PolarSSL v1.2.12
ssl.h
Go to the documentation of this file.
1 
27 #ifndef POLARSSL_SSL_H
28 #define POLARSSL_SSL_H
29 
30 #include <time.h>
31 
32 #include "net.h"
33 #include "rsa.h"
34 #include "md5.h"
35 #include "sha1.h"
36 #include "sha2.h"
37 #include "sha4.h"
38 #include "x509.h"
39 #include "config.h"
40 
41 #if defined(POLARSSL_DHM_C)
42 #include "dhm.h"
43 #endif
44 
45 #if defined(POLARSSL_ZLIB_SUPPORT)
46 #include "zlib.h"
47 #endif
48 
49 #if defined(_MSC_VER) && !defined(inline)
50 #define inline _inline
51 #else
52 #if defined(__ARMCC_VERSION) && !defined(inline)
53 #define inline __inline
54 #endif /* __ARMCC_VERSION */
55 #endif /*_MSC_VER */
56 
57 /*
58  * SSL Error codes
59  */
60 #define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x7080
61 #define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x7100
62 #define POLARSSL_ERR_SSL_INVALID_MAC -0x7180
63 #define POLARSSL_ERR_SSL_INVALID_RECORD -0x7200
64 #define POLARSSL_ERR_SSL_CONN_EOF -0x7280
65 #define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x7300
66 #define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x7380
67 #define POLARSSL_ERR_SSL_NO_RNG -0x7400
68 #define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480
69 #define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500
70 #define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED -0x7580
71 #define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600
72 #define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED -0x7680
73 #define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE -0x7700
74 #define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780
75 #define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED -0x7800
76 #define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880
77 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900
78 #define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980
79 #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00
80 #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80
81 #define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00
82 #define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80
83 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00
84 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_RP -0x7C80
85 #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_CS -0x7D00
86 #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80
87 #define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00
88 #define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0x7E80
89 #define POLARSSL_ERR_SSL_MALLOC_FAILED -0x7F00
90 #define POLARSSL_ERR_SSL_HW_ACCEL_FAILED -0x7F80
91 #define POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80
92 #define POLARSSL_ERR_SSL_COMPRESSION_FAILED -0x6F00
93 #define POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80
94 #define POLARSSL_ERR_SSL_COUNTER_WRAPPING -0x6B80
96 /*
97  * Various constants
98  */
99 #define SSL_MAJOR_VERSION_3 3
100 #define SSL_MINOR_VERSION_0 0
101 #define SSL_MINOR_VERSION_1 1
102 #define SSL_MINOR_VERSION_2 2
103 #define SSL_MINOR_VERSION_3 3
105 #define SSL_IS_CLIENT 0
106 #define SSL_IS_SERVER 1
107 #define SSL_COMPRESS_NULL 0
108 #define SSL_COMPRESS_DEFLATE 1
109 
110 #define SSL_VERIFY_NONE 0
111 #define SSL_VERIFY_OPTIONAL 1
112 #define SSL_VERIFY_REQUIRED 2
113 
114 #define SSL_INITIAL_HANDSHAKE 0
115 #define SSL_RENEGOTIATION 1
116 
117 #define SSL_LEGACY_RENEGOTIATION 0
118 #define SSL_SECURE_RENEGOTIATION 1
119 
120 #define SSL_RENEGOTIATION_DISABLED 0
121 #define SSL_RENEGOTIATION_ENABLED 1
122 
123 #define SSL_LEGACY_NO_RENEGOTIATION 0
124 #define SSL_LEGACY_ALLOW_RENEGOTIATION 1
125 #define SSL_LEGACY_BREAK_HANDSHAKE 2
126 
127 /*
128  * Size of the input / output buffer.
129  * Note: the RFC defines the default size of SSL / TLS messages. If you
130  * change the value here, other clients / servers may not be able to
131  * communicate with you anymore. Only change this value if you control
132  * both sides of the connection and have it reduced at both sides!
133  */
134 #if !defined(POLARSSL_CONFIG_OPTIONS)
135 #define SSL_MAX_CONTENT_LEN 16384
136 #endif /* !POLARSSL_CONFIG_OPTIONS */
137 
138 /*
139  * Allow an extra 512 bytes for the record header
140  * and encryption overhead (counter + MAC + padding)
141  * and allow for a maximum of 1024 of compression expansion if
142  * enabled.
