* This file is part of the openHiTLS project.
*
* openHiTLS is licensed under the Mulan PSL v2.
* You can use this software according to the terms and conditions of the Mulan PSL v2.
* You may obtain a copy of Mulan PSL v2 at:
*
* http://license.coscl.org.cn/MulanPSL2
*
* THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
* EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
* MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
* See the Mulan PSL v2 for more details.
*/
#ifndef FRAME_MSG_H
#define FRAME_MSG_H
#include <stdint.h>
#include "hs_msg.h"
#include "rec.h"
#ifdef __cplusplus
extern "C" {
#endif
typedef enum {
MISSING_FIELD = 0,
INITIAL_FIELD,
ASSIGNED_FIELD,
DUPLICATE_FIELD,
It is used for two or more bytes of fields (such as the cipher suite length). */
SET_LEN_TO_ONE_BYTE,
} FieldState;
typedef struct {
FieldState state;
uint64_t data;
} FRAME_Integer;
typedef struct {
FieldState state;
uint32_t size;
uint8_t *data;
} FRAME_Array8;
typedef struct {
FieldState state;
uint32_t size;
uint16_t *data;
} FRAME_Array16;
typedef struct {
FieldState exState;
FRAME_Integer exType;
FRAME_Integer exLen;
FRAME_Integer exDataLen;
FRAME_Array8 exData;
} FRAME_HsExtArray8;
typedef struct {
FieldState exState;
FRAME_Integer exType;
FRAME_Integer exLen;
FRAME_Integer exDataLen;
FRAME_Array16 exData;
} FRAME_HsExtArray16;
typedef struct {
FieldState state;
FRAME_Integer group;
FRAME_Integer keyExchangeLen;
FRAME_Array8 keyExchange;
} FRAME_HsKeyShareEntry;
typedef struct {
FieldState state;
uint32_t size;
FRAME_HsKeyShareEntry *data;
} FRAME_HsArrayKeyShare;
typedef struct {
FieldState exState;
FRAME_Integer exType;
FRAME_Integer exLen;
FRAME_Integer exKeyShareLen;
FRAME_HsArrayKeyShare exKeyShares;
} FRAME_HsExtKeyShare;
typedef struct {
FieldState state;
FRAME_Integer identityLen;
FRAME_Array8 identity;
FRAME_Integer obfuscatedTicketAge;
} FRAME_HsPskIdentity;
typedef struct {
FieldState state;
uint32_t size;
FRAME_HsPskIdentity *data;
} FRAME_HsArrayPskIdentity;
typedef struct {
FieldState state;
FRAME_Integer binderLen;
FRAME_Array8 binder;
} FRAME_HsPskBinder;
typedef struct {
FieldState state;
uint32_t size;
FRAME_HsPskBinder *data;
} FRAME_HsArrayPskBinder;
typedef struct {
FieldState exState;
FRAME_Integer exType;
FRAME_Integer exLen;
FRAME_Integer identitySize;
FRAME_HsArrayPskIdentity identities;
FRAME_Integer binderSize;
FRAME_HsArrayPskBinder binders;
} FRAME_HsExtOfferedPsks;
typedef struct {
FieldState exState;
FRAME_Integer exType;
FRAME_Integer exLen;
FRAME_Integer data;
} FRAME_HsExtUint16;
typedef struct {
FieldState exState;
FRAME_Integer exType;
FRAME_Integer exLen;
FRAME_Array8 list;
FRAME_Integer listSize;
} FRAME_HsExtCaList;
typedef struct {
FRAME_Integer version;
FRAME_Array8 randomValue;
FRAME_Integer sessionIdSize;
FRAME_Array8 sessionId;
FRAME_Integer cookiedLen;
FRAME_Array8 cookie;
FRAME_Integer cipherSuitesSize;
FRAME_Array16 cipherSuites;
FRAME_Integer compressionMethodsLen;
FRAME_Array8 compressionMethods;
FieldState extensionState;
FRAME_Integer extensionLen;
FRAME_HsExtArray8 pointFormats;
FRAME_HsExtArray16 supportedGroups;
FRAME_HsExtArray16 signatureAlgorithms;
FRAME_HsExtArray8 encryptThenMac;
FRAME_HsExtArray8 extendedMasterSecret;
FRAME_HsExtArray8 secRenego;
FRAME_HsExtArray8 sessionTicket;
FRAME_HsExtArray8 serverName;
FRAME_HsExtUint16 recordSizeLimit;
FRAME_HsExtArray8 alpn;
FRAME_HsExtArray8 tls13Cookie;
FRAME_HsExtKeyShare keyshares;
FRAME_HsExtArray8 pskModes;
FRAME_HsExtArray16 supportedVersion;
FRAME_HsExtOfferedPsks psks;
FRAME_HsExtCaList caList;
} FRAME_ClientHelloMsg;
typedef struct {
FieldState exState;
FRAME_Integer exType;
FRAME_Integer exLen;
FRAME_HsKeyShareEntry data;
} FRAME_HsExtServerKeyShare;
typedef struct {
FRAME_Integer version;
FRAME_Array8 randomValue;
