssl, byte* output); 01275 #endif 01276 01277 CYASSL_LOCAL int TLSX_Parse(CYASSL* ssl, byte* input, word16 length, 01278 byte isRequest, Suites *suites); 01279 01280 #elif defined(HAVE_SNI) \ 01281 || defined(HAVE_MAX_FRAGMENT) \ 01282 || defined(HAVE_TRUNCATED_HMAC) \ 01283 || defined(HAVE_SUPPORTED_CURVES) \ 01284 || defined(HAVE_SECURE_RENEGOTIATION) \ 01285 || defined(HAVE_SESSION_TICKET) 01286 01287 #error Using TLS extensions requires HAVE_TLS_EXTENSIONS to be defined. 01288 01289 #endif /* HAVE_TLS_EXTENSIONS */ 01290 01291 /* Server Name Indication */ 01292 #ifdef HAVE_SNI 01293 01294 typedef struct SNI { 01295 byte type; /* SNI Type */ 01296 union { char* host_name; } data; /* SNI Data */ 01297 struct SNI* next; /* List Behavior */ 01298 #ifndef NO_CYASSL_SERVER 01299 byte options; /* Behaviour options */ 01300 byte status; /* Matching result */ 01301 #endif 01302 } SNI; 01303 01304 CYASSL_LOCAL int TLSX_UseSNI(TLSX** extensions, byte type, const void* data, 01305 word16 size); 01306 01307 #ifndef NO_CYASSL_SERVER 01308 CYASSL_LOCAL void TLSX_SNI_SetOptions(TLSX* extensions, byte type, 01309 byte options); 01310 CYASSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type); 01311 CYASSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type, 01312 void** data); 01313 CYASSL_LOCAL int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, 01314 byte type, byte* sni, word32* inOutSz); 01315 #endif 01316 01317 #endif /* HAVE_SNI */ 01318 01319 /* Maximum Fragment Length */ 01320 #ifdef HAVE_MAX_FRAGMENT 01321 01322 CYASSL_LOCAL int TLSX_UseMaxFragment(TLSX** extensions, byte mfl); 01323 01324 #endif /* HAVE_MAX_FRAGMENT */ 01325 01326 #ifdef HAVE_TRUNCATED_HMAC 01327 01328 CYASSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions); 01329 01330 #endif /* HAVE_TRUNCATED_HMAC */ 01331 01332 #ifdef HAVE_SUPPORTED_CURVES 01333 01334 typedef struct EllipticCurve { 01335 word16 name; /* CurveNames */ 01336 struct EllipticCurve* next; /* List Behavior */ 01337 } EllipticCurve; 01338 01339 CYASSL_LOCAL int TLSX_UseSupportedCurve(TLSX** extensions, word16 name); 01340 01341 #ifndef NO_CYASSL_SERVER 01342 CYASSL_LOCAL int TLSX_ValidateEllipticCurves(CYASSL* ssl, byte first, 01343 byte second); 01344 #endif 01345 01346 #endif /* HAVE_SUPPORTED_CURVES */ 01347 01348 #ifdef HAVE_SECURE_RENEGOTIATION 01349 01350 enum key_cache_state { 01351 SCR_CACHE_NULL = 0, /* empty / begin state */ 01352 SCR_CACHE_NEEDED, /* need to cache keys */ 01353 SCR_CACHE_COPY, /* we have a cached copy */ 01354 SCR_CACHE_PARTIAL, /* partial restore to real keys */ 01355 SCR_CACHE_COMPLETE /* complete restore to real keys */ 01356 }; 01357 01358 01359 /* Additional Conection State according to rfc5746 section 3.1 */ 01360 typedef struct SecureRenegotiation { 01361 byte enabled; /* secure_renegotiation flag in rfc */ 01362 byte startScr; /* server requested client to start scr */ 01363 enum key_cache_state cache_status; /* track key cache state */ 01364 byte client_verify_data[TLS_FINISHED_SZ]; /* cached */ 01365 byte server_verify_data[TLS_FINISHED_SZ]; /* cached */ 01366 byte subject_hash[SHA_DIGEST_SIZE]; /* peer cert hash */ 01367 Keys tmp_keys; /* can't overwrite real keys yet */ 01368 } SecureRenegotiation; 01369 01370 CYASSL_LOCAL int TLSX_UseSecureRenegotiation(TLSX** extensions); 01371 01372 #endif /* HAVE_SECURE_RENEGOTIATION */ 01373 01374 #ifdef HAVE_SESSION_TICKET 01375 01376 typedef struct SessionTicket { 01377 word32 lifetime; 01378 byte* data; 01379 word16 size; 01380 } SessionTicket; 01381 01382 CYASSL_LOCAL int TLSX_UseSessionTicket(TLSX** extensions, 01383 SessionTicket* ticket); 01384 CYASSL_LOCAL SessionTicket* TLSX_SessionTicket_Create(word32 lifetime, 01385 byte* data, word16 size); 01386 CYASSL_LOCAL void TLSX_SessionTicket_Free(SessionTicket* ticket); 01387 #endif /* HAVE_SESSION_TICKET */ 01388 01389 /* CyaSSL context type */ 01390 struct CYASSL_CTX { 01391 CYASSL_METHOD* method; 01392 CyaSSL_Mutex countMutex; /* reference count mutex */ 01393 int refCount; /* reference count */ 01394 #ifndef NO_CERTS 01395 buffer certificate; 01396 buffer certChain; 01397 /* chain after self, in DER, with leading size for each cert */ 01398 buffer privateKey; 01399 buffer serverDH_P; 01400 buffer serverDH_G; 01401 CYASSL_CERT_MANAGER* cm; /* our cert manager, ctx owns SSL will use */ 01402 #endif 01403 Suites suites; 01404 void* heap; /* for user memory overrides */ 01405 byte verifyPeer; 01406 byte verifyNone; 01407 byte failNoCert; 01408 byte sessionCacheOff; 01409 byte sessionCacheFlushOff; 01410 byte sendVerify; /* for client side */ 01411 byte haveRSA; /* RSA available */ 01412 byte haveDH; /* server DH parms set by user */ 01413 byte haveNTRU; /* server private NTRU key loaded */ 01414 byte haveECDSAsig; /* server cert signed w/ ECDSA */ 01415 byte haveStaticECC; /* static server ECC private key */ 01416 byte partialWrite; /* only one msg per write call */ 01417 byte quietShutdown; /* don't send close notify */ 01418 byte groupMessages; /* group handshake messages before sending */ 01419 CallbackIORecv CBIORecv; 01420 CallbackIOSend CBIOSend; 01421 #ifdef CYASSL_DTLS 01422 CallbackGenCookie CBIOCookie; /* gen cookie callback */ 01423 #endif 01424 VerifyCallback verifyCallback; /* cert verification callback */ 01425 word32 timeout; /* session timeout */ 01426 #ifdef HAVE_ECC 01427 word16 eccTempKeySz; /* in octets 20 - 66 */ 01428 word32 pkCurveOID; /* curve Ecc_Sum */ 01429 #endif 01430 #ifndef NO_PSK 01431 byte havePSK; /* psk key set by user */ 01432 psk_client_callback client_psk_cb; /* client callback */ 01433 psk_server_callback server_psk_cb; /* server callback */ 01434 char server_hint[MAX_PSK_ID_LEN]; 01435 #endif /* NO_PSK */ 01436 #ifdef HAVE_ANON 01437 byte haveAnon; /* User wants to allow Anon suites */ 01438 #endif /* HAVE_ANON */ 01439 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 01440 pem_password_cb passwd_cb; 01441 void* userdata; 01442 #endif /* OPENSSL_EXTRA */ 01443 #ifdef HAVE_OCSP 01444 CYASSL_OCSP ocsp; 01445 #endif 01446 #ifdef HAVE_CAVIUM 01447 int devId; /* cavium device id to use */ 01448 #endif 01449 #ifdef HAVE_TLS_EXTENSIONS 01450 TLSX* extensions; /* RFC 6066 TLS Extensions data */ 01451 #endif 01452 #ifdef ATOMIC_USER 01453 CallbackMacEncrypt MacEncryptCb; /* Atomic User Mac/Encrypt Cb */ 01454 CallbackDecryptVerify DecryptVerifyCb; /* Atomic User Decrypt/Verify Cb */ 01455 #endif 01456 #ifdef HAVE_PK_CALLBACKS 01457 #ifdef HAVE_ECC 01458 CallbackEccSign EccSignCb; /* User EccSign Callback handler */ 01459 CallbackEccVerify EccVerifyCb; /* User EccVerify Callback handler */ 01460 #endif /* HAVE_ECC */ 01461 #ifndef NO_RSA 01462 CallbackRsaSign RsaSignCb; /* User RsaSign Callback handler */ 01463 CallbackRsaVerify RsaVerifyCb; /* User RsaVerify Callback handler */ 01464 CallbackRsaEnc RsaEncCb; /* User Rsa Public Encrypt handler */ 01465 CallbackRsaDec RsaDecCb; /* User Rsa Private Decrypt handler */ 01466 #endif /* NO_RSA */ 01467 #endif /* HAVE_PK_CALLBACKS */ 01468 }; 01469 01470 01471 CYASSL_LOCAL 01472 int InitSSL_Ctx(CYASSL_CTX*, CYASSL_METHOD*); 01473 CYASSL_LOCAL 01474 void FreeSSL_Ctx(CYASSL_CTX*); 01475 CYASSL_LOCAL 01476 void SSL_CtxResourceFree(CYASSL_CTX*); 01477 01478 CYASSL_LOCAL 01479 int DeriveTlsKeys(CYASSL* ssl); 01480 CYASSL_LOCAL 01481 int ProcessOldClientHello(CYASSL* ssl, const byte* input, word32* inOutIdx, 01482 word32 inSz, word16 sz); 01483 #ifndef NO_CERTS 01484 CYASSL_LOCAL 01485 int AddCA(CYASSL_CERT_MANAGER* ctx, buffer der, int type, int verify); 01486 CYASSL_LOCAL 01487 int AlreadySigner(CYASSL_CERT_MANAGER* cm, byte* hash); 01488 #endif 01489 01490 /* All cipher suite related info */ 01491 typedef struct CipherSpecs { 01492 byte bulk_cipher_algorithm; 01493 byte cipher_type; /* block, stream, or aead */ 01494 byte mac_algorithm; 01495 byte kea; /* key exchange algo */ 01496 byte sig_algo; 01497 byte hash_size; 01498 byte pad_size; 01499 byte static_ecdh; 01500 word16 key_size; 01501 word16 iv_size; 01502 word16 block_size; 01503 word16 aead_mac_size; 01504 } CipherSpecs; 01505 01506 01507 void InitCipherSpecs(CipherSpecs* cs); 01508 01509 01510 /* Supported Message Authentication Codes from page 43 */ 01511 enum MACAlgorithm { 01512 no_mac, 01513 md5_mac, 01514 sha_mac, 01515 sha224_mac, 01516 sha256_mac, /* needs to match external KDF_MacAlgorithm */ 01517 sha384_mac, 01518 sha512_mac, 01519 rmd_mac, 01520 blake2b_mac 01521 }; 01522 01523 01524 /* Supported Key Exchange Protocols */ 01525 enum KeyExchangeAlgorithm { 01526 no_kea, 01527 rsa_kea, 01528 diffie_hellman_kea, 01529 fortezza_kea, 01530 psk_kea, 01531 dhe_psk_kea, 01532 ntru_kea, 01533 ecc_diffie_hellman_kea, 01534 ecc_static_diffie_hellman_kea /* for verify suite only */ 01535 }; 01536 01537 01538 /* Supported Authentication Schemes */ 01539 enum SignatureAlgorithm { 01540 anonymous_sa_algo, 01541 rsa_sa_algo, 01542 dsa_sa_algo, 01543 ecc_dsa_sa_algo 01544 }; 01545 01546 01547 /* Supprted ECC Curve Types */ 01548 enum EccCurves { 01549 named_curve = 3 01550 }; 01551 01552 01553 /* Supprted ECC Named Curves */ 01554 enum EccNamedCurves { 01555 secp256r1 = 0x17, /* default, OpenSSL also calls it prime256v1 */ 01556 secp384r1 = 0x18, 01557 secp521r1 = 0x19, 01558 01559 secp160r1 = 0x10, 01560 secp192r1 = 0x13, /* Openssl also call it prime192v1 */ 01561 secp224r1 = 0x15 01562 }; 01563 01564 01565 /* Valid client certificate request types from page 27 */ 01566 enum ClientCertificateType { 01567 rsa_sign = 1, 01568 dss_sign = 2, 01569 rsa_fixed_dh = 3, 01570 dss_fixed_dh = 4, 01571 rsa_ephemeral_dh = 5, 01572 dss_ephemeral_dh = 6, 01573 fortezza_kea_cert = 20, 01574 ecdsa_sign = 64, 01575 rsa_fixed_ecdh = 65, 01576 ecdsa_fixed_ecdh = 66 01577 }; 01578 01579 01580 enum CipherType { stream, block, aead }; 01581 01582 01583 01584 01585 01586 01587 /* cipher for now */ 01588 typedef struct Ciphers { 01589 #ifdef BUILD_ARC4 01590 Arc4* arc4; 01591 #endif 01592 #ifdef BUILD_DES3 01593 Des3* des3; 01594 #endif 01595 #if defined(BUILD_AES) || defined(BUILD_AESGCM) 01596 Aes* aes; 01597 #endif 01598 #ifdef HAVE_CAMELLIA 01599 Camellia* cam; 01600 #endif 01601 #ifdef HAVE_CHACHA 01602 ChaCha* chacha; 01603 #endif 01604 #ifdef HAVE_HC128 01605 HC128* hc128; 01606 #endif 01607 #ifdef BUILD_RABBIT 01608 Rabbit* rabbit; 01609 #endif 01610 byte setup; /* have we set it up flag for detection */ 01611 } Ciphers; 01612 01613 01614 #ifdef HAVE_ONE_TIME_AUTH 01615 /* Ciphers for one time authentication such as poly1305 */ 01616 typedef struct OneTimeAuth { 01617 #ifdef HAVE_POLY1305 01618 Poly1305* poly1305; 01619 #endif 01620 byte setup; /* flag for if a cipher has been set */ 01621 01622 } OneTimeAuth; 01623 #endif 01624 01625 01626 CYASSL_LOCAL void InitCiphers(CYASSL* ssl); 01627 CYASSL_LOCAL void FreeCiphers(CYASSL* ssl); 01628 01629 01630 /* hashes type */ 01631 typedef struct Hashes { 01632 #ifndef NO_OLD_TLS 01633 byte md5[MD5_DIGEST_SIZE]; 01634 #endif 01635 byte sha[SHA_DIGEST_SIZE]; 01636 #ifndef NO_SHA256 01637 byte sha256[SHA256_DIGEST_SIZE]; 01638 #endif 01639 #ifdef CYASSL_SHA384 01640 byte sha384[SHA384_DIGEST_SIZE]; 01641 #endif 01642 } Hashes; 01643 01644 01645 /* Static x509 buffer */ 01646 typedef struct x509_buffer { 01647 int length; /* actual size */ 01648 byte buffer[MAX_X509_SIZE]; /* max static cert size */ 01649 } x509_buffer; 01650 01651 01652 /* CyaSSL X509_CHAIN, for no dynamic memory SESSION_CACHE */ 01653 struct CYASSL_X509_CHAIN { 01654 int count; /* total number in chain */ 01655 x509_buffer certs[MAX_CHAIN_DEPTH]; /* only allow max depth 4 for now */ 01656 }; 01657 01658 01659 /* CyaSSL session type */ 01660 struct CYASSL_SESSION { 01661 byte sessionID[ID_LEN]; /* id for protocol */ 01662 byte sessionIDSz; 01663 byte masterSecret[SECRET_LEN]; /* stored secret */ 01664 word32 bornOn; /* create time in seconds */ 01665 word32 timeout; /* timeout in seconds */ 01666 #ifdef SESSION_CERTS 01667 CYASSL_X509_CHAIN chain; /* peer cert chain, static */ 01668 ProtocolVersion version; /* which version was used */ 01669 byte cipherSuite0; /* first byte, normally 0 */ 01670 byte cipherSuite; /* 2nd byte, actual suite */ 01671 #endif 01672 #ifndef NO_CLIENT_CACHE 01673 byte serverID[SERVER_ID_LEN]; /* for easier client lookup */ 01674 word16 idLen; /* serverID length */ 01675 #endif 01676 #ifdef HAVE_SESSION_TICKET 01677 byte ticket[SESSION_TICKET_LEN]; 01678 word16 ticketLen; 01679 #endif 01680 }; 01681 01682 01683 CYASSL_LOCAL 01684 CYASSL_SESSION* GetSession(CYASSL*, byte*); 01685 CYASSL_LOCAL 01686 int SetSession(CYASSL*, CYASSL_SESSION*); 01687 01688 typedef int (*hmacfp) (CYASSL*, byte*, const byte*, word32, int, int); 01689 01690 #ifndef NO_CLIENT_CACHE 01691 CYASSL_SESSION* GetSessionClient(CYASSL*, const byte*, int); 01692 #endif 01693 01694 /* client connect state for nonblocking restart */ 01695 enum ConnectState { 01696 CONNECT_BEGIN = 0, 01697 CLIENT_HELLO_SENT, 01698 HELLO_AGAIN, /* HELLO_AGAIN s for DTLS case */ 01699 HELLO_AGAIN_REPLY, 01700 FIRST_REPLY_DONE, 01701 FIRST_REPLY_FIRST, 01702 FIRST_REPLY_SECOND, 01703 FIRST_REPLY_THIRD, 01704 FIRST_REPLY_FOURTH, 01705 FINISHED_DONE, 01706 SECOND_REPLY_DONE 01707 }; 01708 01709 01710 /* server accept state for nonblocking restart */ 01711 