mbed TLS library
Dependents: HTTPClient-SSL WS_SERVER
include/polarssl/ssl.h@0:137634ff4186, 2015-06-11 (annotated)
- Committer:
- ansond
- Date:
- Thu Jun 11 03:27:03 2015 +0000
- Revision:
- 0:137634ff4186
initial commit
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
ansond | 0:137634ff4186 | 1 | /** |
ansond | 0:137634ff4186 | 2 | * \file ssl.h |
ansond | 0:137634ff4186 | 3 | * |
ansond | 0:137634ff4186 | 4 | * \brief SSL/TLS functions. |
ansond | 0:137634ff4186 | 5 | * |
ansond | 0:137634ff4186 | 6 | * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved |
ansond | 0:137634ff4186 | 7 | * |
ansond | 0:137634ff4186 | 8 | * This file is part of mbed TLS (https://tls.mbed.org) |
ansond | 0:137634ff4186 | 9 | * |
ansond | 0:137634ff4186 | 10 | * This program is free software; you can redistribute it and/or modify |
ansond | 0:137634ff4186 | 11 | * it under the terms of the GNU General Public License as published by |
ansond | 0:137634ff4186 | 12 | * the Free Software Foundation; either version 2 of the License, or |
ansond | 0:137634ff4186 | 13 | * (at your option) any later version. |
ansond | 0:137634ff4186 | 14 | * |
ansond | 0:137634ff4186 | 15 | * This program is distributed in the hope that it will be useful, |
ansond | 0:137634ff4186 | 16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
ansond | 0:137634ff4186 | 17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
ansond | 0:137634ff4186 | 18 | * GNU General Public License for more details. |
ansond | 0:137634ff4186 | 19 | * |
ansond | 0:137634ff4186 | 20 | * You should have received a copy of the GNU General Public License along |
ansond | 0:137634ff4186 | 21 | * with this program; if not, write to the Free Software Foundation, Inc., |
ansond | 0:137634ff4186 | 22 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
ansond | 0:137634ff4186 | 23 | */ |
ansond | 0:137634ff4186 | 24 | #ifndef POLARSSL_SSL_H |
ansond | 0:137634ff4186 | 25 | #define POLARSSL_SSL_H |
ansond | 0:137634ff4186 | 26 | |
ansond | 0:137634ff4186 | 27 | #if !defined(POLARSSL_CONFIG_FILE) |
ansond | 0:137634ff4186 | 28 | #include "config.h" |
ansond | 0:137634ff4186 | 29 | #else |
ansond | 0:137634ff4186 | 30 | #include POLARSSL_CONFIG_FILE |
ansond | 0:137634ff4186 | 31 | #endif |
ansond | 0:137634ff4186 | 32 | |
ansond | 0:137634ff4186 | 33 | /* Temporary compatibility trick for the current stable branch */ |
ansond | 0:137634ff4186 | 34 | #if !defined(POLARSSL_SSL_DISABLE_RENEGOTIATION) |
ansond | 0:137634ff4186 | 35 | #define POLARSSL_SSL_RENEGOTIATION |
ansond | 0:137634ff4186 | 36 | #endif |
ansond | 0:137634ff4186 | 37 | |
ansond | 0:137634ff4186 | 38 | #include "net.h" |
ansond | 0:137634ff4186 | 39 | #include "bignum.h" |
ansond | 0:137634ff4186 | 40 | #include "ecp.h" |
ansond | 0:137634ff4186 | 41 | |
ansond | 0:137634ff4186 | 42 | #include "ssl_ciphersuites.h" |
ansond | 0:137634ff4186 | 43 | |
ansond | 0:137634ff4186 | 44 | #if defined(POLARSSL_MD5_C) |
ansond | 0:137634ff4186 | 45 | #include "md5.h" |
ansond | 0:137634ff4186 | 46 | #endif |
ansond | 0:137634ff4186 | 47 | |
ansond | 0:137634ff4186 | 48 | #if defined(POLARSSL_SHA1_C) |
ansond | 0:137634ff4186 | 49 | #include "sha1.h" |
ansond | 0:137634ff4186 | 50 | #endif |
ansond | 0:137634ff4186 | 51 | |
ansond | 0:137634ff4186 | 52 | #if defined(POLARSSL_SHA256_C) |
ansond | 0:137634ff4186 | 53 | #include "sha256.h" |
ansond | 0:137634ff4186 | 54 | #endif |
ansond | 0:137634ff4186 | 55 | |
ansond | 0:137634ff4186 | 56 | #if defined(POLARSSL_SHA512_C) |
ansond | 0:137634ff4186 | 57 | #include "sha512.h" |
ansond | 0:137634ff4186 | 58 | #endif |
ansond | 0:137634ff4186 | 59 | |
ansond | 0:137634ff4186 | 60 | // for session tickets |
ansond | 0:137634ff4186 | 61 | #if defined(POLARSSL_AES_C) |
ansond | 0:137634ff4186 | 62 | #include "aes.h" |
ansond | 0:137634ff4186 | 63 | #endif |
ansond | 0:137634ff4186 | 64 | |
ansond | 0:137634ff4186 | 65 | #if defined(POLARSSL_X509_CRT_PARSE_C) |
ansond | 0:137634ff4186 | 66 | #include "x509_crt.h" |
ansond | 0:137634ff4186 | 67 | #include "x509_crl.h" |
ansond | 0:137634ff4186 | 68 | #endif |
ansond | 0:137634ff4186 | 69 | |
ansond | 0:137634ff4186 | 70 | #if defined(POLARSSL_DHM_C) |
ansond | 0:137634ff4186 | 71 | #include "dhm.h" |
ansond | 0:137634ff4186 | 72 | #endif |
ansond | 0:137634ff4186 | 73 | |
ansond | 0:137634ff4186 | 74 | #if defined(POLARSSL_ECDH_C) |
ansond | 0:137634ff4186 | 75 | #include "ecdh.h" |
ansond | 0:137634ff4186 | 76 | #endif |
ansond | 0:137634ff4186 | 77 | |
ansond | 0:137634ff4186 | 78 | #if defined(POLARSSL_ZLIB_SUPPORT) |
ansond | 0:137634ff4186 | 79 | #include "zlib.h" |
ansond | 0:137634ff4186 | 80 | #endif |
ansond | 0:137634ff4186 | 81 | |
ansond | 0:137634ff4186 | 82 | #if defined(POLARSSL_HAVE_TIME) |
ansond | 0:137634ff4186 | 83 | #include <time.h> |
ansond | 0:137634ff4186 | 84 | #endif |
ansond | 0:137634ff4186 | 85 | |
ansond | 0:137634ff4186 | 86 | /* For convenience below and in programs */ |
ansond | 0:137634ff4186 | 87 | #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ |
ansond | 0:137634ff4186 | 88 | defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ |
ansond | 0:137634ff4186 | 89 | defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ |
ansond | 0:137634ff4186 | 90 | defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) |
ansond | 0:137634ff4186 | 91 | #define POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED |
ansond | 0:137634ff4186 | 92 | #endif |
ansond | 0:137634ff4186 | 93 | |
ansond | 0:137634ff4186 | 94 | #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ |
ansond | 0:137634ff4186 | 95 | defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ |
ansond | 0:137634ff4186 | 96 | defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) |
ansond | 0:137634ff4186 | 97 | #define POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED |
ansond | 0:137634ff4186 | 98 | #endif |
ansond | 0:137634ff4186 | 99 | |
ansond | 0:137634ff4186 | 100 | #if defined(_MSC_VER) && !defined(inline) |
ansond | 0:137634ff4186 | 101 | #define inline _inline |
ansond | 0:137634ff4186 | 102 | #else |
ansond | 0:137634ff4186 | 103 | #if defined(__ARMCC_VERSION) && !defined(inline) |
ansond | 0:137634ff4186 | 104 | #define inline __inline |
ansond | 0:137634ff4186 | 105 | #endif /* __ARMCC_VERSION */ |
ansond | 0:137634ff4186 | 106 | #endif /*_MSC_VER */ |
ansond | 0:137634ff4186 | 107 | |
ansond | 0:137634ff4186 | 108 | /* |
ansond | 0:137634ff4186 | 109 | * SSL Error codes |
ansond | 0:137634ff4186 | 110 | */ |
ansond | 0:137634ff4186 | 111 | #define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ |
ansond | 0:137634ff4186 | 112 | #define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ |
ansond | 0:137634ff4186 | 113 | #define POLARSSL_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ |
ansond | 0:137634ff4186 | 114 | #define POLARSSL_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ |
ansond | 0:137634ff4186 | 115 | #define POLARSSL_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ |
ansond | 0:137634ff4186 | 116 | #define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */ |
ansond | 0:137634ff4186 | 117 | #define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ |
ansond | 0:137634ff4186 | 118 | #define POLARSSL_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ |
ansond | 0:137634ff4186 | 119 | #define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ |
ansond | 0:137634ff4186 | 120 | #define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message. */ |
ansond | 0:137634ff4186 | 121 | #define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */ |
ansond | 0:137634ff4186 | 122 | #define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ |
ansond | 0:137634ff4186 | 123 | #define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ |
ansond | 0:137634ff4186 | 124 | #define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ |
ansond | 0:137634ff4186 | 125 | #define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ |
ansond | 0:137634ff4186 | 126 | #define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */ |
ansond | 0:137634ff4186 | 127 | #define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ |
ansond | 0:137634ff4186 | 128 | #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ |
ansond | 0:137634ff4186 | 129 | #define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ |
ansond | 0:137634ff4186 | 130 | #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ |
ansond | 0:137634ff4186 | 131 | #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ |
ansond | 0:137634ff4186 | 132 | #define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ |
ansond | 0:137634ff4186 | 133 | #define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ |
ansond | 0:137634ff4186 | 134 | #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ |
ansond | 0:137634ff4186 | 135 | #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */ |
ansond | 0:137634ff4186 | 136 | #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ |
ansond | 0:137634ff4186 | 137 | #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ |
ansond | 0:137634ff4186 | 138 | #define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ |
ansond | 0:137634ff4186 | 139 | #define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ |
ansond | 0:137634ff4186 | 140 | #define POLARSSL_ERR_SSL_MALLOC_FAILED -0x7F00 /**< Memory allocation failed */ |
ansond | 0:137634ff4186 | 141 | #define POLARSSL_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ |
ansond | 0:137634ff4186 | 142 | #define POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ |
ansond | 0:137634ff4186 | 143 | #define POLARSSL_ERR_SSL_COMPRESSION_FAILED -0x6F00 /**< Processing of the compression / decompression failed */ |
ansond | 0:137634ff4186 | 144 | #define POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ |
ansond | 0:137634ff4186 | 145 | #define POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */ |
ansond | 0:137634ff4186 | 146 | #define POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ |
ansond | 0:137634ff4186 | 147 | #define POLARSSL_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ |
ansond | 0:137634ff4186 | 148 | #define POLARSSL_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ |
ansond | 0:137634ff4186 | 149 | #define POLARSSL_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */ |
ansond | 0:137634ff4186 | 150 | #define POLARSSL_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */ |
ansond | 0:137634ff4186 | 151 | #define POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */ |
ansond | 0:137634ff4186 | 152 | #define POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6A80 /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */ |
ansond | 0:137634ff4186 | 153 | |
ansond | 0:137634ff4186 | 154 | /* |
ansond | 0:137634ff4186 | 155 | * Various constants |
ansond | 0:137634ff4186 | 156 | */ |
ansond | 0:137634ff4186 | 157 | #define SSL_MAJOR_VERSION_3 3 |
ansond | 0:137634ff4186 | 158 | #define SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */ |
ansond | 0:137634ff4186 | 159 | #define SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ |
ansond | 0:137634ff4186 | 160 | #define SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ |
ansond | 0:137634ff4186 | 161 | #define SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ |
ansond | 0:137634ff4186 | 162 | |
ansond | 0:137634ff4186 | 163 | /* Determine minimum supported version */ |
ansond | 0:137634ff4186 | 164 | #define SSL_MIN_MAJOR_VERSION SSL_MAJOR_VERSION_3 |
ansond | 0:137634ff4186 | 165 | |
ansond | 0:137634ff4186 | 166 | #if defined(POLARSSL_SSL_PROTO_SSL3) |
ansond | 0:137634ff4186 | 167 | #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_0 |
ansond | 0:137634ff4186 | 168 | #else |
ansond | 0:137634ff4186 | 169 | #if defined(POLARSSL_SSL_PROTO_TLS1) |
ansond | 0:137634ff4186 | 170 | #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_1 |
ansond | 0:137634ff4186 | 171 | #else |
ansond | 0:137634ff4186 | 172 | #if defined(POLARSSL_SSL_PROTO_TLS1_1) |
ansond | 0:137634ff4186 | 173 | #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_2 |
ansond | 0:137634ff4186 | 174 | #else |
ansond | 0:137634ff4186 | 175 | #if defined(POLARSSL_SSL_PROTO_TLS1_2) |
ansond | 0:137634ff4186 | 176 | #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_3 |
ansond | 0:137634ff4186 | 177 | #endif /* POLARSSL_SSL_PROTO_TLS1_2 */ |
ansond | 0:137634ff4186 | 178 | #endif /* POLARSSL_SSL_PROTO_TLS1_1 */ |
ansond | 0:137634ff4186 | 179 | #endif /* POLARSSL_SSL_PROTO_TLS1 */ |
ansond | 0:137634ff4186 | 180 | #endif /* POLARSSL_SSL_PROTO_SSL3 */ |
ansond | 0:137634ff4186 | 181 | |
ansond | 0:137634ff4186 | 182 | /* Determine maximum supported version */ |
ansond | 0:137634ff4186 | 183 | #define SSL_MAX_MAJOR_VERSION SSL_MAJOR_VERSION_3 |
ansond | 0:137634ff4186 | 184 | |
ansond | 0:137634ff4186 | 185 | #if defined(POLARSSL_SSL_PROTO_TLS1_2) |
ansond | 0:137634ff4186 | 186 | #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_3 |
ansond | 0:137634ff4186 | 187 | #else |
ansond | 0:137634ff4186 | 188 | #if defined(POLARSSL_SSL_PROTO_TLS1_1) |
ansond | 0:137634ff4186 | 189 | #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_2 |
ansond | 0:137634ff4186 | 190 | #else |
ansond | 0:137634ff4186 | 191 | #if defined(POLARSSL_SSL_PROTO_TLS1) |
ansond | 0:137634ff4186 | 192 | #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_1 |
ansond | 0:137634ff4186 | 193 | #else |
ansond | 0:137634ff4186 | 194 | #if defined(POLARSSL_SSL_PROTO_SSL3) |
ansond | 0:137634ff4186 | 195 | #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_0 |
ansond | 0:137634ff4186 | 196 | #endif /* POLARSSL_SSL_PROTO_SSL3 */ |
ansond | 0:137634ff4186 | 197 | #endif /* POLARSSL_SSL_PROTO_TLS1 */ |
ansond | 0:137634ff4186 | 198 | #endif /* POLARSSL_SSL_PROTO_TLS1_1 */ |
ansond | 0:137634ff4186 | 199 | #endif /* POLARSSL_SSL_PROTO_TLS1_2 */ |
ansond | 0:137634ff4186 | 200 | |
ansond | 0:137634ff4186 | 201 | /* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c |
ansond | 0:137634ff4186 | 202 | * NONE must be zero so that memset()ing structure to zero works */ |
ansond | 0:137634ff4186 | 203 | #define SSL_MAX_FRAG_LEN_NONE 0 /*!< don't use this extension */ |
ansond | 0:137634ff4186 | 204 | #define SSL_MAX_FRAG_LEN_512 1 /*!< MaxFragmentLength 2^9 */ |
ansond | 0:137634ff4186 | 205 | #define SSL_MAX_FRAG_LEN_1024 2 /*!< MaxFragmentLength 2^10 */ |
ansond | 0:137634ff4186 | 206 | #define SSL_MAX_FRAG_LEN_2048 3 /*!< MaxFragmentLength 2^11 */ |
ansond | 0:137634ff4186 | 207 | #define SSL_MAX_FRAG_LEN_4096 4 /*!< MaxFragmentLength 2^12 */ |
ansond | 0:137634ff4186 | 208 | #define SSL_MAX_FRAG_LEN_INVALID 5 /*!< first invalid value */ |
ansond | 0:137634ff4186 | 209 | |
ansond | 0:137634ff4186 | 210 | #define SSL_IS_CLIENT 0 |
ansond | 0:137634ff4186 | 211 | #define SSL_IS_SERVER 1 |
ansond | 0:137634ff4186 | 212 | |
ansond | 0:137634ff4186 | 213 | #define SSL_IS_NOT_FALLBACK 0 |
ansond | 0:137634ff4186 | 214 | #define SSL_IS_FALLBACK 1 |
ansond | 0:137634ff4186 | 215 | |
ansond | 0:137634ff4186 | 216 | #define SSL_EXTENDED_MS_DISABLED 0 |
ansond | 0:137634ff4186 | 217 | #define SSL_EXTENDED_MS_ENABLED 1 |
ansond | 0:137634ff4186 | 218 | |
ansond | 0:137634ff4186 | 219 | #define SSL_ETM_DISABLED 0 |
ansond | 0:137634ff4186 | 220 | #define SSL_ETM_ENABLED 1 |
ansond | 0:137634ff4186 | 221 | |
ansond | 0:137634ff4186 | 222 | #define SSL_COMPRESS_NULL 0 |
ansond | 0:137634ff4186 | 223 | #define SSL_COMPRESS_DEFLATE 1 |
ansond | 0:137634ff4186 | 224 | |
ansond | 0:137634ff4186 | 225 | #define SSL_VERIFY_NONE 0 |
ansond | 0:137634ff4186 | 226 | #define SSL_VERIFY_OPTIONAL 1 |
ansond | 0:137634ff4186 | 227 | #define SSL_VERIFY_REQUIRED 2 |
ansond | 0:137634ff4186 | 228 | |
ansond | 0:137634ff4186 | 229 | #define SSL_INITIAL_HANDSHAKE 0 |
ansond | 0:137634ff4186 | 230 | #define SSL_RENEGOTIATION 1 /* In progress */ |
ansond | 0:137634ff4186 | 231 | #define SSL_RENEGOTIATION_DONE 2 /* Done */ |
ansond | 0:137634ff4186 | 232 | #define SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */ |
ansond | 0:137634ff4186 | 233 | |
ansond | 0:137634ff4186 | 234 | #define SSL_LEGACY_RENEGOTIATION 0 |
ansond | 0:137634ff4186 | 235 | #define SSL_SECURE_RENEGOTIATION 1 |
ansond | 0:137634ff4186 | 236 | |
ansond | 0:137634ff4186 | 237 | #define SSL_RENEGOTIATION_DISABLED 0 |
ansond | 0:137634ff4186 | 238 | #define SSL_RENEGOTIATION_ENABLED 1 |
ansond | 0:137634ff4186 | 239 | |
ansond | 0:137634ff4186 | 240 | #define SSL_RENEGOTIATION_NOT_ENFORCED -1 |
ansond | 0:137634ff4186 | 241 | #define SSL_RENEGO_MAX_RECORDS_DEFAULT 16 |
