Home | History | Annotate | Download | only in tls
      1 /*
      2  * TLSv1 common definitions
      3  * Copyright (c) 2006-2014, Jouni Malinen <j (at) w1.fi>
      4  *
      5  * This software may be distributed under the terms of the BSD license.
      6  * See README for more details.
      7  */
      8 
      9 #ifndef TLSV1_COMMON_H
     10 #define TLSV1_COMMON_H
     11 
     12 #include "crypto/crypto.h"
     13 
     14 #define TLS_VERSION_1 0x0301 /* TLSv1 */
     15 #define TLS_VERSION_1_1 0x0302 /* TLSv1.1 */
     16 #define TLS_VERSION_1_2 0x0303 /* TLSv1.2 */
     17 #ifdef CONFIG_TLSV12
     18 #define TLS_VERSION TLS_VERSION_1_2
     19 #else /* CONFIG_TLSV12 */
     20 #ifdef CONFIG_TLSV11
     21 #define TLS_VERSION TLS_VERSION_1_1
     22 #else /* CONFIG_TLSV11 */
     23 #define TLS_VERSION TLS_VERSION_1
     24 #endif /* CONFIG_TLSV11 */
     25 #endif /* CONFIG_TLSV12 */
     26 #define TLS_RANDOM_LEN 32
     27 #define TLS_PRE_MASTER_SECRET_LEN 48
     28 #define TLS_MASTER_SECRET_LEN 48
     29 #define TLS_SESSION_ID_MAX_LEN 32
     30 #define TLS_VERIFY_DATA_LEN 12
     31 
     32 /* HandshakeType */
     33 enum {
     34 	TLS_HANDSHAKE_TYPE_HELLO_REQUEST = 0,
     35 	TLS_HANDSHAKE_TYPE_CLIENT_HELLO = 1,
     36 	TLS_HANDSHAKE_TYPE_SERVER_HELLO = 2,
     37 	TLS_HANDSHAKE_TYPE_NEW_SESSION_TICKET = 4 /* RFC 4507 */,
     38 	TLS_HANDSHAKE_TYPE_CERTIFICATE = 11,
     39 	TLS_HANDSHAKE_TYPE_SERVER_KEY_EXCHANGE = 12,
     40 	TLS_HANDSHAKE_TYPE_CERTIFICATE_REQUEST = 13,
     41 	TLS_HANDSHAKE_TYPE_SERVER_HELLO_DONE = 14,
     42 	TLS_HANDSHAKE_TYPE_CERTIFICATE_VERIFY = 15,
     43 	TLS_HANDSHAKE_TYPE_CLIENT_KEY_EXCHANGE = 16,
     44 	TLS_HANDSHAKE_TYPE_FINISHED = 20,
     45 	TLS_HANDSHAKE_TYPE_CERTIFICATE_URL = 21 /* RFC 4366 */,
     46 	TLS_HANDSHAKE_TYPE_CERTIFICATE_STATUS = 22 /* RFC 4366 */
     47 };
     48 
     49 /* CipherSuite */
     50 #define TLS_NULL_WITH_NULL_NULL			0x0000 /* RFC 2246 */
     51 #define TLS_RSA_WITH_NULL_MD5			0x0001 /* RFC 2246 */
     52 #define TLS_RSA_WITH_NULL_SHA			0x0002 /* RFC 2246 */
     53 #define TLS_RSA_EXPORT_WITH_RC4_40_MD5		0x0003 /* RFC 2246 */
     54 #define TLS_RSA_WITH_RC4_128_MD5		0x0004 /* RFC 2246 */
     55 #define TLS_RSA_WITH_RC4_128_SHA		0x0005 /* RFC 2246 */
     56 #define TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5	0x0006 /* RFC 2246 */
     57 #define TLS_RSA_WITH_IDEA_CBC_SHA		0x0007 /* RFC 2246 */
     58 #define TLS_RSA_EXPORT_WITH_DES40_CBC_SHA	0x0008 /* RFC 2246 */
     59 #define TLS_RSA_WITH_DES_CBC_SHA		0x0009 /* RFC 2246 */
     60 #define TLS_RSA_WITH_3DES_EDE_CBC_SHA		0x000A /* RFC 2246 */
     61 #define TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA	0x000B /* RFC 2246 */
     62 #define TLS_DH_DSS_WITH_DES_CBC_SHA		0x000C /* RFC 2246 */
     63 #define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA	0x000D /* RFC 2246 */
     64 #define TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA	0x000E /* RFC 2246 */
     65 #define TLS_DH_RSA_WITH_DES_CBC_SHA		0x000F /* RFC 2246 */
