path: root/extra/yassl/include/yassl_imp.hpp
diff options
Diffstat (limited to 'extra/yassl/include/yassl_imp.hpp')
1 files changed, 0 insertions, 748 deletions
diff --git a/extra/yassl/include/yassl_imp.hpp b/extra/yassl/include/yassl_imp.hpp
deleted file mode 100644
index fbd2ebb93a7..00000000000
--- a/extra/yassl/include/yassl_imp.hpp
+++ /dev/null
@@ -1,748 +0,0 @@
- Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
- MA 02110-1335 USA.
-/* yaSSL implementation header defines all strucutres from the SSL.v3
- * specification "draft-freier-ssl-version3-02.txt"
- * all page citations refer to this document unless otherwise noted.
- */
-#ifndef yaSSL_IMP_HPP
-#define yaSSL_IMP_HPP
-#ifdef _MSC_VER
- // disable truncated debug symbols
- #pragma warning(disable:4786)
-#include "yassl_types.hpp"
-#include "factory.hpp"
-#include STL_LIST_FILE
-namespace STL = STL_NAMESPACE;
-namespace yaSSL {
-class SSL; // forward decls
-class input_buffer;
-class output_buffer;
-struct ProtocolVersion {
- uint8 major_;
- uint8 minor_; // major and minor SSL/TLS version numbers
- ProtocolVersion(uint8 maj = 3, uint8 min = 0);
-// Record Layer Header for PlainText, Compressed, and CipherText
-struct RecordLayerHeader {
- ContentType type_;
- ProtocolVersion version_;
- uint16 length_; // should not exceed 2^14
-// base for all messages
-struct Message : public virtual_base {
- virtual input_buffer& set(input_buffer&) =0;
- virtual output_buffer& get(output_buffer&) const =0;
- virtual void Process(input_buffer&, SSL&) =0;
- virtual ContentType get_type() const =0;
- virtual uint16 get_length() const =0;
- virtual ~Message() {}
-class ChangeCipherSpec : public Message {
- CipherChoice type_;
- ChangeCipherSpec();
- friend input_buffer& operator>>(input_buffer&, ChangeCipherSpec&);
- friend output_buffer& operator<<(output_buffer&, const ChangeCipherSpec&);
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- ContentType get_type() const;
- uint16 get_length() const;
- void Process(input_buffer&, SSL&);
- ChangeCipherSpec(const ChangeCipherSpec&); // hide copy
- ChangeCipherSpec& operator=(const ChangeCipherSpec&); // and assign
-class Alert : public Message {
- AlertLevel level_;
- AlertDescription description_;
- Alert() {}
- Alert(AlertLevel al, AlertDescription ad);
- ContentType get_type() const;
- uint16 get_length() const;
- void Process(input_buffer&, SSL&);
- friend input_buffer& operator>>(input_buffer&, Alert&);
- friend output_buffer& operator<<(output_buffer&, const Alert&);
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- Alert(const Alert&); // hide copy
- Alert& operator=(const Alert&); // and assign
-class Data : public Message {
- uint16 length_;
- opaque* buffer_; // read buffer used by fillData input
- const opaque* write_buffer_; // write buffer used by output operator
- Data();
- Data(uint16 len, opaque* b);
- friend output_buffer& operator<<(output_buffer&, const Data&);
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- ContentType get_type() const;
- uint16 get_length() const;
- void set_length(uint16 l);
- opaque* set_buffer();
- void SetData(uint16, const opaque*);
- void Process(input_buffer&, SSL&);
- Data(const Data&); // hide copy
- Data& operator=(const Data&); // and assign
-uint32 c24to32(const uint24); // forward form internal header
-void c32to24(uint32, uint24&);
-// HandShake header, same for each message type from page 20/21
-class HandShakeHeader : public Message {
- HandShakeType type_;
- uint24 length_; // length of message
- HandShakeHeader() {}
- ContentType get_type() const;
- uint16 get_length() const;
- HandShakeType get_handshakeType() const;
- void Process(input_buffer&, SSL&);
- void set_type(HandShakeType hst);
- void set_length(uint32 u32);
