56 #define EINVAL_CHANGE_CIPHER __einfo_error ( EINFO_EINVAL_CHANGE_CIPHER ) 57 #define EINFO_EINVAL_CHANGE_CIPHER \ 58 __einfo_uniqify ( EINFO_EINVAL, 0x01, \ 59 "Invalid Change Cipher record" ) 60 #define EINVAL_ALERT __einfo_error ( EINFO_EINVAL_ALERT ) 61 #define EINFO_EINVAL_ALERT \ 62 __einfo_uniqify ( EINFO_EINVAL, 0x02, \ 63 "Invalid Alert record" ) 64 #define EINVAL_HELLO __einfo_error ( EINFO_EINVAL_HELLO ) 65 #define EINFO_EINVAL_HELLO \ 66 __einfo_uniqify ( EINFO_EINVAL, 0x03, \ 67 "Invalid Server Hello record" ) 68 #define EINVAL_CERTIFICATE __einfo_error ( EINFO_EINVAL_CERTIFICATE ) 69 #define EINFO_EINVAL_CERTIFICATE \ 70 __einfo_uniqify ( EINFO_EINVAL, 0x04, \ 71 "Invalid Certificate" ) 72 #define EINVAL_CERTIFICATES __einfo_error ( EINFO_EINVAL_CERTIFICATES ) 73 #define EINFO_EINVAL_CERTIFICATES \ 74 __einfo_uniqify ( EINFO_EINVAL, 0x05, \ 75 "Invalid Server Certificate record" ) 76 #define EINVAL_HELLO_DONE __einfo_error ( EINFO_EINVAL_HELLO_DONE ) 77 #define EINFO_EINVAL_HELLO_DONE \ 78 __einfo_uniqify ( EINFO_EINVAL, 0x06, \ 79 "Invalid Server Hello Done record" ) 80 #define EINVAL_FINISHED __einfo_error ( EINFO_EINVAL_FINISHED ) 81 #define EINFO_EINVAL_FINISHED \ 82 __einfo_uniqify ( EINFO_EINVAL, 0x07, \ 83 "Invalid Server Finished record" ) 84 #define EINVAL_HANDSHAKE __einfo_error ( EINFO_EINVAL_HANDSHAKE ) 85 #define EINFO_EINVAL_HANDSHAKE \ 86 __einfo_uniqify ( EINFO_EINVAL, 0x08, \ 87 "Invalid Handshake record" ) 88 #define EINVAL_STREAM __einfo_error ( EINFO_EINVAL_STREAM ) 89 #define EINFO_EINVAL_STREAM \ 90 __einfo_uniqify ( EINFO_EINVAL, 0x09, \ 91 "Invalid stream-ciphered record" ) 92 #define EINVAL_BLOCK __einfo_error ( EINFO_EINVAL_BLOCK ) 93 #define EINFO_EINVAL_BLOCK \ 94 __einfo_uniqify ( EINFO_EINVAL, 0x0a, \ 95 "Invalid block-ciphered record" ) 96 #define EINVAL_PADDING __einfo_error ( EINFO_EINVAL_PADDING ) 97 #define EINFO_EINVAL_PADDING \ 98 __einfo_uniqify ( EINFO_EINVAL, 0x0b, \ 99 "Invalid block padding" ) 100 #define EINVAL_RX_STATE __einfo_error ( EINFO_EINVAL_RX_STATE ) 101 #define EINFO_EINVAL_RX_STATE \ 102 __einfo_uniqify ( EINFO_EINVAL, 0x0c, \ 103 "Invalid receive state" ) 104 #define EINVAL_MAC __einfo_error ( EINFO_EINVAL_MAC ) 105 #define EINFO_EINVAL_MAC \ 106 __einfo_uniqify ( EINFO_EINVAL, 0x0d, \ 108 #define EINVAL_TICKET __einfo_error ( EINFO_EINVAL_TICKET ) 109 #define EINFO_EINVAL_TICKET \ 110 __einfo_uniqify ( EINFO_EINVAL, 0x0e, \ 111 "Invalid New Session Ticket record") 112 #define EIO_ALERT __einfo_error ( EINFO_EIO_ALERT ) 113 #define EINFO_EIO_ALERT \ 114 __einfo_uniqify ( EINFO_EIO, 0x01, \ 115 "Unknown alert level" ) 116 #define ENOMEM_CONTEXT __einfo_error ( EINFO_ENOMEM_CONTEXT ) 117 #define EINFO_ENOMEM_CONTEXT \ 118 __einfo_uniqify ( EINFO_ENOMEM, 0x01, \ 119 "Not enough space for crypto context" ) 120 #define ENOMEM_CERTIFICATE __einfo_error ( EINFO_ENOMEM_CERTIFICATE ) 121 #define EINFO_ENOMEM_CERTIFICATE \ 122 __einfo_uniqify ( EINFO_ENOMEM, 0x02, \ 123 "Not enough space for certificate" ) 124 #define ENOMEM_CHAIN __einfo_error ( EINFO_ENOMEM_CHAIN ) 125 #define EINFO_ENOMEM_CHAIN \ 126 __einfo_uniqify ( EINFO_ENOMEM, 0x03, \ 127 "Not enough space for certificate chain" ) 128 #define ENOMEM_TX_PLAINTEXT __einfo_error ( EINFO_ENOMEM_TX_PLAINTEXT ) 129 #define EINFO_ENOMEM_TX_PLAINTEXT \ 130 __einfo_uniqify ( EINFO_ENOMEM, 0x04, \ 131 "Not enough space for transmitted plaintext" ) 132 #define ENOMEM_TX_CIPHERTEXT __einfo_error ( EINFO_ENOMEM_TX_CIPHERTEXT ) 133 #define EINFO_ENOMEM_TX_CIPHERTEXT \ 134 __einfo_uniqify ( EINFO_ENOMEM, 0x05, \ 135 "Not enough space for transmitted ciphertext" ) 136 #define ENOMEM_RX_DATA __einfo_error ( EINFO_ENOMEM_RX_DATA ) 137 #define EINFO_ENOMEM_RX_DATA \ 138 __einfo_uniqify ( EINFO_ENOMEM, 0x07, \ 139 "Not enough space for received data" ) 140 #define ENOMEM_RX_CONCAT __einfo_error ( EINFO_ENOMEM_RX_CONCAT ) 141 #define EINFO_ENOMEM_RX_CONCAT \ 142 __einfo_uniqify ( EINFO_ENOMEM, 0x08, \ 143 "Not enough space to concatenate received data" ) 144 #define ENOTSUP_CIPHER __einfo_error ( EINFO_ENOTSUP_CIPHER ) 145 #define EINFO_ENOTSUP_CIPHER \ 146 __einfo_uniqify ( EINFO_ENOTSUP, 0x01, \ 147 "Unsupported cipher" ) 148 #define ENOTSUP_NULL __einfo_error ( EINFO_ENOTSUP_NULL ) 149 #define EINFO_ENOTSUP_NULL \ 150 __einfo_uniqify ( EINFO_ENOTSUP, 0x02, \ 151 "Refusing to use null cipher" ) 152 #define ENOTSUP_SIG_HASH __einfo_error ( EINFO_ENOTSUP_SIG_HASH ) 153 #define EINFO_ENOTSUP_SIG_HASH \ 154 __einfo_uniqify ( EINFO_ENOTSUP, 0x03, \ 155 "Unsupported signature and hash algorithm" ) 156 #define ENOTSUP_VERSION __einfo_error ( EINFO_ENOTSUP_VERSION ) 157 #define EINFO_ENOTSUP_VERSION \ 158 __einfo_uniqify ( EINFO_ENOTSUP, 0x04, \ 159 "Unsupported protocol version" ) 160 #define EPERM_ALERT __einfo_error ( EINFO_EPERM_ALERT ) 161 #define EINFO_EPERM_ALERT \ 162 __einfo_uniqify ( EINFO_EPERM, 0x01, \ 163 "Received fatal alert" ) 164 #define EPERM_VERIFY __einfo_error ( EINFO_EPERM_VERIFY ) 165 #define EINFO_EPERM_VERIFY \ 166 __einfo_uniqify ( EINFO_EPERM, 0x02, \ 167 "Handshake verification failed" ) 168 #define EPERM_CLIENT_CERT __einfo_error ( EINFO_EPERM_CLIENT_CERT ) 169 #define EINFO_EPERM_CLIENT_CERT \ 170 __einfo_uniqify ( EINFO_EPERM, 0x03, \ 171 "No suitable client certificate available" ) 172 #define EPERM_RENEG_INSECURE __einfo_error ( EINFO_EPERM_RENEG_INSECURE ) 173 #define EINFO_EPERM_RENEG_INSECURE \ 174 __einfo_uniqify ( EINFO_EPERM, 0x04, \ 175 "Secure renegotiation not supported" ) 176 #define EPERM_RENEG_VERIFY __einfo_error ( EINFO_EPERM_RENEG_VERIFY ) 177 #define EINFO_EPERM_RENEG_VERIFY \ 178 __einfo_uniqify ( EINFO_EPERM, 0x05, \ 179 "Secure renegotiation verification failed" ) 180 #define EPROTO_VERSION __einfo_error ( EINFO_EPROTO_VERSION ) 181 #define EINFO_EPROTO_VERSION \ 182 __einfo_uniqify ( EINFO_EPROTO, 0x01, \ 183 "Illegal protocol version upgrade" ) 190 const void *
