PolarSSL v1.3.7
ssl.h
Go to the documentation of this file.
1 
27 #ifndef POLARSSL_SSL_H
28 #define POLARSSL_SSL_H
29 
30 #if !defined(POLARSSL_CONFIG_FILE)
31 #include "config.h"
32 #else
33 #include POLARSSL_CONFIG_FILE
34 #endif
35 #include "net.h"
36 #include "bignum.h"
37 
38 #include "ssl_ciphersuites.h"
39 
40 #if defined(POLARSSL_MD5_C)
41 #include "md5.h"
42 #endif
43 
44 #if defined(POLARSSL_SHA1_C)
45 #include "sha1.h"
46 #endif
47 
48 #if defined(POLARSSL_SHA256_C)
49 #include "sha256.h"
50 #endif
51 
52 #if defined(POLARSSL_SHA512_C)
53 #include "sha512.h"
54 #endif
55 
56 // for session tickets
57 #if defined(POLARSSL_AES_C)
58 #include "aes.h"
59 #endif
60 
61 #if defined(POLARSSL_X509_CRT_PARSE_C)
62 #include "x509_crt.h"
63 #include "x509_crl.h"
64 #endif
65 
66 #if defined(POLARSSL_DHM_C)
67 #include "dhm.h"
68 #endif
69 
70 #if defined(POLARSSL_ECDH_C)
71 #include "ecdh.h"
72 #endif
73 
74 #if defined(POLARSSL_ZLIB_SUPPORT)
75 #include "zlib.h"
76 #endif
77 
78 #if defined(POLARSSL_HAVE_TIME)
79 #include <time.h>
80 #endif
81 
82 /* For convenience below and in programs */
83 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
84  defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
85  defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
86  defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
87 #define POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED
88 #endif
89 
90 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
91  defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
92  defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
93 #define POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED
94 #endif
95 
96 #if defined(_MSC_VER) && !defined(inline)
97 #define inline _inline
98 #else
99 #if defined(__ARMCC_VERSION) && !defined(inline)
100 #define inline __inline
101 #endif /* __ARMCC_VERSION */
102 #endif /*_MSC_VER */
103 
104 /*
105  * SSL Error codes
106  */
107 #define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x7080
108 #define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x7100
109 #define POLARSSL_ERR_SSL_INVALID_MAC -0x7180
110 #define POLARSSL_ERR_SSL_INVALID_RECORD -0x7200
111 #define POLARSSL_ERR_SSL_CONN_EOF -0x7280
112 #define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x7300
113 #define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x7380
114 #define POLARSSL_ERR_SSL_NO_RNG -0x7400
115 #define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480
116 #define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500
117 #define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED -0x7580
118 #define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600
119 #define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED -0x7680
120 #define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE -0x7700
121 #define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780
122 #define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED -0x7800
123 #define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880
124 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900
125 #define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980
126 #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00
127 #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80
128 #define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00
129 #define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80
130 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00
131 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80
132 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00
133 #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80
134 #define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00
135 #define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0x7E80
136 #define POLARSSL_ERR_SSL_MALLOC_FAILED -0x7F00
137 #define POLARSSL_ERR_SSL_HW_ACCEL_FAILED -0x7F80
138 #define POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80
139 #define POLARSSL_ERR_SSL_COMPRESSION_FAILED -0x6F00
140 #define POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80
141 #define POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00
142 #define POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80
143 #define POLARSSL_ERR_SSL_PK_TYPE_MISMATCH -0x6D00
144 #define POLARSSL_ERR_SSL_UNKNOWN_IDENTITY -0x6C80
145 #define POLARSSL_ERR_SSL_INTERNAL_ERROR -0x6C00
146 #define POLARSSL_ERR_SSL_COUNTER_WRAPPING -0x6B80
148 /*
149  * Various constants
150  */
151 #define SSL_MAJOR_VERSION_3 3
152 #define SSL_MINOR_VERSION_0 0
153 #define SSL_MINOR_VERSION_1 1
154 #define SSL_MINOR_VERSION_2 2
155 #define SSL_MINOR_VERSION_3 3
157 /* Determine minimum supported version */
158 #define SSL_MIN_MAJOR_VERSION SSL_MAJOR_VERSION_3
159 
160 #if defined(POLARSSL_SSL_PROTO_SSL3)
161 #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_0
162 #else
163 #if defined(POLARSSL_SSL_PROTO_TLS1)
164 #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_1
165 #else
166 #if defined(POLARSSL_SSL_PROTO_TLS1_1)
167 #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_2
168 #else
169 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
170 #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_3
171 #endif /* POLARSSL_SSL_PROTO_TLS1_2 */
172 #endif /* POLARSSL_SSL_PROTO_TLS1_1 */
173 #endif /* POLARSSL_SSL_PROTO_TLS1 */
174 #endif /* POLARSSL_SSL_PROTO_SSL3 */
175 
176 /* Determine maximum supported version */
177 #define SSL_MAX_MAJOR_VERSION SSL_MAJOR_VERSION_3
178 
179 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
180 #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_3
181 #else
182 #if defined(POLARSSL_SSL_PROTO_TLS1_1)
183 #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_2
184 #else
185 #if defined(POLARSSL_SSL_PROTO_TLS1)
186 #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_1
187 #else
188 #if defined(POLARSSL_SSL_PROTO_SSL3)
189 #define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_0
190 #endif /* POLARSSL_SSL_PROTO_SSL3 */
191 #endif /* POLARSSL_SSL_PROTO_TLS1 */
192 #endif /* POLARSSL_SSL_PROTO_TLS1_1 */
193 #endif /* POLARSSL_SSL_PROTO_TLS1_2 */
194 
195 /* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c
196  * NONE must be zero so that memset()ing structure to zero works */
197 #define SSL_MAX_FRAG_LEN_NONE 0
198 #define SSL_MAX_FRAG_LEN_512 1
199 #define SSL_MAX_FRAG_LEN_1024 2
200 #define SSL_MAX_FRAG_LEN_2048 3
201 #define SSL_MAX_FRAG_LEN_4096 4
202 #define SSL_MAX_FRAG_LEN_INVALID 5
204 #define SSL_IS_CLIENT 0
205 #define SSL_IS_SERVER 1
206 #define SSL_COMPRESS_NULL 0
207 #define SSL_COMPRESS_DEFLATE 1
208 
209 #define SSL_VERIFY_NONE 0
210 #define SSL_VERIFY_OPTIONAL 1
211 #define SSL_VERIFY_REQUIRED 2
212 
213 #define SSL_INITIAL_HANDSHAKE 0
214 #define SSL_RENEGOTIATION 1 /* In progress */
215 #define SSL_RENEGOTIATION_DONE 2 /* Done */
216 #define SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */
217 
218 #define SSL_LEGACY_RENEGOTIATION 0
219 #define SSL_SECURE_RENEGOTIATION 1
220 
221 #define SSL_RENEGOTIATION_DISABLED 0
222 #define SSL_RENEGOTIATION_ENABLED 1
223 
224 #define SSL_LEGACY_NO_RENEGOTIATION 0
225 #define SSL_LEGACY_ALLOW_RENEGOTIATION 1
226 #define SSL_LEGACY_BREAK_HANDSHAKE 2
227 
228 #define SSL_TRUNC_HMAC_DISABLED 0
229 #define SSL_TRUNC_HMAC_ENABLED 1
230 #define SSL_TRUNCATED_HMAC_LEN 10 /* 80 bits, rfc 6066 section 7 */
231 
232 #define SSL_SESSION_TICKETS_DISABLED 0
233 #define SSL_SESSION_TICKETS_ENABLED 1
234 
243 #if !defined(SSL_DEFAULT_TICKET_LIFETIME)
244 #define SSL_DEFAULT_TICKET_LIFETIME 86400
245 #endif
246 
247 /*
248  * Size of the input / output buffer.
