Francois Berder
/
cyassl-lib
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: TLS_cyassl TLS_cyassl
Embed:
(wiki syntax)
Show/hide line numbers
internal.h
00001 /* internal.h 00002 * 00003 * Copyright (C) 2006-2013 wolfSSL Inc. 00004 * 00005 * This file is part of CyaSSL. 00006 * 00007 * CyaSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * CyaSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 00020 */ 00021 00022 00023 #ifndef CYASSL_INT_H 00024 #define CYASSL_INT_H 00025 00026 00027 #include <cyassl/ctaocrypt/types.h> 00028 #include <cyassl/ssl.h> 00029 #include <cyassl/crl.h> 00030 #include <cyassl/ctaocrypt/random.h> 00031 #include <cyassl/ctaocrypt/des3.h> 00032 #include <cyassl/ctaocrypt/hc128.h> 00033 #include <cyassl/ctaocrypt/rabbit.h> 00034 #include <cyassl/ctaocrypt/asn.h> 00035 #include <cyassl/ctaocrypt/md5.h> 00036 #include <cyassl/ctaocrypt/sha.h> 00037 #include <cyassl/ctaocrypt/aes.h> 00038 #include <cyassl/ctaocrypt/camellia.h> 00039 #include <cyassl/ctaocrypt/logging.h> 00040 #ifndef NO_RC4 00041 #include <cyassl/ctaocrypt/arc4.h> 00042 #endif 00043 #ifdef HAVE_ECC 00044 #include <cyassl/ctaocrypt/ecc.h> 00045 #endif 00046 #ifndef NO_SHA256 00047 #include <cyassl/ctaocrypt/sha256.h> 00048 #endif 00049 #ifdef HAVE_OCSP 00050 #include <cyassl/ocsp.h> 00051 #endif 00052 #ifdef CYASSL_SHA512 00053 #include <cyassl/ctaocrypt/sha512.h> 00054 #endif 00055 00056 #ifdef HAVE_AESGCM 00057 #include <cyassl/ctaocrypt/sha512.h> 00058 #endif 00059 00060 #ifdef CYASSL_RIPEMD 00061 #include <cyassl/ctaocrypt/ripemd.h> 00062 #endif 00063 00064 #ifdef CYASSL_CALLBACKS 00065 #include <cyassl/callbacks.h> 00066 #include <signal.h> 00067 #endif 00068 00069 #ifdef USE_WINDOWS_API 00070 #ifdef CYASSL_GAME_BUILD 00071 #include "system/xtl.h" 00072 #else 00073 #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN) 00074 /* On WinCE winsock2.h must be included before windows.h */ 00075 #include <winsock2.h> 00076 #endif 00077 #include <windows.h> 00078 #endif 00079 #elif defined(THREADX) 00080 #ifndef SINGLE_THREADED 00081 #include "tx_api.h" 00082 #endif 00083 #elif defined(MICRIUM) 00084 /* do nothing, just don't pick Unix */ 00085 #elif defined(FREERTOS) || defined(CYASSL_SAFERTOS) 00086 /* do nothing */ 00087 #elif defined(EBSNET) 00088 /* do nothing */ 00089 #elif defined(FREESCALE_MQX) 00090 /* do nothing */ 00091 #elif defined(CYASSL_MDK_ARM) 00092 #include <rtl.h> 00093 #else 00094 #ifndef SINGLE_THREADED 00095 #define CYASSL_PTHREADS 00096 #include <pthread.h> 00097 #endif 00098 #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) 00099 #include <unistd.h> /* for close of BIO */ 00100 #endif 00101 #endif 00102 00103 #ifdef HAVE_LIBZ 00104 #include "zlib.h" 00105 #endif 00106 00107 #ifdef _MSC_VER 00108 /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ 00109 #pragma warning(disable: 4996) 00110 #endif 00111 00112 #ifdef NO_AES 00113 #if !defined (ALIGN16) 00114 #define ALIGN16 00115 #endif 00116 #endif 00117 00118 #ifdef NO_SHA 00119 #define SHA_DIGEST_SIZE 20 00120 #endif 00121 00122 #ifdef NO_SHA256 00123 #define SHA256_DIGEST_SIZE 32 00124 #endif 00125 00126 00127 #ifdef __cplusplus 00128 extern "C" { 00129 #endif 00130 00131 00132 #ifdef USE_WINDOWS_API 00133 typedef unsigned int SOCKET_T; 00134 #else 00135 typedef int SOCKET_T; 00136 #endif 00137 00138 00139 typedef byte word24[3]; 00140 00141 /* used by ssl.c and cyassl_int.c */ 00142 void c32to24(word32 in, word24 out); 00143 00144 /* Define or comment out the cipher suites you'd like to be compiled in 00145 make sure to use at least one BUILD_SSL_xxx or BUILD_TLS_xxx is defined 00146 00147 When adding cipher suites, add name to cipher_names, idx to cipher_name_idx 00148 */ 00149 #if !defined(NO_RSA) && !defined(NO_RC4) 00150 #if !defined(NO_SHA) 00151 #define BUILD_SSL_RSA_WITH_RC4_128_SHA 00152 #endif 00153 #if !defined(NO_MD5) 00154 #define BUILD_SSL_RSA_WITH_RC4_128_MD5 00155 #endif 00156 #if !defined(NO_TLS) && defined(HAVE_NTRU) && !defined(NO_SHA) 00157 #define BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA 00158 #endif 00159 #endif 00160 00161 #if !defined(NO_RSA) && !defined(NO_DES3) 00162 #if !defined(NO_SHA) 00163 #define BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA 00164 #if !defined(NO_TLS) && defined(HAVE_NTRU) 00165 #define BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA 00166 #endif 00167 #endif 00168 #endif 00169 00170 #if !defined(NO_RSA) && !defined(NO_AES) && !defined(NO_TLS) 00171 #if !defined(NO_SHA) 00172 #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA 00173 #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA 00174 #if defined(HAVE_NTRU) 00175 #define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA 00176 #define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA 00177 #endif 00178 #endif 00179 #if !defined (NO_SHA256) 00180 #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256 00181 #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256 00182 #endif 00183 #if defined (HAVE_AESGCM) 00184 #define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256 00185 #if defined (CYASSL_SHA384) 00186 #define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384 00187 #endif 00188 #endif 00189 #if defined (HAVE_AESCCM) 00190 #define BUILD_TLS_RSA_WITH_AES_128_CCM_8 00191 #define BUILD_TLS_RSA_WITH_AES_256_CCM_8 00192 #endif 00193 #endif 00194 00195 #if defined(HAVE_CAMELLIA) && !defined(NO_TLS) 00196 #ifndef NO_RSA 00197 #if !defined(NO_SHA) 00198 #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 00199 #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 00200 #endif 00201 #ifndef NO_SHA256 00202 #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 00203 #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 00204 #endif 00205 #if !defined(NO_DH) && defined(OPENSSL_EXTRA) 00206 #if !defined(NO_SHA) 00207 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 00208 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 00209 #endif 00210 #ifndef NO_SHA256 00211 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 00212 #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 00213 #endif 00214 #endif 00215 #endif 00216 #endif 00217 00218 #if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS) 00219 #if !defined(NO_SHA) 00220 #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA 00221 #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA 00222 #endif 00223 #ifndef NO_SHA256 00224 #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 00225 #ifdef HAVE_AESCCM 00226 #define BUILD_TLS_PSK_WITH_AES_128_CCM_8 00227 #define BUILD_TLS_PSK_WITH_AES_256_CCM_8 00228 #endif 00229 #endif 00230 #endif 00231 00232 #if !defined(NO_TLS) && defined(HAVE_NULL_CIPHER) 00233 #if !defined(NO_RSA) 00234 #if !defined(NO_SHA) 00235 #define BUILD_TLS_RSA_WITH_NULL_SHA 00236 #endif 00237 #ifndef NO_SHA256 00238 #define BUILD_TLS_RSA_WITH_NULL_SHA256 00239 #endif 00240 #endif 00241 #if !defined(NO_PSK) 00242 #if !defined(NO_SHA) 00243 #define BUILD_TLS_PSK_WITH_NULL_SHA 00244 #endif 00245 #ifndef NO_SHA256 00246 #define BUILD_TLS_PSK_WITH_NULL_SHA256 00247 #endif 00248 #endif 00249 #endif 00250 00251 #if !defined(NO_HC128) && !defined(NO_RSA) && !defined(NO_TLS) 00252 #define BUILD_TLS_RSA_WITH_HC_128_CBC_MD5 00253 #if !defined(NO_SHA) 00254 #define BUILD_TLS_RSA_WITH_HC_128_CBC_SHA 00255 #endif 00256 #endif 00257 00258 #if !defined(NO_RABBIT) && !defined(NO_TLS) && !defined(NO_RSA) 00259 #if !defined(NO_SHA) 00260 #define BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA 00261 #endif 00262 #endif 00263 00264 #if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \ 00265 !defined(NO_RSA) && defined(OPENSSL_EXTRA) 00266 #if !defined(NO_SHA) 00267 #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 00268 #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 00269 #endif 00270 #if !defined (NO_SHA256) 00271 #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 00272 #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 00273 #if defined (HAVE_AESGCM) 00274 #define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 00275 #if defined (CYASSL_SHA384) 00276 #define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 00277 #endif 00278 #endif 00279 #endif 00280 #endif 00281 00282 #if defined(HAVE_ECC) && !defined(NO_TLS) 00283 #if !defined(NO_AES) 00284 #if !defined(NO_SHA) 00285 #if !defined(NO_RSA) 00286 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 00287 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 00288 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 00289 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 00290 #endif 00291 00292 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 00293 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 00294 00295 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 00296 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 00297 #endif /* NO_SHA */ 00298 #ifndef NO_SHA256 00299 #if !defined(NO_RSA) 00300 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 00301 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 00302 #endif 00303 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 00304 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 00305 #endif 00306 00307 #ifdef CYASSL_SHA384 00308 #if !defined(NO_RSA) 00309 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 00310 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 00311 #endif 00312 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 00313 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 00314 #endif 00315 00316 #if defined (HAVE_AESGCM) 00317 #if !defined(NO_RSA) 00318 #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 00319 #define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 00320 #if defined(CYASSL_SHA384) 00321 #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 00322 #define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 00323 #endif 00324 #endif 00325 00326 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 00327 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 00328 00329 #if defined(CYASS_SHA384) 00330 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 00331 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 00332 #endif 00333 #endif 00334 #if defined (HAVE_AESCCM) 00335 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 00336 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 00337 #endif 00338 #endif /* NO_AES */ 00339 #if !defined(NO_RC4) 00340 #if !defined(NO_SHA) 00341 #if !defined(NO_RSA) 00342 #define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA 00343 #define BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA 00344 #endif 00345 00346 #define BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 00347 #define BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 00348 #endif 00349 #endif 00350 #if !defined(NO_DES3) 00351 #if !defined(NO_RSA) 00352 #define BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 00353 #define BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 00354 #endif 00355 00356 #define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 00357 #define BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 00358 #endif 00359 #endif 00360 00361 00362 #if defined(BUILD_SSL_RSA_WITH_RC4_128_SHA) || \ 00363 defined(BUILD_SSL_RSA_WITH_RC4_128_MD5) 00364 #define BUILD_ARC4 00365 #endif 00366 00367 #if defined(BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA) 00368 #define BUILD_DES3 00369 #endif 00370 00371 #if defined(BUILD_TLS_RSA_WITH_AES_128_CBC_SHA) || \ 00372 defined(BUILD_TLS_RSA_WITH_AES_256_CBC_SHA) || \ 00373 defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) 00374 #undef BUILD_AES 00375 #define BUILD_AES 00376 #endif 00377 00378 #if defined(BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256) || \ 00379 defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) 00380 #define BUILD_AESGCM 00381 #endif 00382 00383 #if defined(BUILD_TLS_RSA_WITH_HC_128_CBC_SHA) || \ 00384 defined(BUILD_TLS_RSA_WITH_HC_128_CBC_MD5) 00385 #define BUILD_HC128 00386 #endif 00387 00388 #if defined(BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA) 00389 #define BUILD_RABBIT 00390 #endif 00391 00392 #ifdef NO_DES3 00393 #define DES_BLOCK_SIZE 8 00394 #else 00395 #undef BUILD_DES3 00396 #define BUILD_DES3 00397 #endif 00398 00399 #ifdef NO_AES 00400 #define AES_BLOCK_SIZE 16 00401 #else 00402 #undef BUILD_AES 00403 #define BUILD_AES 00404 #endif 00405 00406 #ifndef NO_RC4 00407 #undef BUILD_ARC4 00408 #define BUILD_ARC4 00409 #endif 00410 00411 00412 00413 #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) 00414 #define HAVE_AEAD 00415 #endif 00416 00417 00418 /* actual cipher values, 2nd byte */ 00419 enum { 00420 TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x39, 00421 TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x33, 00422 TLS_RSA_WITH_AES_256_CBC_SHA = 0x35, 00423 TLS_RSA_WITH_AES_128_CBC_SHA = 0x2F, 00424 TLS_RSA_WITH_NULL_SHA = 0x02, 00425 TLS_PSK_WITH_AES_256_CBC_SHA = 0x8d, 00426 TLS_PSK_WITH_AES_128_CBC_SHA256 = 0xae, 00427 TLS_PSK_WITH_AES_128_CBC_SHA = 0x8c, 00428 TLS_PSK_WITH_NULL_SHA256 = 0xb0, 00429 TLS_PSK_WITH_NULL_SHA = 0x2c, 00430 SSL_RSA_WITH_RC4_128_SHA = 0x05, 00431 SSL_RSA_WITH_RC4_128_MD5 = 0x04, 00432 SSL_RSA_WITH_3DES_EDE_CBC_SHA = 0x0A, 00433 00434 /* ECC suites, first byte is 0xC0 (ECC_BYTE) */ 00435 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0x14, 00436 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0x13, 00437 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0x0A, 00438 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0x09, 00439 TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0x11, 00440 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0x07, 00441 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x12, 00442 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x08, 00443 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0x27, 00444 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0x23, 00445 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0x28, 00446 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0x24, 00447 00448 /* static ECDH, first byte is 0xC0 (ECC_BYTE) */ 00449 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0x0F, 00450 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0x0E, 00451 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0x05, 00452 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0x04, 00453 TLS_ECDH_RSA_WITH_RC4_128_SHA = 0x0C, 00454 TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0x02, 00455 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0D, 00456 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x03, 00457 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0x29, 00458 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0x25, 00459 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0x2A, 00460 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0x26, 00461 00462 /* CyaSSL extension - eSTREAM */ 00463 TLS_RSA_WITH_HC_128_CBC_MD5 = 0xFB, 00464 TLS_RSA_WITH_HC_128_CBC_SHA = 0xFC, 00465 TLS_RSA_WITH_RABBIT_CBC_SHA = 0xFD, 00466 00467 /* CyaSSL extension - NTRU */ 00468 TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5, 00469 TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6, 00470 TLS_NTRU_RSA_WITH_AES_128_CBC_SHA = 0xe7, /* clases w/ official SHA-256 */ 00471 TLS_NTRU_RSA_WITH_AES_256_CBC_SHA = 0xe8, 00472 00473 /* SHA256 */ 00474 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x6b, 00475 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x67, 00476 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d, 00477 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x3c, 00478 TLS_RSA_WITH_NULL_SHA256 = 0x3b, 00479 00480 /* AES-GCM */ 00481 TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x9c, 00482 TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x9d, 00483 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x9e, 00484 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x9f, 00485 00486 /* ECC AES-GCM, first byte is 0xC0 (ECC_BYTE) */ 00487 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2b, 00488 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0x2c, 00489 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2d, 00490 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0x2e, 00491 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0x2f, 00492 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0x30, 00493 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0x31, 00494 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0x32, 00495 00496 /* AES-CCM, first byte is 0xC0 but isn't ECC, 00497 * also, in some of the other