FRAME_Integer sessionIdSize;
FRAME_Array8 sessionId;
FRAME_Integer cipherSuite;
FRAME_Integer compressionMethod;
FRAME_Integer extensionLen;
FRAME_HsExtArray8 pointFormats;
FRAME_HsExtArray8 extendedMasterSecret;
FRAME_HsExtArray8 secRenego;
FRAME_HsExtArray8 sessionTicket;
FRAME_HsExtArray8 serverName;
FRAME_HsExtUint16 recordSizeLimit;
FRAME_HsExtArray8 alpn;
FRAME_HsExtUint16 supportedVersion;
FRAME_HsExtServerKeyShare keyShare;
FRAME_HsExtUint16 pskSelectedIdentity;
FRAME_HsExtArray8 tls13Cookie;
FRAME_HsExtArray8 encryptThenMac;
} FRAME_ServerHelloMsg;
typedef struct {
FRAME_Array8 extra;
} FRAME_ServerHelloDoneMsg;
typedef struct FrameCertItem_ {
FieldState state;
FRAME_Integer certLen;
FRAME_Array8 cert;
FRAME_Integer extensionLen;
FRAME_Array8 extension;
struct FrameCertItem_ *next;
} FrameCertItem;
typedef struct {
FRAME_Integer certsLen;
FrameCertItem *certItem;
FRAME_Array8 certificateReqCtx;
FRAME_Integer certificateReqCtxSize;
} FRAME_CertificateMsg;
typedef struct {
FRAME_Integer curveType;
FRAME_Integer namedcurve;
FRAME_Integer pubKeySize;
FRAME_Array8 pubKey;
FRAME_Integer signAlgorithm;
FRAME_Integer signSize;
FRAME_Array8 signData;
} FRAME_ServerEcdh;
typedef struct {
FRAME_Integer plen;
FRAME_Array8 p;
FRAME_Integer glen;
FRAME_Array8 g;
FRAME_Integer pubKeyLen;
FRAME_Array8 pubKey;
FRAME_Integer signAlgorithm;
FRAME_Integer signSize;
FRAME_Array8 signData;
} FRAME_ServerDh;
typedef struct {
union {
FRAME_ServerEcdh ecdh;
FRAME_ServerDh dh;
} keyEx;
} FRAME_ServerKeyExchangeMsg;
typedef struct {
FRAME_Integer pubKeySize;
FRAME_Array8 pubKey;
} FRAME_ClientKeyExchangeMsg;
typedef struct {
FieldState state;
FRAME_Integer certTypesSize;
FRAME_Array8 certTypes;
FRAME_Integer signatureAlgorithmsSize;
FRAME_Array16 signatureAlgorithms;
FRAME_Integer reserved;
FRAME_Integer distinguishedNamesSize;
FRAME_Array8 distinguishedNames;
FRAME_Array8 certificateReqCtx;
FRAME_Integer certificateReqCtxSize;
FRAME_Integer exMsgLen;
} FRAME_CertificateRequestMsg;
typedef struct {
FRAME_Integer signHashAlg;
FRAME_Integer signSize;
FRAME_Array8 sign;
} FRAME_CertificateVerifyMsg;
typedef struct {
FRAME_Integer ticketLifetime;
FRAME_Integer ticketAgeAdd;
FRAME_Integer ticketNonceSize;
FRAME_Array8 ticketNonce;
FRAME_Integer ticketSize;
FRAME_Array8 ticket;
FRAME_Integer extensionLen;
} FRAME_NewSessionTicketMsg;
typedef struct {
FRAME_Array8 verifyData;
} FRAME_FinishedMsg;
typedef struct {
FRAME_Integer type;
FRAME_Integer length;
*Does not increase for retransmission */
FRAME_Integer sequence;
FRAME_Integer fragmentOffset;
FRAME_Integer fragmentLength;
union {
FRAME_ClientHelloMsg clientHello;
FRAME_ServerHelloMsg serverHello;
FRAME_CertificateMsg certificate;
FRAME_ServerKeyExchangeMsg serverKeyExchange;
FRAME_CertificateRequestMsg certificateReq;
FRAME_ServerHelloDoneMsg serverHelloDone;
FRAME_ClientKeyExchangeMsg clientKeyExchange;
FRAME_CertificateVerifyMsg certificateVerify;
FRAME_NewSessionTicketMsg newSessionTicket;
FRAME_FinishedMsg finished;
} body;
} FRAME_HsMsg;
typedef struct {
uint8_t level;
uint8_t description;
FRAME_Integer alertLevel;
FRAME_Integer alertDescription;
FRAME_Array8 extra;
} FRAME_AlertMsg;
typedef struct {
uint8_t type;
FRAME_Integer ccsType;
FRAME_Array8 extra;
} FRAME_CcsMsg;
typedef struct {
char *buffer;
uint32_t len;
FRAME_Array8 appData;
} FRAME_AppMsg;
typedef struct {
uint8_t type;
uint8_t reverse;
uint16_t version;
uint16_t bodyLen;
BSL_UIO_TransportType transportType;
uint64_t epochSeq;
FRAME_Integer recType;
FRAME_Integer recVersion;
FRAME_Integer epoch;
This counter is used by DTLS */
FRAME_Integer sequence;
FRAME_Integer length;
union {
HS_Msg handshakeMsg;
FRAME_HsMsg hsMsg;
FRAME_AlertMsg alertMsg;
FRAME_CcsMsg ccsMsg;
FRAME_AppMsg appMsg;
} body;
uint8_t *buffer;
uint32_t len;
} FRAME_Msg;
