1/*
2 * TLSv1 common definitions
3 * Copyright (c) 2006-2011, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9#ifndef TLSV1_COMMON_H
10#define TLSV1_COMMON_H
11
12#include "crypto/crypto.h"
13
14#define TLS_VERSION_1 0x0301 /* TLSv1 */
15#define TLS_VERSION_1_1 0x0302 /* TLSv1.1 */
16#define TLS_VERSION_1_2 0x0303 /* TLSv1.2 */
17#ifdef CONFIG_TLSV12
18#define TLS_VERSION TLS_VERSION_1_2
19#else /* CONFIG_TLSV12 */
20#ifdef CONFIG_TLSV11
21#define TLS_VERSION TLS_VERSION_1_1
22#else /* CONFIG_TLSV11 */
23#define TLS_VERSION TLS_VERSION_1
24#endif /* CONFIG_TLSV11 */
25#endif /* CONFIG_TLSV12 */
26#define TLS_RANDOM_LEN 32
27#define TLS_PRE_MASTER_SECRET_LEN 48
28#define TLS_MASTER_SECRET_LEN 48
29#define TLS_SESSION_ID_MAX_LEN 32
30#define TLS_VERIFY_DATA_LEN 12
31
32/* HandshakeType */
33enum {
34	TLS_HANDSHAKE_TYPE_HELLO_REQUEST = 0,
35	TLS_HANDSHAKE_TYPE_CLIENT_HELLO = 1,
36	TLS_HANDSHAKE_TYPE_SERVER_HELLO = 2,
37	TLS_HANDSHAKE_TYPE_NEW_SESSION_TICKET = 4 /* RFC 4507 */,
38	TLS_HANDSHAKE_TYPE_CERTIFICATE = 11,
39	TLS_HANDSHAKE_TYPE_SERVER_KEY_EXCHANGE = 12,
40	TLS_HANDSHAKE_TYPE_CERTIFICATE_REQUEST = 13,
41	TLS_HANDSHAKE_TYPE_SERVER_HELLO_DONE = 14,
42	TLS_HANDSHAKE_TYPE_CERTIFICATE_VERIFY = 15,
43	TLS_HANDSHAKE_TYPE_CLIENT_KEY_EXCHANGE = 16,
44	TLS_HANDSHAKE_TYPE_FINISHED = 20,
45	TLS_HANDSHAKE_TYPE_CERTIFICATE_URL = 21 /* RFC 4366 */,
46	TLS_HANDSHAKE_TYPE_CERTIFICATE_STATUS = 22 /* RFC 4366 */
47};
48
49/* CipherSuite */
50#define TLS_NULL_WITH_NULL_NULL			0x0000 /* RFC 2246 */
51#define TLS_RSA_WITH_NULL_MD5			0x0001 /* RFC 2246 */
52#define TLS_RSA_WITH_NULL_SHA			0x0002 /* RFC 2246 */
53#define TLS_RSA_EXPORT_WITH_RC4_40_MD5		0x0003 /* RFC 2246 */
54#define TLS_RSA_WITH_RC4_128_MD5		0x0004 /* RFC 2246 */
55#define TLS_RSA_WITH_RC4_128_SHA		0x0005 /* RFC 2246 */
56#define TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5	0x0006 /* RFC 2246 */
57#define TLS_RSA_WITH_IDEA_CBC_SHA		0x0007 /* RFC 2246 */
58#define TLS_RSA_EXPORT_WITH_DES40_CBC_SHA	0x0008 /* RFC 2246 */
59#define TLS_RSA_WITH_DES_CBC_SHA		0x0009 /* RFC 2246 */
60#define TLS_RSA_WITH_3DES_EDE_CBC_SHA		0x000A /* RFC 2246 */
61#define TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA	0x000B /* RFC 2246 */
62#define TLS_DH_DSS_WITH_DES_CBC_SHA		0x000C /* RFC 2246 */
63#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA	0x000D /* RFC 2246 */
64#define TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA	0x000E /* RFC 2246 */
65#define TLS_DH_RSA_WITH_DES_CBC_SHA		0x000F /* RFC 2246 */
66#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA	0x0010 /* RFC 2246 */
67#define TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA	0x0011 /* RFC 2246 */
68#define TLS_DHE_DSS_WITH_DES_CBC_SHA		0x0012 /* RFC 2246 */
69#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA	0x0013 /* RFC 2246 */
70#define TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA	0x0014 /* RFC 2246 */
71#define TLS_DHE_RSA_WITH_DES_CBC_SHA		0x0015 /* RFC 2246 */
72#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA	0x0016 /* RFC 2246 */
73#define TLS_DH_anon_EXPORT_WITH_RC4_40_MD5	0x0017 /* RFC 2246 */
74#define TLS_DH_anon_WITH_RC4_128_MD5		0x0018 /* RFC 2246 */
75#define TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA	0x0019 /* RFC 2246 */
76#define TLS_DH_anon_WITH_DES_CBC_SHA		0x001A /* RFC 2246 */