ansond | 0:137634ff4186 | 242 | |
ansond | 0:137634ff4186 | 243 | #define SSL_LEGACY_NO_RENEGOTIATION 0 |
ansond | 0:137634ff4186 | 244 | #define SSL_LEGACY_ALLOW_RENEGOTIATION 1 |
ansond | 0:137634ff4186 | 245 | #define SSL_LEGACY_BREAK_HANDSHAKE 2 |
ansond | 0:137634ff4186 | 246 | |
ansond | 0:137634ff4186 | 247 | #define SSL_TRUNC_HMAC_DISABLED 0 |
ansond | 0:137634ff4186 | 248 | #define SSL_TRUNC_HMAC_ENABLED 1 |
ansond | 0:137634ff4186 | 249 | #define SSL_TRUNCATED_HMAC_LEN 10 /* 80 bits, rfc 6066 section 7 */ |
ansond | 0:137634ff4186 | 250 | |
ansond | 0:137634ff4186 | 251 | #define SSL_SESSION_TICKETS_DISABLED 0 |
ansond | 0:137634ff4186 | 252 | #define SSL_SESSION_TICKETS_ENABLED 1 |
ansond | 0:137634ff4186 | 253 | |
ansond | 0:137634ff4186 | 254 | #define SSL_CBC_RECORD_SPLITTING_DISABLED -1 |
ansond | 0:137634ff4186 | 255 | #define SSL_CBC_RECORD_SPLITTING_ENABLED 0 |
ansond | 0:137634ff4186 | 256 | |
ansond | 0:137634ff4186 | 257 | #define SSL_ARC4_ENABLED 0 |
ansond | 0:137634ff4186 | 258 | #define SSL_ARC4_DISABLED 1 |
ansond | 0:137634ff4186 | 259 | |
ansond | 0:137634ff4186 | 260 | /** |
ansond | 0:137634ff4186 | 261 | * \name SECTION: Module settings |
ansond | 0:137634ff4186 | 262 | * |
ansond | 0:137634ff4186 | 263 | * The configuration options you can set for this module are in this section. |
ansond | 0:137634ff4186 | 264 | * Either change them in config.h or define them on the compiler command line. |
ansond | 0:137634ff4186 | 265 | * \{ |
ansond | 0:137634ff4186 | 266 | */ |
ansond | 0:137634ff4186 | 267 | |
ansond | 0:137634ff4186 | 268 | #if !defined(SSL_DEFAULT_TICKET_LIFETIME) |
ansond | 0:137634ff4186 | 269 | #define SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ |
ansond | 0:137634ff4186 | 270 | #endif |
ansond | 0:137634ff4186 | 271 | |
ansond | 0:137634ff4186 | 272 | /* |
ansond | 0:137634ff4186 | 273 | * Size of the input / output buffer. |
ansond | 0:137634ff4186 | 274 | * Note: the RFC defines the default size of SSL / TLS messages. If you |
ansond | 0:137634ff4186 | 275 | * change the value here, other clients / servers may not be able to |
ansond | 0:137634ff4186 | 276 | * communicate with you anymore. Only change this value if you control |
ansond | 0:137634ff4186 | 277 | * both sides of the connection and have it reduced at both sides, or |
ansond | 0:137634ff4186 | 278 | * if you're using the Max Fragment Length extension and you know all your |
ansond | 0:137634ff4186 | 279 | * peers are using it too! |
ansond | 0:137634ff4186 | 280 | */ |
ansond | 0:137634ff4186 | 281 | #if !defined(SSL_MAX_CONTENT_LEN) |
ansond | 0:137634ff4186 | 282 | #define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ |
ansond | 0:137634ff4186 | 283 | #endif |
ansond | 0:137634ff4186 | 284 | |
ansond | 0:137634ff4186 | 285 | /* \} name SECTION: Module settings */ |
ansond | 0:137634ff4186 | 286 | |
ansond | 0:137634ff4186 | 287 | /* |
ansond | 0:137634ff4186 | 288 | * Allow extra bytes for record, authentication and encryption overhead: |
ansond | 0:137634ff4186 | 289 | * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256) |
ansond | 0:137634ff4186 | 290 | * and allow for a maximum of 1024 of compression expansion if |
ansond | 0:137634ff4186 | 291 | * enabled. |
ansond | 0:137634ff4186 | 292 | */ |
ansond | 0:137634ff4186 | 293 | #if defined(POLARSSL_ZLIB_SUPPORT) |
ansond | 0:137634ff4186 | 294 | #define SSL_COMPRESSION_ADD 1024 |
ansond | 0:137634ff4186 | 295 | #else |
ansond | 0:137634ff4186 | 296 | #define SSL_COMPRESSION_ADD 0 |
ansond | 0:137634ff4186 | 297 | #endif |
ansond | 0:137634ff4186 | 298 | |
ansond | 0:137634ff4186 | 299 | #if defined(POLARSSL_RC4_C) || defined(POLARSSL_CIPHER_MODE_CBC) |
ansond | 0:137634ff4186 | 300 | /* Ciphersuites using HMAC */ |
ansond | 0:137634ff4186 | 301 | #if defined(POLARSSL_SHA512_C) |
ansond | 0:137634ff4186 | 302 | #define SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ |
ansond | 0:137634ff4186 | 303 | #elif defined(POLARSSL_SHA256_C) |
ansond | 0:137634ff4186 | 304 | #define SSL_MAC_ADD 32 /* SHA-256 used for HMAC */ |
ansond | 0:137634ff4186 | 305 | #else |
ansond | 0:137634ff4186 | 306 | #define SSL_MAC_ADD 20 /* SHA-1 used for HMAC */ |
ansond | 0:137634ff4186 | 307 | #endif |
ansond | 0:137634ff4186 | 308 | #else |
ansond | 0:137634ff4186 | 309 | /* AEAD ciphersuites: GCM and CCM use a 128 bits tag */ |
ansond | 0:137634ff4186 | 310 | #define SSL_MAC_ADD 16 |
ansond | 0:137634ff4186 | 311 | #endif |
ansond | 0:137634ff4186 | 312 | |
ansond | 0:137634ff4186 | 313 | #if defined(POLARSSL_CIPHER_MODE_CBC) |
ansond | 0:137634ff4186 | 314 | #define SSL_PADDING_ADD 256 |
ansond | 0:137634ff4186 | 315 | #else |
ansond | 0:137634ff4186 | 316 | #define SSL_PADDING_ADD 0 |
ansond | 0:137634ff4186 | 317 | #endif |
ansond | 0:137634ff4186 | 318 | |
ansond | 0:137634ff4186 | 319 | #define SSL_BUFFER_LEN ( SSL_MAX_CONTENT_LEN \ |
ansond | 0:137634ff4186 | 320 | + SSL_COMPRESSION_ADD \ |
ansond | 0:137634ff4186 | 321 | + 29 /* counter + header + IV */ \ |
ansond | 0:137634ff4186 | 322 | + SSL_MAC_ADD \ |
ansond | 0:137634ff4186 | 323 | + SSL_PADDING_ADD \ |
ansond | 0:137634ff4186 | 324 | ) |
ansond | 0:137634ff4186 | 325 | |
ansond | 0:137634ff4186 | 326 | /* |
ansond | 0:137634ff4186 | 327 | * Length of the verify data for secure renegotiation |
ansond | 0:137634ff4186 | 328 | */ |
ansond | 0:137634ff4186 | 329 | #if defined(POLARSSL_SSL_PROTO_SSL3) |
ansond | 0:137634ff4186 | 330 | #define SSL_VERIFY_DATA_MAX_LEN 36 |
ansond | 0:137634ff4186 | 331 | #else |
ansond | 0:137634ff4186 | 332 | #define SSL_VERIFY_DATA_MAX_LEN 12 |
ansond | 0:137634ff4186 | 333 | #endif |
ansond | 0:137634ff4186 | 334 | |
ansond | 0:137634ff4186 | 335 | /* |
ansond | 0:137634ff4186 | 336 | * Signaling ciphersuite values (SCSV) |
ansond | 0:137634ff4186 | 337 | */ |
ansond | 0:137634ff4186 | 338 | #define SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */ |
ansond | 0:137634ff4186 | 339 | #define SSL_FALLBACK_SCSV 0x5600 /**< draft-ietf-tls-downgrade-scsv-00 */ |
ansond | 0:137634ff4186 | 340 | |
ansond | 0:137634ff4186 | 341 | /* |
ansond | 0:137634ff4186 | 342 | * Supported Signature and Hash algorithms (For TLS 1.2) |
ansond | 0:137634ff4186 | 343 | * RFC 5246 section 7.4.1.4.1 |
ansond | 0:137634ff4186 | 344 | */ |
ansond | 0:137634ff4186 | 345 | #define SSL_HASH_NONE 0 |
ansond | 0:137634ff4186 | 346 | #define SSL_HASH_MD5 1 |
ansond | 0:137634ff4186 | 347 | #define SSL_HASH_SHA1 2 |
ansond | 0:137634ff4186 | 348 | #define SSL_HASH_SHA224 3 |
ansond | 0:137634ff4186 | 349 | #define SSL_HASH_SHA256 4 |
ansond | 0:137634ff4186 | 350 | #define SSL_HASH_SHA384 5 |
ansond | 0:137634ff4186 | 351 | #define SSL_HASH_SHA512 6 |
ansond | 0:137634ff4186 | 352 | |
ansond | 0:137634ff4186 | 353 | #define SSL_SIG_ANON 0 |
ansond | 0:137634ff4186 | 354 | #define SSL_SIG_RSA 1 |
ansond | 0:137634ff4186 | 355 | #define SSL_SIG_ECDSA 3 |
ansond | 0:137634ff4186 | 356 | |
ansond | 0:137634ff4186 | 357 | /* |
ansond | 0:137634ff4186 | 358 | * Client Certificate Types |
ansond | 0:137634ff4186 | 359 | * RFC 5246 section 7.4.4 plus RFC 4492 section 5.5 |
ansond | 0:137634ff4186 | 360 | */ |
ansond | 0:137634ff4186 | 361 | #define SSL_CERT_TYPE_RSA_SIGN 1 |
ansond | 0:137634ff4186 | 362 | #define SSL_CERT_TYPE_ECDSA_SIGN 64 |
ansond | 0:137634ff4186 | 363 | |
ansond | 0:137634ff4186 | 364 | /* |
ansond | 0:137634ff4186 | 365 | * Message, alert and handshake types |
ansond | 0:137634ff4186 | 366 | */ |
ansond | 0:137634ff4186 | 367 | #define SSL_MSG_CHANGE_CIPHER_SPEC 20 |
ansond | 0:137634ff4186 | 368 | #define SSL_MSG_ALERT 21 |
ansond | 0:137634ff4186 | 369 | #define SSL_MSG_HANDSHAKE 22 |
ansond | 0:137634ff4186 | 370 | #define SSL_MSG_APPLICATION_DATA 23 |
ansond | 0:137634ff4186 | 371 | |
ansond | 0:137634ff4186 | 372 | #define SSL_ALERT_LEVEL_WARNING 1 |
ansond | 0:137634ff4186 | 373 | #define SSL_ALERT_LEVEL_FATAL 2 |
ansond | 0:137634ff4186 | 374 | |
ansond | 0:137634ff4186 | 375 | #define SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */ |
ansond | 0:137634ff4186 | 376 | #define SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */ |
ansond | 0:137634ff4186 | 377 | #define SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */ |
ansond | 0:137634ff4186 | 378 | #define SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */ |
ansond | 0:137634ff4186 | 379 | #define SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */ |
ansond | 0:137634ff4186 | 380 | #define SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */ |
ansond | 0:137634ff4186 | 381 | #define SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */ |
ansond | 0:137634ff4186 | 382 | #define SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */ |
ansond | 0:137634ff4186 | 383 | #define SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */ |
ansond | 0:137634ff4186 | 384 | #define SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */ |
ansond | 0:137634ff4186 | 385 | #define SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */ |
ansond | 0:137634ff4186 | 386 | #define SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */ |
ansond | 0:137634ff4186 | 387 | #define SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */ |
ansond | 0:137634ff4186 | 388 | #define SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */ |
ansond | 0:137634ff4186 | 389 | #define SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */ |
ansond | 0:137634ff4186 | 390 | #define SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */ |
ansond | 0:137634ff4186 | 391 | #define SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */ |
ansond | 0:137634ff4186 | 392 | #define SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */ |
ansond | 0:137634ff4186 | 393 | #define SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */ |
ansond | 0:137634ff4186 | 394 | #define SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */ |
ansond | 0:137634ff4186 | 395 | #define SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */ |
ansond | 0:137634ff4186 | 396 | #define SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */ |
ansond | 0:137634ff4186 | 397 | #define SSL_ALERT_MSG_INAPROPRIATE_FALLBACK 86 /* 0x56 */ |
ansond | 0:137634ff4186 | 398 | #define SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */ |
ansond | 0:137634ff4186 | 399 | #define SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */ |
ansond | 0:137634ff4186 | 400 | #define SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */ |
ansond | 0:137634ff4186 | 401 | #define SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */ |
ansond | 0:137634ff4186 | 402 | #define SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY 115 /* 0x73 */ |
ansond | 0:137634ff4186 | 403 | #define SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL 120 /* 0x78 */ |
ansond | 0:137634ff4186 | 404 | |
ansond | 0:137634ff4186 | 405 | #define SSL_HS_HELLO_REQUEST 0 |
ansond | 0:137634ff4186 | 406 | #define SSL_HS_CLIENT_HELLO 1 |
ansond | 0:137634ff4186 | 407 | #define SSL_HS_SERVER_HELLO 2 |
ansond | 0:137634ff4186 | 408 | #define SSL_HS_NEW_SESSION_TICKET 4 |
ansond | 0:137634ff4186 | 409 | #define SSL_HS_CERTIFICATE 11 |
ansond | 0:137634ff4186 | 410 | #define SSL_HS_SERVER_KEY_EXCHANGE 12 |
ansond | 0:137634ff4186 | 411 | #define SSL_HS_CERTIFICATE_REQUEST 13 |
ansond | 0:137634ff4186 | 412 | #define SSL_HS_SERVER_HELLO_DONE 14 |
ansond | 0:137634ff4186 | 413 | #define SSL_HS_CERTIFICATE_VERIFY 15 |
ansond | 0:137634ff4186 | 414 | #define SSL_HS_CLIENT_KEY_EXCHANGE 16 |
ansond | 0:137634ff4186 | 415 | #define SSL_HS_FINISHED 20 |
ansond | 0:137634ff4186 | 416 | |
ansond | 0:137634ff4186 | 417 | /* |
ansond | 0:137634ff4186 | 418 | * TLS extensions |
ansond | 0:137634ff4186 | 419 | */ |
ansond | 0:137634ff4186 | 420 | #define TLS_EXT_SERVERNAME 0 |
ansond | 0:137634ff4186 | 421 | #define TLS_EXT_SERVERNAME_HOSTNAME 0 |
ansond | 0:137634ff4186 | 422 | |
ansond | 0:137634ff4186 | 423 | #define TLS_EXT_MAX_FRAGMENT_LENGTH 1 |
ansond | 0:137634ff4186 | 424 | |
ansond | 0:137634ff4186 | 425 | #define TLS_EXT_TRUNCATED_HMAC 4 |
ansond | 0:137634ff4186 | 426 | |
ansond | 0:137634ff4186 | 427 | #define TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10 |
ansond | 0:137634ff4186 | 428 | #define TLS_EXT_SUPPORTED_POINT_FORMATS 11 |
ansond | 0:137634ff4186 | 429 | |
ansond | 0:137634ff4186 | 430 | #define TLS_EXT_SIG_ALG 13 |
ansond | 0:137634ff4186 | 431 | |
ansond | 0:137634ff4186 | 432 | #define TLS_EXT_ALPN 16 |
ansond | 0:137634ff4186 | 433 | |
ansond | 0:137634ff4186 | 434 | #define TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ |
ansond | 0:137634ff4186 | 435 | #define TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */ |
ansond | 0:137634ff4186 | 436 | |
ansond | 0:137634ff4186 | 437 | #define TLS_EXT_SESSION_TICKET 35 |
ansond | 0:137634ff4186 | 438 | |
ansond | 0:137634ff4186 | 439 | #define TLS_EXT_RENEGOTIATION_INFO 0xFF01 |
ansond | 0:137634ff4186 | 440 | |
ansond | 0:137634ff4186 | 441 | /* |
ansond | 0:137634ff4186 | 442 | * TLS extension flags (for extensions with outgoing ServerHello content |
ansond | 0:137634ff4186 | 443 | * that need it (e.g. for RENEGOTIATION_INFO the server already knows because |
ansond | 0:137634ff4186 | 444 | * of state of the renegotiation flag, so no indicator is required) |
ansond | 0:137634ff4186 | 445 | */ |
ansond | 0:137634ff4186 | 446 | #define TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0) |
ansond | 0:137634ff4186 | 447 | |
ansond | 0:137634ff4186 | 448 | /* |
ansond | 0:137634ff4186 | 449 | * Size defines |
ansond | 0:137634ff4186 | 450 | */ |
ansond | 0:137634ff4186 | 451 | #if !defined(POLARSSL_PSK_MAX_LEN) |
ansond | 0:137634ff4186 | 452 | #define POLARSSL_PSK_MAX_LEN 32 /* 256 bits */ |
ansond | 0:137634ff4186 | 453 | #endif |
ansond | 0:137634ff4186 | 454 | |
ansond | 0:137634ff4186 | 455 | /* Dummy type used only for its size */ |
ansond | 0:137634ff4186 | 456 | union _ssl_premaster_secret |
ansond | 0:137634ff4186 | 457 | { |
ansond | 0:137634ff4186 | 458 | #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) |
ansond | 0:137634ff4186 | 459 | unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */ |
ansond | 0:137634ff4186 | 460 | #endif |
ansond | 0:137634ff4186 | 461 | #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) |
ansond | 0:137634ff4186 | 462 | unsigned char _pms_dhm[POLARSSL_MPI_MAX_SIZE]; /* RFC 5246 8.1.2 */ |
ansond | 0:137634ff4186 | 463 | #endif |
ansond | 0:137634ff4186 | 464 | #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ |
ansond | 0:137634ff4186 | 465 | defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ |
ansond | 0:137634ff4186 | 466 | defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ |
ansond | 0:137634ff4186 | 467 | defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) |
ansond | 0:137634ff4186 | 468 | unsigned char _pms_ecdh[POLARSSL_ECP_MAX_BYTES]; /* RFC 4492 5.10 */ |
ansond | 0:137634ff4186 | 469 | #endif |
ansond | 0:137634ff4186 | 470 | #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) |
ansond | 0:137634ff4186 | 471 | unsigned char _pms_psk[4 + 2 * POLARSSL_PSK_MAX_LEN]; /* RFC 4279 2 */ |
ansond | 0:137634ff4186 | 472 | #endif |
ansond | 0:137634ff4186 | 473 | #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) |
ansond | 0:137634ff4186 | 474 | unsigned char _pms_dhe_psk[4 + POLARSSL_MPI_MAX_SIZE |
ansond | 0:137634ff4186 | 475 | + POLARSSL_PSK_MAX_LEN]; /* RFC 4279 3 */ |
ansond | 0:137634ff4186 | 476 | #endif |
ansond | 0:137634ff4186 | 477 | #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) |
ansond | 0:137634ff4186 | 478 | unsigned char _pms_rsa_psk[52 + POLARSSL_PSK_MAX_LEN]; /* RFC 4279 4 */ |
ansond | 0:137634ff4186 | 479 | #endif |
ansond | 0:137634ff4186 | 480 | #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) |
ansond | 0:137634ff4186 | 481 | unsigned char _pms_ecdhe_psk[4 + POLARSSL_ECP_MAX_BYTES |
ansond | 0:137634ff4186 | 482 | + POLARSSL_PSK_MAX_LEN]; /* RFC 5489 2 */ |
ansond | 0:137634ff4186 | 483 | #endif |
ansond | 0:137634ff4186 | 484 | }; |
ansond | 0:137634ff4186 | 485 | |
ansond | 0:137634ff4186 | 486 | #define POLARSSL_PREMASTER_SIZE sizeof( union _ssl_premaster_secret ) |
ansond | 0:137634ff4186 | 487 | |
ansond | 0:137634ff4186 | 488 | #ifdef __cplusplus |
ansond | 0:137634ff4186 | 489 | extern "C" { |
ansond | 0:137634ff4186 | 490 | #endif |
ansond | 0:137634ff4186 | 491 | |
ansond | 0:137634ff4186 | 492 | /* |
ansond | 0:137634ff4186 | 493 | * Generic function pointers for allowing external RSA private key |
ansond | 0:137634ff4186 | 494 | * implementations. |
ansond | 0:137634ff4186 | 495 | */ |