249  * Note: the RFC defines the default size of SSL / TLS messages. If you
250  * change the value here, other clients / servers may not be able to
251  * communicate with you anymore. Only change this value if you control
252  * both sides of the connection and have it reduced at both sides!
253  */
254 #if !defined(SSL_MAX_CONTENT_LEN)
255 #define SSL_MAX_CONTENT_LEN 16384
256 #endif
257 
258 /* \} name SECTION: Module settings */
259 
260 /*
261  * Allow an extra 301 bytes for the record header
262  * and encryption overhead: counter (8) + header (5) + MAC (32) + padding (256)
263  * and allow for a maximum of 1024 of compression expansion if
264  * enabled.
265  */
266 #if defined(POLARSSL_ZLIB_SUPPORT)
267 #define SSL_COMPRESSION_ADD 1024
268 #else
269 #define SSL_COMPRESSION_ADD 0
270 #endif
271 
272 #define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + SSL_COMPRESSION_ADD + 301)
273 
274 #define SSL_EMPTY_RENEGOTIATION_INFO 0xFF
276 /*
277  * Supported Signature and Hash algorithms (For TLS 1.2)
278  * RFC 5246 section 7.4.1.4.1
279  */
280 #define SSL_HASH_NONE 0
281 #define SSL_HASH_MD5 1
282 #define SSL_HASH_SHA1 2
283 #define SSL_HASH_SHA224 3
284 #define SSL_HASH_SHA256 4
285 #define SSL_HASH_SHA384 5
286 #define SSL_HASH_SHA512 6
287 
288 #define SSL_SIG_ANON 0
289 #define SSL_SIG_RSA 1
290 #define SSL_SIG_ECDSA 3
291 
292 /*
293  * Client Certificate Types
294  * RFC 5246 section 7.4.4 plus RFC 4492 section 5.5
295  */
296 #define SSL_CERT_TYPE_RSA_SIGN 1
297 #define SSL_CERT_TYPE_ECDSA_SIGN 64
298 
299 /*
300  * Message, alert and handshake types
301  */
302 #define SSL_MSG_CHANGE_CIPHER_SPEC 20
303 #define SSL_MSG_ALERT 21
304 #define SSL_MSG_HANDSHAKE 22
305 #define SSL_MSG_APPLICATION_DATA 23
306 
307 #define SSL_ALERT_LEVEL_WARNING 1
308 #define SSL_ALERT_LEVEL_FATAL 2
309 
310 #define SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */
311 #define SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */
312 #define SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */
313 #define SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */
314 #define SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */
315 #define SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */
316 #define SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */
317 #define SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */
318 #define SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */
319 #define SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */
320 #define SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */
321 #define SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */
322 #define SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */
323 #define SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */
324 #define SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */
325 #define SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */
326 #define SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */
327 #define SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */
328 #define SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */
329 #define SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */
330 #define SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */
331 #define SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */
332 #define SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */
333 #define SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */
334 #define SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */
335 #define SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */
336 #define SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY 115 /* 0x73 */
337 #define SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL 120 /* 0x78 */
338 
339 #define SSL_HS_HELLO_REQUEST 0
340 #define SSL_HS_CLIENT_HELLO 1
341 #define SSL_HS_SERVER_HELLO 2
342 #define SSL_HS_NEW_SESSION_TICKET 4
343 #define SSL_HS_CERTIFICATE 11
344 #define SSL_HS_SERVER_KEY_EXCHANGE 12
345 #define SSL_HS_CERTIFICATE_REQUEST 13
346 #define SSL_HS_SERVER_HELLO_DONE 14
347 #define SSL_HS_CERTIFICATE_VERIFY 15
348 #define SSL_HS_CLIENT_KEY_EXCHANGE 16
349 #define SSL_HS_FINISHED 20
350 
351 /*
352  * TLS extensions
353  */
354 #define TLS_EXT_SERVERNAME 0
355 #define TLS_EXT_SERVERNAME_HOSTNAME 0
356 
357 #define TLS_EXT_MAX_FRAGMENT_LENGTH 1
358 
359 #define TLS_EXT_TRUNCATED_HMAC 4
360 
361 #define TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10
362 #define TLS_EXT_SUPPORTED_POINT_FORMATS 11
363 
364 #define TLS_EXT_SIG_ALG 13
365 
366 #define TLS_EXT_ALPN 16
367 
368 #define TLS_EXT_SESSION_TICKET 35
369 
370 #define TLS_EXT_RENEGOTIATION_INFO 0xFF01
371 
372 /*
373  * TLS extension flags (for extensions with outgoing ServerHello content
374  * that need it (e.g. for RENEGOTIATION_INFO the server already knows because
375  * of state of the renegotiation flag, so no indicator is required)
376  */
377 #define TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0)
378 
379 /*
380  * Size defines
381  */
382 #if !defined(POLARSSL_MPI_MAX_SIZE)
383 #define POLARSSL_PREMASTER_SIZE 512
384 #else
385 #define POLARSSL_PREMASTER_SIZE POLARSSL_MPI_MAX_SIZE
386 #endif
387 
388 #ifdef __cplusplus
389 extern "C" {
390 #endif
391 
392 /*
393  * Generic function pointers for allowing external RSA private key
394  * implementations.
