1 /* 2 * TLSv1 common definitions 3 * Copyright (c) 2006-2011, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #ifndef TLSV1_COMMON_H 10 #define TLSV1_COMMON_H 11 12 #include "crypto/crypto.h" 13 14 #define TLS_VERSION_1 0x0301 /* TLSv1 */ 15 #define TLS_VERSION_1_1 0x0302 /* TLSv1.1 */ 16 #define TLS_VERSION_1_2 0x0303 /* TLSv1.2 */ 17 #ifdef CONFIG_TLSV12 18 #define TLS_VERSION TLS_VERSION_1_2 19 #else /* CONFIG_TLSV12 */ 20 #ifdef CONFIG_TLSV11 21 #define TLS_VERSION TLS_VERSION_1_1 22 #else /* CONFIG_TLSV11 */ 23 #define TLS_VERSION TLS_VERSION_1 24 #endif /* CONFIG_TLSV11 */ 25 #endif /* CONFIG_TLSV12 */ 26 #define TLS_RANDOM_LEN 32 27 #define TLS_PRE_MASTER_SECRET_LEN 48 28 #define TLS_MASTER_SECRET_LEN 48 29 #define TLS_SESSION_ID_MAX_LEN 32 30 #define TLS_VERIFY_DATA_LEN 12 31 32 /* HandshakeType */ 33 enum { 34 TLS_HANDSHAKE_TYPE_HELLO_REQUEST = 0, 35 TLS_HANDSHAKE_TYPE_CLIENT_HELLO = 1, 36 TLS_HANDSHAKE_TYPE_SERVER_HELLO = 2, 37 TLS_HANDSHAKE_TYPE_NEW_SESSION_TICKET = 4 /* RFC 4507 */, 38 TLS_HANDSHAKE_TYPE_CERTIFICATE = 11, 39 TLS_HANDSHAKE_TYPE_SERVER_KEY_EXCHANGE = 12, 40 TLS_HANDSHAKE_TYPE_CERTIFICATE_REQUEST = 13, 41 TLS_HANDSHAKE_TYPE_SERVER_HELLO_DONE = 14, 42 TLS_HANDSHAKE_TYPE_CERTIFICATE_VERIFY = 15, 43 TLS_HANDSHAKE_TYPE_CLIENT_KEY_EXCHANGE = 16, 44 TLS_HANDSHAKE_TYPE_FINISHED = 20, 45 TLS_HANDSHAKE_TYPE_CERTIFICATE_URL = 21 /* RFC 4366 */, 46 TLS_HANDSHAKE_TYPE_CERTIFICATE_STATUS = 22 /* RFC 4366 */ 47 }; 48 49 /* CipherSuite */ 50 #define TLS_NULL_WITH_NULL_NULL 0x0000 /* RFC 2246 */ 51 #define TLS_RSA_WITH_NULL_MD5 0x0001 /* RFC 2246 */ 52 #define TLS_RSA_WITH_NULL_SHA 0x0002 /* RFC 2246 */ 53 #define TLS_RSA_EXPORT_WITH_RC4_40_MD5 0x0003 /* RFC 2246 */ 54 #define TLS_RSA_WITH_RC4_128_MD5 0x0004 /* RFC 2246 */ 55 #define TLS_RSA_WITH_RC4_128_SHA 0x0005 /* RFC 2246 */ 56 #define TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 0x0006 /* RFC 2246 */ 57 #define TLS_RSA_WITH_IDEA_CBC_SHA 0x0007 /* RFC 2246 */ 58 #define TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0008 /* RFC 2246 */ 59 #define TLS_RSA_WITH_DES_CBC_SHA 0x0009 /* RFC 2246 */ 60 #define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x000A /* RFC 2246 */ 61 #define TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA 0x000B /* RFC 2246 */ 62 #define TLS_DH_DSS_WITH_DES_CBC_SHA 0x000C /* RFC 2246 */ 63 #define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA 0x000D /* RFC 2246 */ 64 #define TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 0x000E /* RFC 2246 */ 65 #define TLS_DH_RSA_WITH_DES_CBC_SHA 0x000F /* RFC 2246 */ 66 #define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA 0x0010 /* RFC 2246 */ 67 #define TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0011 /* RFC 2246 */ 68 #define TLS_DHE_DSS_WITH_DES_CBC_SHA 0x0012 /* RFC 2246 */ 69 #define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013 /* RFC 2246 */ 70 #define TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0014 /* RFC 2246 */ 71 #define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x0015 /* RFC 2246 */ 72 #define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x0016 /* RFC 2246 */ 73 #define TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 0x0017 /* RFC 2246 */ 74 #define TLS_DH_anon_WITH_RC4_128_MD5 0x0018 /* RFC 2246 */ 75 #define TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA 0x0019 /* RFC 2246 */ 76 #define TLS_DH_anon_WITH_DES_CBC_SHA 0x001A /* RFC 2246 */ 77 #define TLS_DH_anon_WITH_3DES_EDE_CBC_SHA 0x001B /* RFC 2246 */ 78 #define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F /* RFC 3268 */ 79 #define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030 /* RFC 3268 */ 80 #define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031 /* RFC 3268 */ 81 #define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032 /* RFC 3268 */ 82 #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033 /* RFC 3268 */ 83 #define TLS_DH_anon_WITH_AES_128_CBC_SHA 0x0034 /* RFC 3268 */ 84 #define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 /* RFC 3268 */ 85 #define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036 /* RFC 3268 */ 86 #define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037 /* RFC 3268 */ 87 #define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038 /* RFC 3268 */ 88 #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039 /* RFC 3268 */ 89 #define TLS_DH_anon_WITH_AES_256_CBC_SHA 0x003A /* RFC 3268 */ 90 #define TLS_RSA_WITH_NULL_SHA256 0x003B /* RFC 5246 */ 91 #define TLS_RSA_WITH_AES_128_CBC_SHA256 0x003C /* RFC 5246 */ 92 #define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003D /* RFC 5246 */ 93 #define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 0x003E /* RFC 5246 */ 94 #define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 0x003F /* RFC 5246 */ 95 #define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 0x0040 /* RFC 5246 */ 96 #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x0067 /* RFC 5246 */ 97 #define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 0x0068 /* RFC 5246 */ 98 #define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 0x0069 /* RFC 5246 */ 99 #define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 0x006A /* RFC 5246 */ 100 #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x006B /* RFC 5246 */ 101 #define TLS_DH_anon_WITH_AES_128_CBC_SHA256 0x006C /* RFC 5246 */ 102 #define TLS_DH_anon_WITH_AES_256_CBC_SHA256 0x006D /* RFC 5246 */ 103 104 /* CompressionMethod */ 105 #define TLS_COMPRESSION_NULL 0 106 107 /* HashAlgorithm */ 108 enum { 109 TLS_HASH_ALG_NONE = 0, 110 TLS_HASH_ALG_MD5 = 1, 111 TLS_HASH_ALG_SHA1 = 2, 112 TLS_HASH_ALG_SHA224 = 3, 113 TLS_HASH_ALG_SHA256 = 4, 114 TLS_HASH_ALG_SHA384 = 5, 115 TLS_HASH_ALG_SHA512 = 6 116 }; 117 118 /* SignatureAlgorithm */ 119 enum { 120 TLS_SIGN_ALG_ANONYMOUS = 0, 121 TLS_SIGN_ALG_RSA = 1, 122 TLS_SIGN_ALG_DSA = 2, 123 TLS_SIGN_ALG_ECDSA = 3, 124 }; 125 126 /* AlertLevel */ 127 #define TLS_ALERT_LEVEL_WARNING 1 128 #define TLS_ALERT_LEVEL_FATAL 2 129 130 /* AlertDescription */ 131 #define TLS_ALERT_CLOSE_NOTIFY 0 132 #define TLS_ALERT_UNEXPECTED_MESSAGE 10 133 #define TLS_ALERT_BAD_RECORD_MAC 20 134 #define TLS_ALERT_DECRYPTION_FAILED 21 135 #define TLS_ALERT_RECORD_OVERFLOW 22 136 #define TLS_ALERT_DECOMPRESSION_FAILURE 30 137 #define TLS_ALERT_HANDSHAKE_FAILURE 40 138 #define TLS_ALERT_BAD_CERTIFICATE 42 139 #define TLS_ALERT_UNSUPPORTED_CERTIFICATE 43 140 #define TLS_ALERT_CERTIFICATE_REVOKED 44 141 #define TLS_ALERT_CERTIFICATE_EXPIRED 45 142 #define TLS_ALERT_CERTIFICATE_UNKNOWN 46 143 #define TLS_ALERT_ILLEGAL_PARAMETER 47 144 #define TLS_ALERT_UNKNOWN_CA 48 145 #define TLS_ALERT_ACCESS_DENIED 49 146 #define TLS_ALERT_DECODE_ERROR 50 147 #define TLS_ALERT_DECRYPT_ERROR 51 148 #define TLS_ALERT_EXPORT_RESTRICTION 60 149 #define TLS_ALERT_PROTOCOL_VERSION 70 150 #define TLS_ALERT_INSUFFICIENT_SECURITY 71 151 #define TLS_ALERT_INTERNAL_ERROR 80 152 #define TLS_ALERT_USER_CANCELED 90 153 #define TLS_ALERT_NO_RENEGOTIATION 100 154 #define TLS_ALERT_UNSUPPORTED_EXTENSION 110 /* RFC 4366 */ 155 #define TLS_ALERT_CERTIFICATE_UNOBTAINABLE 111 /* RFC 4366 */ 156 #define TLS_ALERT_UNRECOGNIZED_NAME 112 /* RFC 4366 */ 157 #define TLS_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE 113 /* RFC 4366 */ 158 #define TLS_ALERT_BAD_CERTIFICATE_HASH_VALUE 114 /* RFC 4366 */ 159 160 /* ChangeCipherSpec */ 161 enum { 162 TLS_CHANGE_CIPHER_SPEC = 1 163 }; 164 165 /* TLS Extensions */ 166 #define TLS_EXT_SERVER_NAME 0 /* RFC 4366 */ 167 #define TLS_EXT_MAX_FRAGMENT_LENGTH 1 /* RFC 4366 */ 168 #define TLS_EXT_CLIENT_CERTIFICATE_URL 2 /* RFC 4366 */ 169 #define TLS_EXT_TRUSTED_CA_KEYS 3 /* RFC 4366 */ 170 #define TLS_EXT_TRUNCATED_HMAC 4 /* RFC 4366 */ 171 #define TLS_EXT_STATUS_REQUEST 5 /* RFC 4366 */ 172 #define TLS_EXT_SIGNATURE_ALGORITHMS 13 /* RFC 5246 */ 173 #define TLS_EXT_SESSION_TICKET 35 /* RFC 4507 */ 174 175 #define TLS_EXT_PAC_OPAQUE TLS_EXT_SESSION_TICKET /* EAP-FAST terminology */ 176 177 178 typedef enum { 179 TLS_KEY_X_NULL, 180 TLS_KEY_X_RSA, 181 TLS_KEY_X_RSA_EXPORT, 182 TLS_KEY_X_DH_DSS_EXPORT, 183 TLS_KEY_X_DH_DSS, 184 TLS_KEY_X_DH_RSA_EXPORT, 185 TLS_KEY_X_DH_RSA, 186 TLS_KEY_X_DHE_DSS_EXPORT, 187 TLS_KEY_X_DHE_DSS, 188 TLS_KEY_X_DHE_RSA_EXPORT, 189 TLS_KEY_X_DHE_RSA, 190 TLS_KEY_X_DH_anon_EXPORT, 191 TLS_KEY_X_DH_anon 192 } tls_key_exchange; 193 194 typedef enum { 195 TLS_CIPHER_NULL, 196 TLS_CIPHER_RC4_40, 197 TLS_CIPHER_RC4_128, 198 TLS_CIPHER_RC2_CBC_40, 199 TLS_CIPHER_IDEA_CBC, 200 TLS_CIPHER_DES40_CBC, 201 TLS_CIPHER_DES_CBC, 202 TLS_CIPHER_3DES_EDE_CBC, 203 TLS_CIPHER_AES_128_CBC, 204 TLS_CIPHER_AES_256_CBC 205 } tls_cipher; 206 207 typedef enum { 208 TLS_HASH_NULL, 209 TLS_HASH_MD5, 210 TLS_HASH_SHA, 211 TLS_HASH_SHA256 212 } tls_hash; 213 214 struct tls_cipher_suite { 215 u16 suite; 216 tls_key_exchange key_exchange; 217 tls_cipher cipher; 218 tls_hash hash; 219 }; 220 221 typedef enum { 222 TLS_CIPHER_STREAM, 223 TLS_CIPHER_BLOCK 224 } tls_cipher_type; 225 226 struct tls_cipher_data { 227 tls_cipher cipher; 228 tls_cipher_type type; 229 size_t key_material; 230 size_t expanded_key_material; 231 size_t block_size; /* also iv_size */ 232 enum crypto_cipher_alg alg; 233 }; 234 235 236 struct tls_verify_hash { 237 struct crypto_hash *md5_client; 238 struct crypto_hash *sha1_client; 239 struct crypto_hash *sha256_client; 240 struct crypto_hash *md5_server; 241 struct crypto_hash *sha1_server; 242 struct crypto_hash *sha256_server; 243 struct crypto_hash *md5_cert; 244 struct crypto_hash *sha1_cert; 245 struct crypto_hash *sha256_cert; 246 }; 247 248 249 const struct tls_cipher_suite * tls_get_cipher_suite(u16 suite); 250 const struct tls_cipher_data * tls_get_cipher_data(tls_cipher cipher); 251 int tls_server_key_exchange_allowed(tls_cipher cipher); 252 int tls_parse_cert(const u8 *buf, size_t len, struct crypto_public_key **pk); 253 int tls_verify_hash_init(struct tls_verify_hash *verify); 254 void tls_verify_hash_add(struct tls_verify_hash *verify, const u8 *buf, 255 size_t len); 256 void tls_verify_hash_free(struct tls_verify_hash *verify); 257 int tls_version_ok(u16 ver); 258 const char * tls_version_str(u16 ver); 259 int tls_prf(u16 ver, const u8 *secret, size_t secret_len, const char *label, 260 const u8 *seed, size_t seed_len, u8 *out, size_t outlen); 261 int tlsv12_key_x_server_params_hash(u16 tls_version, u8 hash_Alg, 262 const u8 *client_random, 263 const u8 *server_random, 264 const u8 *server_params, 265 size_t server_params_len, u8 *hash); 266 int tls_key_x_server_params_hash(u16 tls_version, const u8 *client_random, 267 const u8 *server_random, 268 const u8 *server_params, 269 size_t server_params_len, u8 *hash); 270 int tls_verify_signature(u16 tls_version, struct crypto_public_key *pk, 271 const u8 *data, size_t data_len, 272 const u8 *pos, size_t len, u8 *alert); 273 274 #endif /* TLSV1_COMMON_H */ 275