📄 wtlsdef.h
字号:
/*
* Copyright (C) Ericsson Mobile Communications AB, 2000.
* Licensed to AU-System AB.
* All rights reserved.
*
* This software is covered by the license agreement between
* the end user and AU-System AB, and may be used and copied
* only in accordance with the terms of the said agreement.
*
* Neither Ericsson Mobile Communications AB nor AU-System AB
* assumes any responsibility or liability for any errors or inaccuracies in
* this software, or any consequential, incidental or indirect damage arising
* out of the use of the Generic WAP Client software.
*/
/*
* wtlsdef.h
*
* Created by Anders Edenbrandt, Thu Jun 01 11:37:33 2000.
*
* Revision history:
* 001012, AED: Moved some constant declarations to WTLScon.h
*
*/
#ifndef _wtlsdef_h
#define _wtlsdef_h
#include "tapicmmn.h"
#include "wiptrgt.h"
#include "ml_typw.h"
#include "ctypes.h"
#include "errcodes.h"
#include "wapcvt.h"
#include "pdubuf.h"
#include "buffmgt.h"
#include "glbldecl.h"
#include "wdp_ul.h"
#include "aapicrpt.h"
#include "wtlscon.h"
/*
* Macron to select the correct MAC algorithm.
*/
#define WTLS_MAC(alg, bearer, n) WTLS_MAC_ ## alg ## _ ## bearer ## _ ## n
/*
* The largest protocol version that we support.
* Currently, 1 is the only possible value.
*/
#define WTLS_PROTOCOL_VERSION 1
/*
* Return codes
*/
#define RET_OK 0
#define RET_ERR_FATAL ALERT_LEVEL_FATAL
#define RET_ERR_CRITICAL ALERT_LEVEL_CRITICAL
#define RET_ERR_WARNING ALERT_LEVEL_WARNING
#define RET_FULL 10
#define RET_ABBR 11
#define RET_QUEUE_EMPTY 12
#define RET_DUPLICATE_FINISHED 13
#define RET_HELLO_REQUEST 14
#define RET_ALERT 15
#define RET_VERIFY_CERT 17
#define RET_KEY_EXCH 18
#define RET_EXPORTABLE 19
#define RET_KEY_REFRESH 20
#define RET_ENCRYPT_RECORD 21
#define RET_NEXT_MESSAGE 22
#define RET_DECRYPTION_FAILED 23
#define RET_SEND_MSG 24
#define RET_TIME_REQUIRED 25
#define RET_GET_CERT 26
#define RET_SHARED_SECRET 27
#define RET_USING_CURRENT_SESSION 28
#define RET_NO_PEER 29
/*
* The different levels of severity of alert messages.
* Defined in section 10.2 in the WTLS specification.
*/
#define ALERT_LEVEL_WARNING 1
#define ALERT_LEVEL_CRITICAL 2
#define ALERT_LEVEL_FATAL 3
/*
* All the different descriptions of alert messages.
* Defined in section 10.2 in the WTLS specification.
*/
#define ALERT_DESC_CONNECTION_CLOSE_NOTIFY 0
#define ALERT_DESC_SESSION_CLOSE_NOTIFY 1
#define ALERT_DESC_NO_CONNECTION 5
#define ALERT_DESC_UNEXPECTED_MESSAGE 10
#define ALERT_DESC_TIME_REQUIRED 11
#define ALERT_DESC_BAD_RECORD_MAC 20
#define ALERT_DESC_DECRYPTION_FAILED 21
#define ALERT_DESC_RECORD_OVERFLOW 22
#define ALERT_DESC_DECOMPRESSION_FAILURE 30
#define ALERT_DESC_HANDSHAKE_FAILURE 40
#define ALERT_DESC_BAD_CERTIFICATE 42
#define ALERT_DESC_UNSUPPORTED_CERTIFICATE 43
#define ALERT_DESC_CERTIFICATE_REVOKED 44
#define ALERT_DESC_CERTIFICATE_EXPIRED 45
#define ALERT_DESC_CERTIFICATE_UNKNOWN 46
#define ALERT_DESC_ILLEGAL_PARAMETER 47
#define ALERT_DESC_UNKNOWN_CA 48
#define ALERT_DESC_ACCESS_DENIED 49
#define ALERT_DESC_DECODE_ERROR 50
#define ALERT_DESC_DECRYPT_ERROR 51
#define ALERT_DESC_UNKNOWN_KEY_ID 52
#define ALERT_DESC_DISABLED_KEY_ID 53
#define ALERT_DESC_KEY_EXCHANGE_DISABLED 54
#define ALERT_DESC_SESSION_NOT_READY 55
#define ALERT_DESC_UNKNOWN_PARAMETER_INDEX 56
#define ALERT_DESC_DUPLICATE_FINISHED_RECEIVED 57
#define ALERT_DESC_EXPORT_RESTRICTION 60
#define ALERT_DESC_PROTOCOL_VERSION 70
#define ALERT_DESC_INSUFFICIENT_SECURITY 71
#define ALERT_DESC_INTERNAL_ERROR 80
#define ALERT_DESC_USER_CANCELED 90
#define ALERT_DESC_NO_RENEGOTIATION 100
/*
* The Alert messsage data type.