395  */
396 typedef int (*rsa_decrypt_func)( void *ctx, int mode, size_t *olen,
397  const unsigned char *input, unsigned char *output,
398  size_t output_max_len );
399 typedef int (*rsa_sign_func)( void *ctx,
400  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
401  int mode, md_type_t md_alg, unsigned int hashlen,
402  const unsigned char *hash, unsigned char *sig );
403 typedef size_t (*rsa_key_len_func)( void *ctx );
404 
405 /*
406  * SSL state machine
407  */
408 typedef enum
409 {
428 }
429 ssl_states;
430 
431 typedef struct _ssl_session ssl_session;
432 typedef struct _ssl_context ssl_context;
435 #if defined(POLARSSL_SSL_SESSION_TICKETS)
437 #endif
438 #if defined(POLARSSL_X509_CRT_PARSE_C)
440 #endif
441 
442 /*
443  * This structure is used for storing current session data.
444  */
446 {
447 #if defined(POLARSSL_HAVE_TIME)
448  time_t start;
449 #endif
452  size_t length;
453  unsigned char id[32];
454  unsigned char master[48];
456 #if defined(POLARSSL_X509_CRT_PARSE_C)
458 #endif /* POLARSSL_X509_CRT_PARSE_C */
461 #if defined(POLARSSL_SSL_SESSION_TICKETS)
462  unsigned char *ticket;
463  size_t ticket_len;
464  uint32_t ticket_lifetime;
465 #endif /* POLARSSL_SSL_SESSION_TICKETS */
466 
467 #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
468  unsigned char mfl_code;
469 #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
470 
471 #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
473 #endif /* POLARSSL_SSL_TRUNCATED_HMAC */
474 };
475 
476 /*
477  * This structure contains a full set of runtime transform parameters
478  * either in negotiation or active.
479  */
481 {
482  /*
483  * Session specific crypto layer
484  */
487  unsigned int keylen;
488  size_t minlen;
489  size_t ivlen;
490  size_t fixed_ivlen;
491  size_t maclen;
493  unsigned char iv_enc[16];
494  unsigned char iv_dec[16];
496 #if defined(POLARSSL_SSL_PROTO_SSL3)
497  /* Needed only for SSL v3.0 secret */
498  unsigned char mac_enc[48];
499  unsigned char mac_dec[48];
500 #endif /* POLARSSL_SSL_PROTO_SSL3 */
501 
508  /*
509  * Session specific compression layer
510  */
511 #if defined(POLARSSL_ZLIB_SUPPORT)
512  z_stream ctx_deflate;
513  z_stream ctx_inflate;
514 #endif
515 };
516 
517 /*
518  * This structure contains the parameters only needed during handshake.
519  */
521 {
522  /*
523  * Handshake specific crypto variables
524  */
525  int sig_alg;
526  int cert_type;
528 #if defined(POLARSSL_DHM_C)
530 #endif
531 #if defined(POLARSSL_ECDH_C)
533 #endif
534 #if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
536 #endif
537 #if defined(POLARSSL_X509_CRT_PARSE_C)
538 
545 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
547 #endif
548 #endif /* POLARSSL_X509_CRT_PARSE_C */
549 
550  /*
551  * Checksum contexts
552  */
553 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
554  defined(POLARSSL_SSL_PROTO_TLS1_1)
557 #endif
558 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
559 #if defined(POLARSSL_SHA256_C)
561 #endif
562 #if defined(POLARSSL_SHA512_C)
564 #endif
565 #endif /* POLARSSL_SSL_PROTO_TLS1_2 */
566 
567  void (*update_checksum)(ssl_context *, const unsigned char *, size_t);
568  void (*calc_verify)(ssl_context *, unsigned char *);
569  void (*calc_finished)(ssl_context *, unsigned char *, int);
570  int (*tls_prf)(const unsigned char *, size_t, const char *,
571  const unsigned char *, size_t,
572  unsigned char *, size_t);
573 
574  size_t pmslen;
576  unsigned char randbytes[64];
580  int resume;
583  int cli_exts;
585 #if defined(POLARSSL_SSL_SESSION_TICKETS)
587 #endif /* POLARSSL_SSL_SESSION_TICKETS */
588 };
589 
590 #if defined(POLARSSL_SSL_SESSION_TICKETS)
591 /*
592  * Parameters needed to secure session tickets
593  */
595 {
596  unsigned char key_name[16];
599  unsigned char mac_key[16];
600 };
601 #endif /* POLARSSL_SSL_SESSION_TICKETS */
602 
603 #if defined(POLARSSL_X509_CRT_PARSE_C)
604 /*
605  * List of certificate + private key pairs
606  */
608 {
613 };
614 #endif /* POLARSSL_X509_CRT_PARSE_C */
615 
617 {
618  /*
619  * Miscellaneous
620  */
621  int state;
624  int major_ver;
625  int minor_ver;
632  /*
633  * Callbacks (RNG, debug, I/O, verification)
634  */
635  int (*f_rng)(void *, unsigned char *, size_t);
636  void (*f_dbg)(void *, int, const char *);
637  int (*f_recv)(void *, unsigned char *, size_t);
638  int (*f_send)(void *, const unsigned char *, size_t);
639  int (*f_get_cache)(void *, ssl_session *);
640  int (*f_set_cache)(void *, const ssl_session *);
641 
642  void *p_rng;
643  void *p_dbg;
644  void *p_recv;
645  void *p_send;
646  void *p_get_cache;
647  void *p_set_cache;
648  void *p_hw_data;
650 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
651  int (*f_sni)(void *, ssl_context *, const unsigned char *, size_t);
652  void *p_sni;
653 #endif
654 
655 #if defined(POLARSSL_X509_CRT_PARSE_C)
656  int (*f_vrfy)(void *, x509_crt *, int, int *);
657  void *p_vrfy;
658 #endif
659 
660 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
661  int (*f_psk)(void *, ssl_context *, const unsigned char *, size_t);
662  void *p_psk;
663 #endif
664 
665  /*
666  * Session layer
667  */
676  /*
677  * Record layer transformations
678  */
684  /*
685  * Record layer (incoming data)
686  */
687  unsigned char *in_ctr;
688  unsigned char *in_hdr;
689  unsigned char *in_iv;
690  unsigned char *in_msg;
691  unsigned char *in_offt;
694  size_t in_msglen;
695  size_t in_left;
697  size_t in_hslen;
698  int nb_zero;
701  /*
702  * Record layer (outgoing data)
703  */
704  unsigned char *out_ctr;
705  unsigned char *out_hdr;
706  unsigned char *out_iv;
707  unsigned char *out_msg;
