1 /*************************************************************************** 2 * Copyright (c) 2024 Microsoft Corporation 3 * 4 * This program and the accompanying materials are made available under the 5 * terms of the MIT License which is available at 6 * https://opensource.org/licenses/MIT. 7 * 8 * SPDX-License-Identifier: MIT 9 **************************************************************************/ 10 11 12 /**************************************************************************/ 13 /**************************************************************************/ 14 /** */ 15 /** NetX Secure Component */ 16 /** */ 17 /** Transport Layer Security (TLS) */ 18 /** */ 19 /**************************************************************************/ 20 /**************************************************************************/ 21 22 23 /**************************************************************************/ 24 /* */ 25 /* COMPONENT DEFINITION RELEASE */ 26 /* */ 27 /* nx_secure_tls.h PORTABLE C */ 28 /* 6.4.1 */ 29 /* AUTHOR */ 30 /* */ 31 /* Timothy Stapko, Microsoft Corporation */ 32 /* */ 33 /* DESCRIPTION */ 34 /* */ 35 /* This file defines all service prototypes and data structure */ 36 /* definitions for TLS implementation. */ 37 /* */ 38 /* RELEASE HISTORY */ 39 /* */ 40 /* DATE NAME DESCRIPTION */ 41 /* */ 42 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */ 43 /* 09-30-2020 Timothy Stapko Modified comment(s), and */ 44 /* fixed race condition for */ 45 /* multithread transmission, */ 46 /* supported chained packet, */ 47 /* priority ciphersuite and ECC*/ 48 /* curve logic, updated product*/ 49 /* constants, fixed compiler */ 50 /* warning, fixed renegotiation*/ 51 /* bug, fixed certificate */ 52 /* buffer allocation, */ 53 /* resulting in version 6.1 */ 54 /* 12-31-2020 Timothy Stapko Modified comment(s), */ 55 /* updated product constants, */ 56 /* improved buffer length */ 57 /* verification, */ 58 /* resulting in version 6.1.3 */ 59 /* 02-02-2021 Timothy Stapko Modified comment(s), added */ 60 /* support for fragmented TLS */ 61 /* Handshake messages, */ 62 /* resulting in version 6.1.4 */ 63 /* 03-02-2021 Yuxin Zhou Modified comment(s), and */ 64 /* updated product constants, */ 65 /* resulting in version 6.1.5 */ 66 /* 04-02-2021 Yuxin Zhou Modified comment(s), and */ 67 /* updated product constants, */ 68 /* resulting in version 6.1.6 */ 69 /* 06-02-2021 Yuxin Zhou Modified comment(s), and */ 70 /* updated product constants, */ 71 /* resulting in version 6.1.7 */ 72 /* 08-02-2021 Timothy Stapko Modified comment(s), added */ 73 /* hash clone and cleanup, */ 74 /* added state to cleanup */ 75 /* session cipher, */ 76 /* resulting in version 6.1.8 */ 77 /* 10-15-2021 Timothy Stapko Modified comment(s), added */ 78 /* support to disable client */ 79 /* initiated renegotiation, */ 80 /* resulting in version 6.1.9 */ 81 /* 01-31-2022 Yuxin Zhou Modified comment(s), and */ 82 /* updated product constants, */ 83 /* resulting in version 6.1.10 */ 84 /* 04-25-2022 Yuxin Zhou Modified comment(s), and */ 85 /* enabled AEAD for TLS 1.3, */ 86 /* resulting in version 6.1.11 */ 87 /* 07-29-2022 Yuxin Zhou Modified comment(s), and */ 88 /* updated product constants, */ 89 /* fixed compiler errors when */ 90 /* TX_SAFETY_CRITICAL is */ 91 /* enabled, increased default */ 92 /* pre-master sec size for PSK,*/ 93 /* updated alert message for */ 94 /* downgrade protection, */ 95 /* resulting in version 6.1.12 */ 96 /* 10-31-2022 Yanwu Cai Modified comment(s), and added*/ 97 /* custom secret generation, */ 98 /* fixed renegotiation when */ 99 /* receiving in non-block mode,*/ 100 /* added function to set packet*/ 101 /* pool, */ 102 /* resulting in version 6.2.0 */ 103 /* 10-31-2022 Bo Chen Modified comment(s), and */ 104 /* updated product constants, */ 105 /* resulting in version 6.3.0 */ 106 /* 12-31-2022 Bo Chen Modified comment(s), and */ 107 /* updated product constants, */ 108 /* resulting in version 6.4.0 */ 109 /* 03-01-2024 Tiejun Zhou Modified comment(s), */ 110 /* update version number, */ 111 /* resulting in version 6.4.1 */ 112 /* */ 113 /**************************************************************************/ 114 115 #ifndef SRC_NX_SECURE_TLS_H_ 116 #define SRC_NX_SECURE_TLS_H_ 117 118 /* Determine if a C++ compiler is being used. If so, ensure that standard 119 C is used to process the API information. */ 120 #ifdef __cplusplus 121 122 /* Yes, C++ compiler is present. Use standard C. */ 123 extern "C" { 124 125 #endif 126 127 #ifdef ECLIPSE_TEST 128 #define __REV16(x) x 129 #endif 130 131 /* Include the ThreadX and port-specific data type file. */ 132 #include "tx_port.h" 133 134 #ifdef NX_SECURE_SOURCE_CODE 135 #ifndef TX_SAFETY_CRITICAL 136 #ifndef TX_DISABLE_ERROR_CHECKING 137 #define TX_DISABLE_ERROR_CHECKING 138 #endif 139 #endif 140 #ifndef NX_DISABLE_ERROR_CHECKING 141 #define NX_DISABLE_ERROR_CHECKING 142 #endif 143 #endif 144 145 #include "nx_api.h" 146 #include "nx_secure_port.h" 147 #include "nx_crypto.h" 148 149 /* Enable ECC by default. */ 150 #ifndef NX_SECURE_DISABLE_ECC_CIPHERSUITE 151 #ifndef NX_SECURE_ENABLE_ECC_CIPHERSUITE 152 #define NX_SECURE_ENABLE_ECC_CIPHERSUITE 153 #endif 154 #else 155 #undef NX_SECURE_ENABLE_ECC_CIPHERSUITE 156 #endif 157 158 #include "nx_secure_x509.h" 159 160 #if defined(NX_SECURE_TLS_ENABLE_TLS_1_3) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) 161 #ifndef NX_SECURE_ENABLE_AEAD_CIPHER 162 #define NX_SECURE_ENABLE_AEAD_CIPHER 163 #endif /* NX_SECURE_ENABLE_AEAD_CIPHER */ 164 #endif 165 #ifndef NX_SECURE_AEAD_CIPHER_CHECK 166 #define NX_SECURE_AEAD_CIPHER_CHECK(a) NX_FALSE 167 #endif /* NX_SECURE_AEAD_CIPHER_CHECK */ 168 169 /* ID is used to determine if a TLS session has been initialized. */ 170 #define NX_SECURE_TLS_ID ((ULONG)0x544c5320) 171 172 #define AZURE_RTOS_NETX_SECURE 173 #define NETX_SECURE_MAJOR_VERSION 6 174 #define NETX_SECURE_MINOR_VERSION 4 175 #define NETX_SECURE_PATCH_VERSION 1 176 177 /* The following symbols are defined for backward compatibility reasons. */ 178 #define EL_PRODUCT_NETX_SECURE 179 #define __PRODUCT_NETX_SECURE__ 180 #define __NETX_SECURE_MAJOR_VERSION__ NETX_SECURE_MAJOR_VERSION 181 #define __NETX_SECURE_MINOR_VERSION__ NETX_SECURE_MINOR_VERSION 182 #define __NETX_SECURE_SERVICE_PACK_VERSION__ NETX_SECURE_PATCH_VERSION 183 #define NETX_SECURE_SERVICE_PACK_VERSION NETX_SECURE_PATCH_VERSION 184 185 /* Define memcpy, memset and memcmp functions used internal. */ 186 #ifndef NX_SECURE_MEMCPY 187 #define NX_SECURE_MEMCPY memcpy 188 #endif /* NX_SECURE_MEMCPY */ 189 190 #ifndef NX_SECURE_MEMCMP 191 #define NX_SECURE_MEMCMP memcmp 192 #endif /* NX_SECURE_MEMCMP */ 193 194 #ifndef NX_SECURE_MEMSET 195 #define NX_SECURE_MEMSET memset 196 #endif /* NX_SECURE_MEMSET */ 197 198 #ifndef NX_SECURE_MEMMOVE 199 #define NX_SECURE_MEMMOVE memmove 200 #endif /* NX_SECURE_MEMMOVE */ 201 202 #ifndef NX_SECURE_HASH_METADATA_CLONE 203 #define NX_SECURE_HASH_METADATA_CLONE NX_SECURE_MEMCPY 204 #endif /* NX_SECURE_HASH_METADATA_CLONE */ 205 206 #ifndef NX_SECURE_HASH_CLONE_CLEANUP 207 #define NX_SECURE_HASH_CLONE_CLEANUP(x, y) 208 #endif /* NX_SECURE_HASH_CLONE_CLEANUP */ 209 210 /* Map NX_SECURE_CALLER_CHECKING_EXTERNS to NX_CALLER_CHECKING_EXTERNS, which is defined 211 in nx_port.h.*/ 212 213 #define NX_SECURE_CALLER_CHECKING_EXTERNS NX_CALLER_CHECKING_EXTERNS 214 215 /* Configuration macros - define these to disable TLS client or server. 216 #define NX_SECURE_TLS_SERVER_DISABLED 217 #define NX_SECURE_TLS_CLIENT_DISABLED 218 */ 219 220 /* Configuration macro: allow self-signed certificates to be used to identify a remote host. */ 221 /* #define NX_SECURE_ALLOW_SELF_SIGNED_CERTIFICATES */ 222 223 /* Configuration macro: disable secure session renegotiation extension (RFC 5746). 224 #define NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION 225 */ 226 /* Configuration macro: terminate the connection immediately upon failure to receive the 227 secure renegotiation extension during the initial handshake. 228 #define NX_SECURE_TLS_REQUIRE_RENEGOTIATION_EXT 229 */ 230 231 /* API return values. */ 232 233 #define NX_SECURE_TLS_SUCCESS 0x00 /* Function returned successfully. */ 234 #define NX_SECURE_TLS_SESSION_UNINITIALIZED 0x101 /* TLS main loop called with uninitialized socket. */ 235 #define NX_SECURE_TLS_UNRECOGNIZED_MESSAGE_TYPE 0x102 /* TLS record layer received an unrecognized message type. */ 236 #define NX_SECURE_TLS_INVALID_STATE 0x103 /* Internal error - state not recognized. */ 237 #define NX_SECURE_TLS_INVALID_PACKET 0x104 /* Internal error - received packet did not contain TLS data. */ 238 #define NX_SECURE_TLS_UNKNOWN_CIPHERSUITE 0x105 /* The chosen ciphersuite is not supported - internal error for server, 239 for client it means the remote host sent a bad ciphersuite (error or attack). */ 240 #define NX_SECURE_TLS_UNSUPPORTED_CIPHER 0x106 /* In doing an encryption or decryption, the chosen cipher is disabled or unavailable. */ 241 #define NX_SECURE_TLS_HANDSHAKE_FAILURE 0x107 /* Something in message processing during the handshake has failed. */ 242 #define NX_SECURE_TLS_HASH_MAC_VERIFY_FAILURE 0x108 /* An incoming record had a MAC that did not match the one we generated. */ 243 #define NX_SECURE_TLS_TCP_SEND_FAILED 0x109 /* The outgoing TCP send of a record failed for some reason. */ 244 #define NX_SECURE_TLS_INCORRECT_MESSAGE_LENGTH 0x10A /* An incoming message had a length that was incorrect (usually a length other 245 than one in the header, as in certificate messages) */ 246 #define NX_SECURE_TLS_BAD_CIPHERSPEC 0x10B /* An incoming ChangeCipherSpec message was incorrect. */ 247 #define NX_SECURE_TLS_INVALID_SERVER_CERT 0x10C /* An incoming server certificate did not parse correctly. */ 248 #define NX_SECURE_TLS_UNSUPPORTED_PUBLIC_CIPHER 0x10D /* A certificate provided by a server specified a public-key operation we do not support. */ 249 #define NX_SECURE_TLS_NO_SUPPORTED_CIPHERS 0x10E /* Received a ClientHello with no supported ciphersuites. */ 250 #define NX_SECURE_TLS_UNKNOWN_TLS_VERSION 0x10F /* An incoming record had a TLS version that isn't recognized. */ 251 #define NX_SECURE_TLS_UNSUPPORTED_TLS_VERSION 0x110 /* An incoming record had a valid TLS version, but one that isn't supported. */ 252 #define NX_SECURE_TLS_ALLOCATE_PACKET_FAILED 0x111 /* An internal packet allocation for a TLS message failed. */ 253 #define NX_SECURE_TLS_INVALID_CERTIFICATE 0x112 /* An X509 certificate did not parse correctly. */ 254 #define NX_SECURE_TLS_NO_CLOSE_RESPONSE 0x113 /* During a TLS session close, did not receive a CloseNotify from the remote host. */ 255 #define NX_SECURE_TLS_ALERT_RECEIVED 0x114 /* The remote host sent an alert, indicating an error and closing the connection. */ 256 #define NX_SECURE_TLS_FINISHED_HASH_FAILURE 0x115 /* The Finish message hash received does not match the local generated hash - handshake corruption. */ 257 #define NX_SECURE_TLS_UNKNOWN_CERT_SIG_ALGORITHM 0x116 /* A certificate during verification had an unsupported signature algorithm. */ 258 #define NX_SECURE_TLS_CERTIFICATE_SIG_CHECK_FAILED 0x117 /* A certificate signature verification check failed - certificate data did not match signature. */ 259 #define NX_SECURE_TLS_BAD_COMPRESSION_METHOD 0x118 /* Received a Hello message with an unsupported compression method. */ 260 #define NX_SECURE_TLS_CERTIFICATE_NOT_FOUND 0x119 /* In an operation on a certificate list, no matching certificate was found. */ 261 #define NX_SECURE_TLS_INVALID_SELF_SIGNED_CERT 0x11A /* The remote host sent a self-signed certificate and NX_SECURE_ALLOW_SELF_SIGNED_CERTIFICATES is not defined. */ 262 #define NX_SECURE_TLS_ISSUER_CERTIFICATE_NOT_FOUND 0x11B /* A remote certificate was received with an issuer not in the local trusted store. */ 263 #define NX_SECURE_TLS_OUT_OF_ORDER_MESSAGE 0x11C /* A DTLS message was received in the wrong order - a dropped datagram is the likely culprit. */ 264 #define NX_SECURE_TLS_INVALID_REMOTE_HOST 0x11D /* A packet was received from a remote host that we do not recognize. */ 265 #define NX_SECURE_TLS_INVALID_EPOCH 0x11E /* A DTLS message was received and matched to a DTLS session but it had the wrong epoch and should be ignored. */ 266 #define NX_SECURE_TLS_REPEAT_MESSAGE_RECEIVED 0x11F /* A DTLS message was received with a sequence number we have already seen, ignore it. */ 267 #define NX_SECURE_TLS_NEED_DTLS_SESSION 0x120 /* A TLS session was used in a DTLS API that was not initialized for DTLS. */ 268 #define NX_SECURE_TLS_NEED_TLS_SESSION 0x121 /* A TLS session was used in a TLS API that was initialized for DTLS and not TLS. */ 269 #define NX_SECURE_TLS_SEND_ADDRESS_MISMATCH 0x122 /* Caller attempted to send data over a DTLS session with an IP address or port that did not match the session. */ 270 #define NX_SECURE_TLS_NO_FREE_DTLS_SESSIONS 0x123 /* A new connection tried to get a DTLS session from the cache, but there were none free. */ 271 #define NX_SECURE_DTLS_SESSION_NOT_FOUND 0x124 /* The caller searched for a DTLS session, but the given IP address and port did not match any entries in the cache. */ 272 #define NX_SECURE_TLS_NO_MORE_PSK_SPACE 0x125 /* The caller attempted to add a PSK to a TLS session but there was no more space in the given session. */ 273 #define NX_SECURE_TLS_NO_MATCHING_PSK 0x126 /* A remote host provided a PSK identity hint that did not match any in our local store. */ 274 #define NX_SECURE_TLS_CLOSE_NOTIFY_RECEIVED 0x127 /* A TLS session received a CloseNotify alert from