-/*
- * Copyright (c) 1999-2001,2005-2014 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-/*
- * sslContext.h - Private SSL typedefs: SSLContext and its components
- */
-
-#ifndef _SSLCONTEXT_H_
-#define _SSLCONTEXT_H_ 1
-
-#include "SecureTransport.h"
-#include "sslBuildFlags.h"
-
-#include <tls_handshake.h>
-#include <tls_record.h>
-#include <tls_stream_parser.h>
-
-#ifdef USE_CDSA_CRYPTO
-#include <Security/cssmtype.h>
-#else
-#if TARGET_OS_IPHONE
-#include <Security/SecDH.h>
-#include <Security/SecKeyInternal.h>
-#else
-#include "../sec/Security/SecDH.h" // hack to get SecDH.
-// typedef struct OpaqueSecDHContext *SecDHContext;
-#endif
-#include <corecrypto/ccec.h>
-#endif
-
-#include <CoreFoundation/CFRuntime.h>
-#include <AssertMacros.h>
-
-#include "sslPriv.h"
-#include "tls_ssl.h"
-#include "sslDigests.h"
-#include "sslRecord.h"
-#include "cipherSpecs.h"
-
-#include <dispatch/dispatch.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct
-{ SSLReadFunc read;
- SSLWriteFunc write;
- SSLConnectionRef ioRef;
-} IOContext;
-
-//FIXME should not need this.
-typedef enum
-{
- SSL_HdskStateUninit = 0, /* No Handshake yet */
- SSL_HdskStatePending, /* Handshake in Progress */
- SSL_HdskStateReady, /* Handshake is done */
- SSL_HdskStateGracefulClose,
- SSL_HdskStateErrorClose,
- SSL_HdskStateNoNotifyClose, /* server disconnected with no
- * notify msg */
-} SSLHandshakeState;
-
-#define SSLChangeHdskState(ctx, newState) { ctx->state=newState; }
-
-struct SSLContext
-{
- CFRuntimeBase _base;
- IOContext ioCtx;
-
-
- const struct SSLRecordFuncs *recFuncs;
- SSLRecordContextRef recCtx;
-
- tls_handshake_t hdsk;
-
- int readCipher_ready;
- int writeCipher_ready;
-
- SSLHandshakeState state;
-
- /*
- * Prior to successful protocol negotiation, negProtocolVersion
- * is SSL_Version_Undetermined. Subsequent to successful
- * negotiation, negProtocolVersion contains the actual over-the-wire
- * protocol value.
- *
- * The Boolean versionEnable flags are set by
- * SSLSetProtocolVersionEnabled or SSLSetProtocolVersion and
- * remain invariant once negotiation has started. If there
- * were a large number of these and/or we were adding new
- * protocol versions on a regular basis, we'd probably want
- * to implement these as a word of flags. For now, in the
- * real world, this is the most straightforward implementation.
- */
- SSLProtocolVersion negProtocolVersion; /* negotiated */
- SSLProtocolVersion clientReqProtocol; /* requested by client in hello msg */
- SSLProtocolVersion minProtocolVersion;
- SSLProtocolVersion maxProtocolVersion;
- Boolean isDTLS; /* if this is a Datagram Context */
- SSLProtocolSide protocolSide; /* ConnectionEnd enum { server, client } in rfc5246. */
-
- SSLBuffer dtlsCookie; /* DTLS ClientHello cookie */
-
-
- uint16_t selectedCipher; /* currently selected */
-
-
- tls_private_key_t signingPrivKeyRef; /* our private signing key */
-
- tls_private_key_t encryptPrivKeyRef; /* our private encrypt key, for
- * server-initiated key exchange */
-
-
- /* Server DH Parameters */
- SSLBuffer dhParamsEncoded; /* PKCS3 encoded blob - prime + generator */
-
- /*
- * Various cert chains.
- * For all three, the root is the last in the chain.
- */
- SSLCertificate *localCert;
- SSLCertificate *encryptCert;
- CFArrayRef peerCert;
-
- /*
- * The arrays we are given via SSLSetCertificate() and SSLSetEncryptionCertificate().
- * We keep them here, refcounted, solely for the associated getters.
