|
1 /* |
|
2 * Copyright (c) 2001-2006 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: EAP and WLAN authentication protocols. |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 #if !defined(_TLS_HANDSHAKE_MESSAGE_H_) |
|
22 #define _TLS_HANDSHAKE_MESSAGE_H_ |
|
23 |
|
24 #include "eap_tools.h" |
|
25 #include "eap_array.h" |
|
26 #include "eap_variable_data.h" |
|
27 #include "tls_handshake_header.h" |
|
28 #include "tls_peap_types.h" |
|
29 #include "abs_tls_message_hash.h" |
|
30 |
|
31 #if defined(USE_EAP_TLS_SESSION_TICKET) |
|
32 #include "tls_extension.h" |
|
33 #endif // #if defined(USE_EAP_TLS_SESSION_TICKET) |
|
34 |
|
35 |
|
36 /** @file */ |
|
37 |
|
38 //---------------------------------------------------------------------------- |
|
39 |
|
40 /// This class defines one TLS handshake message. |
|
41 /** |
|
42 * This is class of the TLS-handshake message. |
|
43 * The parse_tls_protocol_handshake() function parses each TLS-handshake message |
|
44 * and generates this object. Parse and analyse of TLS-handshake is asyncronous. |
|
45 * m_is_analysed tells this message is analysed. |
|
46 * Analysed messages are skipped during the asyncronous |
|
47 * analyse of messages. Asyncronous analyse is needed |
|
48 * because of the PKI functions are asyncronous in |
|
49 * Symbian. |
|
50 */ |
|
51 class EAP_EXPORT tls_handshake_message_c |
|
52 { |
|
53 private: |
|
54 //-------------------------------------------------- |
|
55 |
|
56 /// This is pointer to the tools class. @see abs_eap_am_tools_c. |
|
57 abs_eap_am_tools_c * const m_am_tools; |
|
58 |
|
59 /// This is pointer to interface of message HASH creation. See abs_tls_message_hash_c. |
|
60 abs_tls_message_hash_c * const m_message_hash; |
|
61 |
|
62 /// This buffer includes data of the handshake message. |
|
63 eap_variable_data_c m_tls_handshake_message_buffer; |
|
64 |
|
65 /// This The current time and date in standard UNIX 32-bit format (seconds |
|
66 /// since the midnight starting Jan 1, 1970, GMT) according to the sender's internal clock. |
|
67 eap_variable_data_c m_unix_time; |
|
68 |
|
69 /// 28 bytes generated by a secure random number generator. |
|
70 eap_variable_data_c m_random_value; |
|
71 |
|
72 /// This is variable length. If not empty, the value identifies a session between the |
|
73 /// same client and server whose security parameters the client wishes to reuse. |
|
74 eap_variable_data_c m_session_id; |
|
75 |
|
76 /// This is list of cipher suites. |
|
77 eap_array_c<u16_t> m_cipher_suites; |
|
78 |
|
79 /// This is list of compression methods. |
|
80 eap_array_c<u8_t> m_compression_methods; |
|
81 |
|
82 #if defined(USE_EAP_TLS_SESSION_TICKET) |
|
83 /// This is list of TLS extensions. |
|
84 eap_array_c<tls_extension_c> m_tls_extensions; |
|
85 #endif // #if defined(USE_EAP_TLS_SESSION_TICKET) |
|
86 |
|
87 /// This is certificate chain. |
|
88 eap_array_c<eap_variable_data_c> m_certificate_chain; |
|
89 |
|
90 /// This is list of certificaet authorities. |
|
91 eap_array_c<eap_variable_data_c> m_certificate_authorities; |
|
92 |
|
93 /// This is list of certificaet types. |
|
94 eap_array_c<u8_t> m_certificate_types; |
|
95 |
|
96 /// This is encrypted premaster secret. |
|
97 eap_variable_data_c m_encrypted_premaster_secret; |
|
98 |
|
99 /// This is ephemeral Diffie-Hellman public key. |
|
100 eap_variable_data_c m_public_dhe_key; |
|
101 |
|
102 /// This is ephemeral Diffie-Hellman prime. |
|
103 eap_variable_data_c m_dhe_prime; |
|
104 |
|
105 /// This is ephemeral Diffie-Hellman group generator. |
|
106 eap_variable_data_c m_dhe_group_generator; |
|
107 |
|