ansond | 0:137634ff4186 | 496 | typedef int (*rsa_decrypt_func)( void *ctx, int mode, size_t *olen, |
ansond | 0:137634ff4186 | 497 | const unsigned char *input, unsigned char *output, |
ansond | 0:137634ff4186 | 498 | size_t output_max_len ); |
ansond | 0:137634ff4186 | 499 | typedef int (*rsa_sign_func)( void *ctx, |
ansond | 0:137634ff4186 | 500 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, |
ansond | 0:137634ff4186 | 501 | int mode, md_type_t md_alg, unsigned int hashlen, |
ansond | 0:137634ff4186 | 502 | const unsigned char *hash, unsigned char *sig ); |
ansond | 0:137634ff4186 | 503 | typedef size_t (*rsa_key_len_func)( void *ctx ); |
ansond | 0:137634ff4186 | 504 | |
ansond | 0:137634ff4186 | 505 | /* |
ansond | 0:137634ff4186 | 506 | * SSL state machine |
ansond | 0:137634ff4186 | 507 | */ |
ansond | 0:137634ff4186 | 508 | typedef enum |
ansond | 0:137634ff4186 | 509 | { |
ansond | 0:137634ff4186 | 510 | SSL_HELLO_REQUEST, |
ansond | 0:137634ff4186 | 511 | SSL_CLIENT_HELLO, |
ansond | 0:137634ff4186 | 512 | SSL_SERVER_HELLO, |
ansond | 0:137634ff4186 | 513 | SSL_SERVER_CERTIFICATE, |
ansond | 0:137634ff4186 | 514 | SSL_SERVER_KEY_EXCHANGE, |
ansond | 0:137634ff4186 | 515 | SSL_CERTIFICATE_REQUEST, |
ansond | 0:137634ff4186 | 516 | SSL_SERVER_HELLO_DONE, |
ansond | 0:137634ff4186 | 517 | SSL_CLIENT_CERTIFICATE, |
ansond | 0:137634ff4186 | 518 | SSL_CLIENT_KEY_EXCHANGE, |
ansond | 0:137634ff4186 | 519 | SSL_CERTIFICATE_VERIFY, |
ansond | 0:137634ff4186 | 520 | SSL_CLIENT_CHANGE_CIPHER_SPEC, |
ansond | 0:137634ff4186 | 521 | SSL_CLIENT_FINISHED, |
ansond | 0:137634ff4186 | 522 | SSL_SERVER_CHANGE_CIPHER_SPEC, |
ansond | 0:137634ff4186 | 523 | SSL_SERVER_FINISHED, |
ansond | 0:137634ff4186 | 524 | SSL_FLUSH_BUFFERS, |
ansond | 0:137634ff4186 | 525 | SSL_HANDSHAKE_WRAPUP, |
ansond | 0:137634ff4186 | 526 | SSL_HANDSHAKE_OVER, |
ansond | 0:137634ff4186 | 527 | SSL_SERVER_NEW_SESSION_TICKET, |
ansond | 0:137634ff4186 | 528 | } |
ansond | 0:137634ff4186 | 529 | ssl_states; |
ansond | 0:137634ff4186 | 530 | |
ansond | 0:137634ff4186 | 531 | typedef struct _ssl_session ssl_session; |
ansond | 0:137634ff4186 | 532 | typedef struct _ssl_context ssl_context; |
ansond | 0:137634ff4186 | 533 | typedef struct _ssl_transform ssl_transform; |
ansond | 0:137634ff4186 | 534 | typedef struct _ssl_handshake_params ssl_handshake_params; |
ansond | 0:137634ff4186 | 535 | #if defined(POLARSSL_SSL_SESSION_TICKETS) |
ansond | 0:137634ff4186 | 536 | typedef struct _ssl_ticket_keys ssl_ticket_keys; |
ansond | 0:137634ff4186 | 537 | #endif |
ansond | 0:137634ff4186 | 538 | #if defined(POLARSSL_X509_CRT_PARSE_C) |
ansond | 0:137634ff4186 | 539 | typedef struct _ssl_key_cert ssl_key_cert; |
ansond | 0:137634ff4186 | 540 | #endif |
ansond | 0:137634ff4186 | 541 | |
ansond | 0:137634ff4186 | 542 | /* |
ansond | 0:137634ff4186 | 543 | * This structure is used for storing current session data. |
ansond | 0:137634ff4186 | 544 | */ |
ansond | 0:137634ff4186 | 545 | struct _ssl_session |
ansond | 0:137634ff4186 | 546 | { |
ansond | 0:137634ff4186 | 547 | #if defined(POLARSSL_HAVE_TIME) |
ansond | 0:137634ff4186 | 548 | time_t start; /*!< starting time */ |
ansond | 0:137634ff4186 | 549 | #endif |
ansond | 0:137634ff4186 | 550 | int ciphersuite; /*!< chosen ciphersuite */ |
ansond | 0:137634ff4186 | 551 | int compression; /*!< chosen compression */ |
ansond | 0:137634ff4186 | 552 | size_t length; /*!< session id length */ |
ansond | 0:137634ff4186 | 553 | unsigned char id[32]; /*!< session identifier */ |
ansond | 0:137634ff4186 | 554 | unsigned char master[48]; /*!< the master secret */ |
ansond | 0:137634ff4186 | 555 | |
ansond | 0:137634ff4186 | 556 | #if defined(POLARSSL_X509_CRT_PARSE_C) |
ansond | 0:137634ff4186 | 557 | x509_crt *peer_cert; /*!< peer X.509 cert chain */ |
ansond | 0:137634ff4186 | 558 | #endif /* POLARSSL_X509_CRT_PARSE_C */ |
ansond | 0:137634ff4186 | 559 | int verify_result; /*!< verification result */ |
ansond | 0:137634ff4186 | 560 | |
ansond | 0:137634ff4186 | 561 | #if defined(POLARSSL_SSL_SESSION_TICKETS) |
ansond | 0:137634ff4186 | 562 | unsigned char *ticket; /*!< RFC 5077 session ticket */ |
ansond | 0:137634ff4186 | 563 | size_t ticket_len; /*!< session ticket length */ |
ansond | 0:137634ff4186 | 564 | uint32_t ticket_lifetime; /*!< ticket lifetime hint */ |
ansond | 0:137634ff4186 | 565 | #endif /* POLARSSL_SSL_SESSION_TICKETS */ |
ansond | 0:137634ff4186 | 566 | |
ansond | 0:137634ff4186 | 567 | #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) |
ansond | 0:137634ff4186 | 568 | unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ |
ansond | 0:137634ff4186 | 569 | #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ |
ansond | 0:137634ff4186 | 570 | |
ansond | 0:137634ff4186 | 571 | #if defined(POLARSSL_SSL_TRUNCATED_HMAC) |
ansond | 0:137634ff4186 | 572 | int trunc_hmac; /*!< flag for truncated hmac activation */ |
ansond | 0:137634ff4186 | 573 | #endif /* POLARSSL_SSL_TRUNCATED_HMAC */ |
ansond | 0:137634ff4186 | 574 | |
ansond | 0:137634ff4186 | 575 | #if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) |
ansond | 0:137634ff4186 | 576 | int encrypt_then_mac; /*!< flag for EtM activation */ |
ansond | 0:137634ff4186 | 577 | #endif |
ansond | 0:137634ff4186 | 578 | }; |
ansond | 0:137634ff4186 | 579 | |
ansond | 0:137634ff4186 | 580 | /* |
ansond | 0:137634ff4186 | 581 | * This structure contains a full set of runtime transform parameters |
ansond | 0:137634ff4186 | 582 | * either in negotiation or active. |
ansond | 0:137634ff4186 | 583 | */ |
ansond | 0:137634ff4186 | 584 | struct _ssl_transform |
ansond | 0:137634ff4186 | 585 | { |
ansond | 0:137634ff4186 | 586 | /* |
ansond | 0:137634ff4186 | 587 | * Session specific crypto layer |
ansond | 0:137634ff4186 | 588 | */ |
ansond | 0:137634ff4186 | 589 | const ssl_ciphersuite_t *ciphersuite_info; |
ansond | 0:137634ff4186 | 590 | /*!< Chosen cipersuite_info */ |
ansond | 0:137634ff4186 | 591 | unsigned int keylen; /*!< symmetric key length */ |
ansond | 0:137634ff4186 | 592 | size_t minlen; /*!< min. ciphertext length */ |
ansond | 0:137634ff4186 | 593 | size_t ivlen; /*!< IV length */ |
ansond | 0:137634ff4186 | 594 | size_t fixed_ivlen; /*!< Fixed part of IV (AEAD) */ |
ansond | 0:137634ff4186 | 595 | size_t maclen; /*!< MAC length */ |
ansond | 0:137634ff4186 | 596 | |
ansond | 0:137634ff4186 | 597 | unsigned char iv_enc[16]; /*!< IV (encryption) */ |
ansond | 0:137634ff4186 | 598 | unsigned char iv_dec[16]; /*!< IV (decryption) */ |
ansond | 0:137634ff4186 | 599 | |
ansond | 0:137634ff4186 | 600 | #if defined(POLARSSL_SSL_PROTO_SSL3) |
ansond | 0:137634ff4186 | 601 | /* Needed only for SSL v3.0 secret */ |
ansond | 0:137634ff4186 | 602 | unsigned char mac_enc[20]; /*!< SSL v3.0 secret (enc) */ |
ansond | 0:137634ff4186 | 603 | unsigned char mac_dec[20]; /*!< SSL v3.0 secret (dec) */ |
ansond | 0:137634ff4186 | 604 | #endif /* POLARSSL_SSL_PROTO_SSL3 */ |
ansond | 0:137634ff4186 | 605 | |
ansond | 0:137634ff4186 | 606 | md_context_t md_ctx_enc; /*!< MAC (encryption) */ |
ansond | 0:137634ff4186 | 607 | md_context_t md_ctx_dec; /*!< MAC (decryption) */ |
ansond | 0:137634ff4186 | 608 | |
ansond | 0:137634ff4186 | 609 | cipher_context_t cipher_ctx_enc; /*!< encryption context */ |
ansond | 0:137634ff4186 | 610 | cipher_context_t cipher_ctx_dec; /*!< decryption context */ |
ansond | 0:137634ff4186 | 611 | |
ansond | 0:137634ff4186 | 612 | /* |
ansond | 0:137634ff4186 | 613 | * Session specific compression layer |
ansond | 0:137634ff4186 | 614 | */ |
ansond | 0:137634ff4186 | 615 | #if defined(POLARSSL_ZLIB_SUPPORT) |
ansond | 0:137634ff4186 | 616 | z_stream ctx_deflate; /*!< compression context */ |
ansond | 0:137634ff4186 | 617 | z_stream ctx_inflate; /*!< decompression context */ |
ansond | 0:137634ff4186 | 618 | #endif |
ansond | 0:137634ff4186 | 619 | }; |
ansond | 0:137634ff4186 | 620 | |
ansond | 0:137634ff4186 | 621 | /* |
ansond | 0:137634ff4186 | 622 | * This structure contains the parameters only needed during handshake. |
ansond | 0:137634ff4186 | 623 | */ |
ansond | 0:137634ff4186 | 624 | struct _ssl_handshake_params |
ansond | 0:137634ff4186 | 625 | { |
ansond | 0:137634ff4186 | 626 | /* |
ansond | 0:137634ff4186 | 627 | * Handshake specific crypto variables |
ansond | 0:137634ff4186 | 628 | */ |
ansond | 0:137634ff4186 | 629 | int sig_alg; /*!< Hash algorithm for signature */ |
ansond | 0:137634ff4186 | 630 | int cert_type; /*!< Requested cert type */ |
ansond | 0:137634ff4186 | 631 | int verify_sig_alg; /*!< Signature algorithm for verify */ |
ansond | 0:137634ff4186 | 632 | #if defined(POLARSSL_DHM_C) |
ansond | 0:137634ff4186 | 633 | dhm_context dhm_ctx; /*!< DHM key exchange */ |
ansond | 0:137634ff4186 | 634 | #endif |
ansond | 0:137634ff4186 | 635 | #if defined(POLARSSL_ECDH_C) |
ansond | 0:137634ff4186 | 636 | ecdh_context ecdh_ctx; /*!< ECDH key exchange */ |
ansond | 0:137634ff4186 | 637 | #endif |
ansond | 0:137634ff4186 | 638 | #if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) |
ansond | 0:137634ff4186 | 639 | const ecp_curve_info **curves; /*!< Supported elliptic curves */ |
ansond | 0:137634ff4186 | 640 | #endif |
ansond | 0:137634ff4186 | 641 | #if defined(POLARSSL_X509_CRT_PARSE_C) |
ansond | 0:137634ff4186 | 642 | /** |
ansond | 0:137634ff4186 | 643 | * Current key/cert or key/cert list. |
ansond | 0:137634ff4186 | 644 | * On client: pointer to ssl->key_cert, only the first entry used. |
ansond | 0:137634ff4186 | 645 | * On server: starts as a pointer to ssl->key_cert, then becomes |
ansond | 0:137634ff4186 | 646 | * a pointer to the chosen key from this list or the SNI list. |
ansond | 0:137634ff4186 | 647 | */ |
ansond | 0:137634ff4186 | 648 | ssl_key_cert *key_cert; |
ansond | 0:137634ff4186 | 649 | #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) |
ansond | 0:137634ff4186 | 650 | ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI */ |
ansond | 0:137634ff4186 | 651 | #endif |
ansond | 0:137634ff4186 | 652 | #endif /* POLARSSL_X509_CRT_PARSE_C */ |
ansond | 0:137634ff4186 | 653 | |
ansond | 0:137634ff4186 | 654 | /* |
ansond | 0:137634ff4186 | 655 | * Checksum contexts |
ansond | 0:137634ff4186 | 656 | */ |
ansond | 0:137634ff4186 | 657 | #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ |
ansond | 0:137634ff4186 | 658 | defined(POLARSSL_SSL_PROTO_TLS1_1) |
ansond | 0:137634ff4186 | 659 | md5_context fin_md5; |
ansond | 0:137634ff4186 | 660 | sha1_context fin_sha1; |
ansond | 0:137634ff4186 | 661 | #endif |
ansond | 0:137634ff4186 | 662 | #if defined(POLARSSL_SSL_PROTO_TLS1_2) |
ansond | 0:137634ff4186 | 663 | #if defined(POLARSSL_SHA256_C) |
ansond | 0:137634ff4186 | 664 | sha256_context fin_sha256; |
ansond | 0:137634ff4186 | 665 | #endif |
ansond | 0:137634ff4186 | 666 | #if defined(POLARSSL_SHA512_C) |
ansond | 0:137634ff4186 | 667 | sha512_context fin_sha512; |
ansond | 0:137634ff4186 | 668 | #endif |
ansond | 0:137634ff4186 | 669 | #endif /* POLARSSL_SSL_PROTO_TLS1_2 */ |
ansond | 0:137634ff4186 | 670 | |
ansond | 0:137634ff4186 | 671 | void (*update_checksum)(ssl_context *, const unsigned char *, size_t); |
ansond | 0:137634ff4186 | 672 | void (*calc_verify)(ssl_context *, unsigned char *); |
ansond | 0:137634ff4186 | 673 | void (*calc_finished)(ssl_context *, unsigned char *, int); |
ansond | 0:137634ff4186 | 674 | int (*tls_prf)(const unsigned char *, size_t, const char *, |
ansond | 0:137634ff4186 | 675 | const unsigned char *, size_t, |
ansond | 0:137634ff4186 | 676 | unsigned char *, size_t); |
ansond | 0:137634ff4186 | 677 | |
ansond | 0:137634ff4186 | 678 | size_t pmslen; /*!< premaster length */ |
ansond | 0:137634ff4186 | 679 | |
ansond | 0:137634ff4186 | 680 | unsigned char randbytes[64]; /*!< random bytes */ |
ansond | 0:137634ff4186 | 681 | unsigned char premaster[POLARSSL_PREMASTER_SIZE]; |
ansond | 0:137634ff4186 | 682 | /*!< premaster secret */ |
ansond | 0:137634ff4186 | 683 | |
ansond | 0:137634ff4186 | 684 | int resume; /*!< session resume indicator*/ |
ansond | 0:137634ff4186 | 685 | int max_major_ver; /*!< max. major version client*/ |
ansond | 0:137634ff4186 | 686 | int max_minor_ver; /*!< max. minor version client*/ |
ansond | 0:137634ff4186 | 687 | int cli_exts; /*!< client extension presence*/ |
ansond | 0:137634ff4186 | 688 | |
ansond | 0:137634ff4186 | 689 | #if defined(POLARSSL_SSL_SESSION_TICKETS) |
ansond | 0:137634ff4186 | 690 | int new_session_ticket; /*!< use NewSessionTicket? */ |
ansond | 0:137634ff4186 | 691 | #endif /* POLARSSL_SSL_SESSION_TICKETS */ |
ansond | 0:137634ff4186 | 692 | #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) |
ansond | 0:137634ff4186 | 693 | int extended_ms; /*!< use Extended Master Secret? */ |
ansond | 0:137634ff4186 | 694 | #endif |
ansond | 0:137634ff4186 | 695 | }; |
ansond | 0:137634ff4186 | 696 | |
ansond | 0:137634ff4186 | 697 | #if defined(POLARSSL_SSL_SESSION_TICKETS) |
ansond | 0:137634ff4186 | 698 | /* |
ansond | 0:137634ff4186 | 699 | * Parameters needed to secure session tickets |
ansond | 0:137634ff4186 | 700 | */ |
ansond | 0:137634ff4186 | 701 | struct _ssl_ticket_keys |
ansond | 0:137634ff4186 | 702 | { |
ansond | 0:137634ff4186 | 703 | unsigned char key_name[16]; /*!< name to quickly discard bad tickets */ |
ansond | 0:137634ff4186 | 704 | aes_context enc; /*!< encryption context */ |
ansond | 0:137634ff4186 | 705 | aes_context dec; /*!< decryption context */ |
ansond | 0:137634ff4186 | 706 | unsigned char mac_key[16]; /*!< authentication key */ |
ansond | 0:137634ff4186 | 707 | }; |
ansond | 0:137634ff4186 | 708 | #endif /* POLARSSL_SSL_SESSION_TICKETS */ |
ansond | 0:137634ff4186 | 709 | |
ansond | 0:137634ff4186 | 710 | #if defined(POLARSSL_X509_CRT_PARSE_C) |
ansond | 0:137634ff4186 | 711 | /* |
ansond | 0:137634ff4186 | 712 | * List of certificate + private key pairs |
ansond | 0:137634ff4186 | 713 | */ |
ansond | 0:137634ff4186 | 714 | struct _ssl_key_cert |
ansond | 0:137634ff4186 | 715 | { |
ansond | 0:137634ff4186 | 716 | x509_crt *cert; /*!< cert */ |
ansond | 0:137634ff4186 | 717 | pk_context *key; /*!< private key */ |
ansond | 0:137634ff4186 | 718 | int key_own_alloc; /*!< did we allocate key? */ |
ansond | 0:137634ff4186 | 719 | ssl_key_cert *next; /*!< next key/cert pair */ |
ansond | 0:137634ff4186 | 720 | }; |
ansond | 0:137634ff4186 | 721 | #endif /* POLARSSL_X509_CRT_PARSE_C */ |
ansond | 0:137634ff4186 | 722 | |
ansond | 0:137634ff4186 | 723 | struct _ssl_context |
ansond | 0:137634ff4186 | 724 | { |
ansond | 0:137634ff4186 | 725 | /* |
ansond | 0:137634ff4186 | 726 | * Miscellaneous |
ansond | 0:137634ff4186 | 727 | */ |
ansond | 0:137634ff4186 | 728 | int state; /*!< SSL handshake: current state */ |
ansond | 0:137634ff4186 | 729 | int renegotiation; /*!< Initial or renegotiation */ |
ansond | 0:137634ff4186 | 730 | #if defined(POLARSSL_SSL_RENEGOTIATION) |
ansond | 0:137634ff4186 | 731 | int renego_records_seen; /*!< Records since renego request */ |
ansond | 0:137634ff4186 | 732 | #endif |
ansond | 0:137634ff4186 | 733 | |
ansond | 0:137634ff4186 | 734 | int major_ver; /*!< equal to SSL_MAJOR_VERSION_3 */ |
ansond | 0:137634ff4186 | 735 | int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ |
ansond | 0:137634ff4186 | 736 | |
ansond | 0:137634ff4186 | 737 | int max_major_ver; /*!< max. major version used */ |
ansond | 0:137634ff4186 | 738 | int max_minor_ver; /*!< max. minor version used */ |
ansond | 0:137634ff4186 | 739 | int min_major_ver; /*!< min. major version used */ |
ansond | 0:137634ff4186 | 740 | int min_minor_ver; /*!< min. minor version used */ |
ansond | 0:137634ff4186 | 741 | |
ansond | 0:137634ff4186 | 742 | #if defined(POLARSSL_SSL_FALLBACK_SCSV) && defined(POLARSSL_SSL_CLI_C) |
ansond | 0:137634ff4186 | 743 | char fallback; /*!< flag for fallback connections */ |
ansond | 0:137634ff4186 | 744 | #endif |
ansond | 0:137634ff4186 | 745 | #if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) |
ansond | 0:137634ff4186 | 746 | char encrypt_then_mac; /*!< flag for encrypt-then-mac */ |
ansond | 0:137634ff4186 | 747 | #endif |
ansond | 0:137634ff4186 | 748 | #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) |
ansond | 0:137634ff4186 | 749 | char extended_ms; /*!< flag for extended master secret */ |
ansond | 0:137634ff4186 | 750 | #endif |
ansond | 0:137634ff4186 | 751 | char arc4_disabled; /*!< flag for disabling RC4 */ |
ansond | 0:137634ff4186 | 752 | |
ansond | 0:137634ff4186 | 753 | /* |
ansond | 0:137634ff4186 | 754 | * Callbacks (RNG, debug, I/O, verification) |
ansond | 0:137634ff4186 | 755 | */ |
ansond | 0:137634ff4186 | 756 | int (*f_rng)(void *, unsigned char *, size_t); |
