1/* 2 * wpa_supplicant/hostapd: TLSv1 common definitions 3 * Copyright (c) 2006, Jouni Malinen <j@w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15#ifndef TLSV1_COMMON 16#define TLSV1_COMMON 17 18#define TLS_VERSION 0x0301 /* TLSv1 */ 19#define TLS_RANDOM_LEN 32 20#define TLS_PRE_MASTER_SECRET_LEN 48 21#define TLS_MASTER_SECRET_LEN 48 22#define TLS_SESSION_ID_MAX_LEN 32 23#define TLS_VERIFY_DATA_LEN 12 24#define TLS_MAX_WRITE_MAC_SECRET_LEN 20 25#define TLS_MAX_WRITE_KEY_LEN 32 26#define TLS_MAX_IV_LEN 16 27#define TLS_MAX_KEY_BLOCK_LEN (2 * (TLS_MAX_WRITE_MAC_SECRET_LEN + \ 28 TLS_MAX_WRITE_KEY_LEN + TLS_MAX_IV_LEN)) 29#define TLS_SEQ_NUM_LEN 8 30#define TLS_RECORD_HEADER_LEN 5 31 32/* ContentType */ 33enum { 34 TLS_CONTENT_TYPE_CHANGE_CIPHER_SPEC = 20, 35 TLS_CONTENT_TYPE_ALERT = 21, 36 TLS_CONTENT_TYPE_HANDSHAKE = 22, 37 TLS_CONTENT_TYPE_APPLICATION_DATA = 23 38}; 39 40/* HandshakeType */ 41enum { 42 TLS_HANDSHAKE_TYPE_HELLO_REQUEST = 0, 43 TLS_HANDSHAKE_TYPE_CLIENT_HELLO = 1, 44 TLS_HANDSHAKE_TYPE_SERVER_HELLO = 2, 45 TLS_HANDSHAKE_TYPE_CERTIFICATE = 11, 46 TLS_HANDSHAKE_TYPE_SERVER_KEY_EXCHANGE = 12, 47 TLS_HANDSHAKE_TYPE_CERTIFICATE_REQUEST = 13, 48 TLS_HANDSHAKE_TYPE_SERVER_HELLO_DONE = 14, 49 TLS_HANDSHAKE_TYPE_CERTIFICATE_VERIFY = 15, 50 TLS_HANDSHAKE_TYPE_CLIENT_KEY_EXCHANGE = 16, 51 TLS_HANDSHAKE_TYPE_FINISHED = 20 52}; 53 54/* CipherSuite */ 55#define TLS_NULL_WITH_NULL_NULL 0x0000 /* RFC 2246 */ 56#define TLS_RSA_WITH_NULL_MD5 0x0001 /* RFC 2246 */ 57#define TLS_RSA_WITH_NULL_SHA 0x0002 /* RFC 2246 */ 58#define TLS_RSA_EXPORT_WITH_RC4_40_MD5 0x0003 /* RFC 2246 */ 59#define TLS_RSA_WITH_RC4_128_MD5 0x0004 /* RFC 2246 */ 60#define TLS_RSA_WITH_RC4_128_SHA 0x0005 /* RFC 2246 */ 61#define TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 0x0006 /* RFC 2246 */ 62#define TLS_RSA_WITH_IDEA_CBC_SHA 0x0007 /* RFC 2246 */ 63#define TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0008 /* RFC 2246 */ 64#define TLS_RSA_WITH_DES_CBC_SHA 0x0009 /* RFC 2246 */ 65#define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x000A /* RFC 2246 */ 66#define TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA 0x000B /* RFC 2246 */ 67#define TLS_DH_DSS_WITH_DES_CBC_SHA 0x000C /* RFC 2246 */ 68#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA 0x000D /* RFC 2246 */ 69#define TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 0x000E /* RFC 2246 */ 70#define TLS_DH_RSA_WITH_DES_CBC_SHA 0x000F /* RFC 2246 */ 71#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA 0x0010 /* RFC 2246 */ 72#define TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0011 /* RFC 2246 */ 73#define TLS_DHE_DSS_WITH_DES_CBC_SHA 0x0012 /* RFC 2246 */ 74#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013 /* RFC 2246 */ 75#define TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0014 /* RFC 2246 */ 76#define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x0015 /* RFC 2246 */ 77#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x0016 /* RFC 2246 */ 78#define TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 0x0017 /* RFC 2246 */ 79#define TLS_DH_anon_WITH_RC4_128_MD5 0x0018 /* RFC 2246 */ 80#define TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA 0x0019 /* RFC 2246 */ 81#define TLS_DH_anon_WITH_DES_CBC_SHA 0x001A /* RFC 2246 */ 82#define TLS_DH_anon_WITH_3DES_EDE_CBC_SHA 0x001B /* RFC 2246 */ 83#define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F /* RFC 3268 */ 84#define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030 /* RFC 3268 */ 85#define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031 /* RFC 3268 */ 86#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032 /* RFC 3268 */ 87#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033 /* RFC 3268 */ 88#define TLS_DH_anon_WITH_AES_128_CBC_SHA 0x0034 /* RFC 3268 */ 89#define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 /* RFC 3268 */ 90#define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036 /* RFC 3268 */ 91#define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037 /* RFC 3268 */ 92#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038 /* RFC 3268 */ 93#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039 /* RFC 3268 */ 94#define TLS_DH_anon_WITH_AES_256_CBC_SHA 0x003A /* RFC 3268 */ 95 96/* CompressionMethod */ 97#define TLS_COMPRESSION_NULL 0 98 99/* AlertLevel */ 100#define TLS_ALERT_LEVEL_WARNING 1 101#define TLS_ALERT_LEVEL_FATAL 2 102 103/* AlertDescription */ 104#define TLS_ALERT_CLOSE_NOTIFY 0 105#define TLS_ALERT_UNEXPECTED_MESSAGE 10 106#define TLS_ALERT_BAD_RECORD_MAC 20 107#define TLS_ALERT_DECRYPTION_FAILED 21 108#define TLS_ALERT_RECORD_OVERFLOW 22 109#define TLS_ALERT_DECOMPRESSION_FAILURE 30 110#define TLS_ALERT_HANDSHAKE_FAILURE 40 111#define TLS_ALERT_BAD_CERTIFICATE 42 112#define TLS_ALERT_UNSUPPORTED_CERTIFICATE 43 113#define TLS_ALERT_CERTIFICATE_REVOKED 44 114#define TLS_ALERT_CERTIFICATE_EXPIRED 45 115#define TLS_ALERT_CERTIFICATE_UNKNOWN 46 116#define TLS_ALERT_ILLEGAL_PARAMETER 47 117#define TLS_ALERT_UNKNOWN_CA 48 118#define TLS_ALERT_ACCESS_DENIED 49 119#define TLS_ALERT_DECODE_ERROR 50 120#define TLS_ALERT_DECRYPT_ERROR 51 121#define TLS_ALERT_EXPORT_RESTRICTION 60 122#define TLS_ALERT_PROTOCOL_VERSION 70 123#define TLS_ALERT_INSUFFICIENT_SECURITY 71 124#define TLS_ALERT_INTERNAL_ERROR 80 125#define TLS_ALERT_USER_CANCELED 90 126#define TLS_ALERT_NO_RENEGOTIATION 100 127 128/* ChangeCipherSpec */ 129enum { 130 TLS_CHANGE_CIPHER_SPEC = 1 131}; 132 133/* TLS Extensions */ 134#define TLS_EXT_PAC_OPAQUE 35 135 136 137typedef enum { 138 TLS_KEY_X_NULL, 139 TLS_KEY_X_RSA, 140 TLS_KEY_X_RSA_EXPORT, 141 TLS_KEY_X_DH_DSS_EXPORT, 142 TLS_KEY_X_DH_DSS, 143 TLS_KEY_X_DH_RSA_EXPORT, 144 TLS_KEY_X_DH_RSA, 145 TLS_KEY_X_DHE_DSS_EXPORT, 146 TLS_KEY_X_DHE_DSS, 147 TLS_KEY_X_DHE_RSA_EXPORT, 148 TLS_KEY_X_DHE_RSA, 149 TLS_KEY_X_DH_anon_EXPORT, 150 TLS_KEY_X_DH_anon 151} tls_key_exchange; 152 153typedef enum { 154 TLS_CIPHER_NULL, 155 TLS_CIPHER_RC4_40, 156 TLS_CIPHER_RC4_128, 157 TLS_CIPHER_RC2_CBC_40, 158 TLS_CIPHER_IDEA_CBC, 159 TLS_CIPHER_DES40_CBC, 160 TLS_CIPHER_DES_CBC, 161 TLS_CIPHER_3DES_EDE_CBC, 162 TLS_CIPHER_AES_128_CBC, 163 TLS_CIPHER_AES_256_CBC 164} tls_cipher; 165 166typedef enum { 167 TLS_HASH_NULL, 168 TLS_HASH_MD5, 169 TLS_HASH_SHA 170} tls_hash; 171 172struct tls_cipher_suite { 173 u16 suite; 174 tls_key_exchange key_exchange; 175 tls_cipher cipher; 176 tls_hash hash; 177}; 178 179typedef enum { 180 TLS_CIPHER_STREAM, 181 TLS_CIPHER_BLOCK 182} tls_cipher_type; 183 184struct tls_cipher_data { 185 tls_cipher cipher; 186 tls_cipher_type type; 187 size_t key_material; 188 size_t expanded_key_material; 189 size_t block_size; /* also iv_size */ 190 enum crypto_cipher_alg alg; 191}; 192 193 194struct tlsv1_record_layer { 195 u8 write_mac_secret[TLS_MAX_WRITE_MAC_SECRET_LEN]; 196 u8 read_mac_secret[TLS_MAX_WRITE_MAC_SECRET_LEN]; 197 u8 write_key[TLS_MAX_WRITE_KEY_LEN]; 198 u8 read_key[TLS_MAX_WRITE_KEY_LEN]; 199 u8 write_iv[TLS_MAX_IV_LEN]; 200 u8 read_iv[TLS_MAX_IV_LEN]; 201 202 size_t hash_size; 203 size_t key_material_len; 204 size_t iv_size; /* also block_size */ 205 206 enum crypto_hash_alg hash_alg; 207 enum crypto_cipher_alg cipher_alg; 208 209 u8 write_seq_num[TLS_SEQ_NUM_LEN]; 210 u8 read_seq_num[TLS_SEQ_NUM_LEN]; 211 212 u16 cipher_suite; 213 u16 write_cipher_suite; 214 u16 read_cipher_suite; 215 216 struct crypto_cipher *write_cbc; 217 struct crypto_cipher *read_cbc; 218}; 219 220 221const struct tls_cipher_suite * tls_get_cipher_suite(u16 suite); 222int tls_parse_cert(const u8 *buf, size_t len, struct crypto_public_key **pk); 223int tlsv1_record_set_cipher_suite(struct tlsv1_record_layer *rl, 224 u16 cipher_suite); 225int tlsv1_record_change_write_cipher(struct tlsv1_record_layer *rl); 226int tlsv1_record_change_read_cipher(struct tlsv1_record_layer *rl); 227int tlsv1_record_send(struct tlsv1_record_layer *rl, u8 content_type, u8 *buf, 228 size_t buf_size, size_t payload_len, size_t *out_len); 229int tlsv1_record_receive(struct tlsv1_record_layer *rl, 230 const u8 *in_data, size_t in_len, 231 u8 *out_data, size_t *out_len, u8 *alert); 232 233#endif /* TLSV1_COMMON_H */ 234