1 /**************************************************************************/ 2 /* */ 3 /* Copyright (c) Microsoft Corporation. All rights reserved. */ 4 /* */ 5 /* This software is licensed under the Microsoft Software License */ 6 /* Terms for Microsoft Azure RTOS. Full text of the license can be */ 7 /* found in the LICENSE file at https://aka.ms/AzureRTOS_EULA */ 8 /* and in the root directory of this software. */ 9 /* */ 10 /**************************************************************************/ 11 12 13 /**************************************************************************/ 14 /**************************************************************************/ 15 /** */ 16 /** NetX Secure Component */ 17 /** */ 18 /** Transport Layer Security (TLS) */ 19 /** */ 20 /**************************************************************************/ 21 /**************************************************************************/ 22 23 24 /**************************************************************************/ 25 /* */ 26 /* COMPONENT DEFINITION RELEASE */ 27 /* */ 28 /* nx_secure_tls.h PORTABLE C */ 29 /* 6.2.0 */ 30 /* AUTHOR */ 31 /* */ 32 /* Timothy Stapko, Microsoft Corporation */ 33 /* */ 34 /* DESCRIPTION */ 35 /* */ 36 /* This file defines all service prototypes and data structure */ 37 /* definitions for TLS implementation. */ 38 /* */ 39 /* RELEASE HISTORY */ 40 /* */ 41 /* DATE NAME DESCRIPTION */ 42 /* */ 43 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */ 44 /* 09-30-2020 Timothy Stapko Modified comment(s), and */ 45 /* fixed race condition for */ 46 /* multithread transmission, */ 47 /* supported chained packet, */ 48 /* priority ciphersuite and ECC*/ 49 /* curve logic, updated product*/ 50 /* constants, fixed compiler */ 51 /* warning, fixed renegotiation*/ 52 /* bug, fixed certificate */ 53 /* buffer allocation, */ 54 /* resulting in version 6.1 */ 55 /* 12-31-2020 Timothy Stapko Modified comment(s), */ 56 /* updated product constants, */ 57 /* improved buffer length */ 58 /* verification, */ 59 /* resulting in version 6.1.3 */ 60 /* 02-02-2021 Timothy Stapko Modified comment(s), added */ 61 /* support for fragmented TLS */ 62 /* Handshake messages, */ 63 /* resulting in version 6.1.4 */ 64 /* 03-02-2021 Yuxin Zhou Modified comment(s), and */ 65 /* updated product constants, */ 66 /* resulting in version 6.1.5 */ 67 /* 04-02-2021 Yuxin Zhou Modified comment(s), and */ 68 /* updated product constants, */ 69 /* resulting in version 6.1.6 */ 70 /* 06-02-2021 Yuxin Zhou Modified comment(s), and */ 71 /* updated product constants, */ 72 /* resulting in version 6.1.7 */ 73 /* 08-02-2021 Timothy Stapko Modified comment(s), added */ 74 /* hash clone and cleanup, */ 75 /* added state to cleanup */ 76 /* session cipher, */ 77 /* resulting in version 6.1.8 */ 78 /* 10-15-2021 Timothy Stapko Modified comment(s), added */ 79 /* support to disable client */ 80 /* initiated renegotiation, */ 81 /* resulting in version 6.1.9 */ 82 /* 01-31-2022 Yuxin Zhou Modified comment(s), and */ 83 /* updated product constants, */ 84 /* resulting in version 6.1.10 */ 85 /* 04-25-2022 Yuxin Zhou Modified comment(s), and */ 86 /* enabled AEAD for TLS 1.3, */ 87 /* resulting in version 6.1.11 */ 88 /* 07-29-2022 Yuxin Zhou Modified comment(s), and */ 89 /* updated product constants, */ 90 /* fixed compiler errors when */ 91 /* TX_SAFETY_CRITICAL is */ 92 /* enabled, increased default */ 93 /* pre-master sec size for PSK,*/ 94 /* updated alert message for */ 95 /* downgrade protection, */ 96 /* resulting in version 6.1.12 */ 97 /* 10-31-2022 Yanwu Cai Modified comment(s), and added*/ 98 /* custom secret generation, */ 99 /* fixed renegotiation when */ 100 /* receiving in non-block mode,*/ 101 /* added function to set packet*/ 102 /* pool, */ 103 /* resulting in version 6.2.0 */ 104 /* */ 105 /**************************************************************************/ 106 107 #ifndef SRC_NX_SECURE_TLS_H_ 108 #define SRC_NX_SECURE_TLS_H_ 109 110 /* Determine if a C++ compiler is being used. If so, ensure that standard 111 C is used to process the API information. */ 112 #ifdef __cplusplus 113 114 /* Yes, C++ compiler is present. Use standard C. */ 115 extern "C" { 116 117 #endif 118 119 #ifdef ECLIPSE_TEST 120 #define __REV16(x) x 121 #endif 122 123 /* Include the ThreadX and port-specific data type file. */ 124 #include "tx_port.h" 125 126 #ifdef NX_SECURE_SOURCE_CODE 127 #ifndef TX_SAFETY_CRITICAL 128 #ifndef TX_DISABLE_ERROR_CHECKING 129 #define TX_DISABLE_ERROR_CHECKING 130 #endif 131 #endif 132 #ifndef NX_DISABLE_ERROR_CHECKING 133 #define NX_DISABLE_ERROR_CHECKING 134 #endif 135 #endif 136 137 #include "nx_api.h" 138 #include "nx_secure_port.h" 139 #include "nx_crypto.h" 140 141 /* Enable ECC by default. */ 142 #ifndef NX_SECURE_DISABLE_ECC_CIPHERSUITE 143 #ifndef NX_SECURE_ENABLE_ECC_CIPHERSUITE 144 #define NX_SECURE_ENABLE_ECC_CIPHERSUITE 145 #endif 146 #else 147 #undef NX_SECURE_ENABLE_ECC_CIPHERSUITE 148 #endif 149 150 #include "nx_secure_x509.h" 151 152 #if defined(NX_SECURE_TLS_ENABLE_TLS_1_3) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) 153 #ifndef NX_SECURE_ENABLE_AEAD_CIPHER 154 #define NX_SECURE_ENABLE_AEAD_CIPHER 155 #endif /* NX_SECURE_ENABLE_AEAD_CIPHER */ 156 #endif 157 #ifndef NX_SECURE_AEAD_CIPHER_CHECK 158 #define NX_SECURE_AEAD_CIPHER_CHECK(a) NX_FALSE 159 #endif /* NX_SECURE_AEAD_CIPHER_CHECK */ 160 161 /* ID is used to determine if a TLS session has been initialized. */ 162 #define NX_SECURE_TLS_ID ((ULONG)0x544c5320) 163 164 #define AZURE_RTOS_NETX_SECURE 165 #define NETX_SECURE_MAJOR_VERSION 6 166 #define NETX_SECURE_MINOR_VERSION 2 167 #define NETX_SECURE_PATCH_VERSION 0 168 169 /* The following symbols are defined for backward compatibility reasons. */ 170 #define EL_PRODUCT_NETX_SECURE 171 #define __PRODUCT_NETX_SECURE__ 172 #define __NETX_SECURE_MAJOR_VERSION__ NETX_SECURE_MAJOR_VERSION 173 #define __NETX_SECURE_MINOR_VERSION__ NETX_SECURE_MINOR_VERSION 174 #define __NETX_SECURE_SERVICE_PACK_VERSION__ NETX_SECURE_PATCH_VERSION 175 #define NETX_SECURE_SERVICE_PACK_VERSION NETX_SECURE_PATCH_VERSION 176 177 /* Define memcpy, memset and memcmp functions used internal. */ 178 #ifndef NX_SECURE_MEMCPY 179 #define NX_SECURE_MEMCPY memcpy 180 #endif /* NX_SECURE_MEMCPY */ 181 182 #ifndef NX_SECURE_MEMCMP 183 #define NX_SECURE_MEMCMP memcmp 184 #endif /* NX_SECURE_MEMCMP */ 185 186 #ifndef NX_SECURE_MEMSET 187 #define NX_SECURE_MEMSET memset 188 #endif /* NX_SECURE_MEMSET */ 189 190 #ifndef NX_SECURE_MEMMOVE 191 #define NX_SECURE_MEMMOVE memmove 192 #endif /* NX_SECURE_MEMMOVE */ 193 194 #ifndef NX_SECURE_HASH_METADATA_CLONE 195 #define NX_SECURE_HASH_METADATA_CLONE NX_SECURE_MEMCPY 196 #endif /* NX_SECURE_HASH_METADATA_CLONE */ 197 198 #ifndef NX_SECURE_HASH_CLONE_CLEANUP 199 #define NX_SECURE_HASH_CLONE_CLEANUP(x, y) 200 #endif /* NX_SECURE_HASH_CLONE_CLEANUP */ 201 202 /* Map NX_SECURE_CALLER_CHECKING_EXTERNS to NX_CALLER_CHECKING_EXTERNS, which is defined 203 in nx_port.h.*/ 204 205 #define NX_SECURE_CALLER_CHECKING_EXTERNS NX_CALLER_CHECKING_EXTERNS 206 207 /* Configuration macros - define these to disable TLS client or server. 208 #define NX_SECURE_TLS_SERVER_DISABLED 209 #define NX_SECURE_TLS_CLIENT_DISABLED 210 */ 211 212 /* Configuration macro: allow self-signed certificates to be used to identify a remote host. */ 213 /* #define NX_SECURE_ALLOW_SELF_SIGNED_CERTIFICATES */ 214 215 /* Configuration macro: disable secure session renegotiation extension (RFC 5746). 216 #define NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION 217 */ 218 /* Configuration macro: terminate the connection immediately upon failure to receive the 219 secure renegotiation extension during the initial handshake. 220 #define NX_SECURE_TLS_REQUIRE_RENEGOTIATION_EXT 221 */ 222 223 /* API return values. */ 224 225 #define NX_SECURE_TLS_SUCCESS 0x00 /* Function returned successfully. */ 226 #define NX_SECURE_TLS_SESSION_UNINITIALIZED 0x101 /* TLS main loop called with uninitialized socket. */ 227 #define NX_SECURE_TLS_UNRECOGNIZED_MESSAGE_TYPE 0x102 /* TLS record layer received an unrecognized message type. */ 228 #define NX_SECURE_TLS_INVALID_STATE 0x103 /* Internal error - state not recognized. */ 229 #define NX_SECURE_TLS_INVALID_PACKET 0x104 /* Internal error - received packet did not contain TLS data. */ 230 #define NX_SECURE_TLS_UNKNOWN_CIPHERSUITE 0x105 /* The chosen ciphersuite is not supported - internal error for server, 231 for client it means the remote host sent a bad ciphersuite (error or attack). */ 232 #define NX_SECURE_TLS_UNSUPPORTED_CIPHER 0x106 /* In doing an encryption or decryption, the chosen cipher is disabled or unavailable. */ 233 #define NX_SECURE_TLS_HANDSHAKE_FAILURE 0x107 /* Something in message processing during the handshake has failed. */ 234 #define NX_SECURE_TLS_HASH_MAC_VERIFY_FAILURE 0x108 /* An incoming record had a MAC that did not match the one we generated. */ 235 #define NX_SECURE_TLS_TCP_SEND_FAILED 0x109 /* The outgoing TCP send of a record failed for some reason. */ 236 #define NX_SECURE_TLS_INCORRECT_MESSAGE_LENGTH 0x10A /* An incoming message had a length that was incorrect (usually a length other 237 than one in the header, as in certificate messages) */ 238 #define NX_SECURE_TLS_BAD_CIPHERSPEC 0x10B /* An incoming ChangeCipherSpec message was incorrect. */ 239 #define NX_SECURE_TLS_INVALID_SERVER_CERT 0x10C /* An incoming server certificate did not parse correctly. */ 240 #define NX_SECURE_TLS_UNSUPPORTED_PUBLIC_CIPHER 0x10D /* A certificate provided by a server specified a public-key operation we do not support. */ 241 #define NX_SECURE_TLS_NO_SUPPORTED_CIPHERS 0x10E /* Received a ClientHello with no supported ciphersuites. */ 242 #define NX_SECURE_TLS_UNKNOWN_TLS_VERSION 0x10F /* An incoming record had a TLS version that isn't recognized. */ 243 #define NX_SECURE_TLS_UNSUPPORTED_TLS_VERSION 0x110 /* An incoming record had a valid TLS version, but one that isn't supported. */ 244 #define NX_SECURE_TLS_ALLOCATE_PACKET_FAILED 0x111 /* An internal packet allocation for a TLS message failed. */ 245 #define NX_SECURE_TLS_INVALID_CERTIFICATE 0x112 /* An X509 certificate did not parse correctly. */ 246 #define NX_SECURE_TLS_NO_CLOSE_RESPONSE 0x113 /* During a TLS session close, did not receive a CloseNotify from the remote host. */ 247 #define NX_SECURE_TLS_ALERT_RECEIVED 0x114 /* The remote host sent an alert, indicating an error and closing the connection. */ 248 #define NX_SECURE_TLS_FINISHED_HASH_FAILURE 0x115 /* The Finish message hash received does not match the local generated hash - handshake corruption. */ 249 #define NX_SECURE_TLS_UNKNOWN_CERT_SIG_ALGORITHM 0x116 /* A certificate during verification had an unsupported signature algorithm. */ 250 #define NX_SECURE_TLS_CERTIFICATE_SIG_CHECK_FAILED 0x117 /* A certificate signature verification check failed - certificate data did not match signature. */ 251 #define NX_SECURE_TLS_BAD_COMPRESSION_METHOD 0x118 /* Received a Hello message with an unsupported compression method. */ 252 #define NX_SECURE_TLS_CERTIFICATE_NOT_FOUND 0x119 /* In an operation on a certificate list, no matching certificate was found. */ 253 #define NX_SECURE_TLS_INVALID_SELF_SIGNED_CERT 0x11A /* The remote host sent a self-signed certificate and NX_SECURE_ALLOW_SELF_SIGNED_CERTIFICATES is not defined. */ 254 #define NX_SECURE_TLS_ISSUER_CERTIFICATE_NOT_FOUND 0x11B /* A remote certificate was received with an issuer not in the local trusted store. */ 255 #define NX_SECURE_TLS_OUT_OF_ORDER_MESSAGE 0x11C /* A DTLS message was received in the wrong order - a dropped datagram is the likely culprit. */ 256 #define NX_SECURE_TLS_INVALID_REMOTE_HOST 0x11D /* A packet was received from a remote host that we do not recognize. */ 257 #define NX_SECURE_TLS_INVALID_EPOCH 0x11E /* A DTLS message was received and matched to a DTLS session but it had the wrong epoch and should be ignored. */ 258 #define NX_SECURE_TLS_REPEAT_MESSAGE_RECEIVED 0x11F /* A DTLS message was received with a sequence number we have already seen, ignore it. */ 259 #define NX_SECURE_TLS_NEED_DTLS_SESSION 0x120 /* A TLS session was used in a DTLS API that was not initialized for DTLS. */ 260 #define NX_SECURE_TLS_NEED_TLS_SESSION 0x121 /* A TLS session was used in a TLS API that was initialized for DTLS and not TLS. */ 261 #define NX_SECURE_TLS_SEND_ADDRESS_MISMATCH 0x122 /* Caller attempted to send data over a DTLS session with an IP address or port that did not match the session. */ 262 #define NX_SECURE_TLS_NO_FREE_DTLS_SESSIONS 0x123 /* A new connection tried to get a DTLS session from the cache, but there were none free. */ 263 #define NX_SECURE_DTLS_SESSION_NOT_FOUND 0x124 /* The caller searched for a DTLS session, but the given IP address and port did not match any entries in the cache. */ 264 #define NX_SECURE_TLS_NO_MORE_PSK_SPACE 0x125 /* The caller attempted to add a PSK to a TLS session but there was no more space in the given session. */ 265 #define NX_SECURE_TLS_NO_MATCHING_PSK 0x126 /* A remote host provided a PSK identity hint that did not match any in our local store. */ 266 #define NX_SECURE_TLS_CLOSE_NOTIFY_RECEIVED 0x127 /* A TLS session received a CloseNotify alert from the remote host indicating the session is complete. */ 267 #define NX_SECURE_TLS_NO_AVAILABLE_SESSIONS 0x128 /* No TLS sessions in a TLS object are available to handle a connection. */ 268 #define NX_SECURE_TLS_NO_CERT_SPACE_ALLOCATED 