2 * Copyright (c) 1999-2001,2005-2014 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 * sslContext.h - Private SSL typedefs: SSLContext and its components
28 #ifndef _SSLCONTEXT_H_
29 #define _SSLCONTEXT_H_ 1
31 #include "SecureTransport.h"
32 #include "sslBuildFlags.h"
34 #include <tls_handshake.h>
35 #include <tls_record.h>
36 #include <tls_stream_parser.h>
38 #ifdef USE_CDSA_CRYPTO
39 #include <Security/cssmtype.h>
42 #include <Security/SecDH.h>
43 #include <Security/SecKeyInternal.h>
45 #include "../sec/Security/SecDH.h" // hack to get SecDH.
46 // typedef struct OpaqueSecDHContext *SecDHContext;
48 #include <corecrypto/ccec.h>
51 #include <CoreFoundation/CFRuntime.h>
52 #include <AssertMacros.h>
55 #include "sslRecord.h"
56 #include "cipherSpecs.h"
58 #include <dispatch/dispatch.h>
67 SSLConnectionRef ioRef
;
70 //FIXME should not need this.
73 SSL_HdskStateUninit
= 0, /* No Handshake yet */
74 SSL_HdskStatePending
, /* Handshake in Progress */
75 SSL_HdskStateReady
, /* Handshake is done */
76 SSL_HdskStateGracefulClose
,
77 SSL_HdskStateErrorClose
,
78 SSL_HdskStateNoNotifyClose
, /* server disconnected with no
82 #define SSLChangeHdskState(ctx, newState) { ctx->state=newState; }
90 const struct SSLRecordFuncs
*recFuncs
;
91 SSLRecordContextRef recCtx
;
96 int writeCipher_ready
;
98 SSLHandshakeState state
;
101 * Prior to successful protocol negotiation, negProtocolVersion
102 * is SSL_Version_Undetermined. Subsequent to successful
103 * negotiation, negProtocolVersion contains the actual over-the-wire
106 * The Boolean versionEnable flags are set by
107 * SSLSetProtocolVersionEnabled or SSLSetProtocolVersion and
108 * remain invariant once negotiation has started. If there
109 * were a large number of these and/or we were adding new
110 * protocol versions on a regular basis, we'd probably want
111 * to implement these as a word of flags. For now, in the
112 * real world, this is the most straightforward implementation.
114 tls_protocol_version negProtocolVersion
; /* negotiated */
115 tls_protocol_version clientReqProtocol
; /* requested by client in hello msg */
116 tls_protocol_version minProtocolVersion
;
117 tls_protocol_version maxProtocolVersion
;
118 Boolean isDTLS
; /* if this is a Datagram Context */
119 SSLProtocolSide protocolSide
; /* ConnectionEnd enum { server, client } in rfc5246. */
121 SSLBuffer dtlsCookie
; /* DTLS ClientHello cookie */
124 uint16_t selectedCipher
; /* currently selected */
127 tls_private_key_t signingPrivKeyRef
; /* our private key */
130 /* Server DH Parameters */
131 SSLBuffer dhParamsEncoded
; /* PKCS3 encoded blob - prime + generator */
134 * Local and Peer cert chains.
135 * For both, the root is the last in the chain.
137 SSLCertificate
*localCert
;
141 * The arrays we are given via SSLSetCertificate() and SSLSetEncryptionCertificate().
142 * We keep them here, refcounted, solely for the associated getter.
