1748fdef626d1dda2a0a727ea35d85d04363f5307Nick Kralevich/* 2748fdef626d1dda2a0a727ea35d85d04363f5307Nick Kralevich * TLSv1 server - internal structures 3748fdef626d1dda2a0a727ea35d85d04363f5307Nick Kralevich * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi> 4748fdef626d1dda2a0a727ea35d85d04363f5307Nick Kralevich * 5748fdef626d1dda2a0a727ea35d85d04363f5307Nick Kralevich * This software may be distributed under the terms of the BSD license. 6748fdef626d1dda2a0a727ea35d85d04363f5307Nick Kralevich * See README for more details. 7748fdef626d1dda2a0a727ea35d85d04363f5307Nick Kralevich */ 8748fdef626d1dda2a0a727ea35d85d04363f5307Nick Kralevich 9748fdef626d1dda2a0a727ea35d85d04363f5307Nick Kralevich#ifndef TLSV1_SERVER_I_H 106634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich#define TLSV1_SERVER_I_H 116634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 126634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevichstruct tlsv1_server { 136634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich enum { 146634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich CLIENT_HELLO, SERVER_HELLO, SERVER_CERTIFICATE, 156634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich SERVER_KEY_EXCHANGE, SERVER_CERTIFICATE_REQUEST, 166634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich SERVER_HELLO_DONE, CLIENT_CERTIFICATE, CLIENT_KEY_EXCHANGE, 176634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich CERTIFICATE_VERIFY, CHANGE_CIPHER_SPEC, CLIENT_FINISHED, 186634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich SERVER_CHANGE_CIPHER_SPEC, SERVER_FINISHED, 196634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich ESTABLISHED, FAILED 206634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich } state; 216634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 226634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich struct tlsv1_record_layer rl; 231fdee11df2552e29da0c48e3432f26f7a93e3bffAlex Klyubin 241fdee11df2552e29da0c48e3432f26f7a93e3bffAlex Klyubin u8 session_id[TLS_SESSION_ID_MAX_LEN]; 251fdee11df2552e29da0c48e3432f26f7a93e3bffAlex Klyubin size_t session_id_len; 266634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich u8 client_random[TLS_RANDOM_LEN]; 276634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich u8 server_random[TLS_RANDOM_LEN]; 286634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich u8 master_secret[TLS_MASTER_SECRET_LEN]; 296634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 306634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich u8 alert_level; 316634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich u8 alert_description; 326634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 33a24a991dd59fe03cdc681aadcb6bbca1ffac9b7bNick Kralevich struct crypto_public_key *client_rsa_key; 346634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 356634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich struct tls_verify_hash verify; 366634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 376634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich#define MAX_CIPHER_COUNT 30 386634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich u16 cipher_suites[MAX_CIPHER_COUNT]; 396634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich size_t num_cipher_suites; 406634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 416634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich u16 cipher_suite; 426634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 436634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich struct tlsv1_credentials *cred; 446634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 456634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich int verify_peer; 466634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich u16 client_version; 476634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 486634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich u8 *session_ticket; 496634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich size_t session_ticket_len; 506634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 516634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich tlsv1_server_session_ticket_cb session_ticket_cb; 526634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich void *session_ticket_cb_ctx; 536634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 546634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich void (*log_cb)(void *ctx, const char *msg); 556634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich void *log_cb_ctx; 566634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 576634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich int use_session_ticket; 586634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 596634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich u8 *dh_secret; 606634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich size_t dh_secret_len; 616634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 626634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich#ifdef CONFIG_TESTING_OPTIONS 636634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich u32 test_flags; 646634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich int test_failure_reported; 656634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich#endif /* CONFIG_TESTING_OPTIONS */ 666634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich}; 676634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 686634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 696634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevichvoid tlsv1_server_log(struct tlsv1_server *conn, const char *fmt, ...) 706634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick KralevichPRINTF_FORMAT(2, 3); 716634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 726634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevichvoid tlsv1_server_alert(struct tlsv1_server *conn, u8 level, u8 description); 736634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevichint tlsv1_server_derive_keys(struct tlsv1_server *conn, 746634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich const u8 *pre_master_secret, 756634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich size_t pre_master_secret_len); 766634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevichu8 * tlsv1_server_handshake_write(struct tlsv1_server *conn, size_t *out_len); 776634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevichu8 * tlsv1_server_send_alert(struct tlsv1_server *conn, u8 level, 7881560733a47633036133ce548bf638bc3d91f5cfGeremy Condra u8 description, size_t *out_len); 7981560733a47633036133ce548bf638bc3d91f5cfGeremy Condraint tlsv1_server_process_handshake(struct tlsv1_server *conn, u8 ct, 806634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich const u8 *buf, size_t *len); 816634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevichvoid tlsv1_server_get_dh_p(struct tlsv1_server *conn, const u8 **dh_p, 826634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich size_t *dh_p_len); 836634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich 8417454cf805748a8792608a44bbfddb00fb918841Stephen Smalley#endif /* TLSV1_SERVER_I_H */ 856634a1080e6617854d0b29bc65bb1c852ad3d5b6Nick Kralevich