the remote host indicating the session is complete. */ 275 #define NX_SECURE_TLS_NO_AVAILABLE_SESSIONS 0x128 /* No TLS sessions in a TLS object are available to handle a connection. */ 276 #define NX_SECURE_TLS_NO_CERT_SPACE_ALLOCATED 0x129 /* No certificate space was allocated for incoming remote certificates. */ 277 #define NX_SECURE_TLS_PADDING_CHECK_FAILED 0x12A /* Encryption padding in an incoming message was not correct. */ 278 #define NX_SECURE_TLS_UNSUPPORTED_CERT_SIGN_TYPE 0x12B /* In processing a CertificateVerifyRequest, no supported certificate type was provided by the remote server. */ 279 #define NX_SECURE_TLS_UNSUPPORTED_CERT_SIGN_ALG 0x12C /* In processing a CertificateVerifyRequest, no supported signature algorithm was provided by the remote server. */ 280 #define NX_SECURE_TLS_INSUFFICIENT_CERT_SPACE 0x12D /* Not enough certificate buffer space allocated for a certificate. */ 281 #define NX_SECURE_TLS_PROTOCOL_VERSION_CHANGED 0x12E /* The protocol version in an incoming TLS record did not match the version of the established session. */ 282 #define NX_SECURE_TLS_NO_RENEGOTIATION_ERROR 0x12F /* A HelloRequest message was received, but we are not re-negotiating. */ 283 #define NX_SECURE_TLS_UNSUPPORTED_FEATURE 0x130 /* A feature that was disabled was encountered during a TLS session or handshake. */ 284 #define NX_SECURE_TLS_CERTIFICATE_VERIFY_FAILURE 0x131 /* A CertificateVerify message from a remote Client failed to verify the Client certificate. */ 285 #define NX_SECURE_TLS_EMPTY_REMOTE_CERTIFICATE_RECEIVED 0x132 /* The remote host sent an empty certificate message. */ 286 #define NX_SECURE_TLS_RENEGOTIATION_EXTENSION_ERROR 0x133 /* An error occurred in processing or sending the Secure Renegotiation Indication Extension. */ 287 #define NX_SECURE_TLS_RENEGOTIATION_SESSION_INACTIVE 0x134 /* A server attempted to re-establish a connection that was already closed. */ 288 #define NX_SECURE_TLS_PACKET_BUFFER_TOO_SMALL 0x135 /* A TLS record was received which has a size that exceeds the allocated packet buffer space. */ 289 #define NX_SECURE_TLS_EXTENSION_NOT_FOUND 0x136 /* A TLS extension parsing function did not find the intended extension in the hello extension data. */ 290 #define NX_SECURE_TLS_SNI_EXTENSION_INVALID 0x137 /* Received a ClientHello containing invalid SNI extension data. */ 291 #define NX_SECURE_TLS_CERT_ID_INVALID 0x138 /* Tried to add a certificate with a numeric ID that was invalid (likely 0). */ 292 #define NX_SECURE_TLS_CERT_ID_DUPLICATE 0x139 /* Tried to add a certificate with a numeric ID that was already used - needs to be unique. */ 293 #define NX_SECURE_TLS_RENEGOTIATION_FAILURE 0x13A /* Attempted a renegotiation with a remote host that did not supply the SCSV or renegotiation extension. */ 294 #define NX_SECURE_TLS_MISSING_CRYPTO_ROUTINE 0x13B /* In attempting to perform a cryptographic operation, an entry in the ciphersuite table (or one of its function pointers) was NULL. */ 295 #define NX_SECURE_TLS_EMPTY_EC_GROUP 0x13C /* ECC ciphersuite is set but no supported EC group. */ 296 #define NX_SECURE_TLS_EMPTY_EC_POINT_FORMAT 0x13D /* ECC ciphersuite is set but no supported EC point format. */ 297 #define NX_SECURE_TLS_BAD_SERVERHELLO_KEYSHARE 0x13E /* In a TLS 1.3 KeyShare extension from a remote server, the server provided something we didn't expect. */ 298 #define NX_SECURE_TLS_INSUFFICIENT_METADATA_SPACE 0x13F /* The application-supplied "metadata" for TLS cryptographic routines was too small. */ 299 #define NX_SECURE_TLS_POST_HANDSHAKE_RECEIVED 0x140 /* Not an error, but an indication to continue processing until application data is received. */ 300 #define NX_SECURE_TLS_BAD_CLIENTHELLO_KEYSHARE 0x141 /* In a TLS 1.3 KeyShare extension from a remote client, the client provided something we didn't expect. */ 301 #define NX_SECURE_TLS_1_3_UNKNOWN_CIPHERSUITE 0x142 /* Received unknown ciphersuite when using TLS 1.3. */ 302 #define NX_SECURE_TLS_INVALID_SESSION_TICKET 0x143 /* Received a NewSessionTicket message with improper or invalid parameters. */ 303 #define NX_SECURE_TLS_MISSING_EXTENSION 0x144 /* Specific extension is missed in the message. */ 304 #define NX_SECURE_TLS_CERTIFICATE_REQUIRED 0x145 /* Server receive empty certificate. */ 305 #define NX_SECURE_TLS_UNEXPECTED_CLIENTHELLO 0x146 /* TLS 1.3 Server receive ClientHello for renegotiation. */ 306 #define NX_SECURE_TLS_INAPPROPRIATE_FALLBACK 0x147 /* Remote Client attempted an inappropriate TLS version downgrade. */ 307 #define NX_SECURE_TLS_BAD_CLIENTHELLO_PSK_EXTENSION 0x148 /* In a TLS 1.3 PSK extension from a remote client, the client provided something we didn't expect. */ 308 #define NX_SECURE_TLS_PSK_BINDER_MISMATCH 0x149 /* In a TLS 1.3 PSK extension from a remote client, the client provided a bad PSK binder value. */ 309 #define NX_SECURE_TLS_CRYPTO_KEYS_TOO_LARGE 0x14A /* In attempting to generate TLS session keys, the key buffer was too small - increase NX_SECURE_TLS_KEY_MATERIAL_SIZE. */ 310 #define NX_SECURE_TLS_UNSUPPORTED_ECC_CURVE 0x14B /* The remote host provided a certificate or chose a ciphersuite with an ECC curve that isn't supported. */ 311 #define NX_SECURE_TLS_UNSUPPORTED_ECC_FORMAT 0x14C /* Encountered a curve type or ECC format that is not supported. */ 312 #define NX_SECURE_TLS_UNSUPPORTED_SIGNATURE_ALGORITHM 0x14D /* An unsupported signature algorithm was encountered (used in key exchange or other non-certificate situations). */ 313 #define NX_SECURE_TLS_SIGNATURE_VERIFICATION_ERROR 0x14E /* A signature verification check failed (used in key exchange or other non-cert situations). */ 314 #define NX_SECURE_TLS_UNEXPECTED_MESSAGE 0x14F /* TLS received an unexpected message from the remote host. */ 315 #define NX_SECURE_TLS_AEAD_DECRYPT_FAIL 0x150 /* An incoming record did not pass integrity check with AEAD ciphers. */ 316 #define NX_SECURE_TLS_RECORD_OVERFLOW 0x151 /* Received a TLSCiphertext record that had a length too long. */ 317 #define NX_SECURE_TLS_HANDSHAKE_FRAGMENT_RECEIVED 0x152 /* Received a fragmented handshake message - take appropriate action at a higher level of the state machine. */ 318 #define NX_SECURE_TLS_TRANSMIT_LOCKED 0x153 /* Another thread is transmitting. */ 319 #define NX_SECURE_TLS_DOWNGRADE_DETECTED 0x154 /* Detected an inappropriate TLS version downgrade by TLS 1.3 client. */ 320 321 /* NX_CONTINUE is a symbol defined in NetX Duo 5.10. For backward compatibility, this symbol is defined here */ 322 #if ((__NETXDUO_MAJOR_VERSION__ == 5) && (__NETXDUO_MINOR_VERSION__ == 9)) 323 #define NX_CONTINUE 0x55 324 #endif 325 326 #ifdef NX_SECURE_TLS_SERVER_DISABLED 327 #ifdef NX_SECURE_TLS_CLIENT_DISABLED 328 #error "Must enable either TLS Client or TLS Server!" 329 #endif 330 #endif 331 332 /* Define TLS and DTLS identity */ 333 #define NX_SECURE_TLS 0 334 #define NX_SECURE_DTLS 1 335 336 /* For proper handshake processing, we save off what type of socket we have. 337 * These values represent the possible types. */ 338 #define NX_SECURE_TLS_SESSION_TYPE_NONE 0 /* No socket type assigned yet. Should produce an error if the wrong function is called. */ 339 #define NX_SECURE_TLS_SESSION_TYPE_CLIENT 1 /* Client TLS socket - assigned when nx_secure_tls_client_socket_connect is called. */ 340 #define NX_SECURE_TLS_SESSION_TYPE_SERVER 2 /* Server TLS socket - assigned when nx_secure_tls_server_socket_listen is called. */ 341 342 /* TLS handshake states - Server. */ 343 #define NX_SECURE_TLS_SERVER_STATE_IDLE 0 /* TLS server is waiting for a ClientHello. */ 344 #define NX_SECURE_TLS_SERVER_STATE_ERROR 1 /* TLS server encountered an internal (non-alert) error. */ 345 #define NX_SECURE_TLS_SERVER_STATE_ALERT_SENT 2 /* TLS server encountered an issue and sent an alert to the remote client. */ 346 #define NX_SECURE_TLS_SERVER_STATE_SEND_HELLO 3 /* A ClientHello has been received and we need to respond. */ 347 #define NX_SECURE_TLS_SERVER_STATE_SEND_HELLO_VERIFY 4 /* In DTLS, send a HelloVerifyRequest message back to the client. */ 348 #define NX_SECURE_TLS_SERVER_STATE_HELLO_SENT 5 /* ServerHelloDone response has been sent to client. */ 349 #define NX_SECURE_TLS_SERVER_STATE_CLIENT_CERTIFICATE 6 /* A Client Certificate message has been received. */ 350 #define NX_SECURE_TLS_SERVER_STATE_KEY_EXCHANGE 7 /* Server needs to send a key exchange message. */ 351 #define NX_SECURE_TLS_SERVER_STATE_CERTIFICATE_VERIFY 8 /* A Client CertificateVerify message has been received. */ 352 #define NX_SECURE_TLS_SERVER_STATE_FINISH_HANDSHAKE 9 /* Server received a client Finished message and needs to respond. */ 353 #define NX_SECURE_TLS_SERVER_STATE_HANDSHAKE_FINISHED 10 /* Server has completed the handshake. */ 354 #define NX_SECURE_TLS_SERVER_STATE_HELLO_REQUEST 11 /* A HelloRequest has been sent. */ 355 #define NX_SECURE_TLS_SERVER_STATE_SEND_HELLO_RETRY 12 /* A ClientHello has been received but key_share mismatch. We need to respond HelloRetryRequest. */ 356 357 /* TLS handshake states - Client. */ 358 #define NX_SECURE_TLS_CLIENT_STATE_IDLE 0 /* Client socket is not connected, waiting for connection request from application. */ 359 #define NX_SECURE_TLS_CLIENT_STATE_ERROR 1 /* Client socket has encountered an error (separate from alerts). */ 360 #define NX_SECURE_TLS_CLIENT_STATE_ALERT_SENT 2 /* TLS Client sent an alert to the remote server. */ 361 #define NX_SECURE_TLS_CLIENT_STATE_HELLO_REQUEST 3 /* TLS server sent a hello request, we need to re-negotiate the session. */ 362 #define NX_SECURE_TLS_CLIENT_STATE_HELLO_VERIFY 4 /* A HelloVerifyRequest was received - need to re-send ClientHello (DTLS). */ 363 #define NX_SECURE_TLS_CLIENT_STATE_SERVERHELLO 5 /* A ServerHello has been received. */ 364 #define NX_SECURE_TLS_CLIENT_STATE_SERVER_CERTIFICATE 6 /* A Server Certificate message has been received. */ 365 #define NX_SECURE_TLS_CLIENT_STATE_SERVER_KEY_EXCHANGE 7 /* A ServerKeyExchange message has been received. */ 366 #define NX_SECURE_TLS_CLIENT_STATE_CERTIFICATE_REQUEST 8 /* A Server CertificateRequest message has been received. */ 367 #define NX_SECURE_TLS_CLIENT_STATE_SERVERHELLO_DONE 9 /* A ServerHelloDone message has been received. */ 368 #define NX_SECURE_TLS_CLIENT_STATE_HANDSHAKE_FINISHED 10 /* Client has received a Finished message to end the handshake. */ 369 #define NX_SECURE_TLS_CLIENT_STATE_RENEGOTIATING 11 /* Client is renegotiating a handshake. Only used to kick off a renegotiation. */ 370 #define NX_SECURE_TLS_CLIENT_STATE_ENCRYPTED_EXTENSIONS 12 /* Client received and processed an encrypted extensions handshake message. */ 371 #define NX_SECURE_TLS_CLIENT_STATE_HELLO_RETRY 13 /* A HelloRetryRequest has been received. We need to resend ClientHello. */ 372 373 #define NX_SECURE_TLS_HANDSHAKE_NO_FRAGMENT 0 /* There is no fragmented handshake message. */ 374 #define NX_SECURE_TLS_HANDSHAKE_RECEIVED_FRAGMENT 1 /* Received a fragmented handshake message. */ 375 376 /* TLS Alert message numbers from RFC 5246. */ 377 #define NX_SECURE_TLS_ALERT_CLOSE_NOTIFY 0 378 #define NX_SECURE_TLS_ALERT_UNEXPECTED_MESSAGE 10 379 #define NX_SECURE_TLS_ALERT_BAD_RECORD_MAC 20 380 #define NX_SECURE_TLS_ALERT_DECRYPTION_FAILED_RESERVED 21 381 #define NX_SECURE_TLS_ALERT_RECORD_OVERFLOW 22 382 #define NX_SECURE_TLS_ALERT_DECOMPRESSION_FAILURE 30 383 #define NX_SECURE_TLS_ALERT_HANDSHAKE_FAILURE 40 384 #define NX_SECURE_TLS_ALERT_NO_CERTIFICATE_RESERVED 41 385 #define NX_SECURE_TLS_ALERT_BAD_CERTIFICATE 42 386 #define NX_SECURE_TLS_ALERT_UNSUPPORTED_CERTIFICATE 43 387 #define NX_SECURE_TLS_ALERT_CERTIFICATE_REVOKED 44 388 #define NX_SECURE_TLS_ALERT_CERTIFICATE_EXPIRED 45 389 #define NX_SECURE_TLS_ALERT_CERTIFICATE_UNKNOWN 46 390 #define NX_SECURE_TLS_ALERT_ILLEGAL_PARAMETER 47 391 #define NX_SECURE_TLS_ALERT_UNKNOWN_CA 48 392 #define NX_SECURE_TLS_ALERT_ACCESS_DENIED 49 393 #define NX_SECURE_TLS_ALERT_DECODE_ERROR 50 394 #define NX_SECURE_TLS_ALERT_DECRYPT_ERROR 51 395 #define NX_SECURE_TLS_ALERT_EXPORT_RESTRICTION_RESERVED 60 396 #define NX_SECURE_TLS_ALERT_PROTOCOL_VERSION 70 397 #define NX_SECURE_TLS_ALERT_INSUFFICIENT_SECURITY 71 398 #define NX_SECURE_TLS_ALERT_INTERNAL_ERROR 80 399 #define NX_SECURE_TLS_ALERT_INAPPROPRIATE_FALLBACK 86 400 #define NX_SECURE_TLS_ALERT_USER_CANCELED 90 401 #define NX_SECURE_TLS_ALERT_NO_RENEGOTIATION 100 402 #define NX_SECURE_TLS_ALERT_MISSING_EXTENSION 109 403 #define NX_SECURE_TLS_ALERT_UNSUPPORTED_EXTENSION 110 404 #define NX_SECURE_TLS_ALERT_UNKNOWN_PSK_IDENTITY 115 405 #define NX_SECURE_TLS_ALERT_CERTIFICATE_REQUIRED 116 406 407 /* TLS alert levels. */ 408 #define NX_SECURE_TLS_ALERT_LEVEL_WARNING 0x1 409 #define NX_SECURE_TLS_ALERT_LEVEL_FATAL 0x2 410 411 412 /* TLS protocol versions - TLS version 1.2 has protocol version 3.3 (for legacy reasons). */ 413 #define NX_SECURE_TLS_VERSION_MAJOR_3 0x3 414 #define NX_SECURE_SSL_VERSION_MINOR_3_0 0x0 415 #define NX_SECURE_TLS_VERSION_MINOR_1_0 0x1 416 #define NX_SECURE_TLS_VERSION_MINOR_1_1 0x2 417 #define NX_SECURE_TLS_VERSION_MINOR_1_2 0x3 418 #define NX_SECURE_TLS_VERSION_MINOR_1_3 0x4 419 420 #define NX_SECURE_TLS_VERSION_SSL_3_0 ((NX_SECURE_TLS_VERSION_MAJOR_3 << 8) | NX_SECURE_SSL_VERSION_MINOR_3_0) 421 #define NX_SECURE_TLS_VERSION_TLS_1_0 ((NX_SECURE_TLS_VERSION_MAJOR_3 << 8) | NX_SECURE_TLS_VERSION_MINOR_1_0) 422 #define NX_SECURE_TLS_VERSION_TLS_1_1 ((NX_SECURE_TLS_VERSION_MAJOR_3 << 8) | NX_SECURE_TLS_VERSION_MINOR_1_1) 423 #define NX_SECURE_TLS_VERSION_TLS_1_2 ((NX_SECURE_TLS_VERSION_MAJOR_3 << 8) | NX_SECURE_TLS_VERSION_MINOR_1_2) 424 #define NX_SECURE_TLS_VERSION_TLS_1_3 ((NX_SECURE_TLS_VERSION_MAJOR_3 << 8) | NX_SECURE_TLS_VERSION_MINOR_1_3) 425 426 427 /* The number of TLS versions actually recognized by the NetX Secure TLS stack. */ 428 #define NX_SECURE_TLS_NUM_VERSIONS (4) 429 430 /* Configuration macros for supported TLS versions. */ 431 #ifdef NX_SECURE_TLS_ENABLE_SSL_3_0 432 #define NX_SECURE_TLS_SSL_3_0_ENABLED (1) /* SSLv3 supported. */ 433 #else 434 #define NX_SECURE_TLS_SSL_3_0_ENABLED (0) /* SSLv3 not currently supported. */ 435 #endif 436 437 #ifdef NX_SECURE_TLS_ENABLE_TLS_1_0 438 #define NX_SECURE_TLS_TLS_1_0_ENABLED (1) /* TLS 1.0 supported. */ 439 #else 440 #define NX_SECURE_TLS_TLS_1_0_ENABLED (0) /* TLS 1.0 not currently supported. */ 441 #endif 442 443 #ifdef NX_SECURE_TLS_ENABLE_TLS_1_1 444 #define NX_SECURE_TLS_TLS_1_1_ENABLED (1) /* TLS 1.1 supported. */ 445 #else 446 #define NX_SECURE_TLS_TLS_1_1_ENABLED (0) /* TLS 1.1 not currently supported. */ 447 #endif 448 449 #ifndef NX_SECURE_TLS_TLS_1_2_ENABLED 450 #define NX_SECURE_TLS_TLS_1_2_ENABLED (1) 451 #endif 452 453 #ifdef NX_SECURE_TLS_ENABLE_TLS_1_3 454 #define NX_SECURE_TLS_TLS_1_3_ENABLED (1) 455 #endif 456 457 #ifndef NX_SECURE_TLS_TLS_1_3_ENABLED 458 #define NX_SECURE_TLS_TLS_1_3_ENABLED (0) 459 #endif 460 461 462 /* Define a structure to keep track of which versions of TLS are enabled and supported. */ 463 typedef struct NX_SECURE_TLS_VERSIONS_STRUCT 464 { 465 /* The protocol version in network byte-order format for use in TLS messages. */ 466 USHORT nx_secure_tls_protocol_version; 467 468 /* Flag indicating that the associated TLS protocol version is supported/enabled. */ 469 USHORT nx_secure_tls_is_supported; 470 } NX_SECURE_TLS_VERSIONS; 471 472 /* Define a structure to keep track of supported versions for TLS and DTLS */ 473 typedef struct NX_SECURE_VERSIONS_LIST_STRUCT 474 { 475 const NX_SECURE_TLS_VERSIONS *nx_secure_versions_list; 476 UINT nx_secure_versions_list_count; 477 } NX_SECURE_VERSIONS_LIST; 478 479 480 /* Disambiguation label/id for ciphersuites table. */ 481 #define NX_SECURE_APPLICATION_NONE 0 482 #define NX_SECURE_APPLICATION_TLS 1 483 #define NX_SECURE_APPLICATION_X509 2 484 485 /* Bitfields for TLS versions. */ 486 #define NX_SECURE_TLS_BITFIELD_VERSION_1_0 0x00000001 487 #define NX_SECURE_TLS_BITFIELD_VERSION_1_1 0x00000002 488 #define NX_SECURE_TLS_BITFIELD_VERSION_1_2 0x00000004 489 #define NX_SECURE_TLS_BITFIELD_VERSION_1_3 0x00000008 490 #define NX_SECURE_DTLS_BITFIELD_VERSION_1_0 0x00000010 491 #define NX_SECURE_DTLS_BITFIELD_VERSION_1_2 0x00000020 492 #define NX_SECURE_DTLS_BITFIELD_VERSION_1_3 0x00000040 493 #define NX_SECURE_X509_BITFIELD_VERSION_3 0x00000080 494 495 /* Composite bitfields. */ 496 #define NX_SECURE_TLS_BITFIELD_VERSIONS_PRE_1_3 (NX_SECURE_TLS_BITFIELD_VERSION_1_0 | NX_SECURE_TLS_BITFIELD_VERSION_1_1 | NX_SECURE_TLS_BITFIELD_VERSION_1_2) 497 #define NX_SECURE_DTLS_BITFIELD_VERSIONS_PRE_1_3 (NX_SECURE_DTLS_BITFIELD_VERSION_1_0 | NX_SECURE_DTLS_BITFIELD_VERSION_1_2) 498 #define NX_SECURE_TLS_BITFIELD_VERSIONS_ALL (NX_SECURE_TLS_BITFIELD_VERSIONS_PRE_1_3 | NX_SECURE_DTLS_BITFIELD_VERSIONS_PRE_1_3 | NX_SECURE_TLS_BITFIELD_VERSION_1_3 | NX_SECURE_DTLS_BITFIELD_VERSION_1_3) 499 500 /* TLS ciphersuite definitions. */ 501 #define TLS_NULL_WITH_NULL_NULL 0x0000 502 #define TLS_RSA_WITH_NULL_MD5 0x0001 503 #define TLS_RSA_WITH_NULL_SHA 0x0002 504 #define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F 505 #define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030 506 #define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031 507 #define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032 508 #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033 509 #define TLS_DH_anon_WITH_AES_128_CBC_SHA 0x0034 510 #define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 511 #define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036 512 #define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037 513 #define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038 514 #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039 515 #define TLS_DH_anon_WITH_AES_256_CBC_SHA 0x003A 516 #define TLS_RSA_WITH_AES_128_CBC_SHA256 0x003C 517 #define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003D 518 #define TLS_PSK_WITH_AES_128_CBC_SHA 0x008C 519 #define TLS_PSK_WITH_AES_256_CBC_SHA 0x008D 520 #define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C 521 #define TLS_RSA_WITH_AES_256_GCM_SHA384 0x009D 522 #define TLS_PSK_WITH_AES_128_CBC_SHA256 0x00AE 523 #define TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 524 525 /* EC Ciphersuites. */ 526 #define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 527 #define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 528 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 529 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 530 #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 531 #define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 532 #define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 533 #define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 534 #define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 535 #define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A 536 #define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B 537 #define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C 538 #define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D 539 #define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E 540 #define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F 541 #define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 542 #define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 543 #define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 544 #define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 545 #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 546 #define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 547 #define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 548 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 549 #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 550 #define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 551 #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 552 #define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 553 #define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A 554 #define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B 555 #define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C 556 #define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D 557 #define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E 558 #define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F 559 #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 560 #define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 561 #define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 562 563 #define TLS_AES_128_GCM_SHA256 0x1301 564 #define TLS_AES_256_GCM_SHA384 0x1302 565 #define TLS_AES_128_CCM_SHA256 0x1304 566 #define TLS_AES_128_CCM_8_SHA256 0x1305 567 568 #define TLS_EMPTY_RENEGOTIATION_INFO_SCSV 0x00FF /* Secure renegotiation extension Signalling Ciphersuite Value (SCSV). */ 569 #define TLS_FALLBACK_NOTIFY_SCSV 0x5600 /* TLS version fallback notification SCSV. */ 570 571 /* Cipher and hash methods for look up in determining what methods to use for a particular ciphersuite. */ 572 #define TLS_CIPHER_NULL 0x00 573 #define TLS_CIPHER_AES 0x01 574 #define TLS_CIPHER_RC4 0x02 575 #define TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF 576 577 /* Define the key exchange algorithm for backward compatibility. */ 578 #define TLS_CIPHER_RSA NX_CRYPTO_KEY_EXCHANGE_RSA 579 #define TLS_PUBLIC_AUTH_PSK NX_CRYPTO_KEY_EXCHANGE_PSK 580 #define TLS_PUBLIC_AUTH_ECJPAKE NX_CRYPTO_KEY_EXCHANGE_ECJPAKE 581 #define TLS_PRF_1 NX_CRYPTO_PRF_HMAC_SHA1 /* TLSv1.0/1.1 PRF */ 582 #define TLS_PRF_SHA_256 NX_CRYPTO_PRF_HMAC_SHA2_256 /* TLS PRF, SHA-256 based for TLSv1.2. */ 583 #define TLS_HASH_SHA_1 NX_CRYPTO_HASH_SHA1 584 #define TLS_HASH_SHA_256 NX_CRYPTO_HASH_SHA256 585 #define TLS_HASH_SHA_384 NX_CRYPTO_HASH_SHA384 586 #define TLS_HASH_SHA_512 NX_CRYPTO_HASH_SHA512 587 588 /* Client Certificate Types for Certificate Request messages. 589 Values taken directly from RFC 5246, section 7.4.4. */ 590 #define NX_SECURE_TLS_CERT_TYPE_NONE 0 591 #define NX_SECURE_TLS_CERT_TYPE_RSA_SIGN 1 592 #define NX_SECURE_TLS_CERT_TYPE_DSS_SIGN 2 593 #define NX_SECURE_TLS_CERT_TYPE_RSA_FIXED_DH 3 594 #define NX_SECURE_TLS_CERT_TYPE_DSS_FIXED_DH 4 595 #define NX_SECURE_TLS_CERT_TYPE_RSA_EPHEMERAL_DH 5 596 #define NX_SECURE_TLS_CERT_TYPE_DSS_EPHEMERAL_DH 6 597 #define NX_SECURE_TLS_CERT_TYPE_FORTEZZA_DMS 20 598 /* Values taken directly from RFC 4492, section 5.5. */ 599 #define NX_SECURE_TLS_CERT_TYPE_ECDSA_SIGN 64 600 #define NX_SECURE_TLS_CERT_TYPE_RSA_FIXED_ECDH 65 601 #define NX_SECURE_TLS_CERT_TYPE_ECDSA_FIXED_ECDH 66 602 603 604 /* Algorithm identifiers for signature methods used in CertificateVerify messages and 605 in the "signature_algorithms" extension, from RFC 5246, section 7.4.1.4.1.*/ 606 #define NX_SECURE_TLS_HASH_ALGORITHM_NONE 0 607 #define NX_SECURE_TLS_HASH_ALGORITHM_MD5 1 608 #define NX_SECURE_TLS_HASH_ALGORITHM_SHA1 2 609 #define NX_SECURE_TLS_HASH_ALGORITHM_SHA224 3 610 #define NX_SECURE_TLS_HASH_ALGORITHM_SHA256 4 611 #define NX_SECURE_TLS_HASH_ALGORITHM_SHA384 5 612 #define NX_SECURE_TLS_HASH_ALGORITHM_SHA512 6 613 614 /* Signature algorithms paired with the hash algorithms above. */ 615 #define NX_SECURE_TLS_SIGNATURE_ALGORITHM_ANONYMOUS 0 616 #define NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA 1 617 #define NX_SECURE_TLS_SIGNATURE_ALGORITHM_DSA 2 618 #define NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA 3 619 620 /* Packed algorithm values (as seen over the wire). */ 621 #define NX_SECURE_TLS_SIGNATURE_RSA_MD5 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_MD5 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA) 622 #define NX_SECURE_TLS_SIGNATURE_RSA_SHA1 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA1 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA) 623 #define NX_SECURE_TLS_SIGNATURE_RSA_SHA256 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA256 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA) 624 #define NX_SECURE_TLS_SIGNATURE_RSA_SHA384 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA384 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA) 625 #define NX_SECURE_TLS_SIGNATURE_RSA_SHA512 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA512 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_RSA) 626 #define NX_SECURE_TLS_SIGNATURE_ECDSA_SHA1 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA1 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA) 627 #define NX_SECURE_TLS_SIGNATURE_ECDSA_SHA224 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA224 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA) 628 #define NX_SECURE_TLS_SIGNATURE_ECDSA_SHA256 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA256 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA) 629 #define NX_SECURE_TLS_SIGNATURE_ECDSA_SHA384 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA384 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA) 630 #define NX_SECURE_TLS_SIGNATURE_ECDSA_SHA512 (((UINT)NX_SECURE_TLS_HASH_ALGORITHM_SHA512 << 8) + (UINT)NX_SECURE_TLS_SIGNATURE_ALGORITHM_ECDSA) 631 632 633 /* Session key generation and assignment constants. */ 634 #define NX_SECURE_TLS_KEY_SET_LOCAL 0 635 #define NX_SECURE_TLS_KEY_SET_REMOTE 1 636 637 /* TLS extension definitions from RFC 5246, 5746, 6066, and others. */ 638 #define NX_SECURE_TLS_EXTENSION_SERVER_NAME_INDICATION (0x0000) 639 #define NX_SECURE_TLS_EXTENSION_MAX_FRAGMENT_LENGTH (0x0001) 640 #define NX_SECURE_TLS_EXTENSION_CLIENT_CERTIFICATE_URL (0x0002) 641 #define NX_SECURE_TLS_EXTENSION_TRUSTED_CA_INDICATION (0x0003) 642 #define NX_SECURE_TLS_EXTENSION_TRUNCATED_HMAC (0x0004) 643 #define NX_SECURE_TLS_EXTENSION_CERTIFICATE_STATUS_REQUEST (0x0005) 644 #define NX_SECURE_TLS_EXTENSION_EC_GROUPS (0x000A) 645 #define NX_SECURE_TLS_EXTENSION_EC_POINT_FORMATS (0x000B) 646 #define NX_SECURE_TLS_EXTENSION_SIGNATURE_ALGORITHMS (0x000D) 647 #define NX_SECURE_TLS_EXTENSION_PRE_SHARED_KEY (0x0029) 648 #define NX_SECURE_TLS_EXTENSION_EARLY_DATA (0x002A) 649 #define NX_SECURE_TLS_EXTENSION_SUPPORTED_VERSIONS (0x002B) 650 #define NX_SECURE_TLS_EXTENSION_COOKIE (0x002C) 651 #define NX_SECURE_TLS_EXTENSION_PSK_KEY_EXCHANGE_MODES (0x002D) 652 #define NX_SECURE_TLS_EXTENSION_CERTIFICATE_AUTHORITIES (0x002F) 653 #define NX_SECURE_TLS_EXTENSION_OID_FILTERS (0x0030) 654 #define NX_SECURE_TLS_EXTENSION_POST_HANDSHAKE_AUTH (0x0031) 655 #define NX_SECURE_TLS_EXTENSION_SIGNATURE_ALGORITHMS_CERT (0x0032) 656 #define NX_SECURE_TLS_EXTENSION_KEY_SHARE (0x0033) 657 #define NX_SECURE_TLS_EXTENSION_ECJPAKE_KEY_KP_PAIR (0x0100) 658 #define NX_SECURE_TLS_EXTENSION_SECURE_RENEGOTIATION (0xFF01) 659 660 /* Extension-specific values. */ 661 #define NX_SECURE_TLS_SNI_NAME_TYPE_DNS (0x0) 662 663 /* Define the maximum number of structures allocated for TLS ClientHello and ServerHello extension data. */ 664 #define NX_SECURE_TLS_HELLO_EXTENSIONS_MAX (10) 665 666 /* Some constants for use in defining buffers for crypto and hash operations. */ 667 #define NX_SECURE_TLS_RANDOM_SIZE (32) /* Size of the server and client random values, in bytes. */ 668 #define NX_SECURE_TLS_MAX_HASH_SIZE (32) /* This is the largest size a single hash/MAC for ANY