77#define TLS_DH_anon_WITH_3DES_EDE_CBC_SHA	0x001B /* RFC 2246 */
78#define TLS_RSA_WITH_AES_128_CBC_SHA		0x002F /* RFC 3268 */
79#define TLS_DH_DSS_WITH_AES_128_CBC_SHA		0x0030 /* RFC 3268 */
80#define TLS_DH_RSA_WITH_AES_128_CBC_SHA		0x0031 /* RFC 3268 */
81#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA	0x0032 /* RFC 3268 */
82#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA	0x0033 /* RFC 3268 */
83#define TLS_DH_anon_WITH_AES_128_CBC_SHA	0x0034 /* RFC 3268 */
84#define TLS_RSA_WITH_AES_256_CBC_SHA		0x0035 /* RFC 3268 */
85#define TLS_DH_DSS_WITH_AES_256_CBC_SHA		0x0036 /* RFC 3268 */
86#define TLS_DH_RSA_WITH_AES_256_CBC_SHA		0x0037 /* RFC 3268 */
87#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA	0x0038 /* RFC 3268 */
88#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA	0x0039 /* RFC 3268 */
89#define TLS_DH_anon_WITH_AES_256_CBC_SHA	0x003A /* RFC 3268 */
90#define TLS_RSA_WITH_NULL_SHA256		0x003B /* RFC 5246 */
91#define TLS_RSA_WITH_AES_128_CBC_SHA256		0x003C /* RFC 5246 */
92#define TLS_RSA_WITH_AES_256_CBC_SHA256		0x003D /* RFC 5246 */
93#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256	0x003E /* RFC 5246 */
94#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256	0x003F /* RFC 5246 */
95#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256	0x0040 /* RFC 5246 */
96#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256	0x0067 /* RFC 5246 */
97#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256	0x0068 /* RFC 5246 */
98#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256	0x0069 /* RFC 5246 */
99#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256	0x006A /* RFC 5246 */
100#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256	0x006B /* RFC 5246 */
101#define TLS_DH_anon_WITH_AES_128_CBC_SHA256	0x006C /* RFC 5246 */
102#define TLS_DH_anon_WITH_AES_256_CBC_SHA256	0x006D /* RFC 5246 */
103
104/* CompressionMethod */
105#define TLS_COMPRESSION_NULL 0
106
107/* HashAlgorithm */
108enum {
109	TLS_HASH_ALG_NONE = 0,
110	TLS_HASH_ALG_MD5 = 1,
111	TLS_HASH_ALG_SHA1 = 2,
112	TLS_HASH_ALG_SHA224 = 3,
113	TLS_HASH_ALG_SHA256 = 4,
114	TLS_HASH_ALG_SHA384 = 5,
115	TLS_HASH_ALG_SHA512 = 6
116};
117
118/* SignatureAlgorithm */
119enum {
120	TLS_SIGN_ALG_ANONYMOUS = 0,
121	TLS_SIGN_ALG_RSA = 1,
122	TLS_SIGN_ALG_DSA = 2,
123	TLS_SIGN_ALG_ECDSA = 3,
124};
125
126/* AlertLevel */
127#define TLS_ALERT_LEVEL_WARNING 1
128#define TLS_ALERT_LEVEL_FATAL 2
129
130/* AlertDescription */
131#define TLS_ALERT_CLOSE_NOTIFY			0
132#define TLS_ALERT_UNEXPECTED_MESSAGE		10
133#define TLS_ALERT_BAD_RECORD_MAC		20
134#define TLS_ALERT_DECRYPTION_FAILED		21
135#define TLS_ALERT_RECORD_OVERFLOW		22
136#define TLS_ALERT_DECOMPRESSION_FAILURE		30
137#define TLS_ALERT_HANDSHAKE_FAILURE		40
138#define TLS_ALERT_BAD_CERTIFICATE		42
139#define TLS_ALERT_UNSUPPORTED_CERTIFICATE	43
140#define TLS_ALERT_CERTIFICATE_REVOKED		44
141#define TLS_ALERT_CERTIFICATE_EXPIRED		45
142#define TLS_ALERT_CERTIFICATE_UNKNOWN		46
143#define TLS_ALERT_ILLEGAL_PARAMETER		47
144#define TLS_ALERT_UNKNOWN_CA			48
145#define TLS_ALERT_ACCESS_DENIED			49
146#define TLS_ALERT_DECODE_ERROR			50
147#define TLS_ALERT_DECRYPT_ERROR			51
148#define TLS_ALERT_EXPORT_RESTRICTION		60
149#define TLS_ALERT_PROTOCOL_VERSION		70
150#define TLS_ALERT_INSUFFICIENT_SECURITY		71
151#define TLS_ALERT_INTERNAL_ERROR		80
