1 // Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).

     2 // All rights reserved.

     3 // This component and the accompanying materials are made available

     4 // under the terms of "Eclipse Public License v1.0"

     5 // which accompanies this distribution, and is available

     6 // at the URL "http://www.eclipse.org/legal/epl-v10.html".

     7 //

     8 // Initial Contributors:

     9 // Nokia Corporation - initial contribution.

    10 //

    11 // Contributors:

    12 //

    13 // Description:

    14 //

    15 

    16 /**

    17  @file tlsstepbase.h

    18  @internalTechnology	

    19 */

    20 

    21 #ifndef __TLSSTEPBASE_H__

    22 #define __TLSSTEPBASE_H__

    23 

    24 #include <e32base.h>

    25 #include <testexecutestepbase.h>

    26 #include <tlstypedef.h>

    27 #include <bigint.h>

    28 #include <asymmetrickeys.h>

    29 #include <secdlgimpldefs.h>

    30 

    31 #ifdef SYMBIAN_ENABLE_SPLIT_HEADERS

    32 #include <tlstypedef_internal.h>

    33 #endif

    34 

    35 

    36 #define KNServer1  _L8("192.168.30.2") 

    37 #define KSessionId1 _L8("11111111112222222222333333333322") 

    38 

    39 _LIT(KServerRandomFile, "ServerRandomFile");

    40 _LIT(KClientRandomFile, "ClientRandomFile");

    41 _LIT(KDhParamFile, "DHParamFile");

    42 

    43 _LIT(KCipherHighByte, "CipherHighByte");

    44 _LIT(KCipherLowByte, "CipherLowByte");

    45 

    46 _LIT(KProtocolMajorVersion, "ProtocolMajorVersion");

    47 _LIT(KProtocolMinorVersion, "ProtocolMinorVersion");

    48 

    49 _LIT(KServerCert, "ServerCert");

    50 _LIT(KDomainName, "DomainName");

    51 _LIT(KServerKey, "ServerKey");

    52 

    53 _LIT(KExpectedResult, "ExpectedResult");

    54 _LIT(KExpectedCertCount, "ExpectedCertCount");

    55 

    56 _LIT8(KLocalHost, "127.0.0.1");

    57 _LIT(KServerSection,"serversection");

    58 

    59 _LIT(KUseNullCipher,"UseNullCipher");

    60 _LIT(KUsePsk,"UsePsk");

    61 _LIT(KPskKey,"PskKey");

    62 _LIT(KPskIdentity,"PskIdentity");

    63 _LIT(KSessionDelay,"SessionDelay");

    64 

    65 _LIT(KServerDNAvailable, "ServerDNAvailable");

    66 _LIT(KInputFile, "\\t_secdlg_in.dat");

    67 _LIT(KOutputFile, "\\t_secdlg_out.dat");

    68 _LIT(KYes,"Yes");

    69 _LIT(KDialogOption,"DialogOption");

    70 

    71 class CGenericActive;

    72 class CDecPKCS8Data;

    73 class CTLSProvider;

    74 class CTLSSession;

    75 class RTlsCacheClient;

    76 

    77 class CTlsStepBase : public CTestStep

    78 	{

    79 public:

    80 

    81 	void ConstructL();

    82 	inline CTLSProvider* Provider();

    83 	inline CTLSSession* Session();

    84 	inline const RArray<TTLSCipherSuite>& CipherSuites();

    85 	

    86 	inline const RInteger& Prime();

    87 	inline const RInteger& Generator();

    88 	inline const CDHKeyPair* KeyPair();

    89 	

    90 	inline HBufC8* ClientMacSecret();

    91 	inline HBufC8* ServerMacSecret();

    92 	inline HBufC8* ClientWriteSecret();

    93 	inline HBufC8* ServerWriteSecret();

    94 	inline HBufC8* ClientInitVector();

    95 	inline HBufC8* ServerInitVector();

    96 

    97 	inline TBool UseNullCipher();

    98 	// make PSK accesible.

    99 	inline HBufC8*  PskKey();

   100 	inline HBufC8*  PskIdentity();

   101 	inline TBool UsePsk();

   102 

   103 	// Test methods

   104 	

   105 	TInt ClientCertificate(CX509Certificate* aCert);

   106 	TInt ClientCertificate(HBufC8*& aCertBuf);

   107 	TInt ClientCertificate(RPointerArray<HBufC8>* aClientCertArray);

   108 	TInt CertificateVerifySignatureL(CMessageDigest* iMd5DigestInput, CMessageDigest* iShaDigestInput, HBufC8*& aOutput);

