1 /* 2 * This file is part of the openHiTLS project. 3 * 4 * openHiTLS is licensed under the Mulan PSL v2. 5 * You can use this software according to the terms and conditions of the Mulan PSL v2. 6 * You may obtain a copy of Mulan PSL v2 at: 7 * 8 * http://license.coscl.org.cn/MulanPSL2 9 * 10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, 11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, 12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. 13 * See the Mulan PSL v2 for more details. 14 */ 15 16 #ifndef HS_EXTERNSIONS_H 17 #define HS_EXTERNSIONS_H 18 19 #include <stdint.h> 20 21 #ifdef __cplusplus 22 extern "C" { 23 #endif 24 25 #define HS_EX_HEADER_LEN 4u 26 27 /* Handshake Extension message type */ 28 #define HS_EX_TYPE_SERVER_NAME 0u 29 #define HS_EX_TYPE_MAX_FRAGMENT_LENGTH 1u 30 #define HS_EX_TYPE_TRUSTED_CA_KEYS 3u 31 #define HS_EX_TYPE_STATUS_REQUEST 5u 32 #define HS_EX_TYPE_SUPPORTED_GROUPS 10u 33 #define HS_EX_TYPE_POINT_FORMATS 11u 34 #define HS_EX_TYPE_SIGNATURE_ALGORITHMS 13u 35 #define HS_EX_TYPE_USE_SRTP 14u 36 #define HS_EX_TYPE_APP_LAYER_PROTOCOLS 16u 37 #define HS_EX_TYPE_STATUS_REQUEST_V2 17u 38 #define HS_EX_TYPE_SIGNED_CERTIFICATE_TIMESTAMP 18u 39 #define HS_EX_TYPE_PADDING 21u 40 #define HS_EX_TYPE_ENCRYPT_THEN_MAC 22u 41 #define HS_EX_TYPE_EXTENDED_MASTER_SECRET 23u 42 #define HS_EX_TYPE_RECORD_SIZE_LIMIT 28u 43 #define HS_EX_TYPE_SESSION_TICKET 35u 44 #define HS_EX_TYPE_PRE_SHARED_KEY 41u 45 #define HS_EX_TYPE_EARLY_DATA 42u 46 #define HS_EX_TYPE_SUPPORTED_VERSIONS 43u 47 #define HS_EX_TYPE_COOKIE 44u 48 #define HS_EX_TYPE_PSK_KEY_EXCHANGE_MODES 45u 49 #define HS_EX_TYPE_CERTIFICATE_AUTHORITIES 47u 50 #define HS_EX_TYPE_POST_HS_AUTH 49u 51 #define HS_EX_TYPE_SIGNATURE_ALGORITHMS_CERT 50u 52 #define HS_EX_TYPE_KEY_SHARE 51u 53 #define HS_EX_TYPE_RENEGOTIATION_INFO 0xFF01u 54 #define HS_EX_TYPE_END 0xFFFFu 55 56 #define HS_EX_TYPE_ID_UNRECOGNIZED 0 57 #define HS_EX_TYPE_ID_SERVER_NAME 1 58 #define HS_EX_TYPE_ID_MAX_FRAGMENT_LENGTH 2 59 #define HS_EX_TYPE_ID_TRUSTED_CA_KEYS 3 60 #define HS_EX_TYPE_ID_STATUS_REQUEST 4 61 #define HS_EX_TYPE_ID_SUPPORTED_GROUPS 5 62 #define HS_EX_TYPE_ID_POINT_FORMATS 6 63 #define HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS 7 64 #define HS_EX_TYPE_ID_USE_SRTP 8 65 #define HS_EX_TYPE_ID_APP_LAYER_PROTOCOLS 9 66 #define HS_EX_TYPE_ID_STATUS_REQUEST_V2 10 67 #define HS_EX_TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP 11 68 #define HS_EX_TYPE_ID_PADDING 12 69 #define HS_EX_TYPE_ID_ENCRYPT_THEN_MAC 13 70 #define HS_EX_TYPE_ID_EXTENDED_MASTER_SECRET 14 71 #define HS_EX_TYPE_ID_RECORD_SIZE_LIMIT 15 72 #define HS_EX_TYPE_ID_SESSION_TICKET 16 73 #define HS_EX_TYPE_ID_PRE_SHARED_KEY 17 74 #define HS_EX_TYPE_ID_EARLY_DATA 18 75 #define HS_EX_TYPE_ID_SUPPORTED_VERSIONS 19 76 #define HS_EX_TYPE_ID_COOKIE 20 77 #define HS_EX_TYPE_ID_PSK_KEY_EXCHANGE_MODES 21 78 #define HS_EX_TYPE_ID_CERTIFICATE_AUTHORITIES 22 79 #define HS_EX_TYPE_ID_OID_FILTERS 23 80 #define HS_EX_TYPE_ID_POST_HS_AUTH 24 81 #define HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS_CERT 25 82 #define HS_EX_TYPE_ID_KEY_SHARE 26 83 #define HS_EX_TYPE_ID_RENEGOTIATION_INFO 27 84 85 #define HS_EX_TYPE_MASK(id) (1ULL << (id)) 86 87 #define HS_EX_TYPE_TLS_ALLOWED_OF_CLIENT_HELLO \ 88 (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SERVER_NAME) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_MAX_FRAGMENT_LENGTH) | \ 89 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_GROUPS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SESSION_TICKET) | \ 90 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_STATUS_REQUEST) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_APP_LAYER_PROTOCOLS) | \ 91 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_USE_SRTP) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_ENCRYPT_THEN_MAC) | \ 92 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP) | \ 93 