152#define TLS_ALERT_USER_CANCELED			90
153#define TLS_ALERT_NO_RENEGOTIATION		100
154#define TLS_ALERT_UNSUPPORTED_EXTENSION		110 /* RFC 4366 */
155#define TLS_ALERT_CERTIFICATE_UNOBTAINABLE	111 /* RFC 4366 */
156#define TLS_ALERT_UNRECOGNIZED_NAME		112 /* RFC 4366 */
157#define TLS_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE	113 /* RFC 4366 */
158#define TLS_ALERT_BAD_CERTIFICATE_HASH_VALUE	114 /* RFC 4366 */
159
160/* ChangeCipherSpec */
161enum {
162	TLS_CHANGE_CIPHER_SPEC = 1
163};
164
165/* TLS Extensions */
166#define TLS_EXT_SERVER_NAME			0 /* RFC 4366 */
167#define TLS_EXT_MAX_FRAGMENT_LENGTH		1 /* RFC 4366 */
168#define TLS_EXT_CLIENT_CERTIFICATE_URL		2 /* RFC 4366 */
169#define TLS_EXT_TRUSTED_CA_KEYS			3 /* RFC 4366 */
170#define TLS_EXT_TRUNCATED_HMAC			4 /* RFC 4366 */
171#define TLS_EXT_STATUS_REQUEST			5 /* RFC 4366 */
172#define TLS_EXT_SESSION_TICKET			35 /* RFC 4507 */
173
174#define TLS_EXT_PAC_OPAQUE TLS_EXT_SESSION_TICKET /* EAP-FAST terminology */
175
176
177typedef enum {
178	TLS_KEY_X_NULL,
179	TLS_KEY_X_RSA,
180	TLS_KEY_X_RSA_EXPORT,
181	TLS_KEY_X_DH_DSS_EXPORT,
182	TLS_KEY_X_DH_DSS,
183	TLS_KEY_X_DH_RSA_EXPORT,
184	TLS_KEY_X_DH_RSA,
185	TLS_KEY_X_DHE_DSS_EXPORT,
186	TLS_KEY_X_DHE_DSS,
187	TLS_KEY_X_DHE_RSA_EXPORT,
188	TLS_KEY_X_DHE_RSA,
189	TLS_KEY_X_DH_anon_EXPORT,
190	TLS_KEY_X_DH_anon
191} tls_key_exchange;
192
193typedef enum {
194	TLS_CIPHER_NULL,
195	TLS_CIPHER_RC4_40,
196	TLS_CIPHER_RC4_128,
197	TLS_CIPHER_RC2_CBC_40,
198	TLS_CIPHER_IDEA_CBC,
199	TLS_CIPHER_DES40_CBC,
200	TLS_CIPHER_DES_CBC,
201	TLS_CIPHER_3DES_EDE_CBC,
202	TLS_CIPHER_AES_128_CBC,
203	TLS_CIPHER_AES_256_CBC
204} tls_cipher;
205
206typedef enum {
207	TLS_HASH_NULL,
208	TLS_HASH_MD5,
209	TLS_HASH_SHA,
210	TLS_HASH_SHA256
211} tls_hash;
212
213struct tls_cipher_suite {
214	u16 suite;
215	tls_key_exchange key_exchange;
216	tls_cipher cipher;
217	tls_hash hash;
218};
219
220typedef enum {
221	TLS_CIPHER_STREAM,
222	TLS_CIPHER_BLOCK
223} tls_cipher_type;
224
225struct tls_cipher_data {
226	tls_cipher cipher;
227	tls_cipher_type type;
228	size_t key_material;
229	size_t expanded_key_material;
230	size_t block_size; /* also iv_size */
231	enum crypto_cipher_alg alg;
232};
233
234
235struct tls_verify_hash {
236	struct crypto_hash *md5_client;
237	struct crypto_hash *sha1_client;
238	struct crypto_hash *sha256_client;
239	struct crypto_hash *md5_server;
240	struct crypto_hash *sha1_server;
241	struct crypto_hash *sha256_server;
242	struct crypto_hash *md5_cert;
243	struct crypto_hash *sha1_cert;
244	struct crypto_hash *sha256_cert;
245};
246
247
248const struct tls_cipher_suite * tls_get_cipher_suite(u16 suite);
249const struct tls_cipher_data * tls_get_cipher_data(tls_cipher cipher);
250int tls_server_key_exchange_allowed(tls_cipher cipher);
251int tls_parse_cert(const u8 *buf, size_t len, struct crypto_public_key **pk);
252int tls_verify_hash_init(struct tls_verify_hash *verify);
253void tls_verify_hash_add(struct tls_verify_hash *verify, const u8 *buf,
254			 size_t len);
255void tls_verify_hash_free(struct tls_verify_hash *verify);
256int tls_version_ok(u16 ver);
257const char * tls_version_str(u16 ver);
258int tls_prf(u16 ver, const u8 *secret, size_t secret_len, const char *label,
259	    const u8 *seed, size_t seed_len, u8 *out, size_t outlen);
260
261#endif /* TLSV1_COMMON_H */
262