   109 

   110 	TInt GetCipherSuitesL();

   111 	TInt GetCipherSuitesWithCancelL();

   112 	TInt GetCipherSuitesL(CTLSProvider* & aTLSProviderInstance, RArray<TTLSCipherSuite> & aCipherSuites);

   113 	TInt VerifyServerCertificateL(CX509Certificate*& aCertOut);

   114 	TInt VerifyServerCertificateL(CTLSProvider* & aTLSProviderInstance, CX509Certificate*& aCertOut);

   115 	TInt VerifyServerCertificateWithCancelL(CX509Certificate*& aCertOut);

   116 	

   117 	TInt CreateSessionL();

   118 	TInt CreateSessionWithCancelL();

   119 	TInt CreateSessionL(CTLSProvider* & aTLSProviderInstance, CTLSSession* aCTLSSession);

   120 	TInt CreateSessionAddedL(TInt aHiByte,TInt aLoByte);

   121 	TInt VerifyGetSessionL(TTLSServerAddr& aServerName, TInt& aSessionIdLength);

   122 	TInt VerifyGetSessionL(CTLSProvider* & aTLSProviderInstance , TTLSServerAddr& aServerName, TInt& aSessionIdLength);

   123 	TInt ClientKeyExchange(HBufC8*& aMessageOut);

   124 	TInt ClientKeyExchange(CTLSSession* &aCTLSSession, HBufC8*& aMessageOut);

   125 	TInt ClientKeyExchangeWithCancel(HBufC8*& aMessageOut);

   126 	TInt GenerateClientFinishedL(CMessageDigest* aShaDigest, CMessageDigest* aMd5Digest, HBufC8*& aMessageOut);

   127 	TInt VerifyServerFinishedL(CMessageDigest* aShaDigest, CMessageDigest* aMd5Digest, const TDesC8& aMessage);

   128 	TInt CipherSuiteIndex(const TTLSCipherSuite& aSuite);

   129 	

   130 	TInt ClearSessionCacheL(TTLSSessionNameAndID &aSessionNameAndId);

   131 	TInt ClearSessionCacheWithCancelL(TTLSSessionNameAndID &aSessionNameAndId);

   132 	TInt ClearSessionCacheL(CTLSProvider* & aTLSProviderInstance ,TTLSSessionNameAndID &aSessionNameAndId);

   133 	void SessionCancelReq();

   134 	void ProviderCancelReq();

   135 	TInt RetrieveServerCert(CX509Certificate*& aCert);

   136 	TInt ReadPskToBeUsedL();

   137 	void ReadUseNullCipher();

   138 	TInt ReadGetSessionDelayL();

   139 	void StandardAttrInit( CTlsCryptoAttributes* tlsCryptoAttributes);

   140 	

   141 	// test computation

   142 	

   143 	HBufC8* DerivePreMasterSecretL(CTLSProvider* & aTLSProviderInstance, const TDesC8& aClientKeyExMessage);

   144 	HBufC8* DerivePreMasterSecretL(const TDesC8& aClientKeyExMessage);

   145 	HBufC8* ComputeMasterSecretL(CTLSProvider* & aTLSProviderInstance, const TDesC8& aPremasterSecret);

   146 	HBufC8* ComputeMasterSecretL(const TDesC8& aPremasterSecret);

   147 	

   148 	HBufC8* ComputeMacL(const TDesC8& aData, TInt64 aSequenceNumber, TRecordProtocol& aType, TBool aIsServerMac);

   149 	HBufC8* EncryptRecordL(const TDesC8& aData, TInt64 aSequenceNumber, TRecordProtocol& aType, TBool aIsServerCrypt);

   150 	HBufC8* ComputeFinishedMessageL(CMessageDigest* aShaDigest, CMessageDigest* aMd5Digest,

   151 	const TDesC8& aMasterSecret, TBool aClientFinished);

   152 

   153 	HBufC8* ComputeTlsMasterSecretL(const TDesC8& aPremasterSecret);

   154 	HBufC8* ComputeSslMasterSecretL(const TDesC8& aPremasterSecret);

   155 	

   156 	TInt SessionServerCertificate(CX509Certificate*& aCertOut);

   157 	TInt SessionServerCertificateWithCancel(CX509Certificate*& aCertOut);

   158 	

   159 	// INI read methods

   160 	

   161 	void DeleteSecureDialogFilesL();

   162 	void SetDialogRecordL(RFileWriteStream& aStream, TSecurityDialogOperation aOp, const TDesC& aLabelSpec, 

   163 			              const TDesC& aResponse1, const TDesC& aResponse2);

   164 

   165 	HBufC8* ServerRandomL();

   166 	HBufC8* ClientRandomL();

   167 	void ReadDHParamsL();

   168 	

   169 	TTLSCipherSuite CipherSuiteL();

   170 	TTLSProtocolVersion ProtocolVersionL();

   171 	TTLSSessionId SessionId();

   172 	

   173 	HBufC8* ServerCertificateL();

   174 	TPtrC DomainNameL();

   175 	CDecPKCS8Data* ServerPrivateKeyL();

   176 	

   177 	// secure dialog clean up.