710  size_t out_msglen;
711  size_t out_left;
713 #if defined(POLARSSL_ZLIB_SUPPORT)
714  unsigned char *compress_buf;
715 #endif
716 #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
717  unsigned char mfl_code;
718 #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
719 
720  /*
721  * PKI layer
722  */
723 #if defined(POLARSSL_X509_CRT_PARSE_C)
728  const char *peer_cn;
729 #endif /* POLARSSL_X509_CRT_PARSE_C */
730 
731  /*
732  * Support for generating and checking session tickets
733  */
734 #if defined(POLARSSL_SSL_SESSION_TICKETS)
736 #endif /* POLARSSL_SSL_SESSION_TICKETS */
737 
738  /*
739  * User settings
740  */
741  int endpoint;
742  int authmode;
747  const int *ciphersuite_list[4];
748 #if defined(POLARSSL_SSL_SET_CURVES)
749  const ecp_group_id *curve_list;
750 #endif
751 #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
753 #endif
754 #if defined(POLARSSL_SSL_SESSION_TICKETS)
757 #endif
758 
759 #if defined(POLARSSL_DHM_C)
762 #endif
763 
764 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
765  /*
766  * PSK values
767  */
768  unsigned char *psk;
769  size_t psk_len;
770  unsigned char *psk_identity;
772 #endif
773 
774 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
775  /*
776  * SNI extension
777  */
778  unsigned char *hostname;
779  size_t hostname_len;
780 #endif
781 
782 #if defined(POLARSSL_SSL_ALPN)
783  /*
784  * ALPN extension
785  */
786  const char **alpn_list;
787  const char *alpn_chosen;
788 #endif
789 
790  /*
791  * Secure renegotiation
792  */
796  char own_verify_data[36];
797  char peer_verify_data[36];
798 };
799 
800 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
801 
802 #define SSL_CHANNEL_OUTBOUND 0
803 #define SSL_CHANNEL_INBOUND 1
804 
805 extern int (*ssl_hw_record_init)(ssl_context *ssl,
806  const unsigned char *key_enc, const unsigned char *key_dec,
807  size_t keylen,
808  const unsigned char *iv_enc, const unsigned char *iv_dec,
809  size_t ivlen,
810  const unsigned char *mac_enc, const unsigned char *mac_dec,
811  size_t maclen);
812 extern int (*ssl_hw_record_activate)(ssl_context *ssl, int direction);
813 extern int (*ssl_hw_record_reset)(ssl_context *ssl);
814 extern int (*ssl_hw_record_write)(ssl_context *ssl);
815 extern int (*ssl_hw_record_read)(ssl_context *ssl);
816 extern int (*ssl_hw_record_finish)(ssl_context *ssl);
817 #endif /* POLARSSL_SSL_HW_RECORD_ACCEL */
818 
825 const int *ssl_list_ciphersuites( void );
826 
835 const char *ssl_get_ciphersuite_name( const int ciphersuite_id );
836 
845 int ssl_get_ciphersuite_id( const char *ciphersuite_name );
846 
856 int ssl_init( ssl_context *ssl );
857 
868 int ssl_session_reset( ssl_context *ssl );
869 
879 void ssl_set_endpoint( ssl_context *ssl, int endpoint );
880 
904 void ssl_set_authmode( ssl_context *ssl, int authmode );
905 
906 #if defined(POLARSSL_X509_CRT_PARSE_C)
907 
918 void ssl_set_verify( ssl_context *ssl,
919  int (*f_vrfy)(void *, x509_crt *, int, int *),
920  void *p_vrfy );
921 #endif /* POLARSSL_X509_CRT_PARSE_C */
922 
930 void ssl_set_rng( ssl_context *ssl,
931  int (*f_rng)(void *, unsigned char *, size_t),
932  void *p_rng );
933 
941 void ssl_set_dbg( ssl_context *ssl,
942  void (*f_dbg)(void *, int, const char *),
943  void *p_dbg );
944 
954 void ssl_set_bio( ssl_context *ssl,
955  int (*f_recv)(void *, unsigned char *, size_t), void *p_recv,
956  int (*f_send)(void *, const unsigned char *, size_t), void *p_send );
957 
996  int (*f_get_cache)(void *, ssl_session *), void *p_get_cache,
997  int (*f_set_cache)(void *, const ssl_session *), void *p_set_cache );
998 
1013 int ssl_set_session( ssl_context *ssl, const ssl_session *session );
1014 
1027 void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites );
1028 
1043  const int *ciphersuites,
1044  int major, int minor );
1045 
1046 #if defined(POLARSSL_X509_CRT_PARSE_C)
1047 
1055 void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain,
1056  x509_crl *ca_crl, const char *peer_cn );
1057 
1076 int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert,
1077  pk_context *pk_key );
1078 
1079 #if defined(POLARSSL_RSA_C)
1080 
1096 int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert,
1097  rsa_context *rsa_key );
1098 #endif /* POLARSSL_RSA_C */
1099 
1125 int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert,
1126  void *rsa_key,
1127  rsa_decrypt_func rsa_decrypt,
1128  rsa_sign_func rsa_sign,
1129  rsa_key_len_func rsa_key_len );
1130 #endif /* POLARSSL_X509_CRT_PARSE_C */
1131 
1132 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
1133 
1145 int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len,
1146  const unsigned char *psk_identity, size_t psk_identity_len );
1147 
1168 void ssl_set_psk_cb( ssl_context *ssl,
1169  int (*f_psk)(void *, ssl_context *, const unsigned char *,
1170  size_t),
1171  void *p_psk );
1172 #endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
1173 
1174 #if defined(POLARSSL_DHM_C)
1175 
1186 int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G );
1187 
1197 int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx );
1198 #endif /* POLARSSL_DHM_C */
1199 
1200 #if defined(POLARSSL_SSL_SET_CURVES)
1201 
1219 void ssl_set_curves( ssl_context *ssl, const ecp_group_id *curves );
1220 #endif /* POLARSSL_SSL_SET_CURVES */
1221 
1222 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
1223 
1233 int ssl_set_hostname( ssl_context *ssl, const char *hostname );
1234 
1254 void ssl_set_sni( ssl_context *ssl,
1255  int (*f_sni)(void *, ssl_context *, const unsigned char *,
1256  size_t),
1257  void *p_sni );