* Defined in section 10.2 in the WTLS specification.
*/
typedef struct {
UINT8 level;
UINT8 description;
UINT32 checksum;
} wtls_alert_t;
typedef struct {
UINT8 length;
BYTE id[8];
} wtls_session_id;
typedef BYTE wtls_random_t[16];
/*
* The Record data structure.
*/
#define CONTENT_TYPE_EMPTY 0
#define CONTENT_TYPE_CCS 1
#define CONTENT_TYPE_ALERT 2
#define CONTENT_TYPE_HANDSHAKE 3
#define CONTENT_TYPE_DATA 4
#define CONTENT_TYPE_HELLO_REQUEST 10
#define CONTENT_TYPE_ERROR 15
/* The bit fields in the record type byte: */
#define RECTYPE_CONTENT_TYPE 0x0f
#define RECTYPE_USE_CS 0x20
#define RECTYPE_SEQNUM 0x40
#define RECTYPE_LENGTH_FIELD 0x80
typedef struct wtls_rec_st {
struct wtls_rec_st *next; /* Pointer to the next record */
UINT8 is_first; /* This is the first record in a SDU. */
UINT8 rec_type; /* Type byte, sent first in a record. */
UINT16 seqnum; /* Sequence number, if in use. */
UINT16 length; /* Length of fragment */
BYTE *fragment; /* Data part */
} wtls_record_t;
#define IDENTIFIER_NULL 0
#define IDENTIFIER_TEXT 1
#define IDENTIFIER_BINARY 2
#define IDENTIFIER_KEY_HASH_SHA 254
#define IDENTIFIER_X509_NAME 255
typedef struct {
UINT8 identifier_type;
union {
struct {
UINT16 character_set;
UINT8 namelen;
BYTE *name;
} text;
struct {
UINT8 idlen;
BYTE *identifier;
} binary;
struct {
BYTE *key_hash;
} key_hash_SHA;
struct {
UINT8 namelen;
BYTE *distinguished_name;
} x509_name;
} _u;
} wtls_identifier_t;
typedef UINT8 wtls_MAC_algorithm;
/* The Compression algorithms defined by WTLS. */
#define COMPRESS_NULL 0
/* Bulk encryption algorithms are either of the stream type, or of
* the block type. */
#define CIPHER_TYPE_STREAM 1
#define CIPHER_TYPE_BLOCK 2
typedef struct {
BulkCipherAlgorithm bulk_cipher_alg;
wtls_MAC_algorithm mac_alg;
} wtls_cipher_suite;
typedef struct {
KeyExchangeSuite key_exchange_suite;
ParameterSpecifier parameter_specifier;
wtls_identifier_t identifier;
} wtls_key_exchange_id;
/*
* Handshake message types.