144 CFArrayRef localCertArray
;
145 CFArrayRef encryptCertArray
;
147 /* peer certs as SecTrustRef */
148 SecTrustRef peerSecTrust
;
150 CFMutableArrayRef trustedCerts
;
151 Boolean trustedCertsOnly
;
154 * trusted leaf certs as specified in SSLSetTrustedLeafCertificates()
156 CFArrayRef trustedLeafCerts
;
158 Boolean allowExpiredCerts
;
159 Boolean allowExpiredRoots
;
160 Boolean enableCertVerify
;
164 SSLBuffer resumableSession
; /* We keep a copy for now - but eventually this should go away if we get refcounted SSLBuffers */
166 uint16_t *validCipherSuites
; /* context's valid suites */
167 unsigned numValidCipherSuites
; /* size of validCipherSuites */
170 uint16_t *ecdhCurves
;
171 unsigned ecdhNumCurves
;
173 /* server-side only */
174 SSLAuthenticate clientAuth
; /* kNeverAuthenticate, etc. */
175 //Boolean tryClientAuth;
177 /* client and server */
178 SSLClientCertificateState clientCertState
;
180 DNListElem
*acceptableDNList
; /* client and server */
181 CFMutableArrayRef acceptableCAs
; /* server only - SecCertificateRefs */
188 unsigned sessionMatch
;
191 /* Transport layer fields */
192 SSLBuffer receivedDataBuffer
;
193 size_t receivedDataPos
;
195 Boolean allowAnyRoot
; // don't require known roots
196 Boolean sentFatalAlert
; // this session terminated by fatal alert
197 Boolean rsaBlindingEnable
;
198 Boolean oneByteRecordEnable
; /* enable 1/n-1 data splitting for TLSv1 and SSLv3 */
200 /* optional session cache timeout (in seconds) override - 0 means default */
201 uint32_t sessionCacheTimeout
;
203 /* optional SessionTicket */
204 SSLBuffer sessionTicket
;
206 /* optional callback to obtain master secret, with its opaque arg */
207 SSLInternalMasterSecretFunction masterSecretCallback
;
208 const void *masterSecretArg
;
210 #if SSL_PAC_SERVER_ENABLE
211 /* server PAC resume sets serverRandom early to allow for secret acquisition */
212 uint8_t serverRandomValid
;
215 Boolean anonCipherEnable
;
217 /* optional switches to enable additional returns from SSLHandshake */
218 Boolean breakOnServerAuth
;
219 Boolean breakOnCertRequest
;
220 Boolean breakOnClientAuth
;
221 Boolean signalServerAuth
;
222 Boolean signalCertRequest
;
223 Boolean signalClientAuth
;
224 Boolean breakOnClientHello
;
226 /* List of peer-specified supported_signature_algorithms */
227 unsigned numPeerSigAlgs
;
228 const tls_signature_and_hash_algorithm
*peerSigAlgs
;
230 /* List of server-specified client auth types */
231 unsigned numAuthTypes
;
232 const tls_client_auth_type
*clientAuthTypes
;
234 /* client auth type actually negotiated */
235 tls_client_auth_type negAuthType
;
237 /* Timeout for DTLS retransmit */
238 CFAbsoluteTime timeout_deadline
;
239 CFAbsoluteTime timeout_duration
;
242 /* RFC 5746: Secure renegotiation */
243 Boolean secure_renegotiation
;
244 Boolean secure_renegotiation_received
;
245 SSLBuffer ownVerifyData
;
246 SSLBuffer peerVerifyData
;
248 /* RFC 4279: TLS PSK */
249 SSLBuffer pskSharedSecret
;
250 SSLBuffer pskIdentity
;
252 /* TLS False Start */
253 Boolean falseStartEnabled
; //FalseStart enabled (by API call)
254 /* Fallback behavior */
255 Boolean fallbackEnabled
; // Fallback behavior enabled.
261 SSLALPNFunc alpnFunc
;
264 /* Enable DHE or not */
267 /* For early failure reporting */
268 bool serverHelloReceived
;
271 OSStatus
SSLUpdateNegotiatedClientAuthType(SSLContextRef ctx
);
273 Boolean
sslIsSessionActive(const SSLContext
*ctx
);
275 static inline bool sslVersionIsLikeTls12(SSLContext
*ctx
)
277 check(ctx
->negProtocolVersion
!=SSL_Version_Undetermined
);
278 return ctx
->isDTLS
? ctx
->negProtocolVersion
> DTLS_Version_1_0
: ctx
->negProtocolVersion
>= TLS_Version_1_2
;
281 /* This is implemented in tls_callbacks.c */
282 int sslGetSessionID(SSLContext
*myCtx
, SSLBuffer
*sessionID
);
288 #endif /* _SSLCONTEXT_H_ */
projects / apple / security.git / blob