1258 #endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */
1259 
1260 #if defined(POLARSSL_SSL_ALPN)
1261 
1270 int ssl_set_alpn_protocols( ssl_context *ssl, const char **protos );
1271 
1281 const char *ssl_get_alpn_protocol( const ssl_context *ssl );
1282 #endif /* POLARSSL_SSL_ALPN */
1283 
1299 void ssl_set_max_version( ssl_context *ssl, int major, int minor );
1300 
1301 
1315 void ssl_set_min_version( ssl_context *ssl, int major, int minor );
1316 
1317 #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
1318 
1333 int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code );
1334 #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
1335 
1336 #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
1337 
1348 int ssl_set_truncated_hmac( ssl_context *ssl, int truncate );
1349 #endif /* POLARSSL_SSL_TRUNCATED_HMAC */
1350 
1351 #if defined(POLARSSL_SSL_SESSION_TICKETS)
1352 
1368 int ssl_set_session_tickets( ssl_context *ssl, int use_tickets );
1369 
1377 void ssl_set_session_ticket_lifetime( ssl_context *ssl, int lifetime );
1378 #endif /* POLARSSL_SSL_SESSION_TICKETS */
1379 
1393 void ssl_set_renegotiation( ssl_context *ssl, int renegotiation );
1394 
1422 void ssl_legacy_renegotiation( ssl_context *ssl, int allow_legacy );
1423 
1431 size_t ssl_get_bytes_avail( const ssl_context *ssl );
1432 
1444 int ssl_get_verify_result( const ssl_context *ssl );
1445 
1453 const char *ssl_get_ciphersuite( const ssl_context *ssl );
1454 
1462 const char *ssl_get_version( const ssl_context *ssl );
1463 
1464 #if defined(POLARSSL_X509_CRT_PARSE_C)
1465 
1479 const x509_crt *ssl_get_peer_cert( const ssl_context *ssl );
1480 #endif /* POLARSSL_X509_CRT_PARSE_C */
1481 
1498 int ssl_get_session( const ssl_context *ssl, ssl_session *session );
1499 
1508 int ssl_handshake( ssl_context *ssl );
1509 
1522 int ssl_handshake_step( ssl_context *ssl );
1523 
1534 int ssl_renegotiate( ssl_context *ssl );
1535 
1546 int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len );
1547 
1562 int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len );
1563 
1575  unsigned char level,
1576  unsigned char message );
1582 int ssl_close_notify( ssl_context *ssl );
1583 
1589 void ssl_free( ssl_context *ssl );
1590 
1597 void ssl_session_free( ssl_session *session );
1598 
1605 void ssl_transform_free( ssl_transform *transform );
1606 
1613 void ssl_handshake_free( ssl_handshake_params *handshake );
1614 
1615 /*
1616  * Internal functions (do not call directly)
1617  */
1620 void ssl_handshake_wrapup( ssl_context *ssl );
1621 
1623 
1624 int ssl_derive_keys( ssl_context *ssl );
1625 
1626 int ssl_read_record( ssl_context *ssl );
1631 int ssl_fetch_input( ssl_context *ssl, size_t nb_want );
1632 
1633 int ssl_write_record( ssl_context *ssl );
1634 int ssl_flush_output( ssl_context *ssl );
1635 
1638 
1641 
1642 int ssl_parse_finished( ssl_context *ssl );
1643 int ssl_write_finished( ssl_context *ssl );
1644 
1646  const ssl_ciphersuite_t *ciphersuite_info );
1647 
1648 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
1650 #endif
1651 
1652 #if defined(POLARSSL_PK_C)
1653 unsigned char ssl_sig_from_pk( pk_context *pk );
1654 pk_type_t ssl_pk_alg_from_sig( unsigned char sig );
1655 #endif
1656 
1657 md_type_t ssl_md_alg_from_hash( unsigned char hash );
1658 
1659 #if defined(POLARSSL_SSL_SET_CURVES)
1660 int ssl_curve_is_acceptable( const ssl_context *ssl, ecp_group_id grp_id );
1661 #endif
1662 
1663 #if defined(POLARSSL_X509_CRT_PARSE_C)
1664 static inline pk_context *ssl_own_key( ssl_context *ssl )
1665 {
1666  return( ssl->handshake->key_cert == NULL ? NULL
1667  : ssl->handshake->key_cert->key );
1668 }
1669 
1670 static inline x509_crt *ssl_own_cert( ssl_context *ssl )
1671 {
1672  return( ssl->handshake->key_cert == NULL ? NULL
1673  : ssl->handshake->key_cert->cert );
1674 }
1675 
1676 /*
1677  * Check usage of a certificate wrt extensions:
1678  * keyUsage, extendedKeyUsage (later), and nSCertType (later).
1679  *
1680  * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we
1681  * check a cert we received from them)!
1682  *
1683  * Return 0 if everything is OK, -1 if not.
1684  */
1685 int ssl_check_cert_usage( const x509_crt *cert,
1686  const ssl_ciphersuite_t *ciphersuite,
1687  int cert_endpoint );
1688 #endif /* POLARSSL_X509_CRT_PARSE_C */
1689 
1690 /* constant-time buffer comparison */
1691 static inline int safer_memcmp( const void *a, const void *b, size_t n )
1692 {
1693  size_t i;
1694  const unsigned char *A = (const unsigned char *) a;
1695  const unsigned char *B = (const unsigned char *) b;
1696  unsigned char diff = 0;
1697 
1698  for( i = 0; i < n; i++ )
1699  diff |= A[i] ^ B[i];
1700 
1701  return( diff );
1702 }
1703 
1704 #ifdef __cplusplus
1705 }
1706 #endif
1707 
1708 #endif /* ssl.h */
const ecp_curve_info ** curves
Definition: ssl.h:535
unsigned char * hostname
Definition: ssl.h:778
ssl_session * session_in
Definition: ssl.h:668
unsigned char mfl_code
Definition: ssl.h:717
size_t length
Definition: ssl.h:452
void * p_set_cache
Definition: ssl.h:647
md_context_t md_ctx_dec
Definition: ssl.h:503
int ciphersuite
Definition: ssl.h:450
int trunc_hmac
Definition: ssl.h:752
size_t in_hslen
Definition: ssl.h:697
int ssl_send_alert_message(ssl_context *ssl, unsigned char level, unsigned char message)
Send an alert message.
void(* f_dbg)(void *, int, const char *)
Definition: ssl.h:636
int(* f_rng)(void *, unsigned char *, size_t)
Definition: ssl.h:635
sha256_context fin_sha256
Definition: ssl.h:560
size_t ivlen
Definition: ssl.h:489
int record_read
Definition: ssl.h:699
int major_ver
Definition: ssl.h:624
Generic cipher context.