*/
#define HANDSHK_HELLO_REQUEST 0
#define HANDSHK_CLIENT_HELLO 1
#define HANDSHK_SERVER_HELLO 2
#define HANDSHK_CERTIFICATE 11
#define HANDSHK_SERVER_KEY_EXCHANGE 12
#define HANDSHK_CERTIFICATE_REQUEST 13
#define HANDSHK_SERVER_HELLO_DONE 14
#define HANDSHK_CERTIFICATE_VERIFY 15
#define HANDSHK_CLIENT_KEY_EXCHANGE 16
#define HANDSHK_FINISHED 20
#define HANDSHK_ERROR 90
#define HANDSHK_EMPTY 99
typedef UINT8 wtls_handshake_t;
/*
* All possible handshake messages, internal representation.
*/
typedef struct {
wtls_handshake_t msg_type;
UINT16 length;
} wtls_hello_request, wtls_server_hello_done;
typedef struct {
wtls_handshake_t msg_type;
UINT16 length;
UINT8 client_version;
wtls_random_t random;
wtls_session_id session_id;
UINT16 client_key_id_len;
BYTE *client_key_ids;
UINT16 trusted_key_id_len;
BYTE *trusted_key_ids;
UINT8 cipher_suites_len;
BYTE *cipher_suites;
UINT8 num_compression_methods;
UINT8 *compression_methods;
UINT8 seqnum_mode;
UINT8 key_refresh_rate;
} wtls_client_hello;
typedef struct {
wtls_handshake_t msg_type;
UINT16 length;
UINT8 server_version;
wtls_random_t random;
wtls_session_id session_id;
UINT8 client_key_id;
wtls_cipher_suite cipher_suite;
UINT8 compression_method;
UINT8 seqnum_mode;
UINT8 key_refresh_rate;
} wtls_server_hello;
typedef struct {
wtls_handshake_t msg_type;
UINT16 length;
UINT16 buflen;
BYTE *buf;
} wtls_server_certificate, wtls_client_certificate;
typedef struct {
wtls_handshake_t msg_type;
UINT16 length;
ParameterSpecifier parameter_specifier;
PublicKey public_key;
} wtls_server_key_exchange;
typedef struct {
wtls_handshake_t msg_type;
UINT16 length;
UINT16 buflen;
BYTE *buf;
} wtls_certificate_request;
typedef struct {
wtls_handshake_t msg_type;
UINT16 length;
union {
UINT16 len16;
UINT8 len8;
} buflen;
BYTE *buf;
} wtls_client_key_exchange;
typedef struct {
wtls_handshake_t msg_type;
UINT16 length;
UINT16 siglen;
BYTE *signature;
} wtls_certificate_verify;
typedef struct {
wtls_handshake_t msg_type;
UINT16 length;
BYTE verify_data[12];
} wtls_finished;
typedef struct {
wtls_session_id session_id;
UINT8 bulk_cipher_alg;
UINT8 mac_alg;
UINT8 hash_alg;
UINT8 compression_alg;
wtls_random_t client_hello_random;
wtls_random_t server_hello_random;
UINT8 key_refresh_rate;
UINT8 seqnum_mode;
UINT8 master_secret_id;
} wtls_pending_state;
#define MAX_NUM_HANDSHAKE_MESSAGES 11
typedef struct {
BYTE *buf;
UINT16 buflen;
} wtls_handshake_msg;
#define BIT_CLIENT_HELLO 0x1
#define BIT_SERVER_HELLO 0x2
#define BIT_SERVER_CERTIFICATE 0x4
#define BIT_SERVER_KEY_EXCHANGE 0x8
#define BIT_SERVER_CERTIFICATE_REQUEST 0x10
#define BIT_SERVER_HELLO_DONE 0x20
#define BIT_CLIENT_CERTIFICATE 0x40
#define BIT_CLIENT_KEY_EXCHANGE 0x80
#define BIT_CLIENT_CERTIFICATE_VERIFY 0x100
#define BIT_CLIENT_FINISHED 0x200
#define BIT_SERVER_FINISHED 0x400
typedef struct {
wtls_pending_state pending; /* The "pending" connection state */
wtls_key_exchange_id key_exch; /* Selected key exchange method */
UINT8 need_client_key_exchange;
BYTE *key_id;
UINT16 key_idlen;
UINT8 abortable; /* Can this handshake be aborted, and the
* connection state be restored? */
/* All the messages that make up the handshake.