     66 #define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA	0x0010 /* RFC 2246 */
     67 #define TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA	0x0011 /* RFC 2246 */
     68 #define TLS_DHE_DSS_WITH_DES_CBC_SHA		0x0012 /* RFC 2246 */
     69 #define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA	0x0013 /* RFC 2246 */
     70 #define TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA	0x0014 /* RFC 2246 */
     71 #define TLS_DHE_RSA_WITH_DES_CBC_SHA		0x0015 /* RFC 2246 */
     72 #define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA	0x0016 /* RFC 2246 */
     73 #define TLS_DH_anon_EXPORT_WITH_RC4_40_MD5	0x0017 /* RFC 2246 */
     74 #define TLS_DH_anon_WITH_RC4_128_MD5		0x0018 /* RFC 2246 */
     75 #define TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA	0x0019 /* RFC 2246 */
     76 #define TLS_DH_anon_WITH_DES_CBC_SHA		0x001A /* RFC 2246 */
     77 #define TLS_DH_anon_WITH_3DES_EDE_CBC_SHA	0x001B /* RFC 2246 */
     78 #define TLS_RSA_WITH_AES_128_CBC_SHA		0x002F /* RFC 3268 */
     79 #define TLS_DH_DSS_WITH_AES_128_CBC_SHA		0x0030 /* RFC 3268 */
     80 #define TLS_DH_RSA_WITH_AES_128_CBC_SHA		0x0031 /* RFC 3268 */
     81 #define TLS_DHE_DSS_WITH_AES_128_CBC_SHA	0x0032 /* RFC 3268 */
     82 #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA	0x0033 /* RFC 3268 */
     83 #define TLS_DH_anon_WITH_AES_128_CBC_SHA	0x0034 /* RFC 3268 */
     84 #define TLS_RSA_WITH_AES_256_CBC_SHA		0x0035 /* RFC 3268 */
     85 #define TLS_DH_DSS_WITH_AES_256_CBC_SHA		0x0036 /* RFC 3268 */
     86 #define TLS_DH_RSA_WITH_AES_256_CBC_SHA		0x0037 /* RFC 3268 */
     87 #define TLS_DHE_DSS_WITH_AES_256_CBC_SHA	0x0038 /* RFC 3268 */
     88 #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA	0x0039 /* RFC 3268 */
     89 #define TLS_DH_anon_WITH_AES_256_CBC_SHA	0x003A /* RFC 3268 */
     90 #define TLS_RSA_WITH_NULL_SHA256		0x003B /* RFC 5246 */
     91 #define TLS_RSA_WITH_AES_128_CBC_SHA256		0x003C /* RFC 5246 */
     92 #define TLS_RSA_WITH_AES_256_CBC_SHA256		0x003D /* RFC 5246 */
     93 #define TLS_DH_DSS_WITH_AES_128_CBC_SHA256	0x003E /* RFC 5246 */
     94 #define TLS_DH_RSA_WITH_AES_128_CBC_SHA256	0x003F /* RFC 5246 */
     95 #define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256	0x0040 /* RFC 5246 */
     96 #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256	0x0067 /* RFC 5246 */
     97 #define TLS_DH_DSS_WITH_AES_256_CBC_SHA256	0x0068 /* RFC 5246 */
     98 #define TLS_DH_RSA_WITH_AES_256_CBC_SHA256	0x0069 /* RFC 5246 */
     99 #define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256	0x006A /* RFC 5246 */
    100 #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256	0x006B /* RFC 5246 */
    101 #define TLS_DH_anon_WITH_AES_128_CBC_SHA256	0x006C /* RFC 5246 */
    102 #define TLS_DH_anon_WITH_AES_256_CBC_SHA256	0x006D /* RFC 5246 */
    103 
    104 /* CompressionMethod */
    105 #define TLS_COMPRESSION_NULL 0
    106 
    107 /* HashAlgorithm */
    108 enum {
    109 	TLS_HASH_ALG_NONE = 0,
    110 	TLS_HASH_ALG_MD5 = 1,
    111 	TLS_HASH_ALG_SHA1 = 2,