0x129 /* No certificate space was allocated for incoming remote certificates. */ 269 #define NX_SECURE_TLS_PADDING_CHECK_FAILED 0x12A /* Encryption padding in an incoming message was not correct. */ 270 #define NX_SECURE_TLS_UNSUPPORTED_CERT_SIGN_TYPE 0x12B /* In processing a CertificateVerifyRequest, no supported certificate type was provided by the remote server. */ 271 #define NX_SECURE_TLS_UNSUPPORTED_CERT_SIGN_ALG 0x12C /* In processing a CertificateVerifyRequest, no supported signature algorithm was provided by the remote server. */ 272 #define NX_SECURE_TLS_INSUFFICIENT_CERT_SPACE 0x12D /* Not enough certificate buffer space allocated for a certificate. */ 273 #define NX_SECURE_TLS_PROTOCOL_VERSION_CHANGED 0x12E /* The protocol version in an incoming TLS record did not match the version of the established session. */ 274 #define NX_SECURE_TLS_NO_RENEGOTIATION_ERROR 0x12F /* A HelloRequest message was received, but we are not re-negotiating. */ 275 #define NX_SECURE_TLS_UNSUPPORTED_FEATURE 0x130 /* A feature that was disabled was encountered during a TLS session or handshake. */ 276 #define NX_SECURE_TLS_CERTIFICATE_VERIFY_FAILURE 0x131 /* A CertificateVerify message from a remote Client failed to verify the Client certificate. */ 277 #define NX_SECURE_TLS_EMPTY_REMOTE_CERTIFICATE_RECEIVED 0x132 /* The remote host sent an empty certificate message. */ 278 #define NX_SECURE_TLS_RENEGOTIATION_EXTENSION_ERROR 0x133 /* An error occurred in processing or sending the Secure Renegotiation Indication Extension. */ 279 #define NX_SECURE_TLS_RENEGOTIATION_SESSION_INACTIVE 0x134 /* A server attempted to re-establish a connection that was already closed. */ 280 #define NX_SECURE_TLS_PACKET_BUFFER_TOO_SMALL 0x135 /* A TLS record was received which has a size that exceeds the allocated packet buffer space. */ 281 #define NX_SECURE_TLS_EXTENSION_NOT_FOUND 0x136 /* A TLS extension parsing function did not find the intended extension in the hello extension data. */ 282 #define NX_SECURE_TLS_SNI_EXTENSION_INVALID 0x137 /* Received a ClientHello containing invalid SNI extension data. */ 283 #define NX_SECURE_TLS_CERT_ID_INVALID 0x138 /* Tried to add a certificate with a numeric ID that was invalid (likely 0). */ 284 #define NX_SECURE_TLS_CERT_ID_DUPLICATE 0x139 /* Tried to add a certificate with a numeric ID that was already used - needs to be unique. */ 285 #define NX_SECURE_TLS_RENEGOTIATION_FAILURE 0x13A /* Attempted a renegotiation with a remote host that did not supply the SCSV or renegotiation extension. */ 286 #define NX_SECURE_TLS_MISSING_CRYPTO_ROUTINE 0x13B /* In attempting to perform a cryptographic operation, an entry in the ciphersuite table (or one of its function pointers) was NULL. */ 287 #define NX_SECURE_TLS_EMPTY_EC_GROUP 0x13C /* ECC ciphersuite is set but no supported EC group. */ 288 #define NX_SECURE_TLS_EMPTY_EC_POINT_FORMAT 0x13D /* ECC ciphersuite is set but no supported EC point format. */ 289 #define NX_SECURE_TLS_BAD_SERVERHELLO_KEYSHARE 0x13E /* In a TLS 1.3 KeyShare extension from a remote server, the server provided something we didn't expect. */ 290 #define NX_SECURE_TLS_INSUFFICIENT_METADATA_SPACE 0x13F /* The application-supplied "metadata" for TLS cryptographic routines was too small. */ 291 #define NX_SECURE_TLS_POST_HANDSHAKE_RECEIVED 0x140 /* Not an error, but an indication to continue processing until application data is received. */ 292 #define NX_SECURE_TLS_BAD_CLIENTHELLO_KEYSHARE 0x141 /* In a TLS 1.3 KeyShare extension from a remote client, the client provided something we didn't expect. */ 293 #define NX_SECURE_TLS_1_3_UNKNOWN_CIPHERSUITE 0x142 /* Received unknown ciphersuite when using TLS 1.3. */ 294 #define NX_SECURE_TLS_INVALID_SESSION_TICKET 0x143 /* Received a NewSessionTicket message with improper or invalid parameters. */ 295 #define NX_SECURE_TLS_MISSING_EXTENSION 0x144 /* Specific extension is missed in the message. */ 296 #define NX_SECURE_TLS_CERTIFICATE_REQUIRED 0x145 /* Server receive empty certificate. */ 297 #define NX_SECURE_TLS_UNEXPECTED_CLIENTHELLO 0x146 /* TLS 1.3 Server receive ClientHello for renegotiation. */ 298 #define NX_SECURE_TLS_INAPPROPRIATE_FALLBACK 0x147 /* Remote Client attempted an inappropriate TLS version downgrade. */ 299 #define NX_SECURE_TLS_BAD_CLIENTHELLO_PSK_EXTENSION 0x148 /* In a TLS 1.3 PSK extension from a remote client, the client provided something we didn't expect. */ 300 #define NX_SECURE_TLS_PSK_BINDER_MISMATCH 0x149 /* In a TLS 1.3 PSK extension from a remote client, the client provided a bad PSK binder value. */ 301 #define NX_SECURE_TLS_CRYPTO_KEYS_TOO_LARGE 0x14A /* In attempting to generate TLS session keys, the key buffer was too small - increase NX_SECURE_TLS_KEY_MATERIAL_SIZE. */ 302 #define NX_SECURE_TLS_UNSUPPORTED_ECC_CURVE 0x14B /* The remote host provided a certificate or chose a ciphersuite with an ECC curve that isn't supported. */ 303 #define NX_SECURE_TLS_UNSUPPORTED_ECC_FORMAT 0x14C /* Encountered a curve type or ECC format that is not supported. */ 304 #define NX_SECURE_TLS_UNSUPPORTED_SIGNATURE_ALGORITHM 0x14D /* An unsupported signature algorithm was encountered (used in key exchange or other non-certificate situations). */ 305 #define NX_SECURE_TLS_SIGNATURE_VERIFICATION_ERROR 0x14E /* A signature verification check failed (used in key exchange or other non-cert situations). */ 306 #define NX_SECURE_TLS_UNEXPECTED_MESSAGE 0x14F /* TLS received an unexpected message from the remote host. */ 307 #define NX_SECURE_TLS_AEAD_DECRYPT_FAIL 0x150 /* An incoming record did not pass integrity check with AEAD ciphers. */ 308 #define NX_SECURE_TLS_RECORD_OVERFLOW 0x151 /* Received a TLSCiphertext record that had a length too long. */ 309 #define NX_SECURE_TLS_HANDSHAKE_FRAGMENT_RECEIVED 0x152 /* Received a fragmented handshake message - take appropriate action at a higher level of the state machine. */ 310 #define NX_SECURE_TLS_TRANSMIT_LOCKED 0x153 /* Another thread is transmitting. */ 311 #define NX_SECURE_TLS_DOWNGRADE_DETECTED 0x154 /* Detected an inappropriate TLS version downgrade by TLS 1.3 client. */ 312 313 /* NX_CONTINUE is a symbol defined in NetX Duo 5.10. For backward compatibility, this symbol is defined here */ 314 #if ((__NETXDUO_MAJOR_VERSION__ == 5) && (__NETXDUO_MINOR_VERSION__ == 9)) 315 #define NX_CONTINUE 0x55 316 #endif 317 318 #ifdef NX_SECURE_TLS_SERVER_DISABLED 319 #ifdef NX_SECURE_TLS_CLIENT_DISABLED 320 #error "Must enable either TLS Client or TLS Server!" 321 #endif 322 #endif 323 324 /* Define TLS and DTLS identity */ 325 #define NX_SECURE_TLS 0 326 #define NX_SECURE_DTLS 1 327 328 /* For proper handshake processing, we save off what type of socket we have. 329 * These values represent the possible types. */ 330 #define NX_SECURE_TLS_SESSION_TYPE_NONE 0 /* No socket type assigned yet. Should produce an error if the wrong function is called. */ 331 #define NX_SECURE_TLS_SESSION_TYPE_CLIENT 1 /* Client TLS socket - assigned when nx_secure_tls_client_socket_connect is called. */ 332 #define NX_SECURE_TLS_SESSION_TYPE_SERVER 2 /* Server TLS socket - assigned when nx_secure_tls_server_socket_listen is called. */ 333 334 /* TLS handshake states - Server. */ 335 #define NX_SECURE_TLS_SERVER_STATE_IDLE 0 /* TLS server is waiting for a ClientHello. */ 336 #define NX_SECURE_TLS_SERVER_STATE_ERROR 1 /* TLS server encountered an internal (non-alert) error. */ 337 #define NX_SECURE_TLS_SERVER_STATE_ALERT_SENT 2 /* TLS server encountered an issue and sent an alert to the remote client. */ 338 #define NX_SECURE_TLS_SERVER_STATE_SEND_HELLO 3 /* A ClientHello has been received and we need to respond. */ 339 #define NX_SECURE_TLS_SERVER_STATE_SEND_HELLO_VERIFY 4 /* In DTLS, send a HelloVerifyRequest message back to the client. */ 340 #define NX_SECURE_TLS_SERVER_STATE_HELLO_SENT 5 /* ServerHelloDone response has been sent to client. */ 341 #define NX_SECURE_TLS_SERVER_STATE_CLIENT_CERTIFICATE 6 /* A Client Certificate message has been received. */ 342 #define NX_SECURE_TLS_SERVER_STATE_KEY_EXCHANGE 7 /* Server needs to send a key exchange message. */ 343 #define NX_SECURE_TLS_SERVER_STATE_CERTIFICATE_VERIFY 8 /* A Client CertificateVerify message has been received. */ 344 #define NX_SECURE_TLS_SERVER_STATE_FINISH_HANDSHAKE 9 /* Server received a client Finished message and needs to respond. */ 345 #define NX_SECURE_TLS_SERVER_STATE_HANDSHAKE_FINISHED 10 /* Server has completed the handshake. */ 346 #define NX_SECURE_TLS_SERVER_STATE_HELLO_REQUEST 11 /* A HelloRequest has been sent. */ 347 #define NX_SECURE_TLS_SERVER_STATE_SEND_HELLO_RETRY 12 /* A ClientHello has been received but key_share mismatch. We need to respond HelloRetryRequest. */ 348 349 /* TLS handshake states - Client. */ 350 #define NX_SECURE_TLS_CLIENT_STATE_IDLE 0 /* Client socket is not connected, waiting for connection request from application. */ 351 #define NX_SECURE_TLS_CLIENT_STATE_ERROR 1 /* Client socket has encountered an error (separate from alerts). */ 352 #define NX_SECURE_TLS_CLIENT_STATE_ALERT_SENT 2 /* TLS Client sent an alert to the remote server. */ 353 #define NX_SECURE_TLS_CLIENT_STATE_HELLO_REQUEST 3 /* TLS server sent a hello request, we need to re-negotiate the session. */ 354 #define NX_SECURE_TLS_CLIENT_STATE_HELLO_VERIFY 4 /* A HelloVerifyRequest was received - need to re-send ClientHello (DTLS). */ 355 #define NX_SECURE_TLS_CLIENT_STATE_SERVERHELLO 5 /* A ServerHello has been received. */ 356 #define NX_SECURE_TLS_CLIENT_STATE_SERVER_CERTIFICATE 6 /* A Server Certificate message has been received. */ 357 #define NX_SECURE_TLS_CLIENT_STATE_SERVER_KEY_EXCHANGE 7 /* A ServerKeyExchange message has been received. */ 358 #define NX_SECURE_TLS_CLIENT_STATE_CERTIFICATE_REQUEST 8 /* A Server CertificateRequest message has been received. */ 359 #define NX_SECURE_TLS_CLIENT_STATE_SERVERHELLO_DONE 9 /* A ServerHelloDone message has been received. */ 360 #define NX_SECURE_TLS_CLIENT_STATE_HANDSHAKE_FINISHED 10 /* Client has received a Finished message to end the handshake. */ 361 #define NX_SECURE_TLS_CLIENT_STATE_RENEGOTIATING 11 /* Client is renegotiating a handshake. Only used to kick off a renegotiation. */ 362 #define NX_SECURE_TLS_CLIENT_STATE_ENCRYPTED_EXTENSIONS 12 /* Client received and processed an encrypted extensions handshake message. */ 363 #define NX_SECURE_TLS_CLIENT_STATE_HELLO_RETRY 13 /* A HelloRetryRequest has been received. We need to resend ClientHello. */ 364 365 #define NX_SECURE_TLS_HANDSHAKE_NO_FRAGMENT 0 /* There is no fragmented handshake message. */ 366 #define NX_SECURE_TLS_HANDSHAKE_RECEIVED_FRAGMENT 1 /* Received a fragmented handshake message. */ 367 368 /* TLS Alert message numbers from RFC 5246. */ 369 #define NX_SECURE_TLS_ALERT_CLOSE_NOTIFY 0 370 #define NX_SECURE_TLS_ALERT_UNEXPECTED_MESSAGE 10 371 #define NX_SECURE_TLS_ALERT_BAD_RECORD_MAC 20 372 #define NX_SECURE_TLS_ALERT_DECRYPTION_FAILED_RESERVED 21 373 #define NX_SECURE_TLS_ALERT_RECORD_OVERFLOW 22 374 #define NX_SECURE_TLS_ALERT_DECOMPRESSION_FAILURE 30 375 #define NX_SECURE_TLS_ALERT_HANDSHAKE_FAILURE 40 376 #define NX_SECURE_TLS_ALERT_NO_CERTIFICATE_RESERVED 41 377 #define NX_SECURE_TLS_ALERT_BAD_CERTIFICATE 42 378 #define NX_SECURE_TLS_ALERT_UNSUPPORTED_CERTIFICATE 43 379 #define NX_SECURE_TLS_ALERT_CERTIFICATE_REVOKED 44 380 #define NX_SECURE_TLS_ALERT_CERTIFICATE_EXPIRED 45 381 #define NX_SECURE_TLS_ALERT_CERTIFICATE_UNKNOWN 46 382 #define NX_SECURE_TLS_ALERT_ILLEGAL_PARAMETER 47 383 #define NX_SECURE_TLS_ALERT_UNKNOWN_CA 48 384 #define NX_SECURE_TLS_ALERT_ACCESS_DENIED 49 385 #define NX_SECURE_TLS_ALERT_DECODE_ERROR 50 386 #define NX_SECURE_TLS_ALERT_DECRYPT_ERROR 51 387 #define NX_SECURE_TLS_ALERT_EXPORT_RESTRICTION_RESERVED 60 388 #define NX_SECURE_TLS_ALERT_PROTOCOL_VERSION 70 389 #define NX_SECURE_TLS_ALERT_INSUFFICIENT_SECURITY 71 390 #define NX_SECURE_TLS_ALERT_INTERNAL_ERROR 80 391 #define NX_SECURE_TLS_ALERT_INAPPROPRIATE_FALLBACK 86 392 #define NX_SECURE_TLS_ALERT_USER_CANCELED 90 393 #define NX_SECURE_TLS_ALERT_NO_RENEGOTIATION 100 394 #define NX_SECURE_TLS_ALERT_MISSING_EXTENSION 109 395 #define NX_SECURE_TLS_ALERT_UNSUPPORTED_EXTENSION 110 396 #define NX_SECURE_TLS_ALERT_UNKNOWN_PSK_IDENTITY 115 397 #define NX_SECURE_TLS_ALERT_CERTIFICATE_REQUIRED 116 398 399 /* TLS alert levels. */ 400 #define NX_SECURE_TLS_ALERT_LEVEL_WARNING 0x1 401 #define NX_SECURE_TLS_ALERT_LEVEL_FATAL 0x2 402 403 404 /* TLS protocol versions - TLS version 1.2 has protocol version 3.3 (for legacy reasons). */ 405 #define NX_SECURE_TLS_VERSION_MAJOR_3 0x3 406 #define NX_SECURE_SSL_VERSION_MINOR_3_0 0x0 407 #define NX_SECURE_TLS_VERSION_MINOR_1_0 0x1 408 #define NX_SECURE_TLS_VERSION_MINOR_1_1 0x2 409 #define NX_SECURE_TLS_VERSION_MINOR_1_2 0x3 410 #define NX_SECURE_TLS_VERSION_MINOR_1_3 0x4 411 412 #define NX_SECURE_TLS_VERSION_SSL_3_0 ((NX_SECURE_TLS_VERSION_MAJOR_3 << 8) | NX_SECURE_SSL_VERSION_MINOR_3_0) 413 #define NX_SECURE_TLS_VERSION_TLS_1_0 ((NX_SECURE_TLS_VERSION_MAJOR_3 << 8) | NX_SECURE_TLS_VERSION_MINOR_1_0) 414 #define NX_SECURE_TLS_VERSION_TLS_1_1 ((NX_SECURE_TLS_VERSION_MAJOR_3 << 8) | NX_SECURE_TLS_VERSION_MINOR_1_1) 415 #define NX_SECURE_TLS_VERSION_TLS_1_2 ((NX_SECURE_TLS_VERSION_MAJOR_3 << 8) | NX_SECURE_TLS_VERSION_MINOR_1_2) 416 #define NX_SECURE_TLS_VERSION_TLS_1_3 ((NX_SECURE_TLS_VERSION_MAJOR_3 << 8) | NX_SECURE_TLS_VERSION_MINOR_1_3) 417 418 419 /* The number of TLS versions actually recognized by the NetX Secure TLS stack. */ 420 #define