16d49e1aeSJan Lentfer /* 26d49e1aeSJan Lentfer * TLSv1 server - internal structures 36d49e1aeSJan Lentfer * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi> 46d49e1aeSJan Lentfer * 53ff40c12SJohn Marino * This software may be distributed under the terms of the BSD license. 63ff40c12SJohn Marino * See README for more details. 76d49e1aeSJan Lentfer */ 86d49e1aeSJan Lentfer 96d49e1aeSJan Lentfer #ifndef TLSV1_SERVER_I_H 106d49e1aeSJan Lentfer #define TLSV1_SERVER_I_H 116d49e1aeSJan Lentfer 126d49e1aeSJan Lentfer struct tlsv1_server { 136d49e1aeSJan Lentfer enum { 146d49e1aeSJan Lentfer CLIENT_HELLO, SERVER_HELLO, SERVER_CERTIFICATE, 156d49e1aeSJan Lentfer SERVER_KEY_EXCHANGE, SERVER_CERTIFICATE_REQUEST, 166d49e1aeSJan Lentfer SERVER_HELLO_DONE, CLIENT_CERTIFICATE, CLIENT_KEY_EXCHANGE, 176d49e1aeSJan Lentfer CERTIFICATE_VERIFY, CHANGE_CIPHER_SPEC, CLIENT_FINISHED, 186d49e1aeSJan Lentfer SERVER_CHANGE_CIPHER_SPEC, SERVER_FINISHED, 196d49e1aeSJan Lentfer ESTABLISHED, FAILED 206d49e1aeSJan Lentfer } state; 216d49e1aeSJan Lentfer 226d49e1aeSJan Lentfer struct tlsv1_record_layer rl; 236d49e1aeSJan Lentfer 246d49e1aeSJan Lentfer u8 session_id[TLS_SESSION_ID_MAX_LEN]; 256d49e1aeSJan Lentfer size_t session_id_len; 266d49e1aeSJan Lentfer u8 client_random[TLS_RANDOM_LEN]; 276d49e1aeSJan Lentfer u8 server_random[TLS_RANDOM_LEN]; 286d49e1aeSJan Lentfer u8 master_secret[TLS_MASTER_SECRET_LEN]; 296d49e1aeSJan Lentfer 306d49e1aeSJan Lentfer u8 alert_level; 316d49e1aeSJan Lentfer u8 alert_description; 326d49e1aeSJan Lentfer 33*a1157835SDaniel Fojt int read_alerts, write_alerts; 34*a1157835SDaniel Fojt 356d49e1aeSJan Lentfer struct crypto_public_key *client_rsa_key; 366d49e1aeSJan Lentfer 376d49e1aeSJan Lentfer struct tls_verify_hash verify; 386d49e1aeSJan Lentfer 396d49e1aeSJan Lentfer #define MAX_CIPHER_COUNT 30 406d49e1aeSJan Lentfer u16 cipher_suites[MAX_CIPHER_COUNT]; 416d49e1aeSJan Lentfer size_t num_cipher_suites; 426d49e1aeSJan Lentfer 436d49e1aeSJan Lentfer u16 cipher_suite; 446d49e1aeSJan Lentfer 456d49e1aeSJan Lentfer struct tlsv1_credentials *cred; 466d49e1aeSJan Lentfer 476d49e1aeSJan Lentfer int verify_peer; 486d49e1aeSJan Lentfer u16 client_version; 496d49e1aeSJan Lentfer 506d49e1aeSJan Lentfer u8 *session_ticket; 516d49e1aeSJan Lentfer size_t session_ticket_len; 526d49e1aeSJan Lentfer 536d49e1aeSJan Lentfer tlsv1_server_session_ticket_cb session_ticket_cb; 546d49e1aeSJan Lentfer void *session_ticket_cb_ctx; 556d49e1aeSJan Lentfer 56*a1157835SDaniel Fojt void (*log_cb)(void *ctx, const char *msg); 57*a1157835SDaniel Fojt void *log_cb_ctx; 58*a1157835SDaniel Fojt 596d49e1aeSJan Lentfer int use_session_ticket; 60*a1157835SDaniel Fojt unsigned int status_request:1; 61*a1157835SDaniel Fojt unsigned int status_request_v2:1; 62*a1157835SDaniel Fojt unsigned int status_request_multi:1; 636d49e1aeSJan Lentfer 646d49e1aeSJan Lentfer u8 *dh_secret; 656d49e1aeSJan Lentfer size_t dh_secret_len; 66*a1157835SDaniel Fojt 67*a1157835SDaniel Fojt #ifdef CONFIG_TESTING_OPTIONS 68*a1157835SDaniel Fojt u32 test_flags; 69*a1157835SDaniel Fojt int test_failure_reported; 70*a1157835SDaniel Fojt #endif /* CONFIG_TESTING_OPTIONS */ 716d49e1aeSJan Lentfer }; 726d49e1aeSJan Lentfer 736d49e1aeSJan Lentfer 74*a1157835SDaniel Fojt void tlsv1_server_log(struct tlsv1_server *conn, const char *fmt, ...) 75*a1157835SDaniel Fojt PRINTF_FORMAT(2, 3); 76*a1157835SDaniel Fojt 776d49e1aeSJan Lentfer void tlsv1_server_alert(struct tlsv1_server *conn, u8 level, u8 description); 786d49e1aeSJan Lentfer int tlsv1_server_derive_keys(struct tlsv1_server *conn, 796d49e1aeSJan Lentfer const u8 *pre_master_secret, 806d49e1aeSJan Lentfer size_t pre_master_secret_len); 816d49e1aeSJan Lentfer u8 * tlsv1_server_handshake_write(struct tlsv1_server *conn, size_t *out_len); 826d49e1aeSJan Lentfer u8 * tlsv1_server_send_alert(struct tlsv1_server *conn, u8 level, 836d49e1aeSJan Lentfer u8 description, size_t *out_len); 846d49e1aeSJan Lentfer int tlsv1_server_process_handshake(struct tlsv1_server *conn, u8 ct, 856d49e1aeSJan Lentfer const u8 *buf, size_t *len); 86*a1157835SDaniel Fojt void tlsv1_server_get_dh_p(struct tlsv1_server *conn, const u8 **dh_p, 87*a1157835SDaniel Fojt size_t *dh_p_len); 886d49e1aeSJan Lentfer 896d49e1aeSJan Lentfer #endif /* TLSV1_SERVER_I_H */ 90