143  */
144 #if defined(POLARSSL_ZLIB_SUPPORT)
145 #define SSL_COMPRESSION_ADD 1024
146 #else
147 #define SSL_COMPRESSION_ADD 0
148 #endif
149 
150 #define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + SSL_COMPRESSION_ADD + 512)
151 
152 /*
153  * Supported ciphersuites (Official IANA names)
154  */
155 #define TLS_RSA_WITH_NULL_MD5 0x01
156 #define TLS_RSA_WITH_NULL_SHA 0x02
157 #define TLS_RSA_WITH_NULL_SHA256 0x3B
158 #define TLS_RSA_WITH_DES_CBC_SHA 0x09
159 #define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15
161 #define TLS_RSA_WITH_RC4_128_MD5 0x04
162 #define TLS_RSA_WITH_RC4_128_SHA 0x05
163 
164 #define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
165 #define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
166 
167 #define TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
168 #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
169 #define TLS_RSA_WITH_AES_256_CBC_SHA 0x35
170 #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
171 #define TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C
172 #define TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D
173 #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67
174 #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B
176 #define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
177 #define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
178 #define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
179 #define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
180 #define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA
181 #define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE
182 #define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0
183 #define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4
185 #define TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C
186 #define TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D
187 #define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E
188 #define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F
189 
190 #define SSL_EMPTY_RENEGOTIATION_INFO 0xFF
192 /*
193  * Supported Signature and Hash algorithms (For TLS 1.2)
194  */
195 #define SSL_HASH_NONE 0
196 #define SSL_HASH_MD5 1
197 #define SSL_HASH_SHA1 2
198 #define SSL_HASH_SHA224 3
199 #define SSL_HASH_SHA256 4
200 #define SSL_HASH_SHA384 5
201 #define SSL_HASH_SHA512 6
202 
203 #define SSL_SIG_RSA 1
204 
205 /*
206  * Client Certificate Types
207  */
208 #define SSL_CERT_TYPE_RSA_SIGN 1
209 
210 /*
211  * Message, alert and handshake types
212  */
213 #define SSL_MSG_CHANGE_CIPHER_SPEC 20
214 #define SSL_MSG_ALERT 21
215 #define SSL_MSG_HANDSHAKE 22
216 #define SSL_MSG_APPLICATION_DATA 23
217 
218 #define SSL_ALERT_LEVEL_WARNING 1
219 #define SSL_ALERT_LEVEL_FATAL 2
220 
221 #define SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */
222 #define SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */
223 #define SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */
224 #define SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */
225 #define SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */
226 #define SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */
227 #define SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */
228 #define SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */
229 #define SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */
230 #define SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */
231 #define SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */
232 #define SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */
233 #define SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */
234 #define SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */
235 #define SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */
236 #define SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */
237 #define SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */
238 #define SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */
239 #define SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */
240 #define SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */
241 #define SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */
242 #define SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */
243 #define SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */
244 #define SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */
245 #define SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */
246 #define SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */
247 
248 #define SSL_HS_HELLO_REQUEST 0
249 #define SSL_HS_CLIENT_HELLO 1
250 #define SSL_HS_SERVER_HELLO 2
251 #define SSL_HS_CERTIFICATE 11
252 #define SSL_HS_SERVER_KEY_EXCHANGE 12
253 #define SSL_HS_CERTIFICATE_REQUEST 13
254 #define SSL_HS_SERVER_HELLO_DONE 14
255 #define SSL_HS_CERTIFICATE_VERIFY 15
256 #define SSL_HS_CLIENT_KEY_EXCHANGE 16
257 #define SSL_HS_FINISHED 20
258 
259 /*
260  * TLS extensions
261  */
262 #define TLS_EXT_SERVERNAME 0
263 #define TLS_EXT_SERVERNAME_HOSTNAME 0
264 
265 #define TLS_EXT_SIG_ALG 13
266 
267 #define TLS_EXT_RENEGOTIATION_INFO 0xFF01
268 
269 
270 /*
271  * Generic function pointers for allowing external RSA private key
272  * implementations.
