tls.h (3230B)
1/** 2 * FreeRDP: A Remote Desktop Protocol Implementation 3 * Transport Layer Security 4 * 5 * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com> 6 * 7 * Licensed under the Apache License, Version 2.0 (the "License"); 8 * you may not use this file except in compliance with the License. 9 * You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, software 14 * distributed under the License is distributed on an "AS IS" BASIS, 15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 * See the License for the specific language governing permissions and 17 * limitations under the License. 18 */ 19 20#ifndef FREERDP_CRYPTO_TLS_H 21#define FREERDP_CRYPTO_TLS_H 22 23#include "crypto.h" 24#include "certificate.h" 25 26#include <winpr/crt.h> 27#include <winpr/sspi.h> 28 29#include <openssl/ssl.h> 30#include <openssl/err.h> 31 32#include <freerdp/api.h> 33#include <freerdp/types.h> 34 35#include <winpr/stream.h> 36 37#define TLS_ALERT_LEVEL_WARNING 1 38#define TLS_ALERT_LEVEL_FATAL 2 39 40#define TLS_ALERT_DESCRIPTION_CLOSE_NOTIFY 0 41#define TLS_ALERT_DESCRIPTION_UNEXPECTED_MESSAGE 10 42#define TLS_ALERT_DESCRIPTION_BAD_RECORD_MAC 20 43#define TLS_ALERT_DESCRIPTION_DECRYPTION_FAILED 21 44#define TLS_ALERT_DESCRIPTION_RECORD_OVERFLOW 22 45#define TLS_ALERT_DESCRIPTION_DECOMPRESSION_FAILURE 30 46#define TLS_ALERT_DESCRIPTION_HANSHAKE_FAILURE 40 47#define TLS_ALERT_DESCRIPTION_NO_CERTIFICATE 41 48#define TLS_ALERT_DESCRIPTION_BAD_CERTIFICATE 42 49#define TLS_ALERT_DESCRIPTION_UNSUPPORTED_CERTIFICATE 43 50#define TLS_ALERT_DESCRIPTION_CERTIFICATE_REVOKED 44 51#define TLS_ALERT_DESCRIPTION_CERTIFICATE_EXPIRED 45 52#define TLS_ALERT_DESCRIPTION_CERTIFICATE_UNKNOWN 46 53#define TLS_ALERT_DESCRIPTION_ILLEGAL_PARAMETER 47 54#define TLS_ALERT_DESCRIPTION_UNKNOWN_CA 48 55#define TLS_ALERT_DESCRIPTION_ACCESS_DENIED 49 56#define TLS_ALERT_DESCRIPTION_DECODE_ERROR 50 57#define TLS_ALERT_DESCRIPTION_DECRYPT_ERROR 51 58#define TLS_ALERT_DESCRIPTION_EXPORT_RESTRICTION 60 59#define TLS_ALERT_DESCRIPTION_PROTOCOL_VERSION 70 60#define TLS_ALERT_DESCRIPTION_INSUFFICIENT_SECURITY 71 61#define TLS_ALERT_DESCRIPTION_INTERNAL_ERROR 80 62#define TLS_ALERT_DESCRIPTION_USER_CANCELED 90 63#define TLS_ALERT_DESCRIPTION_NO_RENEGOTIATION 100 64#define TLS_ALERT_DESCRIPTION_UNSUPPORTED_EXTENSION 110 65 66typedef struct rdp_tls rdpTls; 67 68struct rdp_tls 69{ 70 SSL* ssl; 71 BIO* bio; 72 void* tsg; 73 SSL_CTX* ctx; 74 BYTE* PublicKey; 75 DWORD PublicKeyLength; 76 rdpSettings* settings; 77 SecPkgContext_Bindings* Bindings; 78 rdpCertificateStore* certificate_store; 79 BIO* underlying; 80 char* hostname; 81 int port; 82 int alertLevel; 83 int alertDescription; 84 BOOL isGatewayTransport; 85}; 86 87#ifdef __cplusplus 88extern "C" 89{ 90#endif 91 92 FREERDP_API int tls_connect(rdpTls* tls, BIO* underlying); 93 FREERDP_API BOOL tls_accept(rdpTls* tls, BIO* underlying, rdpSettings* settings); 94 FREERDP_API BOOL tls_send_alert(rdpTls* tls); 95 96 FREERDP_API int tls_write_all(rdpTls* tls, const BYTE* data, int length); 97 98 FREERDP_API int tls_set_alert_code(rdpTls* tls, int level, int description); 99 100 FREERDP_API rdpTls* tls_new(rdpSettings* settings); 101 FREERDP_API void tls_free(rdpTls* tls); 102 103#ifdef __cplusplus 104} 105#endif 106 107#endif /* FREERDP_CRYPTO_TLS_H */