108 /// This is signed message hash. |
|
109 eap_variable_data_c m_signed_message_hash; |
|
110 |
|
111 /// This is finished data of TLS-Handshake/Finished message. |
|
112 eap_variable_data_c m_finished_data; |
|
113 |
|
114 /// This is the selected cipher suite. |
|
115 tls_cipher_suites_e m_selected_cipher_suite; |
|
116 |
|
117 /// This is the selected compression method. |
|
118 tls_compression_method_e m_selected_compression_method; |
|
119 |
|
120 /// This is handshake type. See tls_handshake_type_e. |
|
121 tls_handshake_type_e m_handshake_type; |
|
122 |
|
123 /// This flag tells this message is analysed. |
|
124 bool m_is_analysed; |
|
125 |
|
126 /// This indicates whether this object was generated successfully. |
|
127 bool m_is_valid; |
|
128 |
|
129 /// This indicates whether this object is client (true) or server (false). |
|
130 bool m_is_client; |
|
131 |
|
132 //-------------------------------------------------- |
|
133 |
|
134 /** |
|
135 * The set_is_valid() function sets the state of the object valid. |
|
136 * The creator of this object calls this function after it is initialized. |
|
137 */ |
|
138 EAP_FUNC_IMPORT void set_is_valid(); |
|
139 |
|
140 EAP_FUNC_IMPORT static eap_status_e u16_t_to_network_order( |
|
141 u16_t * const value, |
|
142 abs_eap_am_tools_c * const m_am_tools); |
|
143 |
|
144 //-------------------------------------------------- |
|
145 protected: |
|
146 //-------------------------------------------------- |
|
147 |
|
148 //-------------------------------------------------- |
|
149 public: |
|
150 //-------------------------------------------------- |
|
151 |
|
152 /** |
|
153 * The destructor of the tls_handshake_message_c class does nothing special. |
|
154 */ |
|
155 EAP_FUNC_IMPORT virtual ~tls_handshake_message_c(); |
|
156 |
|
157 /** |
|
158 * The constructor of the tls_handshake_message_c class simply initializes the attributes. |
|
159 */ |
|
160 EAP_FUNC_IMPORT tls_handshake_message_c( |
|
161 abs_eap_am_tools_c * const tools, |
|
162 abs_tls_message_hash_c * const message_hash, |
|
163 const bool is_client); |
|
164 |
|
165 /** |
|
166 * Object must indicate it's validity. |
|
167 * If object initialization fails this function must return false. |
|
168 * @return This function returns the validity of this object. |
|
169 */ |
|
170 EAP_FUNC_IMPORT bool get_is_valid(); |
|
171 |
|
172 |
|
173 /** |
|
174 * This function sets this message is analysed. |
|
175 */ |
|
176 EAP_FUNC_IMPORT void set_is_analysed(); |
|
177 |
|
178 /** |
|
179 * This function returns whether message is analysed (true) or not (false). |
|
180 */ |
|
181 EAP_FUNC_IMPORT bool get_is_analysed(); |
|
182 |
|
183 |
|
184 /** |
|
185 * This function creates data of the Handshake message to internal buffer. |
|
186 * Later this data is added to final TLS-record buffer. |
|
187 */ |
|
188 EAP_FUNC_IMPORT eap_status_e create_message_data(); |
|
189 |
|
190 |
|
191 /** |
|
192 * This function copies the appropriate fields of the TLS-handshake message. |
|
193 */ |
|
194 EAP_FUNC_IMPORT eap_status_e set_handshake_header_copy(const tls_handshake_header_c * const tls_handshake_header); |
|
195 |
|
196 |
|
197 /** |
|
198 * This function sets the type of TLS-handshake message. |
|
199 */ |
|
200 EAP_FUNC_IMPORT eap_status_e set_handshake_type(tls_handshake_type_e type); |
|
201 |
|
202 /** |
|
203 * This function returns the type of TLS-handshake message. |
|
204 */ |
|
205 EAP_FUNC_IMPORT tls_handshake_type_e get_handshake_type() const; |
|
206 |
|
207 |
|
208 /** |
|
209 * This function copies the list of the cipher suites. |
|
210 */ |
|