- friend input_buffer& operator>>(input_buffer&, HandShakeHeader&);
- friend output_buffer& operator<<(output_buffer&, const HandShakeHeader&);
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- HandShakeHeader(const HandShakeHeader&); // hide copy
- HandShakeHeader& operator=(const HandShakeHeader&); // and assign
-// Base Class for all handshake messages
-class HandShakeBase : public virtual_base {
- int length_;
- int get_length() const;
- void set_length(int);
- // for building buffer's type field
- virtual HandShakeType get_type() const =0;
- // handles dispactch of proper >>
- virtual input_buffer& set(input_buffer& in) =0;
- virtual output_buffer& get(output_buffer& out) const =0;
- virtual void Process(input_buffer&, SSL&) =0;
- virtual ~HandShakeBase() {}
-struct HelloRequest : public HandShakeBase {
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- void Process(input_buffer&, SSL&);
- HandShakeType get_type() const;
-// The Client's Hello Message from page 23
-class ClientHello : public HandShakeBase {
- ProtocolVersion client_version_;
- Random random_;
- uint8 id_len_; // session id length
- opaque session_id_[ID_LEN];
- uint16 suite_len_; // cipher suite length
- opaque cipher_suites_[MAX_SUITE_SZ];
- uint8 comp_len_; // compression length
- CompressionMethod compression_methods_;
- friend input_buffer& operator>>(input_buffer&, ClientHello&);
- friend output_buffer& operator<<(output_buffer&, const ClientHello&);
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- HandShakeType get_type() const;
- void Process(input_buffer&, SSL&);
- const opaque* get_random() const;
- friend void buildClientHello(SSL&, ClientHello&);
- friend void ProcessOldClientHello(input_buffer& input, SSL& ssl);
- ClientHello();
- ClientHello(ProtocolVersion pv, bool useCompression);
- ClientHello(const ClientHello&); // hide copy
- ClientHello& operator=(const ClientHello&); // and assign
-// The Server's Hello Message from page 24
-class ServerHello : public HandShakeBase {
- ProtocolVersion server_version_;
- Random random_;
- uint8 id_len_; // session id length
- opaque session_id_[ID_LEN];
- opaque cipher_suite_[SUITE_LEN];
- CompressionMethod compression_method_;
- ServerHello(ProtocolVersion pv, bool useCompression);
- ServerHello();
- friend input_buffer& operator>>(input_buffer&, ServerHello&);
- friend output_buffer& operator<<(output_buffer&, const ServerHello&);
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- HandShakeType get_type() const;
- void Process(input_buffer&, SSL&);
- const opaque* get_random() const;
- friend void buildServerHello(SSL&, ServerHello&);
- ServerHello(const ServerHello&); // hide copy
- ServerHello& operator=(const ServerHello&); // and assign
-class x509;
-// Certificate could be a chain
-class Certificate : public HandShakeBase {
- const x509* cert_;
- Certificate();
- explicit Certificate(const x509* cert);
- friend output_buffer& operator<<(output_buffer&, const Certificate&);
- const opaque* get_buffer() const;
- // Process handles input, needs SSL
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- HandShakeType get_type() const;
- void Process(input_buffer&, SSL&);
- Certificate(const Certificate&); // hide copy
- Certificate& operator=(const Certificate&); // and assign
-// RSA Public Key
-struct ServerRSAParams {
- opaque* rsa_modulus_;
- opaque* rsa_exponent_;
-// Ephemeral Diffie-Hellman Parameters
-class ServerDHParams {
- int pSz_;
- int gSz_;
- int pubSz_;
- opaque* p_;
- opaque* g_;
- opaque* Ys_;
- ServerDHParams();
- ~ServerDHParams();
- int get_pSize() const;
- int get_gSize() const;
- int get_pubSize() const;
- const opaque* get_p() const;
- const opaque* get_g() const;
- const opaque* get_pub() const;
- opaque* alloc_p(int sz);
- opaque* alloc_g(int sz);