ansond | 0:137634ff4186 | 757 | void (*f_dbg)(void *, int, const char *); |
ansond | 0:137634ff4186 | 758 | int (*f_recv)(void *, unsigned char *, size_t); |
ansond | 0:137634ff4186 | 759 | int (*f_send)(void *, const unsigned char *, size_t); |
ansond | 0:137634ff4186 | 760 | int (*f_get_cache)(void *, ssl_session *); |
ansond | 0:137634ff4186 | 761 | int (*f_set_cache)(void *, const ssl_session *); |
ansond | 0:137634ff4186 | 762 | |
ansond | 0:137634ff4186 | 763 | void *p_rng; /*!< context for the RNG function */ |
ansond | 0:137634ff4186 | 764 | void *p_dbg; /*!< context for the debug function */ |
ansond | 0:137634ff4186 | 765 | void *p_recv; /*!< context for reading operations */ |
ansond | 0:137634ff4186 | 766 | void *p_send; /*!< context for writing operations */ |
ansond | 0:137634ff4186 | 767 | void *p_get_cache; /*!< context for cache retrieval */ |
ansond | 0:137634ff4186 | 768 | void *p_set_cache; /*!< context for cache store */ |
ansond | 0:137634ff4186 | 769 | void *p_hw_data; /*!< context for HW acceleration */ |
ansond | 0:137634ff4186 | 770 | |
ansond | 0:137634ff4186 | 771 | #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) |
ansond | 0:137634ff4186 | 772 | int (*f_sni)(void *, ssl_context *, const unsigned char *, size_t); |
ansond | 0:137634ff4186 | 773 | void *p_sni; /*!< context for SNI extension */ |
ansond | 0:137634ff4186 | 774 | #endif |
ansond | 0:137634ff4186 | 775 | |
ansond | 0:137634ff4186 | 776 | #if defined(POLARSSL_X509_CRT_PARSE_C) |
ansond | 0:137634ff4186 | 777 | int (*f_vrfy)(void *, x509_crt *, int, int *); |
ansond | 0:137634ff4186 | 778 | void *p_vrfy; /*!< context for verification */ |
ansond | 0:137634ff4186 | 779 | #endif |
ansond | 0:137634ff4186 | 780 | |
ansond | 0:137634ff4186 | 781 | #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) |
ansond | 0:137634ff4186 | 782 | int (*f_psk)(void *, ssl_context *, const unsigned char *, size_t); |
ansond | 0:137634ff4186 | 783 | void *p_psk; /*!< context for PSK retrieval */ |
ansond | 0:137634ff4186 | 784 | #endif |
ansond | 0:137634ff4186 | 785 | |
ansond | 0:137634ff4186 | 786 | /* |
ansond | 0:137634ff4186 | 787 | * Session layer |
ansond | 0:137634ff4186 | 788 | */ |
ansond | 0:137634ff4186 | 789 | ssl_session *session_in; /*!< current session data (in) */ |
ansond | 0:137634ff4186 | 790 | ssl_session *session_out; /*!< current session data (out) */ |
ansond | 0:137634ff4186 | 791 | ssl_session *session; /*!< negotiated session data */ |
ansond | 0:137634ff4186 | 792 | ssl_session *session_negotiate; /*!< session data in negotiation */ |
ansond | 0:137634ff4186 | 793 | |
ansond | 0:137634ff4186 | 794 | ssl_handshake_params *handshake; /*!< params required only during |
ansond | 0:137634ff4186 | 795 | the handshake process */ |
ansond | 0:137634ff4186 | 796 | |
ansond | 0:137634ff4186 | 797 | /* |
ansond | 0:137634ff4186 | 798 | * Record layer transformations |
ansond | 0:137634ff4186 | 799 | */ |
ansond | 0:137634ff4186 | 800 | ssl_transform *transform_in; /*!< current transform params (in) */ |
ansond | 0:137634ff4186 | 801 | ssl_transform *transform_out; /*!< current transform params (in) */ |
ansond | 0:137634ff4186 | 802 | ssl_transform *transform; /*!< negotiated transform params */ |
ansond | 0:137634ff4186 | 803 | ssl_transform *transform_negotiate; /*!< transform params in negotiation */ |
ansond | 0:137634ff4186 | 804 | |
ansond | 0:137634ff4186 | 805 | /* |
ansond | 0:137634ff4186 | 806 | * Record layer (incoming data) |
ansond | 0:137634ff4186 | 807 | */ |
ansond | 0:137634ff4186 | 808 | unsigned char *in_ctr; /*!< 64-bit incoming message counter */ |
ansond | 0:137634ff4186 | 809 | unsigned char *in_hdr; /*!< 5-byte record header (in_ctr+8) */ |
ansond | 0:137634ff4186 | 810 | unsigned char *in_iv; /*!< ivlen-byte IV (in_hdr+5) */ |
ansond | 0:137634ff4186 | 811 | unsigned char *in_msg; /*!< message contents (in_iv+ivlen) */ |
ansond | 0:137634ff4186 | 812 | unsigned char *in_offt; /*!< read offset in application data */ |
ansond | 0:137634ff4186 | 813 | |
ansond | 0:137634ff4186 | 814 | int in_msgtype; /*!< record header: message type */ |
ansond | 0:137634ff4186 | 815 | size_t in_msglen; /*!< record header: message length */ |
ansond | 0:137634ff4186 | 816 | size_t in_left; /*!< amount of data read so far */ |
ansond | 0:137634ff4186 | 817 | |
ansond | 0:137634ff4186 | 818 | size_t in_hslen; /*!< current handshake message length */ |
ansond | 0:137634ff4186 | 819 | int nb_zero; /*!< # of 0-length encrypted messages */ |
ansond | 0:137634ff4186 | 820 | int record_read; /*!< record is already present */ |
ansond | 0:137634ff4186 | 821 | |
ansond | 0:137634ff4186 | 822 | /* |
ansond | 0:137634ff4186 | 823 | * Record layer (outgoing data) |
ansond | 0:137634ff4186 | 824 | */ |
ansond | 0:137634ff4186 | 825 | unsigned char *out_ctr; /*!< 64-bit outgoing message counter */ |
ansond | 0:137634ff4186 | 826 | unsigned char *out_hdr; /*!< 5-byte record header (out_ctr+8) */ |
ansond | 0:137634ff4186 | 827 | unsigned char *out_iv; /*!< ivlen-byte IV (out_hdr+5) */ |
ansond | 0:137634ff4186 | 828 | unsigned char *out_msg; /*!< message contents (out_iv+ivlen) */ |
ansond | 0:137634ff4186 | 829 | |
ansond | 0:137634ff4186 | 830 | int out_msgtype; /*!< record header: message type */ |
ansond | 0:137634ff4186 | 831 | size_t out_msglen; /*!< record header: message length */ |
ansond | 0:137634ff4186 | 832 | size_t out_left; /*!< amount of data not yet written */ |
ansond | 0:137634ff4186 | 833 | |
ansond | 0:137634ff4186 | 834 | #if defined(POLARSSL_ZLIB_SUPPORT) |
ansond | 0:137634ff4186 | 835 | unsigned char *compress_buf; /*!< zlib data buffer */ |
ansond | 0:137634ff4186 | 836 | #endif |
ansond | 0:137634ff4186 | 837 | #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) |
ansond | 0:137634ff4186 | 838 | unsigned char mfl_code; /*!< MaxFragmentLength chosen by us */ |
ansond | 0:137634ff4186 | 839 | #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ |
ansond | 0:137634ff4186 | 840 | #if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) |
ansond | 0:137634ff4186 | 841 | signed char split_done; /*!< flag for record splitting: |
ansond | 0:137634ff4186 | 842 | -1 disabled, 0 todo, 1 done */ |
ansond | 0:137634ff4186 | 843 | #endif |
ansond | 0:137634ff4186 | 844 | |
ansond | 0:137634ff4186 | 845 | /* |
ansond | 0:137634ff4186 | 846 | * PKI layer |
ansond | 0:137634ff4186 | 847 | */ |
ansond | 0:137634ff4186 | 848 | #if defined(POLARSSL_X509_CRT_PARSE_C) |
ansond | 0:137634ff4186 | 849 | ssl_key_cert *key_cert; /*!< own certificate(s)/key(s) */ |
ansond | 0:137634ff4186 | 850 | |
ansond | 0:137634ff4186 | 851 | x509_crt *ca_chain; /*!< own trusted CA chain */ |
ansond | 0:137634ff4186 | 852 | x509_crl *ca_crl; /*!< trusted CA CRLs */ |
ansond | 0:137634ff4186 | 853 | const char *peer_cn; /*!< expected peer CN */ |
ansond | 0:137634ff4186 | 854 | #endif /* POLARSSL_X509_CRT_PARSE_C */ |
ansond | 0:137634ff4186 | 855 | |
ansond | 0:137634ff4186 | 856 | /* |
ansond | 0:137634ff4186 | 857 | * Support for generating and checking session tickets |
ansond | 0:137634ff4186 | 858 | */ |
ansond | 0:137634ff4186 | 859 | #if defined(POLARSSL_SSL_SESSION_TICKETS) |
ansond | 0:137634ff4186 | 860 | ssl_ticket_keys *ticket_keys; /*!< keys for ticket encryption */ |
ansond | 0:137634ff4186 | 861 | #endif /* POLARSSL_SSL_SESSION_TICKETS */ |
ansond | 0:137634ff4186 | 862 | |
ansond | 0:137634ff4186 | 863 | /* |
ansond | 0:137634ff4186 | 864 | * User settings |
ansond | 0:137634ff4186 | 865 | */ |
ansond | 0:137634ff4186 | 866 | int endpoint; /*!< 0: client, 1: server */ |
ansond | 0:137634ff4186 | 867 | int authmode; /*!< verification mode */ |
ansond | 0:137634ff4186 | 868 | int client_auth; /*!< flag for client auth. */ |
ansond | 0:137634ff4186 | 869 | int verify_result; /*!< verification result */ |
ansond | 0:137634ff4186 | 870 | #if defined(POLARSSL_SSL_RENEGOTIATION) |
ansond | 0:137634ff4186 | 871 | int disable_renegotiation; /*!< enable/disable renegotiation */ |
ansond | 0:137634ff4186 | 872 | int renego_max_records; /*!< grace period for renegotiation */ |
ansond | 0:137634ff4186 | 873 | unsigned char renego_period[8]; /*!< value of the record counters |
ansond | 0:137634ff4186 | 874 | that triggers renegotiation */ |
ansond | 0:137634ff4186 | 875 | #endif |
ansond | 0:137634ff4186 | 876 | int allow_legacy_renegotiation; /*!< allow legacy renegotiation */ |
ansond | 0:137634ff4186 | 877 | const int *ciphersuite_list[4]; /*!< allowed ciphersuites / version */ |
ansond | 0:137634ff4186 | 878 | #if defined(POLARSSL_SSL_SET_CURVES) |
ansond | 0:137634ff4186 | 879 | const ecp_group_id *curve_list; /*!< allowed curves */ |
ansond | 0:137634ff4186 | 880 | #endif |
ansond | 0:137634ff4186 | 881 | #if defined(POLARSSL_SSL_TRUNCATED_HMAC) |
ansond | 0:137634ff4186 | 882 | int trunc_hmac; /*!< negotiate truncated hmac? */ |
ansond | 0:137634ff4186 | 883 | #endif |
ansond | 0:137634ff4186 | 884 | #if defined(POLARSSL_SSL_SESSION_TICKETS) |
ansond | 0:137634ff4186 | 885 | int session_tickets; /*!< use session tickets? */ |
ansond | 0:137634ff4186 | 886 | int ticket_lifetime; /*!< session ticket lifetime */ |
ansond | 0:137634ff4186 | 887 | #endif |
ansond | 0:137634ff4186 | 888 | |
ansond | 0:137634ff4186 | 889 | #if defined(POLARSSL_DHM_C) |
ansond | 0:137634ff4186 | 890 | mpi dhm_P; /*!< prime modulus for DHM */ |
ansond | 0:137634ff4186 | 891 | mpi dhm_G; /*!< generator for DHM */ |
ansond | 0:137634ff4186 | 892 | #endif |
ansond | 0:137634ff4186 | 893 | |
ansond | 0:137634ff4186 | 894 | #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) |
ansond | 0:137634ff4186 | 895 | /* |
ansond | 0:137634ff4186 | 896 | * PSK values |
ansond | 0:137634ff4186 | 897 | */ |
ansond | 0:137634ff4186 | 898 | unsigned char *psk; |
ansond | 0:137634ff4186 | 899 | size_t psk_len; |
ansond | 0:137634ff4186 | 900 | unsigned char *psk_identity; |
ansond | 0:137634ff4186 | 901 | size_t psk_identity_len; |
ansond | 0:137634ff4186 | 902 | #endif |
ansond | 0:137634ff4186 | 903 | |
ansond | 0:137634ff4186 | 904 | #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) |
ansond | 0:137634ff4186 | 905 | /* |
ansond | 0:137634ff4186 | 906 | * SNI extension |
ansond | 0:137634ff4186 | 907 | */ |
ansond | 0:137634ff4186 | 908 | unsigned char *hostname; |
ansond | 0:137634ff4186 | 909 | size_t hostname_len; |
ansond | 0:137634ff4186 | 910 | #endif |
ansond | 0:137634ff4186 | 911 | |
ansond | 0:137634ff4186 | 912 | #if defined(POLARSSL_SSL_ALPN) |
ansond | 0:137634ff4186 | 913 | /* |
ansond | 0:137634ff4186 | 914 | * ALPN extension |
ansond | 0:137634ff4186 | 915 | */ |
ansond | 0:137634ff4186 | 916 | const char **alpn_list; /*!< ordered list of supported protocols */ |
ansond | 0:137634ff4186 | 917 | const char *alpn_chosen; /*!< negotiated protocol */ |
ansond | 0:137634ff4186 | 918 | #endif |
ansond | 0:137634ff4186 | 919 | |
ansond | 0:137634ff4186 | 920 | /* |
ansond | 0:137634ff4186 | 921 | * Secure renegotiation |
ansond | 0:137634ff4186 | 922 | */ |
ansond | 0:137634ff4186 | 923 | int secure_renegotiation; /*!< does peer support legacy or |
ansond | 0:137634ff4186 | 924 | secure renegotiation */ |
ansond | 0:137634ff4186 | 925 | #if defined(POLARSSL_SSL_RENEGOTIATION) |
ansond | 0:137634ff4186 | 926 | size_t verify_data_len; /*!< length of verify data stored */ |
ansond | 0:137634ff4186 | 927 | char own_verify_data[SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ |
ansond | 0:137634ff4186 | 928 | char peer_verify_data[SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ |
ansond | 0:137634ff4186 | 929 | #endif |
ansond | 0:137634ff4186 | 930 | }; |
ansond | 0:137634ff4186 | 931 | |
ansond | 0:137634ff4186 | 932 | #if defined(POLARSSL_SSL_HW_RECORD_ACCEL) |
ansond | 0:137634ff4186 | 933 | |
ansond | 0:137634ff4186 | 934 | #define SSL_CHANNEL_OUTBOUND 0 |
ansond | 0:137634ff4186 | 935 | #define SSL_CHANNEL_INBOUND 1 |
ansond | 0:137634ff4186 | 936 | |
ansond | 0:137634ff4186 | 937 | extern int (*ssl_hw_record_init)(ssl_context *ssl, |
ansond | 0:137634ff4186 | 938 | const unsigned char *key_enc, const unsigned char *key_dec, |
ansond | 0:137634ff4186 | 939 | size_t keylen, |
ansond | 0:137634ff4186 | 940 | const unsigned char *iv_enc, const unsigned char *iv_dec, |
ansond | 0:137634ff4186 | 941 | size_t ivlen, |
ansond | 0:137634ff4186 | 942 | const unsigned char *mac_enc, const unsigned char *mac_dec, |
ansond | 0:137634ff4186 | 943 | size_t maclen); |
ansond | 0:137634ff4186 | 944 | extern int (*ssl_hw_record_activate)(ssl_context *ssl, int direction); |
ansond | 0:137634ff4186 | 945 | extern int (*ssl_hw_record_reset)(ssl_context *ssl); |
ansond | 0:137634ff4186 | 946 | extern int (*ssl_hw_record_write)(ssl_context *ssl); |
ansond | 0:137634ff4186 | 947 | extern int (*ssl_hw_record_read)(ssl_context *ssl); |
ansond | 0:137634ff4186 | 948 | extern int (*ssl_hw_record_finish)(ssl_context *ssl); |
ansond | 0:137634ff4186 | 949 | #endif /* POLARSSL_SSL_HW_RECORD_ACCEL */ |
ansond | 0:137634ff4186 | 950 | |
ansond | 0:137634ff4186 | 951 | /** |
ansond | 0:137634ff4186 | 952 | * \brief Returns the list of ciphersuites supported by the SSL/TLS module. |
ansond | 0:137634ff4186 | 953 | * |
ansond | 0:137634ff4186 | 954 | * \return a statically allocated array of ciphersuites, the last |
ansond | 0:137634ff4186 | 955 | * entry is 0. |
ansond | 0:137634ff4186 | 956 | */ |
ansond | 0:137634ff4186 | 957 | const int *ssl_list_ciphersuites( void ); |
ansond | 0:137634ff4186 | 958 | |
ansond | 0:137634ff4186 | 959 | /** |
ansond | 0:137634ff4186 | 960 | * \brief Return the name of the ciphersuite associated with the |
ansond | 0:137634ff4186 | 961 | * given ID |
ansond | 0:137634ff4186 | 962 | * |
ansond | 0:137634ff4186 | 963 | * \param ciphersuite_id SSL ciphersuite ID |
ansond | 0:137634ff4186 | 964 | * |
ansond | 0:137634ff4186 | 965 | * \return a string containing the ciphersuite name |
ansond | 0:137634ff4186 | 966 | */ |
ansond | 0:137634ff4186 | 967 | const char *ssl_get_ciphersuite_name( const int ciphersuite_id ); |
ansond | 0:137634ff4186 | 968 | |
ansond | 0:137634ff4186 | 969 | /** |
ansond | 0:137634ff4186 | 970 | * \brief Return the ID of the ciphersuite associated with the |
ansond | 0:137634ff4186 | 971 | * given name |
ansond | 0:137634ff4186 | 972 | * |
ansond | 0:137634ff4186 | 973 | * \param ciphersuite_name SSL ciphersuite name |
ansond | 0:137634ff4186 | 974 | * |
ansond | 0:137634ff4186 | 975 | * \return the ID with the ciphersuite or 0 if not found |
ansond | 0:137634ff4186 | 976 | */ |
ansond | 0:137634ff4186 | 977 | int ssl_get_ciphersuite_id( const char *ciphersuite_name ); |
ansond | 0:137634ff4186 | 978 | |
ansond | 0:137634ff4186 | 979 | /** |
ansond | 0:137634ff4186 | 980 | * \brief Initialize an SSL context |
ansond | 0:137634ff4186 | 981 | * (An individual SSL context is not thread-safe) |
ansond | 0:137634ff4186 | 982 | * |
ansond | 0:137634ff4186 | 983 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 984 | * |
ansond | 0:137634ff4186 | 985 | * \return 0 if successful, or POLARSSL_ERR_SSL_MALLOC_FAILED if |
ansond | 0:137634ff4186 | 986 | * memory allocation failed |
ansond | 0:137634ff4186 | 987 | */ |
ansond | 0:137634ff4186 | 988 | int ssl_init( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 989 | |
ansond | 0:137634ff4186 | 990 | /** |
ansond | 0:137634ff4186 | 991 | * \brief Reset an already initialized SSL context for re-use |
ansond | 0:137634ff4186 | 992 | * while retaining application-set variables, function |
ansond | 0:137634ff4186 | 993 | * pointers and data. |
ansond | 0:137634ff4186 | 994 | * |
ansond | 0:137634ff4186 | 995 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 996 | * \return 0 if successful, or POLASSL_ERR_SSL_MALLOC_FAILED, |
ansond | 0:137634ff4186 | 997 | POLARSSL_ERR_SSL_HW_ACCEL_FAILED or |
ansond | 0:137634ff4186 | 998 | * POLARSSL_ERR_SSL_COMPRESSION_FAILED |
ansond | 0:137634ff4186 | 999 | */ |
ansond | 0:137634ff4186 | 1000 | int ssl_session_reset( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1001 | |
ansond | 0:137634ff4186 | 1002 | /** |
ansond | 0:137634ff4186 | 1003 | * \brief Set the current endpoint type |
ansond | 0:137634ff4186 | 1004 | * |
ansond | 0:137634ff4186 | 1005 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1006 | * \param endpoint must be SSL_IS_CLIENT or SSL_IS_SERVER |
ansond | 0:137634ff4186 | 1007 | * |
ansond | 0:137634ff4186 | 1008 | * \note This function should be called right after ssl_init() since |
ansond | 0:137634ff4186 | 1009 | * some other ssl_set_foo() functions depend on it. |
ansond | 0:137634ff4186 | 1010 | */ |