   178 	

   179 	

   180 	~CTlsStepBase();

   181 

   182 	// PSK related 

   183  	TBool GetKeyFromConfigL(const TDesC& aSectName, const TDesC16& aIniValueName, TPtrC8 & aResult);

   184 	HBufC8* StringToHexLC(const TDes8 &aString);

   185 

   186 	TBool iUsePsk; 

   187 	HBufC8* iPskKey;

   188 	HBufC8* iPskIdentity;

   189 

   190 	// null cipher setting related

   191 	TBool iUseNullCipher;

   192 

   193 private:

   194 	HBufC8* ReadRandomL(const TDesC& aTag);

   195 	

   196 	

   197 	

   198 	void ComputeTlsCipherKeysL(const TDesC8& aMasterSecret, const TDesC8& aRandom);

   199 	void ComputeSslCipherKeysL(const TDesC8& aMasterSecret, const TDesC8& aRandom);

   200 	

   201 	HBufC8* ComputeTlsMacL(const TDesC8& aData, TInt64 aSequenceNumber, TRecordProtocol& aType, TBool aIsServerMac);

   202 	HBufC8* ComputeSslMacL(const TDesC8& aData, TInt64 aSequenceNumber, TRecordProtocol& aType, TBool aIsServerMac);

   203 	

   204 	HBufC8* ComputeTlsFinishedL(CMessageDigest* aShaDigest, CMessageDigest* aMd5Digest,

   205 		const TDesC8& aMasterSecret, TBool aClientFinished);

   206 	HBufC8* ComputeSslFinishedL(CMessageDigest* aShaDigest, CMessageDigest* aMd5Digest,

   207 		const TDesC8& aMasterSecret, TBool aClientFinished);

   208 	

   209 private:

   210 	CGenericActive* iActive;

   211 	CActiveScheduler* iSched;

   212 	

   213 	CTLSProvider* iProvider;

   214 	CTLSSession* iSession;

   215 	

   216 	RArray<TTLSCipherSuite> iSuites;

   217 	

   218 	// DH key if required...

   219 	RInteger iPrime;

   220 	RInteger iGenerator;

   221 	CDHKeyPair* iKeyPair;

   222 	

   223 	// bulk cipher key params

   224 	HBufC8* iClientMacSecret;

   225 	HBufC8* iServerMacSecret;

   226 	

   227 	HBufC8* iClientWriteSecret;

   228 	HBufC8* iServerWriteSecret;

   229 	

   230 	HBufC8* iClientInitVector;

   231 	HBufC8* iServerInitVector;

   232 		

   233 	};

   234 

   235 inline CTLSProvider* CTlsStepBase::Provider()

   236 	{

   237 	return iProvider;

   238 	}

   239 	

   240 inline CTLSSession* CTlsStepBase::Session()

   241 	{

   242 	return iSession;

   243 	}

   244 

   245 inline const RArray<TTLSCipherSuite>& CTlsStepBase::CipherSuites()

   246 	{

   247 	return iSuites;

   248 	}

   249 

   250 inline const RInteger& CTlsStepBase::Prime()

   251 	{

   252 	return iPrime;

   253 	}

   254 

   255 inline const RInteger& CTlsStepBase::Generator()

   256 	{

   257 	return iGenerator;

   258 	}

   259 

   260 inline const CDHKeyPair* CTlsStepBase::KeyPair()

   261 	{

   262 	return iKeyPair;

   263 	}

   264 

   265 inline HBufC8* CTlsStepBase::ClientMacSecret()

   266 	{

   267 	return iClientMacSecret;

   268 	}

   269 	

   270 inline HBufC8* CTlsStepBase::ServerMacSecret()

   271 	{

   272 	return iServerMacSecret;

   273 	}

   274 	

   275 inline HBufC8* CTlsStepBase::ClientWriteSecret()

   276 	{

   277 	return iClientWriteSecret;

   278 	}

   279 	

   280 inline HBufC8* CTlsStepBase::ServerWriteSecret()

   281 	{

   282 	return iServerWriteSecret;

   283 	}

   284 	

   285 inline HBufC8* CTlsStepBase::ClientInitVector()

   286 	{

   287 	return iClientInitVector;

   288 	}

   289 	

   290 inline HBufC8* CTlsStepBase::ServerInitVector()

   291 	{

   292 	return iServerInitVector;

   293 	}

   294 

   295 inline TBool CTlsStepBase::UseNullCipher()

   296 	{

   297 	return iUseNullCipher;

   298 	}

   299 

   300 inline HBufC8* CTlsStepBase::PskKey()

   301 	{

   302 	return iPskKey;

   303 	}

   304 	

   305 inline HBufC8* CTlsStepBase::PskIdentity()

   306 	{

   307 	return iPskIdentity;

   308 	}

   309 

   310 inline TBool CTlsStepBase::UsePsk()

   311 	{

   312 	return iUsePsk;

   313 	}

   314 

   315 

   316 #endif /* __TLSSTEPBASE_H__ */