enum AcceptState { 01712 ACCEPT_BEGIN = 0, 01713 ACCEPT_CLIENT_HELLO_DONE, 01714 HELLO_VERIFY_SENT, 01715 ACCEPT_FIRST_REPLY_DONE, 01716 SERVER_HELLO_SENT, 01717 CERT_SENT, 01718 KEY_EXCHANGE_SENT, 01719 CERT_REQ_SENT, 01720 SERVER_HELLO_DONE, 01721 ACCEPT_SECOND_REPLY_DONE, 01722 CHANGE_CIPHER_SENT, 01723 ACCEPT_FINISHED_DONE, 01724 ACCEPT_THIRD_REPLY_DONE 01725 }; 01726 01727 01728 typedef struct Buffers { 01729 #ifndef NO_CERTS 01730 buffer certificate; /* CYASSL_CTX owns, unless we own */ 01731 buffer key; /* CYASSL_CTX owns, unless we own */ 01732 buffer certChain; /* CYASSL_CTX owns, unless we own */ 01733 /* chain after self, in DER, with leading size for each cert */ 01734 buffer serverDH_P; /* CYASSL_CTX owns, unless we own */ 01735 buffer serverDH_G; /* CYASSL_CTX owns, unless we own */ 01736 buffer serverDH_Pub; 01737 buffer serverDH_Priv; 01738 #endif 01739 buffer domainName; /* for client check */ 01740 bufferStatic inputBuffer; 01741 bufferStatic outputBuffer; 01742 buffer clearOutputBuffer; 01743 int prevSent; /* previous plain text bytes sent 01744 when got WANT_WRITE */ 01745 int plainSz; /* plain text bytes in buffer to send 01746 when got WANT_WRITE */ 01747 byte weOwnCert; /* SSL own cert flag */ 01748 byte weOwnCertChain; /* SSL own cert chain flag */ 01749 byte weOwnKey; /* SSL own key flag */ 01750 byte weOwnDH; /* SSL own dh (p,g) flag */ 01751 #ifdef CYASSL_DTLS 01752 CYASSL_DTLS_CTX dtlsCtx; /* DTLS connection context */ 01753 #endif 01754 #ifdef HAVE_PK_CALLBACKS 01755 #ifdef HAVE_ECC 01756 buffer peerEccDsaKey; /* we own for Ecc Verify Callbacks */ 01757 #endif /* HAVE_ECC */ 01758 #ifndef NO_RSA 01759 buffer peerRsaKey; /* we own for Rsa Verify Callbacks */ 01760 #endif /* NO_RSA */ 01761 #endif /* HAVE_PK_CALLBACKS */ 01762 } Buffers; 01763 01764 typedef struct Options { 01765 byte sessionCacheOff; 01766 byte sessionCacheFlushOff; 01767 byte cipherSuite0; /* first byte, normally 0 */ 01768 byte cipherSuite; /* second byte, actual suite */ 01769 byte serverState; 01770 byte clientState; 01771 byte handShakeState; 01772 byte handShakeDone; /* at least one handshake complete */ 01773 byte side; /* client or server end */ 01774 byte verifyPeer; 01775 byte verifyNone; 01776 byte failNoCert; 01777 byte downgrade; /* allow downgrade of versions */ 01778 byte minDowngrade; /* minimum downgrade version */ 01779 byte sendVerify; /* false = 0, true = 1, sendBlank = 2 */ 01780 byte resuming; 01781 byte haveSessionId; /* server may not send */ 01782 byte tls; /* using TLS ? */ 01783 byte tls1_1; /* using TLSv1.1+ ? */ 01784 byte dtls; /* using datagrams ? */ 01785 byte connReset; /* has the peer reset */ 01786 byte isClosed; /* if we consider conn closed */ 01787 byte closeNotify; /* we've recieved a close notify */ 01788 byte sentNotify; /* we've sent a close notify */ 01789 byte connectState; /* nonblocking resume */ 01790 byte acceptState; /* nonblocking resume */ 01791 byte usingCompression; /* are we using compression */ 01792 byte haveRSA; /* RSA available */ 01793 byte haveDH; /* server DH parms set by user */ 01794 byte haveNTRU; /* server NTRU private key loaded */ 01795 byte haveECDSAsig; /* server ECDSA signed cert */ 01796 byte haveStaticECC; /* static server ECC private key */ 01797 byte havePeerCert; /* do we have peer's cert */ 01798 byte havePeerVerify; /* and peer's cert verify */ 01799 byte usingPSK_cipher; /* whether we're using psk as cipher */ 01800 byte usingAnon_cipher; /* whether we're using an anon cipher */ 01801 byte sendAlertState; /* nonblocking resume */ 01802 byte processReply; /* nonblocking resume */ 01803 byte partialWrite; /* only one msg per write call */ 01804 byte quietShutdown; /* don't send close notify */ 01805 byte certOnly; /* stop once we get cert */ 01806 byte groupMessages; /* group handshake messages */ 01807 byte usingNonblock; /* set when using nonblocking socket */ 01808 byte saveArrays; /* save array Memory for user get keys 01809 or psk */ 01810 #ifdef HAVE_POLY1305 01811 byte oldPoly; /* set when to use old rfc way of poly*/ 01812 #endif 01813 #ifndef NO_PSK 01814 byte havePSK; /* psk key set by user */ 01815 psk_client_callback client_psk_cb; 01816 psk_server_callback server_psk_cb; 01817 #endif /* NO_PSK */ 01818 #ifdef HAVE_ANON 01819 byte haveAnon; /* User wants to allow Anon suites */ 01820 #endif /* HAVE_ANON */ 01821 } Options; 01822 01823 typedef struct Arrays { 