- opaque* alloc_pub(int sz);
- ServerDHParams(const ServerDHParams&); // hide copy
- ServerDHParams& operator=(const ServerDHParams&); // and assign
-struct ServerKeyBase : public virtual_base {
- virtual ~ServerKeyBase() {}
- virtual void build(SSL&) {}
- virtual void read(SSL&, input_buffer&) {}
- virtual int get_length() const;
- virtual opaque* get_serverKey() const;
-// Server random number for FORTEZZA KEA
-struct Fortezza_Server : public ServerKeyBase {
- opaque r_s_[FORTEZZA_MAX];
-struct SignatureBase : public virtual_base {
- virtual ~SignatureBase() {}
-struct anonymous_sa : public SignatureBase {};
-struct Hashes {
- uint8 md5_[MD5_LEN];
- uint8 sha_[SHA_LEN];
-struct rsa_sa : public SignatureBase {
- Hashes hashes_;
-struct dsa_sa : public SignatureBase {
- uint8 sha_[SHA_LEN];
-// Server's Diffie-Hellman exchange
-class DH_Server : public ServerKeyBase {
- ServerDHParams parms_;
- opaque* signature_;
- int length_; // total length of message
- opaque* keyMessage_; // total exchange message
- DH_Server();
- ~DH_Server();
- void build(SSL&);
- void read(SSL&, input_buffer&);
- int get_length() const;
- opaque* get_serverKey() const;
- DH_Server(const DH_Server&); // hide copy
- DH_Server& operator=(const DH_Server&); // and assign
-// Server's RSA exchange
-struct RSA_Server : public ServerKeyBase {
- ServerRSAParams params_;
- opaque* signature_; // signed rsa_sa hashes
-class ServerKeyExchange : public HandShakeBase {
- ServerKeyBase* server_key_;
- explicit ServerKeyExchange(SSL&);
- ServerKeyExchange();
- ~ServerKeyExchange();
- void createKey(SSL&);
- void build(SSL& ssl);
- const opaque* getKey() const;
- int getKeyLength() const;
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- friend output_buffer& operator<<(output_buffer&, const ServerKeyExchange&);
- void Process(input_buffer&, SSL&);
- HandShakeType get_type() const;
- ServerKeyExchange(const ServerKeyExchange&); // hide copy
- ServerKeyExchange& operator=(const ServerKeyExchange&); // and assign
-class CertificateRequest : public HandShakeBase {
- ClientCertificateType certificate_types_[CERT_TYPES];
- int typeTotal_;
- STL::list<DistinguishedName> certificate_authorities_;
- CertificateRequest();
- ~CertificateRequest();
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- friend input_buffer& operator>>(input_buffer&, CertificateRequest&);
- friend output_buffer& operator<<(output_buffer&,
- const CertificateRequest&);
- void Process(input_buffer&, SSL&);
- HandShakeType get_type() const;
- void Build();
- CertificateRequest(const CertificateRequest&); // hide copy
- CertificateRequest& operator=(const CertificateRequest&); // and assign
-struct ServerHelloDone : public HandShakeBase {
- ServerHelloDone();
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- void Process(input_buffer& input, SSL& ssl);
- HandShakeType get_type() const;
-struct PreMasterSecret {
- opaque random_[SECRET_LEN]; // first two bytes Protocol Version
-struct ClientKeyBase : public virtual_base {
- virtual ~ClientKeyBase() {}
- virtual void build(SSL&) {}
- virtual void read(SSL&, input_buffer&) {}
- virtual int get_length() const;
- virtual opaque* get_clientKey() const;
-class EncryptedPreMasterSecret : public ClientKeyBase {
- opaque* secret_;
- int length_;
- EncryptedPreMasterSecret();
- ~EncryptedPreMasterSecret();
- void build(SSL&);
- void read(SSL&, input_buffer&);
- int get_length() const;
- opaque* get_clientKey() const;
- void alloc(int sz);
- // hide copy and assign
- EncryptedPreMasterSecret(const EncryptedPreMasterSecret&);
- EncryptedPreMasterSecret& operator=(const EncryptedPreMasterSecret&);
-// Fortezza Key Parameters from page 29
-// hard code lengths cause only used here
-struct FortezzaKeys : public ClientKeyBase {