Definition: cipher.h:248
#define POLARSSL_PREMASTER_SIZE
Definition: ssl.h:385
SHA-1 context structure.
Definition: sha1.h:58
sha1_context fin_sha1
Definition: ssl.h:556
int compression
Definition: ssl.h:451
pk_type_t ssl_pk_alg_from_sig(unsigned char sig)
Network communication functions.
int state
Definition: ssl.h:621
const char * peer_cn
Definition: ssl.h:728
unsigned char master[48]
Definition: ssl.h:454
char peer_verify_data[36]
Definition: ssl.h:797
int ssl_set_truncated_hmac(ssl_context *ssl, int truncate)
Activate negotiation of truncated HMAC (Client only) (Default: SSL_TRUNC_HMAC_ENABLED) ...
ssl_transform * transform_out
Definition: ssl.h:680
int(* f_sni)(void *, ssl_context *, const unsigned char *, size_t)
Definition: ssl.h:651
int nb_zero
Definition: ssl.h:698
void(* calc_verify)(ssl_context *, unsigned char *)
Definition: ssl.h:568
DHM context structure.
Definition: dhm.h:143
void * p_psk
Definition: ssl.h:662
unsigned char mac_dec[48]
Definition: ssl.h:499
size_t ticket_len
Definition: ssl.h:463
ssl_session * session_negotiate
Definition: ssl.h:671
ssl_session * session
Definition: ssl.h:670
void ssl_legacy_renegotiation(ssl_context *ssl, int allow_legacy)
Prevent or allow legacy renegotiation.
int ssl_parse_certificate(ssl_context *ssl)
void ssl_set_dbg(ssl_context *ssl, void(*f_dbg)(void *, int, const char *), void *p_dbg)
Set the debug callback.
ssl_key_cert * key_cert
Definition: ssl.h:724
ssl_key_cert * sni_key_cert
Definition: ssl.h:546
int ssl_set_session_tickets(ssl_context *ssl, int use_tickets)
Enable / Disable session tickets (Default: SSL_SESSION_TICKETS_ENABLED on client, SSL_SESSION_TICKETS...
unsigned char iv_enc[16]
Definition: ssl.h:493
size_t out_msglen
Definition: ssl.h:710
void ssl_set_verify(ssl_context *ssl, int(*f_vrfy)(void *, x509_crt *, int, int *), void *p_vrfy)
Set the verification callback (Optional).
int ticket_lifetime
Definition: ssl.h:756
ssl_transform * transform_in
Definition: ssl.h:679
cipher_context_t cipher_ctx_enc
Definition: ssl.h:505
const int * ciphersuite_list[4]
Definition: ssl.h:747
int ssl_parse_finished(ssl_context *ssl)
void * p_rng
Definition: ssl.h:642
mpi dhm_P
Definition: ssl.h:760
ssl_states
Definition: ssl.h:408
unsigned char premaster[POLARSSL_PREMASTER_SIZE]
Definition: ssl.h:577
void ssl_session_free(ssl_session *session)
Free referenced items in an SSL session including the peer certificate and clear memory.
AES context structure.
Definition: aes.h:68
int ssl_write_finished(ssl_context *ssl)
Configuration options (set of defines)
ssl_transform * transform
Definition: ssl.h:681
x509_crt * cert
Definition: ssl.h:609
size_t psk_identity_len
Definition: ssl.h:771
unsigned char * out_ctr
Definition: ssl.h:704
void ssl_handshake_wrapup(ssl_context *ssl)
char own_verify_data[36]
Definition: ssl.h:796
int(* f_send)(void *, const unsigned char *, size_t)
Definition: ssl.h:638
size_t in_msglen
Definition: ssl.h:694
int ssl_set_dh_param_ctx(ssl_context *ssl, dhm_context *dhm_ctx)
Set the Diffie-Hellman public P and G values, read from existing context (server-side only) ...
unsigned char * in_hdr
Definition: ssl.h:688
int secure_renegotiation
Definition: ssl.h:793
time_t start
Definition: ssl.h:448
MPI structure.
Definition: bignum.h:181
sha512_context fin_sha512
Definition: ssl.h:563
int ssl_handshake_server_step(ssl_context *ssl)
SSL Ciphersuites for PolarSSL.
int(* tls_prf)(const unsigned char *, size_t, const char *, const unsigned char *, size_t, unsigned char *, size_t)
Definition: ssl.h:570
unsigned char mac_key[16]
Definition: ssl.h:599
void * p_vrfy
Definition: ssl.h:657
size_t psk_len
Definition: ssl.h:769
void ssl_set_max_version(ssl_context *ssl, int major, int minor)
Set the maximum supported version sent from the client side and/or accepted at the server side (Defau...
const ssl_ciphersuite_t * ciphersuite_info
Definition: ssl.h:485
void * p_recv
Definition: ssl.h:644
unsigned char * psk
Definition: ssl.h:768
Multi-precision integer library.
void ssl_set_ciphersuites_for_version(ssl_context *ssl, const int *ciphersuites, int major, int minor)
Set the list of allowed ciphersuites and the preference order for a specific version of the protocol...
int ssl_init(ssl_context *ssl)
Initialize an SSL context (An individual SSL context is not thread-safe)
int max_major_ver
Definition: ssl.h:627
int ssl_get_ciphersuite_id(const char *ciphersuite_name)
Return the ID of the ciphersuite associated with the given name.
int ssl_set_psk(ssl_context *ssl, const unsigned char *psk, size_t psk_len, const unsigned char *psk_identity, size_t psk_identity_len)
Set the Pre Shared Key (PSK) and the identity name connected to it.
void ssl_set_psk_cb(ssl_context *ssl, int(*f_psk)(void *, ssl_context *, const unsigned char *, size_t), void *p_psk)
Set the PSK callback (server-side only) (Optional).