273  */
274 typedef int (*rsa_decrypt_func)( void *ctx,
275  int (*f_rng)(void *, unsigned char *, size_t),
276  void *p_rng, int mode, size_t *olen,
277  const unsigned char *input, unsigned char *output,
278  size_t output_max_len );
279 typedef int (*rsa_sign_func)( void *ctx,
280  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
281  int mode, int hash_id, unsigned int hashlen,
282  const unsigned char *hash, unsigned char *sig );
283 typedef size_t (*rsa_key_len_func)( void *ctx );
284 
285 /*
286  * SSL state machine
287  */
288 typedef enum
289 {
307 }
308 ssl_states;
309 
310 typedef struct _ssl_session ssl_session;
311 typedef struct _ssl_context ssl_context;
314 
315 /*
316  * This structure is used for storing current session data.
317  */
319 {
320  time_t start;
323  size_t length;
324  unsigned char id[32];
325  unsigned char master[48];
327 };
328 
329 /*
330  * This structure contains a full set of runtime transform parameters
331  * either in negotiation or active.
332  */
334 {
335  /*
336  * Session specific crypto layer
337  */
338  unsigned int keylen;
339  size_t minlen;
340  size_t ivlen;
341  size_t fixed_ivlen;
342  size_t maclen;
344  unsigned char iv_enc[16];
345  unsigned char iv_dec[16];
347  unsigned char mac_enc[32];
348  unsigned char mac_dec[32];
350  uint32_t ctx_enc[136];
351  uint32_t ctx_dec[136];
353  /*
354  * Session specific compression layer
355  */
356 #if defined(POLARSSL_ZLIB_SUPPORT)
357  z_stream ctx_deflate;
358  z_stream ctx_inflate;
359 #endif
360 };
361 
362 /*
363  * This structure contains the parameters only needed during handshake.
364  */
366 {
367  /*
368  * Handshake specific crypto variables
369  */
370  int sig_alg;
371  int cert_type;
373 #if defined(POLARSSL_DHM_C)
375 #endif
376 
377  /*
378  * Checksum contexts
379  */
384 
385  void (*update_checksum)(ssl_context *, unsigned char *, size_t);
386  void (*calc_verify)(ssl_context *, unsigned char *);
387  void (*calc_finished)(ssl_context *, unsigned char *, int);
388  int (*tls_prf)(unsigned char *, size_t, char *,
389  unsigned char *, size_t,
390  unsigned char *, size_t);
391 
392  size_t pmslen;
394  unsigned char randbytes[64];
398  int resume;
399 };
400 
402 {
403  /*
404  * Miscellaneous
405  */
406  int state;
409  int major_ver;
410  int minor_ver;
417  /*
418  * Callbacks (RNG, debug, I/O, verification)
419  */
420  int (*f_rng)(void *, unsigned char *, size_t);
421  void (*f_dbg)(void *, int, const char *);
422  int (*f_recv)(void *, unsigned char *, size_t);
423  int (*f_send)(void *, const unsigned char *, size_t);
424  int (*f_vrfy)(void *, x509_cert *, int, int *);
425  int (*f_get_cache)(void *, ssl_session *);
426  int (*f_set_cache)(void *, const ssl_session *);
427  int (*f_sni)(void *, ssl_context *, const unsigned char *, size_t);
428 
429  void *p_rng;
430  void *p_dbg;
431  void *p_recv;
432  void *p_send;
433  void *p_vrfy;
434  void *p_get_cache;
435  void *p_set_cache;
436  void *p_sni;
437  void *p_hw_data;
439  /*
440  * Session layer
441  */
450  /*
451  * Record layer transformations
452  */
458  /*
459  * Record layer (incoming data)
460  */
461  unsigned char *in_ctr;
462  unsigned char *in_hdr;
463  unsigned char *in_msg;
464  unsigned char *in_offt;
467  size_t in_msglen;
468  size_t in_left;
470  size_t in_hslen;
471  int nb_zero;
473  /*
474  * Record layer (outgoing data)
475  */
476  unsigned char *out_ctr;
477  unsigned char *out_hdr;
478  unsigned char *out_msg;
481  size_t out_msglen;
482  size_t out_left;
484  /*
485  * PKI layer
486  */
487  void *rsa_key;
495  const char *peer_cn;
497  /*
498  * User settings
499  */
500  int endpoint;
