Main Page | Alphabetical List | Data Structures | Directories | File List | Data Fields | Globals
wap

wtls_statesupport.h

Go to the documentation of this file.
00001 /* ==================================================================== 
00002  * The Kannel Software License, Version 1.0 
00003  * 
00004  * Copyright (c) 2001-2008 Kannel Group  
00005  * Copyright (c) 1998-2001 WapIT Ltd.   
00006  * All rights reserved. 
00007  * 
00008  * Redistribution and use in source and binary forms, with or without 
00009  * modification, are permitted provided that the following conditions 
00010  * are met: 
00011  * 
00012  * 1. Redistributions of source code must retain the above copyright 
00013  *    notice, this list of conditions and the following disclaimer. 
00014  * 
00015  * 2. Redistributions in binary form must reproduce the above copyright 
00016  *    notice, this list of conditions and the following disclaimer in 
00017  *    the documentation and/or other materials provided with the 
00018  *    distribution. 
00019  * 
00020  * 3. The end-user documentation included with the redistribution, 
00021  *    if any, must include the following acknowledgment: 
00022  *       "This product includes software developed by the 
00023  *        Kannel Group (http://www.kannel.org/)." 
00024  *    Alternately, this acknowledgment may appear in the software itself, 
00025  *    if and wherever such third-party acknowledgments normally appear. 
00026  * 
00027  * 4. The names "Kannel" and "Kannel Group" must not be used to 
00028  *    endorse or promote products derived from this software without 
00029  *    prior written permission. For written permission, please  
00030  *    contact org@kannel.org. 
00031  * 
00032  * 5. Products derived from this software may not be called "Kannel", 
00033  *    nor may "Kannel" appear in their name, without prior written 
00034  *    permission of the Kannel Group. 
00035  * 
00036  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 
00037  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 
00038  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 
00039  * DISCLAIMED.  IN NO EVENT SHALL THE KANNEL GROUP OR ITS CONTRIBUTORS 
00040  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,  
00041  * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT  
00042  * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR  
00043  * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,  
00044  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE  
00045  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,  
00046  * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
00047  * ==================================================================== 
00048  * 
00049  * This software consists of voluntary contributions made by many 
00050  * individuals on behalf of the Kannel Group.  For more information on  
00051  * the Kannel Group, please see <http://www.kannel.org/>. 
00052  * 
00053  * Portions of this software are based upon software originally written at  
00054  * WapIT Ltd., Helsinki, Finland for the Kannel project.  
00055  */ 
00056 
00057 /* wtls_statesupport.h
00058  *
00059  */
00060 #ifndef WTLS_STATESUPPORT_H
00061 #define WTLS_STATESUPPORT_H
00062 
00063 #include "gwlib/gwlib.h"
00064 #include "wtls_pdu.h"
00065 #include "wtls.h"
00066 #define KEYSIZE_MAX 2048
00067 #define NOT_EXPORTABLE 0
00068 #define EXPORTABLE 1
00069 #define BLOCK 0
00070 #define STREAM 1
00071 
00072 /* These enums and tables are pulled straight from the WTLS appendicies.
00073    Go and have a look at them if these aren't particularly clear. Obviously, since NULL
00074    is a builtin, and since RSA/MD5/SHA are all macros referenced by the openssl
00075    libraries, the names have had to be slightly altered to protect the innocent :->
00076 */
00077 
00078 enum key_exchange_suites{
00079         NULL_keyxchg,
00080         SHARED_SECRET,
00081         DH_anon,
00082         DH_anon_512,
00083         RSA_anon,
00084         RSA_anon_512,
00085         RSA_anon_768,
00086         RSA_NOLIMIT,
00087         RSA_512,
00088         RSA_768,
00089         ECDH_anon,
00090         ECDH_anon_113,
00091         ECDH_anon_131,
00092         ECDH_ECDSA_NOLIMIT
00093 };
00094 
00095 
00096 enum bulk_algorithms {
00097         NULL_bulk,
00098         RC5_CBC_40,
00099         RC5_CBC_56,
00100         RC5_CBC,
00101         DES_CBC_40,
00102         DES_CBC,
00103         TRIPLE_DES_CBC_EDE,
00104         IDEA_CBC_40,
00105         IDEA_CBC_56,
00106         IDEA_CBC
00107 };
00108 
00109 
00110 enum keyed_macs{
00111         SHA_0,
00112         SHA_40,
00113         SHA_80,
00114         SHA_NOLIMIT,
00115         SHA_XOR_40,
00116         MD5_40,
00117         MD5_80,
00118         MD5_NOLIMIT
00119 };
00120 