AES-CCM suites 00498 * there will be second byte number conflicts 00499 * with non-ECC AES-GCM */ 00500 TLS_RSA_WITH_AES_128_CCM_8 = 0xa0, 00501 TLS_RSA_WITH_AES_256_CCM_8 = 0xa1, 00502 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xc6, /* Still TBD, made up */ 00503 TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xc7, /* Still TBD, made up */ 00504 TLS_PSK_WITH_AES_128_CCM = 0xa4, 00505 TLS_PSK_WITH_AES_256_CCM = 0xa5, 00506 TLS_PSK_WITH_AES_128_CCM_8 = 0xa8, 00507 TLS_PSK_WITH_AES_256_CCM_8 = 0xa9, 00508 00509 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x41, 00510 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x84, 00511 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xba, 00512 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc0, 00513 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x45, 00514 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x88, 00515 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe, 00516 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4 00517 00518 }; 00519 00520 00521 #if defined(CYASSL_SHA384) 00522 #define MAX_DIGEST_SIZE SHA384_DIGEST_SIZE 00523 #elif !defined(NO_SHA256) 00524 #define MAX_DIGEST_SIZE SHA256_DIGEST_SIZE 00525 #elif !defined(NO_MD5) && !defined(NO_SHA) 00526 #define MAX_DIGEST_SIZE (SHA_DIGEST_SIZE + MD5_DIGEST_SIZE) 00527 #else 00528 #error "You have configured the build so there isn't any hashing." 00529 #endif 00530 00531 00532 enum Misc { 00533 SERVER_END = 0, 00534 CLIENT_END, 00535 00536 ECC_BYTE = 0xC0, /* ECC first cipher suite byte */ 00537 00538 SEND_CERT = 1, 00539 SEND_BLANK_CERT = 2, 00540 00541 DTLS_MAJOR = 0xfe, /* DTLS major version number */ 00542 DTLS_MINOR = 0xff, /* DTLS minor version number */ 00543 DTLSv1_2_MINOR = 0xfd, /* DTLS minor version number */ 00544 SSLv3_MAJOR = 3, /* SSLv3 and TLSv1+ major version number */ 00545 SSLv3_MINOR = 0, /* TLSv1 minor version number */ 00546 TLSv1_MINOR = 1, /* TLSv1 minor version number */ 00547 TLSv1_1_MINOR = 2, /* TLSv1_1 minor version number */ 00548 TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */ 00549 INVALID_BYTE = 0xff, /* Used to initialize cipher specs values */ 00550 NO_COMPRESSION = 0, 00551 ZLIB_COMPRESSION = 221, /* CyaSSL zlib compression */ 00552 HELLO_EXT_SIG_ALGO = 13, /* ID for the sig_algo hello extension */ 00553 SECRET_LEN = 48, /* pre RSA and all master */ 00554 ENCRYPT_LEN = 512, /* allow 4096 bit static buffer */ 00555 SIZEOF_SENDER = 4, /* clnt or srvr */ 00556 FINISHED_SZ = 36, /* MD5_DIGEST_SIZE + SHA_DIGEST_SIZE */ 00557 MAX_RECORD_SIZE = 16384, /* 2^14, max size by standard */ 00558 MAX_MSG_EXTRA = 38 + MAX_DIGEST_SIZE, 00559 /* max added to msg, mac + pad from */ 00560 /* RECORD_HEADER_SZ + BLOCK_SZ (pad) + Max 00561 digest sz + BLOC_SZ (iv) + pad byte (1) */ 00562 MAX_COMP_EXTRA = 1024, /* max compression extra */ 00563 MAX_MTU = 1500, /* max expected MTU */ 00564 MAX_UDP_SIZE = 8192 - 100, /* was MAX_MTU - 100 */ 00565 MAX_DH_SZ = 612, /* 2240 p, pub, g + 2 byte size for each */ 00566 MAX_STR_VERSION = 8, /* string rep of protocol version */ 00567 00568 PAD_MD5 = 48, /* pad length for finished */ 00569 PAD_SHA = 40, /* pad length for finished */ 00570 MAX_PAD_SIZE = 256, /* maximum length of padding */ 00571 COMPRESS_DUMMY_SIZE = 64, /* compression dummy round size */ 00572 COMPRESS_CONSTANT = 13, /* compression calc constant */ 00573 COMPRESS_UPPER = 55, /* compression calc numerator */ 00574 COMPRESS_LOWER = 64, /* compression calc denominator */ 00575 00576 PEM_LINE_LEN = 80, /* PEM line max + fudge */ 00577 LENGTH_SZ = 2, /* length field for HMAC, data only */ 00578 VERSION_SZ = 2, /* length of proctocol version */ 00579 SEQ_SZ = 8, /* 64 bit sequence number */ 00580 BYTE3_LEN = 3, /* up to 24 bit byte lengths */ 00581 ALERT_SIZE = 2, /* level + description */ 00582 REQUEST_HEADER = 2, /* always use 2 bytes */ 00583 VERIFY_HEADER = 2, /* always use 2 bytes */ 00584 EXT_ID_SZ = 2, /* always use 2 bytes */ 00585 MAX_DH_SIZE = 513, /* 4096 bit plus possible leading 0 */ 00586 00587 MAX_SUITE_SZ = 200, /* 100 suites for now! */ 00588 RAN_LEN = 32, /* random length */ 00589 SEED_LEN = RAN_LEN * 2, /* tls prf seed length */ 00590 ID_LEN = 32, /* session id length */ 00591 MAX_COOKIE_LEN = 32, /* max dtls cookie size */ 00592 COOKIE_SZ = 20, /* use a 20 byte cookie */ 00593 SUITE_LEN = 2, /* cipher suite sz length */ 00594 ENUM_LEN = 1, /* always a byte */ 00595 OPAQUE16_LEN = 2, /* always 2 bytes */ 00596 COMP_LEN = 1, /* compression length */ 00597 CURVE_LEN = 2, /* ecc named curve length */ 00598 SERVER_ID_LEN = 20, /* server session id length */ 00599 00600 HANDSHAKE_HEADER_SZ = 4, /* type + length(3) */ 00601 RECORD_HEADER_SZ = 5, /* type + version + len(2) */ 00602 CERT_HEADER_SZ = 3, /* always 3 bytes */ 00603 REQ_HEADER_SZ = 2, /* cert request header sz */ 00604 HINT_LEN_SZ = 2, /* length of hint size field */ 00605 HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */ 00606 HELLO_EXT_SZ = 8, /* total length of the lazy hello extensions */ 00607 HELLO_EXT_LEN = 6, /* length of the lazy hello extensions */ 00608 HELLO_EXT_SIGALGO_SZ = 2, /* length of signature algo extension */ 00609 HELLO_EXT_SIGALGO_MAX = 32, /* number of items in the signature algo list */ 00610 00611 DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */ 00612 DTLS_RECORD_HEADER_SZ = 13, /* normal + epoch(2) + seq_num(6) */ 00613 DTLS_HANDSHAKE_EXTRA = 8, /* diff from normal */ 00614 DTLS_RECORD_EXTRA = 8, /* diff from normal */ 00615 DTLS_HANDSHAKE_SEQ_SZ = 2, /* handshake header sequence number */ 00616 DTLS_HANDSHAKE_FRAG_SZ = 3, /* fragment offset and length are 24 bit */ 00617 DTLS_POOL_SZ = 5, /* buffers to hold in the retry pool */ 00618 00619 FINISHED_LABEL_SZ = 15, /* TLS finished label size */ 00620 TLS_FINISHED_SZ = 12, /* TLS has a shorter size */ 00621 MASTER_LABEL_SZ = 13, /* TLS master secret label sz */ 00622 KEY_LABEL_SZ = 13, /* TLS key block expansion sz */ 00623 MAX_PRF_HALF = 128, /* Maximum half secret len */ 00624 MAX_PRF_LABSEED = 128, /* Maximum label + seed len */ 00625 MAX_PRF_DIG = 224, /* Maximum digest len */ 00626 MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */ 00627 SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */ 00628 00629 RC4_KEY_SIZE = 16, /* always 128bit */ 00630 DES_KEY_SIZE = 8, /* des */ 00631 DES3_KEY_SIZE = 24, /* 3 des ede */ 00632 DES_IV_SIZE = DES_BLOCK_SIZE, 00633 AES_256_KEY_SIZE = 32, /* for 256 bit */ 00634 AES_192_KEY_SIZE = 24, /* for 192 bit */ 00635 AES_IV_SIZE = 16, /* always block size */ 00636 AES_128_KEY_SIZE = 16, /* for 128 bit */ 00637 00638 AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */ 00639 AEAD_TYPE_OFFSET = 8, /* Auth Data: Type */ 00640 AEAD_VMAJ_OFFSET = 9, /* Auth Data: Major Version */ 00641 AEAD_VMIN_OFFSET = 10, /* Auth Data: Minor Version */ 00642 AEAD_LEN_OFFSET = 11, /* Auth Data: Length */ 00643 AEAD_AUTH_DATA_SZ = 13, /* Size of the data to authenticate */ 00644 AEAD_IMP_IV_SZ = 4, /* Size of the implicit IV */ 00645 AEAD_EXP_IV_SZ = 8, /* Size of the explicit IV */ 00646 AEAD_NONCE_SZ = AEAD_EXP_IV_SZ + AEAD_IMP_IV_SZ, 00647 00648 AES_GCM_AUTH_SZ = 16, /* AES-GCM Auth Tag length */ 00649 AES_CCM_16_AUTH_SZ = 16, /* AES-CCM-16 Auth Tag length */ 00650 AES_CCM_8_AUTH_SZ = 8, /* AES-CCM-8 Auth Tag Length */ 00651 00652 CAMELLIA_128_KEY_SIZE = 16, /* for 128 bit */ 00653 CAMELLIA_192_KEY_SIZE = 24, /* for 192 bit */ 00654 CAMELLIA_256_KEY_SIZE = 32, /* for 256 bit */ 00655 CAMELLIA_IV_SIZE = 16, /* always block size */ 00656 00657 HC_128_KEY_SIZE = 16, /* 128 bits */ 00658 HC_128_IV_SIZE = 16, /* also 128 bits */ 00659 00660 RABBIT_KEY_SIZE = 16, /* 128 bits */ 00661 RABBIT_IV_SIZE = 8, /* 64 bits for iv */ 00662 00663 EVP_SALT_SIZE = 8, /* evp salt size 64 bits */ 00664 00665 ECDHE_SIZE = 32, /* ECHDE server size defaults to 256 bit */ 00666 MAX_EXPORT_ECC_SZ = 256, /* Export ANS X9.62 max future size */ 00667 00668 MAX_HELLO_SZ = 128, /* max client or server hello */ 00669 MAX_CERT_VERIFY_SZ = 1024, /* max */ 00670 CLIENT_HELLO_FIRST = 35, /* Protocol + RAN_LEN + sizeof(id_len) */ 00671 MAX_SUITE_NAME = 48, /* maximum length of cipher suite string */ 00672 DEFAULT_TIMEOUT = 500, /* default resumption timeout in seconds */ 00673 00674 DTLS_TIMEOUT_INIT = 1, /* default timeout init for DTLS receive */ 00675 DTLS_TIMEOUT_MAX = 64, /* default max timeout for DTLS receive */ 00676 DTLS_TIMEOUT_MULTIPLIER = 2, /* default timeout multiplier for DTLS recv */ 00677 00678 MAX_PSK_ID_LEN = 128, /* max psk identity/hint supported */ 00679 MAX_PSK_KEY_LEN = 64, /* max psk key supported */ 00680 00681 MAX_CYASSL_FILE_SIZE = 1024 * 1024 * 4, /* 4 mb file size alloc limit */ 00682 00683 #ifdef FORTRESS 00684 MAX_EX_DATA = 3, /* allow for three items of ex_data */ 00685 #endif 00686 00687 MAX_X509_SIZE = 2048, /* max static x509 buffer size */ 00688 CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */ 00689 MAX_FILENAME_SZ = 256, /* max file name length */ 00690 FILE_BUFFER_SIZE = 1024, /* default static file buffer size for input, 00691 will use dynamic buffer if not big enough */ 00692 00693 MAX_NTRU_PUB_KEY_SZ = 1027, /* NTRU max for now */ 00694 MAX_NTRU_ENCRYPT_SZ = 1027, /* NTRU max for now */ 00695 MAX_NTRU_BITS = 256, /* max symmetric bit strength */ 00696 NO_SNIFF = 0, /* not sniffing */ 00697 SNIFF = 1, /* currently sniffing */ 00698 00699 HASH_SIG_SIZE = 2, /* default SHA1 RSA */ 00700 00701 NO_CAVIUM_DEVICE = -2, /* invalid cavium device id */ 00702 00703 NO_COPY = 0, /* should we copy static buffer for write */ 00704 COPY = 1 /* should we copy static buffer for write */ 00705 }; 00706 00707 00708 /* max cert chain peer depth */ 00709 #ifndef MAX_CHAIN_DEPTH 00710 #define MAX_CHAIN_DEPTH 9 00711 #endif 00712 00713 00714 /* don't use extra 3/4k stack space unless need to */ 00715 #ifdef HAVE_NTRU 00716 #define MAX_ENCRYPT_SZ MAX_NTRU_ENCRYPT_SZ 00717 #else 00718 #define MAX_ENCRYPT_SZ ENCRYPT_LEN 00719 #endif 00720 00721 00722 /* states */ 00723 enum states { 00724 NULL_STATE = 0, 00725 00726 SERVER_HELLOVERIFYREQUEST_COMPLETE, 00727 SERVER_HELLO_COMPLETE, 00728 SERVER_CERT_COMPLETE, 00729 SERVER_KEYEXCHANGE_COMPLETE, 00730 SERVER_HELLODONE_COMPLETE, 00731 SERVER_FINISHED_COMPLETE, 00732 00733 CLIENT_HELLO_COMPLETE, 00734 CLIENT_KEYEXCHANGE_COMPLETE, 00735 CLIENT_FINISHED_COMPLETE, 00736 00737 HANDSHAKE_DONE 00738 }; 00739 00740 00741 #if defined(__GNUC__) 00742 #define CYASSL_PACK __attribute__ ((packed)) 00743 #else 00744 #define CYASSL_PACK 00745 #endif 00746 00747 /* SSL Version */ 00748 typedef struct ProtocolVersion { 00749 byte major; 00750 byte minor; 00751 } CYASSL_PACK ProtocolVersion; 00752 00753 00754 CYASSL_LOCAL ProtocolVersion MakeSSLv3(void); 00755 CYASSL_LOCAL ProtocolVersion MakeTLSv1(void); 00756 CYASSL_LOCAL ProtocolVersion MakeTLSv1_1(void); 00757 CYASSL_LOCAL ProtocolVersion MakeTLSv1_2(void); 00758 00759 #ifdef CYASSL_DTLS 00760 CYASSL_LOCAL ProtocolVersion MakeDTLSv1(void); 00761 CYASSL_LOCAL ProtocolVersion MakeDTLSv1_2(void); 00762 #endif 00763 00764 00765 enum BIO_TYPE { 00766 BIO_BUFFER = 1, 00767 BIO_SOCKET = 2, 00768 BIO_SSL = 3, 00769 BIO_MEMORY = 4 00770 }; 00771 00772 00773 /* CyaSSL BIO_METHOD type */ 00774 struct CYASSL_BIO_METHOD { 00775 byte type; /* method type */ 00776 }; 00777 00778 00779 /* CyaSSL BIO type */ 00780 struct CYASSL_BIO { 00781 byte type; /* method type */ 00782 byte close; /* close flag */ 00783 byte eof; /* eof flag */ 00784 CYASSL* ssl; /* possible associated ssl */ 00785 byte* mem; /* memory buffer */ 00786 int memLen; /* memory buffer length */ 00787 int fd; /* possible file descriptor */ 00788 CYASSL_BIO* prev; /* previous in chain */ 00789 CYASSL_BIO* next; /* next in chain */ 00790 }; 00791 00792 00793 /* CyaSSL method type */ 00794 struct CYASSL_METHOD { 00795 ProtocolVersion version; 00796 byte side; /* connection side, server or client */ 00797 byte downgrade; /* whether to downgrade version, default no */ 00798 }; 00799 00800 00801 /* defautls to client */ 00802 CYASSL_LOCAL void InitSSL_Method(CYASSL_METHOD*, ProtocolVersion); 00803 00804 /* for sniffer */ 00805 CYASSL_LOCAL int DoFinished(CYASSL* ssl, const byte* input, word32* inOutIdx, 00806 int sniff); 00807 CYASSL_LOCAL int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx); 00808 00809 00810 /* CyaSSL buffer type */ 00811 typedef struct buffer { 00812 word32 length; 00813 byte* buffer; 00814 } buffer; 00815 00816 00817 enum { 00818 FORCED_FREE = 1, 00819 NO_FORCED_FREE = 0 00820 }; 00821 00822 00823 /* only use compression extra if using compression */ 00824 #ifdef HAVE_LIBZ 00825 #define COMP_EXTRA MAX_COMP_EXTRA 00826 #else 00827 #define COMP_EXTRA 0 00828 #endif 00829 00830 /* only the sniffer needs space in the buffer for extra MTU record(s) */ 00831 #ifdef CYASSL_SNIFFER 00832 #define MTU_EXTRA MAX_MTU * 3 00833 #else 00834 #define MTU_EXTRA 0 00835 #endif 00836 00837 00838 /* embedded callbacks require large static buffers, make sure on */ 00839 #ifdef CYASSL_CALLBACKS 00840 #undef LARGE_STATIC_BUFFERS 00841 #define LARGE_STATIC_BUFFERS 00842 #endif 00843 00844 00845 /* give user option to use 16K static buffers */ 00846 #if defined(LARGE_STATIC_BUFFERS) 00847 #define RECORD_SIZE MAX_RECORD_SIZE 00848 #else 00849 #ifdef CYASSL_DTLS 00850 #define RECORD_SIZE MAX_MTU 00851 #else 00852 #define RECORD_SIZE 128 00853 #endif 00854 #endif 00855 00856 00857 /* user option to turn off 16K output option */ 00858 /* if using small static buffers (default) and SSL_write tries to write data 00859 larger than the record we have, dynamically get it, unless user says only 00860 write in static buffer chuncks */ 00861 #ifndef STATIC_CHUNKS_ONLY 00862 #define OUTPUT_RECORD_SIZE MAX_RECORD_SIZE 00863 #else 00864 #define OUTPUT_RECORD_SIZE RECORD_SIZE 00865 #endif 00866 00867 /* CyaSSL input buffer 00868 00869 RFC 2246: 00870 00871 length 00872 The length (in bytes) of the following TLSPlaintext.fragment. 00873 The length should not exceed 2^14. 00874 */ 00875 #if defined(LARGE_STATIC_BUFFERS) 00876 #define STATIC_BUFFER_LEN RECORD_HEADER_SZ + RECORD_SIZE + COMP_EXTRA + \ 00877 MTU_EXTRA + MAX_MSG_EXTRA 00878 #else 00879 /* zero length arrays may not be supported */ 00880 #define STATIC_BUFFER_LEN 1 00881 #endif 00882 00883 typedef struct { 00884 word32 length; /* total buffer length used */ 00885 word32 idx; /* idx to part of length already consumed */ 00886 byte* buffer; /* place holder for static or dynamic buffer */ 00887 word32 bufferSize; /* current buffer size */ 00888 ALIGN16 byte staticBuffer[STATIC_BUFFER_LEN]; 00889 byte dynamicFlag; /* dynamic memory currently in use */ 00890 byte offset; /* alignment offset attempt */ 00891 } bufferStatic; 00892 00893 /* Cipher Suites holder */ 00894 typedef struct Suites { 00895 int setSuites; /* user set suites from default */ 00896 byte suites[MAX_SUITE_SZ]; 00897 word16 suiteSz; /* suite length in bytes */ 00898 byte hashSigAlgo[HELLO_EXT_SIGALGO_MAX]; /* sig/algo to offer */ 00899 word16 hashSigAlgoSz; /* SigAlgo extension length in bytes */ 00900 byte hashAlgo; /* selected hash algorithm */ 00901 byte sigAlgo; /* selected sig algorithm */ 00902 } Suites; 00903 00904 00905 CYASSL_LOCAL 00906 void InitSuites(Suites*, ProtocolVersion, 00907 byte, byte, byte, byte, byte, byte, int); 00908 CYASSL_LOCAL 00909 int SetCipherList(Suites*, const char* list); 00910 00911 #ifndef PSK_TYPES_DEFINED 00912 typedef unsigned int (*psk_client_callback)(CYASSL*, const char*, char*, 00913 unsigned int, unsigned char*, unsigned int); 00914 typedef unsigned int (*psk_server_callback)(CYASSL*, const char*, 00915 unsigned char*, unsigned int); 00916 #endif /* PSK_TYPES_DEFINED */ 00917 00918 00919 #ifndef CYASSL_USER_IO 00920 /* default IO callbacks */ 00921 CYASSL_LOCAL 00922 int EmbedReceive(CYASSL *ssl, char *buf, int sz, void *ctx); 00923 CYASSL_LOCAL 00924 int EmbedSend(CYASSL *ssl, char *buf, int sz, void *ctx); 00925 00926 #ifdef HAVE_OCSP 00927 CYASSL_LOCAL 00928 int EmbedOcspLookup(void*, const char*, int, byte*, int, byte**); 00929 CYASSL_LOCAL 00930 void EmbedOcspRespFree(void*, byte*); 00931 #endif 00932 00933 #ifdef CYASSL_DTLS 00934 CYASSL_LOCAL 00935 int EmbedReceiveFrom(CYASSL *ssl, char *buf, int sz, void *ctx); 00936 CYASSL_LOCAL 00937 int EmbedSendTo(CYASSL *ssl, char *buf, int sz, void *ctx); 00938 CYASSL_LOCAL 00939 int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx); 00940 CYASSL_LOCAL 00941 int IsUDP(void*); 00942 #endif /* CYASSL_DTLS */ 00943 #endif /* CYASSL_USER_IO */ 00944 00945 00946 /* CyaSSL Cipher type just points back to SSL */ 00947 struct CYASSL_CIPHER { 00948 CYASSL* ssl; 00949 }; 00950 00951 00952 #ifdef SINGLE_THREADED 00953 typedef int CyaSSL_Mutex; 00954 #else /* MULTI_THREADED */ 00955 /* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */ 00956 #ifdef FREERTOS 00957 typedef xSemaphoreHandle CyaSSL_Mutex; 00958 #elif defined(CYASSL_SAFERTOS) 00959 typedef struct CyaSSL_Mutex { 00960 signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES]; 00961 xSemaphoreHandle mutex; 00962 } CyaSSL_Mutex; 00963 #elif defined(USE_WINDOWS_API) 00964 typedef CRITICAL_SECTION CyaSSL_Mutex; 00965 #elif defined(CYASSL_PTHREADS) 00966 typedef pthread_mutex_t CyaSSL_Mutex; 00967 #elif defined(THREADX) 00968 typedef TX_MUTEX CyaSSL_Mutex; 00969 #elif defined(MICRIUM) 00970 typedef OS_MUTEX CyaSSL_Mutex; 00971 #elif defined(EBSNET) 00972 typedef RTP_MUTEX CyaSSL_Mutex; 00973 #elif defined(FREESCALE_MQX) 00974 typedef MUTEX_STRUCT CyaSSL_Mutex; 00975 #elif defined(CYASSL_MDK_ARM) 00976 typedef OS_MUT CyaSSL_Mutex; 00977 #else 00978 #error Need a mutex type in multithreaded mode 00979 #endif /* USE_WINDOWS_API */ 00980 #endif /* SINGLE_THREADED */ 00981 00982 CYASSL_LOCAL int InitMutex(CyaSSL_Mutex*); 00983 CYASSL_LOCAL int FreeMutex(CyaSSL_Mutex*); 00984 CYASSL_LOCAL int LockMutex(CyaSSL_Mutex*); 00985 CYASSL_LOCAL int UnLockMutex(CyaSSL_Mutex*); 00986 00987 typedef struct OCSP_Entry OCSP_Entry; 00988 00989 #ifdef SHA_DIGEST_SIZE 00990 #define OCSP_DIGEST_SIZE SHA_DIGEST_SIZE 00991 #else 00992 #define OCSP_DIGEST_SIZE 160 00993 #endif 00994 00995 #ifdef NO_ASN 00996 /* no_asn won't have */ 00997 typedef struct CertStatus CertStatus; 00998 #endif 00999 01000 struct OCSP_Entry { 01001 OCSP_Entry* next; /* next entry */ 01002 byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */ 01003 byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */ 01004 CertStatus* status; /* OCSP response list */ 01005 int totalStatus; /* number on list */ 01006 }; 01007 01008 01009 /* CyaSSL OCSP controller */ 01010 struct CYASSL_OCSP { 01011 byte enabled; 01012 byte useOverrideUrl; 01013 byte useNonce; 01014 char overrideUrl[80]; 01015 OCSP_Entry* ocspList; 01016 void* IOCB_OcspCtx; 01017 CallbackIOOcsp CBIOOcsp; 01018 CallbackIOOcspRespFree CBIOOcspRespFree; 01019 }; 01020 01021 #ifndef MAX_DATE_SIZE 01022 #define MAX_DATE_SIZE 32 01023 #endif 01024 01025 typedef struct CRL_Entry CRL_Entry; 01026 01027 #ifdef SHA_DIGEST_SIZE 01028 #define CRL_DIGEST_SIZE SHA_DIGEST_SIZE 01029 #else 01030 #define CRL_DIGEST_SIZE 160 01031 #endif 01032 01033 #ifdef NO_ASN 01034 typedef struct RevokedCert RevokedCert; 01035 #endif 01036 01037 /* Complete CRL */ 01038 struct CRL_Entry { 01039 CRL_Entry* next; /* next entry */ 01040 byte issuerHash[CRL_DIGEST_SIZE]; /* issuer hash */ 01041 /* byte crlHash[CRL_DIGEST_SIZE]; raw crl data hash */ 01042 /* restore the hash here if needed for optimized comparisons */ 01043 byte lastDate[MAX_DATE_SIZE]; /* last date updated */ 01044 byte nextDate[MAX_DATE_SIZE]; /* next update date */ 01045 byte lastDateFormat; /* last date format */ 01046 byte nextDateFormat; /* next date format */ 01047 RevokedCert* certs; /* revoked cert list */ 01048 int totalCerts; /* number on list */ 01049 }; 01050 01051 01052 typedef struct CRL_Monitor CRL_Monitor; 01053 01054 /* CRL directory monitor */ 01055 struct CRL_Monitor { 01056 char* path; /* full dir path, if valid pointer we're using */ 01057 int type; /* PEM or ASN1 type */ 01058 }; 01059 01060 01061 #ifndef HAVE_CRL 01062 typedef struct CYASSL_CRL CYASSL_CRL; 01063 #endif 01064 01065 /* CyaSSL CRL controller */ 01066 struct CYASSL_CRL { 01067 CYASSL_CERT_MANAGER* cm; /* pointer back to cert manager */ 01068 CRL_Entry* crlList; /* our CRL list */ 01069 CyaSSL_Mutex crlLock; /* CRL list lock */ 01070 CRL_Monitor monitors[2]; /* PEM and DER possible */ 01071 #ifdef HAVE_CRL_MONITOR 01072 pthread_t tid; /* monitoring thread */ 01073 #endif 01074 }; 01075 01076 01077 #ifdef NO_ASN 01078 typedef struct Signer Signer; 01079 #endif 01080 01081 01082 #ifndef CA_TABLE_SIZE 01083 #define CA_TABLE_SIZE 11 01084 #endif 01085 01086 /* CyaSSL Certificate Manager */ 01087 struct CYASSL_CERT_MANAGER { 01088 Signer* caTable[CA_TABLE_SIZE]; /* the CA signer table */ 01089 CyaSSL_Mutex caLock; /* CA list lock */ 01090 CallbackCACache caCacheCallback; /* CA cache addition callback */ 01091 void* heap; /* heap helper */ 01092 CYASSL_CRL* crl; /* CRL checker */ 01093 byte crlEnabled; /* is CRL on ? */ 01094 byte crlCheckAll; /* always leaf, but all ? */ 01095 CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */ 01096 }; 01097 01098 CYASSL_LOCAL int CM_SaveCertCache(CYASSL_CERT_MANAGER*, const char*); 01099 CYASSL_LOCAL int CM_RestoreCertCache(CYASSL_CERT_MANAGER*, const char*); 01100 CYASSL_LOCAL int CM_MemSaveCertCache(CYASSL_CERT_MANAGER*, void*, int, int*); 01101 CYASSL_LOCAL int CM_MemRestoreCertCache(CYASSL_CERT_MANAGER*, const void*, int); 01102 CYASSL_LOCAL int CM_GetCertCacheMemSize(CYASSL_CERT_MANAGER*); 01103 01104 /* CyaSSL Sock Addr */ 01105 struct CYASSL_SOCKADDR { 01106 unsigned int sz; /* sockaddr size */ 01107 void* sa; /* pointer to the sockaddr_in or sockaddr_in6 */ 01108 }; 01109 01110 typedef struct CYASSL_DTLS_CTX { 01111 CYASSL_SOCKADDR peer; 01112 int fd; 01113 } CYASSL_DTLS_CTX; 01114 01115 /* RFC 6066 TLS Extensions */ 01116 #ifdef HAVE_TLS_EXTENSIONS 01117 01118 typedef enum { 01119 SERVER_NAME_INDICATION = 0,/* 01120 MAX_FRAGMENT_LENGTH = 1, 01121 CLIENT_CERTIFICATE_URL = 2, 01122 TRUSTED_CA_KEYS = 3, 01123 TRUNCATED_HMAC = 4, 01124 STATUS_REQUEST = 5, 01125 SIGNATURE_ALGORITHMS = 13,*/ 01126 } TLSX_Type; 01127 01128 typedef struct TLSX { 01129 TLSX_Type type; /* Extension Type */ 01130 void* data; /* Extension Data */ 01131 byte resp; /* IsResponse Flag */ 01132 struct TLSX* next; /* List Behavior */ 01133 } TLSX; 01134 01135 CYASSL_LOCAL TLSX* TLSX_Find(TLSX* list, TLSX_Type type); 01136 CYASSL_LOCAL void TLSX_FreeAll(TLSX* list); 01137 01138 #ifndef NO_CYASSL_CLIENT 01139 CYASSL_LOCAL word16 TLSX_GetRequestSize(CYASSL* ssl); 01140 CYASSL_LOCAL word16 TLSX_WriteRequest(CYASSL* ssl, byte* output); 01141 #endif 01142 01143 #ifndef NO_CYASSL_SERVER 01144 CYASSL_LOCAL word16 TLSX_GetResponseSize(CYASSL* ssl); 01145 CYASSL_LOCAL word16 TLSX_WriteResponse(CYASSL* ssl, byte* output); 01146 #endif 01147 01148 CYASSL_LOCAL int TLSX_Parse(CYASSL* ssl, byte* input, word16 length, 01149 byte isRequest, Suites *suites); 01150 01151 /* Server Name Indication */ 01152 #ifdef HAVE_SNI 01153 01154 typedef struct SNI { 01155 byte type; /* SNI Type */ 01156 union { char* host_name; } data; /* SNI Data */ 01157 struct SNI* next; /* List Behavior */ 01158 #ifndef NO_CYASSL_SERVER 01159 byte options; /* Behaviour options */ 01160 byte matched; /* Matching result */ 01161 #endif 01162 } SNI; 01163 01164 CYASSL_LOCAL int TLSX_UseSNI(TLSX** extensions, byte type, const void* data, 01165 word16 size); 01166 01167 #ifndef NO_CYASSL_SERVER 01168 CYASSL_LOCAL byte TLSX_SNI_Matched(TLSX* extensions, byte type); 01169 CYASSL_LOCAL void TLSX_SNI_SetOptions(TLSX* extensions, byte type, 01170 byte options); 01171 #endif 01172 01173 #endif /* HAVE_SNI */ 01174 01175 #endif /* HAVE_TLS_EXTENSIONS */ 01176 01177 /* CyaSSL context type */ 01178 struct CYASSL_CTX { 01179 CYASSL_METHOD* method; 01180 CyaSSL_Mutex countMutex; /* reference count mutex */ 01181 int refCount; /* reference count */ 01182 #ifndef NO_CERTS 01183 buffer certificate; 01184 buffer certChain; 01185 /* chain after self, in DER, with leading size for each cert */ 01186 buffer privateKey; 01187 buffer serverDH_P; 01188 buffer serverDH_G; 01189 CYASSL_CERT_MANAGER* cm; /* our cert manager, ctx owns SSL will use */ 01190 #endif 01191 Suites suites; 01192 void* heap; /* for user memory overrides */ 01193 byte verifyPeer; 01194 byte verifyNone; 01195 byte failNoCert; 01196 byte sessionCacheOff; 01197 byte sessionCacheFlushOff; 01198 byte sendVerify; /* for client side */ 01199 byte haveRSA; /* RSA available */ 01200 byte haveDH; /* server DH parms set by user */ 01201 byte haveNTRU; /* server private NTRU key loaded */ 01202 byte haveECDSAsig; /* server cert signed w/ ECDSA */ 01203 byte haveStaticECC; /* static server ECC private key */ 01204 byte partialWrite; /* only one msg per write call */ 01205 byte quietShutdown; /* don't send close notify */ 01206 byte groupMessages; /* group handshake messages before sending */ 01207 CallbackIORecv CBIORecv; 01208 CallbackIOSend