NX_SECURE_TLS_NUM_VERSIONS (4) 421 422 /* Configuration macros for supported TLS versions. */ 423 #ifdef NX_SECURE_TLS_ENABLE_SSL_3_0 424 #define NX_SECURE_TLS_SSL_3_0_ENABLED (1) /* SSLv3 supported. */ 425 #else 426 #define NX_SECURE_TLS_SSL_3_0_ENABLED (0) /* SSLv3 not currently supported. */ 427 #endif 428 429 #ifdef NX_SECURE_TLS_ENABLE_TLS_1_0 430 #define NX_SECURE_TLS_TLS_1_0_ENABLED (1) /* TLS 1.0 supported. */ 431 #else 432 #define NX_SECURE_TLS_TLS_1_0_ENABLED (0) /* TLS 1.0 not currently supported. */ 433 #endif 434 435 #ifdef NX_SECURE_TLS_ENABLE_TLS_1_1 436 #define NX_SECURE_TLS_TLS_1_1_ENABLED (1) /* TLS 1.1 supported. */ 437 #else 438 #define NX_SECURE_TLS_TLS_1_1_ENABLED (0) /* TLS 1.1 not currently supported. */ 439 #endif 440 441 #ifndef NX_SECURE_TLS_TLS_1_2_ENABLED 442 #define NX_SECURE_TLS_TLS_1_2_ENABLED (1) 443 #endif 444 445 #ifdef NX_SECURE_TLS_ENABLE_TLS_1_3 446 #define NX_SECURE_TLS_TLS_1_3_ENABLED (1) 447 #endif 448 449 #ifndef NX_SECURE_TLS_TLS_1_3_ENABLED 450 #define NX_SECURE_TLS_TLS_1_3_ENABLED (0) 451 #endif 452 453 454 /* Define a structure to keep track of which versions of TLS are enabled and supported. */ 455 typedef struct NX_SECURE_TLS_VERSIONS_STRUCT 456 { 457 /* The protocol version in network byte-order format for use in TLS messages. */ 458 USHORT nx_secure_tls_protocol_version; 459 460 /* Flag indicating that the associated TLS protocol version is supported/enabled. */ 461 USHORT nx_secure_tls_is_supported; 462 } NX_SECURE_TLS_VERSIONS; 463 464 /* Define a structure to keep track of supported versions for TLS and DTLS */ 465 typedef struct NX_SECURE_VERSIONS_LIST_STRUCT 466 { 467 const NX_SECURE_TLS_VERSIONS *nx_secure_versions_list; 468 UINT nx_secure_versions_list_count; 469 } NX_SECURE_VERSIONS_LIST; 470 471 472 /* Disambiguation label/id for ciphersuites table. */ 473 #define NX_SECURE_APPLICATION_NONE 0 474 #define NX_SECURE_APPLICATION_TLS 1 475 #define NX_SECURE_APPLICATION_X509 2 476 477 /* Bitfields for TLS versions. */ 478 #define NX_SECURE_TLS_BITFIELD_VERSION_1_0 0x00000001 479 #define NX_SECURE_TLS_BITFIELD_VERSION_1_1 0x00000002 480 #define NX_SECURE_TLS_BITFIELD_VERSION_1_2 0x00000004 481 #define NX_SECURE_TLS_BITFIELD_VERSION_1_3 0x00000008 482 #define NX_SECURE_DTLS_BITFIELD_VERSION_1_0 0x00000010 483 #define NX_SECURE_DTLS_BITFIELD_VERSION_1_2 0x00000020 484 #define NX_SECURE_DTLS_BITFIELD_VERSION_1_3 0x00000040 485 #define NX_SECURE_X509_BITFIELD_VERSION_3 0x00000080 486 487 /* Composite bitfields. */ 488 #define NX_SECURE_TLS_BITFIELD_VERSIONS_PRE_1_3 (NX_SECURE_TLS_BITFIELD_VERSION_1_0 | NX_SECURE_TLS_BITFIELD_VERSION_1_1 | NX_SECURE_TLS_BITFIELD_VERSION_1_2) 489 #define NX_SECURE_DTLS_BITFIELD_VERSIONS_PRE_1_3 (NX_SECURE_DTLS_BITFIELD_VERSION_1_0 | NX_SECURE_DTLS_BITFIELD_VERSION_1_2) 490 #define NX_SECURE_TLS_BITFIELD_VERSIONS_ALL (NX_SECURE_TLS_BITFIELD_VERSIONS_PRE_1_3 | NX_SECURE_DTLS_BITFIELD_VERSIONS_PRE_1_3 | NX_SECURE_TLS_BITFIELD_VERSION_1_3 | NX_SECURE_DTLS_BITFIELD_VERSION_1_3) 491 492 /* TLS ciphersuite definitions. */ 493 #define TLS_NULL_WITH_NULL_NULL 0x0000 494 #define TLS_RSA_WITH_NULL_MD5 0x0001 495 #define TLS_RSA_WITH_NULL_SHA 0x0002 496 #define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F 497 #define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030 498 #define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031 499 #define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032 500 #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033 501 #define TLS_DH_anon_WITH_AES_128_CBC_SHA 0x0034 502 #define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 503 #define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036 504 #define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037 505 #define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038 506 #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039 507 #define TLS_DH_anon_WITH_AES_256_CBC_SHA 0x003A 508 #define TLS_RSA_WITH_AES_128_CBC_SHA256 0x003C 509 #define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003D 510 #define TLS_PSK_WITH_AES_128_CBC_SHA 0x008C 511 #define TLS_PSK_WITH_AES_256_CBC_SHA 0x008D 512 #define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C 513 #define TLS_RSA_WITH_AES_256_GCM_SHA384 0x009D 514 #define TLS_PSK_WITH_AES_128_CBC_SHA256 0x00AE 515 #define TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 516 517 /* EC Ciphersuites. */ 518 #define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 519 #define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 520 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 521 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 522 #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 523 #define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 524 #define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 525 #define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 526 #define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 527 #define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A 528 #define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B 529 #define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C 530 #define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D 531 #define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E 532 #define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F 533 #define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 534 #define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 535 #define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 536 #define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 537 #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 538 #define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 539 #define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 540 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 541 #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 542 #define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 543 #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 544 #define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 545 #define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A 546 #define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B 547 #define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C 548 #define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D 549 #define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E 550 #define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F 551 #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 552 #define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 553 #define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 554 555 #define TLS_AES_128_GCM_SHA256 0x1301 556 #define TLS_AES_256_GCM_SHA384 0x1302 557 #define TLS_AES_128_CCM_SHA256 0x1304 558 #define TLS_AES_128_CCM_8_SHA256 0x1305 559 560 #define TLS_EMPTY_RENEGOTIATION_INFO_SCSV 0x00FF /* Secure renegotiation extension Signalling Ciphersuite Value (SCSV). */ 561 #define TLS_FALLBACK_NOTIFY_SCSV 0x5600 /* TLS version fallback notification SCSV. */ 562 563 /* Cipher and hash methods for look up in determining what methods to use for a particular ciphersuite. */ 564 #define TLS_CIPHER_NULL 0x00 565 #define TLS_CIPHER_AES 0x01 566 #define TLS_CIPHER_RC4 0x02 567 #define TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF 568 569 /* Define the key exchange algorithm for backward compatibility. */ 570 #define TLS_CIPHER_RSA NX_CRYPTO_KEY_EXCHANGE_RSA 571 #define TLS_PUBLIC_AUTH_PSK NX_CRYPTO_KEY_EXCHANGE_PSK 572 #define TLS_PUBLIC_AUTH_ECJPAKE NX_CRYPTO_KEY_EXCHANGE_ECJPAKE 573 #define TLS_PRF_1 NX_CRYPTO_PRF_HMAC_SHA1 /* TLSv1.0/1.1 PRF */ 574 #define TLS_PRF_SHA_256 NX_CRYPTO_PRF_HMAC_SHA2_256 /* TLS PRF, SHA-256 based for TLSv1.2. */ 575 #define TLS_HASH_SHA_1 NX_CRYPTO_HASH_SHA1 576 #define TLS_HASH_SHA_256 NX_CRYPTO_HASH_SHA256 577 #define TLS_HASH_SHA_384 NX_CRYPTO_HASH_SHA384 578 #define TLS_HASH_SHA_512 NX_CRYPTO_HASH_SHA512 579 580 /* Client Certificate Types for Certificate Request messages. 581 Values taken directly from RFC 5246, section 7.4.4. */ 582 #define NX_SECURE_TLS_CERT_TYPE_NONE 0 583 #define NX_SECURE_TLS_CERT_TYPE_RSA_SIGN 1 584 #define NX_SECURE_TLS_CERT_TYPE_DSS_SIGN 2 585 #define NX_SECURE_TLS_CERT_TYPE_RSA_FIXED_DH 3 586 #define NX_SECURE_TLS_CERT_TYPE_DSS_FIXED_DH 4 587 #define NX_SECURE_TLS_CERT_TYPE_RSA_EPHEMERAL_DH 5 588 #define NX_SECURE_TLS_CERT_TYPE_DSS_EPHEMERAL_DH 6 589 #define NX_SECURE_TLS_CERT_TYPE_FORTEZZA_DMS 20 590 /* Values taken directly from RFC 4492, section 5.5. */ 591 #define NX_SECURE_TLS_CERT_TYPE_ECDSA_SIGN 64 592 #define NX_SECURE_TLS_CERT_TYPE_RSA_FIXED_ECDH 65 593 #define NX_SECURE_TLS_CERT_TYPE_ECDSA_FIXED_ECDH 66 594 595 596 /* Algorithm identifiers for signature methods used in CertificateVerify messages and 597 in the "signature_algorithms" extension, from RFC 5246, section 7.4.1.4.1.*/ 598 #define NX_SECURE_TLS_HASH_ALGORITHM_NONE 0 599 #define NX_SECURE_TLS_HASH_ALGORITHM_MD5 1 600 #define NX_SECURE_TLS_HASH_ALGORITHM_SHA1 2 601 #define NX_SECURE_TLS_HASH_ALGORITHM_SHA224 3 602 #define NX_SECURE_TLS_HASH_ALGORITHM_SHA256 4 603 #define NX_SECURE_TLS_HASH_ALGORITHM_SHA384 5 604 #define NX_SECURE_TLS_HASH_ALGORITHM_SHA512 6 605 606 /* Signature algorithms paired with the hash algorithms above. */ 607 #define NX_SECURE_TLS_SIGNATURE_ALGORITHM_ANONYMOUS 0 608 #define NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA 1 609 #define NX_SECURE_TLS_SIGNATURE_ALGORITHM_DSA 2 610 #define NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA 3 611 612 /* Packed algorithm values (as seen over the wire). */ 613 #define NX_SECURE_TLS_SIGNATURE_RSA_MD5 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_MD5 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA) 614 #define NX_SECURE_TLS_SIGNATURE_RSA_SHA1 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA1 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA) 615 #define NX_SECURE_TLS_SIGNATURE_RSA_SHA256 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA256 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA) 616 #define NX_SECURE_TLS_SIGNATURE_RSA_SHA384 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA384 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA) 617 #define NX_SECURE_TLS_SIGNATURE_RSA_SHA512 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA512 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA) 618 #define NX_SECURE_TLS_SIGNATURE_ECDSA_SHA1 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA1 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA) 619 #define NX_SECURE_TLS_SIGNATURE_ECDSA_SHA224 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA224 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA) 620 #define NX_SECURE_TLS_SIGNATURE_ECDSA_SHA256 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA256 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA) 621 #define NX_SECURE_TLS_SIGNATURE_ECDSA_SHA384 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA384 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA) 622 #define NX_SECURE_TLS_SIGNATURE_ECDSA_SHA512 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA512 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA) 623 624 625 /* Session key generation and assignment constants. */ 626 #define NX_SECURE_TLS_KEY_SET_LOCAL 0 627 #define NX_SECURE_TLS_KEY_SET_REMOTE 1 628 629 /* TLS extension definitions from RFC 5246, 5746, 6066, and others. */ 630 #define NX_SECURE_TLS_EXTENSION_SERVER_NAME_INDICATION (0x0000) 631 #define NX_SECURE_TLS_EXTENSION_MAX_FRAGMENT_LENGTH (0x0001) 632 #define NX_SECURE_TLS_EXTENSION_CLIENT_CERTIFICATE_URL (0x0002) 633 #define NX_SECURE_TLS_EXTENSION_TRUSTED_CA_INDICATION (0x0003) 634 #define NX_SECURE_TLS_EXTENSION_TRUNCATED_HMAC (0x0004) 635 #define NX_SECURE_TLS_EXTENSION_CERTIFICATE_STATUS_REQUEST (0x0005) 636 #define NX_SECURE_TLS_EXTENSION_EC_GROUPS (0x000A) 637 #define NX_SECURE_TLS_EXTENSION_EC_POINT_FORMATS (0x000B) 638 #define NX_SECURE_TLS_EXTENSION_SIGNATURE_ALGORITHMS (0x000D) 639 #define NX_SECURE_TLS_EXTENSION_PRE_SHARED_KEY (0x0029) 640 #define NX_SECURE_TLS_EXTENSION_EARLY_DATA (0x002A) 641 #define NX_SECURE_TLS_EXTENSION_SUPPORTED_VERSIONS (0x002B) 642 #define NX_SECURE_TLS_EXTENSION_COOKIE (0x002C) 643 #define NX_SECURE_TLS_EXTENSION_PSK_KEY_EXCHANGE_MODES (0x002D) 644 #define NX_SECURE_TLS_EXTENSION_CERTIFICATE_AUTHORITIES (0x002F) 645 #define NX_SECURE_TLS_EXTENSION_OID_FILTERS (0x0030) 646 #define NX_SECURE_TLS_EXTENSION_POST_HANDSHAKE_AUTH (0x0031) 647 #define NX_SECURE_TLS_EXTENSION_SIGNATURE_ALGORITHMS_CERT (0x0032) 648 #define NX_SECURE_TLS_EXTENSION_KEY_SHARE (0x0033) 649 #define NX_SECURE_TLS_EXTENSION_ECJPAKE_KEY_KP_PAIR (0x0100) 650 #define NX_SECURE_TLS_EXTENSION_SECURE_RENEGOTIATION (0xFF01) 651 652 /* Extension-specific values. */ 653 #define NX_SECURE_TLS_SNI_NAME_TYPE_DNS (0x0) 654 655 /* Define the maximum number of structures allocated for TLS ClientHello and ServerHello extension data. */ 656 #define NX_SECURE_TLS_HELLO_EXTENSIONS_MAX (10) 657 658 /* Some constants for use in defining buffers for crypto and hash operations. */ 659 #define NX_SECURE_TLS_RANDOM_SIZE (32) /* Size of the server and client random values, in bytes. */ 660 #define NX_SECURE_TLS_MAX_HASH_SIZE (32) /* This is the largest size a single hash/MAC for ANY session *might* be, in bytes. */ 661 #define NX_SECURE_TLS_1_3_MAX_TRANSCRIPT_HASHES (5) /* This is the number