211 EAP_FUNC_IMPORT eap_status_e set_cipher_suites( |
|
212 EAP_TEMPLATE_CONST eap_array_c<u16_t> * const cipher_suites); |
|
213 |
|
214 /** |
|
215 * This function returns the list of the cipher suites. |
|
216 */ |
|
217 EAP_FUNC_IMPORT EAP_TEMPLATE_CONST eap_array_c<u16_t> * get_cipher_suites() EAP_TEMPLATE_CONST; |
|
218 |
|
219 |
|
220 /** |
|
221 * This function copies the list of the compression methods. |
|
222 */ |
|
223 EAP_FUNC_IMPORT eap_status_e set_compression_methods( |
|
224 EAP_TEMPLATE_CONST eap_array_c<u8_t> * const compression_methods); |
|
225 |
|
226 /** |
|
227 * This function returns the list of the compression methods. |
|
228 */ |
|
229 EAP_FUNC_IMPORT EAP_TEMPLATE_CONST eap_array_c<u8_t> * get_compression_methods() EAP_TEMPLATE_CONST; |
|
230 |
|
231 |
|
232 #if defined(USE_EAP_TLS_SESSION_TICKET) |
|
233 /** |
|
234 * This function copies the list of the TLS extensions. |
|
235 */ |
|
236 EAP_FUNC_IMPORT eap_status_e set_tls_extensions( |
|
237 EAP_TEMPLATE_CONST eap_array_c<tls_extension_c> * const compression_methods); |
|
238 #endif // #if defined(USE_EAP_TLS_SESSION_TICKET) |
|
239 |
|
240 #if defined(USE_EAP_TLS_SESSION_TICKET) |
|
241 /** |
|
242 * This function returns the list of the TLS extensions. |
|
243 */ |
|
244 EAP_FUNC_IMPORT EAP_TEMPLATE_CONST eap_array_c<tls_extension_c> * get_tls_extensions() EAP_TEMPLATE_CONST; |
|
245 #endif // #if defined(USE_EAP_TLS_SESSION_TICKET) |
|
246 |
|
247 |
|
248 /** |
|
249 * This function copies the random value. |
|
250 */ |
|
251 EAP_FUNC_IMPORT eap_status_e set_random_value( |
|
252 const eap_variable_data_c * const random_value); |
|
253 |
|
254 /** |
|
255 * This function returns the random value. |
|
256 */ |
|
257 EAP_FUNC_IMPORT const eap_variable_data_c * get_random_value() const; |
|
258 |
|
259 |
|
260 /** |
|
261 * This function copies the session id. |
|
262 */ |
|
263 EAP_FUNC_IMPORT eap_status_e set_session_id( |
|
264 const eap_variable_data_c * const session_id); |
|
265 |
|
266 /** |
|
267 * This function returns the session id. |
|
268 */ |
|
269 EAP_FUNC_IMPORT const eap_variable_data_c * get_session_id() const; |
|
270 |
|
271 |
|
272 /** |
|
273 * This function copies the certificate chain. |
|
274 */ |
|
275 EAP_FUNC_IMPORT eap_status_e set_certificate_chain( |
|
276 EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const certificate_chain); |
|
277 |
|
278 /** |
|
279 * This function returns the certificate chain. |
|
280 */ |
|
281 EAP_FUNC_IMPORT EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * get_certificate_chain() EAP_TEMPLATE_CONST; |
|
282 |
|
283 |
|
284 /** |
|
285 * This function copies the list of the certificate authorities. |
|
286 */ |
|
287 EAP_FUNC_IMPORT eap_status_e set_certificate_authorities( |
|
288 EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const certificate_authorities); |
|
289 |
|
290 /** |
|
291 * This function returns the list of the certificate authorities. |
|
292 */ |
|
293 EAP_FUNC_IMPORT EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * get_certificate_authorities() EAP_TEMPLATE_CONST; |
|
294 |
|
295 |
|
296 /** |
|
297 * This function copies the list of the certificate types. |
|
298 */ |
|
299 EAP_FUNC_IMPORT eap_status_e set_certificate_types( |
|
300 EAP_TEMPLATE_CONST eap_array_c<u8_t> * const certificate_types); |
|
301 |
|
302 /** |
|
303 * This function returns the list of the certificate types. |
|
304 */ |
|
305 EAP_FUNC_IMPORT EAP_TEMPLATE_CONST eap_array_c<u8_t> * get_certificate_types() EAP_TEMPLATE_CONST; |
|
306 |
|
307 |
|
308 /** |
|
309 * This function sets the list of the selected cipher suite. |
|
310 */ |
|