- opaque y_c_ [128]; // client's Yc, public value
- opaque r_c_ [128]; // client's Rc
- opaque y_signature_ [40]; // DSS signed public key
- opaque wrapped_client_write_key_ [12]; // wrapped by the TEK
- opaque wrapped_server_write_key_ [12]; // wrapped by the TEK
- opaque client_write_iv_ [24];
- opaque server_write_iv_ [24];
- opaque master_secret_iv_ [24]; // IV used to encrypt preMaster
- opaque encrypted_preMasterSecret_[48]; // random & crypted by the TEK
-// Diffie-Hellman public key from page 40/41
-class ClientDiffieHellmanPublic : public ClientKeyBase {
- PublicValueEncoding public_value_encoding_;
- int length_; // includes two byte length for message
- opaque* Yc_; // length + Yc_
- // dh_Yc only if explicit, otherwise sent in certificate
- enum { KEY_OFFSET = 2 };
- ClientDiffieHellmanPublic();
- ~ClientDiffieHellmanPublic();
- void build(SSL&);
- void read(SSL&, input_buffer&);
- int get_length() const;
- opaque* get_clientKey() const;
- void alloc(int sz, bool offset = false);
- // hide copy and assign
- ClientDiffieHellmanPublic(const ClientDiffieHellmanPublic&);
- ClientDiffieHellmanPublic& operator=(const ClientDiffieHellmanPublic&);
-class ClientKeyExchange : public HandShakeBase {
- ClientKeyBase* client_key_;
- explicit ClientKeyExchange(SSL& ssl);
- ClientKeyExchange();
- ~ClientKeyExchange();
- void createKey(SSL&);
- void build(SSL& ssl);
- const opaque* getKey() const;
- int getKeyLength() const;
- friend output_buffer& operator<<(output_buffer&, const ClientKeyExchange&);
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- HandShakeType get_type() const;
- void Process(input_buffer&, SSL&);
- ClientKeyExchange(const ClientKeyExchange&); // hide copy
- ClientKeyExchange& operator=(const ClientKeyExchange&); // and assign
-class CertificateVerify : public HandShakeBase {
- Hashes hashes_;
- byte* signature_; // owns
- CertificateVerify();
- ~CertificateVerify();
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- friend input_buffer& operator>>(input_buffer&, CertificateVerify&);
- friend output_buffer& operator<<(output_buffer&, const CertificateVerify&);
- void Process(input_buffer&, SSL&);
- HandShakeType get_type() const;
- void Build(SSL&);
- CertificateVerify(const CertificateVerify&); // hide copy
- CertificateVerify& operator=(const CertificateVerify&); // and assign
-class Finished : public HandShakeBase {
- Hashes hashes_;
- Finished();
- uint8* set_md5();
- uint8* set_sha();
- friend input_buffer& operator>>(input_buffer&, Finished&);
- friend output_buffer& operator<<(output_buffer&, const Finished&);
- input_buffer& set(input_buffer& in);
- output_buffer& get(output_buffer& out) const;
- void Process(input_buffer&, SSL&);
- HandShakeType get_type() const;
- Finished(const Finished&); // hide copy
- Finished& operator=(const Finished&); // and assign
-class RandomPool; // forward for connection
-// SSL Connection defined on page 11
-struct Connection {
- opaque *pre_master_secret_;
- opaque master_secret_[SECRET_LEN];
- opaque client_random_[RAN_LEN];
- opaque server_random_[RAN_LEN];
- opaque sessionID_[ID_LEN];
- opaque client_write_MAC_secret_[SHA_LEN]; // sha is max size
- opaque server_write_MAC_secret_[SHA_LEN];
- opaque client_write_key_[AES_256_KEY_SZ]; // aes 256bit is max sz
- opaque server_write_key_[AES_256_KEY_SZ];
- opaque client_write_IV_[AES_IV_SZ]; // aes is max size
- opaque server_write_IV_[AES_IV_SZ];
- uint32 sequence_number_;
- uint32 peer_sequence_number_;
- uint32 pre_secret_len_; // pre master length
- bool send_server_key_; // server key exchange?
- bool master_clean_; // master secret clean?
- bool TLS_; // TLSv1 or greater
- bool TLSv1_1_; // TLSv1.1 or greater
- bool sessionID_Set_; // do we have a session
- bool compression_; // zlib compression?