501  int authmode;
506  const int **ciphersuites;
508 #if defined(POLARSSL_DHM_C)
511 #endif
512 
513  /*
514  * TLS extensions
515  */
516  unsigned char *hostname;
517  size_t hostname_len;
518 
519  /*
520  * Secure renegotiation
521  */
525  char own_verify_data[36];
526  char peer_verify_data[36];
527 };
528 
529 #ifdef __cplusplus
530 extern "C" {
531 #endif
532 
533 extern const int ssl_default_ciphersuites[];
534 
535 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
536 extern int (*ssl_hw_record_init)(ssl_context *ssl,
537  const unsigned char *key_enc, const unsigned char *key_dec,
538  const unsigned char *iv_enc, const unsigned char *iv_dec,
539  const unsigned char *mac_enc, const unsigned char *mac_dec);
540 extern int (*ssl_hw_record_reset)(ssl_context *ssl);
541 extern int (*ssl_hw_record_write)(ssl_context *ssl);
542 extern int (*ssl_hw_record_read)(ssl_context *ssl);
543 extern int (*ssl_hw_record_finish)(ssl_context *ssl);
544 #endif
545 
552 static inline const int *ssl_list_ciphersuites( void )
553 {
555 }
556 
565 const char *ssl_get_ciphersuite_name( const int ciphersuite_id );
566 
575 int ssl_get_ciphersuite_id( const char *ciphersuite_name );
576 
585 int ssl_init( ssl_context *ssl );
586 
597 int ssl_session_reset( ssl_context *ssl );
598 
605 void ssl_set_endpoint( ssl_context *ssl, int endpoint );
606 
630 void ssl_set_authmode( ssl_context *ssl, int authmode );
631 
643 void ssl_set_verify( ssl_context *ssl,
644  int (*f_vrfy)(void *, x509_cert *, int, int *),
645  void *p_vrfy );
646 
654 void ssl_set_rng( ssl_context *ssl,
655  int (*f_rng)(void *, unsigned char *, size_t),
656  void *p_rng );
657 
665 void ssl_set_dbg( ssl_context *ssl,
666  void (*f_dbg)(void *, int, const char *),
667  void *p_dbg );
668 
678 void ssl_set_bio( ssl_context *ssl,
679  int (*f_recv)(void *, unsigned char *, size_t), void *p_recv,
680  int (*f_send)(void *, const unsigned char *, size_t), void *p_send );
681 
720  int (*f_get_cache)(void *, ssl_session *), void *p_get_cache,
721  int (*f_set_cache)(void *, const ssl_session *), void *p_set_cache );
722 
735 void ssl_set_session( ssl_context *ssl, const ssl_session *session );
736 
745 void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites );
746 
762  const int *ciphersuites,
763  int major, int minor );
764 
773 void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
774  x509_crl *ca_crl, const char *peer_cn );
775 
787 void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
788  rsa_context *rsa_key );
789 
809 void ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert,
810  void *rsa_key,
811  rsa_decrypt_func rsa_decrypt,
812  rsa_sign_func rsa_sign,
813  rsa_key_len_func rsa_key_len );
814 
815 #if defined(POLARSSL_DHM_C)
816 
827 int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G );
828 
838 int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx );
839 #endif
840 
851 int ssl_set_hostname( ssl_context *ssl, const char *hostname );
852 
872 void ssl_set_sni( ssl_context *ssl,
873  int (*f_sni)(void *, ssl_context *, const unsigned char *,
874  size_t),
875  void *p_sni );
876 
886 void ssl_set_max_version( ssl_context *ssl, int major, int minor );
887 
888 
899 void ssl_set_min_version( ssl_context *ssl, int major, int minor );
900 
914 void ssl_set_renegotiation( ssl_context *ssl, int renegotiation );
915 
943 void ssl_legacy_renegotiation( ssl_context *ssl, int allow_legacy );
944 
952 size_t ssl_get_bytes_avail( const ssl_context *ssl );
953 
965 int ssl_get_verify_result( const ssl_context *ssl );
966 
974 const char *ssl_get_ciphersuite( const ssl_context *ssl );
975 