ansond | 0:137634ff4186 | 1011 | void ssl_set_endpoint( ssl_context *ssl, int endpoint ); |
ansond | 0:137634ff4186 | 1012 | |
ansond | 0:137634ff4186 | 1013 | /** |
ansond | 0:137634ff4186 | 1014 | * \brief Set the certificate verification mode |
ansond | 0:137634ff4186 | 1015 | * |
ansond | 0:137634ff4186 | 1016 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1017 | * \param authmode can be: |
ansond | 0:137634ff4186 | 1018 | * |
ansond | 0:137634ff4186 | 1019 | * SSL_VERIFY_NONE: peer certificate is not checked (default), |
ansond | 0:137634ff4186 | 1020 | * this is insecure and SHOULD be avoided. |
ansond | 0:137634ff4186 | 1021 | * |
ansond | 0:137634ff4186 | 1022 | * SSL_VERIFY_OPTIONAL: peer certificate is checked, however the |
ansond | 0:137634ff4186 | 1023 | * handshake continues even if verification failed; |
ansond | 0:137634ff4186 | 1024 | * ssl_get_verify_result() can be called after the |
ansond | 0:137634ff4186 | 1025 | * handshake is complete. |
ansond | 0:137634ff4186 | 1026 | * |
ansond | 0:137634ff4186 | 1027 | * SSL_VERIFY_REQUIRED: peer *must* present a valid certificate, |
ansond | 0:137634ff4186 | 1028 | * handshake is aborted if verification failed. |
ansond | 0:137634ff4186 | 1029 | * |
ansond | 0:137634ff4186 | 1030 | * \note On client, SSL_VERIFY_REQUIRED is the recommended mode. |
ansond | 0:137634ff4186 | 1031 | * With SSL_VERIFY_OPTIONAL, the user needs to call ssl_get_verify_result() at |
ansond | 0:137634ff4186 | 1032 | * the right time(s), which may not be obvious, while REQUIRED always perform |
ansond | 0:137634ff4186 | 1033 | * the verification as soon as possible. For example, REQUIRED was protecting |
ansond | 0:137634ff4186 | 1034 | * against the "triple handshake" attack even before it was found. |
ansond | 0:137634ff4186 | 1035 | */ |
ansond | 0:137634ff4186 | 1036 | void ssl_set_authmode( ssl_context *ssl, int authmode ); |
ansond | 0:137634ff4186 | 1037 | |
ansond | 0:137634ff4186 | 1038 | #if defined(POLARSSL_X509_CRT_PARSE_C) |
ansond | 0:137634ff4186 | 1039 | /** |
ansond | 0:137634ff4186 | 1040 | * \brief Set the verification callback (Optional). |
ansond | 0:137634ff4186 | 1041 | * |
ansond | 0:137634ff4186 | 1042 | * If set, the verify callback is called for each |
ansond | 0:137634ff4186 | 1043 | * certificate in the chain. For implementation |
ansond | 0:137634ff4186 | 1044 | * information, please see \c x509parse_verify() |
ansond | 0:137634ff4186 | 1045 | * |
ansond | 0:137634ff4186 | 1046 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1047 | * \param f_vrfy verification function |
ansond | 0:137634ff4186 | 1048 | * \param p_vrfy verification parameter |
ansond | 0:137634ff4186 | 1049 | */ |
ansond | 0:137634ff4186 | 1050 | void ssl_set_verify( ssl_context *ssl, |
ansond | 0:137634ff4186 | 1051 | int (*f_vrfy)(void *, x509_crt *, int, int *), |
ansond | 0:137634ff4186 | 1052 | void *p_vrfy ); |
ansond | 0:137634ff4186 | 1053 | #endif /* POLARSSL_X509_CRT_PARSE_C */ |
ansond | 0:137634ff4186 | 1054 | |
ansond | 0:137634ff4186 | 1055 | /** |
ansond | 0:137634ff4186 | 1056 | * \brief Set the random number generator callback |
ansond | 0:137634ff4186 | 1057 | * |
ansond | 0:137634ff4186 | 1058 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1059 | * \param f_rng RNG function |
ansond | 0:137634ff4186 | 1060 | * \param p_rng RNG parameter |
ansond | 0:137634ff4186 | 1061 | */ |
ansond | 0:137634ff4186 | 1062 | void ssl_set_rng( ssl_context *ssl, |
ansond | 0:137634ff4186 | 1063 | int (*f_rng)(void *, unsigned char *, size_t), |
ansond | 0:137634ff4186 | 1064 | void *p_rng ); |
ansond | 0:137634ff4186 | 1065 | |
ansond | 0:137634ff4186 | 1066 | /** |
ansond | 0:137634ff4186 | 1067 | * \brief Set the debug callback |
ansond | 0:137634ff4186 | 1068 | * |
ansond | 0:137634ff4186 | 1069 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1070 | * \param f_dbg debug function |
ansond | 0:137634ff4186 | 1071 | * \param p_dbg debug parameter |
ansond | 0:137634ff4186 | 1072 | */ |
ansond | 0:137634ff4186 | 1073 | void ssl_set_dbg( ssl_context *ssl, |
ansond | 0:137634ff4186 | 1074 | void (*f_dbg)(void *, int, const char *), |
ansond | 0:137634ff4186 | 1075 | void *p_dbg ); |
ansond | 0:137634ff4186 | 1076 | |
ansond | 0:137634ff4186 | 1077 | /** |
ansond | 0:137634ff4186 | 1078 | * \brief Set the underlying BIO read and write callbacks |
ansond | 0:137634ff4186 | 1079 | * |
ansond | 0:137634ff4186 | 1080 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1081 | * \param f_recv read callback |
ansond | 0:137634ff4186 | 1082 | * \param p_recv read parameter |
ansond | 0:137634ff4186 | 1083 | * \param f_send write callback |
ansond | 0:137634ff4186 | 1084 | * \param p_send write parameter |
ansond | 0:137634ff4186 | 1085 | */ |
ansond | 0:137634ff4186 | 1086 | void ssl_set_bio( ssl_context *ssl, |
ansond | 0:137634ff4186 | 1087 | int (*f_recv)(void *, unsigned char *, size_t), void *p_recv, |
ansond | 0:137634ff4186 | 1088 | int (*f_send)(void *, const unsigned char *, size_t), void *p_send ); |
ansond | 0:137634ff4186 | 1089 | |
ansond | 0:137634ff4186 | 1090 | #if defined(POLARSSL_SSL_SRV_C) |
ansond | 0:137634ff4186 | 1091 | /** |
ansond | 0:137634ff4186 | 1092 | * \brief Set the session cache callbacks (server-side only) |
ansond | 0:137634ff4186 | 1093 | * If not set, no session resuming is done (except if session |
ansond | 0:137634ff4186 | 1094 | * tickets are enabled too). |
ansond | 0:137634ff4186 | 1095 | * |
ansond | 0:137634ff4186 | 1096 | * The session cache has the responsibility to check for stale |
ansond | 0:137634ff4186 | 1097 | * entries based on timeout. See RFC 5246 for recommendations. |
ansond | 0:137634ff4186 | 1098 | * |
ansond | 0:137634ff4186 | 1099 | * Warning: session.peer_cert is cleared by the SSL/TLS layer on |
ansond | 0:137634ff4186 | 1100 | * connection shutdown, so do not cache the pointer! Either set |
ansond | 0:137634ff4186 | 1101 | * it to NULL or make a full copy of the certificate. |
ansond | 0:137634ff4186 | 1102 | * |
ansond | 0:137634ff4186 | 1103 | * The get callback is called once during the initial handshake |
ansond | 0:137634ff4186 | 1104 | * to enable session resuming. The get function has the |
ansond | 0:137634ff4186 | 1105 | * following parameters: (void *parameter, ssl_session *session) |
ansond | 0:137634ff4186 | 1106 | * If a valid entry is found, it should fill the master of |
ansond | 0:137634ff4186 | 1107 | * the session object with the cached values and return 0, |
ansond | 0:137634ff4186 | 1108 | * return 1 otherwise. Optionally peer_cert can be set as well |
ansond | 0:137634ff4186 | 1109 | * if it is properly present in cache entry. |
ansond | 0:137634ff4186 | 1110 | * |
ansond | 0:137634ff4186 | 1111 | * The set callback is called once during the initial handshake |
ansond | 0:137634ff4186 | 1112 | * to enable session resuming after the entire handshake has |
ansond | 0:137634ff4186 | 1113 | * been finished. The set function has the following parameters: |
ansond | 0:137634ff4186 | 1114 | * (void *parameter, const ssl_session *session). The function |
ansond | 0:137634ff4186 | 1115 | * should create a cache entry for future retrieval based on |
ansond | 0:137634ff4186 | 1116 | * the data in the session structure and should keep in mind |
ansond | 0:137634ff4186 | 1117 | * that the ssl_session object presented (and all its referenced |
ansond | 0:137634ff4186 | 1118 | * data) is cleared by the SSL/TLS layer when the connection is |
ansond | 0:137634ff4186 | 1119 | * terminated. It is recommended to add metadata to determine if |
ansond | 0:137634ff4186 | 1120 | * an entry is still valid in the future. Return 0 if |
ansond | 0:137634ff4186 | 1121 | * successfully cached, return 1 otherwise. |
ansond | 0:137634ff4186 | 1122 | * |
ansond | 0:137634ff4186 | 1123 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1124 | * \param f_get_cache session get callback |
ansond | 0:137634ff4186 | 1125 | * \param p_get_cache session get parameter |
ansond | 0:137634ff4186 | 1126 | * \param f_set_cache session set callback |
ansond | 0:137634ff4186 | 1127 | * \param p_set_cache session set parameter |
ansond | 0:137634ff4186 | 1128 | */ |
ansond | 0:137634ff4186 | 1129 | void ssl_set_session_cache( ssl_context *ssl, |
ansond | 0:137634ff4186 | 1130 | int (*f_get_cache)(void *, ssl_session *), void *p_get_cache, |
ansond | 0:137634ff4186 | 1131 | int (*f_set_cache)(void *, const ssl_session *), void *p_set_cache ); |
ansond | 0:137634ff4186 | 1132 | #endif /* POLARSSL_SSL_SRV_C */ |
ansond | 0:137634ff4186 | 1133 | |
ansond | 0:137634ff4186 | 1134 | #if defined(POLARSSL_SSL_CLI_C) |
ansond | 0:137634ff4186 | 1135 | /** |
ansond | 0:137634ff4186 | 1136 | * \brief Request resumption of session (client-side only) |
ansond | 0:137634ff4186 | 1137 | * Session data is copied from presented session structure. |
ansond | 0:137634ff4186 | 1138 | * |
ansond | 0:137634ff4186 | 1139 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1140 | * \param session session context |
ansond | 0:137634ff4186 | 1141 | * |
ansond | 0:137634ff4186 | 1142 | * \return 0 if successful, |
ansond | 0:137634ff4186 | 1143 | * POLARSSL_ERR_SSL_MALLOC_FAILED if memory allocation failed, |
ansond | 0:137634ff4186 | 1144 | * POLARSSL_ERR_SSL_BAD_INPUT_DATA if used server-side or |
ansond | 0:137634ff4186 | 1145 | * arguments are otherwise invalid |
ansond | 0:137634ff4186 | 1146 | * |
ansond | 0:137634ff4186 | 1147 | * \sa ssl_get_session() |
ansond | 0:137634ff4186 | 1148 | */ |
ansond | 0:137634ff4186 | 1149 | int ssl_set_session( ssl_context *ssl, const ssl_session *session ); |
ansond | 0:137634ff4186 | 1150 | #endif /* POLARSSL_SSL_CLI_C */ |
ansond | 0:137634ff4186 | 1151 | |
ansond | 0:137634ff4186 | 1152 | /** |
ansond | 0:137634ff4186 | 1153 | * \brief Set the list of allowed ciphersuites and the preference |
ansond | 0:137634ff4186 | 1154 | * order. First in the list has the highest preference. |
ansond | 0:137634ff4186 | 1155 | * (Overrides all version specific lists) |
ansond | 0:137634ff4186 | 1156 | * |
ansond | 0:137634ff4186 | 1157 | * The ciphersuites array is not copied, and must remain |
ansond | 0:137634ff4186 | 1158 | * valid for the lifetime of the ssl_context. |
ansond | 0:137634ff4186 | 1159 | * |
ansond | 0:137634ff4186 | 1160 | * Note: The server uses its own preferences |
ansond | 0:137634ff4186 | 1161 | * over the preference of the client unless |
ansond | 0:137634ff4186 | 1162 | * POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined! |
ansond | 0:137634ff4186 | 1163 | * |
ansond | 0:137634ff4186 | 1164 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1165 | * \param ciphersuites 0-terminated list of allowed ciphersuites |
ansond | 0:137634ff4186 | 1166 | */ |
ansond | 0:137634ff4186 | 1167 | void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites ); |
ansond | 0:137634ff4186 | 1168 | |
ansond | 0:137634ff4186 | 1169 | /** |
ansond | 0:137634ff4186 | 1170 | * \brief Set the list of allowed ciphersuites and the |
ansond | 0:137634ff4186 | 1171 | * preference order for a specific version of the protocol. |
ansond | 0:137634ff4186 | 1172 | * (Only useful on the server side) |
ansond | 0:137634ff4186 | 1173 | * |
ansond | 0:137634ff4186 | 1174 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1175 | * \param ciphersuites 0-terminated list of allowed ciphersuites |
ansond | 0:137634ff4186 | 1176 | * \param major Major version number (only SSL_MAJOR_VERSION_3 |
ansond | 0:137634ff4186 | 1177 | * supported) |
ansond | 0:137634ff4186 | 1178 | * \param minor Minor version number (SSL_MINOR_VERSION_0, |
ansond | 0:137634ff4186 | 1179 | * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2, |
ansond | 0:137634ff4186 | 1180 | * SSL_MINOR_VERSION_3 supported) |
ansond | 0:137634ff4186 | 1181 | */ |
ansond | 0:137634ff4186 | 1182 | void ssl_set_ciphersuites_for_version( ssl_context *ssl, |
ansond | 0:137634ff4186 | 1183 | const int *ciphersuites, |
ansond | 0:137634ff4186 | 1184 | int major, int minor ); |
ansond | 0:137634ff4186 | 1185 | |
ansond | 0:137634ff4186 | 1186 | #if defined(POLARSSL_X509_CRT_PARSE_C) |
ansond | 0:137634ff4186 | 1187 | /** |
ansond | 0:137634ff4186 | 1188 | * \brief Set the data required to verify peer certificate |
ansond | 0:137634ff4186 | 1189 | * |
ansond | 0:137634ff4186 | 1190 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1191 | * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) |
ansond | 0:137634ff4186 | 1192 | * \param ca_crl trusted CA CRLs |
ansond | 0:137634ff4186 | 1193 | * \param peer_cn expected peer CommonName (or NULL) |
ansond | 0:137634ff4186 | 1194 | */ |
ansond | 0:137634ff4186 | 1195 | void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain, |
ansond | 0:137634ff4186 | 1196 | x509_crl *ca_crl, const char *peer_cn ); |
ansond | 0:137634ff4186 | 1197 | |
ansond | 0:137634ff4186 | 1198 | /** |
ansond | 0:137634ff4186 | 1199 | * \brief Set own certificate chain and private key |
ansond | 0:137634ff4186 | 1200 | * |
ansond | 0:137634ff4186 | 1201 | * \note own_cert should contain in order from the bottom up your |
ansond | 0:137634ff4186 | 1202 | * certificate chain. The top certificate (self-signed) |
ansond | 0:137634ff4186 | 1203 | * can be omitted. |
ansond | 0:137634ff4186 | 1204 | * |
ansond | 0:137634ff4186 | 1205 | * \note This function may be called more than once if you want to |
ansond | 0:137634ff4186 | 1206 | * support multiple certificates (eg, one using RSA and one |
ansond | 0:137634ff4186 | 1207 | * using ECDSA). However, on client, currently only the first |
ansond | 0:137634ff4186 | 1208 | * certificate is used (subsequent calls have no effect). |
ansond | 0:137634ff4186 | 1209 | * |
ansond | 0:137634ff4186 | 1210 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1211 | * \param own_cert own public certificate chain |
ansond | 0:137634ff4186 | 1212 | * \param pk_key own private key |
ansond | 0:137634ff4186 | 1213 | * |
ansond | 0:137634ff4186 | 1214 | * \return 0 on success or POLARSSL_ERR_SSL_MALLOC_FAILED |
ansond | 0:137634ff4186 | 1215 | */ |
ansond | 0:137634ff4186 | 1216 | int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert, |
ansond | 0:137634ff4186 | 1217 | pk_context *pk_key ); |
ansond | 0:137634ff4186 | 1218 | |
ansond | 0:137634ff4186 | 1219 | #if ! defined(POLARSSL_DEPRECATED_REMOVED) |
ansond | 0:137634ff4186 | 1220 | #if defined(POLARSSL_DEPRECATED_WARNING) |
ansond | 0:137634ff4186 | 1221 | #define DEPRECATED __attribute__((deprecated)) |
ansond | 0:137634ff4186 | 1222 | #else |
ansond | 0:137634ff4186 | 1223 | #define DEPRECATED |
ansond | 0:137634ff4186 | 1224 | #endif |
ansond | 0:137634ff4186 | 1225 | #if defined(POLARSSL_RSA_C) |
ansond | 0:137634ff4186 | 1226 | /** |
ansond | 0:137634ff4186 | 1227 | * \brief Set own certificate chain and private RSA key |
ansond | 0:137634ff4186 | 1228 | * |
ansond | 0:137634ff4186 | 1229 | * Note: own_cert should contain IN order from the bottom |
ansond | 0:137634ff4186 | 1230 | * up your certificate chain. The top certificate (self-signed) |
ansond | 0:137634ff4186 | 1231 | * can be omitted. |
ansond | 0:137634ff4186 | 1232 | * |
ansond | 0:137634ff4186 | 1233 | * \deprecated Please use \c ssl_set_own_cert() instead. |
ansond | 0:137634ff4186 | 1234 | * |
ansond | 0:137634ff4186 | 1235 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1236 | * \param own_cert own public certificate chain |
ansond | 0:137634ff4186 | 1237 | * \param rsa_key own private RSA key |
ansond | 0:137634ff4186 | 1238 | * |
ansond | 0:137634ff4186 | 1239 | * \return 0 on success, or a specific error code. |
ansond | 0:137634ff4186 | 1240 | */ |
ansond | 0:137634ff4186 | 1241 | int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert, |
ansond | 0:137634ff4186 | 1242 | rsa_context *rsa_key ) DEPRECATED; |
ansond | 0:137634ff4186 | 1243 | #endif /* POLARSSL_RSA_C */ |
ansond | 0:137634ff4186 | 1244 | |
ansond | 0:137634ff4186 | 1245 | /** |
ansond | 0:137634ff4186 | 1246 | * \brief Set own certificate and external RSA private |
ansond | 0:137634ff4186 | 1247 | * key and handling callbacks, such as the PKCS#11 wrappers |
ansond | 0:137634ff4186 | 1248 | * or any other external private key handler. |
ansond | 0:137634ff4186 | 1249 | * (see the respective RSA functions in rsa.h for documentation |
ansond | 0:137634ff4186 | 1250 | * of the callback parameters, with the only change being |
ansond | 0:137634ff4186 | 1251 | * that the rsa_context * is a void * in the callbacks) |
ansond | 0:137634ff4186 | 1252 | * |
ansond | 0:137634ff4186 | 1253 | * Note: own_cert should contain IN order from the bottom |
ansond | 0:137634ff4186 | 1254 | * up your certificate chain. The top certificate (self-signed) |
ansond | 0:137634ff4186 | 1255 | * can be omitted. |
ansond | 0:137634ff4186 | 1256 | * |
ansond | 0:137634ff4186 | 1257 | * \deprecated Please use \c pk_init_ctx_rsa_alt() |
ansond | 0:137634ff4186 | 1258 | * and \c ssl_set_own_cert() instead. |
ansond | 0:137634ff4186 | 1259 | * |
ansond | 0:137634ff4186 | 1260 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1261 | * \param own_cert own public certificate chain |
ansond | 0:137634ff4186 | 1262 | * \param rsa_key alternate implementation private RSA key |
ansond | 0:137634ff4186 | 1263 | * \param rsa_decrypt alternate implementation of \c rsa_pkcs1_decrypt() |
ansond | 0:137634ff4186 | 1264 | * \param rsa_sign alternate implementation of \c rsa_pkcs1_sign() |
ansond | 0:137634ff4186 | 1265 | * \param rsa_key_len function returning length of RSA key in bytes |
ansond | 0:137634ff4186 | 1266 | * |
ansond | 0:137634ff4186 | 1267 | * \return 0 on success, or a specific error code. |
ansond | 0:137634ff4186 | 1268 | */ |
ansond | 0:137634ff4186 | 1269 | int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, |
ansond | 0:137634ff4186 | 1270 | void *rsa_key, |
ansond | 0:137634ff4186 | 1271 | rsa_decrypt_func rsa_decrypt, |
ansond | 0:137634ff4186 | 1272 | rsa_sign_func rsa_sign, |
ansond | 0:137634ff4186 | 1273 | rsa_key_len_func rsa_key_len ) DEPRECATED; |
ansond | 0:137634ff4186 | 1274 | #undef DEPRECATED |
ansond | 0:137634ff4186 | 1275 | #endif /* POLARSSL_DEPRECATED_REMOVED */ |
ansond | 0:137634ff4186 | 1276 | #endif /* POLARSSL_X509_CRT_PARSE_C */ |
ansond | 0:137634ff4186 | 1277 | |
ansond | 0:137634ff4186 | 1278 | #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) |
ansond | 0:137634ff4186 | 1279 | /** |
ansond | 0:137634ff4186 | 1280 | * \brief Set the Pre Shared Key (PSK) and the identity name connected |
ansond | 0:137634ff4186 | 1281 | * to it. |
ansond | 0:137634ff4186 | 1282 | * |
ansond | 0:137634ff4186 | 1283 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1284 | * \param psk pointer to the pre-shared key |
ansond | 0:137634ff4186 | 1285 | * \param psk_len pre-shared key length |
ansond | 0:137634ff4186 | 1286 | * \param psk_identity pointer to the pre-shared key identity |
ansond | 0:137634ff4186 | 1287 | * \param psk_identity_len identity key length |
ansond | 0:137634ff4186 | 1288 | * |
ansond | 0:137634ff4186 | 1289 | * \return 0 if successful or POLARSSL_ERR_SSL_MALLOC_FAILED |
ansond | 0:137634ff4186 | 1290 | */ |
ansond | 0:137634ff4186 | 1291 | int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len, |
ansond | 0:137634ff4186 | 1292 | const unsigned char *psk_identity, size_t psk_identity_len ); |
ansond | 0:137634ff4186 | 1293 | |
ansond | 0:137634ff4186 | 1294 | /** |
ansond | 0:137634ff4186 | 1295 | * \brief Set the PSK callback (server-side only) (Optional). |
ansond | 0:137634ff4186 | 1296 | * |
ansond | 0:137634ff4186 | 1297 | * If set, the PSK callback is called for each |
ansond | 0:137634ff4186 | 1298 | * handshake where a PSK ciphersuite was negotiated. |
ansond | 0:137634ff4186 | 1299 | * The caller provides the identity received and wants to |
ansond | 0:137634ff4186 | 1300 | * receive the actual PSK data and length. |
ansond | 0:137634ff4186 | 1301 | * |
ansond | 0:137634ff4186 | 1302 | * The callback has the following parameters: (void *parameter, |
ansond | 0:137634ff4186 | 1303 | * ssl_context *ssl, const unsigned char *psk_identity, |
ansond | 0:137634ff4186 | 1304 | * size_t identity_len) |
ansond | 0:137634ff4186 | 1305 | * If a valid PSK identity is found, the callback should use |
ansond | 0:137634ff4186 | 1306 | * ssl_set_psk() on the ssl context to set the correct PSK and |
ansond | 0:137634ff4186 | 1307 | * identity and return 0. |
ansond | 0:137634ff4186 | 1308 | * Any other return value will result in a denied PSK identity. |
ansond | 0:137634ff4186 | 1309 | * |
ansond | 0:137634ff4186 | 1310 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1311 | * \param f_psk PSK identity function |
ansond | 0:137634ff4186 | 1312 | * \param p_psk PSK identity parameter |
ansond | 0:137634ff4186 | 1313 | */ |
ansond | 0:137634ff4186 | 1314 | void ssl_set_psk_cb( ssl_context *ssl, |
ansond | 0:137634ff4186 | 1315 | int (*f_psk)(void *, ssl_context *, const unsigned char *, |
ansond | 0:137634ff4186 | 1316 | size_t), |
ansond | 0:137634ff4186 | 1317 | void *p_psk ); |
ansond | 0:137634ff4186 | 1318 | #endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ |
ansond | 0:137634ff4186 | 1319 | |
ansond | 0:137634ff4186 | 1320 | #if defined(POLARSSL_DHM_C) |
ansond | 0:137634ff4186 | 1321 | /** |
ansond | 0:137634ff4186 | 1322 | * \brief Set the Diffie-Hellman public P and G values, |
ansond | 0:137634ff4186 | 1323 | * read as hexadecimal strings (server-side only) |
ansond | 0:137634ff4186 | 1324 | * (Default: POLARSSL_DHM_RFC5114_MODP_1024_[PG]) |
ansond | 0:137634ff4186 | 1325 | * |
ansond | 0:137634ff4186 | 1326 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1327 | * \param dhm_P Diffie-Hellman-Merkle modulus |
ansond | 0:137634ff4186 | 1328 | * \param dhm_G Diffie-Hellman-Merkle generator |
ansond | 0:137634ff4186 | 1329 | * |
ansond | 0:137634ff4186 | 1330 | * \return 0 if successful |
ansond | 0:137634ff4186 | 1331 | */ |
ansond | 0:137634ff4186 | 1332 | int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G ); |
ansond | 0:137634ff4186 | 1333 | |
ansond | 0:137634ff4186 | 1334 | /** |
ansond | 0:137634ff4186 | 1335 | * \brief Set the Diffie-Hellman public P and G values, |
ansond | 0:137634ff4186 | 1336 | * read from existing context (server-side only) |
ansond | 0:137634ff4186 | 1337 | * |
ansond | 0:137634ff4186 | 1338 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1339 | * \param dhm_ctx Diffie-Hellman-Merkle context |
ansond | 0:137634ff4186 | 1340 | * |
ansond | 0:137634ff4186 | 1341 | * \return 0 if successful |
ansond | 0:137634ff4186 | 1342 | */ |
ansond | 0:137634ff4186 | 1343 | int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx ); |
ansond | 0:137634ff4186 | 1344 | #endif /* POLARSSL_DHM_C */ |
ansond | 0:137634ff4186 | 1345 | |
ansond | 0:137634ff4186 | 1346 | #if defined(POLARSSL_SSL_SET_CURVES) |
ansond | 0:137634ff4186 | 1347 | /** |
ansond | 0:137634ff4186 | 1348 | * \brief Set the allowed curves in order of preference. |
ansond | 0:137634ff4186 | 1349 | * (Default: all defined curves.) |
ansond | 0:137634ff4186 | 1350 | * |
ansond | 0:137634ff4186 | 1351 | * On server: this only affects selection of the ECDHE curve; |
ansond | 0:137634ff4186 | 1352 | * the curves used for ECDH and ECDSA are determined by the |
ansond | 0:137634ff4186 | 1353 | * list of available certificates instead. |
ansond | 0:137634ff4186 | 1354 | * |
ansond | 0:137634ff4186 | 1355 | * On client: this affects the list of curves offered for any |
ansond | 0:137634ff4186 | 1356 | * use. The server can override our preference order. |
ansond | 0:137634ff4186 | 1357 | * |
ansond | 0:137634ff4186 | 1358 | * Both sides: limits the set of curves used by peer to the |
ansond | 0:137634ff4186 | 1359 | * listed curves for any use (ECDH(E), certificates). |
ansond | 0:137634ff4186 | 1360 | * |
ansond | 0:137634ff4186 | 1361 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1362 | * \param curves Ordered list of allowed curves, |
ansond | 0:137634ff4186 | 1363 | * terminated by POLARSSL_ECP_DP_NONE. |
ansond | 0:137634ff4186 | 1364 | */ |
ansond | 0:137634ff4186 | 1365 | void ssl_set_curves( ssl_context *ssl, const ecp_group_id *curves ); |
ansond | 0:137634ff4186 | 1366 | #endif /* POLARSSL_SSL_SET_CURVES */ |
ansond | 0:137634ff4186 | 1367 | |
ansond | 0:137634ff4186 | 1368 | #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) |
ansond | 0:137634ff4186 | 1369 | /** |
ansond | 0:137634ff4186 | 1370 | * \brief Set hostname for ServerName TLS extension |
ansond | 0:137634ff4186 | 1371 | * (client-side only) |
ansond | 0:137634ff4186 | 1372 | * |
ansond | 0:137634ff4186 | 1373 | * |
ansond | 0:137634ff4186 | 1374 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1375 | * \param hostname the server hostname |
ansond | 0:137634ff4186 | 1376 | * |
ansond | 0:137634ff4186 | 1377 | * \return 0 if successful or POLARSSL_ERR_SSL_MALLOC_FAILED |
ansond | 0:137634ff4186 | 1378 | */ |
ansond | 0:137634ff4186 | 1379 | int ssl_set_hostname( ssl_context *ssl, const char *hostname ); |
ansond | 0:137634ff4186 | 1380 | |
ansond | 0:137634ff4186 | 1381 | /** |
ansond | 0:137634ff4186 | 1382 | * \brief Set server side ServerName TLS extension callback |
ansond | 0:137634ff4186 | 1383 | * (optional, server-side only). |
ansond | 0:137634ff4186 | 1384 | * |
ansond | 0:137634ff4186 | 1385 | * If set, the ServerName callback is called whenever the |
ansond | 0:137634ff4186 | 1386 | * server receives a ServerName TLS extension from the client |
ansond | 0:137634ff4186 | 1387 | * during a handshake. The ServerName callback has the |
ansond | 0:137634ff4186 | 1388 | * following parameters: (void *parameter, ssl_context *ssl, |
ansond | 0:137634ff4186 | 1389 | * const unsigned char *hostname, size_t len). If a suitable |
ansond | 0:137634ff4186 | 1390 | * certificate is found, the callback should set the |
ansond | 0:137634ff4186 | 1391 | * certificate and key to use with ssl_set_own_cert() (and |
ansond | 0:137634ff4186 | 1392 | * possibly adjust the CA chain as well) and return 0. The |
ansond | 0:137634ff4186 | 1393 | * callback should return -1 to abort the handshake at this |
ansond | 0:137634ff4186 | 1394 | * point. |
ansond | 0:137634ff4186 | 1395 | * |
ansond | 0:137634ff4186 | 1396 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1397 | * \param f_sni verification function |
ansond | 0:137634ff4186 | 1398 | * \param p_sni verification parameter |
ansond | 0:137634ff4186 | 1399 | */ |
ansond | 0:137634ff4186 | 1400 | void ssl_set_sni( ssl_context *ssl, |
ansond | 0:137634ff4186 | 1401 | int (*f_sni)(void *, ssl_context *, const unsigned char *, |
ansond | 0:137634ff4186 | 1402 | size_t), |
ansond | 0:137634ff4186 | 1403 | void *p_sni ); |
ansond | 0:137634ff4186 | 1404 | #endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */ |
ansond | 0:137634ff4186 | 1405 | |
ansond | 0:137634ff4186 | 1406 | #if defined(POLARSSL_SSL_ALPN) |
ansond | 0:137634ff4186 | 1407 | /** |
ansond | 0:137634ff4186 | 1408 | * \brief Set the supported Application Layer Protocols. |
ansond | 0:137634ff4186 | 1409 | * |
ansond | 0:137634ff4186 | 1410 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1411 | * \param protos NULL-terminated list of supported protocols, |
ansond | 0:137634ff4186 | 1412 | * in decreasing preference order. |
ansond | 0:137634ff4186 | 1413 | * |
ansond | 0:137634ff4186 | 1414 | * \return 0 on success, or POLARSSL_ERR_SSL_BAD_INPUT_DATA. |
ansond | 0:137634ff4186 | 1415 | */ |
ansond | 0:137634ff4186 | 1416 | int ssl_set_alpn_protocols( ssl_context *ssl, const char **protos ); |
ansond | 0:137634ff4186 | 1417 | |
ansond | 0:137634ff4186 | 1418 | /** |
ansond | 0:137634ff4186 | 1419 | * \brief Get the name of the negotiated Application Layer Protocol. |
ansond | 0:137634ff4186 | 1420 | * This function should be called after the handshake is |
ansond | 0:137634ff4186 | 1421 | * completed. |
ansond | 0:137634ff4186 | 1422 | * |
ansond | 0:137634ff4186 | 1423 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1424 | * |
ansond | 0:137634ff4186 | 1425 | * \return Protcol name, or NULL if no protocol was negotiated. |
ansond | 0:137634ff4186 | 1426 | */ |
ansond | 0:137634ff4186 | 1427 | const char *ssl_get_alpn_protocol( const ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1428 | #endif /* POLARSSL_SSL_ALPN */ |
ansond | 0:137634ff4186 | 1429 | |
ansond | 0:137634ff4186 | 1430 | /** |
ansond | 0:137634ff4186 | 1431 | * \brief Set the maximum supported version sent from the client side |
ansond | 0:137634ff4186 | 1432 | * and/or accepted at the server side |
ansond | 0:137634ff4186 | 1433 | * (Default: SSL_MAX_MAJOR_VERSION, SSL_MAX_MINOR_VERSION) |
ansond | 0:137634ff4186 | 1434 | * |
ansond | 0:137634ff4186 | 1435 | * Note: This ignores ciphersuites from 'higher' versions. |
ansond | 0:137634ff4186 | 1436 | * Note: Input outside of the SSL_MAX_XXXXX_VERSION and |
ansond | 0:137634ff4186 | 1437 | * SSL_MIN_XXXXX_VERSION range is ignored. |
ansond | 0:137634ff4186 | 1438 | * |
ansond | 0:137634ff4186 | 1439 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1440 | * \param major Major version number (only SSL_MAJOR_VERSION_3 supported) |
ansond | 0:137634ff4186 | 1441 | * \param minor Minor version number (SSL_MINOR_VERSION_0, |
ansond | 0:137634ff4186 | 1442 | * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2, |
ansond | 0:137634ff4186 | 1443 | * SSL_MINOR_VERSION_3 supported) |
ansond | 0:137634ff4186 | 1444 | */ |
ansond | 0:137634ff4186 | 1445 | void ssl_set_max_version( ssl_context *ssl, int major, int minor ); |
ansond | 0:137634ff4186 | 1446 | |
ansond | 0:137634ff4186 | 1447 | /** |
ansond | 0:137634ff4186 | 1448 | * \brief Set the minimum accepted SSL/TLS protocol version |
ansond | 0:137634ff4186 | 1449 | * (Default: SSL_MIN_MAJOR_VERSION, SSL_MIN_MINOR_VERSION) |
ansond | 0:137634ff4186 | 1450 | * |
ansond | 0:137634ff4186 | 1451 | * \note Input outside of the SSL_MAX_XXXXX_VERSION and |
ansond | 0:137634ff4186 | 1452 | * SSL_MIN_XXXXX_VERSION range is ignored. |
ansond | 0:137634ff4186 | 1453 | * |
ansond | 0:137634ff4186 | 1454 | * \note SSL_MINOR_VERSION_0 (SSL v3) should be avoided. |
ansond | 0:137634ff4186 | 1455 | * |
ansond | 0:137634ff4186 | 1456 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1457 | * \param major Major version number (only SSL_MAJOR_VERSION_3 supported) |
ansond | 0:137634ff4186 | 1458 | * \param minor Minor version number (SSL_MINOR_VERSION_0, |
ansond | 0:137634ff4186 | 1459 | * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2, |
ansond | 0:137634ff4186 | 1460 | * SSL_MINOR_VERSION_3 supported) |
ansond | 0:137634ff4186 | 1461 | */ |
ansond | 0:137634ff4186 | 1462 | void ssl_set_min_version( ssl_context *ssl, int major, int minor ); |
ansond | 0:137634ff4186 | 1463 | |
ansond | 0:137634ff4186 | 1464 | #if defined(POLARSSL_SSL_FALLBACK_SCSV) && defined(POLARSSL_SSL_CLI_C) |
ansond | 0:137634ff4186 | 1465 | /** |
ansond | 0:137634ff4186 | 1466 | * \brief Set the fallback flag (client-side only). |
ansond | 0:137634ff4186 | 1467 | * (Default: SSL_IS_NOT_FALLBACK). |
ansond | 0:137634ff4186 | 1468 | * |
ansond | 0:137634ff4186 | 1469 | * \note Set to SSL_IS_FALLBACK when preparing a fallback |
ansond | 0:137634ff4186 | 1470 | * connection, that is a connection with max_version set to a |
ansond | 0:137634ff4186 | 1471 | * lower value than the value you're willing to use. Such |
ansond | 0:137634ff4186 | 1472 | * fallback connections are not recommended but are sometimes |
ansond | 0:137634ff4186 | 1473 | * necessary to interoperate with buggy (version-intolerant) |
ansond | 0:137634ff4186 | 1474 | * servers. |
ansond | 0:137634ff4186 | 1475 | * |
ansond | 0:137634ff4186 | 1476 | * \warning You should NOT set this to SSL_IS_FALLBACK for |
ansond | 0:137634ff4186 | 1477 | * non-fallback connections! This would appear to work for a |
ansond | 0:137634ff4186 | 1478 | * while, then cause failures when the server is upgraded to |
ansond | 0:137634ff4186 | 1479 | * support a newer TLS version. |
ansond | 0:137634ff4186 | 1480 | * |
ansond | 0:137634ff4186 | 1481 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1482 | * \param fallback SSL_IS_NOT_FALLBACK or SSL_IS_FALLBACK |
ansond | 0:137634ff4186 | 1483 | */ |
ansond | 0:137634ff4186 | 1484 | void ssl_set_fallback( ssl_context *ssl, char fallback ); |
ansond | 0:137634ff4186 | 1485 | #endif /* POLARSSL_SSL_FALLBACK_SCSV && POLARSSL_SSL_CLI_C */ |
ansond | 0:137634ff4186 | 1486 | |
ansond | 0:137634ff4186 | 1487 | #if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) |
ansond | 0:137634ff4186 | 1488 | /** |
ansond | 0:137634ff4186 | 1489 | * \brief Enable or disable Encrypt-then-MAC |
ansond | 0:137634ff4186 | 1490 | * (Default: SSL_ETM_ENABLED) |
ansond | 0:137634ff4186 | 1491 | * |
ansond | 0:137634ff4186 | 1492 | * \note This should always be enabled, it is a security |
ansond | 0:137634ff4186 | 1493 | * improvement, and should not cause any interoperability |
ansond | 0:137634ff4186 | 1494 | * issue (used only if the peer supports it too). |
ansond | 0:137634ff4186 | 1495 | * |
ansond | 0:137634ff4186 | 1496 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1497 | * \param etm SSL_ETM_ENABLED or SSL_ETM_DISABLED |
ansond | 0:137634ff4186 | 1498 | */ |