01824 byte clientRandom[RAN_LEN]; 01825 byte serverRandom[RAN_LEN]; 01826 byte sessionID[ID_LEN]; 01827 byte sessionIDSz; 01828 byte preMasterSecret[ENCRYPT_LEN]; 01829 byte masterSecret[SECRET_LEN]; 01830 #ifdef CYASSL_DTLS 01831 byte cookie[MAX_COOKIE_LEN]; 01832 byte cookieSz; 01833 #endif 01834 #ifndef NO_PSK 01835 char client_identity[MAX_PSK_ID_LEN]; 01836 char server_hint[MAX_PSK_ID_LEN]; 01837 byte psk_key[MAX_PSK_KEY_LEN]; 01838 word32 psk_keySz; /* acutal size */ 01839 #endif 01840 word32 preMasterSz; /* differs for DH, actual size */ 01841 } Arrays; 01842 01843 #ifndef ASN_NAME_MAX 01844 #define ASN_NAME_MAX 256 01845 #endif 01846 01847 #ifndef MAX_DATE_SZ 01848 #define MAX_DATE_SZ 32 01849 #endif 01850 01851 struct CYASSL_X509_NAME { 01852 char *name; 01853 char staticName[ASN_NAME_MAX]; 01854 int dynamicName; 01855 int sz; 01856 #ifdef OPENSSL_EXTRA 01857 DecodedName fullName; 01858 #endif /* OPENSSL_EXTRA */ 01859 }; 01860 01861 #ifndef EXTERNAL_SERIAL_SIZE 01862 #define EXTERNAL_SERIAL_SIZE 32 01863 #endif 01864 01865 #ifdef NO_ASN 01866 typedef struct DNS_entry DNS_entry; 01867 #endif 01868 01869 struct CYASSL_X509 { 01870 int version; 01871 CYASSL_X509_NAME issuer; 01872 CYASSL_X509_NAME subject; 01873 int serialSz; 01874 byte serial[EXTERNAL_SERIAL_SIZE]; 01875 char subjectCN[ASN_NAME_MAX]; /* common name short cut */ 01876 #ifdef CYASSL_SEP 01877 int deviceTypeSz; 01878 byte deviceType[EXTERNAL_SERIAL_SIZE]; 01879 int hwTypeSz; 01880 byte hwType[EXTERNAL_SERIAL_SIZE]; 01881 int hwSerialNumSz; 01882 byte hwSerialNum[EXTERNAL_SERIAL_SIZE]; 01883 #ifdef OPENSSL_EXTRA 01884 byte certPolicySet; 01885 byte certPolicyCrit; 01886 #endif /* OPENSSL_EXTRA */ 01887 #endif 01888 int notBeforeSz; 01889 byte notBefore[MAX_DATE_SZ]; 01890 int notAfterSz; 01891 byte notAfter[MAX_DATE_SZ]; 01892 int sigOID; 01893 buffer sig; 01894 int pubKeyOID; 01895 buffer pubKey; 01896 #ifdef HAVE_ECC 01897 word32 pkCurveOID; 01898 #endif /* HAVE_ECC */ 01899 buffer derCert; /* may need */ 01900 DNS_entry* altNames; /* alt names list */ 01901 DNS_entry* altNamesNext; /* hint for retrieval */ 01902 byte dynamicMemory; /* dynamic memory flag */ 01903 byte isCa; 01904 #ifdef OPENSSL_EXTRA 01905 word32 pathLength; 01906 word16 keyUsage; 01907 byte basicConstSet; 01908 byte basicConstCrit; 01909 byte basicConstPlSet; 01910 byte subjAltNameSet; 01911 byte subjAltNameCrit; 01912 byte authKeyIdSet; 01913 byte authKeyIdCrit; 01914 byte* authKeyId; 01915 word32 authKeyIdSz; 01916 byte subjKeyIdSet; 01917 byte subjKeyIdCrit; 01918 byte* subjKeyId; 01919 word32 subjKeyIdSz; 01920 byte keyUsageSet; 01921 byte keyUsageCrit; 01922 #endif /* OPENSSL_EXTRA */ 01923 }; 01924 01925 01926 /* record layer header for PlainText, Compressed, and CipherText */ 01927 typedef struct RecordLayerHeader { 01928 byte type; 01929 byte pvMajor; 01930 byte pvMinor; 01931 byte length[2]; 01932 } RecordLayerHeader; 01933 01934 01935 /* record layer header for DTLS PlainText, Compressed, and CipherText */ 01936 typedef struct DtlsRecordLayerHeader { 01937 byte type; 01938 byte pvMajor; 01939 byte pvMinor; 01940 byte epoch[2]; /* increment on cipher state change */ 01941 byte sequence_number[6]; /* per record */ 01942 byte length[2]; 01943 } DtlsRecordLayerHeader; 01944 01945 01946 typedef struct DtlsPool { 01947 buffer buf[DTLS_POOL_SZ]; 01948 int used; 01949 } DtlsPool; 01950 01951 typedef struct DtlsMsg { 01952 struct DtlsMsg* next; 01953 word32 seq; /* Handshake sequence number */ 01954 word32 sz; /* Length of whole mesage */ 01955 word32 fragSz; /* Length of fragments received */ 01956 byte type; 01957 byte* buf; 01958 byte* msg; 01959 } DtlsMsg; 01960 01961 01962 #ifdef HAVE_NETX 01963 01964 /* NETX I/O Callback default */ 01965 typedef struct NetX_Ctx { 01966 NX_TCP_SOCKET* nxSocket; /* send/recv socket handle */ 01967 NX_PACKET* nxPacket; /* incoming packet handle for short reads */ 01968 ULONG nxOffset; /* offset already read from nxPacket */ 01969 ULONG nxWait; /* wait option flag */ 01970 } NetX_Ctx; 01971 01972 #endif 01973 01974 01975 /* Handshake messages recevied from peer (plus change cipher */ 01976 typedef struct MsgsReceived { 01977 word16 got_hello_request:1; 01978 word16 got_client_hello:1; 01979 word16 got_server_hello:1; 01980 word16 got_hello_verify_request:1; 01981 word16 got_session_ticket:1; 01982 word16 got_certificate:1; 01983 word16 got_server_key_exchange:1; 