of transcript hashes we need to save for TLS 1.3 key generation. */ 662 663 /* The following #defines are indicies into the transcript hash array used to store 664 the various transcript hashes for TLS 1.3 key generation. */ 665 #define NX_SECURE_TLS_TRANSCRIPT_IDX_CLIENTHELLO (0) 666 #define NX_SECURE_TLS_TRANSCRIPT_IDX_SERVERHELLO (1) 667 #define NX_SECURE_TLS_TRANSCRIPT_IDX_CERTIFICATE (2) 668 #define NX_SECURE_TLS_TRANSCRIPT_IDX_CLIENT_FINISHED (3) 669 #define NX_SECURE_TLS_TRANSCRIPT_IDX_SERVER_FINISHED (4) 670 671 #define NX_SECURE_TLS_RSA_PREMASTER_SIZE (48) /* The size of RSA encrypted pre-master secret. */ 672 #define NX_SECURE_TLS_EC_PREMASTER_SIZE (68) /* The size of pre-master secret for EC. */ 673 #ifndef NX_SECURE_TLS_MASTER_SIZE 674 #define NX_SECURE_TLS_MASTER_SIZE (48) /* The master secret is also 48 bytes. */ 675 #endif 676 #define NX_SECURE_TLS_MAX_KEY_SIZE (32) /* Maximum size of a session key in bytes. */ 677 #define NX_SECURE_TLS_MAX_IV_SIZE (16) /* Maximum size of a session initialization vector in bytes. */ 678 #define NX_SECURE_TLS_SESSION_ID_SIZE (256) /* Maximum size of a session ID value used for renegotiation in bytes. */ 679 #define NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE (2) /* Size of sequence numbers for TLS records in 32-bit words. */ 680 #define NX_SECURE_TLS_RECORD_HEADER_SIZE (5) /* Size of the TLS record header in bytes. */ 681 #define NX_SECURE_TLS_HANDSHAKE_HEADER_SIZE (4) /* Size of the TLS handshake record header in bytes. */ 682 #define NX_SECURE_TLS_FINISHED_HASH_SIZE (12) /* Size of the TLS handshake Finished hash in bytes. If SSLv3 is added, the hash size will need to 683 be revisited because it is different. */ 684 #define NX_SECURE_TLS_MAX_CIPHER_BLOCK_SIZE (128) /* Size of the largest block used by session ciphers (in block mode). */ 685 686 #define NX_SECURE_TLS_MAX_SESSION_TICKET_AGE (604800) /* Maximum lifetime of a NewSessionTicket (in milliseconds). */ 687 688 #define NX_SECURE_TLS_MAX_CIPHERTEXT_LENGTH (18432) /* Maximum TLSCiphertext record length. */ 689 #define NX_SECURE_TLS_MAX_CIPHERTEXT_LENGTH_1_3 (16640) /* Maximum TLSCiphertext record length of TLS 1.3. */ 690 #define NX_SECURE_TLS_MAX_PLAINTEXT_LENGTH (16384) /* Maximum TLSPlaintext record length. */ 691 692 /* The minimum size for the TLS message buffer is determined by a number of factors, but primarily 693 * the expected size of the TLS handshake Certificate message (sent by the TLS server) that may 694 * contain multiple certificates of 1-2KB each. The upper limit is determined by the length field 695 * in the TLS header (16 bit), and is 64KB. 696 */ 697 #ifndef NX_SECURE_TLS_MINIMUM_MESSAGE_BUFFER_SIZE 698 #define NX_SECURE_TLS_MINIMUM_MESSAGE_BUFFER_SIZE (4000) 699 #endif 700 701 /* Define a minimum reasonable size for a TLS X509 certificate. This is used in checking for 702 * errors in allocating certificate space. The size is determined by assuming a 512-bit RSA 703 * key, MD5 hash, and a rough estimate of other data. It is theoretically possible for a real 704 * certificate to be smaller, but in that case, bypass the error checking by re-defining this 705 * macro. 706 * Approximately: 64(RSA) + 16(MD5) + 176(ASN.1 + text data, common name, etc) 707 */ 708 #ifndef NX_SECURE_TLS_MINIMUM_CERTIFICATE_SIZE 709 #define NX_SECURE_TLS_MINIMUM_CERTIFICATE_SIZE (256) 710 #endif 711 712 /* We store the key material in a single contiguous block in the TLS control block, using offsets to 713 * get the actual key values. We need to size the key material according to the maximum amount of 714 * key material needed by any of the supported ciphersuites, times 2 because there are separate keys for 715 * client and server. */ 716 #ifndef NX_SECURE_TLS_KEY_MATERIAL_SIZE 717 #define NX_SECURE_TLS_KEY_MATERIAL_SIZE (2 * (NX_SECURE_TLS_MAX_HASH_SIZE + NX_SECURE_TLS_MAX_KEY_SIZE + NX_SECURE_TLS_MAX_IV_SIZE)) 718 #endif 719 720 /* PSK-specific defines. If PSK is disabled, don't bring PSK types into the build. */ 721 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) || (NX_SECURE_TLS_TLS_1_3_ENABLED) 722 723 724 #ifndef NX_SECURE_TLS_MAX_PSK_SIZE 725 /* The maximum PSK size for TLS 1.3 must be greater than or equal to the largest possible hash output for PSK session resumption keys. */ 726 #define NX_SECURE_TLS_MAX_PSK_SIZE (64) 727 #endif /* NX_SECURE_TLS_MAX_PSK_SIZE */ 728 729 #ifndef NX_SECURE_TLS_MAX_PSK_KEYS 730 #define NX_SECURE_TLS_MAX_PSK_KEYS (5) 731 #endif /* NX_SECURE_TLS_MAX_PSK_KEYS */ 732 733 #ifndef NX_SECURE_TLS_MAX_PSK_ID_SIZE 734 #define NX_SECURE_TLS_MAX_PSK_ID_SIZE (20) 735 #endif /* NX_SECURE_TLS_MAX_PSK_ID_SIZE */ 736 737 #ifndef NX_SECURE_TLS_MAX_PSK_NONCE_SIZE 738 #define NX_SECURE_TLS_MAX_PSK_NONCE_SIZE (255) 739 #endif 740 741 /* The pre-master secret size should be at least (2 * NX_SECURE_TLS_MAX_PSK_SIZE + 4) bytes for PSK cipher suites. */ 742 #define NX_SECURE_TLS_MIN_PREMASTER_SIZE_PSK (2 * NX_SECURE_TLS_MAX_PSK_SIZE + 4) 743 744 /* This structure holds the data for Pre-Shared Keys (PSKs) for use with 745 the TLS PSK ciphersuites. The actual keys are generated from this data 746 as part of the TLS handshake, but the user must provide this seed and 747 an "identity" to match a remote host to a known key. */ 748 typedef struct NX_SECURE_TLS_PSK_STORE_STRUCT 749 { 750 /* This holds the actual key data for the PSK. */ 751 UCHAR nx_secure_tls_psk_data[NX_SECURE_TLS_MAX_PSK_SIZE]; 752 UINT nx_secure_tls_psk_data_size; 753 754 /* This holds the identity information for the key in this PSK entry. */ 755 UCHAR nx_secure_tls_psk_id[NX_SECURE_TLS_MAX_PSK_ID_SIZE]; 756 UINT nx_secure_tls_psk_id_size; 757 758 /* This holds the "identity hint" sent to a TLS server during the handshake. 759 The hint tells the server how to choose a PSK/identity pair. */ 760 UCHAR nx_secure_tls_psk_id_hint[NX_SECURE_TLS_MAX_PSK_ID_SIZE]; 761 UINT nx_secure_tls_psk_id_hint_size; 762 763 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 764 /* TLS 1.3 session ticket data. */ 765 UINT nx_secure_tls_psk_ticket_lifetime; 766 UCHAR nx_secure_tls_psk_ticket_nonce[NX_SECURE_TLS_MAX_PSK_NONCE_SIZE]; 767 UCHAR nx_secure_tls_psk_ticket_nonce_size; 768 769 /* PSK early secret. */ 770 UCHAR nx_secure_tls_psk_early_secret[NX_SECURE_TLS_MAX_PSK_SIZE]; 771 UINT nx_secure_tls_psk_early_secret_size; 772 773 /* PSK binder key. */ 774 UCHAR nx_secure_tls_psk_binder_key[NX_SECURE_TLS_MAX_PSK_SIZE]; 775 UINT nx_secure_tls_psk_binder_key_size; 776 777 /* PSK finished binder key. */ 778 UCHAR nx_secure_tls_psk_finished_key[NX_SECURE_TLS_MAX_PSK_SIZE]; 779 UINT nx_secure_tls_psk_finished_key_size; 780 781 /* PSK binder value. */ 782 UCHAR nx_secure_tls_psk_binder[NX_SECURE_TLS_MAX_PSK_SIZE]; 783 UINT nx_secure_tls_psk_binder_size; 784 785 786 787 /* The PSK is associated with a hash routine to generate the binder. 788 * If the PSK is for session resumption, the hash is that of the original 789 * handshake's chosen ciphersuite. For user-defined PSKs, the hash is 790 * either chosen by the user or defaults to SHA-256. RFC 8446, Section 4.2.11. 791 */ 792 const struct NX_SECURE_TLS_CIPHERSUITE_INFO_STRUCT *nx_secure_tls_psk_binder_ciphersuite; 793 794 #endif 795 } NX_SECURE_TLS_PSK_STORE; 796 #endif /* defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) */ 797 798 799 #ifndef NX_SECURE_TLS_PREMASTER_SIZE 800 801 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE 802 #define NX_SECURE_TLS_MIN_PREMASTER_SIZE NX_SECURE_TLS_EC_PREMASTER_SIZE /* The pre-master secret should be at least 66 bytes for ECDH/ECDHE with secp521r1. */ 803 #else 804 #define NX_SECURE_TLS_MIN_PREMASTER_SIZE NX_SECURE_TLS_RSA_PREMASTER_SIZE /* The pre-master secret should be at least 48 bytes. */ 805 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */ 806 807 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) 808 809 #if NX_SECURE_TLS_MIN_PREMASTER_SIZE_PSK > NX_SECURE_TLS_MIN_PREMASTER_SIZE 810 #define NX_SECURE_TLS_PREMASTER_SIZE NX_SECURE_TLS_MIN_PREMASTER_SIZE_PSK /* The pre-master secret should be at least NX_SECURE_TLS_MIN_PREMASTER_SIZE_PSK bytes for PSK cipher suites. */ 811 #else 812 #define NX_SECURE_TLS_PREMASTER_SIZE NX_SECURE_TLS_MIN_PREMASTER_SIZE 813 #endif 814 815 #else 816 #define NX_SECURE_TLS_PREMASTER_SIZE NX_SECURE_TLS_MIN_PREMASTER_SIZE 817 #endif /* defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) || (NX_SECURE_TLS_TLS_1_3_ENABLED) */ 818 819 #endif 820 821 /* TLS Ciphersuite lookup table. Contains all pertinent information for ciphersuites used in TLS operations. 822 * The lookup is based on the first field, which will contain the defined TLS value for the ciphersuite. */ 823 typedef struct NX_SECURE_TLS_CIPHERSUITE_INFO_STRUCT 824 { 825 /* The value of the ciphersuite "on the wire" as defined by the TLS spec. */ 826 USHORT nx_secure_tls_ciphersuite; 827 828 /* The Public Key operation in this suite - RSA or DH. */ 829 const NX_CRYPTO_METHOD *nx_secure_tls_public_cipher; 830 831 /* The Public Authentication method used for signing data. */ 832 const NX_CRYPTO_METHOD *nx_secure_tls_public_auth; 833 834 /* NOTE: The Public Key size is determined by the public keys used and cannot be determined at compile time. */ 835 836 /* The session cipher being used - AES, RC4, etc. */ 837 const NX_CRYPTO_METHOD *nx_secure_tls_session_cipher; 838 839 /* The size of the initialization vectors needed for the session cipher. N/A for all session ciphers (enter "NONE"). */ 840 USHORT nx_secure_tls_iv_size; 841 842 /* The key size for the session cipher. */ 843 UCHAR nx_secure_tls_session_key_size; 844 845 /* The hash being used - MD5, SHA-1, SHA-256, etc. */ 846 const NX_CRYPTO_METHOD *nx_secure_tls_hash; 847 848 /* The size of the hash being used. This is for convenience as the size is determined 849 by the hash, e.g. SHA-1 is 20 bytes, MD5 is 16 bytes. */ 850 USHORT nx_secure_tls_hash_size; 851 852 /* The TLS PRF being used - for TLSv1.0 and TLSv1.1 this is a single function. For TLSv1.2, 853 the PRF is determined by the ciphersuite. */ 854 const NX_CRYPTO_METHOD *nx_secure_tls_prf; 855 856 } NX_SECURE_TLS_CIPHERSUITE_INFO; 857 858 859 typedef USHORT NX_SECURE_TLS_STATE; 860 typedef USHORT NX_SECURE_TLS_SERVER_STATE; 861 typedef USHORT NX_SECURE_TLS_CLIENT_STATE; 862 863 864 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE 865 /* EC handshake information. */ 866 typedef struct NX_SECURE_TLS_ECDHE_HANDSHAKE_DATA_STRUCT 867 { 868 /* Named curve used. */ 869 UINT nx_secure_tls_ecdhe_named_curve; 870 871 /* Signature Algorithm for ECDHE. */ 872 USHORT nx_secure_tls_ecdhe_signature_algorithm; 873 874 /* Length of the private key. */ 875 USHORT nx_secure_tls_ecdhe_private_key_length; 876 877 /* Private key for ECDHE. */ 878 UCHAR nx_secure_tls_ecdhe_private_key[NX_SECURE_TLS_EC_PREMASTER_SIZE]; 879 880 /* Length of the public key. */ 881 USHORT nx_secure_tls_ecdhe_public_key_length; 882 883 /* Public key for ECDHE. */ 884 UCHAR nx_secure_tls_ecdhe_public_key[4 * NX_SECURE_TLS_EC_PREMASTER_SIZE]; 885 886 } NX_SECURE_TLS_ECDHE_HANDSHAKE_DATA; 887 888 /* ECC information. */ 889 typedef struct NX_SECURE_TLS_ECC_STRUCT 890 { 891 /* Supported named curves. */ 892 const USHORT *nx_secure_tls_ecc_supported_groups; 893 894 /* Number of supported named curves. */ 895 USHORT nx_secure_tls_ecc_supported_groups_count; 896 897 /* Corresponding crypto methods for the supported named curve. */ 898 const NX_CRYPTO_METHOD **nx_secure_tls_ecc_curves; 899 } NX_SECURE_TLS_ECC; 900 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */ 901 902 903 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 904 typedef struct NX_SECURE_TLS_KEY_SECRETS_STRUCT 905 { 906 /* TLS 1.3 has many secrets and keys to be generated. This structure contains them. */ 907 908 UCHAR tls_early_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 909 UINT tls_early_secret_len; 910 UCHAR tls_binder_key[NX_SECURE_TLS_MAX_HASH_SIZE]; 911 UINT tls_binder_key_len; 912 UCHAR tls_client_early_traffic_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 913 UINT tls_client_early_traffic_secret_len; 914 UCHAR tls_early_exporter_master_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 915 UINT tls_early_exporter_master_secret_len; 916 UCHAR tls_handshake_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 917 UINT tls_handshake_secret_len; 918 UCHAR tls_client_handshake_traffic_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 919 UINT tls_client_handshake_traffic_secret_len; 920 UCHAR tls_server_handshake_traffic_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 921 UINT tls_server_handshake_traffic_secret_len; 922 UCHAR tls_master_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 923 UINT tls_master_secret_len; 924 UCHAR tls_client_application_traffic_secret_0[NX_SECURE_TLS_MAX_HASH_SIZE]; 925 UINT tls_client_application_traffic_secret_0_len; 926 UCHAR tls_server_application_traffic_secret_0[NX_SECURE_TLS_MAX_HASH_SIZE]; 927 UINT tls_server_application_traffic_secret_0_len; 928 UCHAR tls_exporter_master_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 929 UINT tls_exporter_master_secret_len; 930 UCHAR tls_resumption_master_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 931 UINT tls_resumption_master_secret_len; 932 933 UCHAR tls_server_finished_key[NX_SECURE_TLS_MAX_HASH_SIZE]; 934 UINT tls_server_finished_key_len; 935 UCHAR tls_client_finished_key[NX_SECURE_TLS_MAX_HASH_SIZE]; 936 UINT tls_client_finished_key_len; 937 } NX_SECURE_TLS_KEY_SECRETS; 938 939 940 #endif 941 942 943 typedef struct NX_SECURE_TLS_KEY_MATERIAL_STRUCT 944 { 945 /* Client random bytes - generated during the handshake. */ 946 UCHAR nx_secure_tls_client_random[NX_SECURE_TLS_RANDOM_SIZE]; 947 948 /* Server random bytes - generated during the handshake. */ 949 UCHAR nx_secure_tls_server_random[NX_SECURE_TLS_RANDOM_SIZE]; 950 951 /* The pre-master-secret length is dependent upon the public key 952 algorithm chosen - the RSA pre-master-secret is 48 bytes. 