- ProtocolVersion version_; // negotiated version
- ProtocolVersion chVersion_; // client hello version
- RandomPool& random_;
- Connection(ProtocolVersion v, RandomPool& ran);
- ~Connection();
- void AllocPreSecret(uint sz);
- void CleanPreMaster();
- void CleanMaster();
- void TurnOffTLS();
- void TurnOffTLS1_1();
- Connection(const Connection&); // hide copy
- Connection& operator=(const Connection&); // and assign
-struct Ciphers; // forward
-// TLSv1 Security Spec, defined on page 56 of RFC 2246
-struct Parameters {
- ConnectionEnd entity_;
- BulkCipherAlgorithm bulk_cipher_algorithm_;
- CipherType cipher_type_;
- uint8 key_size_;
- uint8 iv_size_;
- IsExportable is_exportable_;
- MACAlgorithm mac_algorithm_;
- uint8 hash_size_;
- CompressionMethod compression_algorithm_;
- KeyExchangeAlgorithm kea_; // yassl additions
- SignatureAlgorithm sig_algo_; // signature auth type
- SignatureAlgorithm verify_algo_; // cert verify auth type
- bool pending_;
- bool resumable_; // new conns by session
- uint16 encrypt_size_; // current msg encrypt sz
- Cipher suite_[SUITE_LEN]; // choosen suite
- uint8 suites_size_;
- Cipher suites_[MAX_SUITE_SZ];
- char cipher_name_[MAX_SUITE_NAME];
- char cipher_list_[MAX_CIPHERS][MAX_SUITE_NAME];
- bool removeDH_; // for server's later use
- Parameters(ConnectionEnd, const Ciphers&, ProtocolVersion, bool haveDH);
- void SetSuites(ProtocolVersion pv, bool removeDH = false,
- bool removeRSA = false, bool removeDSA = false);
- void SetCipherNames();
- Parameters(const Parameters&); // hide copy
- Parameters& operator=(const Parameters&); // and assing
-input_buffer& operator>>(input_buffer&, RecordLayerHeader&);
-output_buffer& operator<<(output_buffer&, const RecordLayerHeader&);
-input_buffer& operator>>(input_buffer&, Message&);
-output_buffer& operator<<(output_buffer&, const Message&);
-input_buffer& operator>>(input_buffer&, HandShakeBase&);
-output_buffer& operator<<(output_buffer&, const HandShakeBase&);
-// Message Factory definition
-// uses the ContentType enumeration for unique id
-typedef Factory<Message> MessageFactory;
-void InitMessageFactory(MessageFactory&); // registers derived classes
-// HandShake Factory definition
-// uses the HandShakeType enumeration for unique id
-typedef Factory<HandShakeBase> HandShakeFactory;
-void InitHandShakeFactory(HandShakeFactory&); // registers derived classes
-// ServerKey Factory definition
-// uses KeyExchangeAlgorithm enumeration for unique id
-typedef Factory<ServerKeyBase> ServerKeyFactory;
-void InitServerKeyFactory(ServerKeyFactory&);
-// ClientKey Factory definition
-// uses KeyExchangeAlgorithm enumeration for unique id
-typedef Factory<ClientKeyBase> ClientKeyFactory;
-void InitClientKeyFactory(ClientKeyFactory&);
-// Message Creators
-Message* CreateHandShake();
-Message* CreateCipherSpec();
-Message* CreateAlert();
-Message* CreateData();
-// HandShake Creators
-HandShakeBase* CreateCertificate();
-HandShakeBase* CreateHelloRequest();
-HandShakeBase* CreateClientHello();
-HandShakeBase* CreateServerHello();
-HandShakeBase* CreateServerKeyExchange();
-HandShakeBase* CreateCertificateRequest();
-HandShakeBase* CreateServerHelloDone();
-HandShakeBase* CreateClientKeyExchange();
-HandShakeBase* CreateCertificateVerify();
-HandShakeBase* CreateFinished();
-// ServerKey Exchange Creators
-ServerKeyBase* CreateRSAServerKEA();
-ServerKeyBase* CreateDHServerKEA();
-ServerKeyBase* CreateFortezzaServerKEA();
-// ClientKey Exchange Creators
-ClientKeyBase* CreateRSAClient();
-ClientKeyBase* CreateDHClient();
-ClientKeyBase* CreateFortezzaClient();
-} // naemspace
-#endif // yaSSL_IMP_HPP