983 const char *ssl_get_version( const ssl_context *ssl );
984 
999 const x509_cert *ssl_get_peer_cert( const ssl_context *ssl );
1000 
1009 int ssl_handshake( ssl_context *ssl );
1010 
1023 int ssl_handshake_step( ssl_context *ssl );
1024 
1032 int ssl_renegotiate( ssl_context *ssl );
1033 
1044 int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len );
1045 
1060 int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len );
1061 
1073  unsigned char level,
1074  unsigned char message );
1080 int ssl_close_notify( ssl_context *ssl );
1081 
1087 void ssl_free( ssl_context *ssl );
1088 
1095 void ssl_session_free( ssl_session *session );
1096 
1103 void ssl_transform_free( ssl_transform *transform );
1104 
1111 void ssl_handshake_free( ssl_handshake_params *handshake );
1112 
1113 /*
1114  * Internal functions (do not call directly)
1115  */
1118 void ssl_handshake_wrapup( ssl_context *ssl );
1119 
1121 
1122 int ssl_derive_keys( ssl_context *ssl );
1123 
1124 int ssl_read_record( ssl_context *ssl );
1129 int ssl_fetch_input( ssl_context *ssl, size_t nb_want );
1130 
1131 int ssl_write_record( ssl_context *ssl );
1132 int ssl_flush_output( ssl_context *ssl );
1133 
1136 
1139 
1140 int ssl_parse_finished( ssl_context *ssl );
1141 int ssl_write_finished( ssl_context *ssl );
1142 
1143 void ssl_optimize_checksum( ssl_context *ssl, int ciphersuite );
1144 int ssl_get_ciphersuite_min_version( const int ciphersuite_id );
1145 
1146 /* constant-time buffer comparison */
1147 static inline int safer_memcmp( const void *a, const void *b, size_t n )
1148 {
1149  size_t i;
1150  const unsigned char *A = (const unsigned char *) a;
1151  const unsigned char *B = (const unsigned char *) b;
1152  unsigned char diff = 0;
1153 
1154  for( i = 0; i < n; i++ )
1155  diff |= A[i] ^ B[i];
1156 
1157  return( diff );
1158 }
1159 
1160 #ifdef __cplusplus
1161 }
1162 #endif
1163 
1164 #endif /* ssl.h */
unsigned char * hostname
Definition: ssl.h:516
ssl_session * session_in
Definition: ssl.h:442
size_t length
Definition: ssl.h:323
void * p_set_cache
Definition: ssl.h:435
int ciphersuite
Definition: ssl.h:321
size_t in_hslen
Definition: ssl.h:470
int ssl_send_alert_message(ssl_context *ssl, unsigned char level, unsigned char message)
Send an alert message.
void(* f_dbg)(void *, int, const char *)
Definition: ssl.h:421
int(* f_rng)(void *, unsigned char *, size_t)
Definition: ssl.h:420
SHA-256 context structure.
Definition: sha2.h:50
size_t ivlen
Definition: ssl.h:340
int major_ver
Definition: ssl.h:409
void(* update_checksum)(ssl_context *, unsigned char *, size_t)
Definition: ssl.h:385
int(* tls_prf)(unsigned char *, size_t, char *, unsigned char *, size_t, unsigned char *, size_t)
Definition: ssl.h:388
SHA-1 context structure.
Definition: sha1.h:50
sha1_context fin_sha1
Definition: ssl.h:381
int compression
Definition: ssl.h:322
Network communication functions.
const int ** ciphersuites
Definition: ssl.h:506
int state
Definition: ssl.h:406
const char * peer_cn
Definition: ssl.h:495
#define POLARSSL_MPI_MAX_SIZE
Maximum number of bytes for usable MPIs.
Definition: bignum.h:87
unsigned char master[48]
Definition: ssl.h:325
char peer_verify_data[36]
Definition: ssl.h:526
void ssl_set_own_cert(ssl_context *ssl, x509_cert *own_cert, rsa_context *rsa_key)
Set own certificate chain and private key.
ssl_transform * transform_out
Definition: ssl.h:454
int ssl_get_ciphersuite_min_version(const int ciphersuite_id)
int(* f_sni)(void *, ssl_context *, const unsigned char *, size_t)
Definition: ssl.h:427
int nb_zero
Definition: ssl.h:471
void(* calc_verify)(ssl_context *, unsigned char *)
Definition: ssl.h:386
DHM context structure.
