nsssl

ssl.h

Go to the documentation of this file.
00001 
00045 #ifndef SSL_H
00046 #define SSL_H
00047 
00048 #include "aglobal.h"
00049 #include "bsafe.h"
00050 
00051 #ifdef HAVE_SWIFT
00052 #include "bswift.h"
00053 #endif
00054 
00058 #define SSL_PROTOCOL_VERSION "2"
00059 #define SSL_SERVER_VERSION    2
00060 
00061 
00065 extern B_ALGORITHM_METHOD *ALGORITHM_CHOOSER[];
00066 extern B_ALGORITHM_METHOD *DIGEST_CHOOSER[];
00067 
00068 
00072 #define SSL_MT_ERROR                         0
00073 #define SSL_MT_CLIENT_HELLO                  1
00074 #define SSL_MT_CLIENT_MASTER_KEY             2
00075 #define SSL_MT_CLIENT_FINISHED_V2            3
00076 #define SSL_MT_SERVER_HELLO                  4
00077 #define SSL_MT_SERVER_VERIFY                 5
00078 #define SSL_MT_SERVER_FINISHED_V2            6
00079 #define SSL_MT_REQUEST_CERTIFICATE           7
00080 #define SSL_MT_CLIENT_CERTIFICATE            8
00081 #define SSL_MT_CLIENT_DH_KEY                 9
00082 #define SSL_MT_CLIENT_SESSION_KEY            10
00083 #define SSL_MT_CLIENT_FINISHED               11
00084 #define SSL_MT_SERVER_FINISHED               12
00085 
00086 
00090 #define SSL_CK_RC4_128_WITH_MD5              0x01010080
00091 #define SSL_CK_RC4_128_EXPORT40_WITH_MD5     0x01020080
00092 #define SSL_CK_RC2_128_CBC_WITH_MD5          0x01030080
00093 #define SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x01040080
00094 #define SSL_CK_IDEA_128_CBC_WITH_MD5         0x01050080
00095 #define SSL_CK_DES_64_CBC_WITH_MD5           0x01060040
00096 #define SSL_CK_DES_192_EDE3_CBC_WITH_MD5     0x010700C0
00097 #define SSL_CK_NULL_WITH_MD5                 0x01000000
00098 #define SSL_CK_DES_64_CBC_WITH_SHA           0x01060140
00099 #define SSL_CK_DES_192_EDE3_WITH_SHA         0x010701C0
00100 
00101 #define NSEEDS 4
00102 #define SSL_SESSION_ID_LENGTH  16
00103 
00104 
00108 #define SSL_CT_X509_CERTIFICATE  1
00109 #define SSL_CT_PKCS7_CERTIFICATE 2
00110 
00111 
00115 #define SSL_PE_NO_CIPHER                    0x0001
00116 #define SSL_PE_NO_CERTIFICATE               0x0002
00117 #define SSL_PE_BAD_CERTIFICATE              0x0004
00118 #define SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
00119 
00120 
00124 #define SSL_AT_MD5_WITH_RSA_ENCRYPTION      0x01
00125 
00126 
00131 #define SSL_MAX_RECORD_LENGTH_2_BYTE_HEADER 16383
00132 #define SSL_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383
00133 #define SSL_MACSIZE                         16
00134 #define SSL_MAXRECSIZE                      32767
00135 #define SSL_MAXPADDING                      8
00136 
00137 
00138 #ifdef WIN32
00139 #define EOLSTRING "\r\n"
00140 #else
00141 #define EOLSTRING "\n"
00142 #endif
00143 
00144 
00150 typedef struct {
00151     int             nRecordLength;
00152     int             fIsEscape;
00153     int             nPadding;
00154     unsigned char  *mac;
00155     unsigned char  *data;
00156     unsigned char   macBuf[SSL_MACSIZE];
00157     unsigned char   input[3 + SSL_MAXRECSIZE];
00158     unsigned char   output[3 + SSL_MAXRECSIZE];
00159 } SSLRecord;
00160 
00161 
00167 typedef struct {
00168     B_KEY_OBJ       privateKey;
00169     unsigned char  *certificate;
00170     int             certificateLength;
00171 } SSLServer;
00172 
00173 
00179 typedef struct {
00180     SOCKET          socket;
00181     int             timeout;
00182     SSLServer      *ctx;
00183     SSLRecord       rec;
00184     unsigned        nReadSequence;
00185     unsigned        nWriteSequence;
00186     int             fEncryptionActive;
00187     B_ALGORITHM_OBJ digester;
00188     B_ALGORITHM_OBJ encryptor;
00189     B_ALGORITHM_OBJ decryptor;
00190     unsigned char   challenge[32];
00191     int             challengeLength;
00192     unsigned char   connId[SSL_SESSION_ID_LENGTH];
00193     unsigned char   sessionId[SSL_SESSION_ID_LENGTH];
00194     int             cipherKind;
00195     unsigned char   masterKey[1024];
00196     int             masterKeyLength;
00197     unsigned char   readKeyArgData[8];
00198     unsigned char   writeKeyArgData[8];
00199     int             keyArgLength;
00200     unsigned char   readKey[24];
00201     B_KEY_OBJ       readKeyObj;
00202     unsigned char   writeKey[24];
00203     B_KEY_OBJ       writeKeyObj;
00204     unsigned        ReadWriteKeyLength;
00205     unsigned int    blockSize;
00206     unsigned int    macSize;
00207     unsigned char  *incomingNext;
00208     unsigned char   incoming[SSL_MAXRECSIZE];
00209     int             incomingLength;
00210     unsigned char   outgoing[SSL_MAXRECSIZE];
00211     int             outgoingLength;
00212 
00218     int             cnt;
00219     char           *base;
00220     char            buf[SSL_MAXRECSIZE];
00221 
00222 }               SSLConn;
00223 
00224 
00225 extern int
00226 NsSSLGenerateKeypair(unsigned int modulusBits,
00227                      ITEM * publicExponent,
00228                      B_KEY_OBJ * publicKey,
00229                      B_KEY_OBJ * privateKey);
00230 
00231 
00232 extern int
00233 NsSSLInitialize(char *server, char *module);
00234 
00235 extern void *
00236 NsSSLCreateServer(char *cert, char *key);
00237 
00238 extern void
00239 NsSSLDestroyServer(void *server);
00240 
00241 extern void *
00242 NsSSLCreateConn(SOCKET socket, int timeout, void *server);
00243 
00244 extern void
00245 NsSSLDestroyConn(void *conn);
00246 
00247 extern int
00248 NsSSLSend(void *conn, void *vbuf, int towrite);
00249 
00250 extern int
00251 NsSSLRecv(void *conn, void *vbuf, int toread);
00252 
00253 extern int
00254 NsSSLFlush(void *conn);
00255 
00256 extern void *
00257 SSLCreateServer(char *cert, char *key);
00258 
00259 extern void
00260 SSLDestroyServer(void *server);
00261 
00262 extern void *
00263 SSLCreateConn(SOCKET sock, int timeout, void *server);
00264 
00265 extern void
00266 SSLDestroyConn(void *conn);
00267 
00268 extern int
00269 SSLFlush(void *conn);
00270 
00271 extern int
00272 SSLRecv(void *conn, void *vbuf, int toread);
00273 
00274 extern int
00275 SSLSend(void *conn, void *vbuf, int tosend);
00276 
00277 
00278 #endif
Generated on Tue Sep 4 19:58:55 2007 by  doxygen 1.5.1