session *might* be, in bytes. */ 669 #define NX_SECURE_TLS_1_3_MAX_TRANSCRIPT_HASHES (5) /* This is the number of transcript hashes we need to save for TLS 1.3 key generation. */ 670 671 /* The following #defines are indicies into the transcript hash array used to store 672 the various transcript hashes for TLS 1.3 key generation. */ 673 #define NX_SECURE_TLS_TRANSCRIPT_IDX_CLIENTHELLO (0) 674 #define NX_SECURE_TLS_TRANSCRIPT_IDX_SERVERHELLO (1) 675 #define NX_SECURE_TLS_TRANSCRIPT_IDX_CERTIFICATE (2) 676 #define NX_SECURE_TLS_TRANSCRIPT_IDX_CLIENT_FINISHED (3) 677 #define NX_SECURE_TLS_TRANSCRIPT_IDX_SERVER_FINISHED (4) 678 679 #define NX_SECURE_TLS_RSA_PREMASTER_SIZE (48) /* The size of RSA encrypted pre-master secret. */ 680 #define NX_SECURE_TLS_EC_PREMASTER_SIZE (68) /* The size of pre-master secret for EC. */ 681 #ifndef NX_SECURE_TLS_MASTER_SIZE 682 #define NX_SECURE_TLS_MASTER_SIZE (48) /* The master secret is also 48 bytes. */ 683 #endif 684 #define NX_SECURE_TLS_MAX_KEY_SIZE (32) /* Maximum size of a session key in bytes. */ 685 #define NX_SECURE_TLS_MAX_IV_SIZE (16) /* Maximum size of a session initialization vector in bytes. */ 686 #define NX_SECURE_TLS_SESSION_ID_SIZE (256) /* Maximum size of a session ID value used for renegotiation in bytes. */ 687 #define NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE (2) /* Size of sequence numbers for TLS records in 32-bit words. */ 688 #define NX_SECURE_TLS_RECORD_HEADER_SIZE (5) /* Size of the TLS record header in bytes. */ 689 #define NX_SECURE_TLS_HANDSHAKE_HEADER_SIZE (4) /* Size of the TLS handshake record header in bytes. */ 690 #define NX_SECURE_TLS_FINISHED_HASH_SIZE (12) /* Size of the TLS handshake Finished hash in bytes. If SSLv3 is added, the hash size will need to 691 be revisited because it is different. */ 692 #define NX_SECURE_TLS_MAX_CIPHER_BLOCK_SIZE (128) /* Size of the largest block used by session ciphers (in block mode). */ 693 694 #define NX_SECURE_TLS_MAX_SESSION_TICKET_AGE (604800) /* Maximum lifetime of a NewSessionTicket (in milliseconds). */ 695 696 #define NX_SECURE_TLS_MAX_CIPHERTEXT_LENGTH (18432) /* Maximum TLSCiphertext record length. */ 697 #define NX_SECURE_TLS_MAX_CIPHERTEXT_LENGTH_1_3 (16640) /* Maximum TLSCiphertext record length of TLS 1.3. */ 698 #define NX_SECURE_TLS_MAX_PLAINTEXT_LENGTH (16384) /* Maximum TLSPlaintext record length. */ 699 700 /* The minimum size for the TLS message buffer is determined by a number of factors, but primarily 701 * the expected size of the TLS handshake Certificate message (sent by the TLS server) that may 702 * contain multiple certificates of 1-2KB each. The upper limit is determined by the length field 703 * in the TLS header (16 bit), and is 64KB. 704 */ 705 #ifndef NX_SECURE_TLS_MINIMUM_MESSAGE_BUFFER_SIZE 706 #define NX_SECURE_TLS_MINIMUM_MESSAGE_BUFFER_SIZE (4000) 707 #endif 708 709 /* Define a minimum reasonable size for a TLS X509 certificate. This is used in checking for 710 * errors in allocating certificate space. The size is determined by assuming a 512-bit RSA 711 * key, MD5 hash, and a rough estimate of other data. It is theoretically possible for a real 712 * certificate to be smaller, but in that case, bypass the error checking by re-defining this 713 * macro. 714 * Approximately: 64(RSA) + 16(MD5) + 176(ASN.1 + text data, common name, etc) 715 */ 716 #ifndef NX_SECURE_TLS_MINIMUM_CERTIFICATE_SIZE 717 #define NX_SECURE_TLS_MINIMUM_CERTIFICATE_SIZE (256) 718 #endif 719 720 /* We store the key material in a single contiguous block in the TLS control block, using offsets to 721 * get the actual key values. We need to size the key material according to the maximum amount of 722 * key material needed by any of the supported ciphersuites, times 2 because there are separate keys for 723 * client and server. */ 724 #ifndef NX_SECURE_TLS_KEY_MATERIAL_SIZE 725 #define NX_SECURE_TLS_KEY_MATERIAL_SIZE (2 * (NX_SECURE_TLS_MAX_HASH_SIZE + NX_SECURE_TLS_MAX_KEY_SIZE + NX_SECURE_TLS_MAX_IV_SIZE)) 726 #endif 727 728 /* PSK-specific defines. If PSK is disabled, don't bring PSK types into the build. */ 729 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) || (NX_SECURE_TLS_TLS_1_3_ENABLED) 730 731 732 #ifndef NX_SECURE_TLS_MAX_PSK_SIZE 733 /* The maximum PSK size for TLS 1.3 must be greater than or equal to the largest possible hash output for PSK session resumption keys. */ 734 #define NX_SECURE_TLS_MAX_PSK_SIZE (64) 735 #endif /* NX_SECURE_TLS_MAX_PSK_SIZE */ 736 737 #ifndef NX_SECURE_TLS_MAX_PSK_KEYS 738 #define NX_SECURE_TLS_MAX_PSK_KEYS (5) 739 #endif /* NX_SECURE_TLS_MAX_PSK_KEYS */ 740 741 #ifndef NX_SECURE_TLS_MAX_PSK_ID_SIZE 742 #define NX_SECURE_TLS_MAX_PSK_ID_SIZE (20) 743 #endif /* NX_SECURE_TLS_MAX_PSK_ID_SIZE */ 744 745 #ifndef NX_SECURE_TLS_MAX_PSK_NONCE_SIZE 746 #define NX_SECURE_TLS_MAX_PSK_NONCE_SIZE (255) 747 #endif 748 749 /* The pre-master secret size should be at least (2 * NX_SECURE_TLS_MAX_PSK_SIZE + 4) bytes for PSK cipher suites. */ 750 #define NX_SECURE_TLS_MIN_PREMASTER_SIZE_PSK (2 * NX_SECURE_TLS_MAX_PSK_SIZE + 4) 751 752 /* This structure holds the data for Pre-Shared Keys (PSKs) for use with 753 the TLS PSK ciphersuites. The actual keys are generated from this data 754 as part of the TLS handshake, but the user must provide this seed and 755 an "identity" to match a remote host to a known key. */ 756 typedef struct NX_SECURE_TLS_PSK_STORE_STRUCT 757 { 758 /* This holds the actual key data for the PSK. */ 759 UCHAR nx_secure_tls_psk_data[NX_SECURE_TLS_MAX_PSK_SIZE]; 760 UINT nx_secure_tls_psk_data_size; 761 762 /* This holds the identity information for the key in this PSK entry. */ 763 UCHAR nx_secure_tls_psk_id[NX_SECURE_TLS_MAX_PSK_ID_SIZE]; 764 UINT nx_secure_tls_psk_id_size; 765 766 /* This holds the "identity hint" sent to a TLS server during the handshake. 767 The hint tells the server how to choose a PSK/identity pair. */ 768 UCHAR nx_secure_tls_psk_id_hint[NX_SECURE_TLS_MAX_PSK_ID_SIZE]; 769 UINT nx_secure_tls_psk_id_hint_size; 770 771 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 772 /* TLS 1.3 session ticket data. */ 773 UINT nx_secure_tls_psk_ticket_lifetime; 774 UCHAR nx_secure_tls_psk_ticket_nonce[NX_SECURE_TLS_MAX_PSK_NONCE_SIZE]; 775 UCHAR nx_secure_tls_psk_ticket_nonce_size; 776 777 /* PSK early secret. */ 778 UCHAR nx_secure_tls_psk_early_secret[NX_SECURE_TLS_MAX_PSK_SIZE]; 779 UINT nx_secure_tls_psk_early_secret_size; 780 781 /* PSK binder key. */ 782 UCHAR nx_secure_tls_psk_binder_key[NX_SECURE_TLS_MAX_PSK_SIZE]; 783 UINT nx_secure_tls_psk_binder_key_size; 784 785 /* PSK finished binder key. */ 786 UCHAR nx_secure_tls_psk_finished_key[NX_SECURE_TLS_MAX_PSK_SIZE]; 787 UINT nx_secure_tls_psk_finished_key_size; 788 789 /* PSK binder value. */ 790 UCHAR nx_secure_tls_psk_binder[NX_SECURE_TLS_MAX_PSK_SIZE]; 791 UINT nx_secure_tls_psk_binder_size; 792 793 794 795 /* The PSK is associated with a hash routine to generate the binder. 796 * If the PSK is for session resumption, the hash is that of the original 797 * handshake's chosen ciphersuite. For user-defined PSKs, the hash is 798 * either chosen by the user or defaults to SHA-256. RFC 8446, Section 4.2.11. 799 */ 800 const struct NX_SECURE_TLS_CIPHERSUITE_INFO_STRUCT *nx_secure_tls_psk_binder_ciphersuite; 801 802 #endif 803 } NX_SECURE_TLS_PSK_STORE; 804 #endif /* defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) */ 805 806 807 #ifndef NX_SECURE_TLS_PREMASTER_SIZE 808 809 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE 810 #define NX_SECURE_TLS_MIN_PREMASTER_SIZE NX_SECURE_TLS_EC_PREMASTER_SIZE /* The pre-master secret should be at least 66 bytes for ECDH/ECDHE with secp521r1. */ 811 #else 812 #define NX_SECURE_TLS_MIN_PREMASTER_SIZE NX_SECURE_TLS_RSA_PREMASTER_SIZE /* The pre-master secret should be at least 48 bytes. */ 813 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */ 814 815 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) 816 817 #if NX_SECURE_TLS_MIN_PREMASTER_SIZE_PSK > NX_SECURE_TLS_MIN_PREMASTER_SIZE 818 #define NX_SECURE_TLS_PREMASTER_SIZE NX_SECURE_TLS_MIN_PREMASTER_SIZE_PSK /* The pre-master secret should be at least NX_SECURE_TLS_MIN_PREMASTER_SIZE_PSK bytes for PSK cipher suites. */ 819 #else 820 #define NX_SECURE_TLS_PREMASTER_SIZE NX_SECURE_TLS_MIN_PREMASTER_SIZE 821 #endif 822 823 #else 824 #define NX_SECURE_TLS_PREMASTER_SIZE NX_SECURE_TLS_MIN_PREMASTER_SIZE 825 #endif /* defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) || (NX_SECURE_TLS_TLS_1_3_ENABLED) */ 826 827 #endif 828 829 /* TLS Ciphersuite lookup table. Contains all pertinent information for ciphersuites used in TLS operations. 830 * The lookup is based on the first field, which will contain the defined TLS value for the ciphersuite. */ 831 typedef struct NX_SECURE_TLS_CIPHERSUITE_INFO_STRUCT 832 { 833 /* The value of the ciphersuite "on the wire" as defined by the TLS spec. */ 834 USHORT nx_secure_tls_ciphersuite; 835 836 /* The Public Key operation in this suite - RSA or DH. */ 837 const NX_CRYPTO_METHOD *nx_secure_tls_public_cipher; 838 839 /* The Public Authentication method used for signing data. */ 840 const NX_CRYPTO_METHOD *nx_secure_tls_public_auth; 841 842 /* NOTE: The Public Key size is determined by the public keys used and cannot be determined at compile time. */ 843 844 /* The session cipher being used - AES, RC4, etc. */ 845 const NX_CRYPTO_METHOD *nx_secure_tls_session_cipher; 846 847 /* The size of the initialization vectors needed for the session cipher. N/A for all session ciphers (enter "NONE"). */ 848 USHORT nx_secure_tls_iv_size; 849 850 /* The key size for the session cipher. */ 851 UCHAR nx_secure_tls_session_key_size; 852 853 /* The hash being used - MD5, SHA-1, SHA-256, etc. */ 854 const NX_CRYPTO_METHOD *nx_secure_tls_hash; 855 856 /* The size of the hash being used. This is for convenience as the size is determined 857 by the hash, e.g. SHA-1 is 20 bytes, MD5 is 16 bytes. */ 858 USHORT nx_secure_tls_hash_size; 859 860 /* The TLS PRF being used - for TLSv1.0 and TLSv1.1 this is a single function. For TLSv1.2, 861 the PRF is determined by the ciphersuite. */ 862 const NX_CRYPTO_METHOD *nx_secure_tls_prf; 863 864 } NX_SECURE_TLS_CIPHERSUITE_INFO; 865 866 867 typedef USHORT NX_SECURE_TLS_STATE; 868 typedef USHORT NX_SECURE_TLS_SERVER_STATE; 869 typedef USHORT NX_SECURE_TLS_CLIENT_STATE; 870 871 872 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE 873 /* EC handshake information. */ 874 typedef struct NX_SECURE_TLS_ECDHE_HANDSHAKE_DATA_STRUCT 875 { 876 /* Named curve used. */ 877 UINT nx_secure_tls_ecdhe_named_curve; 878 879 /* Signature Algorithm for ECDHE. */ 880 USHORT nx_secure_tls_ecdhe_signature_algorithm; 881 882 /* Length of the private key. */ 883 USHORT nx_secure_tls_ecdhe_private_key_length; 884 885 /* Private key for ECDHE. */ 886 UCHAR nx_secure_tls_ecdhe_private_key[NX_SECURE_TLS_EC_PREMASTER_SIZE]; 887 888 /* Length of the public key. */ 889 USHORT nx_secure_tls_ecdhe_public_key_length; 890 891 /* Public key for ECDHE. */ 892 UCHAR nx_secure_tls_ecdhe_public_key[4 * NX_SECURE_TLS_EC_PREMASTER_SIZE]; 893 894 } NX_SECURE_TLS_ECDHE_HANDSHAKE_DATA; 895 896 /* ECC information. */ 897 typedef struct NX_SECURE_TLS_ECC_STRUCT 898 { 899 /* Supported named curves. */ 900 const USHORT *nx_secure_tls_ecc_supported_groups; 901 902 /* Number of supported named curves. */ 903 USHORT nx_secure_tls_ecc_supported_groups_count; 904 905 /* Corresponding crypto methods for the supported named curve. */ 906 const NX_CRYPTO_METHOD **nx_secure_tls_ecc_curves; 907 } NX_SECURE_TLS_ECC; 908 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */ 909 910 911 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 912 typedef struct NX_SECURE_TLS_KEY_SECRETS_STRUCT 913 { 914 /* TLS 1.3 has many secrets and keys to be generated. This structure contains them. */ 915 916 UCHAR tls_early_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 917 UINT tls_early_secret_len; 918 UCHAR tls_binder_key[NX_SECURE_TLS_MAX_HASH_SIZE]; 919 UINT tls_binder_key_len; 920 UCHAR tls_client_early_traffic_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 921 UINT tls_client_early_traffic_secret_len; 922 UCHAR tls_early_exporter_master_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 923 UINT tls_early_exporter_master_secret_len; 924 UCHAR tls_handshake_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 925 UINT tls_handshake_secret_len; 926 UCHAR tls_client_handshake_traffic_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 927 UINT tls_client_handshake_traffic_secret_len; 928 UCHAR tls_server_handshake_traffic_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 929 UINT tls_server_handshake_traffic_secret_len; 930 UCHAR tls_master_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 931 UINT tls_master_secret_len; 932 UCHAR tls_client_application_traffic_secret_0[NX_SECURE_TLS_MAX_HASH_SIZE]; 933 UINT tls_client_application_traffic_secret_0_len; 934 UCHAR tls_server_application_traffic_secret_0[NX_SECURE_TLS_MAX_HASH_SIZE]; 935 UINT tls_server_application_traffic_secret_0_len; 936 UCHAR tls_exporter_master_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 937 UINT tls_exporter_master_secret_len; 938 UCHAR tls_resumption_master_secret[NX_SECURE_TLS_MAX_HASH_SIZE]; 939 UINT tls_resumption_master_secret_len; 940 941 UCHAR tls_server_finished_key[NX_SECURE_TLS_MAX_HASH_SIZE]; 942 UINT tls_server_finished_key_len; 943 UCHAR tls_client_finished_key[NX_SECURE_TLS_MAX_HASH_SIZE]; 944 UINT tls_client_finished_key_len; 945 } NX_SECURE_TLS_KEY_SECRETS; 946 947 948 #endif 949 950 951 typedef struct NX_SECURE_TLS_KEY_MATERIAL_STRUCT 952 { 953 /* Client random bytes - generated during the handshake. */ 954 UCHAR nx_secure_tls_client_random[NX_SECURE_TLS_RANDOM_SIZE]; 955 956 /* Server random bytes - generated during the handshake. */ 957 UCHAR nx_secure_tls_server_random[NX_SECURE_TLS_RANDOM_SIZE]; 958 959 /* The pre-master-secret length is dependent upon the public key 960 algorithm chosen - the RSA pre-master-secret is 48 bytes. 