Definition: dhm.h:136
x509_cert * peer_cert
Definition: ssl.h:326
void ssl_set_verify(ssl_context *ssl, int(*f_vrfy)(void *, x509_cert *, int, int *), void *p_vrfy)
Set the verification callback (Optional).
ssl_session * session_negotiate
Definition: ssl.h:445
x509_cert * ca_chain
Definition: ssl.h:493
ssl_session * session
Definition: ssl.h:444
void ssl_legacy_renegotiation(ssl_context *ssl, int allow_legacy)
Prevent or allow legacy renegotiation.
int ssl_parse_certificate(ssl_context *ssl)
void ssl_set_dbg(ssl_context *ssl, void(*f_dbg)(void *, int, const char *), void *p_dbg)
Set the debug callback.
void ssl_set_own_cert_alt(ssl_context *ssl, x509_cert *own_cert, void *rsa_key, rsa_decrypt_func rsa_decrypt, rsa_sign_func rsa_sign, rsa_key_len_func rsa_key_len)
Set own certificate and alternate non-PolarSSL private key and handling callbacks, such as the PKCS#11 wrappers or any other external private key handler.
unsigned char iv_enc[16]
Definition: ssl.h:344
size_t out_msglen
Definition: ssl.h:481
ssl_transform * transform_in
Definition: ssl.h:453
int ssl_parse_finished(ssl_context *ssl)
void * p_rng
Definition: ssl.h:429
rsa_sign_func rsa_sign
Definition: ssl.h:489
mpi dhm_P
Definition: ssl.h:509
ssl_states
Definition: ssl.h:288
void ssl_session_free(ssl_session *session)
Free referenced items in an SSL session including the peer certificate and clear memory.
int ssl_write_finished(ssl_context *ssl)
Configuration options (set of defines)
ssl_transform * transform
Definition: ssl.h:455
unsigned char * out_ctr
Definition: ssl.h:476
void ssl_handshake_wrapup(ssl_context *ssl)
char own_verify_data[36]
Definition: ssl.h:525
int(* f_send)(void *, const unsigned char *, size_t)
Definition: ssl.h:423
size_t in_msglen
Definition: ssl.h:467
int ssl_set_dh_param_ctx(ssl_context *ssl, dhm_context *dhm_ctx)
Set the Diffie-Hellman public P and G values, read from existing context (server-side only) ...
unsigned char * in_hdr
Definition: ssl.h:462
int secure_renegotiation
Definition: ssl.h:522
time_t start
Definition: ssl.h:320
MPI structure.
Definition: bignum.h:164
int(* rsa_decrypt_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Definition: ssl.h:274
Container for an X.509 certificate.
Definition: x509.h:291
int ssl_handshake_server_step(ssl_context *ssl)
void * p_vrfy
Definition: ssl.h:433
void ssl_set_max_version(ssl_context *ssl, int major, int minor)
Set the maximum supported version sent from the client side.
void * p_recv
Definition: ssl.h:431
const int ssl_default_ciphersuites[]
void ssl_set_ciphersuites_for_version(ssl_context *ssl, const int *ciphersuites, int major, int minor)
Set the list of allowed ciphersuites for a specific version of the protocol.
int ssl_init(ssl_context *ssl)
Initialize an SSL context.
int max_major_ver
Definition: ssl.h:412
int ssl_get_ciphersuite_id(const char *ciphersuite_name)
Return the ID of the ciphersuite associated with the given name.
unsigned int keylen
Definition: ssl.h:338
int max_minor_ver
Definition: ssl.h:413
unsigned char premaster[POLARSSL_MPI_MAX_SIZE]
Definition: ssl.h:395
void * p_hw_data
Definition: ssl.h:437
unsigned char * in_ctr
Definition: ssl.h:461
ssl_handshake_params * handshake
Definition: ssl.h:447
size_t fixed_ivlen
Definition: ssl.h:341
int ssl_write_certificate(ssl_context *ssl)
size_t(* rsa_key_len_func)(void *ctx)
Definition: ssl.h:283
RSA context structure.
