]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_ssl/lib/sslContext.h
Security-57740.20.22.tar.gz
[apple/security.git] / OSX / libsecurity_ssl / lib / sslContext.h
1 /*
2 * Copyright (c) 1999-2001,2005-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * sslContext.h - Private SSL typedefs: SSLContext and its components
26 */
27
28 #ifndef _SSLCONTEXT_H_
29 #define _SSLCONTEXT_H_ 1
30
31 #include "SecureTransport.h"
32 #include "sslBuildFlags.h"
33
34 #include <tls_handshake.h>
35 #include <tls_record.h>
36 #include <tls_stream_parser.h>
37 #include <tls_cache.h>
38
39 #ifdef USE_CDSA_CRYPTO
40 #include <Security/cssmtype.h>
41 #else
42 #if TARGET_OS_IPHONE
43 #include <Security/SecDH.h>
44 #include <Security/SecKeyInternal.h>
45 #else
46 #include "../sec/Security/SecDH.h" // hack to get SecDH.
47 // typedef struct OpaqueSecDHContext *SecDHContext;
48 #endif
49 #include <corecrypto/ccec.h>
50 #endif
51
52 #include <CoreFoundation/CFRuntime.h>
53 #include <AssertMacros.h>
54
55 #include "sslPriv.h"
56 #include "sslRecord.h"
57 #include "cipherSpecs.h"
58
59 #include <dispatch/dispatch.h>
60
61 #ifdef __cplusplus
62 extern "C" {
63 #endif
64
65 typedef struct
66 { SSLReadFunc read;
67 SSLWriteFunc write;
68 SSLConnectionRef ioRef;
69 } IOContext;
70
71 //FIXME should not need this.
72 typedef enum
73 {
74 SSL_HdskStateUninit = 0, /* No Handshake yet */
75 SSL_HdskStatePending, /* Handshake in Progress */
76 SSL_HdskStateReady, /* Handshake is done */
77 SSL_HdskStateGracefulClose,
78 SSL_HdskStateErrorClose,
79 SSL_HdskStateNoNotifyClose, /* server disconnected with no
80 * notify msg */
81 } SSLHandshakeState;
82
83 #define SSLChangeHdskState(ctx, newState) { ctx->state=newState; }
84
85 struct SSLContext
86 {
87 CFRuntimeBase _base;
88 IOContext ioCtx;
89
90 const struct SSLRecordFuncs *recFuncs;
91 SSLRecordContextRef recCtx;
92
93 tls_handshake_t hdsk;
94 tls_cache_t cache;
95 int readCipher_ready;
96 int writeCipher_ready;
97
98 SSLHandshakeState state;
99
100 /*
101 * Prior to successful protocol negotiation, negProtocolVersion
102 * is SSL_Version_Undetermined. Subsequent to successful
103 * negotiation, negProtocolVersion contains the actual over-the-wire
104 * protocol value.
105 *
106 * The Boolean versionEnable flags are set by
107 * SSLSetProtocolVersionEnabled or SSLSetProtocolVersion and
108 * remain invariant once negotiation has started. If there
109 * were a large number of these and/or we were adding new
110 * protocol versions on a regular basis, we'd probably want
111 * to implement these as a word of flags. For now, in the
112 * real world, this is the most straightforward implementation.
113 */
114 tls_protocol_version negProtocolVersion; /* negotiated */
115 tls_protocol_version clientReqProtocol; /* requested by client in hello msg */
116 tls_protocol_version minProtocolVersion;
117 tls_protocol_version maxProtocolVersion;
118 Boolean isDTLS; /* if this is a Datagram Context */
119 SSLProtocolSide protocolSide; /* ConnectionEnd enum { server, client } in rfc5246. */
120
121 SSLBuffer dtlsCookie; /* DTLS ClientHello cookie */
122
123
124 uint16_t selectedCipher; /* currently selected */
125
126 /* Server DH Parameters */
127 SSLBuffer dhParamsEncoded; /* PKCS3 encoded blob - prime + generator */
128
129 /*
130 * The arrays we are given via SSLSetCertificate() and SSLSetEncryptionCertificate().
131 * We keep them here, refcounted, solely for the associated getter.
132 */
133 CFArrayRef localCertArray;
134 CFArrayRef encryptCertArray;
135
136 /* peer certs as SecTrustRef */
137 SecTrustRef peerSecTrust;
138
139 CFMutableArrayRef trustedCerts;
140 Boolean trustedCertsOnly;
141
142 #if !TARGET_OS_IPHONE
143 /*
144 * trusted leaf certs as specified in SSLSetTrustedLeafCertificates()
145 */
146 CFArrayRef trustedLeafCerts;
147 #endif
148
149 Boolean allowExpiredCerts;
150 Boolean allowExpiredRoots;
151 Boolean enableCertVerify;
152
153 SSLBuffer sessionID;
154 SSLBuffer peerID;
155 SSLBuffer resumableSession; /* We keep a copy for now - but eventually this should go away if we get refcounted SSLBuffers */
156
157 uint16_t *ecdhCurves;
158 unsigned ecdhNumCurves;
159
160 /* server-side only */
161 SSLAuthenticate clientAuth; /* kNeverAuthenticate, etc. */
162
163 /* client and server */
164 SSLClientCertificateState clientCertState;
165
166 DNListElem *acceptableDNList; /* client and server */
167 CFMutableArrayRef acceptableCAs; /* server only - SecCertificateRefs */
168
169 bool certRequested;
170 bool certSent;
171 bool certReceived;
172 bool x509Requested;
173
174 unsigned sessionMatch;
175
176
177 /* Transport layer fields */
178 SSLBuffer receivedDataBuffer;
179 size_t receivedDataPos;
180
181 Boolean allowAnyRoot; // don't require known roots
182 Boolean sentFatalAlert; // this session terminated by fatal alert
183 Boolean rsaBlindingEnable;
184 Boolean oneByteRecordEnable; /* enable 1/n-1 data splitting for TLSv1 and SSLv3 */
185
186 /* optional session cache timeout (in seconds) override - 0 means default */
187 uint32_t sessionCacheTimeout;
188
189 /* optional SessionTicket */
190 SSLBuffer sessionTicket;
191
192 /* optional callback to obtain master secret, with its opaque arg */
193 SSLInternalMasterSecretFunction masterSecretCallback;
194 const void *masterSecretArg;
195
196 #if SSL_PAC_SERVER_ENABLE
197 /* server PAC resume sets serverRandom early to allow for secret acquisition */
198 uint8_t serverRandomValid;
199 #endif
200
201 Boolean anonCipherEnable;
202
203 /* optional switches to enable additional returns from SSLHandshake */
204 Boolean breakOnServerAuth;
205 Boolean breakOnCertRequest;
206 Boolean breakOnClientAuth;
207 Boolean signalServerAuth;
208 Boolean signalCertRequest;
209 Boolean signalClientAuth;
210 Boolean breakOnClientHello;
211
212 /* List of peer-specified supported_signature_algorithms */
213 unsigned numPeerSigAlgs;
214 const tls_signature_and_hash_algorithm *peerSigAlgs;
215
216 /* List of server-specified client auth types */
217 unsigned numAuthTypes;
218 const tls_client_auth_type *clientAuthTypes;
219
220 /* Timeout for DTLS retransmit */
221 CFAbsoluteTime timeout_deadline;
222 CFAbsoluteTime timeout_duration;
223 size_t mtu;
224
225 /* RFC 5746: Secure renegotiation */
226 Boolean secure_renegotiation;
227 Boolean secure_renegotiation_received;
228 SSLBuffer ownVerifyData;
229 SSLBuffer peerVerifyData;
230
231 /* RFC 4279: TLS PSK */
232 SSLBuffer pskSharedSecret;
233 SSLBuffer pskIdentity;
234
235 /* TLS False Start */
236 Boolean falseStartEnabled; //FalseStart enabled (by API call)
237 /* Fallback behavior */
238 Boolean fallbackEnabled; // Fallback behavior enabled.
239 /* NPN */
240 SSLNPNFunc npnFunc;
241 void *npnFuncInfo;
242
243 /* ALPN */
244 SSLALPNFunc alpnFunc;
245 void *alpnFuncInfo;
246
247 /* Enable DHE or not */
248 bool dheEnabled;
249
250 /* For early failure reporting */
251 bool serverHelloReceived;
252 };
253
254 OSStatus SSLUpdateNegotiatedClientAuthType(SSLContextRef ctx);
255
256 Boolean sslIsSessionActive(const SSLContext *ctx);
257
258 static inline bool sslVersionIsLikeTls12(SSLContext *ctx)
259 {
260 check(ctx->negProtocolVersion!=SSL_Version_Undetermined);
261 return ctx->isDTLS ? ctx->negProtocolVersion > DTLS_Version_1_0 : ctx->negProtocolVersion >= TLS_Version_1_2;
262 }
263
264 /* This is implemented in tls_callbacks.c */
265 int sslGetSessionID(SSLContext *myCtx, SSLBuffer *sessionID);
266
267 #ifdef __cplusplus
268 }
269 #endif
270
271 #endif /* _SSLCONTEXT_H_ */