data,
size_t len );
220 static inline __attribute__ (( always_inline ))
unsigned long 449 DBGC ( tls,
"TLS %p could not generate random data: %s\n",
465 void *digest_ctx,
va_list args ) {
469 while ( (
data =
va_arg ( args,
void * ) ) ) {
488 void *secret,
size_t secret_len,
489 void *
out,
size_t out_len,
491 uint8_t secret_copy[secret_len];
496 size_t frag_len =
digest->digestsize;
500 memcpy ( secret_copy, secret, secret_len );
501 secret = secret_copy;
502 DBGC2 ( tls,
"TLS %p %s secret:\n", tls,
digest->name );
503 DBGC2_HD ( tls, secret, secret_len );
511 DBGC2 ( tls,
"TLS %p %s A(1):\n", tls,
digest->name );
519 memcpy ( digest_ctx_partial, digest_ctx,
digest->ctxsize );
524 secret, &secret_len, out_tmp );
527 if ( frag_len > out_len )
530 DBGC2 ( tls,
"TLS %p %s output:\n", tls,
digest->name );
535 secret, &secret_len,
a );
536 DBGC2 ( tls,
"TLS %p %s A(n):\n", tls,
digest->name );
555 size_t secret_len,
void *
out,
size_t out_len, ... ) {
558 size_t subsecret_len;
569 out, out_len, seeds );
576 subsecret_len = ( ( secret_len + 1 ) / 2 );
578 sha1_secret = ( secret + secret_len - subsecret_len );
583 subsecret_len,
out, out_len, seeds );
589 subsecret_len, buf, out_len, seeds );
593 for ( i = 0 ; i < out_len ; i++ )
610 #define tls_prf_label( tls, secret, secret_len, out, out_len, label, ... ) \ 611 tls_prf ( (tls), (secret), (secret_len), (out), (out_len), \ 612 label, ( sizeof ( label ) - 1 ), __VA_ARGS__, NULL ) 630 DBGC ( tls,
"TLS %p pre-master-secret:\n", tls );
633 DBGC ( tls,
"TLS %p client random bytes:\n", tls );
635 DBGC ( tls,
"TLS %p server random bytes:\n", tls );
645 DBGC ( tls,
"TLS %p generated master secret:\n", tls );
662 size_t total = ( 2 * ( hash_size + key_size + iv_size ) );
669 key_block, sizeof ( key_block ),
"key expansion",
678 DBGC ( tls,
"TLS %p TX MAC secret:\n", tls );
684 DBGC ( tls,
"TLS %p RX MAC secret:\n", tls );
691 key, key_size ) ) != 0 ) {
692 DBGC ( tls,
"TLS %p could not set TX key: %s\n",
696 DBGC ( tls,
"TLS %p TX key:\n", tls );
703 key, key_size ) ) != 0 ) {
704 DBGC ( tls,
"TLS %p could not set TX key: %s\n",
708 DBGC ( tls,
"TLS %p RX key:\n", tls );
715 DBGC ( tls,
"TLS %p TX IV:\n", tls );
722 DBGC ( tls,
"TLS %p RX IV:\n", tls );
746 #define TLS_NUM_CIPHER_SUITES table_num_entries ( TLS_CIPHER_SUITES ) 760 if ( suite->
code == cipher_suite )
775 if ( cipherspec->
suite ) {
780 memset ( cipherspec, 0,
sizeof ( *cipherspec ) );
806 dynamic =
zalloc ( total );
808 DBGC ( tls,
"TLS %p could not allocate %zd bytes for crypto " 809 "context\n", tls, total );
822 cipherspec->
suite = suite;
835 unsigned int cipher_suite ) {
842 DBGC ( tls,
"TLS %p does not support cipher %04x\n",
843 tls,
ntohs ( cipher_suite ) );
855 DBGC ( tls,
"TLS %p selected %s-%s-%d-%s\n", tls, suite->
pubkey->
name,
876 DBGC ( tls,
"TLS %p refusing to use null cipher\n", tls );
893 #define TLS_NUM_SIG_HASH_ALGORITHMS \ 894 table_num_entries ( TLS_SIG_HASH_ALGORITHMS ) 934 const void *
data,
size_t len ) {
1048 uint8_t compression_methods_len;
1049 uint8_t compression_methods[1];
1067 uint16_t signature_algorithms_type;
1096 sizeof (
hello.type_length ) ) );
1101 sizeof (
hello.session_id ) );
1105 hello.compression_methods_len =
sizeof (
hello.compression_methods );
1108 hello.extensions.server_name_len
1109 =
htons (
sizeof (
hello.extensions.server_name ) );
1110 hello.extensions.server_name.len
1111 =
htons (
sizeof (
hello.extensions.server_name.list ) );
1113 hello.extensions.server_name.list[0].len
1114 =
htons (
sizeof (
hello.extensions.server_name.list[0].name ));
1116 sizeof (
hello.extensions.server_name.list[0].name ) );
1117 hello.extensions.max_fragment_length_type
1119 hello.extensions.max_fragment_length_len
1120 =
htons (
sizeof (
hello.extensions.max_fragment_length ) );
1121 hello.extensions.max_fragment_length.max
1123 hello.extensions.signature_algorithms_type
1125 hello.extensions.signature_algorithms_len
1126 =
htons (
sizeof (
hello.extensions.signature_algorithms ) );
1127 hello.extensions.signature_algorithms.len
1128 =
htons (
sizeof (
hello.extensions.signature_algorithms.code));
1130 hello.extensions.signature_algorithms.code[i++] = sighash->
code;
1131 hello.extensions.renegotiation_info_type
1133 hello.extensions.renegotiation_info_len
1134 =
htons (
sizeof (
hello.extensions.renegotiation_info ) );
1135 hello.extensions.renegotiation_info.len
1136 =
sizeof (
hello.extensions.renegotiation_info.data );
1138 sizeof (
hello.extensions.renegotiation_info.data ) );
1140 hello.extensions.session_ticket_len
1141 =
htons (
sizeof (
hello.extensions.session_ticket ) );
1143 sizeof (
hello.extensions.session_ticket.data ) );
1162 typeof ( *certificate ) certificates[0];
1173 len += (
sizeof ( *certificate ) + cert->
raw.