    112 	TLS_HASH_ALG_SHA224 = 3,
    113 	TLS_HASH_ALG_SHA256 = 4,
    114 	TLS_HASH_ALG_SHA384 = 5,
    115 	TLS_HASH_ALG_SHA512 = 6
    116 };
    117 
    118 /* SignatureAlgorithm */
    119 enum {
    120 	TLS_SIGN_ALG_ANONYMOUS = 0,
    121 	TLS_SIGN_ALG_RSA = 1,
    122 	TLS_SIGN_ALG_DSA = 2,
    123 	TLS_SIGN_ALG_ECDSA = 3,
    124 };
    125 
    126 /* AlertLevel */
    127 #define TLS_ALERT_LEVEL_WARNING 1
    128 #define TLS_ALERT_LEVEL_FATAL 2
    129 
    130 /* AlertDescription */
    131 #define TLS_ALERT_CLOSE_NOTIFY			0
    132 #define TLS_ALERT_UNEXPECTED_MESSAGE		10
    133 #define TLS_ALERT_BAD_RECORD_MAC		20
    134 #define TLS_ALERT_DECRYPTION_FAILED		21
    135 #define TLS_ALERT_RECORD_OVERFLOW		22
    136 #define TLS_ALERT_DECOMPRESSION_FAILURE		30
    137 #define TLS_ALERT_HANDSHAKE_FAILURE		40
    138 #define TLS_ALERT_BAD_CERTIFICATE		42
    139 #define TLS_ALERT_UNSUPPORTED_CERTIFICATE	43
    140 #define TLS_ALERT_CERTIFICATE_REVOKED		44
    141 #define TLS_ALERT_CERTIFICATE_EXPIRED		45
    142 #define TLS_ALERT_CERTIFICATE_UNKNOWN		46
    143 #define TLS_ALERT_ILLEGAL_PARAMETER		47
    144 #define TLS_ALERT_UNKNOWN_CA			48
    145 #define TLS_ALERT_ACCESS_DENIED			49
    146 #define TLS_ALERT_DECODE_ERROR			50
    147 #define TLS_ALERT_DECRYPT_ERROR			51
    148 #define TLS_ALERT_EXPORT_RESTRICTION		60
    149 #define TLS_ALERT_PROTOCOL_VERSION		70
    150 #define TLS_ALERT_INSUFFICIENT_SECURITY		71
    151 #define TLS_ALERT_INTERNAL_ERROR		80
    152 #define TLS_ALERT_USER_CANCELED			90
    153 #define TLS_ALERT_NO_RENEGOTIATION		100
    154 #define TLS_ALERT_UNSUPPORTED_EXTENSION		110 /* RFC 4366 */
    155 #define TLS_ALERT_CERTIFICATE_UNOBTAINABLE	111 /* RFC 4366 */
    156 #define TLS_ALERT_UNRECOGNIZED_NAME		112 /* RFC 4366 */
    157 #define TLS_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE	113 /* RFC 4366 */
    158 #define TLS_ALERT_BAD_CERTIFICATE_HASH_VALUE	114 /* RFC 4366 */
    159 
    160 /* ChangeCipherSpec */
    161 enum {
    162 	TLS_CHANGE_CIPHER_SPEC = 1
    163 };
    164 
    165 /* TLS Extensions */
    166 #define TLS_EXT_SERVER_NAME			0 /* RFC 4366 */
    167 #define TLS_EXT_MAX_FRAGMENT_LENGTH		1 /* RFC 4366 */
    168 #define TLS_EXT_CLIENT_CERTIFICATE_URL		2 /* RFC 4366 */
    169 #define TLS_EXT_TRUSTED_CA_KEYS			3 /* RFC 4366 */
    170 #define TLS_EXT_TRUNCATED_HMAC			4 /* RFC 4366 */
    171 #define TLS_EXT_STATUS_REQUEST			5 /* RFC 4366 */
    172 #define TLS_EXT_SIGNATURE_ALGORITHMS		13 /* RFC 5246 */
    173 #define TLS_EXT_STATUS_REQUEST_V2		17 /* RFC 6961 */
    174 #define TLS_EXT_SESSION_TICKET			35 /* RFC 4507 */
    175 
    176 #define TLS_EXT_PAC_OPAQUE TLS_EXT_SESSION_TICKET /* EAP-FAST terminology */
    177 
    178 
    179 typedef enum {
    180 	TLS_KEY_X_NULL,
    181 	TLS_KEY_X_RSA,
    182 	TLS_KEY_X_RSA_EXPORT,
    183 	TLS_KEY_X_DH_DSS_EXPORT,
    184 	TLS_KEY_X_DH_DSS,
    185 	TLS_KEY_X_DH_RSA_EXPORT,
    186 	TLS_KEY_X_DH_RSA,
    187 	TLS_KEY_X_DHE_DSS_EXPORT,
    188 	TLS_KEY_X_DHE_DSS,
    189 	TLS_KEY_X_DHE_RSA_EXPORT,
