00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015 #ifndef TLSV1_SERVER_I_H
00016 #define TLSV1_SERVER_I_H
00017
00018 struct tlsv1_server {
00019 enum {
00020 CLIENT_HELLO, SERVER_HELLO, SERVER_CERTIFICATE,
00021 SERVER_KEY_EXCHANGE, SERVER_CERTIFICATE_REQUEST,
00022 SERVER_HELLO_DONE, CLIENT_CERTIFICATE, CLIENT_KEY_EXCHANGE,
00023 CERTIFICATE_VERIFY, CHANGE_CIPHER_SPEC, CLIENT_FINISHED,
00024 SERVER_CHANGE_CIPHER_SPEC, SERVER_FINISHED,
00025 ESTABLISHED, FAILED
00026 } state;
00027
00028 struct tlsv1_record_layer rl;
00029
00030 u8 session_id[TLS_SESSION_ID_MAX_LEN];
00031 size_t session_id_len;
00032 u8 client_random[TLS_RANDOM_LEN];
00033 u8 server_random[TLS_RANDOM_LEN];
00034 u8 master_secret[TLS_MASTER_SECRET_LEN];
00035
00036 u8 alert_level;
00037 u8 alert_description;
00038
00039 struct crypto_public_key *client_rsa_key;
00040
00041 struct tls_verify_hash verify;
00042
00043 #define MAX_CIPHER_COUNT 30
00044 u16 cipher_suites[MAX_CIPHER_COUNT];
00045 size_t num_cipher_suites;
00046
00047 u16 cipher_suite;
00048
00049 struct tlsv1_credentials *cred;
00050
00051 int verify_peer;
00052 u16 client_version;
00053
00054 u8 *session_ticket;
00055 size_t session_ticket_len;
00056
00057 tlsv1_server_session_ticket_cb session_ticket_cb;
00058 void *session_ticket_cb_ctx;
00059
00060 int use_session_ticket;
00061
00062 u8 *dh_secret;
00063 size_t dh_secret_len;
00064 };
00065
00066
00067 void tlsv1_server_alert(struct tlsv1_server *conn, u8 level, u8 description);
00068 int tlsv1_server_derive_keys(struct tlsv1_server *conn,
00069 const u8 *pre_master_secret,
00070 size_t pre_master_secret_len);
00071 u8 * tlsv1_server_handshake_write(struct tlsv1_server *conn, size_t *out_len);
00072 u8 * tlsv1_server_send_alert(struct tlsv1_server *conn, u8 level,
00073 u8 description, size_t *out_len);
00074 int tlsv1_server_process_handshake(struct tlsv1_server *conn, u8 ct,
00075 const u8 *buf, size_t *len);
00076
00077 #endif