len );
1174 DBGC ( tls,
"TLS %p sending client certificate %s\n",
1181 certificates =
zalloc (
sizeof ( *certificates ) +
len );
1182 if ( ! certificates )
1186 certificates->type_length =
1188 htonl (
sizeof ( *certificates ) +
len -
1189 sizeof ( certificates->type_length ) ) );
1191 certificate = &certificates->certificates[0];
1196 certificate = ( ( (
void * ) certificate->data ) +
1202 (
sizeof ( *certificates ) +
len ) );
1205 free ( certificates );
1222 uint16_t encrypted_pre_master_secret_len;
1230 memset ( &key_xchg, 0,
sizeof ( key_xchg ) );
1234 key_xchg.encrypted_pre_master_secret );
1237 DBGC ( tls,
"TLS %p could not encrypt pre-master secret: %s\n",
1242 key_xchg.type_length =
1244 htonl (
sizeof ( key_xchg ) -
1245 sizeof ( key_xchg.type_length ) -
unused ) );
1246 key_xchg.encrypted_pre_master_secret_len =
1247 htons (
sizeof ( key_xchg.encrypted_pre_master_secret ) -
1251 (
sizeof ( key_xchg ) -
unused ) );
1275 DBGC ( tls,
"TLS %p could not initialise %s client private " 1277 goto err_pubkey_init;
1284 DBGC ( tls,
"TLS %p could not identify (%s,%s) " 1285 "signature and hash algorithm\n", tls,
1295 int use_sig_hash = ( ( sig_hash ==
NULL ) ? 0 : 1 );
1307 certificate_verify.signature );
1310 DBGC ( tls,
"TLS %p could not sign %s digest using %s " 1311 "client private key: %s\n", tls,
digest->name,
1313 goto err_pubkey_sign;
1318 certificate_verify.type_length =
1320 htonl (
sizeof ( certificate_verify ) -
1321 sizeof ( certificate_verify.type_length ) -
1323 if ( use_sig_hash ) {
1324 memcpy ( &certificate_verify.sig_hash[0],
1326 sizeof ( certificate_verify.sig_hash[0] ) );
1328 certificate_verify.signature_len =
1329 htons (
sizeof ( certificate_verify.signature ) -
1334 (
sizeof ( certificate_verify ) -
unused ) );
1351 static const uint8_t change_cipher[1] = { 1 };
1353 change_cipher,
sizeof ( change_cipher ) );
1375 "client finished", digest_out, sizeof ( digest_out ) );
1378 memset ( &finished, 0,
sizeof ( finished ) );
1380 htonl (
sizeof ( finished ) -
1381 sizeof ( finished.type_length ) ) );
1383 sizeof ( finished.verify_data ) );
1387 sizeof ( finished ) ) ) != 0 )
1405 const void *
data,
size_t len ) {
1409 DBGC ( tls,
"TLS %p received invalid Change Cipher\n", tls );
1416 DBGC ( tls,
"TLS %p could not activate RX cipher: %s\n",
1443 DBGC ( tls,
"TLS %p received overlength Alert\n", tls );
1448 switch (
alert->level ) {
1450 DBGC ( tls,
"TLS %p received warning alert %d\n",
1451 tls,
alert->description );
1454 DBGC ( tls,
"TLS %p received fatal alert %d\n",
1455 tls,
alert->description );
1458 DBGC ( tls,
"TLS %p received unknown alert level %d" 1459 "(alert %d)\n", tls,
alert->level,
alert->description );
1478 DBGC ( tls,
"TLS %p ignoring Hello Request\n", tls );
1484 DBGC ( tls,
"TLS %p refusing to renegotiate insecurely\n",
1504 const void *
data,
size_t len ) {
1537 if ( (
sizeof ( *hello_a ) >
len ) ||
1538 ( hello_a->session_id_len > (
len - sizeof ( *hello_a ) ) ) ||
1539 (
sizeof ( *hello_b ) > (
len -
sizeof ( *hello_a ) -
1540 hello_a->session_id_len ) ) ) {
1541 DBGC ( tls,
"TLS %p received underlength Server Hello\n", tls );
1545 session_id = hello_a->session_id;
1546 hello_b = ( (
void * ) ( session_id + hello_a->session_id_len ) );
1549 remaining = (
len -
sizeof ( *hello_a ) - hello_a->session_id_len -
1550 sizeof ( *hello_b ) );
1554 exts = ( (
void * ) hello_b->next );
1555 if ( (
sizeof ( *exts ) > remaining ) ||
1556 ( ( exts_len =
ntohs ( exts->len ) ) >
1557 ( remaining -
sizeof ( *exts ) ) ) ) {
1558 DBGC ( tls,
"TLS %p received underlength extensions\n",
1565 for (
ext = ( (
void * ) exts->data ), remaining = exts_len ;
1567 ext = ( ( (
void * )
ext ) + sizeof ( *
ext ) + ext_len ),
1568 remaining -= (
sizeof ( *
ext ) + ext_len ) ) {
1571 if ( (
sizeof ( *
ext ) > remaining ) ||
1572 ( ( ext_len =
ntohs (
ext->len ) ) >
1573 ( remaining - sizeof ( *
ext ) ) ) ) {
1574 DBGC ( tls,
"TLS %p received underlength " 1575 "extension\n", tls );
1581 switch (
ext->type ) {
1583 reneg = ( (
void * )
ext->data );
1584 if ( (
sizeof ( *reneg ) > ext_len ) ||
1586 ( ext_len - sizeof ( *reneg ) ) ) ) {
1587 DBGC ( tls,
"TLS %p received " 1588 "underlength renegotiation " 1601 DBGC ( tls,
"TLS %p does not support protocol version %d.%d\n",
1606 DBGC ( tls,
"TLS %p server attempted to illegally upgrade to " 1607 "protocol version %d.%d\n",
1612 DBGC ( tls,
"TLS %p using protocol version %d.%d\n",
1632 if ( hello_a->session_id_len &&
1638 DBGC ( tls,
"TLS %p resuming session ID:\n", tls );
1647 if ( hello_a->session_id_len &&
1648 ( hello_a->session_id_len <= sizeof ( tls->
session_id ))){
1652 DBGC ( tls,
"TLS %p new session ID:\n", tls );
1666 if ( ( reneg ==
NULL ) ||
1667 ( reneg->len != sizeof ( tls->
verify ) ) ||
1669 sizeof ( tls->
verify ) ) != 0 ) ) {
1670 DBGC ( tls,
"TLS %p server failed secure " 1671 "renegotiation\n", tls );
1675 }
else if ( reneg !=
NULL ) {
1678 if ( reneg->len != 0 ) {
1679 DBGC ( tls,
"TLS %p server provided non-empty initial " 1680 "renegotiation\n", tls );
1698 const void *
data,
size_t len ) {
1707 if (
sizeof ( *new_session_ticket ) >
len ) {
1708 DBGC ( tls,
"TLS %p received underlength New Session Ticket\n",
1713 ticket_len =
ntohs ( new_session_ticket->len );
1714 if ( ticket_len > (