CBIOSend; 01209 #ifdef CYASSL_DTLS 01210 CallbackGenCookie CBIOCookie; /* gen cookie callback */ 01211 #endif 01212 VerifyCallback verifyCallback; /* cert verification callback */ 01213 word32 timeout; /* session timeout */ 01214 #ifdef HAVE_ECC 01215 word16 eccTempKeySz; /* in octets 20 - 66 */ 01216 #endif 01217 #ifndef NO_PSK 01218 byte havePSK; /* psk key set by user */ 01219 psk_client_callback client_psk_cb; /* client callback */ 01220 psk_server_callback server_psk_cb; /* server callback */ 01221 char server_hint[MAX_PSK_ID_LEN]; 01222 #endif /* NO_PSK */ 01223 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) 01224 pem_password_cb passwd_cb; 01225 void* userdata; 01226 #endif /* OPENSSL_EXTRA */ 01227 #ifdef HAVE_OCSP 01228 CYASSL_OCSP ocsp; 01229 #endif 01230 #ifdef HAVE_CAVIUM 01231 int devId; /* cavium device id to use */ 01232 #endif 01233 #ifdef HAVE_TLS_EXTENSIONS 01234 TLSX* extensions; /* RFC 6066 TLS Extensions data */ 01235 #endif 01236 }; 01237 01238 01239 CYASSL_LOCAL 01240 int InitSSL_Ctx(CYASSL_CTX*, CYASSL_METHOD*); 01241 CYASSL_LOCAL 01242 void FreeSSL_Ctx(CYASSL_CTX*); 01243 CYASSL_LOCAL 01244 void SSL_CtxResourceFree(CYASSL_CTX*); 01245 01246 CYASSL_LOCAL 01247 int DeriveTlsKeys(CYASSL* ssl); 01248 CYASSL_LOCAL 01249 int ProcessOldClientHello(CYASSL* ssl, const byte* input, word32* inOutIdx, 01250 word32 inSz, word16 sz); 01251 #ifndef NO_CERTS 01252 CYASSL_LOCAL 01253 int AddCA(CYASSL_CERT_MANAGER* ctx, buffer der, int type, int verify); 01254 CYASSL_LOCAL 01255 int AlreadySigner(CYASSL_CERT_MANAGER* cm, byte* hash); 01256 #endif 01257 01258 /* All cipher suite related info */ 01259 typedef struct CipherSpecs { 01260 byte bulk_cipher_algorithm; 01261 byte cipher_type; /* block, stream, or aead */ 01262 byte mac_algorithm; 01263 byte kea; /* key exchange algo */ 01264 byte sig_algo; 01265 byte hash_size; 01266 byte pad_size; 01267 byte static_ecdh; 01268 word16 key_size; 01269 word16 iv_size; 01270 word16 block_size; 01271 word16 aead_mac_size; 01272 } CipherSpecs; 01273 01274 01275 void InitCipherSpecs(CipherSpecs* cs); 01276 01277 01278 /* Supported Ciphers from page 43 */ 01279 enum BulkCipherAlgorithm { 01280 cipher_null, 01281 rc4, 01282 rc2, 01283 des, 01284 triple_des, /* leading 3 (3des) not valid identifier */ 01285 des40, 01286 idea, 01287 aes, 01288 aes_gcm, 01289 aes_ccm, 01290 camellia, 01291 hc128, /* CyaSSL extensions */ 01292 rabbit 01293 }; 01294 01295 01296 /* Supported Message Authentication Codes from page 43 */ 01297 enum MACAlgorithm { 01298 no_mac, 01299 md5_mac, 01300 sha_mac, 01301 sha224_mac, 01302 sha256_mac, 01303 sha384_mac, 01304 sha512_mac, 01305 rmd_mac 01306 }; 01307 01308 01309 /* Supported Key Exchange Protocols */ 01310 enum KeyExchangeAlgorithm { 01311 no_kea, 01312 rsa_kea, 01313 diffie_hellman_kea, 01314 fortezza_kea, 01315 psk_kea, 01316 ntru_kea, 01317 ecc_diffie_hellman_kea, 01318 ecc_static_diffie_hellman_kea /* for verify suite only */ 01319 }; 01320 01321 01322 /* Supported Authentication Schemes */ 01323 enum SignatureAlgorithm { 01324 anonymous_sa_algo, 01325 rsa_sa_algo, 01326 dsa_sa_algo, 01327 ecc_dsa_sa_algo 01328 }; 01329 01330 01331 /* Supprted ECC Curve Types */ 01332 enum EccCurves { 01333 named_curve = 3 01334 }; 01335 01336 01337 /* Supprted ECC Named Curves */ 01338 enum EccNamedCurves { 01339 secp256r1 = 0x17, /* default, OpenSSL also calls it prime256v1 */ 01340 secp384r1 = 0x18, 01341 secp521r1 = 0x19, 01342 01343 secp160r1 = 0x10, 01344 secp192r1 = 0x13, /* Openssl also call it prime192v1 */ 01345 secp224r1 = 0x15 01346 }; 01347 01348 01349 /* Valid client certificate request types from page 27 */ 01350 enum ClientCertificateType { 01351 rsa_sign = 1, 01352 dss_sign = 2, 01353 rsa_fixed_dh = 3, 01354 dss_fixed_dh = 4, 01355 rsa_ephemeral_dh = 5, 01356 dss_ephemeral_dh = 6, 01357 fortezza_kea_cert = 20 01358 }; 01359 01360 01361 enum CipherType { stream, block, aead }; 01362 01363 01364 /* keys and secrets */ 01365 typedef struct Keys { 01366 byte client_write_MAC_secret[MAX_DIGEST_SIZE]; /* max sizes */ 01367 byte server_write_MAC_secret[MAX_DIGEST_SIZE]; 01368 byte client_write_key[AES_256_KEY_SIZE]; /* max sizes */ 01369 byte server_write_key[AES_256_KEY_SIZE]; 01370 byte client_write_IV[AES_IV_SIZE]; /* max sizes */ 01371 byte server_write_IV[AES_IV_SIZE]; 01372 #ifdef HAVE_AEAD 01373 byte aead_exp_IV[AEAD_EXP_IV_SZ]; 01374 byte aead_enc_imp_IV[AEAD_IMP_IV_SZ]; 01375 byte aead_dec_imp_IV[AEAD_IMP_IV_SZ]; 01376 #endif 01377 01378 word32 peer_sequence_number; 01379 word32 sequence_number; 01380 01381 #ifdef CYASSL_DTLS 01382 word32 dtls_sequence_number; 01383 word32 dtls_peer_sequence_number; 01384 word32 dtls_expected_peer_sequence_number; 01385 word16 dtls_handshake_number; 01386 word16 dtls_peer_handshake_number; 01387 word16 dtls_expected_peer_handshake_number; 01388 word16 dtls_epoch; 01389 word16 dtls_peer_epoch; 01390 word16 dtls_expected_peer_epoch; 01391 #endif 01392 01393 word32 encryptSz; /* last size of encrypted data */ 01394 byte encryptionOn; /* true after change cipher spec */ 01395 byte decryptedCur; /* only decrypt current record once */ 01396 } Keys; 01397 01398 01399 /* cipher for now */ 01400 typedef struct Ciphers { 01401 #ifdef BUILD_ARC4 01402 Arc4* arc4; 01403 #endif 01404 #ifdef BUILD_DES3 01405 Des3* des3; 01406 #endif 01407 #if defined(BUILD_AES) || defined(BUILD_AESGCM) 01408 Aes* aes; 01409 #endif 01410 #ifdef HAVE_CAMELLIA 01411 Camellia* cam; 01412 #endif 01413 #ifdef HAVE_HC128 01414 HC128* hc128; 01415 #endif 01416 #ifdef BUILD_RABBIT 01417 Rabbit* rabbit; 01418 #endif 01419 byte setup; /* have we set it up flag for detection */ 01420 } Ciphers; 01421 01422 01423 CYASSL_LOCAL void InitCiphers(CYASSL* ssl); 01424 CYASSL_LOCAL void FreeCiphers(CYASSL* ssl); 01425 01426 01427 /* hashes type */ 01428 typedef struct Hashes { 01429 #ifndef NO_OLD_TLS 01430 byte md5[MD5_DIGEST_SIZE]; 01431 #endif 01432 byte sha[SHA_DIGEST_SIZE]; 01433 #ifndef NO_SHA256 01434 byte sha256[SHA256_DIGEST_SIZE]; 01435 #endif 01436 #ifdef CYASSL_SHA384 01437 byte sha384[SHA384_DIGEST_SIZE]; 01438 #endif 01439 } Hashes; 01440 01441 01442 /* Static x509 buffer */ 01443 typedef struct x509_buffer { 01444 int length; /* actual size */ 01445 byte buffer[MAX_X509_SIZE]; /* max static cert size */ 01446 } x509_buffer; 01447 01448 01449 /* CyaSSL X509_CHAIN, for no dynamic memory SESSION_CACHE */ 01450 struct CYASSL_X509_CHAIN { 01451 int count; /* total number in chain */ 01452 x509_buffer certs[MAX_CHAIN_DEPTH]; /* only allow max depth 4 for now */ 01453 }; 01454 01455 01456 /* CyaSSL session type */ 01457 struct CYASSL_SESSION { 01458 byte sessionID[ID_LEN]; /* id for protocol */ 01459 byte masterSecret[SECRET_LEN]; /* stored secret */ 01460 word32 bornOn; /* create time in seconds */ 01461 word32 timeout; /* timeout in seconds */ 01462 #ifdef SESSION_CERTS 01463 CYASSL_X509_CHAIN chain; /* peer cert chain, static */ 01464 ProtocolVersion version; /* which version was used */ 01465 byte cipherSuite0; /* first byte, normally 0 */ 01466 byte cipherSuite; /* 2nd byte, actual suite */ 01467 #endif 01468 #ifndef NO_CLIENT_CACHE 01469 byte serverID[SERVER_ID_LEN]; /* for easier client lookup */ 01470 word16 idLen; /* serverID length */ 01471 #endif 01472 }; 01473 01474 01475 CYASSL_LOCAL 01476 CYASSL_SESSION* GetSession(CYASSL*, byte*); 01477 CYASSL_LOCAL 01478 int SetSession(CYASSL*, CYASSL_SESSION*); 01479 01480 typedef void (*hmacfp) (CYASSL*, byte*, const byte*, word32, int, int); 01481 01482 #ifndef NO_CLIENT_CACHE 01483 CYASSL_SESSION* GetSessionClient(CYASSL*, const byte*, int); 01484 #endif 01485 01486 /* client connect state for nonblocking restart */ 01487 enum ConnectState { 01488 CONNECT_BEGIN = 0, 01489 CLIENT_HELLO_SENT, 01490 HELLO_AGAIN, /* HELLO_AGAIN s for DTLS case */ 01491 HELLO_AGAIN_REPLY, 01492 FIRST_REPLY_DONE, 01493 FIRST_REPLY_FIRST, 01494 FIRST_REPLY_SECOND, 01495 FIRST_REPLY_THIRD, 01496 FIRST_REPLY_FOURTH, 01497 FINISHED_DONE, 01498 SECOND_REPLY_DONE 01499 }; 01500 01501 01502 /* server accept state for nonblocking restart */ 01503 enum AcceptState { 01504 ACCEPT_BEGIN = 0, 01505 ACCEPT_CLIENT_HELLO_DONE, 01506 HELLO_VERIFY_SENT, 01507 ACCEPT_FIRST_REPLY_DONE, 01508 SERVER_HELLO_SENT, 01509 CERT_SENT, 01510 KEY_EXCHANGE_SENT, 01511 CERT_REQ_SENT, 01512 SERVER_HELLO_DONE, 01513 ACCEPT_SECOND_REPLY_DONE, 