- */
- CFArrayRef localCertArray;
- CFArrayRef encryptCertArray;
-
- /* peer certs as SecTrustRef */
- SecTrustRef peerSecTrust;
-
- CFMutableArrayRef trustedCerts;
- Boolean trustedCertsOnly;
-
- /*
- * trusted leaf certs as specified in SSLSetTrustedLeafCertificates()
- */
- CFArrayRef trustedLeafCerts;
-
- Boolean allowExpiredCerts;
- Boolean allowExpiredRoots;
- Boolean enableCertVerify;
-
- SSLBuffer sessionID;
- SSLBuffer peerID;
- SSLBuffer resumableSession; /* We keep a copy for now - but eventually this should go away if we get refcounted SSLBuffers */
-
- uint16_t *validCipherSuites; /* context's valid suites */
- unsigned numValidCipherSuites; /* size of validCipherSuites */
-
-
- uint16_t *ecdhCurves;
- unsigned ecdhNumCurves;
-
- /* server-side only */
- SSLAuthenticate clientAuth; /* kNeverAuthenticate, etc. */
- //Boolean tryClientAuth;
-
- /* client and server */
- SSLClientCertificateState clientCertState;
-
- DNListElem *acceptableDNList; /* client and server */
- CFMutableArrayRef acceptableCAs; /* server only - SecCertificateRefs */
-
- bool certRequested;
- bool certSent;
- bool certReceived;
- bool x509Requested;
-
- unsigned sessionMatch;
-
-
- /* Transport layer fields */
- SSLBuffer receivedDataBuffer;
- size_t receivedDataPos;
-
- Boolean allowAnyRoot; // don't require known roots
- Boolean sentFatalAlert; // this session terminated by fatal alert
- Boolean rsaBlindingEnable;
- Boolean oneByteRecordEnable; /* enable 1/n-1 data splitting for TLSv1 and SSLv3 */
-
- /* optional session cache timeout (in seconds) override - 0 means default */
- uint32_t sessionCacheTimeout;
-
- /* optional SessionTicket */
- SSLBuffer sessionTicket;
-
- /* optional callback to obtain master secret, with its opaque arg */
- SSLInternalMasterSecretFunction masterSecretCallback;
- const void *masterSecretArg;
-
- #if SSL_PAC_SERVER_ENABLE
- /* server PAC resume sets serverRandom early to allow for secret acquisition */
- uint8_t serverRandomValid;
- #endif
-
- Boolean anonCipherEnable;
-
- /* optional switches to enable additional returns from SSLHandshake */
- Boolean breakOnServerAuth;
- Boolean breakOnCertRequest;
- Boolean breakOnClientAuth;
- Boolean signalServerAuth;
- Boolean signalCertRequest;
- Boolean signalClientAuth;
-
- /* true iff ECDSA/ECDH ciphers are configured */
- Boolean ecdsaEnable;
-
- /* List of peer-specified supported_signature_algorithms */
- unsigned numPeerSigAlgs;
- const tls_signature_and_hash_algorithm *peerSigAlgs;
-
- /* List of server-specified client auth types */
- unsigned numAuthTypes;
- const tls_client_auth_type *clientAuthTypes;
-
- /* client auth type actually negotiated */
- tls_client_auth_type negAuthType;
-
- /* Timeout for DTLS retransmit */
- CFAbsoluteTime timeout_deadline;
- CFAbsoluteTime timeout_duration;
- size_t mtu;
-
- /* RFC 5746: Secure renegotiation */
- Boolean secure_renegotiation;
- Boolean secure_renegotiation_received;
- SSLBuffer ownVerifyData;
- SSLBuffer peerVerifyData;
-
- /* RFC 4279: TLS PSK */
- SSLBuffer pskSharedSecret;
- SSLBuffer pskIdentity;
-
- /* TLS False Start */
- Boolean falseStartEnabled; //FalseStart enabled (by API call)
- /* Fallback behavior */
- Boolean fallbackEnabled; // Fallback behavior enabled.
- /* NPN */
- SSLNPNFunc npnFunc;
- void *npnFuncInfo;
-};
-
-OSStatus SSLUpdateNegotiatedClientAuthType(SSLContextRef ctx);
-
-Boolean sslIsSessionActive(const SSLContext *ctx);
-
-static inline bool sslVersionIsLikeTls12(SSLContext *ctx)
-{
- check(ctx->negProtocolVersion!=SSL_Version_Undetermined);
- return ctx->isDTLS ? ctx->negProtocolVersion > DTLS_Version_1_0 : ctx->negProtocolVersion >= TLS_Version_1_2;
-}
-
-/* This is implemented in tls_callbacks.c */
- int sslGetSessionID(SSLContext *myCtx, SSLBuffer *sessionID);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _SSLCONTEXT_H_ */
projects / apple / security.git / blobdiff