libeap/src/tls/tlsv1_client_i.h

   1 /*
   2  * TLSv1 client - internal structures
   3  * Copyright (c) 2006-2011, Jouni Malinen <j@w1.fi>
   4  *
   5  * This software may be distributed under the terms of the BSD license.
   6  * See README for more details.
   7  */
   8
   9 #ifndef TLSV1_CLIENT_I_H
  10 #define TLSV1_CLIENT_I_H
  11
  12 struct tlsv1_client {
  13         enum {
  14                 CLIENT_HELLO, SERVER_HELLO, SERVER_CERTIFICATE,
  15                 SERVER_KEY_EXCHANGE, SERVER_CERTIFICATE_REQUEST,
  16                 SERVER_HELLO_DONE, CLIENT_KEY_EXCHANGE, CHANGE_CIPHER_SPEC,
  17                 SERVER_CHANGE_CIPHER_SPEC, SERVER_FINISHED, ACK_FINISHED,
  18                 ESTABLISHED, FAILED
  19         } state;
  20
  21         struct tlsv1_record_layer rl;
  22
  23         u8 session_id[TLS_SESSION_ID_MAX_LEN];
  24         size_t session_id_len;
  25         u8 client_random[TLS_RANDOM_LEN];
  26         u8 server_random[TLS_RANDOM_LEN];
  27         u8 master_secret[TLS_MASTER_SECRET_LEN];
  28
  29         u8 alert_level;
  30         u8 alert_description;
  31
  32         unsigned int flags; /* TLS_CONN_* bitfield */
  33
  34         unsigned int certificate_requested:1;
  35         unsigned int session_resumed:1;
  36         unsigned int session_ticket_included:1;
  37         unsigned int use_session_ticket:1;
  38         unsigned int cert_in_cb:1;
  39         unsigned int ocsp_resp_received:1;
  40
  41         struct crypto_public_key *server_rsa_key;
  42
  43         struct tls_verify_hash verify;
  44
  45 #define MAX_CIPHER_COUNT 30
  46         u16 cipher_suites[MAX_CIPHER_COUNT];
  47         size_t num_cipher_suites;
  48
  49         u16 prev_cipher_suite;
  50
  51         u8 *client_hello_ext;
  52         size_t client_hello_ext_len;
  53
  54         /* The prime modulus used for Diffie-Hellman */
  55         u8 *dh_p;
  56         size_t dh_p_len;
  57         /* The generator used for Diffie-Hellman */
  58         u8 *dh_g;
  59         size_t dh_g_len;
  60         /* The server's Diffie-Hellman public value */
  61         u8 *dh_ys;
  62         size_t dh_ys_len;
  63
  64         struct tlsv1_credentials *cred;
  65
  66         tlsv1_client_session_ticket_cb session_ticket_cb;
  67         void *session_ticket_cb_ctx;
  68
  69         struct wpabuf *partial_input;
  70
  71         void (*event_cb)(void *ctx, enum tls_event ev,
  72                          union tls_event_data *data);
  73         void *cb_ctx;
  74
  75         struct x509_certificate *server_cert;
  76 };
  77
  78
  79 void tls_alert(struct tlsv1_client *conn, u8 level, u8 description);
  80 void tlsv1_client_free_dh(struct tlsv1_client *conn);
  81 int tls_derive_pre_master_secret(u8 *pre_master_secret);
  82 int tls_derive_keys(struct tlsv1_client *conn,
  83                     const u8 *pre_master_secret, size_t pre_master_secret_len);
  84 u8 * tls_send_client_hello(struct tlsv1_client *conn, size_t *out_len);
  85 u8 * tlsv1_client_send_alert(struct tlsv1_client *conn, u8 level,
  86                              u8 description, size_t *out_len);
  87 u8 * tlsv1_client_handshake_write(struct tlsv1_client *conn, size_t *out_len,
  88                                   int no_appl_data);
  89 int tlsv1_client_process_handshake(struct tlsv1_client *conn, u8 ct,
  90                                    const u8 *buf, size_t *len,
  91                                    u8 **out_data, size_t *out_len);
  92
  93 enum tls_ocsp_result {
  94         TLS_OCSP_NO_RESPONSE, TLS_OCSP_INVALID, TLS_OCSP_GOOD, TLS_OCSP_REVOKED
  95 };
  96
  97 enum tls_ocsp_result tls_process_ocsp_response(struct tlsv1_client *conn,
  98                                                const u8 *resp, size_t len);
  99
 100 #endif /* TLSV1_CLIENT_I_H */