953 THIS MUST BE DELETED FROM MEMORY ONCE KEYS ARE GENERATED. */ 954 UCHAR nx_secure_tls_pre_master_secret[NX_SECURE_TLS_PREMASTER_SIZE]; 955 UINT nx_secure_tls_pre_master_secret_size; 956 957 /* The master secret is always 48 bytes in length, regardless of the 958 length of the pre-master-secret. */ 959 UCHAR nx_secure_tls_master_secret[NX_SECURE_TLS_MASTER_SIZE]; 960 961 /* We store generate the session key material into this buffer, 962 thus needing no copying of data (using the pointers to actual data below). */ 963 UCHAR nx_secure_tls_key_material_data[NX_SECURE_TLS_KEY_MATERIAL_SIZE]; 964 965 /* During a session renegotiation, there will be the current set of session keys 966 * in use, and a new set of keys that will be generated during the renegotiation 967 * handshake. However, there is a period of time where the local and remote keys 968 * are out of sync (after a ChangeCipherSpec is sent/received but before the second 969 * CCS message is sent) so we need to keep a separate buffer for new keys until 970 * we are fully using the new keys. 971 */ 972 UCHAR nx_secure_tls_new_key_material_data[NX_SECURE_TLS_KEY_MATERIAL_SIZE]; 973 974 /* Storage space for public ECC key data for curves supported (mostly for client). 975 * For TLS 1.3 we have to generate public keys before sending the ClientHello - one 976 * key for each curve we support! 977 */ 978 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 979 /* TLS 1.3 ECDHE key data. */ 980 NX_SECURE_TLS_ECDHE_HANDSHAKE_DATA nx_secure_tls_ecc_key_data[10]; 981 982 /* Selected ECDHE key data index. */ 983 UINT nx_secure_tls_ecc_key_data_selected; 984 985 /* TLS 1.3 key secrets. */ 986 NX_SECURE_TLS_KEY_SECRETS nx_secure_tls_key_secrets; 987 988 /* Store each transcript hash as it is generated. */ 989 UCHAR nx_secure_tls_transcript_hashes[NX_SECURE_TLS_1_3_MAX_TRANSCRIPT_HASHES][NX_SECURE_TLS_MAX_HASH_SIZE]; 990 991 #endif 992 993 /* Pointer to buffer where we can store handshake messages to hash once we know 994 the hash routine we are using. */ 995 UCHAR nx_secure_tls_handshake_cache[500]; 996 UINT nx_secure_tls_handshake_cache_length; 997 998 /* The TLS protocol requires a "secret" used in the hash of each message, 999 and one secret each for client and server. */ 1000 UCHAR *nx_secure_tls_client_write_mac_secret; 1001 UCHAR *nx_secure_tls_server_write_mac_secret; 1002 1003 /* The actual TLS Session keys used to encrypt session data (e.g. using AES.). 1004 There is one key for each direction, so the client encrypts with the "client_write" 1005 key and the server decrypts incoming data using the same key. */ 1006 UCHAR *nx_secure_tls_client_write_key; 1007 UCHAR *nx_secure_tls_server_write_key; 1008 1009 /* Some algorithms used in the TLS session require initialization vectors. */ 1010 UCHAR *nx_secure_tls_client_iv; 1011 UCHAR *nx_secure_tls_server_iv; 1012 1013 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 1014 /* Any time we are switching keys (going from one encrypted context to another) we need to switch 1015 * the keys for client and server independently. These pointers allow us to refer to the next 1016 * keys to be used without having to access the key material directly. */ 1017 UCHAR *nx_secure_tls_client_next_write_key; 1018 UCHAR *nx_secure_tls_server_next_write_key; 1019 1020 /* Some algorithms used in the TLS session require initialization vectors. */ 1021 UCHAR *nx_secure_tls_client_next_iv; 1022 UCHAR *nx_secure_tls_server_next_iv; 1023 #endif 1024 1025 } NX_SECURE_TLS_KEY_MATERIAL; 1026 1027 /* This structure contains the metadata for the TLS handshake hash - the state 1028 * of the hash must persist through the entire handshake process so it is stored 1029 * separately from the rest of the crypto metadata. 1030 */ 1031 typedef struct NX_SECURE_TLS_HANDSHAKE_HASH_STRUCT 1032 { 1033 /* Handshake verification hash context - we need MD5 and SHA-1 for TLS 1.0 and 1.1. */ 1034 CHAR *nx_secure_tls_handshake_hash_md5_metadata; 1035 ULONG nx_secure_tls_handshake_hash_md5_metadata_size; 1036 VOID *nx_secure_tls_handshake_hash_md5_handler; 1037 1038 /* SHA-1 handshake hash context. */ 1039 CHAR *nx_secure_tls_handshake_hash_sha1_metadata; 1040 ULONG nx_secure_tls_handshake_hash_sha1_metadata_size; 1041 VOID *nx_secure_tls_handshake_hash_sha1_handler; 1042 1043 /* SHA-256 handshake hash context. */ 1044 CHAR *nx_secure_tls_handshake_hash_sha256_metadata; 1045 ULONG nx_secure_tls_handshake_hash_sha256_metadata_size; 1046 VOID *nx_secure_tls_handshake_hash_sha256_handler; 1047 1048 /* Scratch metadata space for copying one of the above states when 1049 generating the final hash. */ 1050 CHAR *nx_secure_tls_handshake_hash_scratch; 1051 ULONG nx_secure_tls_handshake_hash_scratch_size; 1052 } NX_SECURE_TLS_HANDSHAKE_HASH; 1053 1054 1055 /* Top-level structure that contains all the relevant cryptographic method 1056 information for all TLS versions. */ 1057 typedef struct NX_SECURE_TLS_CRYPTO_STRUCT 1058 { 1059 /* Table that maps ciphersuites to crypto methods. */ 1060 NX_SECURE_TLS_CIPHERSUITE_INFO *nx_secure_tls_ciphersuite_lookup_table; 1061 USHORT nx_secure_tls_ciphersuite_lookup_table_size; 1062 1063 /* Table that maps X.509 cipher identifiers to crypto methods. */ 1064 #ifndef NX_SECURE_DISABLE_X509 1065 NX_SECURE_X509_CRYPTO *nx_secure_tls_x509_cipher_table; 1066 USHORT nx_secure_tls_x509_cipher_table_size; 1067 #endif 1068 1069 /* Specific routines needed for specific TLS versions. */ 1070 #if (NX_SECURE_TLS_TLS_1_0_ENABLED || NX_SECURE_TLS_TLS_1_1_ENABLED) 1071 const NX_CRYPTO_METHOD *nx_secure_tls_handshake_hash_md5_method; 1072 const NX_CRYPTO_METHOD *nx_secure_tls_handshake_hash_sha1_method; 1073 const NX_CRYPTO_METHOD *nx_secure_tls_prf_1_method; 1074 #endif 1075 1076 #if (NX_SECURE_TLS_TLS_1_2_ENABLED) 1077 const NX_CRYPTO_METHOD *nx_secure_tls_handshake_hash_sha256_method; 1078 const NX_CRYPTO_METHOD *nx_secure_tls_prf_sha256_method; 1079 #endif 1080 1081 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 1082 const NX_CRYPTO_METHOD *nx_secure_tls_hkdf_method; 1083 const NX_CRYPTO_METHOD *nx_secure_tls_hmac_method; 1084 const NX_CRYPTO_METHOD *nx_secure_tls_ecdhe_method; 1085 #endif 1086 1087 } NX_SECURE_TLS_CRYPTO; 1088 1089 1090 typedef struct NX_SECURE_TLS_CREDENTIALS_STRUCT 1091 { 1092 /* X509 certificates are enabled by default. Disable them using this macro. */ 1093 #ifndef NX_SECURE_DISABLE_X509 1094 /* X509 Certificate store. */ 1095 NX_SECURE_X509_CERTIFICATE_STORE nx_secure_tls_certificate_store; 1096 1097 /* Pointer to the active local certificate, if non-NULL it overrides the store 1098 when sending out a certificate. */ 1099 NX_SECURE_X509_CERT *nx_secure_tls_active_certificate; 1100 1101 #endif 1102 1103 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || (NX_SECURE_TLS_TLS_1_3_ENABLED) 1104 1105 /* Server identity value (received from remote host). */ 1106 UCHAR nx_secure_tls_remote_psk_id[NX_SECURE_TLS_MAX_PSK_ID_SIZE]; 1107 UINT nx_secure_tls_remote_psk_id_size; 1108 1109 /* Client PSK for use with a specific server. */ 1110 NX_SECURE_TLS_PSK_STORE nx_secure_tls_client_psk; 1111 #endif 1112 1113 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) || (NX_SECURE_TLS_TLS_1_3_ENABLED) 1114 /* Store for PSK ciphersuite keys. Used for TLS servers and PSK. */ 1115 NX_SECURE_TLS_PSK_STORE nx_secure_tls_psk_store[NX_SECURE_TLS_MAX_PSK_KEYS]; 1116 1117 /* Current count/index into PSK store. */ 1118 UINT nx_secure_tls_psk_count; 1119 #endif /* defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) */ 1120 1121 } NX_SECURE_TLS_CREDENTIALS; 1122 1123 /* This structure encapsulates a single extension and its associated data. The 1124 structure is used to pass opaque data in and out of the TLS stack. Helper 1125 functions are used to extract/fill extension-specific data. */ 1126 typedef struct NX_SECURE_TLS_HELLO_EXTENSION_STRUCT 1127 { 1128 1129 /* Identifier for the extension - used to identify the data in the buffer. */ 1130 USHORT nx_secure_tls_extension_id; 1131 1132 /* Length of data in the buffer. */ 1133 USHORT nx_secure_tls_extension_data_length; 1134 1135 /* Data for the extensions. Pointer to a buffer containing the data which 1136 is formatted according to the particular extension. */ 1137 const UCHAR *nx_secure_tls_extension_data; 1138 } NX_SECURE_TLS_HELLO_EXTENSION; 1139 1140 1141 /* Definition of the top-level TLS session control block used by the application. */ 1142 typedef struct NX_SECURE_TLS_SESSION_STRUCT 1143 { 1144 /* Identifier to determine if TLS session has been properly initialized. */ 1145 ULONG nx_secure_tls_id; 1146 1147 /* Underlying TCP socket. */ 1148 NX_TCP_SOCKET *nx_secure_tls_tcp_socket; 1149 1150 /* Queue the incoming packets for one record. */ 1151 NX_PACKET *nx_secure_record_queue_header; 1152 NX_PACKET *nx_secure_record_decrypted_packet; 1153 1154 /* Packet pool used by TLS stack to allocate outgoing packets used in TLS handshake. */ 1155 NX_PACKET_POOL *nx_secure_tls_packet_pool; 1156 1157 /* Packet/message buffer for re-assembling TLS messages. */ 1158 UCHAR *nx_secure_tls_packet_buffer; 1159 ULONG nx_secure_tls_packet_buffer_size; 1160 ULONG nx_secure_tls_packet_buffer_original_size; 1161 1162 /* The number of bytes copied into packet/message buffer. */ 1163 ULONG nx_secure_tls_packet_buffer_bytes_copied; 1164 1165 /* The exepected number of bytes for an incoming handshake record. */ 1166 ULONG nx_secure_tls_handshake_record_expected_length; 1167 1168 /* Whether a handshake message is fragmented across several records. */ 1169 USHORT nx_secure_tls_handshake_record_fragment_state; 1170 1171 /* The offset of current record to be processed. */ 1172 ULONG nx_secure_tls_record_offset; 1173 1174 /* The prcessed number of bytes in current tls record. */ 1175 ULONG nx_secure_tls_bytes_processed; 1176 1177 /* What type of socket is this? Client or server? */ 1178 UINT nx_secure_tls_socket_type; 1179 1180 /* Protocol version used for the current session. Actual version depends on 1181 * user preference and the remote host. */ 1182 USHORT nx_secure_tls_protocol_version; 1183 1184 /* TLS 1.3 doesn't use the protocol version - it's fixed to TLS 1.2 (0x0303) so 1185 we distinguish a TLS 1.3 session from others using the flag below. */ 1186 USHORT nx_secure_tls_supported_versions; 1187 1188 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 1189 UCHAR nx_secure_tls_1_3; 1190 UCHAR nx_secure_tls_1_3_supported; 1191 #endif 1192 1193 /* This field overrides the version returned by _nx_secure_tls_newest_supported_version. */ 1194 USHORT nx_secure_tls_protocol_version_override; 1195 1196 /* The highest supported protocol version obtained through negotiation. */ 1197 USHORT nx_secure_tls_negotiated_highest_protocol_version; 1198 1199 /* State of local and remote encryption - post ChangeCipherSpec. */ 1200 UCHAR nx_secure_tls_remote_session_active; 1201 UCHAR nx_secure_tls_local_session_active; 1202 1203 /* State of whether the client and server session cipher is initialized. */ 1204 UCHAR nx_secure_tls_session_cipher_client_initialized; 1205 UCHAR nx_secure_tls_session_cipher_server_initialized; 1206 1207 /* Chosen ciphersuite. */ 1208 const NX_SECURE_TLS_CIPHERSUITE_INFO *nx_secure_tls_session_ciphersuite; 1209 1210 /* Chosen ciphersuite table, passed in during the session create call. */ 1211 NX_SECURE_TLS_CRYPTO *nx_secure_tls_crypto_table; 1212 1213 /* Key material (master secret, session keys, etc.) is stored here. */ 1214 NX_SECURE_TLS_KEY_MATERIAL nx_secure_tls_key_material; 1215 1216 /* Session ID length. */ 1217 UCHAR nx_secure_tls_session_id_length; 1218 1219 /* Session ID used for session re-negotiation. */ 1220 UCHAR nx_secure_tls_session_id[NX_SECURE_TLS_SESSION_ID_SIZE]; 1221 1222 #ifndef NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION 1223 /* This flag indicates whether the remote host supports secure renegotiation 1224 as indicated in the initial Hello messages (SCSV or the renegotiation 1225 extension were provided). */ 1226 USHORT nx_secure_tls_secure_renegotiation; 1227 1228 /* This flag indicates whether the renegotiation_info extension is present and 1229 the data in the extension is verified during secure renegotiation. */ 1230 USHORT nx_secure_tls_secure_renegotiation_verified; 1231 1232 /* This flag indicates that a server instance has requested a renegotiation 1233 so we can differentiate between client initiated and server initiated. */ 1234 USHORT nx_secure_tls_server_renegotiation_requested; 1235 1236 /* The verify data is named "remote" and "local" since it can be used by 1237 both TLS Client and TLS Server instances. */ 1238 UCHAR nx_secure_tls_remote_verify_data[NX_SECURE_TLS_FINISHED_HASH_SIZE]; 1239 UCHAR nx_secure_tls_local_verify_data[NX_SECURE_TLS_FINISHED_HASH_SIZE]; 1240 #endif /* NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION */ 1241 1242 1243 /* Sequence number for the current TLS session - local host. */ 1244 ULONG nx_secure_tls_local_sequence_number[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE]; 1245 1246 /* Sequence number for the current TLS session - remote host. For verification of incoming records. */ 1247 ULONG nx_secure_tls_remote_sequence_number[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE]; 1248 1249 /* Pointer to TLS credentials for this session - stores PSKs, certificates, and other identification. */ 1250 NX_SECURE_TLS_CREDENTIALS nx_secure_tls_credentials; 1251 1252 /* Handshake hash (for the Finished message) must be maintained for all handshake messages. The 1253 * TLS version determines the actual hash being used, so all hash context data is encapsulated in 1254 * the handshake hash structure. */ 1255 NX_SECURE_TLS_HANDSHAKE_HASH nx_secure_tls_handshake_hash; 1256 1257 /* If our TLS server wishes to verify the client certificate, the application 1258 will set this to true (non-zero). */ 1259 USHORT nx_secure_tls_verify_client_certificate; 1260 1261 /* This flag will be set to true when TLS has received credentials (e.g. certificate, PSK) 1262 from the remote host. If it is still false when we get to the end of the handshake, 1263 we have not received credentials from the remote host and should fail the handshake. */ 1264 USHORT nx_secure_tls_received_remote_credentials; 1265 1266 /* This mutex used for TLS session while transmitting packets. */ 1267 TX_MUTEX nx_secure_tls_session_transmit_mutex; 1268 1269 #ifndef NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION 1270 /* If we receive a hello message from the remote server during a session, 1271 we have a re-negotiation handshake we need to process. */ 1272 USHORT nx_secure_tls_renegotiation_handshake; 1273 1274 /* Flag to enable/disable session renegotiation at application's choosing. */ 1275 USHORT nx_secure_tls_renegotation_enabled; 1276 1277 /* Flag to indicate that the local host initiated the renegotiation. */ 1278 USHORT nx_secure_tls_local_initiated_renegotiation; 1279 #endif /* NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION */ 1280 1281 #ifndef NX_SECURE_TLS_SERVER_DISABLED 1282 /* The state of the server handshake if this is a server socket. */ 1283 NX_SECURE_TLS_SERVER_STATE nx_secure_tls_server_state; 1284 #endif 1285 1286 #ifndef NX_SECURE_TLS_CLIENT_DISABLED 1287 /* The state of the client handshake if this is a client socket. */ 1288 NX_SECURE_TLS_CLIENT_STATE nx_secure_tls_client_state; 1289 1290 /* If the remote TLS Server requests a certificate, save that state here so we can send the cert. */ 1291 USHORT nx_secure_tls_client_certificate_requested; 1292 #endif 1293 1294 /* Define the link between other TLS structures created by the application. */ 1295 struct NX_SECURE_TLS_SESSION_STRUCT 1296 *nx_secure_tls_created_previous, 1297 *nx_secure_tls_created_next; 1298 1299 /* Define the public cipher metadata area. */ 1300 VOID *nx_secure_public_cipher_metadata_area; 1301 1302 /* Define the public cipher metadata size. */ 1303 ULONG nx_secure_public_cipher_metadata_size; 1304 1305 /* Define the public authentication handler. */ 1306 VOID *nx_secure_public_auth_handler; 1307 1308 /* Define the public authentication metadata area. */ 1309 VOID *nx_secure_public_auth_metadata_area; 1310 1311 /* Define the public authentication metadata size. */ 1312 ULONG nx_secure_public_auth_metadata_size; 1313 1314 /* Define the session cipher handler for client. */ 1315 VOID *nx_secure_session_cipher_handler_client; 1316 1317 /* Define the session cipher handler for server. */ 1318 VOID *nx_secure_session_cipher_handler_server; 1319 1320 /* Define the session cipher metadata area for client. */ 1321 VOID *nx_secure_session_cipher_metadata_area_client; 1322 1323 /* Define the crypto metadata area for server. */ 1324 VOID *nx_secure_session_cipher_metadata_area_server; 1325 1326 /* Define the crypto metadata size. */ 1327 ULONG nx_secure_session_cipher_metadata_size; 1328 1329 /* Define the hash Message Authentication Code (MAC) handler. */ 1330 VOID *nx_secure_hash_mac_handler; 1331 1332 /* Define the hash Message Authentication Code (MAC) metadata area. */ 1333 VOID *nx_secure_hash_mac_metadata_area; 1334 1335 /* Define the hash Message Authentication Code (MAC) metadata size. */ 1336 ULONG nx_secure_hash_mac_metadata_size; 1337 1338 /* Define the TLS PRF metadata area. */ 1339 VOID *nx_secure_tls_prf_metadata_area; 1340 1341 /* Define the TLS PRF metadata size. */ 1342 ULONG nx_secure_tls_prf_metadata_size; 1343 1344 /* Function (set by user) to call when TLS needs the current time. */ 1345 ULONG (*nx_secure_tls_session_time_function)(void); 1346 1347 /* Function (set by application) to call when TLS has a certificate from the 1348 remote host that has passed basic validation but requires additional checks 1349 by the application before being accepted. */ 1350 ULONG (*nx_secure_tls_session_certificate_callback)(struct NX_SECURE_TLS_SESSION_STRUCT *session, NX_SECURE_X509_CERT *certificate); 1351 1352 #ifndef NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION 1353 /* Function (set by user) to call when TLS receives a re-negotiation request from the remote host. */ 1354 ULONG (*nx_secure_tls_session_renegotiation_callback)(struct NX_SECURE_TLS_SESSION_STRUCT *session); 1355 #endif /* NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION */ 1356 1357 /* Function (set by user) to call when a TLS Client receives a ServerHello message containing extensions 1358 that require specific actions. */ 1359 ULONG (*nx_secure_tls_session_client_callback)(struct NX_SECURE_TLS_SESSION_STRUCT *tls_session, NX_SECURE_TLS_HELLO_EXTENSION *extensions, UINT num_extensions); 1360 1361 /* Function (set by user) to call when a TLS Server receives a ClientHello message containing extensions 1362 that require specific actions. */ 1363 ULONG (*nx_secure_tls_session_server_callback)(struct NX_SECURE_TLS_SESSION_STRUCT *tls_session, NX_SECURE_TLS_HELLO_EXTENSION *extensions, UINT num_extensions); 1364 1365 #ifndef NX_SECURE_TLS_SNI_EXTENSION_DISABLED 1366 /* Server Name Indication (SNI) extension. For TLS Client, this is a single DNS name. 1367 For TLS Server, this is unused. */ 1368 NX_SECURE_X509_DNS_NAME *nx_secure_tls_sni_extension_server_name; 1369 #endif 1370 1371 /* These are used to store off the alert value and level when an alert is recevied. */ 1372 UINT nx_secure_tls_received_alert_level; 1373 UINT nx_secure_tls_received_alert_value; 1374 1375 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE 1376 /* Supported EC groups information for this session. */ 1377 NX_SECURE_TLS_ECC nx_secure_tls_ecc; 1378 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */ 1379 1380 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 1381 UCHAR *nx_secure_tls_cookie; 1382 UINT nx_secure_tls_cookie_length; 1383 1384 UINT nx_secure_tls_signature_algorithm; 1385 #endif 1386 1387 /* Functions that can be replaced to implement custom key generation. */ 1388 UINT (*nx_secure_generate_premaster_secret)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1389 NX_SECURE_TLS_CREDENTIALS *tls_credentials, UINT session_type, USHORT *received_remote_credentials, 1390 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, VOID *tls_ecc_curves); 1391 UINT (*nx_secure_generate_master_secret)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1392 const NX_CRYPTO_METHOD *session_prf_method, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1393 UCHAR *pre_master_sec, UINT pre_master_sec_size, UCHAR *master_sec, 1394 VOID *prf_metadata, ULONG prf_metadata_size); 1395 UINT (*nx_secure_generate_session_keys)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1396 const NX_CRYPTO_METHOD *session_prf_method, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1397 UCHAR *master_sec, VOID *prf_metadata, ULONG prf_metadata_size); 1398 UINT (*nx_secure_session_keys_set)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1399 UINT key_material_data_size, UINT is_client, UCHAR *session_cipher_initialized, 1400 VOID *session_cipher_metadata, VOID **session_cipher_handler, ULONG session_cipher_metadata_size); 1401 #ifndef NX_SECURE_TLS_CLIENT_DISABLED 1402 UINT(*nx_secure_process_server_key_exchange)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, NX_SECURE_TLS_CRYPTO *tls_crypto_table, 1403 USHORT protocol_version, UCHAR *packet_buffer, UINT message_length, 1404 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1405 NX_SECURE_TLS_HANDSHAKE_HASH *tls_handshake_hash, 1406 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1407 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1408 UINT(*nx_secure_generate_client_key_exchange)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, 1409 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1410 UCHAR *data_buffer, ULONG buffer_length, ULONG *output_size, 1411 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1412 VOID *public_auth_metadata, ULONG public_auth_metadata_size); 1413 #endif 1414 #ifndef NX_SECURE_TLS_SERVER_DISABLED 1415 UINT(*nx_secure_process_client_key_exchange)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1416 UCHAR *packet_buffer, UINT message_length, USHORT *received_remote_credentials, 1417 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1418 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1419 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1420 UINT(*nx_secure_generate_server_key_exchange)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, UCHAR tls_1_3, 1421 NX_SECURE_TLS_CRYPTO *tls_crypto_table, NX_SECURE_TLS_HANDSHAKE_HASH *tls_handshake_hash, 1422 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1423 UCHAR *data_buffer, ULONG buffer_length, ULONG *output_size, 1424 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1425 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1426 #endif 1427 UINT (*nx_secure_verify_mac)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, UCHAR *mac_secret, ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1428 UCHAR *header_data, USHORT header_length, NX_PACKET *packet_ptr, ULONG offset, UINT *length, 1429 VOID *hash_mac_metadata, ULONG hash_mac_metadata_size); 1430 UINT (*nx_secure_remote_certificate_verify)(NX_SECURE_X509_CERTIFICATE_STORE *store, 1431 NX_SECURE_X509_CERT *certificate, ULONG current_time); 1432 UINT (*nx_secure_trusted_certificate_add)(NX_SECURE_X509_CERTIFICATE_STORE *store, 1433 NX_SECURE_X509_CERT *certificate); 1434 } NX_SECURE_TLS_SESSION; 1435 1436 /* TLS record types. */ 1437 #define NX_SECURE_TLS_CHANGE_CIPHER_SPEC 20 1438 #define NX_SECURE_TLS_ALERT 21 1439 #define NX_SECURE_TLS_HANDSHAKE 22 1440 #define NX_SECURE_TLS_APPLICATION_DATA 23 1441 1442 /* TLS handshake message values. */ 1443 #define NX_SECURE_TLS_HELLO_REQUEST 0 1444 #define NX_SECURE_TLS_CLIENT_HELLO 1 1445 #define NX_SECURE_TLS_SERVER_HELLO 2 1446 #define NX_SECURE_TLS_HELLO_VERIFY_REQUEST 3 1447 #define NX_SECURE_TLS_NEW_SESSION_TICKET 4 1448 #define NX_SECURE_TLS_END_OF_EARLY_DATA 5 1449 #define NX_SECURE_TLS_ENCRYPTED_EXTENSIONS 8 1450 #define NX_SECURE_TLS_CERTIFICATE_MSG 11 1451 #define NX_SECURE_TLS_SERVER_KEY_EXCHANGE 12 1452 #define NX_SECURE_TLS_CERTIFICATE_REQUEST 13 1453 #define NX_SECURE_TLS_SERVER_HELLO_DONE 14 1454 #define NX_SECURE_TLS_CERTIFICATE_VERIFY 15 1455 #define NX_SECURE_TLS_CLIENT_KEY_EXCHANGE 16 1456 #define NX_SECURE_TLS_FINISHED 20 1457 #define NX_SECURE_TLS_CERTIFICATE_URL 21 1458 #define NX_SECURE_TLS_CERTIFICATE_STATUS 22 1459 #define NX_SECURE_TLS_KEY_UPDATE 24 1460 #define NX_SECURE_TLS_INVALID_MESSAGE 100 1461 #define NX_SECURE_TLS_MESSAGE_HASH 254 1462 1463 1464 /* Declare internal functions. */ 1465 1466 #ifdef NX_SECURE_KEY_CLEAR 1467 #define nx_secure_tls_packet_release _nx_secure_tls_packet_release 1468 #else 1469 #define nx_secure_tls_packet_release nx_packet_release 1470 #endif /* NX_SECURE_KEY_CLEAR */ 1471 1472 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 1473 UINT _nx_secure_tls_1_3_crypto_init(NX_SECURE_TLS_SESSION *tls_session); 1474 UINT _nx_secure_tls_1_3_client_handshake(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1475 UINT data_length, ULONG wait_option); 1476 UINT _nx_secure_tls_1_3_server_handshake(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1477 UINT data_length, ULONG wait_option); 1478 UINT _nx_secure_tls_1_3_generate_handshake_keys(NX_SECURE_TLS_SESSION *tls_session); 1479 UINT _nx_secure_tls_1_3_generate_session_keys(NX_SECURE_TLS_SESSION *tls_session); 1480 UINT _nx_secure_tls_1_3_session_psk_generate(NX_SECURE_TLS_SESSION *tls_session, NX_SECURE_TLS_PSK_STORE *ticket_psk, UCHAR *nonce, UINT nonce_len); 1481 UINT _nx_secure_tls_psk_binder_generate(NX_SECURE_TLS_SESSION *tls_session, NX_SECURE_TLS_PSK_STORE *psk_entry); 1482 UINT _nx_secure_tls_1_3_session_keys_set(NX_SECURE_TLS_SESSION *tls_session, USHORT key_set); 1483 UINT _nx_secure_tls_1_3_transcript_hash_save(NX_SECURE_TLS_SESSION *tls_session, UINT hash_index, UINT need_copy); 1484 UINT _nx_secure_tls_1_3_finished_hash_generate(NX_SECURE_TLS_SESSION *tls_session, 1485 UINT is_server, UINT *hash_size, UCHAR *finished_hash, 1486 ULONG available_size); 1487 UINT _nx_secure_tls_1_3_generate_psk_secret(NX_SECURE_TLS_SESSION *tls_session, 1488 NX_SECURE_TLS_PSK_STORE *psk_entry, 1489 const NX_CRYPTO_METHOD *hash_method); 1490 UINT _nx_secure_tls_send_newsessionticket(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1491 UINT _nx_secure_tls_process_newsessionticket(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1492 UINT message_length); 1493 UINT _nx_secure_tls_process_encrypted_extensions(NX_SECURE_TLS_SESSION *tls_session, 1494 UCHAR *packet_buffer, UINT message_length); 1495 UINT _nx_secure_tls_send_encrypted_extensions(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1496 #endif 1497 1498 VOID _nx_secure_tls_get_signature_algorithm_id(UINT signature_algorithm, USHORT *signature_algorithm_id); 1499 UINT _nx_secure_tls_allocate_handshake_packet(NX_SECURE_TLS_SESSION *tls_session, 1500 NX_PACKET_POOL *packet_pool, 1501 NX_PACKET **send_packet, ULONG wait_option); 1502 UINT _nx_secure_tls_check_protocol_version(NX_SECURE_TLS_SESSION *tls_session, 1503 USHORT protocol_version, UINT id); 1504 UINT _nx_secure_tls_ciphersuite_lookup(NX_SECURE_TLS_SESSION *tls_session, UINT ciphersuite, 1505 const NX_SECURE_TLS_CIPHERSUITE_INFO **info, USHORT *ciphersuite_priority); 1506 UINT _nx_secure_tls_client_handshake(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1507 UINT data_length, ULONG wait_option); 1508 UINT _nx_secure_tls_finished_hash_generate(NX_SECURE_TLS_SESSION *tls_session, 1509 UCHAR *finished_label, UCHAR *finished_hash); 1510 UINT _nx_secure_tls_generate_keys(NX_SECURE_TLS_SESSION *tls_session); 1511 UINT _nx_secure_tls_generate_premaster_secret(NX_SECURE_TLS_SESSION *tls_session, UINT id); 1512 UINT _nx_secure_tls_handshake_hash_init(NX_SECURE_TLS_SESSION *tls_session); 1513 UINT _nx_secure_tls_handshake_hash_update(NX_SECURE_TLS_SESSION *tls_session, UCHAR *data, 1514 UINT length); 1515 UINT _nx_secure_tls_handshake_process(NX_SECURE_TLS_SESSION *tls_session, UINT wait_option); 1516 UINT _nx_secure_tls_hash_record(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, 1517 ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1518 UCHAR *header, UINT header_length, NX_PACKET *packet_ptr, 1519 ULONG offset, UINT length, UCHAR *record_hash, UINT *hash_length, 1520 UCHAR *mac_secret, VOID *metadata, ULONG metadata_size); 1521 UINT _nx_secure_tls_key_material_init(NX_SECURE_TLS_KEY_MATERIAL *key_material); 1522 VOID _nx_secure_tls_map_error_to_alert(UINT error_number, UINT *alert_number, 1523 UINT *alert_level); 1524 VOID _nx_secure_tls_newest_supported_version(NX_SECURE_TLS_SESSION *session_ptr, 1525 USHORT *protocol_version, UINT id); 1526 VOID _nx_secure_tls_highest_supported_version_negotiate(NX_SECURE_TLS_SESSION *session_ptr, 1527 USHORT *protocol_version, UINT id); 1528 UINT _nx_secure_tls_packet_release(NX_PACKET *packet_ptr); 1529 VOID _nx_secure_tls_protocol_version_get(NX_SECURE_TLS_SESSION *session_ptr, 1530 USHORT *protocol_version, UINT id); 1531 UINT _nx_secure_tls_process_certificate_request(NX_SECURE_TLS_SESSION *tls_session, 1532 UCHAR *packet_buffer, UINT message_length); 1533 UINT _nx_secure_tls_process_certificate_verify(NX_SECURE_TLS_SESSION *tls_session, 1534 UCHAR *packet_buffer, UINT message_length); 1535 UINT _nx_secure_tls_process_changecipherspec(NX_SECURE_TLS_SESSION *tls_session, 1536 UCHAR *packet_buffer, UINT message_length); 1537 UINT _nx_secure_tls_process_client_key_exchange(NX_SECURE_TLS_SESSION *tls_session, 1538 UCHAR *packet_buffer, UINT message_length, UINT id); 1539 UINT _nx_secure_tls_process_clienthello(NX_SECURE_TLS_SESSION *tls_session, 1540 UCHAR *packet_buffer, UINT message_length); 1541 UINT _nx_secure_tls_process_clienthello_extensions(NX_SECURE_TLS_SESSION *tls_session, 1542 UCHAR *packet_buffer, UINT message_length, 1543 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1544 UINT *num_extensions, UCHAR *client_hello_buffer, UINT client_hello_length); 1545 1546 UINT _nx_secure_tls_process_finished(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1547 UINT message_length); 1548 UINT _nx_secure_tls_process_header(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *packet_ptr, 1549 ULONG record_offset, USHORT *message_type, UINT *length, 1550 UCHAR *header_data, USHORT *header_length); 1551 UINT _nx_secure_tls_process_handshake_header(UCHAR *packet_buffer, USHORT *message_type, 1552 UINT *header_size, UINT *message_length); 1553 UINT _nx_secure_tls_process_record(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *packet_ptr, 1554 ULONG *bytes_processed, ULONG wait_option); 1555 UINT _nx_secure_tls_process_remote_certificate(NX_SECURE_TLS_SESSION *tls_session, 1556 UCHAR *packet_buffer, 1557 UINT message_length, 1558 UINT data_length); 1559 UINT _nx_secure_tls_process_server_key_exchange(NX_SECURE_TLS_SESSION *tls_session, 1560 UCHAR *packet_buffer, UINT message_length); 1561 UINT _nx_secure_tls_process_serverhello(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1562 UINT message_length); 1563 UINT _nx_secure_tls_process_serverhello_extensions(NX_SECURE_TLS_SESSION *tls_session, 1564 UCHAR *packet_buffer, UINT message_length, 1565 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1566 UINT *num_extensions); 1567 UINT _nx_secure_tls_record_hash_calculate(NX_SECURE_TLS_SESSION *tls_session, UCHAR *record_hash, 1568 UINT *hash_length); 1569 UINT _nx_secure_tls_record_hash_initialize(NX_SECURE_TLS_SESSION *tls_session, 1570 ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1571 UCHAR *header, UINT header_length, UINT *hash_length, 1572 UCHAR *mac_secret); 1573 UINT _nx_secure_tls_record_hash_update(NX_SECURE_TLS_SESSION *tls_session, UCHAR *data, 1574 UINT length); 1575 UINT _nx_secure_tls_record_payload_decrypt(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *encrypted_packet, 1576 UINT offset, UINT message_length, NX_PACKET **decrypted_packet, 1577 ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1578 UCHAR record_type, UINT wait_option); 1579 UINT _nx_secure_tls_record_payload_encrypt(NX_SECURE_TLS_SESSION *tls_session, 1580 NX_PACKET *send_packet, 1581 ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1582 UCHAR record_type); 1583 UINT _nx_secure_tls_remote_certificate_free(NX_SECURE_TLS_SESSION *tls_session, 1584 NX_SECURE_X509_DISTINGUISHED_NAME *name); 1585 UINT _nx_secure_tls_remote_certificate_verify(NX_SECURE_TLS_SESSION *tls_session); 1586 VOID _nx_secure_tls_send_alert(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet, 1587 UCHAR alert_number, UCHAR alert_level); 1588 UINT _nx_secure_tls_send_certificate(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet, 1589 ULONG wait_option); 1590 UINT _nx_secure_tls_send_certificate_request(NX_SECURE_TLS_SESSION *tls_session, 1591 NX_PACKET *send_packet); 1592 UINT _nx_secure_tls_send_changecipherspec(NX_SECURE_TLS_SESSION *tls_session, 1593 NX_PACKET *send_packet); 1594 UINT _nx_secure_tls_send_clienthello(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1595 UINT _nx_secure_tls_send_clienthello_extensions(NX_SECURE_TLS_SESSION *tls_session, 1596 UCHAR *packet_buffer, ULONG *packet_offset, 1597 ULONG *extensions_length, ULONG available_size); 1598 UINT _nx_secure_tls_send_client_key_exchange(NX_SECURE_TLS_SESSION *tls_session, 1599 NX_PACKET *send_packet); 1600 UINT _nx_secure_tls_send_finished(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1601 UINT _nx_secure_tls_send_handshake_record(NX_SECURE_TLS_SESSION *tls_session, 1602 NX_PACKET *send_packet, UCHAR handshake_type, 1603 ULONG wait_option); 1604 UINT _nx_secure_tls_send_hellorequest(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1605 UINT _nx_secure_tls_send_certificate_verify(NX_SECURE_TLS_SESSION *tls_session, 1606 NX_PACKET *send_packet); 1607 UINT _nx_secure_tls_send_record(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet, 1608 UCHAR record_type, ULONG wait_option); 1609 UINT _nx_secure_tls_send_server_key_exchange(NX_SECURE_TLS_SESSION *tls_session, 1610 NX_PACKET *send_packet); 1611 UINT _nx_secure_tls_send_serverhello(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1612 UINT _nx_secure_tls_send_serverhello_extensions(NX_SECURE_TLS_SESSION *tls_session, 1613 UCHAR *packet_buffer, ULONG *packet_offset, 1614 ULONG available_size); 1615 UINT _nx_secure_tls_server_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1616 NX_SECURE_X509_CERT *certificate, UINT cert_id); 1617 UINT _nx_secure_tls_server_certificate_find(NX_SECURE_TLS_SESSION *tls_session, 1618 NX_SECURE_X509_CERT **certificate, UINT cert_id); 1619 UINT _nx_secure_tls_server_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, UINT cert_id); 1620 UINT _nx_secure_tls_server_handshake(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1621 UINT data_length, ULONG wait_option); 1622 UINT _nx_secure_tls_session_iv_size_get(NX_SECURE_TLS_SESSION *tls_session, USHORT *iv_size); 1623 UINT _nx_secure_tls_session_keys_set(NX_SECURE_TLS_SESSION *tls_session, USHORT key_set); 1624 UINT _nx_secure_tls_session_receive_records(NX_SECURE_TLS_SESSION *tls_session, 1625 NX_PACKET **packet_ptr_ptr, ULONG wait_option); 1626 UINT _nx_secure_tls_verify_mac(NX_SECURE_TLS_SESSION *tls_session, UCHAR *header_data, 1627 USHORT header_length, NX_PACKET *packet_ptr, ULONG offset, UINT *length); 1628 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE 1629 UINT _nx_secure_tls_ecc_generate_keys(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, UCHAR tls_1_3, 1630 NX_SECURE_TLS_CRYPTO *tls_crypto_table, NX_SECURE_TLS_HANDSHAKE_HASH *tls_handshake_hash, 1631 NX_SECURE_TLS_ECC *tls_ecc_curves, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1632 NX_SECURE_TLS_CREDENTIALS *tls_credentials, UINT ecc_named_curve, USHORT sign_key, 1633 UCHAR *public_key, UINT *public_key_size, NX_SECURE_TLS_ECDHE_HANDSHAKE_DATA *ecc_data, 1634 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1635 VOID *public_auth_metadata, ULONG public_auth_metadata_size); 1636 UINT _nx_secure_tls_find_curve_method(NX_SECURE_TLS_ECC *tls_ecc, USHORT named_curve, 1637 const NX_CRYPTO_METHOD **curve_method, UINT *curve_priority); 1638 UINT _nx_secure_tls_proc_clienthello_sec_sa_extension(NX_SECURE_TLS_SESSION *tls_session, 1639 NX_SECURE_TLS_HELLO_EXTENSION *exts, 1640 UINT num_extensions, 1641 UINT *selected_curve, USHORT cert_curve, 1642 UINT *cert_curve_supported, 1643 USHORT *ecdhe_signature_algorithm, 1644 NX_SECURE_X509_CERT *cert); 1645 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */ 1646 1647 1648 /* Actual API functions .*/ 1649 UINT nx_secure_module_hash_compute(NX_CRYPTO_METHOD *hmac_ptr, 1650 UINT start_address, 1651 UINT end_address, 1652 UCHAR *key, UINT key_length, 1653 VOID *metadata, UINT metadata_size, 1654 UCHAR *output_buffer, UINT output_buffer_size, UINT *actual_size); 1655 UINT _nx_secure_tls_active_certificate_set(NX_SECURE_TLS_SESSION *tls_session, 1656 NX_SECURE_X509_CERT *certificate); 1657 VOID _nx_secure_tls_initialize(VOID); 1658 UINT _nx_secure_tls_shutdown(VOID); 1659 1660 UINT _nx_secure_tls_local_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1661 NX_SECURE_X509_CERT *certificate); 1662 UINT _nx_secure_tls_local_certificate_find(NX_SECURE_TLS_SESSION *tls_session, 1663 NX_SECURE_X509_CERT **certificate, UCHAR *common_name, UINT name_length); 1664 UINT _nx_secure_tls_local_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, 1665 UCHAR *common_name, UINT common_name_length); 1666 UINT _nx_secure_tls_metadata_size_calculate(const NX_SECURE_TLS_CRYPTO *crypto_table, 1667 ULONG *metadata_size); 1668 UINT _nx_secure_tls_remote_certificate_allocate(NX_SECURE_TLS_SESSION *tls_session, 1669 NX_SECURE_X509_CERT *certificate, 1670 UCHAR *raw_certificate_buffer, UINT buffer_size); 1671 UINT _nx_secure_tls_remote_certificate_buffer_allocate(NX_SECURE_TLS_SESSION *tls_session, 1672 UINT certs_number, VOID *certificate_buffer, ULONG buffer_size); 1673 UINT _nx_secure_tls_remote_certificate_free_all(NX_SECURE_TLS_SESSION *tls_session); 1674 UINT _nx_secure_tls_server_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1675 NX_SECURE_X509_CERT *certificate, UINT cert_id); 1676 UINT _nx_secure_tls_server_certificate_find(NX_SECURE_TLS_SESSION *tls_session, 1677 NX_SECURE_X509_CERT **certificate, UINT cert_id); 1678 UINT _nx_secure_tls_server_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, UINT cert_id); 1679 UINT _nx_secure_tls_session_alert_value_get(NX_SECURE_TLS_SESSION *tls_session, 1680 UINT *alert_level, UINT *alert_value); 1681 UINT _nx_secure_tls_session_certificate_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1682 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *session, 1683 NX_SECURE_X509_CERT *certificate)); 1684 UINT _nx_secure_tls_session_client_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1685 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *tls_session, 1686 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1687 UINT num_extensions)); 1688 UINT _nx_secure_tls_session_client_verify_disable(NX_SECURE_TLS_SESSION *tls_session); 1689 UINT _nx_secure_tls_session_client_verify_enable(NX_SECURE_TLS_SESSION *tls_session); 1690 UINT _nx_secure_tls_session_x509_client_verify_configure(NX_SECURE_TLS_SESSION *tls_session, UINT certs_number, 1691 VOID *certificate_buffer, ULONG buffer_size); 1692 UINT _nx_secure_tls_session_create(NX_SECURE_TLS_SESSION *session_ptr, 1693 const NX_SECURE_TLS_CRYPTO *cipher_table, 1694 VOID *metadata_area, 1695 ULONG metadata_size); 1696 1697 UINT _nx_secure_tls_session_create_ext(NX_SECURE_TLS_SESSION *tls_session, 1698 const NX_CRYPTO_METHOD **crypto_array, UINT crypto_array_size, 1699 const NX_CRYPTO_CIPHERSUITE **cipher_map, UINT cipher_map_size, 1700 VOID *metadata_buffer, 1701 ULONG metadata_size); 1702 1703 UINT _nx_secure_tls_session_delete(NX_SECURE_TLS_SESSION *tls_session); 1704 UINT _nx_secure_tls_session_end(NX_SECURE_TLS_SESSION *tls_session, UINT wait_option); 1705 UINT _nx_secure_tls_session_packet_buffer_set(NX_SECURE_TLS_SESSION *session_ptr, 1706 UCHAR *buffer_ptr, ULONG buffer_size); 1707 UINT _nx_secure_tls_session_packet_pool_set(NX_SECURE_TLS_SESSION *tls_session, 1708 NX_PACKET_POOL *packet_pool); 1709 UINT _nx_secure_tls_session_protocol_version_override(NX_SECURE_TLS_SESSION *tls_session, 1710 USHORT protocol_version); 1711 UINT _nx_secure_tls_session_receive(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET **packet_ptr_ptr, 1712 ULONG wait_option); 1713 UINT _nx_secure_tls_session_renegotiate(NX_SECURE_TLS_SESSION *tls_session, 1714 UINT wait_option); 1715 UINT _nx_secure_tls_session_renegotiate_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1716 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *session)); 1717 UINT _nx_secure_tls_session_reset(NX_SECURE_TLS_SESSION *tls_session); 1718 UINT _nx_secure_tls_session_send(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *packet_ptr, 1719 ULONG wait_option); 1720 UINT _nx_secure_tls_session_server_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1721 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *tls_session, 1722 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1723 UINT num_extensions)); 1724 UINT _nx_secure_tls_session_sni_extension_parse(NX_SECURE_TLS_SESSION *tls_session, 1725 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1726 UINT num_extensions, NX_SECURE_X509_DNS_NAME *dns_name); 1727 UINT _nx_secure_tls_session_sni_extension_set(NX_SECURE_TLS_SESSION *tls_session, 1728 NX_SECURE_X509_DNS_NAME *dns_name); 1729 UINT _nx_secure_tls_session_start(NX_SECURE_TLS_SESSION *tls_session, NX_TCP_SOCKET *tcp_socket, 1730 UINT wait_option); 1731 UINT _nx_secure_tls_session_time_function_set(NX_SECURE_TLS_SESSION *tls_session, 1732 ULONG (*time_func_ptr)(void)); 1733 UINT _nx_secure_tls_trusted_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1734 NX_SECURE_X509_CERT *certificate); 1735 UINT _nx_secure_tls_trusted_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, 1736 UCHAR *common_name, UINT common_name_length); 1737 UINT _nx_secure_tls_packet_allocate(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET_POOL *pool_ptr, 1738 NX_PACKET **packet_ptr, ULONG wait_option); 1739 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) 1740 UINT _nx_secure_tls_psk_add(NX_SECURE_TLS_SESSION *tls_session, UCHAR *pre_shared_key, UINT psk_length, 1741 UCHAR *psk_identity, UINT identity_length, UCHAR *hint, UINT hint_length); 1742 UINT _nx_secure_tls_psk_find(NX_SECURE_TLS_CREDENTIALS *tls_credentials, UCHAR **psk_data, UINT *psk_length, 1743 UCHAR *psk_identity_hint, UINT identity_length, UINT *psk_store_index); 1744 UINT _nx_secure_tls_client_psk_set(NX_SECURE_TLS_SESSION *tls_session, UCHAR *pre_shared_key, UINT psk_length, 1745 UCHAR *psk_identity, UINT identity_length, UCHAR *hint, UINT hint_length); 1746 #endif 1747 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) && defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) 1748 UINT _nx_secure_tls_psk_identity_find(NX_SECURE_TLS_SESSION *tls_session, UCHAR **psk_data, UINT *psk_length, 1749 UCHAR *psk_identity, UINT identity_length, UINT *psk_store_index); 1750 #endif 1751 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE 1752 UINT _nx_secure_tls_ecc_initialize(NX_SECURE_TLS_SESSION *tls_session, 1753 const USHORT *supported_groups, USHORT supported_group_count, 1754 const NX_CRYPTO_METHOD **curves); 1755 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */ 1756 1757 /* Functions for error checking .*/ 1758 UINT _nxe_secure_tls_active_certificate_set(NX_SECURE_TLS_SESSION *tls_session, 1759 NX_SECURE_X509_CERT *certificate); 1760 UINT _nxe_secure_tls_local_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1761 NX_SECURE_X509_CERT *certificate); 1762 UINT _nxe_secure_tls_local_certificate_find(NX_SECURE_TLS_SESSION *tls_session, 1763 NX_SECURE_X509_CERT **certificate, UCHAR *common_name, 1764 UINT name_length); 1765 UINT _nxe_secure_tls_local_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, 1766 UCHAR *common_name, UINT common_name_length); 1767 UINT _nxe_secure_tls_metadata_size_calculate(const NX_SECURE_TLS_CRYPTO *crypto_table, 1768 ULONG *metadata_size); 1769 UINT _nxe_secure_tls_remote_certificate_allocate(NX_SECURE_TLS_SESSION *tls_session, 1770 NX_SECURE_X509_CERT *certificate, 1771 UCHAR *raw_certificate_buffer, UINT buffer_size); 1772 UINT _nxe_secure_tls_remote_certificate_buffer_allocate(NX_SECURE_TLS_SESSION *tls_session, 1773 UINT certs_number, VOID *certificate_buffer, ULONG buffer_size); 1774 UINT _nxe_secure_tls_remote_certificate_free_all(NX_SECURE_TLS_SESSION *tls_session); 1775 UINT _nxe_secure_tls_server_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1776 NX_SECURE_X509_CERT *certificate, UINT cert_id); 1777 UINT _nxe_secure_tls_server_certificate_find(NX_SECURE_TLS_SESSION *tls_session, 1778 NX_SECURE_X509_CERT **certificate, UINT cert_id); 1779 UINT _nxe_secure_tls_server_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, UINT cert_id); 1780 UINT _nxe_secure_tls_session_alert_value_get(NX_SECURE_TLS_SESSION *tls_session, 1781 UINT *alert_level, UINT *alert_value); 1782 UINT _nxe_secure_tls_session_certificate_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1783 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *session, 1784 NX_SECURE_X509_CERT *certificate)); 1785 UINT _nxe_secure_tls_session_client_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1786 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *tls_session, 1787 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1788 UINT num_extensions)); 1789 UINT _nxe_secure_tls_session_client_verify_disable(NX_SECURE_TLS_SESSION *tls_session); 1790 UINT _nxe_secure_tls_session_client_verify_enable(NX_SECURE_TLS_SESSION *tls_session); 1791 UINT _nxe_secure_tls_session_x509_client_verify_configure(NX_SECURE_TLS_SESSION *tls_session, UINT certs_number, 1792 VOID *certificate_buffer, ULONG buffer_size); 1793 UINT _nxe_secure_tls_session_create(NX_SECURE_TLS_SESSION *session_ptr, 1794 const NX_SECURE_TLS_CRYPTO *cipher_table, 1795 VOID *metadata_area, 1796 ULONG metadata_size); 1797 UINT _nxe_secure_tls_session_delete(NX_SECURE_TLS_SESSION *tls_session); 1798 UINT _nxe_secure_tls_session_end(NX_SECURE_TLS_SESSION *tls_session, UINT wait_option); 1799 UINT _nxe_secure_tls_session_packet_buffer_set(NX_SECURE_TLS_SESSION *session_ptr, 1800 UCHAR *buffer_ptr, ULONG buffer_size); 1801 UINT _nxe_secure_tls_session_packet_pool_set(NX_SECURE_TLS_SESSION *tls_session, 1802 NX_PACKET_POOL *packet_pool); 1803 UINT _nxe_secure_tls_session_protocol_version_override(NX_SECURE_TLS_SESSION *tls_session, 1804 USHORT protocol_version); 1805 UINT _nxe_secure_tls_session_receive(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET **packet_ptr_ptr, 1806 ULONG wait_option); 1807 UINT _nxe_secure_tls_session_renegotiate(NX_SECURE_TLS_SESSION *tls_session, 1808 UINT wait_option); 1809 UINT _nxe_secure_tls_session_renegotiate_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1810 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *session)); 1811 UINT _nxe_secure_tls_session_reset(NX_SECURE_TLS_SESSION *tls_session); 1812 UINT _nxe_secure_tls_session_send(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *packet_ptr, 1813 ULONG wait_option); 1814 UINT _nxe_secure_tls_session_server_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1815 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *tls_session, 1816 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1817 UINT num_extensions)); 1818 UINT _nxe_secure_tls_session_sni_extension_parse(NX_SECURE_TLS_SESSION *tls_session, 1819 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1820 UINT num_extensions, NX_SECURE_X509_DNS_NAME *dns_name); 1821 UINT _nxe_secure_tls_session_sni_extension_set(NX_SECURE_TLS_SESSION *tls_session, 1822 NX_SECURE_X509_DNS_NAME *dns_name); 1823 UINT _nxe_secure_tls_session_start(NX_SECURE_TLS_SESSION *tls_session, NX_TCP_SOCKET *tcp_socket, 1824 UINT wait_option); 1825 UINT _nxe_secure_tls_session_time_function_set(NX_SECURE_TLS_SESSION *tls_session, 1826 ULONG (*time_func_ptr)(void)); 1827 UINT _nxe_secure_tls_trusted_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1828 NX_SECURE_X509_CERT *certificate); 1829 UINT _nxe_secure_tls_trusted_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, 1830 UCHAR *common_name, UINT common_name_length); 1831 UINT _nxe_secure_tls_packet_allocate(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET_POOL *pool_ptr, 1832 NX_PACKET **packet_ptr, ULONG wait_option); 1833 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) 1834 UINT _nxe_secure_tls_psk_add(NX_SECURE_TLS_SESSION *tls_session, UCHAR *pre_shared_key, UINT psk_length, 1835 UCHAR *psk_identity, UINT identity_length, UCHAR *hint, UINT hint_length); 1836 UINT _nxe_secure_tls_psk_find(NX_SECURE_TLS_SESSION *tls_session, UCHAR **psk_data, UINT *psk_length, 1837 UCHAR *psk_identity, UINT identity_length); 1838 UINT _nxe_secure_tls_client_psk_set(NX_SECURE_TLS_SESSION *tls_session, UCHAR *pre_shared_key, UINT psk_length, 1839 UCHAR *psk_identity, UINT identity_length, UCHAR *hint, UINT hint_length); 1840 #endif 1841 1842 UINT _nx_secure_process_server_key_exchange(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, NX_SECURE_TLS_CRYPTO *tls_crypto_table, 1843 USHORT protocol_version, UCHAR *packet_buffer, UINT message_length, 1844 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1845 NX_SECURE_TLS_HANDSHAKE_HASH *tls_handshake_hash, 1846 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1847 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1848 UINT _nx_secure_process_client_key_exchange(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1849 UCHAR *packet_buffer, UINT message_length, USHORT *received_remote_credentials, 1850 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1851 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1852 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1853 UINT _nx_secure_generate_premaster_secret(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1854 NX_SECURE_TLS_CREDENTIALS *tls_credentials, UINT session_type, USHORT *received_remote_credentials, 1855 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, VOID *tls_ecc_curves); 1856 UINT _nx_secure_generate_client_key_exchange(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, 1857 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1858 UCHAR *data_buffer, ULONG buffer_length, ULONG *output_size, 1859 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1860 VOID *public_auth_metadata, ULONG public_auth_metadata_size); 1861 UINT _nx_secure_generate_server_key_exchange(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, UCHAR tls_1_3, 1862 NX_SECURE_TLS_CRYPTO *tls_crypto_table, NX_SECURE_TLS_HANDSHAKE_HASH *tls_handshake_hash, 1863 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1864 UCHAR *data_buffer, ULONG buffer_length, ULONG *output_size, 1865 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1866 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1867 UINT _nx_secure_generate_master_secret(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1868 const NX_CRYPTO_METHOD *session_prf_method, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1869 UCHAR *pre_master_sec, UINT pre_master_sec_size, UCHAR *master_sec, 1870 VOID *prf_metadata, ULONG prf_metadata_size); 1871 UINT _nx_secure_generate_session_keys(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1872 const NX_CRYPTO_METHOD *session_prf_method, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1873 UCHAR *master_sec, VOID *prf_metadata, ULONG prf_metadata_size); 1874 UINT _nx_secure_session_keys_set(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1875 UINT key_material_data_size, UINT is_client, UCHAR *session_cipher_initialized, 1876 VOID *session_cipher_metadata, VOID **session_cipher_handler, ULONG session_cipher_metadata_size); 1877 UINT _nx_secure_verify_mac(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, UCHAR *mac_secret, ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1878 UCHAR *header_data, USHORT header_length, NX_PACKET *packet_ptr, ULONG offset, UINT *length, 1879 VOID *hash_mac_metadata, ULONG hash_mac_metadata_size); 1880 UINT _nx_secure_remote_certificate_verify(NX_SECURE_X509_CERTIFICATE_STORE *store, 1881 NX_SECURE_X509_CERT *certificate, ULONG current_time); 1882 UINT _nx_secure_trusted_certificate_add(NX_SECURE_X509_CERTIFICATE_STORE *store, 1883 NX_SECURE_X509_CERT *certificate); 1884 #ifdef NX_SECURE_CUSTOM_SECRET_GENERATION 1885 UINT nx_secure_custom_secret_generation_init(NX_SECURE_TLS_SESSION *tls_session); 1886 #endif 1887 1888 /* TLS component data declarations follow. */ 1889 1890 /* Determine if the initialization function of this component is including 1891 this file. If so, make the data definitions really happen. Otherwise, 1892 make them extern so other functions in the component can access them. */ 1893 1894 #ifdef NX_SECURE_TLS_INIT 1895 #define TLS_DECLARE 1896 #else 1897 #define TLS_DECLARE extern 1898 #endif 1899 1900 1901 /* Define the head pointer of the created TLS list. */ 1902 TLS_DECLARE NX_SECURE_TLS_SESSION *_nx_secure_tls_created_ptr; 1903 TLS_DECLARE ULONG _nx_secure_tls_created_count; 1904 TLS_DECLARE TX_MUTEX _nx_secure_tls_protection; 1905 1906 #ifdef __cplusplus 1907 } 1908 #endif 1909 1910 #endif /* SRC_NX_SECURE_TLS_H_ */ 1911 1912
