1189251Ssam/* 2189251Ssam * TLSv1 server - internal structures 3189251Ssam * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi> 4189251Ssam * 5252726Srpaulo * This software may be distributed under the terms of the BSD license. 6252726Srpaulo * See README for more details. 7189251Ssam */ 8189251Ssam 9189251Ssam#ifndef TLSV1_SERVER_I_H 10189251Ssam#define TLSV1_SERVER_I_H 11189251Ssam 12189251Ssamstruct tlsv1_server { 13189251Ssam enum { 14189251Ssam CLIENT_HELLO, SERVER_HELLO, SERVER_CERTIFICATE, 15189251Ssam SERVER_KEY_EXCHANGE, SERVER_CERTIFICATE_REQUEST, 16189251Ssam SERVER_HELLO_DONE, CLIENT_CERTIFICATE, CLIENT_KEY_EXCHANGE, 17189251Ssam CERTIFICATE_VERIFY, CHANGE_CIPHER_SPEC, CLIENT_FINISHED, 18189251Ssam SERVER_CHANGE_CIPHER_SPEC, SERVER_FINISHED, 19189251Ssam ESTABLISHED, FAILED 20189251Ssam } state; 21189251Ssam 22189251Ssam struct tlsv1_record_layer rl; 23189251Ssam 24189251Ssam u8 session_id[TLS_SESSION_ID_MAX_LEN]; 25189251Ssam size_t session_id_len; 26189251Ssam u8 client_random[TLS_RANDOM_LEN]; 27189251Ssam u8 server_random[TLS_RANDOM_LEN]; 28189251Ssam u8 master_secret[TLS_MASTER_SECRET_LEN]; 29189251Ssam 30189251Ssam u8 alert_level; 31189251Ssam u8 alert_description; 32189251Ssam 33346981Scy int read_alerts, write_alerts; 34346981Scy 35189251Ssam struct crypto_public_key *client_rsa_key; 36189251Ssam 37189251Ssam struct tls_verify_hash verify; 38189251Ssam 39189251Ssam#define MAX_CIPHER_COUNT 30 40189251Ssam u16 cipher_suites[MAX_CIPHER_COUNT]; 41189251Ssam size_t num_cipher_suites; 42189251Ssam 43189251Ssam u16 cipher_suite; 44189251Ssam 45189251Ssam struct tlsv1_credentials *cred; 46189251Ssam 47189251Ssam int verify_peer; 48189251Ssam u16 client_version; 49189251Ssam 50189251Ssam u8 *session_ticket; 51189251Ssam size_t session_ticket_len; 52189251Ssam 53189251Ssam tlsv1_server_session_ticket_cb session_ticket_cb; 54189251Ssam void *session_ticket_cb_ctx; 55189251Ssam 56281806Srpaulo void (*log_cb)(void *ctx, const char *msg); 57281806Srpaulo void *log_cb_ctx; 58281806Srpaulo 59189251Ssam int use_session_ticket; 60337817Scy unsigned int status_request:1; 61337817Scy unsigned int status_request_v2:1; 62337817Scy unsigned int status_request_multi:1; 63189251Ssam 64189251Ssam u8 *dh_secret; 65189251Ssam size_t dh_secret_len; 66281806Srpaulo 67281806Srpaulo#ifdef CONFIG_TESTING_OPTIONS 68281806Srpaulo u32 test_flags; 69281806Srpaulo int test_failure_reported; 70281806Srpaulo#endif /* CONFIG_TESTING_OPTIONS */ 71189251Ssam}; 72189251Ssam 73189251Ssam 74281806Srpaulovoid tlsv1_server_log(struct tlsv1_server *conn, const char *fmt, ...) 75281806SrpauloPRINTF_FORMAT(2, 3); 76281806Srpaulo 77189251Ssamvoid tlsv1_server_alert(struct tlsv1_server *conn, u8 level, u8 description); 78189251Ssamint tlsv1_server_derive_keys(struct tlsv1_server *conn, 79189251Ssam const u8 *pre_master_secret, 80189251Ssam size_t pre_master_secret_len); 81189251Ssamu8 * tlsv1_server_handshake_write(struct tlsv1_server *conn, size_t *out_len); 82189251Ssamu8 * tlsv1_server_send_alert(struct tlsv1_server *conn, u8 level, 83189251Ssam u8 description, size_t *out_len); 84189251Ssamint tlsv1_server_process_handshake(struct tlsv1_server *conn, u8 ct, 85189251Ssam const u8 *buf, size_t *len); 86281806Srpaulovoid tlsv1_server_get_dh_p(struct tlsv1_server *conn, const u8 **dh_p, 87281806Srpaulo size_t *dh_p_len); 88189251Ssam 89189251Ssam#endif /* TLSV1_SERVER_I_H */ 90