311 EAP_FUNC_IMPORT eap_status_e set_selected_cipher_suite(const tls_cipher_suites_e selected_cipher_suite); |
|
312 |
|
313 /** |
|
314 * This function returns the list of the selected cipher suite. |
|
315 */ |
|
316 EAP_FUNC_IMPORT tls_cipher_suites_e get_selected_cipher_suite() const; |
|
317 |
|
318 |
|
319 /** |
|
320 * This function sets the list of the selected compression method. |
|
321 */ |
|
322 EAP_FUNC_IMPORT eap_status_e set_selected_compression_method(const tls_compression_method_e selected_compression_method); |
|
323 |
|
324 /** |
|
325 * This function returns the list of the selected compression method. |
|
326 */ |
|
327 EAP_FUNC_IMPORT tls_compression_method_e get_selected_compression_method() const; |
|
328 |
|
329 |
|
330 /** |
|
331 * This function copies the encrypted premaster secret. |
|
332 */ |
|
333 EAP_FUNC_IMPORT eap_status_e set_encrypted_premaster_secret(const eap_variable_data_c * const encrypted_premaster_secret); |
|
334 |
|
335 /** |
|
336 * This function returns the encrypted premaster secret. |
|
337 */ |
|
338 EAP_FUNC_IMPORT const eap_variable_data_c * get_encrypted_premaster_secret() const; |
|
339 |
|
340 |
|
341 /** |
|
342 * This function copies the ephemeral Diffie-Hellman public key. |
|
343 */ |
|
344 EAP_FUNC_IMPORT eap_status_e set_public_dhe_key(const eap_variable_data_c * const public_dhe_key); |
|
345 |
|
346 /** |
|
347 * This function returns the ephemeral Diffie-Hellman public key. |
|
348 */ |
|
349 EAP_FUNC_IMPORT const eap_variable_data_c * get_public_dhe_key() const; |
|
350 |
|
351 |
|
352 /** |
|
353 * This function copies the ephemeral Diffie-Hellman prime. |
|
354 */ |
|
355 EAP_FUNC_IMPORT eap_status_e set_dhe_prime(const eap_variable_data_c * const dhe_prime); |
|
356 |
|
357 /** |
|
358 * This function returns the ephemeral Diffie-Hellman prime. |
|
359 */ |
|
360 EAP_FUNC_IMPORT const eap_variable_data_c * get_dhe_prime() const; |
|
361 |
|
362 |
|
363 /** |
|
364 * This function copies the ephemeral Diffie-Hellman group generator. |
|
365 */ |
|
366 EAP_FUNC_IMPORT eap_status_e set_dhe_group_generator(const eap_variable_data_c * const dhe_group_generator); |
|
367 |
|
368 /** |
|
369 * This function returns the ephemeral Diffie-Hellman group generator. |
|
370 */ |
|
371 EAP_FUNC_IMPORT const eap_variable_data_c * get_dhe_group_generator() const; |
|
372 |
|
373 |
|
374 /** |
|
375 * This function copies the signed message HASH. |
|
376 */ |
|
377 EAP_FUNC_IMPORT eap_status_e set_signed_message_hash(const eap_variable_data_c * const signed_message_hash); |
|
378 |
|
379 /** |
|
380 * This function returns the signed message HASH. |
|
381 */ |
|
382 EAP_FUNC_IMPORT const eap_variable_data_c * get_signed_message_hash() const; |
|
383 |
|
384 |
|
385 /** |
|
386 * This function copies the TLS-finished data. |
|
387 */ |
|
388 EAP_FUNC_IMPORT eap_status_e set_finished_data(const eap_variable_data_c * const finished_data); |
|
389 |
|
390 /** |
|
391 * This function returns the TLS-finished data. |
|
392 */ |
|
393 EAP_FUNC_IMPORT const eap_variable_data_c * get_finished_data() const; |
|
394 |
|
395 |
|
396 /** |
|
397 * This function adds data of the TLS-handshake message to tls_message_buffer. |
|
398 */ |
|
399 EAP_FUNC_IMPORT eap_status_e add_message_data( |
|
400 eap_variable_data_c * const tls_message_buffer); |
|
401 |
|
402 // |
|
403 //-------------------------------------------------- |
|
404 }; // class tls_handshake_message_c |
|
405 |
|
406 |
|
407 //-------------------------------------------------- |
|
408 |
|
409 #endif //#if !defined(_TLS_HANDSHAKE_MESSAGE_H_) |
|
410 |
|
411 |
|
412 |
|
413 // End. |