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_EXTENDED_MASTER_SECRET) | \ 94 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS_CERT) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_POST_HS_AUTH) | \ 95 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_VERSIONS) | \ 96 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_PSK_KEY_EXCHANGE_MODES) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_KEY_SHARE) | \ 97 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_EARLY_DATA) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_CERTIFICATE_AUTHORITIES) | \ 98 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_PADDING) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_PRE_SHARED_KEY) | \ 99 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_RECORD_SIZE_LIMIT) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_RENEGOTIATION_INFO) | \ 100 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_POINT_FORMATS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_COOKIE) | \ 101 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_UNRECOGNIZED)) 102 103 #define HS_EX_TYPE_TLS1_3_ALLOWED_OF_ENCRYPTED_EXTENSIONS \ 104 (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SERVER_NAME) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_MAX_FRAGMENT_LENGTH) | \ 105 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_GROUPS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_APP_LAYER_PROTOCOLS) | \ 106 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_USE_SRTP) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_EARLY_DATA) | \ 107 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_RECORD_SIZE_LIMIT)) 108 109 #define HS_EX_TYPE_TLS1_3_ALLOWED_OF_HELLO_RETRY_REQUEST \ 110 (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_VERSIONS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_KEY_SHARE) | \ 111 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_COOKIE)) 112 113 #define HS_EX_TYPE_TLS1_3_ALLOWED_OF_SERVER_HELLO \ 114 (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_VERSIONS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_KEY_SHARE) | \ 115 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_PRE_SHARED_KEY)) 116 117 #define HS_EX_TYPE_TLS1_3_ALLOWED_OF_CERTIFICATE_REQUEST \ 118 (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_STATUS_REQUEST) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP) | \ 119 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS_CERT) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_OID_FILTERS) | \ 120 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_CERTIFICATE_AUTHORITIES) | \ 121 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_UNRECOGNIZED)) 122 123 #define HS_EX_TYPE_TLS1_3_ALLOWED_OF_CERTIFICATE (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_STATUS_REQUEST) | \ 124 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP)) 125 126 #define HS_EX_TYPE_TLS1_2_ALLOWED_OF_SERVER_HELLO \ 127 (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SERVER_NAME) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_MAX_FRAGMENT_LENGTH) | \ 128 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_GROUPS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_APP_LAYER_PROTOCOLS) | \ 129 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_STATUS_REQUEST) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SESSION_TICKET) | \ 130 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_USE_SRTP) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_ENCRYPT_THEN_MAC) | \ 131 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_POINT_FORMATS) | \ 132 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_EXTENDED_MASTER_SECRET) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_RECORD_SIZE_LIMIT) | \ 133 HS_EX_TYPE_MASK(HS_EX_TYPE_ID_RENEGOTIATION_INFO)) 134 135 #ifdef __cplusplus 136 } 137 #endif /* end __cplusplus */ 138 139 #endif /* end HS_EXTERNSIONS_H */ 140