01514 CHANGE_CIPHER_SENT, 01515 ACCEPT_FINISHED_DONE, 01516 ACCEPT_THIRD_REPLY_DONE 01517 }; 01518 01519 01520 typedef struct Buffers { 01521 #ifndef NO_CERTS 01522 buffer certificate; /* CYASSL_CTX owns, unless we own */ 01523 buffer key; /* CYASSL_CTX owns, unless we own */ 01524 buffer certChain; /* CYASSL_CTX owns */ 01525 /* chain after self, in DER, with leading size for each cert */ 01526 buffer serverDH_P; /* CYASSL_CTX owns, unless we own */ 01527 buffer serverDH_G; /* CYASSL_CTX owns, unless we own */ 01528 buffer serverDH_Pub; 01529 buffer serverDH_Priv; 01530 #endif 01531 buffer domainName; /* for client check */ 01532 bufferStatic inputBuffer; 01533 bufferStatic outputBuffer; 01534 buffer clearOutputBuffer; 01535 int prevSent; /* previous plain text bytes sent 01536 when got WANT_WRITE */ 01537 int plainSz; /* plain text bytes in buffer to send 01538 when got WANT_WRITE */ 01539 byte weOwnCert; /* SSL own cert flag */ 01540 byte weOwnKey; /* SSL own key flag */ 01541 byte weOwnDH; /* SSL own dh (p,g) flag */ 01542 #ifdef CYASSL_DTLS 01543 CYASSL_DTLS_CTX dtlsCtx; /* DTLS connection context */ 01544 #endif 01545 } Buffers; 01546 01547 typedef struct Options { 01548 byte sessionCacheOff; 01549 byte sessionCacheFlushOff; 01550 byte cipherSuite0; /* first byte, normally 0 */ 01551 byte cipherSuite; /* second byte, actual suite */ 01552 byte serverState; 01553 byte clientState; 01554 byte handShakeState; 01555 byte side; /* client or server end */ 01556 byte verifyPeer; 01557 byte verifyNone; 01558 byte failNoCert; 01559 byte downgrade; /* allow downgrade of versions */ 01560 byte sendVerify; /* false = 0, true = 1, sendBlank = 2 */ 01561 byte resuming; 01562 byte haveSessionId; /* server may not send */ 01563 byte tls; /* using TLS ? */ 01564 byte tls1_1; /* using TLSv1.1+ ? */ 01565 byte dtls; /* using datagrams ? */ 01566 byte connReset; /* has the peer reset */ 01567 byte isClosed; /* if we consider conn closed */ 01568 byte closeNotify; /* we've recieved a close notify */ 01569 byte sentNotify; /* we've sent a close notify */ 01570 byte connectState; /* nonblocking resume */ 01571 byte acceptState; /* nonblocking resume */ 01572 byte usingCompression; /* are we using compression */ 01573 byte haveRSA; /* RSA available */ 01574 byte haveDH; /* server DH parms set by user */ 01575 byte haveNTRU; /* server NTRU private key loaded */ 01576 byte haveECDSAsig; /* server ECDSA signed cert */ 01577 byte haveStaticECC; /* static server ECC private key */ 01578 byte havePeerCert; /* do we have peer's cert */ 01579 byte havePeerVerify; /* and peer's cert verify */ 01580 byte usingPSK_cipher; /* whether we're using psk as cipher */ 01581 byte sendAlertState; /* nonblocking resume */ 01582 byte processReply; /* nonblocking resume */ 01583 byte partialWrite; /* only one msg per write call */ 01584 byte quietShutdown; /* don't send close notify */ 01585 byte certOnly; /* stop once we get cert */ 01586 byte groupMessages; /* group handshake messages */ 01587 byte usingNonblock; /* set when using nonblocking socket */ 01588 byte saveArrays; /* save array Memory for user get keys 01589 or psk */ 01590 #ifndef NO_PSK 01591 byte havePSK; /* psk key set by user */ 01592 psk_client_callback client_psk_cb; 01593 psk_server_callback server_psk_cb; 01594 #endif /* NO_PSK */ 01595 } Options; 01596 01597 typedef struct Arrays { 01598 byte clientRandom[RAN_LEN]; 01599 byte serverRandom[RAN_LEN]; 01600 byte sessionID[ID_LEN]; 01601 byte preMasterSecret[ENCRYPT_LEN]; 01602 byte masterSecret[SECRET_LEN]; 01603 #ifdef CYASSL_DTLS 01604 byte cookie[MAX_COOKIE_LEN]; 01605 byte cookieSz; 01606 #endif 01607 #ifndef NO_PSK 01608 char client_identity[MAX_PSK_ID_LEN]; 01609 char server_hint[MAX_PSK_ID_LEN]; 01610 byte psk_key[MAX_PSK_KEY_LEN]; 01611 word32 psk_keySz; /* acutal size */ 01612 #endif 01613 word32 preMasterSz; /* differs for DH, actual size */ 01614 } Arrays; 01615 01616 #ifndef ASN_NAME_MAX 01617 #define ASN_NAME_MAX 256 01618 #endif 01619 01620 struct CYASSL_X509_NAME { 01621 char name[ASN_NAME_MAX]; 01622 int sz; 01623 }; 01624 01625 #ifndef EXTERNAL_SERIAL_SIZE 01626 #define EXTERNAL_SERIAL_SIZE 32 01627 #endif 01628 01629 #ifdef NO_ASN 01630 typedef struct DNS_entry DNS_entry; 01631 #endif 01632 01633 struct CYASSL_X509 { 01634 CYASSL_X509_NAME issuer; 01635 CYASSL_X509_NAME subject; 01636 int serialSz; 01637 byte serial[EXTERNAL_SERIAL_SIZE]; 01638 char subjectCN[ASN_NAME_MAX]; /* common name short cut */ 01639 buffer derCert; /* may need */ 01640 DNS_entry* altNames; /* alt names list */ 01641 DNS_entry* altNamesNext; /* hint for retrieval */ 01642 byte dynamicMemory; /* dynamic memory flag */ 01643 }; 01644 01645 01646 /* record layer header for PlainText, Compressed, and CipherText */ 01647 typedef struct RecordLayerHeader { 01648 byte type; 01649 byte pvMajor; 01650 byte pvMinor; 01651 byte length[2]; 01652 } RecordLayerHeader; 01653 01654 01655 /* record layer header for DTLS PlainText, Compressed, and CipherText */ 01656 typedef struct DtlsRecordLayerHeader { 01657 byte type; 01658 byte pvMajor; 01659 byte pvMinor; 01660 byte epoch[2]; /* increment on cipher state change */ 01661 byte sequence_number[6]; /* per record */ 01662 byte length[2]; 01663 } DtlsRecordLayerHeader; 01664 01665 01666 typedef struct DtlsPool { 01667 buffer buf[DTLS_POOL_SZ]; 01668 int used; 01669 } DtlsPool; 01670 01671 typedef struct DtlsMsg { 01672 struct DtlsMsg* next; 01673 word32 seq; /* Handshake sequence number */ 01674 word32 sz; /* Length of whole mesage */ 01675 word32 fragSz; /* Length of fragments received */ 01676 byte type; 01677 byte* buf; 01678 byte* msg; 01679 } DtlsMsg; 01680 01681 01682 /* CyaSSL ssl type */ 01683 struct CYASSL { 01684 CYASSL_CTX* ctx; 01685 int error; 01686 ProtocolVersion version; /* negotiated version */ 01687 ProtocolVersion chVersion; /* client hello version */ 01688 Suites* suites; /* only need during handshake */ 01689 Ciphers encrypt; 01690 Ciphers decrypt; 01691 CipherSpecs specs; 01692 Keys keys; 01693 int rfd; /* read file descriptor */ 01694 int wfd; /* write file descriptor */ 01695 int rflags; /* user read flags */ 01696 int wflags; /* user write flags */ 01697 CYASSL_BIO* biord; /* socket bio read to free/close */ 01698 CYASSL_BIO* biowr; /* socket bio write to free/close */ 01699 void* IOCB_ReadCtx; 01700 void* IOCB_WriteCtx; 01701 RNG* rng; 01702 #ifndef NO_OLD_TLS 01703 #ifndef NO_SHA 01704 Sha hashSha; /* sha hash of handshake msgs */ 01705 #endif 01706 #ifndef NO_MD5 01707 Md5 hashMd5; /* md5 hash of handshake msgs */ 01708 #endif 01709 #endif 01710 #ifndef NO_SHA256 01711 Sha256 hashSha256; /* sha256 hash of handshake msgs */ 01712 #endif 01713 #ifdef CYASSL_SHA384 01714 Sha384 hashSha384; /* sha384 hash of handshake msgs */ 01715 #endif 01716 Hashes verifyHashes; 01717 Hashes certHashes; /* for cert verify */ 01718 Buffers buffers; 01719 Options options; 01720 Arrays* arrays; 01721 CYASSL_SESSION session; 01722 VerifyCallback verifyCallback; /* cert verification callback */ 01723 void* verifyCbCtx; /* cert verify callback user ctx*/ 01724 #ifndef NO_RSA 01725 RsaKey* peerRsaKey; 01726 byte peerRsaKeyPresent; 01727 #endif 01728 #ifdef HAVE_NTRU 01729 word16 peerNtruKeyLen; 01730 byte peerNtruKey[MAX_NTRU_PUB_KEY_SZ]; 01731 byte peerNtruKeyPresent; 01732 #endif 01733 #ifdef HAVE_ECC 01734 ecc_key* peerEccKey; /* peer's ECDHE key */ 01735 ecc_key* peerEccDsaKey; /* peer's ECDSA key */ 01736 ecc_key* eccTempKey; /* private ECDHE key */ 01737 ecc_key* eccDsaKey; /* private ECDSA key */ 01738 word16 eccTempKeySz; /* in octets 20 - 66 */ 01739 byte peerEccKeyPresent; 01740 byte peerEccDsaKeyPresent; 01741 byte eccTempKeyPresent; 01742 byte eccDsaKeyPresent; 01743 #endif 01744 hmacfp hmac; 01745 void* heap; /* for user overrides */ 01746 RecordLayerHeader curRL; 01747 word16 curSize; 01748 word32 timeout; /* session timeout */ 01749 CYASSL_CIPHER cipher; 01750 #ifdef HAVE_LIBZ 01751 z_stream c_stream; /* compression stream */ 01752 z_stream d_stream; /* decompression stream */ 01753 byte didStreamInit; /* for stream init and end */ 01754 #endif 01755 #ifdef CYASSL_DTLS 01756 int dtls_timeout_init; /* starting timeout vaule */ 01757 int dtls_timeout_max; /* maximum timeout value */ 01758 int dtls_timeout; /* current timeout value, changes */ 01759 DtlsPool* dtls_pool; 01760 