00121 
00122 typedef struct 
00123 {
00124         const char* title;
00125         int key_size_limit;
00126 } keyxchg_table_t;
00127 
00128 static keyxchg_table_t keyxchg_table[] = {
00129         {"NULL",0},
00130         {"Shared Secret", KEYSIZE_MAX},
00131         {"DH-anon",KEYSIZE_MAX},
00132         {"DH-anon-512",512},
00133         {"DH-anon-768",768},
00134         {"RSA-anon", KEYSIZE_MAX},
00135         {"RSA-anon-512",512},
00136         {"RSA-anon-768",768},
00137         {"RSA",KEYSIZE_MAX},
00138         {"RSA-512", 512},
00139         {"RSA-768",768},
00140         {"ECDH-anon",KEYSIZE_MAX},
00141         {"ECDH-anon-113",113},
00142         {"ECDH-anon-131",131},
00143         {"ECDH-ECDSA",KEYSIZE_MAX}
00144 };
00145 
00146 
00147 typedef struct 
00148 {
00149         const char* title;
00150         int is_exportable;
00151         int block_or_stream;
00152         int key_material;
00153         int expanded_key_material;
00154         int effective_key_bits;
00155         int iv_size;
00156         int block_size;
00157 } bulk_table_t;
00158 
00159 static bulk_table_t bulk_table[] = {
00160         {"NULL Encryption",EXPORTABLE,STREAM,0,0,0,0,0},
00161         {"RC5-CBC-40",EXPORTABLE,BLOCK,5,16,40,8,8},
00162         {"RC5-CBC-56",EXPORTABLE,BLOCK,7,16,56,8,8},
00163         {"RC5-CBC",NOT_EXPORTABLE,BLOCK,16,16,128,8,8},
00164         {"DES-CBC-40",EXPORTABLE,BLOCK,5,8,40,8,8},
00165         {"DES-CBC",NOT_EXPORTABLE,BLOCK,8,8,56,8,8},
00166         {"3DES-CBC-EDE",NOT_EXPORTABLE,BLOCK,24,24,168,8,8},
00167         {"IDEA-CBC-40",EXPORTABLE,BLOCK,5,16,40,8,8},
00168         {"IDEA-CBC-56",EXPORTABLE,BLOCK,7,16,56,8,8},
00169         {"IDEA-CBC",NOT_EXPORTABLE,BLOCK,16,16,128,8,8}
00170 };
00171 
00172 
00173 typedef struct 
00174 {
00175         const char* title;
00176         int key_size;
00177         int mac_size;
00178 } hash_table_t;
00179 
00180 static hash_table_t hash_table[] = {
00181         {"SHA-0",0,0},
00182         {"SHA1-40",20,5},
00183         {"SHA1-80",20,10},
00184         {"SHA1",20,20},
00185         {"SHA-XOR-40",0,5},
00186         {"MD5-40",16,5},
00187         {"MD5-80",16,10},
00188         {"MD5",16,16}        
00189 };
00190 
00191 
00192 Octstr* wtls_calculate_prf(Octstr* secret, Octstr* label,
00193                            Octstr* seed, int byteLength, WTLSMachine* wtls_machine);
00194 RSAPublicKey* wtls_get_rsapublickey(void);
00195 Random* wtls_get_random(void);
00196 Octstr* wtls_decrypt(Octstr* buffer, WTLSMachine* wtls_machine);
00197 Octstr* wtls_encrypt(Octstr* buffer, WTLSMachine* wtls_machine, int recordType);
00198 Octstr* wtls_decrypt_rsa(Octstr* encryptedData);
00199 
00200 /* The wtls_choose* functions implement the decision making process behind the
00201    protocol negotiations in wtls. */
00202 CipherSuite* wtls_choose_ciphersuite(List* ciphersuites);
00203 int wtls_choose_clientkeyid(List* clientKeyIDs);
00204 int wtls_choose_snmode(int snmode);
00205 int wtls_choose_krefresh(int krefresh);
00206 
00207 /* The *_are_identical functions all return 1 if the packets match the condition as
00208  * expressed in the function name. As each packet can contain a "list" of pdus, we
00209  * need to search that list and return whether or not they contain identical pdus as listed.
00210  * On failure, they will return non-zero
00211  */
00212 int clienthellos_are_identical (List* pdu_list, List* last_received_packet);
00213 int certifcateverifys_are_identical (List* pdu_list, List* last_received_packet);
00214 int certificates_are_identical (List* pdu_list, List* last_received_packet);
00215 int clientkeyexchanges_are_identical (List* pdu_list, List* last_received_packet);
00216 int changecipherspecs_are_identical (List* pdu_list, List* last_received_packet);
00217 int finisheds_are_indentical (List* pdu_list, List* last_received_packet);
00218 
00219 /* the packet_contains_* functions all return 1 if the packet contains a pdu of the type
00220  * expressed in the function name.
00221  */
00222 int packet_contains_changecipherspec (List* pdu_list);
00223 int packet_contains_finished (List* pdu_list);
00224 int packet_contains_optional_stuff (List* pdu_list);
00225 int packet_contains_userdata (List* pdu_list);
00226 int packet_contains_clienthello (List* pdu_list);
00227 
00228 /* the is_*_alert functions return 1 if the packet is a pdu of the type expressed in the
00229  * function name.
00230  */
00231 int is_critical_alert (List* pdu_list);
00232 int is_warning_alert (List* pdu_list);
00233 
00234 void calculate_client_key_block(WTLSMachine *wtls_machine);
00235 void calculate_server_key_block(WTLSMachine *wtls_machine);
00236 
00237 #endif
See file LICENSE for details about the license agreement for using, modifying, copying or deriving work from this software.