01984 word16 got_certificate_request:1; 01985 word16 got_server_hello_done:1; 01986 word16 got_certificate_verify:1; 01987 word16 got_client_key_exchange:1; 01988 word16 got_finished:1; 01989 word16 got_change_cipher:1; 01990 } MsgsReceived; 01991 01992 01993 /* CyaSSL ssl type */ 01994 struct CYASSL { 01995 CYASSL_CTX* ctx; 01996 int error; 01997 ProtocolVersion version; /* negotiated version */ 01998 ProtocolVersion chVersion; /* client hello version */ 01999 Suites* suites; /* only need during handshake */ 02000 Ciphers encrypt; 02001 Ciphers decrypt; 02002 #ifdef HAVE_ONE_TIME_AUTH 02003 OneTimeAuth auth; 02004 #endif 02005 CipherSpecs specs; 02006 Keys keys; 02007 MsgsReceived msgsReceived; /* peer messages received */ 02008 int rfd; /* read file descriptor */ 02009 int wfd; /* write file descriptor */ 02010 int rflags; /* user read flags */ 02011 int wflags; /* user write flags */ 02012 CYASSL_BIO* biord; /* socket bio read to free/close */ 02013 CYASSL_BIO* biowr; /* socket bio write to free/close */ 02014 void* IOCB_ReadCtx; 02015 void* IOCB_WriteCtx; 02016 RNG* rng; 02017 #ifndef NO_OLD_TLS 02018 #ifndef NO_SHA 02019 Sha hashSha; /* sha hash of handshake msgs */ 02020 #endif 02021 #ifndef NO_MD5 02022 Md5 hashMd5; /* md5 hash of handshake msgs */ 02023 #endif 02024 #endif 02025 #ifndef NO_SHA256 02026 Sha256 hashSha256; /* sha256 hash of handshake msgs */ 02027 #endif 02028 #ifdef CYASSL_SHA384 02029 Sha384 hashSha384; /* sha384 hash of handshake msgs */ 02030 #endif 02031 Hashes verifyHashes; 02032 Hashes certHashes; /* for cert verify */ 02033 Buffers buffers; 02034 Options options; 02035 Arrays* arrays; 02036 CYASSL_SESSION session; 02037 VerifyCallback verifyCallback; /* cert verification callback */ 02038 void* verifyCbCtx; /* cert verify callback user ctx*/ 02039 #ifndef NO_RSA 02040 RsaKey* peerRsaKey; 02041 byte peerRsaKeyPresent; 02042 #endif 02043 #ifdef HAVE_NTRU 02044 word16 peerNtruKeyLen; 02045 byte peerNtruKey[MAX_NTRU_PUB_KEY_SZ]; 02046 byte peerNtruKeyPresent; 02047 #endif 02048 #ifdef HAVE_ECC 02049 ecc_key* peerEccKey; /* peer's ECDHE key */ 02050 ecc_key* peerEccDsaKey; /* peer's ECDSA key */ 02051 ecc_key* eccTempKey; /* private ECDHE key */ 02052 ecc_key* eccDsaKey; /* private ECDSA key */ 02053 word16 eccTempKeySz; /* in octets 20 - 66 */ 02054 word32 pkCurveOID; /* curve Ecc_Sum */ 02055 byte peerEccKeyPresent; 02056 byte peerEccDsaKeyPresent; 02057 byte eccTempKeyPresent; 02058 byte eccDsaKeyPresent; 02059 #endif 02060 hmacfp hmac; 02061 void* heap; /* for user overrides */ 02062 RecordLayerHeader curRL; 02063 word16 curSize; 02064 word32 timeout; /* session timeout */ 02065 CYASSL_CIPHER cipher; 02066 #ifdef HAVE_LIBZ 02067 z_stream c_stream; /* compression stream */ 02068 z_stream d_stream; /* decompression stream */ 02069 byte didStreamInit; /* for stream init and end */ 02070 #endif 02071 #ifdef CYASSL_DTLS 02072 int dtls_timeout_init; /* starting timeout vaule */ 02073 int dtls_timeout_max; /* maximum timeout value */ 02074 int dtls_timeout; /* current timeout value, changes */ 02075 DtlsPool* dtls_pool; 02076 DtlsMsg* dtls_msg_list; 02077 void* IOCB_CookieCtx; /* gen cookie ctx */ 02078 word32 dtls_expected_rx; 02079 #endif 02080 #ifdef CYASSL_CALLBACKS 02081 HandShakeInfo handShakeInfo; /* info saved during handshake */ 02082 TimeoutInfo timeoutInfo; /* info saved during handshake */ 02083 byte hsInfoOn; /* track handshake info */ 02084 byte toInfoOn; /* track timeout info */ 02085 #endif 02086 #ifdef HAVE_FUZZER 02087 CallbackFuzzer fuzzerCb; /* for testing with using fuzzer */ 02088 void* fuzzerCtx; /* user defined pointer */ 02089 #endif 02090 #ifdef KEEP_PEER_CERT 02091 CYASSL_X509 peerCert; /* X509 peer cert */ 02092 #endif 02093 #ifdef FORTRESS 02094 void* ex_data[MAX_EX_DATA]; /* external data, for Fortress */ 02095 #endif 02096 #ifdef HAVE_CAVIUM 02097 int devId; /* cavium device id to use */ 02098 #endif 02099 #ifdef HAVE_TLS_EXTENSIONS 02100 TLSX* extensions; /* RFC 6066 TLS Extensions data */ 02101 #ifdef HAVE_MAX_FRAGMENT 02102 word16 max_fragment; 02103 #endif 02104 #ifdef HAVE_TRUNCATED_HMAC 02105 byte truncated_hmac; 02106 #endif 02107 #ifdef HAVE_SECURE_RENEGOTIATION 02108 SecureRenegotiation* secure_renegotiation; /* valid pointer indicates */ 02109 #endif /* user turned on */ 02110 #if !defined(NO_CYASSL_CLIENT) && defined(HAVE_SESSION_TICKET) 02111 CallbackSessionTicket session_ticket_cb; 