DtlsMsg* dtls_msg_list; 01761 void* IOCB_CookieCtx; /* gen cookie ctx */ 01762 word32 dtls_expected_rx; 01763 #endif 01764 #ifdef CYASSL_CALLBACKS 01765 HandShakeInfo handShakeInfo; /* info saved during handshake */ 01766 TimeoutInfo timeoutInfo; /* info saved during handshake */ 01767 byte hsInfoOn; /* track handshake info */ 01768 byte toInfoOn; /* track timeout info */ 01769 #endif 01770 #ifdef KEEP_PEER_CERT 01771 CYASSL_X509 peerCert; /* X509 peer cert */ 01772 #endif 01773 #ifdef FORTRESS 01774 void* ex_data[MAX_EX_DATA]; /* external data, for Fortress */ 01775 #endif 01776 #ifdef HAVE_CAVIUM 01777 int devId; /* cavium device id to use */ 01778 #endif 01779 #ifdef HAVE_TLS_EXTENSIONS 01780 TLSX* extensions; /* RFC 6066 TLS Extensions data */ 01781 #endif 01782 CYASSL_ALERT_HISTORY alert_history; 01783 }; 01784 01785 01786 CYASSL_LOCAL 01787 int InitSSL(CYASSL*, CYASSL_CTX*); 01788 CYASSL_LOCAL 01789 void FreeSSL(CYASSL*); 01790 CYASSL_API void SSL_ResourceFree(CYASSL*); /* Micrium uses */ 01791 01792 01793 enum { 01794 IV_SZ = 32, /* max iv sz */ 01795 NAME_SZ = 80 /* max one line */ 01796 }; 01797 01798 01799 typedef struct EncryptedInfo { 01800 char name[NAME_SZ]; /* encryption name */ 01801 byte iv[IV_SZ]; /* encrypted IV */ 01802 word32 ivSz; /* encrypted IV size */ 01803 long consumed; /* tracks PEM bytes consumed */ 01804 byte set; /* if encryption set */ 01805 CYASSL_CTX* ctx; /* CTX owner */ 01806 } EncryptedInfo; 01807 01808 01809 #ifndef NO_CERTS 01810 CYASSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type, 01811 buffer* der, void* heap, EncryptedInfo* info, 01812 int* eccKey); 01813 01814 CYASSL_LOCAL int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, 01815 int type, CYASSL* ssl, int userChain, 01816 CYASSL_CRL* crl); 01817 #endif 01818 01819 01820 #ifdef CYASSL_CALLBACKS 01821 CYASSL_LOCAL 01822 void InitHandShakeInfo(HandShakeInfo*); 01823 CYASSL_LOCAL 01824 void FinishHandShakeInfo(HandShakeInfo*, const CYASSL*); 01825 CYASSL_LOCAL 01826 void AddPacketName(const char*, HandShakeInfo*); 01827 01828 CYASSL_LOCAL 01829 void InitTimeoutInfo(TimeoutInfo*); 01830 CYASSL_LOCAL 01831 void FreeTimeoutInfo(TimeoutInfo*, void*); 01832 CYASSL_LOCAL 01833 void AddPacketInfo(const char*, TimeoutInfo*, const byte*, int, void*); 01834 CYASSL_LOCAL 01835 void AddLateName(const char*, TimeoutInfo*); 01836 CYASSL_LOCAL 01837 void AddLateRecordHeader(const RecordLayerHeader* rl, TimeoutInfo* info); 01838 #endif 01839 01840 01841 /* Record Layer Header identifier from page 12 */ 01842 enum ContentType { 01843 no_type = 0, 01844 change_cipher_spec = 20, 01845 alert = 21, 01846 handshake = 22, 01847 application_data = 23 01848 }; 01849 01850 01851 /* handshake header, same for each message type, pgs 20/21 */ 01852 typedef struct HandShakeHeader { 01853 byte type; 01854 word24 length; 01855 } HandShakeHeader; 01856 01857 01858 /* DTLS handshake header, same for each message type */ 01859 typedef struct DtlsHandShakeHeader { 01860 byte type; 01861 word24 length; 01862 byte message_seq[2]; /* start at 0, restransmit gets same # */ 01863 word24 fragment_offset; /* bytes in previous fragments */ 01864 word24 fragment_length; /* length of this fragment */ 01865 } DtlsHandShakeHeader; 01866 01867 01868 enum HandShakeType { 01869 no_shake = -1, 01870 hello_request = 0, 01871 client_hello = 1, 01872 server_hello = 2, 01873 hello_verify_request = 3, /* DTLS addition */ 01874 session_ticket = 4, 01875 certificate = 11, 01876 server_key_exchange = 12, 01877 certificate_request = 13, 01878 server_hello_done = 14, 01879 certificate_verify = 15, 01880 client_key_exchange = 16, 01881 finished = 20 01882 }; 01883 01884 01885 /* Valid Alert types from page 16/17 */ 01886 enum AlertDescription { 01887 close_notify = 0, 01888 unexpected_message = 10, 01889 bad_record_mac = 20, 01890 decompression_failure = 30, 01891 handshake_failure = 40, 01892 no_certificate = 41, 01893 bad_certificate = 42, 01894 unsupported_certificate = 43, 01895 certificate_revoked = 44, 01896 certificate_expired = 45, 01897 certificate_unknown = 46, 01898 illegal_parameter = 47, 01899 decrypt_error = 51, 01900 protocol_version = 70, 01901 no_renegotiation = 100, 01902 unrecognized_name = 112 01903 }; 01904 01905 01906 enum AlertLevel { 01907 alert_warning = 1, 01908 alert_fatal = 2 01909 }; 01910 01911 01912 static const byte client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 }; 01913 static const byte server[SIZEOF_SENDER] = { 0x53, 0x52, 0x56, 0x52 }; 01914 01915 static const byte tls_client[FINISHED_LABEL_SZ + 1] = "client finished"; 01916 static const byte tls_server[FINISHED_LABEL_SZ + 1] = "server finished"; 01917 01918 01919 /* internal functions */ 01920 CYASSL_LOCAL int SendChangeCipher(CYASSL*); 01921 CYASSL_LOCAL int SendData(CYASSL*, const void*, int); 01922 CYASSL_LOCAL int SendCertificate(CYASSL*); 01923 CYASSL_LOCAL int SendCertificateRequest(CYASSL*); 01924 CYASSL_LOCAL int SendServerKeyExchange(CYASSL*); 01925 CYASSL_LOCAL int SendBuffered(CYASSL*); 01926 CYASSL_LOCAL int ReceiveData(CYASSL*, byte*, int, int); 01927 CYASSL_LOCAL int SendFinished(CYASSL*); 01928 CYASSL_LOCAL int SendAlert(CYASSL*, int, int); 01929 CYASSL_LOCAL int ProcessReply(CYASSL*); 01930 01931 CYASSL_LOCAL int SetCipherSpecs(CYASSL*); 01932 CYASSL_LOCAL int MakeMasterSecret(CYASSL*); 01933 01934 CYASSL_LOCAL int AddSession(CYASSL*); 01935 CYASSL_LOCAL int DeriveKeys(CYASSL* ssl); 01936 CYASSL_LOCAL int StoreKeys(CYASSL* ssl, const byte* keyData); 01937 01938 CYASSL_LOCAL int IsTLS(const CYASSL* ssl); 01939 CYASSL_LOCAL int IsAtLeastTLSv1_2(const CYASSL* ssl); 01940 01941 CYASSL_LOCAL void FreeHandshakeResources(CYASSL* ssl); 01942 CYASSL_LOCAL void ShrinkInputBuffer(CYASSL* ssl, int forcedFree); 01943 CYASSL_LOCAL void ShrinkOutputBuffer(CYASSL* ssl); 01944 #ifndef NO_CERTS 01945 CYASSL_LOCAL Signer* GetCA(void* cm, byte* hash); 01946 #ifndef NO_SKID 01947 CYASSL_LOCAL Signer* GetCAByName(void* cm, byte* hash); 01948 #endif 01949 #endif 01950 CYASSL_LOCAL void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, 01951 const byte* sender); 01952 CYASSL_LOCAL void FreeArrays(CYASSL* ssl, int keep); 01953 CYASSL_LOCAL int CheckAvailableSize(CYASSL *ssl, int size); 01954 CYASSL_LOCAL int GrowInputBuffer(CYASSL* ssl, int size, int usedLength); 01955 01956 #ifndef NO_TLS 01957 CYASSL_LOCAL int MakeTlsMasterSecret(CYASSL*); 01958 CYASSL_LOCAL void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, 01959 word32 sz, int content, int verify); 01960 #endif 01961 01962 #ifndef NO_CYASSL_CLIENT 01963 CYASSL_LOCAL int SendClientHello(CYASSL*); 01964 CYASSL_LOCAL int SendClientKeyExchange(CYASSL*); 01965 CYASSL_LOCAL int SendCertificateVerify(CYASSL*); 01966 #endif /* NO_CYASSL_CLIENT */ 01967 01968 #ifndef NO_CYASSL_SERVER 01969 CYASSL_LOCAL int SendServerHello(CYASSL*); 01970 CYASSL_LOCAL int SendServerHelloDone(CYASSL*); 01971 #ifdef CYASSL_DTLS 01972 CYASSL_LOCAL int SendHelloVerifyRequest(CYASSL*); 01973 #endif 01974 #endif /* NO_CYASSL_SERVER */ 01975 01976 #ifdef CYASSL_DTLS 01977 CYASSL_LOCAL int DtlsPoolInit(CYASSL*); 01978 CYASSL_LOCAL int DtlsPoolSave(CYASSL*, const byte*, int); 01979 CYASSL_LOCAL int DtlsPoolTimeout(CYASSL*); 01980 CYASSL_LOCAL int DtlsPoolSend(CYASSL*); 01981 CYASSL_LOCAL void DtlsPoolReset(CYASSL*); 01982 01983 CYASSL_LOCAL DtlsMsg* DtlsMsgNew(word32, void*); 01984 CYASSL_LOCAL void DtlsMsgDelete(DtlsMsg*, void*); 01985 CYASSL_LOCAL void DtlsMsgListDelete(DtlsMsg*, void*); 01986 CYASSL_LOCAL void DtlsMsgSet(DtlsMsg*, word32, const byte*, byte, 01987 word32, word32); 01988 CYASSL_LOCAL DtlsMsg* DtlsMsgFind(DtlsMsg*, word32); 01989 CYASSL_LOCAL DtlsMsg* DtlsMsgStore(DtlsMsg*, word32, const byte*, word32, 01990 byte, word32, word32, void*); 01991 CYASSL_LOCAL DtlsMsg* DtlsMsgInsert(DtlsMsg*, DtlsMsg*); 01992 #endif /* CYASSL_DTLS */ 01993 01994 #ifndef NO_TLS 01995 01996 01997 #endif /* NO_TLS */ 01998 01999 02000 CYASSL_LOCAL word32 LowResTimer(void); 02001 02002 CYASSL_LOCAL void InitX509(CYASSL_X509*, int); 02003 CYASSL_LOCAL void FreeX509(CYASSL_X509*); 02004 #ifndef NO_CERTS 02005 CYASSL_LOCAL int CopyDecodedToX509(CYASSL_X509*, DecodedCert*); 02006 #endif 02007 02008 02009 #ifdef __cplusplus 02010 } /* extern "C" */ 02011 #endif 02012 02013 #endif /* CyaSSL_INT_H */ 02014
Generated on Thu Jul 14 2022 20:26:03 by
1.7.2