unsigned int keylen
Definition: ssl.h:487
int ssl_get_session(const ssl_context *ssl, ssl_session *session)
Save session in order to resume it later (client-side only) Session data is copied to presented sessi...
md_type_t
Definition: md.h:51
int verify_result
Definition: ssl.h:459
const char * ssl_get_alpn_protocol(const ssl_context *ssl)
Get the name of the negotiated Application Layer Protocol.
const char ** alpn_list
Definition: ssl.h:786
int max_minor_ver
Definition: ssl.h:628
const char * alpn_chosen
Definition: ssl.h:787
void * p_hw_data
Definition: ssl.h:648
unsigned char * in_ctr
Definition: ssl.h:687
ssl_handshake_params * handshake
Definition: ssl.h:673
void(* update_checksum)(ssl_context *, const unsigned char *, size_t)
Definition: ssl.h:567
size_t fixed_ivlen
Definition: ssl.h:490
int ssl_write_certificate(ssl_context *ssl)
size_t(* rsa_key_len_func)(void *ctx)
Definition: ssl.h:403
RSA context structure.
Definition: rsa.h:81
cipher_context_t cipher_ctx_dec
Definition: ssl.h:506
int in_msgtype
Definition: ssl.h:693
Container for an X.509 certificate.
Definition: x509_crt.h:57
size_t verify_data_len
Definition: ssl.h:795
const char * ssl_get_ciphersuite(const ssl_context *ssl)
Return the name of the current ciphersuite.
mpi dhm_G
Definition: ssl.h:761
const char * ssl_get_version(const ssl_context *ssl)
Return the current SSL version (SSLv3/TLSv1/etc)
void ssl_set_renegotiation(ssl_context *ssl, int renegotiation)
Enable / Disable renegotiation support for connection when initiated by peer (Default: SSL_RENEGOTIAT...
int min_minor_ver
Definition: ssl.h:630
unsigned char * out_msg
Definition: ssl.h:707
int client_auth
Definition: ssl.h:743
void * p_dbg
Definition: ssl.h:643
ssl_key_cert * key_cert
Current key/cert or key/cert list.
Definition: ssl.h:544
void * p_send
Definition: ssl.h:645
ecdh_context ecdh_ctx
Definition: ssl.h:532
x509_crl * ca_crl
Definition: ssl.h:727
static x509_crt * ssl_own_cert(ssl_context *ssl)
Definition: ssl.h:1670
int ssl_set_max_frag_len(ssl_context *ssl, unsigned char mfl_code)
Set the maximum fragment length to emit and/or negotiate (Default: SSL_MAX_CONTENT_LEN, usually 2^14 bytes) (Server: set maximum fragment length to emit, usually negotiated by the client during handshake (Client: set maximum fragment length to emit and negotiate with the server during handshake)
SHA-512 context structure.
Definition: sha512.h:59
int ssl_handshake_client_step(ssl_context *ssl)
unsigned char * ticket
Definition: ssl.h:462
size_t maclen
Definition: ssl.h:491
int new_session_ticket
Definition: ssl.h:586
unsigned char * out_hdr
Definition: ssl.h:705
AES block cipher.
int ssl_set_own_cert(ssl_context *ssl, x509_crt *own_cert, pk_context *pk_key)
Set own certificate chain and private key.
int trunc_hmac
Definition: ssl.h:472
void ssl_set_endpoint(ssl_context *ssl, int endpoint)
Set the current endpoint type.
void ssl_set_ciphersuites(ssl_context *ssl, const int *ciphersuites)
Set the list of allowed ciphersuites and the preference order.
Curve information for use by other modules.
Definition: ecp.h:87
void ssl_set_rng(ssl_context *ssl, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Set the random number generator callback.
void * p_get_cache
Definition: ssl.h:646
void ssl_set_bio(ssl_context *ssl, int(*f_recv)(void *, unsigned char *, size_t), void *p_recv, int(*f_send)(void *, const unsigned char *, size_t), void *p_send)
Set the underlying BIO read and write callbacks.
void ssl_free(ssl_context *ssl)
Free referenced items in an SSL context and clear memory.
unsigned char ssl_sig_from_pk(pk_context *pk)
void ssl_handshake_free(ssl_handshake_params *handshake)
Free referenced items in an SSL handshake context and clear memory.
int authmode
Definition: ssl.h:742
int ssl_flush_output(ssl_context *ssl)
int ssl_handshake(ssl_context *ssl)
Perform the SSL handshake.
unsigned char * in_offt
Definition: ssl.h:691
void ssl_set_min_version(ssl_context *ssl, int major, int minor)
Set the minimum accepted SSL/TLS protocol version (Default: SSL_MIN_MAJOR_VERSION, SSL_MIN_MINOR_VERSION)
Diffie-Hellman-Merkle key exchange.
X.509 certificate parsing and writing.
int(* rsa_sign_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Definition: ssl.h:399
unsigned char * in_msg
Definition: ssl.h:690
int ssl_set_hostname(ssl_context *ssl, const char *hostname)
Set hostname for ServerName TLS extension (client-side only)
aes_context dec
Definition: ssl.h:598
int ssl_handshake_step(ssl_context *ssl)
Perform a single step of the SSL handshake.
MD5 context structure.
Definition: md5.h:58
int ssl_check_cert_usage(const x509_crt *cert, const ssl_ciphersuite_t *ciphersuite, int cert_endpoint)
pk_type_t
Public key types.
Definition: pk.h:95
aes_context enc
Definition: ssl.h:597
unsigned char iv_dec[16]
Definition: ssl.h:494
int ssl_parse_change_cipher_spec(ssl_context *ssl)
size_t hostname_len
Definition: ssl.h:779
Elliptic curve Diffie-Hellman.
int minor_ver
Definition: ssl.h:625
ECDH context structure.