len -
sizeof ( *new_session_ticket ) ) ) {
1715 DBGC ( tls,
"TLS %p received overlength New Session Ticket\n",
1733 DBGC ( tls,
"TLS %p new session ticket:\n", tls );
1749 const void *
data,
size_t len ) {
1750 size_t remaining =
len;
1759 if ( ! tls->
chain ) {
1761 goto err_alloc_chain;
1765 while ( remaining ) {
1770 size_t certificate_len;
1775 if (
sizeof ( *certificate ) > remaining ) {
1776 DBGC ( tls,
"TLS %p underlength certificate:\n", tls );
1779 goto err_underlength;
1781 certificate_len =
tls_uint24 ( &certificate->length );
1782 if ( certificate_len > ( remaining -
sizeof ( *certificate ) )){
1783 DBGC ( tls,
"TLS %p overlength certificate:\n", tls );
1786 goto err_overlength;
1788 record_len = (
sizeof ( *certificate ) + certificate_len );
1792 certificate_len ) ) != 0 ) {
1793 DBGC ( tls,
"TLS %p could not append certificate: %s\n",
1799 DBGC ( tls,
"TLS %p found certificate %s\n",
1804 remaining -= record_len;
1827 const void *
data,
size_t len ) {
1832 size_t certificates_len;
1836 if (
sizeof ( *certificate ) >
len ) {
1837 DBGC ( tls,
"TLS %p received underlength Server Certificate\n",
1842 certificates_len =
tls_uint24 ( &certificate->length );
1843 if ( certificates_len > (
len -
sizeof ( *certificate ) ) ) {
1844 DBGC ( tls,
"TLS %p received overlength Server Certificate\n",
1852 certificates_len ) ) != 0 )
1883 DBGC ( tls,
"TLS %p could not find certificate corresponding " 1884 "to private key\n", tls );
1889 DBGC ( tls,
"TLS %p selected client certificate %s\n",
1894 if ( ! tls->
certs ) {
1905 goto err_auto_append;
1931 const void *
data,
size_t len ) {
1938 if (
sizeof ( *hello_done ) !=
len ) {
1939 DBGC ( tls,
"TLS %p received overlength Server Hello Done\n",
1947 tls->
root ) ) != 0 ) {
1948 DBGC ( tls,
"TLS %p could not start certificate validation: " 1966 const void *
data,
size_t len ) {
1976 if (
sizeof ( *finished ) !=
len ) {
1977 DBGC ( tls,
"TLS %p received overlength Finished\n", tls );
1986 "server finished", digest_out, sizeof ( digest_out ) );
1989 DBGC ( tls,
"TLS %p verification failed\n", tls );
2008 sizeof (
session->master_secret ) );
2044 const void *
data,
size_t len ) {
2045 size_t remaining =
len;
2048 while ( remaining ) {
2054 const void *payload;
2059 if (
sizeof ( *handshake ) > remaining ) {
2060 DBGC ( tls,
"TLS %p received underlength Handshake\n",
2065 payload_len =
tls_uint24 ( &handshake->length );
2066 if ( payload_len > ( remaining -
sizeof ( *handshake ) ) ) {
2067 DBGC ( tls,
"TLS %p received overlength Handshake\n",
2072 payload = &handshake->payload;
2073 record_len = (
sizeof ( *handshake ) + payload_len );
2076 switch ( handshake->type ) {
2103 DBGC ( tls,
"TLS %p ignoring handshake type %d\n",
2104 tls, handshake->type );
2121 remaining -= record_len;
2155 DBGC ( tls,
"TLS %p could not deliver data: " 2166 DBGC ( tls,
"TLS %p could not concatenate non-data record " 2167 "type %d\n", tls,
type );
2187 DBGC ( tls,
"TLS %p ignoring record type %d\n", tls,
type );
2192 rc = ( handler ? handler ( tls, iobuf->
data,
iob_len ( iobuf ) ) : 0 );
2231 const void *
data,
size_t len ) {
2249 &
digest->digestsize, hmac );
2264 const void *
data,
size_t len,
void *hmac ) {
2285 void *
digest,
size_t *plaintext_len ) {
2292 *plaintext_len = (
len + mac_len );
2295 plaintext =
malloc ( *plaintext_len );
2298 content = plaintext;
2320 void *
digest,
size_t *plaintext_len ) {
2335 padding_len = ( (
blocksize - 1 ) & -( iv_len +
len + mac_len + 1 ) );
2336 *plaintext_len = ( iv_len +
len + mac_len + padding_len + 1 );
2339 plaintext =
malloc ( *plaintext_len );
2343 content = (
iv + iv_len );
2345 padding = (
mac + mac_len );
2351 memset ( padding, padding_len, ( padding_len + 1 ) );
2366 const void *
data,
size_t len ) {
2371 void *plaintext =
NULL;
2372 size_t plaintext_len;
2374 size_t ciphertext_len;
2395 if ( ! plaintext ) {
2396 DBGC ( tls,
"TLS %p could not allocate %zd bytes for " 2397 "plaintext\n", tls, plaintext_len );
2402 DBGC2 ( tls,
"Sending plaintext data:\n" );
2403 DBGC2_HD ( tls, plaintext, plaintext_len );
2406 ciphertext_len = (
sizeof ( *tlshdr ) + plaintext_len );
2408 if ( ! ciphertext ) {
2409 DBGC ( tls,
"TLS %p could not allocate %zd bytes for " 2410 "ciphertext\n", tls, ciphertext_len );
2416 tlshdr =
iob_put ( ciphertext,
sizeof ( *tlshdr ) );
2423 iob_put ( ciphertext, plaintext_len ), plaintext_len );
2432 DBGC ( tls,
"TLS %p could not deliver ciphertext: %s\n",
2464 if (
iob_len ( iobuf ) < mac_len ) {
2465 DBGC ( tls,
"TLS %p received underlength MAC\n", tls );
2496 if (
iob_len ( iobuf ) < iv_len ) {
2497 DBGC ( tls,
"TLS %p received underlength IV\n", tls );
2505 padding_final = ( iobuf->
tail - 1 );
2506 padding_len = *padding_final;
2507 if ( ( padding_len + 1 ) >
iob_len ( iobuf ) ) {
2508 DBGC ( tls,
"TLS %p received underlength padding\n", tls );
2512 iob_unput ( iobuf, ( padding_len + 1 ) );
2513 for ( padding = iobuf->
tail ; padding < padding_final ; padding++ ) {
2514 if ( *padding != padding_len ) {
2515 DBGC ( tls,
"TLS %p received bad padding\n", tls );
2516 DBGC_HD ( tls, padding, padding_len );
2522 if (
iob_len ( iobuf ) < mac_len ) {
2523 DBGC ( tls,
"TLS %p received underlength MAC\n", tls );
2571 DBGC2 ( tls,
"Received plaintext data:\n" );
2578 plaintext_tlshdr.