961 THIS MUST BE DELETED FROM MEMORY ONCE KEYS ARE GENERATED. */ 962 UCHAR nx_secure_tls_pre_master_secret[NX_SECURE_TLS_PREMASTER_SIZE]; 963 UINT nx_secure_tls_pre_master_secret_size; 964 965 /* The master secret is always 48 bytes in length, regardless of the 966 length of the pre-master-secret. */ 967 UCHAR nx_secure_tls_master_secret[NX_SECURE_TLS_MASTER_SIZE]; 968 969 /* We store generate the session key material into this buffer, 970 thus needing no copying of data (using the pointers to actual data below). */ 971 UCHAR nx_secure_tls_key_material_data[NX_SECURE_TLS_KEY_MATERIAL_SIZE]; 972 973 /* During a session renegotiation, there will be the current set of session keys 974 * in use, and a new set of keys that will be generated during the renegotiation 975 * handshake. However, there is a period of time where the local and remote keys 976 * are out of sync (after a ChangeCipherSpec is sent/received but before the second 977 * CCS message is sent) so we need to keep a separate buffer for new keys until 978 * we are fully using the new keys. 979 */ 980 UCHAR nx_secure_tls_new_key_material_data[NX_SECURE_TLS_KEY_MATERIAL_SIZE]; 981 982 /* Storage space for public ECC key data for curves supported (mostly for client). 983 * For TLS 1.3 we have to generate public keys before sending the ClientHello - one 984 * key for each curve we support! 985 */ 986 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 987 /* TLS 1.3 ECDHE key data. */ 988 NX_SECURE_TLS_ECDHE_HANDSHAKE_DATA nx_secure_tls_ecc_key_data[10]; 989 990 /* Selected ECDHE key data index. */ 991 UINT nx_secure_tls_ecc_key_data_selected; 992 993 /* TLS 1.3 key secrets. */ 994 NX_SECURE_TLS_KEY_SECRETS nx_secure_tls_key_secrets; 995 996 /* Store each transcript hash as it is generated. */ 997 UCHAR nx_secure_tls_transcript_hashes[NX_SECURE_TLS_1_3_MAX_TRANSCRIPT_HASHES][NX_SECURE_TLS_MAX_HASH_SIZE]; 998 999 #endif 1000 1001 /* Pointer to buffer where we can store handshake messages to hash once we know 1002 the hash routine we are using. */ 1003 UCHAR nx_secure_tls_handshake_cache[500]; 1004 UINT nx_secure_tls_handshake_cache_length; 1005 1006 /* The TLS protocol requires a "secret" used in the hash of each message, 1007 and one secret each for client and server. */ 1008 UCHAR *nx_secure_tls_client_write_mac_secret; 1009 UCHAR *nx_secure_tls_server_write_mac_secret; 1010 1011 /* The actual TLS Session keys used to encrypt session data (e.g. using AES.). 1012 There is one key for each direction, so the client encrypts with the "client_write" 1013 key and the server decrypts incoming data using the same key. */ 1014 UCHAR *nx_secure_tls_client_write_key; 1015 UCHAR *nx_secure_tls_server_write_key; 1016 1017 /* Some algorithms used in the TLS session require initialization vectors. */ 1018 UCHAR *nx_secure_tls_client_iv; 1019 UCHAR *nx_secure_tls_server_iv; 1020 1021 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 1022 /* Any time we are switching keys (going from one encrypted context to another) we need to switch 1023 * the keys for client and server independently. These pointers allow us to refer to the next 1024 * keys to be used without having to access the key material directly. */ 1025 UCHAR *nx_secure_tls_client_next_write_key; 1026 UCHAR *nx_secure_tls_server_next_write_key; 1027 1028 /* Some algorithms used in the TLS session require initialization vectors. */ 1029 UCHAR *nx_secure_tls_client_next_iv; 1030 UCHAR *nx_secure_tls_server_next_iv; 1031 #endif 1032 1033 } NX_SECURE_TLS_KEY_MATERIAL; 1034 1035 /* This structure contains the metadata for the TLS handshake hash - the state 1036 * of the hash must persist through the entire handshake process so it is stored 1037 * separately from the rest of the crypto metadata. 1038 */ 1039 typedef struct NX_SECURE_TLS_HANDSHAKE_HASH_STRUCT 1040 { 1041 /* Handshake verification hash context - we need MD5 and SHA-1 for TLS 1.0 and 1.1. */ 1042 CHAR *nx_secure_tls_handshake_hash_md5_metadata; 1043 ULONG nx_secure_tls_handshake_hash_md5_metadata_size; 1044 VOID *nx_secure_tls_handshake_hash_md5_handler; 1045 1046 /* SHA-1 handshake hash context. */ 1047 CHAR *nx_secure_tls_handshake_hash_sha1_metadata; 1048 ULONG nx_secure_tls_handshake_hash_sha1_metadata_size; 1049 VOID *nx_secure_tls_handshake_hash_sha1_handler; 1050 1051 /* SHA-256 handshake hash context. */ 1052 CHAR *nx_secure_tls_handshake_hash_sha256_metadata; 1053 ULONG nx_secure_tls_handshake_hash_sha256_metadata_size; 1054 VOID *nx_secure_tls_handshake_hash_sha256_handler; 1055 1056 /* Scratch metadata space for copying one of the above states when 1057 generating the final hash. */ 1058 CHAR *nx_secure_tls_handshake_hash_scratch; 1059 ULONG nx_secure_tls_handshake_hash_scratch_size; 1060 } NX_SECURE_TLS_HANDSHAKE_HASH; 1061 1062 1063 /* Top-level structure that contains all the relevant cryptographic method 1064 information for all TLS versions. */ 1065 typedef struct NX_SECURE_TLS_CRYPTO_STRUCT 1066 { 1067 /* Table that maps ciphersuites to crypto methods. */ 1068 NX_SECURE_TLS_CIPHERSUITE_INFO *nx_secure_tls_ciphersuite_lookup_table; 1069 USHORT nx_secure_tls_ciphersuite_lookup_table_size; 1070 1071 /* Table that maps X.509 cipher identifiers to crypto methods. */ 1072 #ifndef NX_SECURE_DISABLE_X509 1073 NX_SECURE_X509_CRYPTO *nx_secure_tls_x509_cipher_table; 1074 USHORT nx_secure_tls_x509_cipher_table_size; 1075 #endif 1076 1077 /* Specific routines needed for specific TLS versions. */ 1078 #if (NX_SECURE_TLS_TLS_1_0_ENABLED || NX_SECURE_TLS_TLS_1_1_ENABLED) 1079 const NX_CRYPTO_METHOD *nx_secure_tls_handshake_hash_md5_method; 1080 const NX_CRYPTO_METHOD *nx_secure_tls_handshake_hash_sha1_method; 1081 const NX_CRYPTO_METHOD *nx_secure_tls_prf_1_method; 1082 #endif 1083 1084 #if (NX_SECURE_TLS_TLS_1_2_ENABLED) 1085 const NX_CRYPTO_METHOD *nx_secure_tls_handshake_hash_sha256_method; 1086 const NX_CRYPTO_METHOD *nx_secure_tls_prf_sha256_method; 1087 #endif 1088 1089 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 1090 const NX_CRYPTO_METHOD *nx_secure_tls_hkdf_method; 1091 const NX_CRYPTO_METHOD *nx_secure_tls_hmac_method; 1092 const NX_CRYPTO_METHOD *nx_secure_tls_ecdhe_method; 1093 #endif 1094 1095 } NX_SECURE_TLS_CRYPTO; 1096 1097 1098 typedef struct NX_SECURE_TLS_CREDENTIALS_STRUCT 1099 { 1100 /* X509 certificates are enabled by default. Disable them using this macro. */ 1101 #ifndef NX_SECURE_DISABLE_X509 1102 /* X509 Certificate store. */ 1103 NX_SECURE_X509_CERTIFICATE_STORE nx_secure_tls_certificate_store; 1104 1105 /* Pointer to the active local certificate, if non-NULL it overrides the store 1106 when sending out a certificate. */ 1107 NX_SECURE_X509_CERT *nx_secure_tls_active_certificate; 1108 1109 #endif 1110 1111 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || (NX_SECURE_TLS_TLS_1_3_ENABLED) 1112 1113 /* Server identity value (received from remote host). */ 1114 UCHAR nx_secure_tls_remote_psk_id[NX_SECURE_TLS_MAX_PSK_ID_SIZE]; 1115 UINT nx_secure_tls_remote_psk_id_size; 1116 1117 /* Client PSK for use with a specific server. */ 1118 NX_SECURE_TLS_PSK_STORE nx_secure_tls_client_psk; 1119 #endif 1120 1121 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) || (NX_SECURE_TLS_TLS_1_3_ENABLED) 1122 /* Store for PSK ciphersuite keys. Used for TLS servers and PSK. */ 1123 NX_SECURE_TLS_PSK_STORE nx_secure_tls_psk_store[NX_SECURE_TLS_MAX_PSK_KEYS]; 1124 1125 /* Current count/index into PSK store. */ 1126 UINT nx_secure_tls_psk_count; 1127 #endif /* defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) */ 1128 1129 } NX_SECURE_TLS_CREDENTIALS; 1130 1131 /* This structure encapsulates a single extension and its associated data. The 1132 structure is used to pass opaque data in and out of the TLS stack. Helper 1133 functions are used to extract/fill extension-specific data. */ 1134 typedef struct NX_SECURE_TLS_HELLO_EXTENSION_STRUCT 1135 { 1136 1137 /* Identifier for the extension - used to identify the data in the buffer. */ 1138 USHORT nx_secure_tls_extension_id; 1139 1140 /* Length of data in the buffer. */ 1141 USHORT nx_secure_tls_extension_data_length; 1142 1143 /* Data for the extensions. Pointer to a buffer containing the data which 1144 is formatted according to the particular extension. */ 1145 const UCHAR *nx_secure_tls_extension_data; 1146 } NX_SECURE_TLS_HELLO_EXTENSION; 1147 1148 1149 /* Definition of the top-level TLS session control block used by the application. */ 1150 typedef struct NX_SECURE_TLS_SESSION_STRUCT 1151 { 1152 /* Identifier to determine if TLS session has been properly initialized. */ 1153 ULONG nx_secure_tls_id; 1154 1155 /* Underlying TCP socket. */ 1156 NX_TCP_SOCKET *nx_secure_tls_tcp_socket; 1157 1158 /* Queue the incoming packets for one record. */ 1159 NX_PACKET *nx_secure_record_queue_header; 1160 NX_PACKET *nx_secure_record_decrypted_packet; 1161 1162 /* Packet pool used by TLS stack to allocate outgoing packets used in TLS handshake. */ 1163 NX_PACKET_POOL *nx_secure_tls_packet_pool; 1164 1165 /* Packet/message buffer for re-assembling TLS messages. */ 1166 UCHAR *nx_secure_tls_packet_buffer; 1167 ULONG nx_secure_tls_packet_buffer_size; 1168 ULONG nx_secure_tls_packet_buffer_original_size; 1169 1170 /* The number of bytes copied into packet/message buffer. */ 1171 ULONG nx_secure_tls_packet_buffer_bytes_copied; 1172 1173 /* The exepected number of bytes for an incoming handshake record. */ 1174 ULONG nx_secure_tls_handshake_record_expected_length; 1175 1176 /* Whether a handshake message is fragmented across several records. */ 1177 USHORT nx_secure_tls_handshake_record_fragment_state; 1178 1179 /* The offset of current record to be processed. */ 1180 ULONG nx_secure_tls_record_offset; 1181 1182 /* The prcessed number of bytes in current tls record. */ 1183 ULONG nx_secure_tls_bytes_processed; 1184 1185 /* What type of socket is this? Client or server? */ 1186 UINT nx_secure_tls_socket_type; 1187 1188 /* Protocol version used for the current session. Actual version depends on 1189 * user preference and the remote host. */ 1190 USHORT nx_secure_tls_protocol_version; 1191 1192 /* TLS 1.3 doesn't use the protocol version - it's fixed to TLS 1.2 (0x0303) so 1193 we distinguish a TLS 1.3 session from others using the flag below. */ 1194 USHORT nx_secure_tls_supported_versions; 1195 1196 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 1197 UCHAR nx_secure_tls_1_3; 1198 UCHAR nx_secure_tls_1_3_supported; 1199 #endif 1200 1201 /* This field overrides the version returned by _nx_secure_tls_newest_supported_version. */ 1202 USHORT nx_secure_tls_protocol_version_override; 1203 1204 /* The highest supported protocol version obtained through negotiation. */ 1205 USHORT nx_secure_tls_negotiated_highest_protocol_version; 1206 1207 /* State of local and remote encryption - post ChangeCipherSpec. */ 1208 UCHAR nx_secure_tls_remote_session_active; 1209 UCHAR nx_secure_tls_local_session_active; 1210 1211 /* State of whether the client and server session cipher is initialized. */ 1212 UCHAR nx_secure_tls_session_cipher_client_initialized; 1213 UCHAR nx_secure_tls_session_cipher_server_initialized; 1214 1215 /* Chosen ciphersuite. */ 1216 const NX_SECURE_TLS_CIPHERSUITE_INFO *nx_secure_tls_session_ciphersuite; 1217 1218 /* Chosen ciphersuite table, passed in during the session create call. */ 1219 NX_SECURE_TLS_CRYPTO *nx_secure_tls_crypto_table; 1220 1221 /* Key material (master secret, session keys, etc.) is stored here. */ 1222 NX_SECURE_TLS_KEY_MATERIAL nx_secure_tls_key_material; 1223 1224 /* Session ID length. */ 1225 UCHAR nx_secure_tls_session_id_length; 1226 1227 /* Session ID used for session re-negotiation. */ 1228 UCHAR nx_secure_tls_session_id[NX_SECURE_TLS_SESSION_ID_SIZE]; 1229 1230 #ifndef NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION 1231 /* This flag indicates whether the remote host supports secure renegotiation 1232 as indicated in the initial Hello messages (SCSV or the renegotiation 1233 extension were provided). */ 1234 USHORT nx_secure_tls_secure_renegotiation; 1235 1236 /* This flag indicates whether the renegotiation_info extension is present and 1237 the data in the extension is verified during secure renegotiation. */ 1238 USHORT nx_secure_tls_secure_renegotiation_verified; 1239 1240 /* This flag indicates that a server instance has requested a renegotiation 1241 so we can differentiate between client initiated and server initiated. */ 1242 USHORT nx_secure_tls_server_renegotiation_requested; 1243 1244 /* The verify data is named "remote" and "local" since it can be used by 1245 both TLS Client and TLS Server instances. */ 1246 UCHAR nx_secure_tls_remote_verify_data[NX_SECURE_TLS_FINISHED_HASH_SIZE]; 1247 UCHAR nx_secure_tls_local_verify_data[NX_SECURE_TLS_FINISHED_HASH_SIZE]; 1248 #endif /* NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION */ 1249 1250 1251 /* Sequence number for the current TLS session - local host. */ 1252 ULONG nx_secure_tls_local_sequence_number[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE]; 1253 1254 /* Sequence