ansond | 0:137634ff4186 | 1499 | void ssl_set_encrypt_then_mac( ssl_context *ssl, char etm ); |
ansond | 0:137634ff4186 | 1500 | #endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */ |
ansond | 0:137634ff4186 | 1501 | |
ansond | 0:137634ff4186 | 1502 | #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) |
ansond | 0:137634ff4186 | 1503 | /** |
ansond | 0:137634ff4186 | 1504 | * \brief Enable or disable Extended Master Secret negotiation. |
ansond | 0:137634ff4186 | 1505 | * (Default: SSL_EXTENDED_MS_ENABLED) |
ansond | 0:137634ff4186 | 1506 | * |
ansond | 0:137634ff4186 | 1507 | * \note This should always be enabled, it is a security fix to the |
ansond | 0:137634ff4186 | 1508 | * protocol, and should not cause any interoperability issue |
ansond | 0:137634ff4186 | 1509 | * (used only if the peer supports it too). |
ansond | 0:137634ff4186 | 1510 | * |
ansond | 0:137634ff4186 | 1511 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1512 | * \param ems SSL_EXTENDED_MS_ENABLED or SSL_EXTENDED_MS_DISABLED |
ansond | 0:137634ff4186 | 1513 | */ |
ansond | 0:137634ff4186 | 1514 | void ssl_set_extended_master_secret( ssl_context *ssl, char ems ); |
ansond | 0:137634ff4186 | 1515 | #endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */ |
ansond | 0:137634ff4186 | 1516 | |
ansond | 0:137634ff4186 | 1517 | /** |
ansond | 0:137634ff4186 | 1518 | * \brief Disable or enable support for RC4 |
ansond | 0:137634ff4186 | 1519 | * (Default: SSL_ARC4_ENABLED) |
ansond | 0:137634ff4186 | 1520 | * |
ansond | 0:137634ff4186 | 1521 | * \note Though the default is RC4 for compatibility reasons in the |
ansond | 0:137634ff4186 | 1522 | * 1.3 branch, the recommended value is SSL_ARC4_DISABLED. |
ansond | 0:137634ff4186 | 1523 | * |
ansond | 0:137634ff4186 | 1524 | * \note This function will likely be removed in future versions as |
ansond | 0:137634ff4186 | 1525 | * RC4 will then be disabled by default at compile time. |
ansond | 0:137634ff4186 | 1526 | * |
ansond | 0:137634ff4186 | 1527 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1528 | * \param arc4 SSL_ARC4_ENABLED or SSL_ARC4_DISABLED |
ansond | 0:137634ff4186 | 1529 | */ |
ansond | 0:137634ff4186 | 1530 | void ssl_set_arc4_support( ssl_context *ssl, char arc4 ); |
ansond | 0:137634ff4186 | 1531 | |
ansond | 0:137634ff4186 | 1532 | #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) |
ansond | 0:137634ff4186 | 1533 | /** |
ansond | 0:137634ff4186 | 1534 | * \brief Set the maximum fragment length to emit and/or negotiate |
ansond | 0:137634ff4186 | 1535 | * (Default: SSL_MAX_CONTENT_LEN, usually 2^14 bytes) |
ansond | 0:137634ff4186 | 1536 | * (Server: set maximum fragment length to emit, |
ansond | 0:137634ff4186 | 1537 | * usually negotiated by the client during handshake |
ansond | 0:137634ff4186 | 1538 | * (Client: set maximum fragment length to emit *and* |
ansond | 0:137634ff4186 | 1539 | * negotiate with the server during handshake) |
ansond | 0:137634ff4186 | 1540 | * |
ansond | 0:137634ff4186 | 1541 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1542 | * \param mfl_code Code for maximum fragment length (allowed values: |
ansond | 0:137634ff4186 | 1543 | * SSL_MAX_FRAG_LEN_512, SSL_MAX_FRAG_LEN_1024, |
ansond | 0:137634ff4186 | 1544 | * SSL_MAX_FRAG_LEN_2048, SSL_MAX_FRAG_LEN_4096) |
ansond | 0:137634ff4186 | 1545 | * |
ansond | 0:137634ff4186 | 1546 | * \return 0 if successful or POLARSSL_ERR_SSL_BAD_INPUT_DATA |
ansond | 0:137634ff4186 | 1547 | */ |
ansond | 0:137634ff4186 | 1548 | int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code ); |
ansond | 0:137634ff4186 | 1549 | #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ |
ansond | 0:137634ff4186 | 1550 | |
ansond | 0:137634ff4186 | 1551 | #if defined(POLARSSL_SSL_TRUNCATED_HMAC) |
ansond | 0:137634ff4186 | 1552 | /** |
ansond | 0:137634ff4186 | 1553 | * \brief Activate negotiation of truncated HMAC |
ansond | 0:137634ff4186 | 1554 | * (Default: SSL_TRUNC_HMAC_DISABLED on client, |
ansond | 0:137634ff4186 | 1555 | * SSL_TRUNC_HMAC_ENABLED on server.) |
ansond | 0:137634ff4186 | 1556 | * |
ansond | 0:137634ff4186 | 1557 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1558 | * \param truncate Enable or disable (SSL_TRUNC_HMAC_ENABLED or |
ansond | 0:137634ff4186 | 1559 | * SSL_TRUNC_HMAC_DISABLED) |
ansond | 0:137634ff4186 | 1560 | * |
ansond | 0:137634ff4186 | 1561 | * \return Always 0. |
ansond | 0:137634ff4186 | 1562 | */ |
ansond | 0:137634ff4186 | 1563 | int ssl_set_truncated_hmac( ssl_context *ssl, int truncate ); |
ansond | 0:137634ff4186 | 1564 | #endif /* POLARSSL_SSL_TRUNCATED_HMAC */ |
ansond | 0:137634ff4186 | 1565 | |
ansond | 0:137634ff4186 | 1566 | #if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) |
ansond | 0:137634ff4186 | 1567 | /** |
ansond | 0:137634ff4186 | 1568 | * \brief Enable / Disable 1/n-1 record splitting |
ansond | 0:137634ff4186 | 1569 | * (Default: SSL_CBC_RECORD_SPLITTING_ENABLED) |
ansond | 0:137634ff4186 | 1570 | * |
ansond | 0:137634ff4186 | 1571 | * \note Only affects SSLv3 and TLS 1.0, not higher versions. |
ansond | 0:137634ff4186 | 1572 | * Does not affect non-CBC ciphersuites in any version. |
ansond | 0:137634ff4186 | 1573 | * |
ansond | 0:137634ff4186 | 1574 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1575 | * \param split SSL_CBC_RECORD_SPLITTING_ENABLED or |
ansond | 0:137634ff4186 | 1576 | * SSL_CBC_RECORD_SPLITTING_DISABLED |
ansond | 0:137634ff4186 | 1577 | */ |
ansond | 0:137634ff4186 | 1578 | void ssl_set_cbc_record_splitting( ssl_context *ssl, char split ); |
ansond | 0:137634ff4186 | 1579 | #endif /* POLARSSL_SSL_CBC_RECORD_SPLITTING */ |
ansond | 0:137634ff4186 | 1580 | |
ansond | 0:137634ff4186 | 1581 | #if defined(POLARSSL_SSL_SESSION_TICKETS) |
ansond | 0:137634ff4186 | 1582 | /** |
ansond | 0:137634ff4186 | 1583 | * \brief Enable / Disable session tickets |
ansond | 0:137634ff4186 | 1584 | * (Default: SSL_SESSION_TICKETS_ENABLED on client, |
ansond | 0:137634ff4186 | 1585 | * SSL_SESSION_TICKETS_DISABLED on server) |
ansond | 0:137634ff4186 | 1586 | * |
ansond | 0:137634ff4186 | 1587 | * \note On server, ssl_set_rng() must be called before this function |
ansond | 0:137634ff4186 | 1588 | * to allow generating the ticket encryption and |
ansond | 0:137634ff4186 | 1589 | * authentication keys. |
ansond | 0:137634ff4186 | 1590 | * |
ansond | 0:137634ff4186 | 1591 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1592 | * \param use_tickets Enable or disable (SSL_SESSION_TICKETS_ENABLED or |
ansond | 0:137634ff4186 | 1593 | * SSL_SESSION_TICKETS_DISABLED) |
ansond | 0:137634ff4186 | 1594 | * |
ansond | 0:137634ff4186 | 1595 | * \return 0 if successful, |
ansond | 0:137634ff4186 | 1596 | * or a specific error code (server only). |
ansond | 0:137634ff4186 | 1597 | */ |
ansond | 0:137634ff4186 | 1598 | int ssl_set_session_tickets( ssl_context *ssl, int use_tickets ); |
ansond | 0:137634ff4186 | 1599 | |
ansond | 0:137634ff4186 | 1600 | /** |
ansond | 0:137634ff4186 | 1601 | * \brief Set session ticket lifetime (server only) |
ansond | 0:137634ff4186 | 1602 | * (Default: SSL_DEFAULT_TICKET_LIFETIME (86400 secs / 1 day)) |
ansond | 0:137634ff4186 | 1603 | * |
ansond | 0:137634ff4186 | 1604 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1605 | * \param lifetime session ticket lifetime |
ansond | 0:137634ff4186 | 1606 | */ |
ansond | 0:137634ff4186 | 1607 | void ssl_set_session_ticket_lifetime( ssl_context *ssl, int lifetime ); |
ansond | 0:137634ff4186 | 1608 | #endif /* POLARSSL_SSL_SESSION_TICKETS */ |
ansond | 0:137634ff4186 | 1609 | |
ansond | 0:137634ff4186 | 1610 | #if defined(POLARSSL_SSL_RENEGOTIATION) |
ansond | 0:137634ff4186 | 1611 | /** |
ansond | 0:137634ff4186 | 1612 | * \brief Enable / Disable renegotiation support for connection when |
ansond | 0:137634ff4186 | 1613 | * initiated by peer |
ansond | 0:137634ff4186 | 1614 | * (Default: SSL_RENEGOTIATION_DISABLED) |
ansond | 0:137634ff4186 | 1615 | * |
ansond | 0:137634ff4186 | 1616 | * Note: A server with support enabled is more vulnerable for a |
ansond | 0:137634ff4186 | 1617 | * resource DoS by a malicious client. You should enable this on |
ansond | 0:137634ff4186 | 1618 | * a client to enable server-initiated renegotiation. |
ansond | 0:137634ff4186 | 1619 | * |
ansond | 0:137634ff4186 | 1620 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1621 | * \param renegotiation Enable or disable (SSL_RENEGOTIATION_ENABLED or |
ansond | 0:137634ff4186 | 1622 | * SSL_RENEGOTIATION_DISABLED) |
ansond | 0:137634ff4186 | 1623 | */ |
ansond | 0:137634ff4186 | 1624 | void ssl_set_renegotiation( ssl_context *ssl, int renegotiation ); |
ansond | 0:137634ff4186 | 1625 | #endif /* POLARSSL_SSL_RENEGOTIATION */ |
ansond | 0:137634ff4186 | 1626 | |
ansond | 0:137634ff4186 | 1627 | /** |
ansond | 0:137634ff4186 | 1628 | * \brief Prevent or allow legacy renegotiation. |
ansond | 0:137634ff4186 | 1629 | * (Default: SSL_LEGACY_NO_RENEGOTIATION) |
ansond | 0:137634ff4186 | 1630 | * |
ansond | 0:137634ff4186 | 1631 | * SSL_LEGACY_NO_RENEGOTIATION allows connections to |
ansond | 0:137634ff4186 | 1632 | * be established even if the peer does not support |
ansond | 0:137634ff4186 | 1633 | * secure renegotiation, but does not allow renegotiation |
ansond | 0:137634ff4186 | 1634 | * to take place if not secure. |
ansond | 0:137634ff4186 | 1635 | * (Interoperable and secure option) |
ansond | 0:137634ff4186 | 1636 | * |
ansond | 0:137634ff4186 | 1637 | * SSL_LEGACY_ALLOW_RENEGOTIATION allows renegotiations |
ansond | 0:137634ff4186 | 1638 | * with non-upgraded peers. Allowing legacy renegotiation |
ansond | 0:137634ff4186 | 1639 | * makes the connection vulnerable to specific man in the |
ansond | 0:137634ff4186 | 1640 | * middle attacks. (See RFC 5746) |
ansond | 0:137634ff4186 | 1641 | * (Most interoperable and least secure option) |
ansond | 0:137634ff4186 | 1642 | * |
ansond | 0:137634ff4186 | 1643 | * SSL_LEGACY_BREAK_HANDSHAKE breaks off connections |
ansond | 0:137634ff4186 | 1644 | * if peer does not support secure renegotiation. Results |
ansond | 0:137634ff4186 | 1645 | * in interoperability issues with non-upgraded peers |
ansond | 0:137634ff4186 | 1646 | * that do not support renegotiation altogether. |
ansond | 0:137634ff4186 | 1647 | * (Most secure option, interoperability issues) |
ansond | 0:137634ff4186 | 1648 | * |
ansond | 0:137634ff4186 | 1649 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1650 | * \param allow_legacy Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION, |
ansond | 0:137634ff4186 | 1651 | * SSL_ALLOW_LEGACY_RENEGOTIATION or |
ansond | 0:137634ff4186 | 1652 | * SSL_LEGACY_BREAK_HANDSHAKE) |
ansond | 0:137634ff4186 | 1653 | */ |
ansond | 0:137634ff4186 | 1654 | void ssl_legacy_renegotiation( ssl_context *ssl, int allow_legacy ); |
ansond | 0:137634ff4186 | 1655 | |
ansond | 0:137634ff4186 | 1656 | #if defined(POLARSSL_SSL_RENEGOTIATION) |
ansond | 0:137634ff4186 | 1657 | /** |
ansond | 0:137634ff4186 | 1658 | * \brief Enforce requested renegotiation. |
ansond | 0:137634ff4186 | 1659 | * (Default: enforced, max_records = 16) |
ansond | 0:137634ff4186 | 1660 | * |
ansond | 0:137634ff4186 | 1661 | * When we request a renegotiation, the peer can comply or |
ansond | 0:137634ff4186 | 1662 | * ignore the request. This function allows us to decide |
ansond | 0:137634ff4186 | 1663 | * whether to enforce our renegotiation requests by closing |
ansond | 0:137634ff4186 | 1664 | * the connection if the peer doesn't comply. |
ansond | 0:137634ff4186 | 1665 | * |
ansond | 0:137634ff4186 | 1666 | * However, records could already be in transit from the peer |
ansond | 0:137634ff4186 | 1667 | * when the request is emitted. In order to increase |
ansond | 0:137634ff4186 | 1668 | * reliability, we can accept a number of records before the |
ansond | 0:137634ff4186 | 1669 | * expected handshake records. |
ansond | 0:137634ff4186 | 1670 | * |
ansond | 0:137634ff4186 | 1671 | * The optimal value is highly dependent on the specific usage |
ansond | 0:137634ff4186 | 1672 | * scenario. |
ansond | 0:137634ff4186 | 1673 | * |
ansond | 0:137634ff4186 | 1674 | * \warning On client, the grace period can only happen during |
ansond | 0:137634ff4186 | 1675 | * ssl_read(), as opposed to ssl_write() and ssl_renegotiate() |
ansond | 0:137634ff4186 | 1676 | * which always behave as if max_record was 0. The reason is, |
ansond | 0:137634ff4186 | 1677 | * if we receive application data from the server, we need a |
ansond | 0:137634ff4186 | 1678 | * place to write it, which only happens during ssl_read(). |
ansond | 0:137634ff4186 | 1679 | * |
ansond | 0:137634ff4186 | 1680 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1681 | * \param max_records Use SSL_RENEGOTIATION_NOT_ENFORCED if you don't want to |
ansond | 0:137634ff4186 | 1682 | * enforce renegotiation, or a non-negative value to enforce |
ansond | 0:137634ff4186 | 1683 | * it but allow for a grace period of max_records records. |
ansond | 0:137634ff4186 | 1684 | */ |
ansond | 0:137634ff4186 | 1685 | void ssl_set_renegotiation_enforced( ssl_context *ssl, int max_records ); |
ansond | 0:137634ff4186 | 1686 | |
ansond | 0:137634ff4186 | 1687 | /** |
ansond | 0:137634ff4186 | 1688 | * \brief Set record counter threshold for periodic renegotiation. |
ansond | 0:137634ff4186 | 1689 | * (Default: 2^64 - 256.) |
ansond | 0:137634ff4186 | 1690 | * |
ansond | 0:137634ff4186 | 1691 | * Renegotiation is automatically triggered when a record |
ansond | 0:137634ff4186 | 1692 | * counter (outgoing or ingoing) crosses the defined |
ansond | 0:137634ff4186 | 1693 | * threshold. The default value is meant to prevent the |
ansond | 0:137634ff4186 | 1694 | * connection from being closed when the counter is about to |
ansond | 0:137634ff4186 | 1695 | * reached its maximal value (it is not allowed to wrap). |
ansond | 0:137634ff4186 | 1696 | * |
ansond | 0:137634ff4186 | 1697 | * Lower values can be used to enforce policies such as "keys |
ansond | 0:137634ff4186 | 1698 | * must be refreshed every N packets with cipher X". |
ansond | 0:137634ff4186 | 1699 | * |
ansond | 0:137634ff4186 | 1700 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1701 | * \param period The threshold value: a big-endian 64-bit number. |
ansond | 0:137634ff4186 | 1702 | * Set to 2^64 - 1 to disable periodic renegotiation |
ansond | 0:137634ff4186 | 1703 | */ |
ansond | 0:137634ff4186 | 1704 | void ssl_set_renegotiation_period( ssl_context *ssl, |
ansond | 0:137634ff4186 | 1705 | const unsigned char period[8] ); |
ansond | 0:137634ff4186 | 1706 | #endif /* POLARSSL_SSL_RENEGOTIATION */ |
ansond | 0:137634ff4186 | 1707 | |
ansond | 0:137634ff4186 | 1708 | /** |
ansond | 0:137634ff4186 | 1709 | * \brief Return the number of data bytes available to read |
ansond | 0:137634ff4186 | 1710 | * |
ansond | 0:137634ff4186 | 1711 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1712 | * |
ansond | 0:137634ff4186 | 1713 | * \return how many bytes are available in the read buffer |
ansond | 0:137634ff4186 | 1714 | */ |
ansond | 0:137634ff4186 | 1715 | size_t ssl_get_bytes_avail( const ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1716 | |
ansond | 0:137634ff4186 | 1717 | /** |
ansond | 0:137634ff4186 | 1718 | * \brief Return the result of the certificate verification |
ansond | 0:137634ff4186 | 1719 | * |
ansond | 0:137634ff4186 | 1720 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1721 | * |
ansond | 0:137634ff4186 | 1722 | * \return 0 if successful, |
ansond | 0:137634ff4186 | 1723 | * -1 if result is not available (eg because the handshake was |
ansond | 0:137634ff4186 | 1724 | * aborted too early), or |
ansond | 0:137634ff4186 | 1725 | * a combination of BADCERT_xxx and BADCRL_xxx flags, see |
ansond | 0:137634ff4186 | 1726 | * x509.h |
ansond | 0:137634ff4186 | 1727 | */ |
ansond | 0:137634ff4186 | 1728 | int ssl_get_verify_result( const ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1729 | |
ansond | 0:137634ff4186 | 1730 | /** |
ansond | 0:137634ff4186 | 1731 | * \brief Return the name of the current ciphersuite |
ansond | 0:137634ff4186 | 1732 | * |
ansond | 0:137634ff4186 | 1733 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1734 | * |
ansond | 0:137634ff4186 | 1735 | * \return a string containing the ciphersuite name |
ansond | 0:137634ff4186 | 1736 | */ |
ansond | 0:137634ff4186 | 1737 | const char *ssl_get_ciphersuite( const ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1738 | |
ansond | 0:137634ff4186 | 1739 | /** |
ansond | 0:137634ff4186 | 1740 | * \brief Return the current SSL version (SSLv3/TLSv1/etc) |
ansond | 0:137634ff4186 | 1741 | * |