type = tlshdr->
type;
2587 if (
memcmp (
mac, verify_mac,
sizeof ( verify_mac ) ) != 0 ) {
2588 DBGC ( tls,
"TLS %p failed MAC verification\n", tls );
2697 size_t remaining = data_len;
2705 while ( remaining ) {
2711 frag_len = remaining;
2714 remaining -= frag_len;
2716 frag_len += remaining;
2723 DBGC ( tls,
"TLS %p could not allocate %zd of %zd " 2724 "bytes for receive buffer\n", tls,
2725 remaining, data_len );
2906 DBGC ( tls,
"TLS %p certificate validation failed: %s\n",
2910 DBGC ( tls,
"TLS %p certificate validation succeeded\n", tls );
2918 DBGC ( tls,
"TLS %p server certificate does not match %s: %s\n",
2927 DBGC ( tls,
"TLS %p cannot initialise public key: %s\n",
3009 DBGC ( tls,
"TLS %p could not send Client Hello: %s\n",
3017 DBGC ( tls,
"TLS %p cold not send Certificate: %s\n",
3025 DBGC ( tls,
"TLS %p could not send Client Key " 3033 DBGC ( tls,
"TLS %p could not send Certificate " 3041 DBGC ( tls,
"TLS %p could not send Change Cipher: " 3048 DBGC ( tls,
"TLS %p could not activate TX cipher: " 3057 DBGC ( tls,
"TLS %p could not send Finished: %s\n",
3109 DBGC ( tls,
"TLS %p joining session %s\n", tls,
name );
3122 name_copy = ( ( (
void * )
session ) +
sizeof ( *session ) );
3133 DBGC ( tls,
"TLS %p created session %s\n", tls,
name );
3163 tls =
malloc (
sizeof ( *tls ) );
3168 memset ( tls, 0,
sizeof ( *tls ) );
Transport Layer Security Protocol.
#define cpu_to_be16(value)
struct tls_verify_data verify
Verification data.
void * memswap(void *first, void *second, size_t len)
Swap memory regions.
static void free_tls(struct refcnt *refcnt)
Free TLS connection.
static void x509_chain_put(struct x509_chain *chain)
Drop reference to X.509 certificate chain.
#define iob_pull(iobuf, len)
static int tls_send_certificate(struct tls_connection *tls)
Transmit Certificate record.
An object interface operation.
#define EPERM_CLIENT_CERT
size_t blocksize
Block size.
struct digest_algorithm * digest
Digest algorithm.
struct asn1_cursor raw
Raw public key information.
struct arbelprm_rc_send_wqe rc
static void tls_tx_resume_all(struct tls_session *session)
Resume TX state machine for all connections within a session.
static void digest_update(struct digest_algorithm *digest, void *ctx, const void *data, size_t len)
void xfer_window_changed(struct interface *intf)
Report change of flow control window.
void intf_close(struct interface *intf, int rc)
Close an object interface.
struct x509_chain * chain
Server certificate chain.
static void tls_validator_done(struct tls_connection *tls, int rc)
Handle certificate validation completion.
static void privkey_put(struct private_key *key)
Drop reference to private key.
void intf_restart(struct interface *intf, int rc)
Shut down and restart an object interface.
struct tls_cipher_suite tls_cipher_suite_null
Null cipher suite.
static int tls_select_cipher(struct tls_connection *tls, unsigned int cipher_suite)
Select next cipher suite.
struct pending_operation client_negotiation
Client security negotiation pending operation.
#define iob_put(iobuf, len)
struct process process
TX process.
#define TLS_NUM_CIPHER_SUITES
Number of supported cipher suites.
void intf_shutdown(struct interface *intf, int rc)
Shut down an object interface.
static void tls_tx_resume(struct tls_connection *tls)
Resume TX state machine.
static int tls_new_ciphertext(struct tls_connection *tls, struct tls_header *tlshdr, struct list_head *rx_data)
Receive new ciphertext record.
static int tls_newdata_process_header(struct tls_connection *tls)
Handle received TLS header.
#define TLS_RENEGOTIATION_INFO
int xfer_deliver_iob(struct interface *intf, struct io_buffer *iobuf)
Deliver datagram as I/O buffer without metadata.
struct x509_certificate * certstore_find_key(struct private_key *key)
Find certificate in store corresponding to a private key.
struct x509_chain certstore
Certificate store.
struct tls_session * session
Session.
static struct x509_certificate * x509_get(struct x509_certificate *cert)
Get reference to X.509 certificate.
struct io_buffer rx_header_iobuf
Current received record header (static I/O buffer)
static unsigned long tls_uint24(const tls24_t *field24)
Extract 24-bit field value.
static void tls_restart(struct tls_connection *tls)
Restart negotiation.
struct stp_switch root
Root switch.
#define list_add(new, head)
Add a new entry to the head of a list.
uint32_t next
Next descriptor address.
static void size_t size_t max_len
struct list_head links
List of links.
static struct tls_cipher_suite * tls_find_cipher_suite(unsigned int cipher_suite)
Identify cipher suite.
#define ref_init(refcnt, free)
Initialise a reference counter.
struct refcnt refcnt
Reference counter.
uint64_t rx_seq
RX sequence number.
void hmac_final(struct digest_algorithm *digest, void *digest_ctx, void *key, size_t *key_len, void *hmac)
Finalise HMAC.
static void tls_verify_handshake(struct tls_connection *tls, void *out)
Calculate handshake verification hash.
int x509_check_name(struct x509_certificate *cert, const char *name)
Check X.509 certificate name.
static int rbg_generate(const void *additional, size_t additional_len, int prediction_resist, void *data, size_t len)
Generate bits using RBG.
static int tls_cipherstream_deliver(struct tls_connection *tls, struct io_buffer *iobuf, struct xfer_metadata *xfer __unused)
Receive new ciphertext.
void free_iob(struct io_buffer *iobuf)
Free I/O buffer.
struct io_buffer * alloc_iob_raw(size_t len, size_t align, size_t offset)
Allocate I/O buffer with specified alignment and offset.
static void digest_final(struct digest_algorithm *digest, void *ctx, void *out)
int x509_append_raw(struct x509_chain *chain, const void *data, size_t len)
Append X.509 certificate to X.509 certificate chain.
static LIST_HEAD(tls_sessions)
List of TLS session.
static struct interface_operation tls_plainstream_ops[]
TLS plaintext stream interface operations.
uint8_t handshake_md5_sha1_ctx[MD5_SHA1_CTX_SIZE]
MD5+SHA1 context for handshake verification.
void pending_put(struct pending_operation *pending)
Mark an operation as no longer pending.
struct x509_root root_certificates
Root certificates.
struct asn1_algorithm * signature_algorithm
Signature algorithm.
const void * data
Start of data.
size_t new_session_ticket_len
Length of new session ticket.