number for the current TLS session - remote host. For verification of incoming records. */ 1255 ULONG nx_secure_tls_remote_sequence_number[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE]; 1256 1257 /* Pointer to TLS credentials for this session - stores PSKs, certificates, and other identification. */ 1258 NX_SECURE_TLS_CREDENTIALS nx_secure_tls_credentials; 1259 1260 /* Handshake hash (for the Finished message) must be maintained for all handshake messages. The 1261 * TLS version determines the actual hash being used, so all hash context data is encapsulated in 1262 * the handshake hash structure. */ 1263 NX_SECURE_TLS_HANDSHAKE_HASH nx_secure_tls_handshake_hash; 1264 1265 /* If our TLS server wishes to verify the client certificate, the application 1266 will set this to true (non-zero). */ 1267 USHORT nx_secure_tls_verify_client_certificate; 1268 1269 /* This flag will be set to true when TLS has received credentials (e.g. certificate, PSK) 1270 from the remote host. If it is still false when we get to the end of the handshake, 1271 we have not received credentials from the remote host and should fail the handshake. */ 1272 USHORT nx_secure_tls_received_remote_credentials; 1273 1274 /* This mutex used for TLS session while transmitting packets. */ 1275 TX_MUTEX nx_secure_tls_session_transmit_mutex; 1276 1277 #ifndef NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION 1278 /* If we receive a hello message from the remote server during a session, 1279 we have a re-negotiation handshake we need to process. */ 1280 USHORT nx_secure_tls_renegotiation_handshake; 1281 1282 /* Flag to enable/disable session renegotiation at application's choosing. */ 1283 USHORT nx_secure_tls_renegotation_enabled; 1284 1285 /* Flag to indicate that the local host initiated the renegotiation. */ 1286 USHORT nx_secure_tls_local_initiated_renegotiation; 1287 #endif /* NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION */ 1288 1289 #ifndef NX_SECURE_TLS_SERVER_DISABLED 1290 /* The state of the server handshake if this is a server socket. */ 1291 NX_SECURE_TLS_SERVER_STATE nx_secure_tls_server_state; 1292 #endif 1293 1294 #ifndef NX_SECURE_TLS_CLIENT_DISABLED 1295 /* The state of the client handshake if this is a client socket. */ 1296 NX_SECURE_TLS_CLIENT_STATE nx_secure_tls_client_state; 1297 1298 /* If the remote TLS Server requests a certificate, save that state here so we can send the cert. */ 1299 USHORT nx_secure_tls_client_certificate_requested; 1300 #endif 1301 1302 /* Define the link between other TLS structures created by the application. */ 1303 struct NX_SECURE_TLS_SESSION_STRUCT 1304 *nx_secure_tls_created_previous, 1305 *nx_secure_tls_created_next; 1306 1307 /* Define the public cipher metadata area. */ 1308 VOID *nx_secure_public_cipher_metadata_area; 1309 1310 /* Define the public cipher metadata size. */ 1311 ULONG nx_secure_public_cipher_metadata_size; 1312 1313 /* Define the public authentication handler. */ 1314 VOID *nx_secure_public_auth_handler; 1315 1316 /* Define the public authentication metadata area. */ 1317 VOID *nx_secure_public_auth_metadata_area; 1318 1319 /* Define the public authentication metadata size. */ 1320 ULONG nx_secure_public_auth_metadata_size; 1321 1322 /* Define the session cipher handler for client. */ 1323 VOID *nx_secure_session_cipher_handler_client; 1324 1325 /* Define the session cipher handler for server. */ 1326 VOID *nx_secure_session_cipher_handler_server; 1327 1328 /* Define the session cipher metadata area for client. */ 1329 VOID *nx_secure_session_cipher_metadata_area_client; 1330 1331 /* Define the crypto metadata area for server. */ 1332 VOID *nx_secure_session_cipher_metadata_area_server; 1333 1334 /* Define the crypto metadata size. */ 1335 ULONG nx_secure_session_cipher_metadata_size; 1336 1337 /* Define the hash Message Authentication Code (MAC) handler. */ 1338 VOID *nx_secure_hash_mac_handler; 1339 1340 /* Define the hash Message Authentication Code (MAC) metadata area. */ 1341 VOID *nx_secure_hash_mac_metadata_area; 1342 1343 /* Define the hash Message Authentication Code (MAC) metadata size. */ 1344 ULONG nx_secure_hash_mac_metadata_size; 1345 1346 /* Define the TLS PRF metadata area. */ 1347 VOID *nx_secure_tls_prf_metadata_area; 1348 1349 /* Define the TLS PRF metadata size. */ 1350 ULONG nx_secure_tls_prf_metadata_size; 1351 1352 /* Function (set by user) to call when TLS needs the current time. */ 1353 ULONG (*nx_secure_tls_session_time_function)(void); 1354 1355 /* Function (set by application) to call when TLS has a certificate from the 1356 remote host that has passed basic validation but requires additional checks 1357 by the application before being accepted. */ 1358 ULONG (*nx_secure_tls_session_certificate_callback)(struct NX_SECURE_TLS_SESSION_STRUCT *session, NX_SECURE_X509_CERT *certificate); 1359 1360 #ifndef NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION 1361 /* Function (set by user) to call when TLS receives a re-negotiation request from the remote host. */ 1362 ULONG (*nx_secure_tls_session_renegotiation_callback)(struct NX_SECURE_TLS_SESSION_STRUCT *session); 1363 #endif /* NX_SECURE_TLS_DISABLE_SECURE_RENEGOTIATION */ 1364 1365 /* Function (set by user) to call when a TLS Client receives a ServerHello message containing extensions 1366 that require specific actions. */ 1367 ULONG (*nx_secure_tls_session_client_callback)(struct NX_SECURE_TLS_SESSION_STRUCT *tls_session, NX_SECURE_TLS_HELLO_EXTENSION *extensions, UINT num_extensions); 1368 1369 /* Function (set by user) to call when a TLS Server receives a ClientHello message containing extensions 1370 that require specific actions. */ 1371 ULONG (*nx_secure_tls_session_server_callback)(struct NX_SECURE_TLS_SESSION_STRUCT *tls_session, NX_SECURE_TLS_HELLO_EXTENSION *extensions, UINT num_extensions); 1372 1373 #ifndef NX_SECURE_TLS_SNI_EXTENSION_DISABLED 1374 /* Server Name Indication (SNI) extension. For TLS Client, this is a single DNS name. 1375 For TLS Server, this is unused. */ 1376 NX_SECURE_X509_DNS_NAME *nx_secure_tls_sni_extension_server_name; 1377 #endif 1378 1379 /* These are used to store off the alert value and level when an alert is recevied. */ 1380 UINT nx_secure_tls_received_alert_level; 1381 UINT nx_secure_tls_received_alert_value; 1382 1383 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE 1384 /* Supported EC groups information for this session. */ 1385 NX_SECURE_TLS_ECC nx_secure_tls_ecc; 1386 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */ 1387 1388 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 1389 UCHAR *nx_secure_tls_cookie; 1390 UINT nx_secure_tls_cookie_length; 1391 1392 UINT nx_secure_tls_signature_algorithm; 1393 #endif 1394 1395 /* Functions that can be replaced to implement custom key generation. */ 1396 UINT (*nx_secure_generate_premaster_secret)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1397 NX_SECURE_TLS_CREDENTIALS *tls_credentials, UINT session_type, USHORT *received_remote_credentials, 1398 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, VOID *tls_ecc_curves); 1399 UINT (*nx_secure_generate_master_secret)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1400 const NX_CRYPTO_METHOD *session_prf_method, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1401 UCHAR *pre_master_sec, UINT pre_master_sec_size, UCHAR *master_sec, 1402 VOID *prf_metadata, ULONG prf_metadata_size); 1403 UINT (*nx_secure_generate_session_keys)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1404 const NX_CRYPTO_METHOD *session_prf_method, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1405 UCHAR *master_sec, VOID *prf_metadata, ULONG prf_metadata_size); 1406 UINT (*nx_secure_session_keys_set)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1407 UINT key_material_data_size, UINT is_client, UCHAR *session_cipher_initialized, 1408 VOID *session_cipher_metadata, VOID **session_cipher_handler, ULONG session_cipher_metadata_size); 1409 #ifndef NX_SECURE_TLS_CLIENT_DISABLED 1410 UINT(*nx_secure_process_server_key_exchange)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, NX_SECURE_TLS_CRYPTO *tls_crypto_table, 1411 USHORT protocol_version, UCHAR *packet_buffer, UINT message_length, 1412 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1413 NX_SECURE_TLS_HANDSHAKE_HASH *tls_handshake_hash, 1414 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1415 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1416 UINT(*nx_secure_generate_client_key_exchange)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, 1417 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1418 UCHAR *data_buffer, ULONG buffer_length, ULONG *output_size, 1419 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1420 VOID *public_auth_metadata, ULONG public_auth_metadata_size); 1421 #endif 1422 #ifndef NX_SECURE_TLS_SERVER_DISABLED 1423 UINT(*nx_secure_process_client_key_exchange)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1424 UCHAR *packet_buffer, UINT message_length, USHORT *received_remote_credentials, 1425 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1426 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1427 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1428 UINT(*nx_secure_generate_server_key_exchange)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, UCHAR tls_1_3, 1429 NX_SECURE_TLS_CRYPTO *tls_crypto_table, NX_SECURE_TLS_HANDSHAKE_HASH *tls_handshake_hash, 1430 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1431 UCHAR *data_buffer, ULONG buffer_length, ULONG *output_size, 1432 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1433 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1434 #endif 1435 UINT (*nx_secure_verify_mac)(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, UCHAR *mac_secret, ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1436 UCHAR *header_data, USHORT header_length, NX_PACKET *packet_ptr, ULONG offset, UINT *length, 1437 VOID *hash_mac_metadata, ULONG hash_mac_metadata_size); 1438 UINT (*nx_secure_remote_certificate_verify)(NX_SECURE_X509_CERTIFICATE_STORE *store, 1439 NX_SECURE_X509_CERT *certificate, ULONG current_time); 1440 UINT (*nx_secure_trusted_certificate_add)(NX_SECURE_X509_CERTIFICATE_STORE *store, 1441 NX_SECURE_X509_CERT *certificate); 1442 } NX_SECURE_TLS_SESSION; 1443 1444 /* TLS record types. */ 1445 #define NX_SECURE_TLS_CHANGE_CIPHER_SPEC 20 1446 #define NX_SECURE_TLS_ALERT 21 1447 #define NX_SECURE_TLS_HANDSHAKE 22 1448 #define NX_SECURE_TLS_APPLICATION_DATA 23 1449 1450 /* TLS handshake message values. */ 1451 #define NX_SECURE_TLS_HELLO_REQUEST 0 1452 #define NX_SECURE_TLS_CLIENT_HELLO 1 1453 #define NX_SECURE_TLS_SERVER_HELLO 2 1454 #define NX_SECURE_TLS_HELLO_VERIFY_REQUEST 3 1455 #define NX_SECURE_TLS_NEW_SESSION_TICKET 4 1456 #define NX_SECURE_TLS_END_OF_EARLY_DATA 5 1457 #define NX_SECURE_TLS_ENCRYPTED_EXTENSIONS 8 1458 #define NX_SECURE_TLS_CERTIFICATE_MSG 11 1459 #define NX_SECURE_TLS_SERVER_KEY_EXCHANGE 12 1460 #define NX_SECURE_TLS_CERTIFICATE_REQUEST 13 1461 #define NX_SECURE_TLS_SERVER_HELLO_DONE 14 1462 #define NX_SECURE_TLS_CERTIFICATE_VERIFY 15 1463 #define NX_SECURE_TLS_CLIENT_KEY_EXCHANGE 16 1464 #define NX_SECURE_TLS_FINISHED 20 1465 #define NX_SECURE_TLS_CERTIFICATE_URL 21 1466 #define NX_SECURE_TLS_CERTIFICATE_STATUS 22 1467 #define NX_SECURE_TLS_KEY_UPDATE 24 1468 #define NX_SECURE_TLS_INVALID_MESSAGE 100 1469 #define NX_SECURE_TLS_MESSAGE_HASH 254 1470 1471 1472 /* Declare internal functions. */ 1473 1474 #ifdef NX_SECURE_KEY_CLEAR 1475 #define nx_secure_tls_packet_release _nx_secure_tls_packet_release 1476 #else 1477 #define nx_secure_tls_packet_release nx_packet_release 1478 #endif /* NX_SECURE_KEY_CLEAR */ 1479 1480 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) 1481 UINT _nx_secure_tls_1_3_crypto_init(NX_SECURE_TLS_SESSION *tls_session); 1482 UINT _nx_secure_tls_1_3_client_handshake(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1483 UINT data_length, ULONG wait_option); 1484 UINT _nx_secure_tls_1_3_server_handshake(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1485 UINT data_length, ULONG wait_option); 1486 UINT _nx_secure_tls_1_3_generate_handshake_keys(NX_SECURE_TLS_SESSION *tls_session); 1487 UINT _nx_secure_tls_1_3_generate_session_keys(NX_SECURE_TLS_SESSION *tls_session); 1488 UINT _nx_secure_tls_1_3_session_psk_generate(NX_SECURE_TLS_SESSION *tls_session, NX_SECURE_TLS_PSK_STORE *ticket_psk, UCHAR *nonce, UINT nonce_len); 1489 UINT _nx_secure_tls_psk_binder_generate(NX_SECURE_TLS_SESSION *tls_session, NX_SECURE_TLS_PSK_STORE *psk_entry); 1490 UINT _nx_secure_tls_1_3_session_keys_set(NX_SECURE_TLS_SESSION *tls_session, USHORT key_set); 1491 UINT _nx_secure_tls_1_3_transcript_hash_save(NX_SECURE_TLS_SESSION *tls_session, UINT hash_index, UINT need_copy); 1492 UINT _nx_secure_tls_1_3_finished_hash_generate(NX_SECURE_TLS_SESSION *tls_session, 1493 UINT is_server, UINT *hash_size, UCHAR *finished_hash, 1494 ULONG available_size); 1495 UINT _nx_secure_tls_1_3_generate_psk_secret(NX_SECURE_TLS_SESSION *tls_session, 1496 NX_SECURE_TLS_PSK_STORE *psk_entry, 1497 const NX_CRYPTO_METHOD *hash_method); 1498 UINT _nx_secure_tls_send_newsessionticket(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1499 UINT _nx_secure_tls_process_newsessionticket(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1500 UINT message_length); 1501 UINT _nx_secure_tls_process_encrypted_extensions(NX_SECURE_TLS_SESSION *tls_session, 1502 UCHAR *packet_buffer, UINT message_length); 1503 UINT _nx_secure_tls_send_encrypted_extensions(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1504 #endif 1505 1506 VOID _nx_secure_tls_get_signature_algorithm_id(UINT signature_algorithm, USHORT *signature_algorithm_id); 1507 UINT _nx_secure_tls_allocate_handshake_packet(NX_SECURE_TLS_SESSION *tls_session, 1508 NX_PACKET_POOL *packet_pool, 1509 NX_PACKET **send_packet, ULONG wait_option); 1510 UINT _nx_secure_tls_check_protocol_version(NX_SECURE_TLS_SESSION *tls_session, 1511 USHORT protocol_version, UINT id); 1512 UINT _nx_secure_tls_ciphersuite_lookup(NX_SECURE_TLS_SESSION *tls_session, UINT ciphersuite, 1513 const NX_SECURE_TLS_CIPHERSUITE_INFO **info, USHORT *ciphersuite_priority); 1514 UINT _nx_secure_tls_client_handshake(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1515 UINT data_length, ULONG wait_option); 1516 UINT _nx_secure_tls_finished_hash_generate(NX_SECURE_TLS_SESSION *tls_session, 1517 UCHAR *finished_label, UCHAR *finished_hash); 1518 UINT _nx_secure_tls_generate_keys(NX_SECURE_TLS_SESSION *tls_session); 1519 UINT _nx_secure_tls_generate_premaster_secret(NX_SECURE_TLS_SESSION *tls_session, UINT id); 1520 UINT _nx_secure_tls_handshake_hash_init(NX_SECURE_TLS_SESSION *tls_session); 1521 UINT _nx_secure_tls_handshake_hash_update(NX_SECURE_TLS_SESSION *tls_session, UCHAR *data, 1522 UINT length); 1523 UINT _nx_secure_tls_handshake_process(NX_SECURE_TLS_SESSION *tls_session, UINT wait_option); 1524 UINT _nx_secure_tls_hash_record(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, 1525 ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1526 UCHAR *header, UINT header_length, NX_PACKET *packet_ptr, 1527 ULONG offset, UINT length, UCHAR *record_hash, UINT *hash_length, 1528 UCHAR *mac_secret, VOID *metadata, ULONG metadata_size); 1529 UINT _nx_secure_tls_key_material_init(NX_SECURE_TLS_KEY_MATERIAL *key_material); 1530 VOID _nx_secure_tls_map_error_to_alert(UINT error_number, UINT *alert_number, 1531 UINT *alert_level); 1532 VOID _nx_secure_tls_newest_supported_version(NX_SECURE_TLS_SESSION *session_ptr, 1533 USHORT *protocol_version, UINT id); 1534 VOID _nx_secure_tls_highest_supported_version_negotiate(NX_SECURE_TLS_SESSION *session_ptr, 1535 USHORT *protocol_version, UINT id); 1536 UINT _nx_secure_tls_packet_release(NX_PACKET *packet_ptr); 1537 VOID _nx_secure_tls_protocol_version_get(NX_SECURE_TLS_SESSION *session_ptr, 1538 USHORT *protocol_version, UINT id); 1539 UINT _nx_secure_tls_process_certificate_request(NX_SECURE_TLS_SESSION *tls_session, 1540 UCHAR *packet_buffer, UINT message_length); 1541 UINT _nx_secure_tls_process_certificate_verify(NX_SECURE_TLS_SESSION *tls_session, 1542 UCHAR *packet_buffer, UINT message_length); 1543 UINT _nx_secure_tls_process_changecipherspec(NX_SECURE_TLS_SESSION *tls_session, 1544 UCHAR *packet_buffer, UINT message_length); 1545 UINT _nx_secure_tls_process_client_key_exchange(NX_SECURE_TLS_SESSION *tls_session, 1546 UCHAR *packet_buffer, UINT message_length, UINT id); 1547 UINT _nx_secure_tls_process_clienthello(NX_SECURE_TLS_SESSION *tls_session, 1548 UCHAR *packet_buffer, UINT message_length); 1549 UINT _nx_secure_tls_process_clienthello_extensions(NX_SECURE_TLS_SESSION *tls_session, 1550 UCHAR *packet_buffer, UINT message_length, 1551 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1552 UINT *num_extensions, UCHAR *client_hello_buffer, UINT client_hello_length); 1553 1554 UINT _nx_secure_tls_process_finished(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1555 UINT message_length); 1556 UINT _nx_secure_tls_process_header(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *packet_ptr, 1557 ULONG record_offset, USHORT *message_type, UINT *length, 1558 UCHAR *header_data, USHORT *header_length); 1559 UINT _nx_secure_tls_process_handshake_header(UCHAR *packet_buffer, USHORT *message_type, 1560 UINT *header_size, UINT *message_length); 1561 UINT _nx_secure_tls_process_record(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *packet_ptr, 1562 ULONG *bytes_processed, ULONG wait_option); 1563 UINT _nx_secure_tls_process_remote_certificate(NX_SECURE_TLS_SESSION *tls_session, 1564 UCHAR *packet_buffer, 1565 UINT message_length, 1566 UINT data_length); 1567 UINT _nx_secure_tls_process_server_key_exchange(NX_SECURE_TLS_SESSION *tls_session, 1568 UCHAR *packet_buffer, UINT message_length); 1569 UINT _nx_secure_tls_process_serverhello(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1570 UINT message_length); 1571 UINT _nx_secure_tls_process_serverhello_extensions(NX_SECURE_TLS_SESSION *tls_session, 1572 UCHAR *packet_buffer, UINT message_length, 1573 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1574 UINT *num_extensions); 1575 UINT _nx_secure_tls_record_hash_calculate(NX_SECURE_TLS_SESSION *tls_session, UCHAR *record_hash, 1576 UINT *hash_length); 1577 UINT _nx_secure_tls_record_hash_initialize(NX_SECURE_TLS_SESSION *tls_session, 1578 ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1579 UCHAR *header, UINT header_length, UINT *hash_length, 1580 UCHAR *mac_secret); 1581 UINT _nx_secure_tls_record_hash_update(NX_SECURE_TLS_SESSION *tls_session, UCHAR *data, 1582 UINT length); 1583 UINT _nx_secure_tls_record_payload_decrypt(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *encrypted_packet, 1584 UINT offset, UINT message_length, NX_PACKET **decrypted_packet, 1585 ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1586 UCHAR record_type, UINT wait_option); 1587 UINT _nx_secure_tls_record_payload_encrypt(NX_SECURE_TLS_SESSION *tls_session, 1588 NX_PACKET *send_packet, 1589 ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1590 UCHAR record_type); 1591 UINT _nx_secure_tls_remote_certificate_free(NX_SECURE_TLS_SESSION *tls_session, 1592 NX_SECURE_X509_DISTINGUISHED_NAME *name); 1593 UINT _nx_secure_tls_remote_certificate_verify(NX_SECURE_TLS_SESSION *tls_session); 1594 VOID _nx_secure_tls_send_alert(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet, 1595 UCHAR alert_number, UCHAR alert_level); 1596 UINT _nx_secure_tls_send_certificate(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet, 1597 ULONG wait_option); 1598 UINT _nx_secure_tls_send_certificate_request(NX_SECURE_TLS_SESSION *tls_session, 1599 NX_PACKET *send_packet); 1600 UINT _nx_secure_tls_send_changecipherspec(NX_SECURE_TLS_SESSION *tls_session, 1601 NX_PACKET *send_packet); 1602 UINT _nx_secure_tls_send_clienthello(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1603 UINT _nx_secure_tls_send_clienthello_extensions(NX_SECURE_TLS_SESSION *tls_session, 1604 UCHAR *packet_buffer, ULONG *packet_offset, 1605 ULONG *extensions_length, ULONG available_size); 1606 UINT _nx_secure_tls_send_client_key_exchange(NX_SECURE_TLS_SESSION *tls_session, 1607 NX_PACKET *send_packet); 1608 UINT _nx_secure_tls_send_finished(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1609 UINT _nx_secure_tls_send_handshake_record(NX_SECURE_TLS_SESSION *tls_session, 1610 NX_PACKET *send_packet, UCHAR handshake_type, 1611 ULONG wait_option); 1612 UINT _nx_secure_tls_send_hellorequest(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1613 UINT _nx_secure_tls_send_certificate_verify(NX_SECURE_TLS_SESSION *tls_session, 1614 NX_PACKET *send_packet); 1615 UINT _nx_secure_tls_send_record(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet, 1616 UCHAR record_type, ULONG wait_option); 1617 UINT _nx_secure_tls_send_server_key_exchange(NX_SECURE_TLS_SESSION *tls_session, 1618 NX_PACKET *send_packet); 1619 UINT _nx_secure_tls_send_serverhello(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *send_packet); 1620 UINT _nx_secure_tls_send_serverhello_extensions(NX_SECURE_TLS_SESSION *tls_session, 1621 UCHAR *packet_buffer, ULONG *packet_offset, 1622 ULONG available_size); 1623 UINT _nx_secure_tls_server_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1624 NX_SECURE_X509_CERT *certificate, UINT cert_id); 1625 UINT _nx_secure_tls_server_certificate_find(NX_SECURE_TLS_SESSION *tls_session, 1626 NX_SECURE_X509_CERT **certificate, UINT cert_id); 1627 UINT _nx_secure_tls_server_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, UINT cert_id); 1628 UINT _nx_secure_tls_server_handshake(NX_SECURE_TLS_SESSION *tls_session, UCHAR *packet_buffer, 1629 UINT data_length, ULONG wait_option); 1630 UINT _nx_secure_tls_session_iv_size_get(NX_SECURE_TLS_SESSION *tls_session, USHORT *iv_size); 1631 UINT _nx_secure_tls_session_keys_set(NX_SECURE_TLS_SESSION *tls_session, USHORT key_set); 1632 UINT _nx_secure_tls_session_receive_records(NX_SECURE_TLS_SESSION *tls_session, 1633 NX_PACKET **packet_ptr_ptr, ULONG wait_option); 1634 UINT _nx_secure_tls_verify_mac(NX_SECURE_TLS_SESSION *tls_session, UCHAR *header_data, 1635 USHORT header_length, NX_PACKET *packet_ptr, ULONG offset, UINT *length); 1636 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE 1637 UINT _nx_secure_tls_ecc_generate_keys(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, UCHAR tls_1_3, 1638 NX_SECURE_TLS_CRYPTO *tls_crypto_table, NX_SECURE_TLS_HANDSHAKE_HASH *tls_handshake_hash, 1639 NX_SECURE_TLS_ECC *tls_ecc_curves, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1640 NX_SECURE_TLS_CREDENTIALS *tls_credentials, UINT ecc_named_curve, USHORT sign_key, 1641 UCHAR *public_key, UINT *public_key_size, NX_SECURE_TLS_ECDHE_HANDSHAKE_DATA *ecc_data, 1642 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1643 VOID *public_auth_metadata, ULONG public_auth_metadata_size); 1644 UINT _nx_secure_tls_find_curve_method(NX_SECURE_TLS_ECC *tls_ecc, USHORT named_curve, 1645 const NX_CRYPTO_METHOD **curve_method, UINT *curve_priority); 1646 UINT _nx_secure_tls_proc_clienthello_sec_sa_extension(NX_SECURE_TLS_SESSION *tls_session, 1647 NX_SECURE_TLS_HELLO_EXTENSION *exts, 1648 UINT num_extensions, 1649 UINT *selected_curve, USHORT cert_curve, 1650 UINT *cert_curve_supported, 1651 USHORT *ecdhe_signature_algorithm, 1652 NX_SECURE_X509_CERT *cert); 1653 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */ 1654 1655 1656 /* Actual API functions .*/ 1657 UINT nx_secure_module_hash_compute(NX_CRYPTO_METHOD *hmac_ptr, 1658 UINT start_address, 1659 UINT end_address, 1660 UCHAR *key, UINT key_length, 1661 VOID *metadata, UINT metadata_size, 1662 UCHAR *output_buffer, UINT output_buffer_size, UINT *actual_size); 1663 UINT _nx_secure_tls_active_certificate_set(NX_SECURE_TLS_SESSION *tls_session, 1664 NX_SECURE_X509_CERT *certificate); 1665 VOID _nx_secure_tls_initialize(VOID); 1666 UINT _nx_secure_tls_shutdown(VOID); 1667 1668 UINT _nx_secure_tls_local_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1669 NX_SECURE_X509_CERT *certificate); 1670 UINT _nx_secure_tls_local_certificate_find(NX_SECURE_TLS_SESSION *tls_session, 1671 NX_SECURE_X509_CERT **certificate, UCHAR *common_name, UINT name_length); 1672 UINT _nx_secure_tls_local_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, 1673 UCHAR *common_name, UINT common_name_length); 1674 UINT _nx_secure_tls_metadata_size_calculate(const NX_SECURE_TLS_CRYPTO *crypto_table, 1675 ULONG *metadata_size); 1676 UINT _nx_secure_tls_remote_certificate_allocate(NX_SECURE_TLS_SESSION *tls_session, 1677 NX_SECURE_X509_CERT *certificate, 1678 UCHAR *raw_certificate_buffer, UINT buffer_size); 1679 UINT _nx_secure_tls_remote_certificate_buffer_allocate(NX_SECURE_TLS_SESSION *tls_session, 1680 UINT certs_number, VOID *certificate_buffer, ULONG buffer_size); 1681 UINT _nx_secure_tls_remote_certificate_free_all(NX_SECURE_TLS_SESSION *tls_session); 1682 UINT _nx_secure_tls_server_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1683 NX_SECURE_X509_CERT *certificate, UINT cert_id); 1684 UINT _nx_secure_tls_server_certificate_find(NX_SECURE_TLS_SESSION *tls_session, 1685 NX_SECURE_X509_CERT **certificate, UINT cert_id); 1686 UINT _nx_secure_tls_server_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, UINT cert_id); 1687 UINT _nx_secure_tls_session_alert_value_get(NX_SECURE_TLS_SESSION *tls_session, 1688 UINT *alert_level, UINT *alert_value); 1689 UINT _nx_secure_tls_session_certificate_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1690 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *session, 1691 NX_SECURE_X509_CERT *certificate)); 1692 UINT _nx_secure_tls_session_client_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1693 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *tls_session, 1694 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1695 UINT num_extensions)); 1696 UINT _nx_secure_tls_session_client_verify_disable(NX_SECURE_TLS_SESSION *tls_session); 1697 UINT _nx_secure_tls_session_client_verify_enable(NX_SECURE_TLS_SESSION *tls_session); 1698 UINT _nx_secure_tls_session_x509_client_verify_configure(NX_SECURE_TLS_SESSION *tls_session, UINT certs_number, 1699 VOID *certificate_buffer, ULONG buffer_size); 1700 UINT _nx_secure_tls_session_create(NX_SECURE_TLS_SESSION *session_ptr, 1701 const NX_SECURE_TLS_CRYPTO *cipher_table, 1702 VOID *metadata_area, 1703 ULONG metadata_size); 1704 1705 UINT _nx_secure_tls_session_create_ext(NX_SECURE_TLS_SESSION *tls_session, 1706 const NX_CRYPTO_METHOD **crypto_array, UINT crypto_array_size, 1707 const NX_CRYPTO_CIPHERSUITE **cipher_map, UINT cipher_map_size, 1708 VOID *metadata_buffer, 1709 ULONG metadata_size); 1710 1711 UINT _nx_secure_tls_session_delete(NX_SECURE_TLS_SESSION *tls_session); 1712 UINT _nx_secure_tls_session_end(NX_SECURE_TLS_SESSION *tls_session, UINT wait_option); 1713 UINT _nx_secure_tls_session_packet_buffer_set(NX_SECURE_TLS_SESSION *session_ptr, 1714 UCHAR *buffer_ptr, ULONG buffer_size); 1715 