/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ /* * This file is PRIVATE to SSL. * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef __ssl3ext_h_ #define __ssl3ext_h_ typedef enum { sni_nametype_hostname } SNINameType; typedef struct TLSExtensionDataStr TLSExtensionData; /* registerable callback function that either appends extension to buffer * or returns length of data that it would have appended. */ typedef PRInt32 (*ssl3HelloExtensionSenderFunc)(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append, PRUint32 maxBytes); /* registerable callback function that handles a received extension, * of the given type. */ typedef SECStatus (*ssl3ExtensionHandlerFunc)(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data); /* row in a table of hello extension senders */ typedef struct { PRInt32 ex_type; ssl3HelloExtensionSenderFunc ex_sender; } ssl3HelloExtensionSender; /* row in a table of hello extension handlers */ typedef struct { PRInt32 ex_type; ssl3ExtensionHandlerFunc ex_handler; } ssl3ExtensionHandler; struct TLSExtensionDataStr { /* registered callbacks that send server hello extensions */ ssl3HelloExtensionSender serverHelloSenders[SSL_MAX_EXTENSIONS]; ssl3HelloExtensionSender encryptedExtensionsSenders[SSL_MAX_EXTENSIONS]; ssl3HelloExtensionSender certificateSenders[SSL_MAX_EXTENSIONS]; /* Keep track of the extensions that are negotiated. */ PRUint16 numAdvertised; PRUint16 numNegotiated; PRUint16 advertised[SSL_MAX_EXTENSIONS]; PRUint16 negotiated[SSL_MAX_EXTENSIONS]; /* Amount of padding we need to add. */ PRUint16 paddingLen; /* SessionTicket Extension related data. */ PRBool ticketTimestampVerified; PRBool emptySessionTicket; PRBool sentSessionTicketInClientHello; SECItem psk_ke_modes; PRUint32 max_early_data_size; /* SNI Extension related data * Names data is not coppied from the input buffer. It can not be * used outside the scope where input buffer is defined and that * is beyond ssl3_HandleClientHello function. */ SECItem *sniNameArr; PRUint32 sniNameArrSize; /* Signed Certificate Timestamps extracted from the TLS extension. * (client only). * This container holds a temporary pointer to the extension data, * until a session structure (the sec.ci.sid of an sslSocket) is setup * that can hold a permanent copy of the data * (in sec.ci.sid.u.ssl3.signedCertTimestamps). * The data pointed to by this structure is neither explicitly allocated * nor copied: the pointer points to the handshake message buffer and is * only valid in the scope of ssl3_HandleServerHello. */ SECItem signedCertTimestamps; PRBool peerSupportsFfdheGroups; /* if the peer supports named ffdhe groups */ /* clientSigAndHash contains the contents of the signature_algorithms * extension (if any) from the client. This is only valid for TLS 1.2 * or later. */ SSLSignatureScheme *clientSigSchemes; unsigned int numClientSigScheme; /* In a client: if the server supports Next Protocol Negotiation, then * this is the protocol that was negotiated. */ SECItem nextProto; SSLNextProtoState nextProtoState; PRUint16 dtlsSRTPCipherSuite; /* 0 if not selected */ SECItem pskBinder; /* The PSK binder for the first PSK (TLS 1.3) */ unsigned long pskBinderPrefixLen; /* The length of the binder input. */ PRCList remoteKeyShares; /* The other side's public keys (TLS 1.3) */ }; typedef struct TLSExtensionStr { PRCList link; /* The linked list link */ PRUint16 type; /* Extension type */ SECItem data; /* Pointers into the handshake data. */ } TLSExtension; SECStatus ssl3_HandleExtensions(sslSocket *ss, PRUint8 **b, PRUint32 *length, SSL3HandshakeType handshakeMessage); SECStatus ssl3_ParseExtensions(sslSocket *ss, PRUint8 **b, PRUint32 *length); SECStatus ssl3_HandleParsedExtensions(sslSocket *ss, SSL3HandshakeType handshakeMessage); TLSExtension *ssl3_FindExtension(sslSocket *ss, SSLExtensionType extension_type); void ssl3_DestroyRemoteExtensions(PRCList *list); void ssl3_InitExtensionData(TLSExtensionData *xtnData); void ssl3_ResetExtensionData(TLSExtensionData *xtnData); PRBool ssl3_ExtensionNegotiated(const sslSocket *ss, PRUint16 ex_type); PRBool ssl3_ClientExtensionAdvertised(const sslSocket *ss, PRUint16 ex_type); SECStatus ssl3_RegisterExtensionSender(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, ssl3HelloExtensionSenderFunc cb); PRInt32 ssl3_CallHelloExtensionSenders(sslSocket *ss, PRBool append, PRUint32 maxBytes, const ssl3HelloExtensionSender *sender); void ssl3_CalculatePaddingExtLen(sslSocket *ss, unsigned int clientHelloLength); /* Thunks to let us operate on const sslSocket* objects. */ SECStatus ssl3_ExtAppendHandshake(const sslSocket *ss, const void *void_src, PRInt32 bytes); SECStatus ssl3_ExtAppendHandshakeNumber(const sslSocket *ss, PRInt32 num, PRInt32 lenSize); SECStatus ssl3_ExtAppendHandshakeVariable(const sslSocket *ss, const PRUint8 *src, PRInt32 bytes, PRInt32 lenSize); void ssl3_ExtSendAlert(const sslSocket *ss, SSL3AlertLevel level, SSL3AlertDescription desc); void ssl3_ExtDecodeError(const sslSocket *ss); SECStatus ssl3_ExtConsumeHandshake(const sslSocket *ss, void *v, PRUint32 bytes, PRUint8 **b, PRUint32 *length); SECStatus ssl3_ExtConsumeHandshakeNumber(const sslSocket *ss, PRUint32 *num, PRUint32 bytes, PRUint8 **b, PRUint32 *length); SECStatus ssl3_ExtConsumeHandshakeVariable(const sslSocket *ss, SECItem *i, PRUint32 bytes, PRUint8 **b, PRUint32 *length); #endif