#define TLS_VERSION_TLS_1_2
TLS version 1.2.
int x509_append(struct x509_chain *chain, struct x509_certificate *cert)
Append X.509 certificate to X.509 certificate chain.
static struct private_key * privkey_get(struct private_key *key)
Get reference to private key.
uint8_t server_random[32]
Server random bytes.
uint8_t session_id[32]
Session ID.
FILE_LICENCE(GPL2_OR_LATER)
struct tls_header rx_header
Current received record header.
struct x509_chain * x509_alloc_chain(void)
Allocate X.509 certificate chain.
static void x509_root_put(struct x509_root *root)
Drop reference to X.509 root certificate list.
#define EINVAL_HELLO_DONE
struct x509_root * root
Root of trust.
unsigned long long uint64_t
struct io_buffer * xfer_alloc_iob(struct interface *intf, size_t len)
Allocate I/O buffer.
struct pubkey_algorithm pubkey_null
static void tls_hmac_update_va(struct digest_algorithm *digest, void *digest_ctx, va_list args)
Update HMAC with a list of ( data, len ) pairs.
static struct interface_operation tls_validator_ops[]
TLS certificate validator interface operations.
#define va_copy(dest, src)
#define TLS_SERVER_HELLO_DONE
#define PROC_DESC_ONCE(object_type, process, _step)
Define a process descriptor for a process that runs only once.
static void tls_close(struct tls_connection *tls, int rc)
Finish with TLS connection.
#define TLS_CERTIFICATE_REQUEST
uint8_t mac[ETH_ALEN]
MAC address.
static void md5_sha1_final(void *ctx, void *out)
Generate MD5+SHA1 digest.
struct golan_eq_context ctx
A TLS cipher specification.
static void iob_populate(struct io_buffer *iobuf, void *data, size_t len, size_t max_len)
Create a temporary I/O buffer.
#define EINVAL_CERTIFICATE
static void free_tls_session(struct refcnt *refcnt)
Free TLS session.
struct pubkey_algorithm * pubkey
Public-key encryption algorithm.
static void md5_sha1_init(void *ctx)
Initialise MD5+SHA1 algorithm.
#define list_last_entry(list, type, member)
Get the container of the last entry in a list.
void process_del(struct process *process)
Remove process from process list.
#define TLS_VERSION_TLS_1_1
TLS version 1.1.
struct md4_digest digest
Digest of data already processed.
size_t xfer_window(struct interface *intf)
Check flow control window.
u8 iv[16]
Initialization vector.
size_t ctxsize
Context size.
static void tls_hmac_final(struct tls_cipherspec *cipherspec, void *ctx, void *hmac)
Finalise HMAC.
static struct interface_descriptor tls_cipherstream_desc
TLS ciphertext stream interface descriptor.
u16 seq
802.11 Sequence Control field
A doubly-linked list entry (or list head)
#define TLS_MAX_FRAGMENT_LENGTH
Data transfer interfaces.
size_t len
Length of data.
static struct asn1_cursor * privkey_cursor(struct private_key *key)
Get private key ASN.1 cursor.
uint32_t pending
Pending events.
static struct interface_descriptor tls_validator_desc
TLS certificate validator interface descriptor.
#define EINVAL_CHANGE_CIPHER
#define list_empty(list)
Test whether a list is empty.
struct pubkey_algorithm * pubkey
Public-key algorithm (if applicable)
#define cipher_encrypt(cipher, ctx, src, dst, len)
#define list_first_entry(list, type, member)
Get the container of the first entry in a list.
enum tls_rx_state rx_state
RX state.
static size_t pubkey_max_len(struct pubkey_algorithm *pubkey, void *ctx)
#define list_del(list)
Delete an entry from a list.
size_t blocksize
Block size.
static int tls_new_hello_request(struct tls_connection *tls, const void *data __unused, size_t len __unused)
Receive new Hello Request handshake record.
#define ENOMEM
Not enough space.
#define iob_disown(iobuf)
Disown an I/O buffer.
uint8_t * handshake_ctx
Digest algorithm context used for handshake verification.
struct tls_cipherspec tx_cipherspec
Current TX cipher specification.
void * memcpy(void *dest, const void *src, size_t len) __nonnull
u32 version
Version number.
REQUIRE_OBJECT(config_crypto)
static int tls_newdata_process_data(struct tls_connection *tls)
Handle received TLS data payload.
int create_validator(struct interface *job, struct x509_chain *chain, struct x509_root *root)
Instantiate a certificate validator.
#define TLS_TYPE_CHANGE_CIPHER
Change cipher content type.
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
#define container_of(ptr, type, field)
Get containing structure.
static struct tls_signature_hash_algorithm * tls_signature_hash_algorithm(struct pubkey_algorithm *pubkey, struct digest_algorithm *digest)
Find TLS signature and hash algorithm.
Keyed-Hashing for Message Authentication.
struct ntlm_data session
Session key.
#define TLS_RX_ALIGN
RX I/O buffer alignment.
void * new_session_ticket
New session ticket.
static int tls_progress(struct tls_connection *tls, struct job_progress *progress)
Report job progress.
static int tls_send_change_cipher(struct tls_connection *tls)
Transmit Change Cipher record.
void * cipher_ctx
Bulk encryption cipher context.
static void tls_tx_step(struct tls_connection *tls)
TLS TX state machine.
#define list_for_each_entry(pos, head, member)
Iterate over entries in a list.
#define TLS_SESSION_TICKET
static int tls_new_session_ticket(struct tls_connection *tls, const void *data, size_t len)
Receive New Session Ticket handshake record.
#define list_add_tail(new, head)
Add a new entry to the tail of a list.
struct tls_cipher_suite * suite
Cipher suite.
struct x509_chain * certs
Client certificate chain (if used)
static void tls_hmac_update(struct tls_cipherspec *cipherspec, void *ctx, const void *data, size_t len)
Update HMAC.
struct digest_algorithm * digest
MAC digest algorithm.
struct pending_operation validation
Certificate validation pending operation.
struct list_head list
List of connections within the same session.
uint32_t gmt_unix_time
GMT Unix time.
#define be16_to_cpu(value)
u32 link
Link to next descriptor.
char * strcpy(char *dest, const char *src)
Copy string.
A TLS signature algorithm.
static int is_pending(struct pending_operation *pending)
Check if an operation is pending.
static struct x509_root * x509_root_get(struct x509_root *root)
Get reference to X.509 root certificate list.
uint8_t master_secret[48]
Master secret.
struct list_head list
List of sessions.
#define TLS_ALERT_WARNING
#define ENOMEM_TX_CIPHERTEXT
static int tls_send_client_key_exchange(struct tls_connection *tls)
Transmit Client Key Exchange record.
#define TLS_RX_BUFSIZE
RX I/O buffer size.
#define list_for_each_entry_safe(pos, tmp, head, member)
Iterate over entries in a list, safe against deletion of the current entry.
#define cpu_to_le32(value)
static struct digest_algorithm md5_sha1_algorithm
Hybrid MD5+SHA1 digest algorithm.
pseudo_bit_t value[0x00020]
struct x509_public_key public_key
Public key information.
void process_add(struct process *process)
Add process to process list.
#define ENOTCONN
The socket is not connected.
static void digest_init(struct digest_algorithm *digest, void *ctx)
struct io_buffer * iob_concatenate(struct list_head *list)
Concatenate I/O buffers into a single buffer.
An object interface descriptor.
#define TLS_NUM_SIG_HASH_ALGORITHMS
Number of supported signature and hash algorithms.
#define TLS_HELLO_REQUEST
#define iob_unput(iobuf, len)
A link in an X.509 certificate chain.
static struct x509_certificate * x509_last(struct x509_chain *chain)
Get last certificate in X.509 certificate chain.
static int tls_send_plaintext(struct tls_connection *tls, unsigned int type, const void *data, size_t len)
Send plaintext record.
struct tls_client_random client_random
Client random bytes.
char * strerror(int errno)
Retrieve string representation of error number.
uint16_t key_len
Key length.
static void(* free)(struct refcnt *refcnt))
struct interface cipherstream
Ciphertext stream.
void * zalloc(size_t size)
Allocate cleared memory.
static int tls_new_finished(struct tls_connection *tls, const void *data, size_t len)
Receive new Finished handshake record.
struct x509_subject subject
Subject.
#define ref_get(refcnt)
Get additional reference to object.
struct digest_algorithm digest_null
static size_t iob_len(struct io_buffer *iobuf)
Calculate length of data in an I/O buffer.
static struct interface_operation tls_cipherstream_ops[]
TLS ciphertext stream interface operations.
#define INTF_OP(op_type, object_type, op_func)
Define an object interface operation.
static int tls_new_server_hello(struct tls_connection *tls, const void *data, size_t len)
Receive new Server Hello handshake record.
#define for_each_table_entry(pointer, table)
Iterate through all entries within a linker table.
long int random(void)
Generate a pseudo-random number between 0 and 2147483647L or 2147483562?
void * pubkey_ctx
Public key encryption context.
static size_t iob_tailroom(struct io_buffer *iobuf)
Calculate available space at end of an I/O buffer.
int xfer_deliver(struct interface *intf, struct io_buffer *iobuf, struct xfer_metadata *meta)
Deliver datagram.
size_t strlen(const char *src)
Get length of string.
An RSA digestInfo prefix.
Data transfer interface opening.
#define EPERM_RENEG_VERIFY
size_t(* max_len)(void *ctx)
Calculate maximum output length.
#define TLS_SIG_HASH_ALGORITHMS
TLS signature hash algorithm table.
REQUIRING_SYMBOL(add_tls)
struct private_key * key
Private key.
uint16_t hello
Hello time.
static int tls_change_cipher(struct tls_connection *tls, struct tls_cipherspec *pending, struct tls_cipherspec *active)
Activate next cipher suite.
static void process_init_stopped(struct process *process, struct process_descriptor *desc, struct refcnt *refcnt)
Initialise process without adding to process list.
u32 lifetime
For Lifetime-type KDEs, the lifetime in seconds.
static int is_stream_cipher(struct cipher_algorithm *cipher)
size_t ctxsize
Context size.
#define cipher_decrypt(cipher, ctx, src, dst, len)
struct tls_cipherspec rx_cipherspec
Current RX cipher specification.
void * malloc(size_t size)
Allocate memory.
static int tls_plainstream_deliver(struct tls_connection *tls, struct io_buffer *iobuf, struct xfer_metadata *meta __unused)
Deliver datagram as raw data.
static int tls_new_certificate_request(struct tls_connection *tls, const void *data __unused, size_t len __unused)
Receive new Certificate Request handshake record.
#define TLS_RX_MIN_BUFSIZE
Minimum RX I/O buffer size.
struct cipher_algorithm cipher_null
static void tls_prf(struct tls_connection *tls, void *secret, size_t secret_len, void *out, size_t out_len,...)
Generate secure pseudo-random data.
Cryptographic configuration.
struct tls_signature_hash_id code
Numeric code.
#define TLS_NEW_SESSION_TICKET
uint16_t ext
Extended status.
struct tls_cipherspec tx_cipherspec_pending
Next TX cipher specification.
static void tls_hmac_init(struct tls_cipherspec *cipherspec, void *ctx, uint64_t seq, struct tls_header *tlshdr)
Initialise HMAC.
struct tls_pre_master_secret pre_master_secret
Premaster secret.
static int tls_split_block(struct tls_connection *tls, struct list_head *rx_data, void **mac)
Split block-ciphered record into data and MAC portions.
#define TLS_SERVER_NAME_HOST_NAME
uint8_t client[12]
Client verification data.
struct pending_operation server_negotiation
Server security negotiation pending operation.
static void * tls_assemble_block(struct tls_connection *tls, const void *data, size_t len, void *digest, size_t *plaintext_len)
Allocate and assemble block-ciphered record from data and MAC portions.
An X.509 root certificate list.
#define __unused
Declare a variable or data structure as unused.
uint8_t random[46]
Random data.
#define TLS_TYPE_HANDSHAKE
Handshake content type.
struct list_head rx_data
List of received data buffers.
unsigned int tx_pending
TX pending transmissions.
RSA public-key cryptography.
static struct interface_descriptor tls_plainstream_desc
TLS plaintext stream interface descriptor.
#define iob_reserve(iobuf, len)
static int tls_generate_keys(struct tls_connection *tls)
Generate key material.
void intf_insert(struct interface *intf, struct interface *upper, struct interface *lower)
Insert a filter interface.
#define INIT_LIST_HEAD(list)
Initialise a list head.
#define INTF_DESC(object_type, intf, operations)
Define an object interface descriptor.
const char * x509_name(struct x509_certificate *cert)
Get X.509 certificate display name.
static int tls_version(struct tls_connection *tls, unsigned int version)
Check for TLS version.
static int tls_send_certificate_verify(struct tls_connection *tls)
Transmit Certificate Verify record.
#define EPERM_RENEG_INSECURE
struct digest_algorithm * handshake_digest
Digest algorithm used for handshake verification.
uint8_t random[28]
Random data.
struct digest_algorithm sha256_algorithm
SHA-256 algorithm.
#define ENOMEM_TX_PLAINTEXT
struct list_head list
List of which this buffer is a member.
uint8_t code
Response code.
static int tls_parse_chain(struct tls_connection *tls, const void *data, size_t len)
Parse certificate chain.
struct interface validator
Certificate validator.
uint8_t unused[32]
Unused.
int x509_auto_append(struct x509_chain *chain, struct x509_chain *certs)
Append X.509 certificates to X.509 certificate chain.
static struct process_descriptor tls_process_desc
TLS TX process descriptor.
#define __malloc
Declare a pointer returned by a function as a unique memory address as returned by malloc-type functi...
uint8_t handshake_sha256_ctx[SHA256_CTX_SIZE]
SHA256 context for handshake verification.
__builtin_va_list va_list
int strcmp(const char *first, const char *second)
Compare strings.
size_t digestsize
Digest size.
void hmac_init(struct digest_algorithm *digest, void *digest_ctx, void *key, size_t *key_len)
Initialise HMAC.
const char * name
Algorithm name.
uint8_t sha1[SHA1_CTX_SIZE]
SHA-1 context.
static void x509_put(struct x509_certificate *cert)
Drop reference to X.509 certificate.
void * data
Start of data.
static void alert(const char *fmt,...)
Print alert message.
static int tls_split_stream(struct tls_connection *tls, struct list_head *rx_data, void **mac)
Split stream-ciphered record into data and MAC portions.
static struct x509_certificate * x509_first(struct x509_chain *chain)
Get first certificate in X.509 certificate chain.
static int pubkey_sign(struct pubkey_algorithm *pubkey, void *ctx, struct digest_algorithm *digest, const void *value, void *signature)
struct tls_cipherspec rx_cipherspec_pending
Next RX cipher specification.
int job_progress(struct interface *intf, struct job_progress *progress)
Get job progress.
#define ENOMEM_CERTIFICATE
A message digest algorithm.
uint16_t version
Protocol version.
#define cpu_to_be64(value)
uint8_t server[12]
Server verification data.
struct digest_algorithm * digest
Digest algorithm.
static void tls_clear_cipher(struct tls_connection *tls, struct tls_cipherspec *cipherspec)
static int pubkey_encrypt(struct pubkey_algorithm *pubkey, void *ctx, const void *data, size_t len, void *out)
static int tls_send_handshake(struct tls_connection *tls, void *data, size_t len)
Transmit Handshake record.
static void pubkey_final(struct pubkey_algorithm *pubkey, void *ctx)
uint8_t md5[MD5_CTX_SIZE]
MD5 context.
#define INTF_DESC_PASSTHRU(object_type, intf, operations, passthru)
Define an object interface descriptor with pass-through interface.
static void tls_add_handshake(struct tls_connection *tls, const void *data, size_t len)
Add handshake record to verification hash.
static void tls_set_uint24(tls24_t *field24, unsigned long value)
Set 24-bit field value.
static int tls_new_record(struct tls_connection *tls, unsigned int type, struct list_head *rx_data)
Receive new record.
struct cipher_algorithm * cipher
Bulk encryption cipher algorithm.
static void *__malloc tls_assemble_stream(struct tls_connection *tls, const void *data, size_t len, void *digest, size_t *plaintext_len)
Allocate and assemble stream-ciphered record from data and MAC portions.
struct list_head conn
List of connections.
static size_t tls_cipherstream_window(struct tls_connection *tls)
Check flow control window.
int secure_renegotiation
Secure renegotiation flag.
static int tls_send_finished(struct tls_connection *tls)
Transmit Finished record.
typeof(acpi_finder=acpi_find)
ACPI table finder.
static int tls_new_certificate(struct tls_connection *tls, const void *data, size_t len)
Receive new Certificate handshake record.
struct pubkey_algorithm * pubkey
Public-key algorithm.
static int tls_session(struct tls_connection *tls, const char *name)
Find or create session for TLS connection.
void * dynamic
Dynamically-allocated storage.
static void tls_hmac(struct tls_cipherspec *cipherspec, uint64_t seq, struct tls_header *tlshdr, const void *data, size_t len, void *hmac)
Calculate HMAC.
struct arbelprm_port_state_change_st data
Message.
static void hmac_update(struct digest_algorithm *digest, void *digest_ctx, const void *data, size_t len)
Update HMAC.
static int tls_send_client_hello(struct tls_connection *tls)
Transmit Client Hello record.
#define va_start(ap, last)
static int tls_generate_random(struct tls_connection *tls, void *data, size_t len)
Generate random data.
struct rsa_digestinfo_prefix rsa_md5_sha1_prefix __rsa_digestinfo_prefix
RSA digestInfo prefix for MD5+SHA1 algorithm.
#define EINVAL_CERTIFICATES
struct asn1_cursor raw
Raw certificate.
#define TLS_MAX_FRAGMENT_LENGTH_4096
static int tls_new_handshake(struct tls_connection *tls, const void *data, size_t len)
Receive new Handshake record.
static int tls_ready(struct tls_connection *tls)
Determine if TLS connection is ready for application data.
const char * name
Server name.
A TLS signature and hash algorithm identifier.
static void intf_init(struct interface *intf, struct interface_descriptor *desc, struct refcnt *refcnt)
Initialise an object interface.
const char * name
Algorithm name.
#define TLS_CERTIFICATE_VERIFY
#define TLS_TYPE_DATA
Application data content type.
static void tls_generate_master_secret(struct tls_connection *tls)
Generate master secret.
size_t session_id_len
Length of session ID.
#define TLS_TYPE_ALERT
Alert content type.
struct interface plainstream
Plaintext stream.
#define TLS_VERSION_MIN
Minimum TLS version.
uint64_t time
Current time.
int memcmp(const void *first, const void *second, size_t len)
Compare memory regions.
static int tls_set_cipher(struct tls_connection *tls, struct tls_cipherspec *cipherspec, struct tls_cipher_suite *suite)
Set cipher suite.
#define NULL
NULL pointer (VOID *)
static int tls_new_change_cipher(struct tls_connection *tls, const void *data, size_t len)
Receive new Change Cipher record.
#define tls_prf_label(tls, secret, secret_len, out, out_len, label,...)
Generate secure pseudo-random data.
#define TLS_CIPHER_SUITES
TLS cipher suite table.
#define TLS_CLIENT_KEY_EXCHANGE
void pending_get(struct pending_operation *pending)
Mark an operation as pending.
struct bofm_section_header done
static int tls_new_server_hello_done(struct tls_connection *tls, const void *data, size_t len)
Receive new Server Hello Done handshake record.
int add_tls(struct interface *xfer, const char *name, struct x509_root *root, struct private_key *key)
Add TLS on an interface.
static void md5_sha1_update(void *ctx, const void *data, size_t len)
Accumulate data with MD5+SHA1 algorithm.
#define TLS_SIGNATURE_ALGORITHMS
const char * name
Algorithm name.
struct digest_algorithm md5_algorithm
MD5 algorithm.
static int cipher_setkey(struct cipher_algorithm *cipher, void *ctx, const void *key, size_t keylen)
static size_t tls_plainstream_window(struct tls_connection *tls)
Check flow control window.
#define ref_put(refcnt)
Drop reference to object.
static void cipher_setiv(struct cipher_algorithm *cipher, void *ctx, const void *iv)
uint16_t code
Numeric code (in network-endian order)
struct digest_algorithm sha1_algorithm
SHA-1 algorithm.
static void tls_p_hash_va(struct tls_connection *tls, struct digest_algorithm *digest, void *secret, size_t secret_len, void *out, size_t out_len, va_list seeds)
Generate secure pseudo-random data using a single hash function.
static int pubkey_init(struct pubkey_algorithm *pubkey, void *ctx, const void *key, size_t key_len)
void * mac_secret
MAC secret.
uint64_t tx_seq
TX sequence number.
static int tls_new_alert(struct tls_connection *tls, const void *data, size_t len)
Receive new Alert record.
void * memset(void *dest, int character, size_t len) __nonnull
uint16_t version
TLS version.
void * cipher_next_ctx
Next bulk encryption cipher context (TX only)