Definition: rsa.h:135
SHA-384 and SHA-512 cryptographic hash function.
rsa_key_len_func rsa_key_len
Definition: ssl.h:490
int in_msgtype
Definition: ssl.h:466
size_t verify_data_len
Definition: ssl.h:524
const char * ssl_get_ciphersuite(const ssl_context *ssl)
Return the name of the current ciphersuite.
mpi dhm_G
Definition: ssl.h:510
const char * ssl_get_version(const ssl_context *ssl)
Return the current SSL version (SSLv3/TLSv1/etc)
void ssl_set_renegotiation(ssl_context *ssl, int renegotiation)
Enable / Disable renegotiation support for connection when initiated by peer (Default: SSL_RENEGOTIAT...
int min_minor_ver
Definition: ssl.h:415
unsigned char * out_msg
Definition: ssl.h:478
sha2_context fin_sha2
Definition: ssl.h:382
SHA-224 and SHA-256 cryptographic hash function.
int client_auth
Definition: ssl.h:502
void * p_dbg
Definition: ssl.h:430
void * p_send
Definition: ssl.h:432
x509_crl * ca_crl
Definition: ssl.h:494
sha4_context fin_sha4
Definition: ssl.h:383
int ssl_handshake_client_step(ssl_context *ssl)
size_t maclen
Definition: ssl.h:342
unsigned char * out_hdr
Definition: ssl.h:477
int(* f_vrfy)(void *, x509_cert *, int, int *)
Definition: ssl.h:424
void ssl_set_endpoint(ssl_context *ssl, int endpoint)
Set the current endpoint type.
void ssl_set_ciphersuites(ssl_context *ssl, const int *ciphersuites)
Set the list of allowed ciphersuites (Default: ssl_default_ciphersuites) (Overrides all version speci...
void ssl_set_rng(ssl_context *ssl, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Set the random number generator callback.
void * p_get_cache
Definition: ssl.h:434
void ssl_set_bio(ssl_context *ssl, int(*f_recv)(void *, unsigned char *, size_t), void *p_recv, int(*f_send)(void *, const unsigned char *, size_t), void *p_send)
Set the underlying BIO read and write callbacks.
void ssl_free(ssl_context *ssl)
Free referenced items in an SSL context and clear memory.
int(* rsa_sign_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, int hash_id, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Definition: ssl.h:279
void ssl_handshake_free(ssl_handshake_params *handshake)
Free referenced items in an SSL handshake context and clear memory.
int authmode
Definition: ssl.h:501
int ssl_flush_output(ssl_context *ssl)
int ssl_handshake(ssl_context *ssl)
Perform the SSL handshake.
unsigned char * in_offt
Definition: ssl.h:464
rsa_decrypt_func rsa_decrypt
Definition: ssl.h:488
void ssl_set_min_version(ssl_context *ssl, int major, int minor)
Set the minimum accepted SSL/TLS protocol version (Default: SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0)...
Diffie-Hellman-Merkle key exchange.
unsigned char * in_msg
Definition: ssl.h:463
void ssl_set_session(ssl_context *ssl, const ssl_session *session)
Request resumption of session (client-side only) Session data is copied from presented session struct...
int ssl_set_hostname(ssl_context *ssl, const char *hostname)
Set hostname for ServerName TLS extension (client-side only)
int ssl_handshake_step(ssl_context *ssl)
Perform a single step of the SSL handshake.
MD5 context structure.
Definition: md5.h:50
unsigned char mac_dec[32]
Definition: ssl.h:348
unsigned char iv_dec[16]
Definition: ssl.h:345
X.509 certificate and private key decoding.
int ssl_parse_change_cipher_spec(ssl_context *ssl)
size_t hostname_len
Definition: ssl.h:517
int minor_ver
Definition: ssl.h:410
int ssl_close_notify(ssl_context *ssl)
Notify the peer that the connection is being closed.
void ssl_set_session_cache(ssl_context *ssl, int(*f_get_cache)(void *, ssl_session *), void *p_get_cache, int(*f_set_cache)(void *, const ssl_session *), void *p_set_cache)
Set the session cache callbacks (server-side only) If not set, no session resuming is done...
