1 /* 2 * TLSv1 client - internal structures 3 * Copyright (c) 2006-2011, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #ifndef TLSV1_CLIENT_I_H 10 #define TLSV1_CLIENT_I_H 11 12 struct tlsv1_client { 13 enum { 14 CLIENT_HELLO, SERVER_HELLO, SERVER_CERTIFICATE, 15 SERVER_KEY_EXCHANGE, SERVER_CERTIFICATE_REQUEST, 16 SERVER_HELLO_DONE, CLIENT_KEY_EXCHANGE, CHANGE_CIPHER_SPEC, 17 SERVER_CHANGE_CIPHER_SPEC, SERVER_FINISHED, ACK_FINISHED, 18 ESTABLISHED, FAILED 19 } state; 20 21 struct tlsv1_record_layer rl; 22 23 u8 session_id[TLS_SESSION_ID_MAX_LEN]; 24 size_t session_id_len; 25 u8 client_random[TLS_RANDOM_LEN]; 26 u8 server_random[TLS_RANDOM_LEN]; 27 u8 master_secret[TLS_MASTER_SECRET_LEN]; 28 29 u8 alert_level; 30 u8 alert_description; 31 32 unsigned int flags; /* TLS_CONN_* bitfield */ 33 34 unsigned int certificate_requested:1; 35 unsigned int session_resumed:1; 36 unsigned int session_ticket_included:1; 37 unsigned int use_session_ticket:1; 38 unsigned int cert_in_cb:1; 39 unsigned int ocsp_resp_received:1; 40 41 struct crypto_public_key *server_rsa_key; 42 43 struct tls_verify_hash verify; 44 45 #define MAX_CIPHER_COUNT 30 46 u16 cipher_suites[MAX_CIPHER_COUNT]; 47 size_t num_cipher_suites; 48 49 u16 prev_cipher_suite; 50 51 u8 *client_hello_ext; 52 size_t client_hello_ext_len; 53 54 /* The prime modulus used for Diffie-Hellman */ 55 u8 *dh_p; 56 size_t dh_p_len; 57 /* The generator used for Diffie-Hellman */ 58 u8 *dh_g; 59 size_t dh_g_len; 60 /* The server's Diffie-Hellman public value */ 61 u8 *dh_ys; 62 size_t dh_ys_len; 63 64 struct tlsv1_credentials *cred; 65 66 tlsv1_client_session_ticket_cb session_ticket_cb; 67 void *session_ticket_cb_ctx; 68 69 struct wpabuf *partial_input; 70 71 void (*event_cb)(void *ctx, enum tls_event ev, 72 union tls_event_data *data); 73 void *cb_ctx; 74 75 struct x509_certificate *server_cert; 76 }; 77 78 79 void tls_alert(struct tlsv1_client *conn, u8 level, u8 description); 80 void tlsv1_client_free_dh(struct tlsv1_client *conn); 81 int tls_derive_pre_master_secret(u8 *pre_master_secret); 82 int tls_derive_keys(struct tlsv1_client *conn, 83 const u8 *pre_master_secret, size_t pre_master_secret_len); 84 u8 * tls_send_client_hello(struct tlsv1_client *conn, size_t *out_len); 85 u8 * tlsv1_client_send_alert(struct tlsv1_client *conn, u8 level, 86 u8 description, size_t *out_len); 87 u8 * tlsv1_client_handshake_write(struct tlsv1_client *conn, size_t *out_len, 88 int no_appl_data); 89 int tlsv1_client_process_handshake(struct tlsv1_client *conn, u8 ct, 90 const u8 *buf, size_t *len, 91 u8 **out_data, size_t *out_len); 92 93 enum tls_ocsp_result { 94 TLS_OCSP_NO_RESPONSE, TLS_OCSP_INVALID, TLS_OCSP_GOOD, TLS_OCSP_REVOKED 95 }; 96 97 enum tls_ocsp_result tls_process_ocsp_response(struct tlsv1_client *conn, 98 const u8 *resp, size_t len); 99 100 #endif /* TLSV1_CLIENT_I_H */ 101