* Some of these will be empty */
wtls_client_hello client_hello;
wtls_server_hello server_hello;
wtls_server_certificate server_certificate;
wtls_server_key_exchange server_key_exchange;
wtls_certificate_request certificate_request;
wtls_server_hello_done server_hello_done;
wtls_client_certificate client_certificate;
wtls_client_key_exchange client_key_exchange;
wtls_certificate_verify certificate_verify;
wtls_finished client_finished;
wtls_finished server_finished;
/* To keep track of the order in which the handshake messages
* have appeared. */
wtls_handshake_msg hm[MAX_NUM_HANDSHAKE_MESSAGES];
UINT8 num_handshake_msgs;
UINT32 msgs;
} wtls_handshake_state;
typedef struct {
/* Bulk encryption */
BulkCipherAlgorithm bulk_cipher_alg;
UINT8 is_exportable;
UINT8 type;
UINT8 key_material_length;
UINT8 key_size;
UINT8 iv_size;
UINT8 block_size;
/* Secure hash */
wtls_MAC_algorithm mac_alg;
UINT8 mac_key_size;
UINT8 mac_size;
UINT8 full_mac_size;
UINT8 mac_block_size;
HashHandle hash_handle;
HashAlgorithm hash_alg;
/* Compression */
UINT8 compression_alg;
} wtls_crypto_t;
#define CONSTATE_READ 1
#define CONSTATE_WRITE 2
/* Sequence number mode: whether we use sequence numbers or not. */
#define SEQNUMMODE_OFF 0
#define SEQNUMMODE_IMPLICIT 1
#define SEQNUMMODE_EXPLICIT 2
#define MAX_SEQNUM 0xffffU /* The largest sequence number,
* being 2^16 - 1. */
/* The largest values for some parameters. Convenient if you want to
* declare static arrays for some of the cryptographic operations.
* All sizes are in bytes. */
#define MAX_KEY_SIZE 24 /* Max length of encryption keys */
#define MAX_IV_SIZE 8
#define MAX_HASH_MAC_SIZE 20
#define MAX_HASH_KEY_SIZE 20
#define MAX_HASH_BLOCK_SIZE 64
typedef struct {
wtls_session_id session_id;
BYTE mac_secret[MAX_HASH_KEY_SIZE];
BYTE encryption_key[MAX_KEY_SIZE];
BYTE iv[MAX_IV_SIZE];
wtls_random_t client_hello_random;
wtls_random_t server_hello_random;
UINT16 seqnum; /* Sequence number. */
UINT8 key_refresh_rate; /* Key refresh rate */
UINT16 last_refresh; /* Last sequence number used for key */
UINT8 use_cipher_spec; /* Are we using Cipher Spec != NULL? */
wtls_crypto_t cobj; /* Cryptographic state. */
UINT8 seqnum_mode;
UINT8 master_secret_id;
} wtls_connection_state;
/*
* This is the wtls_connection_t data structure.
* Each active instance of the WTLS_CM SDL process
* has one copy of a record of this type.
*/
typedef struct wtls_connection_st {
AddressType client_addr; /* The address quadruple. */
AddressType server_addr;
SDL_PId cm_proc; /* The Connection Manager SDL process for
* this connection */
SDL_PId rec_proc;
SDL_Natural path;
wtls_handshake_state *h_state; /* Parameters used during the handshake
* phase. The "pending state" is kept
* here. */
wtls_connection_state read; /* The "current states", one for reading */
wtls_connection_state write; /* and one for writing. */
UINT32 read_cksum; /* Alert checksum of last record recv'd */
UINT32 write_cksum[4]; /* Alert checksum of last 4 records sent */
UINT16 num_cksums; /* Number of write-checksums stored */
UINT32 mask; /* Mask indicating which sequence numbers *
* we have seen (window of size 32). */
wtls_record_t *out_records; /* Records waiting to be sent. */
} wtls_connection_t;
/*
* Conversion functions from Convert.c
*/
INT16
wtls_cvt_alert (wap_cvt_t *obj, wtls_alert_t *p);
INT16
wtls_cvt_identifier (wap_cvt_t *obj, wtls_identifier_t *p);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -