1  /*
  2   * Copyright (c) 2011-2012,2014 Apple Inc. All Rights Reserved.
  3   *
  4   * @APPLE_LICENSE_HEADER_START@
  5   * 
  6   * This file contains Original Code and/or Modifications of Original Code
  7   * as defined in and that are subject to the Apple Public Source License
  8   * Version 2.0 (the 'License'). You may not use this file except in
  9   * compliance with the License. Please obtain a copy of the License at
 10   * http://www.opensource.apple.com/apsl/ and read it before using this
 11   * file.
 12   * 
 13   * The Original Code and all software distributed under the License are
 14   * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 15   * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 16   * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 17   * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 18   * Please see the License for the specific language governing rights and
 19   * limitations under the License.
 20   * 
 21   * @APPLE_LICENSE_HEADER_END@
 22   */
 23  
 24  /*
 25   * sslTypes.h - internal ssl types
 26   */
 27  
 28  /* This header should be kernel compatible */
 29  
 30  #ifndef	_SSLTYPES_H_
 31  #define _SSLTYPES_H_ 1
 32  
 33  #include <stdbool.h>
 34  #include <stdint.h>
 35  #include <sys/types.h>
 36  
 37  #include <tls_types.h>
 38  
 39  enum {
 40      errSSLRecordInternal            = -10000,
 41      errSSLRecordWouldBlock          = -10001,
 42      errSSLRecordProtocol            = -10002,
 43      errSSLRecordNegotiation         = -10003,
 44      errSSLRecordClosedAbort         = -10004,
 45  	errSSLRecordConnectionRefused   = -10005,	/* peer dropped connection before responding */
 46  	errSSLRecordDecryptionFail      = -10006,	/* decryption failure */
 47  	errSSLRecordBadRecordMac        = -10007,	/* bad MAC */
 48  	errSSLRecordRecordOverflow      = -10008,	/* record overflow */
 49  	errSSLRecordUnexpectedRecord    = -10009,	/* unexpected (skipped) record in DTLS */
 50  };
 51  
 52  typedef enum
 53  {
 54      /* This value never appears in the actual protocol */
 55      SSL_Version_Undetermined = 0,
 56      /* actual protocol values */
 57      SSL_Version_2_0 = 0x0002,
 58      SSL_Version_3_0 = 0x0300,
 59      TLS_Version_1_0 = 0x0301,		/* TLS 1.0 == SSL 3.1 */
 60      TLS_Version_1_1 = 0x0302,
 61      TLS_Version_1_2 = 0x0303,
 62      DTLS_Version_1_0 = 0xfeff,
 63  } SSLProtocolVersion;
 64  
 65  /* FIXME: This enum and the SSLRecord are exposed because they
 66   are used at the interface between the Record and Handshake layer.
 67   This might not be the best idea */
 68  
 69  enum
 70  {   SSL_RecordTypeV2_0,
 71      SSL_RecordTypeV3_Smallest = 20,
 72      SSL_RecordTypeChangeCipher = 20,
 73      SSL_RecordTypeAlert = 21,
 74      SSL_RecordTypeHandshake = 22,
 75      SSL_RecordTypeAppData = 23,
 76      SSL_RecordTypeV3_Largest = 23
 77  };
 78  
 79  typedef enum
 80  {
 81      kSSLRecordOptionSendOneByteRecord = 0,
 82  } SSLRecordOption;
 83  
 84  /*
 85   * This is the buffer type used internally.
 86   */
 87  typedef tls_buffer SSLBuffer;
 88  
 89  /*
 90  struct
 91  {   size_t  length;
 92      uint8_t *data;
 93  } SSLBuffer;
 94  */
 95  
 96  typedef struct
 97  {
 98      uint8_t                 contentType;
 99      SSLBuffer               contents;
100  } SSLRecord;
101  
102  
103  /*
104   * We should remove this and use uint64_t all over.
105   */
106  typedef uint64_t sslUint64;
107  
108  
109  /* Opaque reference to a Record Context */
110  typedef void * SSLRecordContextRef;
111  
112  
113  typedef int
114  (*SSLRecordReadFunc)                (SSLRecordContextRef    ref,
115                                       SSLRecord              *rec);
116  
117  typedef int
118  (*SSLRecordWriteFunc)               (SSLRecordContextRef    ref,
119                                       SSLRecord              rec);
120  
121  typedef int
122  (*SSLRecordInitPendingCiphersFunc)  (SSLRecordContextRef    ref,
123                                       uint16_t               selectedCipher,
124                                       bool                   server,
125                                       SSLBuffer              key);
126  
127  typedef int
128  (*SSLRecordAdvanceWriteCipherFunc)  (SSLRecordContextRef    ref);
129  
130  typedef int
131  (*SSLRecordRollbackWriteCipherFunc) (SSLRecordContextRef    ref);
132  
133  typedef int
134  (*SSLRecordAdvanceReadCipherFunc)   (SSLRecordContextRef    ref);
135  
136  typedef int
137  (*SSLRecordSetProtocolVersionFunc)  (SSLRecordContextRef    ref,
138                                       SSLProtocolVersion     protocolVersion);
139  
140  typedef int
141  (*SSLRecordFreeFunc)                (SSLRecordContextRef    ref,
142                                       SSLRecord              rec);
143  
144  typedef int
145  (*SSLRecordServiceWriteQueueFunc)   (SSLRecordContextRef    ref);
146  
147  typedef int
148  (*SSLRecordSetOptionFunc)           (SSLRecordContextRef    ref,
149                                       SSLRecordOption        option,
150                                       bool                   value);
151  
152  struct SSLRecordFuncs
153  {
154      SSLRecordReadFunc                   read;
155      SSLRecordWriteFunc                  write;
156      SSLRecordInitPendingCiphersFunc     initPendingCiphers;
157      SSLRecordAdvanceWriteCipherFunc     advanceWriteCipher;
158      SSLRecordRollbackWriteCipherFunc    rollbackWriteCipher;
159      SSLRecordAdvanceReadCipherFunc      advanceReadCipher;
160      SSLRecordSetProtocolVersionFunc     setProtocolVersion;
161      SSLRecordFreeFunc                   free;
162      SSLRecordServiceWriteQueueFunc      serviceWriteQueue;
163      SSLRecordSetOptionFunc              setOption;
164  };
165  
166  #endif /* _SSLTYPES_H_ */