Definition: ecdh.h:48
This structure is used for storing ciphersuite information.
int ssl_close_notify(ssl_context *ssl)
Notify the peer that the connection is being closed.
const x509_crt * ssl_get_peer_cert(const ssl_context *ssl)
Return the peer certificate from the current connection.
void ssl_set_session_cache(ssl_context *ssl, int(*f_get_cache)(void *, ssl_session *), void *p_get_cache, int(*f_set_cache)(void *, const ssl_session *), void *p_set_cache)
Set the session cache callbacks (server-side only) If not set, no session resuming is done...
size_t ssl_get_bytes_avail(const ssl_context *ssl)
Return the number of data bytes available to read.
int ssl_set_session(ssl_context *ssl, const ssl_session *session)
Request resumption of session (client-side only) Session data is copied from presented session struct...
size_t in_left
Definition: ssl.h:695
int session_tickets
Definition: ssl.h:755
pk_context * key
Definition: ssl.h:610
int allow_legacy_renegotiation
Definition: ssl.h:746
ssl_session * session_out
Definition: ssl.h:669
void(* calc_finished)(ssl_context *, unsigned char *, int)
Definition: ssl.h:569
int ssl_read_record(ssl_context *ssl)
int ssl_set_own_cert_rsa(ssl_context *ssl, x509_crt *own_cert, rsa_context *rsa_key)
Set own certificate chain and private RSA key.
ecp_group_id
Domain parameters (curve, subgroup and generator) identifiers.
Definition: ecp.h:57
int ssl_set_dh_param(ssl_context *ssl, const char *dhm_P, const char *dhm_G)
Set the Diffie-Hellman public P and G values, read as hexadecimal strings (server-side only) (Default...
int(* f_vrfy)(void *, x509_crt *, int, int *)
Definition: ssl.h:656
int out_msgtype
Definition: ssl.h:709
void ssl_set_session_ticket_lifetime(ssl_context *ssl, int lifetime)
Set session ticket lifetime (server only) (Default: SSL_DEFAULT_TICKET_LIFETIME (86400 secs / 1 day))...
size_t out_left
Definition: ssl.h:711
SHA-1 cryptographic hash function.
md_context_t md_ctx_enc
Definition: ssl.h:502
int ssl_get_verify_result(const ssl_context *ssl)
Return the result of the certificate verification.
X.509 certificate revocation list parsing.
int ssl_session_reset(ssl_context *ssl)
Reset an already initialized SSL context for re-use while retaining application-set variables...
int min_major_ver
Definition: ssl.h:629
Certificate revocation list structure.
Definition: x509_crl.h:73
const int * ssl_list_ciphersuites(void)
Returns the list of ciphersuites supported by the SSL/TLS module.
SHA-384 and SHA-512 cryptographic hash function.
ssl_transform * transform_negotiate
Definition: ssl.h:682
int ssl_set_alpn_protocols(ssl_context *ssl, const char **protos)
Set the supported Application Layer Protocols.
uint32_t ticket_lifetime
Definition: ssl.h:464
unsigned char * in_iv
Definition: ssl.h:689
int disable_renegotiation
Definition: ssl.h:745
int verify_result
Definition: ssl.h:744
int ssl_write_change_cipher_spec(ssl_context *ssl)
int(* f_get_cache)(void *, ssl_session *)
Definition: ssl.h:639
int ssl_derive_keys(ssl_context *ssl)
void ssl_set_authmode(ssl_context *ssl, int authmode)
Set the certificate verification mode.
static pk_context * ssl_own_key(ssl_context *ssl)
Definition: ssl.h:1664
int(* f_set_cache)(void *, const ssl_session *)
Definition: ssl.h:640
SHA-256 context structure.
Definition: sha256.h:58
key_exchange_type_t
unsigned char mfl_code
Definition: ssl.h:468
int ssl_psk_derive_premaster(ssl_context *ssl, key_exchange_type_t key_ex)
int renegotiation
Definition: ssl.h:622
dhm_context dhm_ctx
Definition: ssl.h:529
static int safer_memcmp(const void *a, const void *b, size_t n)
Definition: ssl.h:1691
int ssl_send_fatal_handshake_failure(ssl_context *ssl)
ssl_ticket_keys * ticket_keys
Definition: ssl.h:735
size_t minlen
Definition: ssl.h:488
int ssl_read(ssl_context *ssl, unsigned char *buf, size_t len)
Read at most &#39;len&#39; application data bytes.
void ssl_transform_free(ssl_transform *transform)
Free referenced items in an SSL transform context and clear memory.
unsigned char * psk_identity
Definition: ssl.h:770
unsigned char mac_enc[48]
Definition: ssl.h:498
const char * ssl_get_ciphersuite_name(const int ciphersuite_id)
Return the name of the ciphersuite associated with the given ID.
MD5 message digest algorithm (hash function)
int ssl_renegotiate(ssl_context *ssl)
Initiate an SSL renegotiation on the running connection.
SHA-224 and SHA-256 cryptographic hash function.
int(* f_recv)(void *, unsigned char *, size_t)
Definition: ssl.h:637
unsigned char key_name[16]
Definition: ssl.h:596
int key_own_alloc
Definition: ssl.h:611
int ssl_write(ssl_context *ssl, const unsigned char *buf, size_t len)
Write exactly &#39;len&#39; application data bytes.
ssl_key_cert * next
Definition: ssl.h:612
void ssl_set_ca_chain(ssl_context *ssl, x509_crt *ca_chain, x509_crl *ca_crl, const char *peer_cn)
Set the data required to verify peer certificate.
x509_crt * ca_chain
Definition: ssl.h:726
md5_context fin_md5
Definition: ssl.h:555
int endpoint
Definition: ssl.h:741
int ssl_set_own_cert_alt(ssl_context *ssl, x509_crt *own_cert, void *rsa_key, rsa_decrypt_func rsa_decrypt, rsa_sign_func rsa_sign, rsa_key_len_func rsa_key_len)
Set own certificate and alternate non-PolarSSL RSA private key and handling callbacks, such as the PKCS#11 wrappers or any other external private key handler.
void ssl_set_sni(ssl_context *ssl, int(*f_sni)(void *, ssl_context *, const unsigned char *, size_t), void *p_sni)
Set server side ServerName TLS extension callback (optional, server-side only).
int ssl_fetch_input(ssl_context *ssl, size_t nb_want)
int(* f_psk)(void *, ssl_context *, const unsigned char *, size_t)
Definition: ssl.h:661
int ssl_write_record(ssl_context *ssl)
Public key container.
Definition: pk.h:182
unsigned char * out_iv
Definition: ssl.h:706
unsigned char randbytes[64]
Definition: ssl.h:576
int(* rsa_decrypt_func)(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Definition: ssl.h:396
Generic message digest context.
Definition: md.h:132
void ssl_optimize_checksum(ssl_context *ssl, const ssl_ciphersuite_t *ciphersuite_info)
x509_crt * peer_cert
Definition: ssl.h:457
md_type_t ssl_md_alg_from_hash(unsigned char hash)
void * p_sni
Definition: ssl.h:652