    190 	TLS_KEY_X_DHE_RSA,
    191 	TLS_KEY_X_DH_anon_EXPORT,
    192 	TLS_KEY_X_DH_anon
    193 } tls_key_exchange;
    194 
    195 typedef enum {
    196 	TLS_CIPHER_NULL,
    197 	TLS_CIPHER_RC4_40,
    198 	TLS_CIPHER_RC4_128,
    199 	TLS_CIPHER_RC2_CBC_40,
    200 	TLS_CIPHER_IDEA_CBC,
    201 	TLS_CIPHER_DES40_CBC,
    202 	TLS_CIPHER_DES_CBC,
    203 	TLS_CIPHER_3DES_EDE_CBC,
    204 	TLS_CIPHER_AES_128_CBC,
    205 	TLS_CIPHER_AES_256_CBC
    206 } tls_cipher;
    207 
    208 typedef enum {
    209 	TLS_HASH_NULL,
    210 	TLS_HASH_MD5,
    211 	TLS_HASH_SHA,
    212 	TLS_HASH_SHA256
    213 } tls_hash;
    214 
    215 struct tls_cipher_suite {
    216 	u16 suite;
    217 	tls_key_exchange key_exchange;
    218 	tls_cipher cipher;
    219 	tls_hash hash;
    220 };
    221 
    222 typedef enum {
    223 	TLS_CIPHER_STREAM,
    224 	TLS_CIPHER_BLOCK
    225 } tls_cipher_type;
    226 
    227 struct tls_cipher_data {
    228 	tls_cipher cipher;
    229 	tls_cipher_type type;
    230 	size_t key_material;
    231 	size_t expanded_key_material;
    232 	size_t block_size; /* also iv_size */
    233 	enum crypto_cipher_alg alg;
    234 };
    235 
    236 
    237 struct tls_verify_hash {
    238 	struct crypto_hash *md5_client;
    239 	struct crypto_hash *sha1_client;
    240 	struct crypto_hash *sha256_client;
    241 	struct crypto_hash *md5_server;
    242 	struct crypto_hash *sha1_server;
    243 	struct crypto_hash *sha256_server;
    244 	struct crypto_hash *md5_cert;
    245 	struct crypto_hash *sha1_cert;
    246 	struct crypto_hash *sha256_cert;
    247 };
    248 
    249 
    250 const struct tls_cipher_suite * tls_get_cipher_suite(u16 suite);
    251 const struct tls_cipher_data * tls_get_cipher_data(tls_cipher cipher);
    252 int tls_server_key_exchange_allowed(tls_cipher cipher);
    253 int tls_parse_cert(const u8 *buf, size_t len, struct crypto_public_key **pk);
    254 int tls_verify_hash_init(struct tls_verify_hash *verify);
    255 void tls_verify_hash_add(struct tls_verify_hash *verify, const u8 *buf,
    256 			 size_t len);
    257 void tls_verify_hash_free(struct tls_verify_hash *verify);
    258 int tls_version_ok(u16 ver);
    259 const char * tls_version_str(u16 ver);
    260 int tls_prf(u16 ver, const u8 *secret, size_t secret_len, const char *label,
    261 	    const u8 *seed, size_t seed_len, u8 *out, size_t outlen);
    262 int tlsv12_key_x_server_params_hash(u16 tls_version, u8 hash_Alg,
    263 				    const u8 *client_random,
    264 				    const u8 *server_random,
    265 				    const u8 *server_params,
    266 				    size_t server_params_len, u8 *hash);
    267 int tls_key_x_server_params_hash(u16 tls_version, const u8 *client_random,
    268 				 const u8 *server_random,
    269 				 const u8 *server_params,
    270 				 size_t server_params_len, u8 *hash);
    271 int tls_verify_signature(u16 tls_version, struct crypto_public_key *pk,
    272 			 const u8 *data, size_t data_len,
    273 			 const u8 *pos, size_t len, u8 *alert);
    274 
    275 #endif /* TLSV1_COMMON_H */
    276