02112 void* session_ticket_ctx; 02113 byte expect_session_ticket; 02114 #endif 02115 #endif /* HAVE_TLS_EXTENSIONS */ 02116 #ifdef HAVE_NETX 02117 NetX_Ctx nxCtx; /* NetX IO Context */ 02118 #endif 02119 #ifdef SESSION_INDEX 02120 int sessionIndex; /* Session's location in the cache. */ 02121 #endif 02122 CYASSL_ALERT_HISTORY alert_history; 02123 #ifdef ATOMIC_USER 02124 void* MacEncryptCtx; /* Atomic User Mac/Encrypt Callback Context */ 02125 void* DecryptVerifyCtx; /* Atomic User Decrypt/Verify Callback Context */ 02126 #endif 02127 #ifdef HAVE_PK_CALLBACKS 02128 #ifdef HAVE_ECC 02129 void* EccSignCtx; /* Ecc Sign Callback Context */ 02130 void* EccVerifyCtx; /* Ecc Verify Callback Context */ 02131 #endif /* HAVE_ECC */ 02132 #ifndef NO_RSA 02133 void* RsaSignCtx; /* Rsa Sign Callback Context */ 02134 void* RsaVerifyCtx; /* Rsa Verify Callback Context */ 02135 void* RsaEncCtx; /* Rsa Public Encrypt Callback Context */ 02136 void* RsaDecCtx; /* Rsa Private Decrypt Callback Context */ 02137 #endif /* NO_RSA */ 02138 #endif /* HAVE_PK_CALLBACKS */ 02139 #ifdef HAVE_SECRET_CALLBACK 02140 SessionSecretCb sessionSecretCb; 02141 void* sessionSecretCtx; 02142 #endif /* HAVE_SECRET_CALLBACK */ 02143 }; 02144 02145 02146 CYASSL_LOCAL 02147 int InitSSL(CYASSL*, CYASSL_CTX*); 02148 CYASSL_LOCAL 02149 void FreeSSL(CYASSL*); 02150 CYASSL_API void SSL_ResourceFree(CYASSL*); /* Micrium uses */ 02151 02152 02153 enum { 02154 IV_SZ = 32, /* max iv sz */ 02155 NAME_SZ = 80 /* max one line */ 02156 }; 02157 02158 02159 typedef struct EncryptedInfo { 02160 char name[NAME_SZ]; /* encryption name */ 02161 byte iv[IV_SZ]; /* encrypted IV */ 02162 word32 ivSz; /* encrypted IV size */ 02163 long consumed; /* tracks PEM bytes consumed */ 02164 byte set; /* if encryption set */ 02165 CYASSL_CTX* ctx; /* CTX owner */ 02166 } EncryptedInfo; 02167 02168 02169 #ifndef NO_CERTS 02170 CYASSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type, 02171 buffer* der, void* heap, EncryptedInfo* info, 02172 int* eccKey); 02173 02174 CYASSL_LOCAL int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, 02175 int type, CYASSL* ssl, int userChain, 02176 CYASSL_CRL* crl); 02177 #endif 02178 02179 02180 #ifdef CYASSL_CALLBACKS 02181 CYASSL_LOCAL 02182 void InitHandShakeInfo(HandShakeInfo*); 02183 CYASSL_LOCAL 02184 void FinishHandShakeInfo(HandShakeInfo*, const CYASSL*); 02185 CYASSL_LOCAL 02186 void AddPacketName(const char*, HandShakeInfo*); 02187 02188 CYASSL_LOCAL 02189 void InitTimeoutInfo(TimeoutInfo*); 02190 CYASSL_LOCAL 02191 void FreeTimeoutInfo(TimeoutInfo*, void*); 02192 CYASSL_LOCAL 02193 void AddPacketInfo(const char*, TimeoutInfo*, const byte*, int, void*); 02194 CYASSL_LOCAL 02195 void AddLateName(const char*, TimeoutInfo*); 02196 CYASSL_LOCAL 02197 void AddLateRecordHeader(const RecordLayerHeader* rl, TimeoutInfo* info); 02198 #endif 02199 02200 02201 /* Record Layer Header identifier from page 12 */ 02202 enum ContentType { 02203 no_type = 0, 02204 change_cipher_spec = 20, 02205 alert = 21, 02206 handshake = 22, 02207 application_data = 23 02208 }; 02209 02210 02211 /* handshake header, same for each message type, pgs 20/21 */ 02212 typedef struct HandShakeHeader { 02213 byte type; 02214 word24 length; 02215 } HandShakeHeader; 02216 02217 02218 /* DTLS handshake header, same for each message type */ 02219 typedef struct DtlsHandShakeHeader { 02220 byte type; 02221 word24 length; 02222 byte message_seq[2]; /* start at 0, restransmit gets same # */ 02223 word24 fragment_offset; /* bytes in previous fragments */ 02224 word24 fragment_length; /* length of this fragment */ 02225 } DtlsHandShakeHeader; 02226 02227 02228 enum HandShakeType { 02229 no_shake = -1, 02230 hello_request = 0, 02231 client_hello = 1, 02232 server_hello = 2, 02233 hello_verify_request = 3, /* DTLS addition */ 02234 session_ticket = 4, 02235 certificate = 11, 02236 server_key_exchange = 12, 02237 certificate_request = 13, 02238 server_hello_done = 14, 02239 certificate_verify = 15, 02240 client_key_exchange = 16, 02241 finished = 20, 02242 change_cipher_hs = 55 /* simulate unique handshake type for sanity 02243 checks. record layer change_cipher 02244 conflicts with handshake finished */ 02245 }; 02246 02247 02248 static const byte client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 }; 02249 static const byte server[SIZEOF_SENDER] = { 0x53, 0x52, 0x56, 0x52 }; 02250 02251 static const