ansond | 0:137634ff4186 | 1742 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1743 | * |
ansond | 0:137634ff4186 | 1744 | * \return a string containing the SSL version |
ansond | 0:137634ff4186 | 1745 | */ |
ansond | 0:137634ff4186 | 1746 | const char *ssl_get_version( const ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1747 | |
ansond | 0:137634ff4186 | 1748 | #if defined(POLARSSL_X509_CRT_PARSE_C) |
ansond | 0:137634ff4186 | 1749 | /** |
ansond | 0:137634ff4186 | 1750 | * \brief Return the peer certificate from the current connection |
ansond | 0:137634ff4186 | 1751 | * |
ansond | 0:137634ff4186 | 1752 | * Note: Can be NULL in case no certificate was sent during |
ansond | 0:137634ff4186 | 1753 | * the handshake. Different calls for the same connection can |
ansond | 0:137634ff4186 | 1754 | * return the same or different pointers for the same |
ansond | 0:137634ff4186 | 1755 | * certificate and even a different certificate altogether. |
ansond | 0:137634ff4186 | 1756 | * The peer cert CAN change in a single connection if |
ansond | 0:137634ff4186 | 1757 | * renegotiation is performed. |
ansond | 0:137634ff4186 | 1758 | * |
ansond | 0:137634ff4186 | 1759 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1760 | * |
ansond | 0:137634ff4186 | 1761 | * \return the current peer certificate |
ansond | 0:137634ff4186 | 1762 | */ |
ansond | 0:137634ff4186 | 1763 | const x509_crt *ssl_get_peer_cert( const ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1764 | #endif /* POLARSSL_X509_CRT_PARSE_C */ |
ansond | 0:137634ff4186 | 1765 | |
ansond | 0:137634ff4186 | 1766 | #if defined(POLARSSL_SSL_CLI_C) |
ansond | 0:137634ff4186 | 1767 | /** |
ansond | 0:137634ff4186 | 1768 | * \brief Save session in order to resume it later (client-side only) |
ansond | 0:137634ff4186 | 1769 | * Session data is copied to presented session structure. |
ansond | 0:137634ff4186 | 1770 | * |
ansond | 0:137634ff4186 | 1771 | * \warning Currently, peer certificate is lost in the operation. |
ansond | 0:137634ff4186 | 1772 | * |
ansond | 0:137634ff4186 | 1773 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1774 | * \param session session context |
ansond | 0:137634ff4186 | 1775 | * |
ansond | 0:137634ff4186 | 1776 | * \return 0 if successful, |
ansond | 0:137634ff4186 | 1777 | * POLARSSL_ERR_SSL_MALLOC_FAILED if memory allocation failed, |
ansond | 0:137634ff4186 | 1778 | * POLARSSL_ERR_SSL_BAD_INPUT_DATA if used server-side or |
ansond | 0:137634ff4186 | 1779 | * arguments are otherwise invalid |
ansond | 0:137634ff4186 | 1780 | * |
ansond | 0:137634ff4186 | 1781 | * \sa ssl_set_session() |
ansond | 0:137634ff4186 | 1782 | */ |
ansond | 0:137634ff4186 | 1783 | int ssl_get_session( const ssl_context *ssl, ssl_session *session ); |
ansond | 0:137634ff4186 | 1784 | #endif /* POLARSSL_SSL_CLI_C */ |
ansond | 0:137634ff4186 | 1785 | |
ansond | 0:137634ff4186 | 1786 | /** |
ansond | 0:137634ff4186 | 1787 | * \brief Perform the SSL handshake |
ansond | 0:137634ff4186 | 1788 | * |
ansond | 0:137634ff4186 | 1789 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1790 | * |
ansond | 0:137634ff4186 | 1791 | * \return 0 if successful, POLARSSL_ERR_NET_WANT_READ, |
ansond | 0:137634ff4186 | 1792 | * POLARSSL_ERR_NET_WANT_WRITE, or a specific SSL error code. |
ansond | 0:137634ff4186 | 1793 | */ |
ansond | 0:137634ff4186 | 1794 | int ssl_handshake( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1795 | |
ansond | 0:137634ff4186 | 1796 | /** |
ansond | 0:137634ff4186 | 1797 | * \brief Perform a single step of the SSL handshake |
ansond | 0:137634ff4186 | 1798 | * |
ansond | 0:137634ff4186 | 1799 | * Note: the state of the context (ssl->state) will be at |
ansond | 0:137634ff4186 | 1800 | * the following state after execution of this function. |
ansond | 0:137634ff4186 | 1801 | * Do not call this function if state is SSL_HANDSHAKE_OVER. |
ansond | 0:137634ff4186 | 1802 | * |
ansond | 0:137634ff4186 | 1803 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1804 | * |
ansond | 0:137634ff4186 | 1805 | * \return 0 if successful, POLARSSL_ERR_NET_WANT_READ, |
ansond | 0:137634ff4186 | 1806 | * POLARSSL_ERR_NET_WANT_WRITE, or a specific SSL error code. |
ansond | 0:137634ff4186 | 1807 | */ |
ansond | 0:137634ff4186 | 1808 | int ssl_handshake_step( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1809 | |
ansond | 0:137634ff4186 | 1810 | #if defined(POLARSSL_SSL_RENEGOTIATION) |
ansond | 0:137634ff4186 | 1811 | /** |
ansond | 0:137634ff4186 | 1812 | * \brief Initiate an SSL renegotiation on the running connection. |
ansond | 0:137634ff4186 | 1813 | * Client: perform the renegotiation right now. |
ansond | 0:137634ff4186 | 1814 | * Server: request renegotiation, which will be performed |
ansond | 0:137634ff4186 | 1815 | * during the next call to ssl_read() if honored by client. |
ansond | 0:137634ff4186 | 1816 | * |
ansond | 0:137634ff4186 | 1817 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1818 | * |
ansond | 0:137634ff4186 | 1819 | * \return 0 if successful, or any ssl_handshake() return value. |
ansond | 0:137634ff4186 | 1820 | */ |
ansond | 0:137634ff4186 | 1821 | int ssl_renegotiate( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1822 | #endif /* POLARSSL_SSL_RENEGOTIATION */ |
ansond | 0:137634ff4186 | 1823 | |
ansond | 0:137634ff4186 | 1824 | /** |
ansond | 0:137634ff4186 | 1825 | * \brief Read at most 'len' application data bytes |
ansond | 0:137634ff4186 | 1826 | * |
ansond | 0:137634ff4186 | 1827 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1828 | * \param buf buffer that will hold the data |
ansond | 0:137634ff4186 | 1829 | * \param len maximum number of bytes to read |
ansond | 0:137634ff4186 | 1830 | * |
ansond | 0:137634ff4186 | 1831 | * \return This function returns the number of bytes read, 0 for EOF, |
ansond | 0:137634ff4186 | 1832 | * or a negative error code. |
ansond | 0:137634ff4186 | 1833 | */ |
ansond | 0:137634ff4186 | 1834 | int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ); |
ansond | 0:137634ff4186 | 1835 | |
ansond | 0:137634ff4186 | 1836 | /** |
ansond | 0:137634ff4186 | 1837 | * \brief Write exactly 'len' application data bytes |
ansond | 0:137634ff4186 | 1838 | * |
ansond | 0:137634ff4186 | 1839 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1840 | * \param buf buffer holding the data |
ansond | 0:137634ff4186 | 1841 | * \param len how many bytes must be written |
ansond | 0:137634ff4186 | 1842 | * |
ansond | 0:137634ff4186 | 1843 | * \return This function returns the number of bytes written, |
ansond | 0:137634ff4186 | 1844 | * or a negative error code. |
ansond | 0:137634ff4186 | 1845 | * |
ansond | 0:137634ff4186 | 1846 | * \note When this function returns POLARSSL_ERR_NET_WANT_WRITE, |
ansond | 0:137634ff4186 | 1847 | * it must be called later with the *same* arguments, |
ansond | 0:137634ff4186 | 1848 | * until it returns a positive value. |
ansond | 0:137634ff4186 | 1849 | * |
ansond | 0:137634ff4186 | 1850 | * \note This function may write less than the number of bytes |
ansond | 0:137634ff4186 | 1851 | * requested if len is greater than the maximum record length. |
ansond | 0:137634ff4186 | 1852 | * For arbitrary-sized messages, it should be called in a loop. |
ansond | 0:137634ff4186 | 1853 | */ |
ansond | 0:137634ff4186 | 1854 | int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len ); |
ansond | 0:137634ff4186 | 1855 | |
ansond | 0:137634ff4186 | 1856 | /** |
ansond | 0:137634ff4186 | 1857 | * \brief Send an alert message |
ansond | 0:137634ff4186 | 1858 | * |
ansond | 0:137634ff4186 | 1859 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1860 | * \param level The alert level of the message |
ansond | 0:137634ff4186 | 1861 | * (SSL_ALERT_LEVEL_WARNING or SSL_ALERT_LEVEL_FATAL) |
ansond | 0:137634ff4186 | 1862 | * \param message The alert message (SSL_ALERT_MSG_*) |
ansond | 0:137634ff4186 | 1863 | * |
ansond | 0:137634ff4186 | 1864 | * \return 0 if successful, or a specific SSL error code. |
ansond | 0:137634ff4186 | 1865 | */ |
ansond | 0:137634ff4186 | 1866 | int ssl_send_alert_message( ssl_context *ssl, |
ansond | 0:137634ff4186 | 1867 | unsigned char level, |
ansond | 0:137634ff4186 | 1868 | unsigned char message ); |
ansond | 0:137634ff4186 | 1869 | /** |
ansond | 0:137634ff4186 | 1870 | * \brief Notify the peer that the connection is being closed |
ansond | 0:137634ff4186 | 1871 | * |
ansond | 0:137634ff4186 | 1872 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1873 | */ |
ansond | 0:137634ff4186 | 1874 | int ssl_close_notify( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1875 | |
ansond | 0:137634ff4186 | 1876 | /** |
ansond | 0:137634ff4186 | 1877 | * \brief Free referenced items in an SSL context and clear memory |
ansond | 0:137634ff4186 | 1878 | * |
ansond | 0:137634ff4186 | 1879 | * \param ssl SSL context |
ansond | 0:137634ff4186 | 1880 | */ |
ansond | 0:137634ff4186 | 1881 | void ssl_free( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1882 | |
ansond | 0:137634ff4186 | 1883 | /** |
ansond | 0:137634ff4186 | 1884 | * \brief Initialize SSL session structure |
ansond | 0:137634ff4186 | 1885 | * |
ansond | 0:137634ff4186 | 1886 | * \param session SSL session |
ansond | 0:137634ff4186 | 1887 | */ |
ansond | 0:137634ff4186 | 1888 | void ssl_session_init( ssl_session *session ); |
ansond | 0:137634ff4186 | 1889 | |
ansond | 0:137634ff4186 | 1890 | /** |
ansond | 0:137634ff4186 | 1891 | * \brief Free referenced items in an SSL session including the |
ansond | 0:137634ff4186 | 1892 | * peer certificate and clear memory |
ansond | 0:137634ff4186 | 1893 | * |
ansond | 0:137634ff4186 | 1894 | * \param session SSL session |
ansond | 0:137634ff4186 | 1895 | */ |
ansond | 0:137634ff4186 | 1896 | void ssl_session_free( ssl_session *session ); |
ansond | 0:137634ff4186 | 1897 | |
ansond | 0:137634ff4186 | 1898 | /** |
ansond | 0:137634ff4186 | 1899 | * \brief Free referenced items in an SSL transform context and clear |
ansond | 0:137634ff4186 | 1900 | * memory |
ansond | 0:137634ff4186 | 1901 | * |
ansond | 0:137634ff4186 | 1902 | * \param transform SSL transform context |
ansond | 0:137634ff4186 | 1903 | */ |
ansond | 0:137634ff4186 | 1904 | void ssl_transform_free( ssl_transform *transform ); |
ansond | 0:137634ff4186 | 1905 | |
ansond | 0:137634ff4186 | 1906 | /** |
ansond | 0:137634ff4186 | 1907 | * \brief Free referenced items in an SSL handshake context and clear |
ansond | 0:137634ff4186 | 1908 | * memory |
ansond | 0:137634ff4186 | 1909 | * |
ansond | 0:137634ff4186 | 1910 | * \param handshake SSL handshake context |
ansond | 0:137634ff4186 | 1911 | */ |
ansond | 0:137634ff4186 | 1912 | void ssl_handshake_free( ssl_handshake_params *handshake ); |
ansond | 0:137634ff4186 | 1913 | |
ansond | 0:137634ff4186 | 1914 | /* |
ansond | 0:137634ff4186 | 1915 | * Internal functions (do not call directly) |
ansond | 0:137634ff4186 | 1916 | */ |
ansond | 0:137634ff4186 | 1917 | int ssl_handshake_client_step( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1918 | int ssl_handshake_server_step( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1919 | void ssl_handshake_wrapup( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1920 | |
ansond | 0:137634ff4186 | 1921 | int ssl_send_fatal_handshake_failure( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1922 | |
ansond | 0:137634ff4186 | 1923 | int ssl_derive_keys( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1924 | |
ansond | 0:137634ff4186 | 1925 | int ssl_read_record( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1926 | /** |
ansond | 0:137634ff4186 | 1927 | * \return 0 if successful, POLARSSL_ERR_SSL_CONN_EOF on EOF or |
ansond | 0:137634ff4186 | 1928 | * another negative error code. |
ansond | 0:137634ff4186 | 1929 | */ |
ansond | 0:137634ff4186 | 1930 | int ssl_fetch_input( ssl_context *ssl, size_t nb_want ); |
ansond | 0:137634ff4186 | 1931 | |
ansond | 0:137634ff4186 | 1932 | int ssl_write_record( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1933 | int ssl_flush_output( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1934 | |
ansond | 0:137634ff4186 | 1935 | int ssl_parse_certificate( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1936 | int ssl_write_certificate( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1937 | |
ansond | 0:137634ff4186 | 1938 | int ssl_parse_change_cipher_spec( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1939 | int ssl_write_change_cipher_spec( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1940 | |
ansond | 0:137634ff4186 | 1941 | int ssl_parse_finished( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1942 | int ssl_write_finished( ssl_context *ssl ); |
ansond | 0:137634ff4186 | 1943 | |
ansond | 0:137634ff4186 | 1944 | void ssl_optimize_checksum( ssl_context *ssl, |
ansond | 0:137634ff4186 | 1945 | const ssl_ciphersuite_t *ciphersuite_info ); |
ansond | 0:137634ff4186 | 1946 | |
ansond | 0:137634ff4186 | 1947 | #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) |
ansond | 0:137634ff4186 | 1948 | int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ); |
ansond | 0:137634ff4186 | 1949 | #endif |
ansond | 0:137634ff4186 | 1950 | |
ansond | 0:137634ff4186 | 1951 | #if defined(POLARSSL_PK_C) |
ansond | 0:137634ff4186 | 1952 | unsigned char ssl_sig_from_pk( pk_context *pk ); |
ansond | 0:137634ff4186 | 1953 | pk_type_t ssl_pk_alg_from_sig( unsigned char sig ); |
ansond | 0:137634ff4186 | 1954 | #endif |
ansond | 0:137634ff4186 | 1955 | |
ansond | 0:137634ff4186 | 1956 | md_type_t ssl_md_alg_from_hash( unsigned char hash ); |
ansond | 0:137634ff4186 | 1957 | |
ansond | 0:137634ff4186 | 1958 | #if defined(POLARSSL_SSL_SET_CURVES) |
ansond | 0:137634ff4186 | 1959 | int ssl_curve_is_acceptable( const ssl_context *ssl, ecp_group_id grp_id ); |
ansond | 0:137634ff4186 | 1960 | #endif |
ansond | 0:137634ff4186 | 1961 | |
ansond | 0:137634ff4186 | 1962 | #if defined(POLARSSL_X509_CRT_PARSE_C) |
ansond | 0:137634ff4186 | 1963 | static inline pk_context *ssl_own_key( ssl_context *ssl ) |
ansond | 0:137634ff4186 | 1964 | { |
ansond | 0:137634ff4186 | 1965 | return( ssl->handshake->key_cert == NULL ? NULL |
ansond | 0:137634ff4186 | 1966 | : ssl->handshake->key_cert->key ); |
ansond | 0:137634ff4186 | 1967 | } |
ansond | 0:137634ff4186 | 1968 | |
ansond | 0:137634ff4186 | 1969 | static inline x509_crt *ssl_own_cert( ssl_context *ssl ) |
ansond | 0:137634ff4186 | 1970 | { |
ansond | 0:137634ff4186 | 1971 | return( ssl->handshake->key_cert == NULL ? NULL |
ansond | 0:137634ff4186 | 1972 | : ssl->handshake->key_cert->cert ); |
ansond | 0:137634ff4186 | 1973 | } |
ansond | 0:137634ff4186 | 1974 | |
ansond | 0:137634ff4186 | 1975 | /* |
ansond | 0:137634ff4186 | 1976 | * Check usage of a certificate wrt extensions: |
ansond | 0:137634ff4186 | 1977 | * keyUsage, extendedKeyUsage (later), and nSCertType (later). |
ansond | 0:137634ff4186 | 1978 | * |
ansond | 0:137634ff4186 | 1979 | * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we |
ansond | 0:137634ff4186 | 1980 | * check a cert we received from them)! |
ansond | 0:137634ff4186 | 1981 | * |
ansond | 0:137634ff4186 | 1982 | * Return 0 if everything is OK, -1 if not. |
ansond | 0:137634ff4186 | 1983 | */ |
ansond | 0:137634ff4186 | 1984 | int ssl_check_cert_usage( const x509_crt *cert, |
ansond | 0:137634ff4186 | 1985 | const ssl_ciphersuite_t *ciphersuite, |
ansond | 0:137634ff4186 | 1986 | int cert_endpoint, |
ansond | 0:137634ff4186 | 1987 | int *flags ); |
ansond | 0:137634ff4186 | 1988 | #endif /* POLARSSL_X509_CRT_PARSE_C */ |
ansond | 0:137634ff4186 | 1989 | |
ansond | 0:137634ff4186 | 1990 | /* constant-time buffer comparison */ |
ansond | 0:137634ff4186 | 1991 | static inline int safer_memcmp( const void *a, const void *b, size_t n ) |
ansond | 0:137634ff4186 | 1992 | { |
ansond | 0:137634ff4186 | 1993 | size_t i; |
ansond | 0:137634ff4186 | 1994 | const unsigned char *A = (const unsigned char *) a; |
ansond | 0:137634ff4186 | 1995 | const unsigned char *B = (const unsigned char *) b; |
ansond | 0:137634ff4186 | 1996 | unsigned char diff = 0; |
ansond | 0:137634ff4186 | 1997 | |
ansond | 0:137634ff4186 | 1998 | for( i = 0; i < n; i++ ) |
ansond | 0:137634ff4186 | 1999 | diff |= A[i] ^ B[i]; |
ansond | 0:137634ff4186 | 2000 | |
ansond | 0:137634ff4186 | 2001 | return( diff ); |
ansond | 0:137634ff4186 | 2002 | } |
ansond | 0:137634ff4186 | 2003 | |
ansond | 0:137634ff4186 | 2004 | #ifdef __cplusplus |
ansond | 0:137634ff4186 | 2005 | } |
ansond | 0:137634ff4186 | 2006 | #endif |
ansond | 0:137634ff4186 | 2007 | |
ansond | 0:137634ff4186 | 2008 | #endif /* ssl.h */ |
ansond | 0:137634ff4186 | 2009 |