size_t ssl_get_bytes_avail(const ssl_context *ssl)
Return the number of data bytes available to read.
size_t in_left
Definition: ssl.h:468
int allow_legacy_renegotiation
Definition: ssl.h:505
ssl_session * session_out
Definition: ssl.h:443
The RSA public-key cryptosystem.
void(* calc_finished)(ssl_context *, unsigned char *, int)
Definition: ssl.h:387
int ssl_read_record(ssl_context *ssl)
int ssl_set_dh_param(ssl_context *ssl, const char *dhm_P, const char *dhm_G)
Set the Diffie-Hellman public P and G values, read as hexadecimal strings (server-side only) (Default...
int out_msgtype
Definition: ssl.h:480
uint32_t ctx_enc[136]
Definition: ssl.h:350
size_t out_left
Definition: ssl.h:482
SHA-1 cryptographic hash function.
unsigned char mac_enc[32]
Definition: ssl.h:347
int ssl_get_verify_result(const ssl_context *ssl)
Return the result of the certificate verification.
int ssl_session_reset(ssl_context *ssl)
Reset an already initialized SSL context for re-use while retaining application-set variables...
x509_cert * own_cert
Definition: ssl.h:492
int min_major_ver
Definition: ssl.h:414
Certificate revocation list structure.
Definition: x509.h:357
ssl_transform * transform_negotiate
Definition: ssl.h:456
SHA-512 context structure.
Definition: sha4.h:51
int disable_renegotiation
Definition: ssl.h:504
int verify_result
Definition: ssl.h:503
int ssl_write_change_cipher_spec(ssl_context *ssl)
int(* f_get_cache)(void *, ssl_session *)
Definition: ssl.h:425
int ssl_derive_keys(ssl_context *ssl)
void * rsa_key
Definition: ssl.h:487
void ssl_set_authmode(ssl_context *ssl, int authmode)
Set the certificate verification mode.
int(* f_set_cache)(void *, const ssl_session *)
Definition: ssl.h:426
void ssl_set_ca_chain(ssl_context *ssl, x509_cert *ca_chain, x509_crl *ca_crl, const char *peer_cn)
Set the data required to verify peer certificate.
int renegotiation
Definition: ssl.h:407
dhm_context dhm_ctx
Definition: ssl.h:374
static int safer_memcmp(const void *a, const void *b, size_t n)
Definition: ssl.h:1147
void ssl_optimize_checksum(ssl_context *ssl, int ciphersuite)
int ssl_send_fatal_handshake_failure(ssl_context *ssl)
size_t minlen
Definition: ssl.h:339
int ssl_read(ssl_context *ssl, unsigned char *buf, size_t len)
Read at most 'len' application data bytes.
void ssl_transform_free(ssl_transform *transform)
Free referenced items in an SSL transform context and clear memory.
static const int * ssl_list_ciphersuites(void)
Returns the list of ciphersuites supported by the SSL/TLS module.
Definition: ssl.h:552
const char * ssl_get_ciphersuite_name(const int ciphersuite_id)
Return the name of the ciphersuite associated with the given ID.
MD5 message digest algorithm (hash function)
uint32_t ctx_dec[136]
Definition: ssl.h:351
int ssl_renegotiate(ssl_context *ssl)
Perform an SSL renegotiation on the running connection.
int(* f_recv)(void *, unsigned char *, size_t)
Definition: ssl.h:422
int ssl_write(ssl_context *ssl, const unsigned char *buf, size_t len)
Write exactly 'len' application data bytes.
md5_context fin_md5
Definition: ssl.h:380
int endpoint
Definition: ssl.h:500
void ssl_set_sni(ssl_context *ssl, int(*f_sni)(void *, ssl_context *, const unsigned char *, size_t), void *p_sni)
Set server side ServerName TLS extension callback (optional, server-side only).
int ssl_fetch_input(ssl_context *ssl, size_t nb_want)
int ssl_write_record(ssl_context *ssl)
const x509_cert * ssl_get_peer_cert(const ssl_context *ssl)
Return the peer certificate from the current connection.
unsigned char randbytes[64]
Definition: ssl.h:394
void * p_sni
Definition: ssl.h:436