byte tls_client[FINISHED_LABEL_SZ + 1] = "client finished"; 02252 static const byte tls_server[FINISHED_LABEL_SZ + 1] = "server finished"; 02253 02254 02255 /* internal functions */ 02256 CYASSL_LOCAL int SendChangeCipher(CYASSL*); 02257 CYASSL_LOCAL int SendData(CYASSL*, const void*, int); 02258 CYASSL_LOCAL int SendCertificate(CYASSL*); 02259 CYASSL_LOCAL int SendCertificateRequest(CYASSL*); 02260 CYASSL_LOCAL int SendServerKeyExchange(CYASSL*); 02261 CYASSL_LOCAL int SendBuffered(CYASSL*); 02262 CYASSL_LOCAL int ReceiveData(CYASSL*, byte*, int, int); 02263 CYASSL_LOCAL int SendFinished(CYASSL*); 02264 CYASSL_LOCAL int SendAlert(CYASSL*, int, int); 02265 CYASSL_LOCAL int ProcessReply(CYASSL*); 02266 02267 CYASSL_LOCAL int SetCipherSpecs(CYASSL*); 02268 CYASSL_LOCAL int MakeMasterSecret(CYASSL*); 02269 02270 CYASSL_LOCAL int AddSession(CYASSL*); 02271 CYASSL_LOCAL int DeriveKeys(CYASSL* ssl); 02272 CYASSL_LOCAL int StoreKeys(CYASSL* ssl, const byte* keyData); 02273 02274 CYASSL_LOCAL int IsTLS(const CYASSL* ssl); 02275 CYASSL_LOCAL int IsAtLeastTLSv1_2(const CYASSL* ssl); 02276 02277 CYASSL_LOCAL void FreeHandshakeResources(CYASSL* ssl); 02278 CYASSL_LOCAL void ShrinkInputBuffer(CYASSL* ssl, int forcedFree); 02279 CYASSL_LOCAL void ShrinkOutputBuffer(CYASSL* ssl); 02280 02281 CYASSL_LOCAL int VerifyClientSuite(CYASSL* ssl); 02282 #ifndef NO_CERTS 02283 CYASSL_LOCAL Signer* GetCA(void* cm, byte* hash); 02284 #ifndef NO_SKID 02285 CYASSL_LOCAL Signer* GetCAByName(void* cm, byte* hash); 02286 #endif 02287 #endif 02288 CYASSL_LOCAL int BuildTlsFinished(CYASSL* ssl, Hashes* hashes, 02289 const byte* sender); 02290 CYASSL_LOCAL void FreeArrays(CYASSL* ssl, int keep); 02291 CYASSL_LOCAL int CheckAvailableSize(CYASSL *ssl, int size); 02292 CYASSL_LOCAL int GrowInputBuffer(CYASSL* ssl, int size, int usedLength); 02293 02294 #ifndef NO_TLS 02295 CYASSL_LOCAL int MakeTlsMasterSecret(CYASSL*); 02296 CYASSL_LOCAL int TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, 02297 word32 sz, int content, int verify); 02298 #endif 02299 02300 #ifndef NO_CYASSL_CLIENT 02301 CYASSL_LOCAL int SendClientHello(CYASSL*); 02302 CYASSL_LOCAL int SendClientKeyExchange(CYASSL*); 02303 CYASSL_LOCAL int SendCertificateVerify(CYASSL*); 02304 #endif /* NO_CYASSL_CLIENT */ 02305 02306 #ifndef NO_CYASSL_SERVER 02307 CYASSL_LOCAL int SendServerHello(CYASSL*); 02308 CYASSL_LOCAL int SendServerHelloDone(CYASSL*); 02309 #ifdef CYASSL_DTLS 02310 CYASSL_LOCAL int SendHelloVerifyRequest(CYASSL*); 02311 #endif 02312 #endif /* NO_CYASSL_SERVER */ 02313 02314 #ifdef CYASSL_DTLS 02315 CYASSL_LOCAL int DtlsPoolInit(CYASSL*); 02316 CYASSL_LOCAL int DtlsPoolSave(CYASSL*, const byte*, int); 02317 CYASSL_LOCAL int DtlsPoolTimeout(CYASSL*); 02318 CYASSL_LOCAL int DtlsPoolSend(CYASSL*); 02319 CYASSL_LOCAL void DtlsPoolReset(CYASSL*); 02320 02321 CYASSL_LOCAL DtlsMsg* DtlsMsgNew(word32, void*); 02322 CYASSL_LOCAL void DtlsMsgDelete(DtlsMsg*, void*); 02323 CYASSL_LOCAL void DtlsMsgListDelete(DtlsMsg*, void*); 02324 CYASSL_LOCAL void DtlsMsgSet(DtlsMsg*, word32, const byte*, byte, 02325 word32, word32); 02326 CYASSL_LOCAL DtlsMsg* DtlsMsgFind(DtlsMsg*, word32); 02327 CYASSL_LOCAL DtlsMsg* DtlsMsgStore(DtlsMsg*, word32, const byte*, word32, 02328 byte, word32, word32, void*); 02329 CYASSL_LOCAL DtlsMsg* DtlsMsgInsert(DtlsMsg*, DtlsMsg*); 02330 #endif /* CYASSL_DTLS */ 02331 02332 #ifndef NO_TLS 02333 02334 02335 #endif /* NO_TLS */ 02336 02337 02338 CYASSL_LOCAL word32 LowResTimer(void); 02339 02340 CYASSL_LOCAL void InitX509Name(CYASSL_X509_NAME*, int); 02341 CYASSL_LOCAL void FreeX509Name(CYASSL_X509_NAME* name); 02342 CYASSL_LOCAL void InitX509(CYASSL_X509*, int); 02343 CYASSL_LOCAL void FreeX509(CYASSL_X509*); 02344 #ifndef NO_CERTS 02345 CYASSL_LOCAL int CopyDecodedToX509(CYASSL_X509*, DecodedCert*); 02346 #endif 02347 02348 /* used by ssl.c and cyassl_int.c */ 02349 CYASSL_LOCAL void c32to24(word32 in, word24 out); 02350 02351 CYASSL_LOCAL const char* const* GetCipherNames(void); 02352 CYASSL_LOCAL int GetCipherNamesSize(void); 02353 02354 02355 enum encrypt_side { 02356 ENCRYPT_SIDE_ONLY = 1, 02357 DECRYPT_SIDE_ONLY, 02358 ENCRYPT_AND_DECRYPT_SIDE 02359 }; 02360 02361 CYASSL_LOCAL int SetKeysSide(CYASSL*, enum encrypt_side); 02362 02363 02364 #ifdef __cplusplus 02365 } /* extern "C" */ 02366 #endif 02367 02368 #endif /* CyaSSL_INT_H */ 02369
Generated on Wed Jul 13 2022 02:33:56 by
1.7.2