UINT _nx_secure_tls_session_packet_pool_set(NX_SECURE_TLS_SESSION *tls_session, 1716 NX_PACKET_POOL *packet_pool); 1717 UINT _nx_secure_tls_session_protocol_version_override(NX_SECURE_TLS_SESSION *tls_session, 1718 USHORT protocol_version); 1719 UINT _nx_secure_tls_session_receive(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET **packet_ptr_ptr, 1720 ULONG wait_option); 1721 UINT _nx_secure_tls_session_renegotiate(NX_SECURE_TLS_SESSION *tls_session, 1722 UINT wait_option); 1723 UINT _nx_secure_tls_session_renegotiate_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1724 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *session)); 1725 UINT _nx_secure_tls_session_reset(NX_SECURE_TLS_SESSION *tls_session); 1726 UINT _nx_secure_tls_session_send(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *packet_ptr, 1727 ULONG wait_option); 1728 UINT _nx_secure_tls_session_server_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1729 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *tls_session, 1730 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1731 UINT num_extensions)); 1732 UINT _nx_secure_tls_session_sni_extension_parse(NX_SECURE_TLS_SESSION *tls_session, 1733 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1734 UINT num_extensions, NX_SECURE_X509_DNS_NAME *dns_name); 1735 UINT _nx_secure_tls_session_sni_extension_set(NX_SECURE_TLS_SESSION *tls_session, 1736 NX_SECURE_X509_DNS_NAME *dns_name); 1737 UINT _nx_secure_tls_session_start(NX_SECURE_TLS_SESSION *tls_session, NX_TCP_SOCKET *tcp_socket, 1738 UINT wait_option); 1739 UINT _nx_secure_tls_session_time_function_set(NX_SECURE_TLS_SESSION *tls_session, 1740 ULONG (*time_func_ptr)(void)); 1741 UINT _nx_secure_tls_trusted_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1742 NX_SECURE_X509_CERT *certificate); 1743 UINT _nx_secure_tls_trusted_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, 1744 UCHAR *common_name, UINT common_name_length); 1745 UINT _nx_secure_tls_packet_allocate(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET_POOL *pool_ptr, 1746 NX_PACKET **packet_ptr, ULONG wait_option); 1747 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) 1748 UINT _nx_secure_tls_psk_add(NX_SECURE_TLS_SESSION *tls_session, UCHAR *pre_shared_key, UINT psk_length, 1749 UCHAR *psk_identity, UINT identity_length, UCHAR *hint, UINT hint_length); 1750 UINT _nx_secure_tls_psk_find(NX_SECURE_TLS_CREDENTIALS *tls_credentials, UCHAR **psk_data, UINT *psk_length, 1751 UCHAR *psk_identity_hint, UINT identity_length, UINT *psk_store_index); 1752 UINT _nx_secure_tls_client_psk_set(NX_SECURE_TLS_SESSION *tls_session, UCHAR *pre_shared_key, UINT psk_length, 1753 UCHAR *psk_identity, UINT identity_length, UCHAR *hint, UINT hint_length); 1754 #endif 1755 #if (NX_SECURE_TLS_TLS_1_3_ENABLED) && defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) 1756 UINT _nx_secure_tls_psk_identity_find(NX_SECURE_TLS_SESSION *tls_session, UCHAR **psk_data, UINT *psk_length, 1757 UCHAR *psk_identity, UINT identity_length, UINT *psk_store_index); 1758 #endif 1759 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE 1760 UINT _nx_secure_tls_ecc_initialize(NX_SECURE_TLS_SESSION *tls_session, 1761 const USHORT *supported_groups, USHORT supported_group_count, 1762 const NX_CRYPTO_METHOD **curves); 1763 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */ 1764 1765 /* Functions for error checking .*/ 1766 UINT _nxe_secure_tls_active_certificate_set(NX_SECURE_TLS_SESSION *tls_session, 1767 NX_SECURE_X509_CERT *certificate); 1768 UINT _nxe_secure_tls_local_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1769 NX_SECURE_X509_CERT *certificate); 1770 UINT _nxe_secure_tls_local_certificate_find(NX_SECURE_TLS_SESSION *tls_session, 1771 NX_SECURE_X509_CERT **certificate, UCHAR *common_name, 1772 UINT name_length); 1773 UINT _nxe_secure_tls_local_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, 1774 UCHAR *common_name, UINT common_name_length); 1775 UINT _nxe_secure_tls_metadata_size_calculate(const NX_SECURE_TLS_CRYPTO *crypto_table, 1776 ULONG *metadata_size); 1777 UINT _nxe_secure_tls_remote_certificate_allocate(NX_SECURE_TLS_SESSION *tls_session, 1778 NX_SECURE_X509_CERT *certificate, 1779 UCHAR *raw_certificate_buffer, UINT buffer_size); 1780 UINT _nxe_secure_tls_remote_certificate_buffer_allocate(NX_SECURE_TLS_SESSION *tls_session, 1781 UINT certs_number, VOID *certificate_buffer, ULONG buffer_size); 1782 UINT _nxe_secure_tls_remote_certificate_free_all(NX_SECURE_TLS_SESSION *tls_session); 1783 UINT _nxe_secure_tls_server_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1784 NX_SECURE_X509_CERT *certificate, UINT cert_id); 1785 UINT _nxe_secure_tls_server_certificate_find(NX_SECURE_TLS_SESSION *tls_session, 1786 NX_SECURE_X509_CERT **certificate, UINT cert_id); 1787 UINT _nxe_secure_tls_server_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, UINT cert_id); 1788 UINT _nxe_secure_tls_session_alert_value_get(NX_SECURE_TLS_SESSION *tls_session, 1789 UINT *alert_level, UINT *alert_value); 1790 UINT _nxe_secure_tls_session_certificate_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1791 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *session, 1792 NX_SECURE_X509_CERT *certificate)); 1793 UINT _nxe_secure_tls_session_client_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1794 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *tls_session, 1795 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1796 UINT num_extensions)); 1797 UINT _nxe_secure_tls_session_client_verify_disable(NX_SECURE_TLS_SESSION *tls_session); 1798 UINT _nxe_secure_tls_session_client_verify_enable(NX_SECURE_TLS_SESSION *tls_session); 1799 UINT _nxe_secure_tls_session_x509_client_verify_configure(NX_SECURE_TLS_SESSION *tls_session, UINT certs_number, 1800 VOID *certificate_buffer, ULONG buffer_size); 1801 UINT _nxe_secure_tls_session_create(NX_SECURE_TLS_SESSION *session_ptr, 1802 const NX_SECURE_TLS_CRYPTO *cipher_table, 1803 VOID *metadata_area, 1804 ULONG metadata_size); 1805 UINT _nxe_secure_tls_session_delete(NX_SECURE_TLS_SESSION *tls_session); 1806 UINT _nxe_secure_tls_session_end(NX_SECURE_TLS_SESSION *tls_session, UINT wait_option); 1807 UINT _nxe_secure_tls_session_packet_buffer_set(NX_SECURE_TLS_SESSION *session_ptr, 1808 UCHAR *buffer_ptr, ULONG buffer_size); 1809 UINT _nxe_secure_tls_session_packet_pool_set(NX_SECURE_TLS_SESSION *tls_session, 1810 NX_PACKET_POOL *packet_pool); 1811 UINT _nxe_secure_tls_session_protocol_version_override(NX_SECURE_TLS_SESSION *tls_session, 1812 USHORT protocol_version); 1813 UINT _nxe_secure_tls_session_receive(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET **packet_ptr_ptr, 1814 ULONG wait_option); 1815 UINT _nxe_secure_tls_session_renegotiate(NX_SECURE_TLS_SESSION *tls_session, 1816 UINT wait_option); 1817 UINT _nxe_secure_tls_session_renegotiate_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1818 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *session)); 1819 UINT _nxe_secure_tls_session_reset(NX_SECURE_TLS_SESSION *tls_session); 1820 UINT _nxe_secure_tls_session_send(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET *packet_ptr, 1821 ULONG wait_option); 1822 UINT _nxe_secure_tls_session_server_callback_set(NX_SECURE_TLS_SESSION *tls_session, 1823 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *tls_session, 1824 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1825 UINT num_extensions)); 1826 UINT _nxe_secure_tls_session_sni_extension_parse(NX_SECURE_TLS_SESSION *tls_session, 1827 NX_SECURE_TLS_HELLO_EXTENSION *extensions, 1828 UINT num_extensions, NX_SECURE_X509_DNS_NAME *dns_name); 1829 UINT _nxe_secure_tls_session_sni_extension_set(NX_SECURE_TLS_SESSION *tls_session, 1830 NX_SECURE_X509_DNS_NAME *dns_name); 1831 UINT _nxe_secure_tls_session_start(NX_SECURE_TLS_SESSION *tls_session, NX_TCP_SOCKET *tcp_socket, 1832 UINT wait_option); 1833 UINT _nxe_secure_tls_session_time_function_set(NX_SECURE_TLS_SESSION *tls_session, 1834 ULONG (*time_func_ptr)(void)); 1835 UINT _nxe_secure_tls_trusted_certificate_add(NX_SECURE_TLS_SESSION *tls_session, 1836 NX_SECURE_X509_CERT *certificate); 1837 UINT _nxe_secure_tls_trusted_certificate_remove(NX_SECURE_TLS_SESSION *tls_session, 1838 UCHAR *common_name, UINT common_name_length); 1839 UINT _nxe_secure_tls_packet_allocate(NX_SECURE_TLS_SESSION *tls_session, NX_PACKET_POOL *pool_ptr, 1840 NX_PACKET **packet_ptr, ULONG wait_option); 1841 #if defined(NX_SECURE_ENABLE_PSK_CIPHERSUITES) || defined(NX_SECURE_ENABLE_ECJPAKE_CIPHERSUITE) 1842 UINT _nxe_secure_tls_psk_add(NX_SECURE_TLS_SESSION *tls_session, UCHAR *pre_shared_key, UINT psk_length, 1843 UCHAR *psk_identity, UINT identity_length, UCHAR *hint, UINT hint_length); 1844 UINT _nxe_secure_tls_psk_find(NX_SECURE_TLS_SESSION *tls_session, UCHAR **psk_data, UINT *psk_length, 1845 UCHAR *psk_identity, UINT identity_length); 1846 UINT _nxe_secure_tls_client_psk_set(NX_SECURE_TLS_SESSION *tls_session, UCHAR *pre_shared_key, UINT psk_length, 1847 UCHAR *psk_identity, UINT identity_length, UCHAR *hint, UINT hint_length); 1848 #endif 1849 1850 UINT _nx_secure_process_server_key_exchange(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, NX_SECURE_TLS_CRYPTO *tls_crypto_table, 1851 USHORT protocol_version, UCHAR *packet_buffer, UINT message_length, 1852 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1853 NX_SECURE_TLS_HANDSHAKE_HASH *tls_handshake_hash, 1854 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1855 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1856 UINT _nx_secure_process_client_key_exchange(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1857 UCHAR *packet_buffer, UINT message_length, USHORT *received_remote_credentials, 1858 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1859 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1860 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1861 UINT _nx_secure_generate_premaster_secret(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1862 NX_SECURE_TLS_CREDENTIALS *tls_credentials, UINT session_type, USHORT *received_remote_credentials, 1863 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, VOID *tls_ecc_curves); 1864 UINT _nx_secure_generate_client_key_exchange(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, 1865 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1866 UCHAR *data_buffer, ULONG buffer_length, ULONG *output_size, 1867 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1868 VOID *public_auth_metadata, ULONG public_auth_metadata_size); 1869 UINT _nx_secure_generate_server_key_exchange(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, UCHAR tls_1_3, 1870 NX_SECURE_TLS_CRYPTO *tls_crypto_table, NX_SECURE_TLS_HANDSHAKE_HASH *tls_handshake_hash, 1871 NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, NX_SECURE_TLS_CREDENTIALS *tls_credentials, 1872 UCHAR *data_buffer, ULONG buffer_length, ULONG *output_size, 1873 VOID *public_cipher_metadata, ULONG public_cipher_metadata_size, 1874 VOID *public_auth_metadata, ULONG public_auth_metadata_size, VOID *tls_ecc_curves); 1875 UINT _nx_secure_generate_master_secret(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1876 const NX_CRYPTO_METHOD *session_prf_method, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1877 UCHAR *pre_master_sec, UINT pre_master_sec_size, UCHAR *master_sec, 1878 VOID *prf_metadata, ULONG prf_metadata_size); 1879 UINT _nx_secure_generate_session_keys(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, USHORT protocol_version, 1880 const NX_CRYPTO_METHOD *session_prf_method, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1881 UCHAR *master_sec, VOID *prf_metadata, ULONG prf_metadata_size); 1882 UINT _nx_secure_session_keys_set(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, NX_SECURE_TLS_KEY_MATERIAL *tls_key_material, 1883 UINT key_material_data_size, UINT is_client, UCHAR *session_cipher_initialized, 1884 VOID *session_cipher_metadata, VOID **session_cipher_handler, ULONG session_cipher_metadata_size); 1885 UINT _nx_secure_verify_mac(const NX_SECURE_TLS_CIPHERSUITE_INFO *ciphersuite, UCHAR *mac_secret, ULONG sequence_num[NX_SECURE_TLS_SEQUENCE_NUMBER_SIZE], 1886 UCHAR *header_data, USHORT header_length, NX_PACKET *packet_ptr, ULONG offset, UINT *length, 1887 VOID *hash_mac_metadata, ULONG hash_mac_metadata_size); 1888 UINT _nx_secure_remote_certificate_verify(NX_SECURE_X509_CERTIFICATE_STORE *store, 1889 NX_SECURE_X509_CERT *certificate, ULONG current_time); 1890 UINT _nx_secure_trusted_certificate_add(NX_SECURE_X509_CERTIFICATE_STORE *store, 1891 NX_SECURE_X509_CERT *certificate); 1892 #ifdef NX_SECURE_CUSTOM_SECRET_GENERATION 1893 UINT nx_secure_custom_secret_generation_init(NX_SECURE_TLS_SESSION *tls_session); 1894 #endif 1895 1896 /* TLS component data declarations follow. */ 1897 1898 /* Determine if the initialization function of this component is including 1899 this file. If so, make the data definitions really happen. Otherwise, 1900 make them extern so other functions in the component can access them. */ 1901 1902 #ifdef NX_SECURE_TLS_INIT 1903 #define TLS_DECLARE 1904 #else 1905 #define TLS_DECLARE extern 1906 #endif 1907 1908 1909 /* Define the head pointer of the created TLS list. */ 1910 TLS_DECLARE NX_SECURE_TLS_SESSION *_nx_secure_tls_created_ptr; 1911 TLS_DECLARE ULONG _nx_secure_tls_created_count; 1912 TLS_DECLARE TX_MUTEX _nx_secure_tls_protection; 1913 1914 #ifdef __cplusplus 1915 } 1916 #endif 1917 1918 #endif /* SRC_NX_SECURE_TLS_H_ */ 1919 1920