* of this structure */
typedef struct {
uint16_t versionType;
REC_Type recordType;
HS_MsgType handshakeType;
HITLS_KeyExchAlgo keyExType;
BSL_UIO_TransportType transportType;
} FRAME_Type;
* @brief Generate a TLS record byte stream based on the specified parameter of frameType
* and the field content of the msg structure and save the stream to the buffer
* @param frameType [IN] Specified packing parameters
* @param msg [IN] Message structure
* @param buf [OUT] Returned handshake message
* @param bufLen [IN] Input buffer size
* @param usedLen [OUT] Returned message length
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_PackMsg(FRAME_Type *frameType, const FRAME_Msg *msg, uint8_t *buffer, uint32_t bufLen, uint32_t *usedLen);
* @brief Generate tls13 handshake message according to type
* @param type [IN] Specified packing parameters
* @param buf [OUT] Returned handshake message
* @param bufLen [IN] Input buffer size
* @param usedLen [OUT] Returned message length
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_GetTls13DisorderHsMsg(HS_MsgType type, uint8_t *buffer, uint32_t bufLen, uint32_t *usedLen);
* @brief Generate a TLS record body byte stream based on the specified parameter of frameType
* and the field content of the msg structure and save the byte stream to the buffer.
*
* @param frameType [IN] Specified packing parameters
* @param msg [IN] Message structure
* @param buffer [OUT] Returned handshake message
* @param bufLen [IN] Input buffer size
* @param usedLen [OUT] Returned message length
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_PackRecordBody(FRAME_Type *frameType, const FRAME_Msg *msg,
uint8_t *buffer, uint32_t bufLen, uint32_t *usedLen);
* @brief Parse the MSG structure based on the specified parameter of frameType and the TLS record byte stream.
* Only the record message header is parsed
*
* @param frameType [IN] Specified parsing parameter, mainly versionType
* @param buffer [IN] TLS record byte stream
* @param bufLen [IN] Input buffer size
* @param msg [OUT] Parsed Message structure
* @param parseLen [OUT] Length of the parsed message
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_ParseMsgHeader(FRAME_Type *frameType, const uint8_t *buffer, uint32_t bufLen,
FRAME_Msg *msg, uint32_t *parseLen);
* @brief parse TLS record header
*
* @param buffer [IN] TLS record byte stream
* @param bufferLen [IN] Input buffer size
* @param msg [OUT] Parsed Message structure
* @param headerLen [OUT] Length of the parsed message
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_ParseTLSRecordHeader(const uint8_t *buffer, uint32_t bufferLen,
FRAME_Msg *msg, uint32_t *parseLen);
* @brief Parse the body of the TLS non-handshake record
*
* @param buffer [IN] TLS record byte stream
* @param bufferLen [IN] Input buffer size
* @param msg [OUT] Parsed Message structure
* @param headerLen [OUT] Length of the parsed message
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_ParseTLSNonHsRecordBody(const uint8_t *buffer, uint32_t bufferLen,
FRAME_Msg *msg, uint32_t *parseLen);
* @brief Parse the TLS non-handshake record
*
* @param buffer [IN] TLS record byte stream
* @param bufferLen [IN] Input buffer size
* @param msg [OUT] Parsed Message structure
* @param headerLen [OUT] Length of the parsed message
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_ParseTLSNonHsRecord(const uint8_t *buffer, uint32_t bufferLen,
FRAME_Msg *msg, uint32_t *parseLen);
* @brief Parse the record of the handshake type
*
* @param buffer [IN] TLS record byte stream
* @param bufferLen [IN] Input buffer size
* @param msg [OUT] Parsed Message structure
* @param headerLen [OUT] Length of the parsed message
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_ParseHsRecord(FRAME_Type *frameType, const uint8_t *buffer, uint32_t bufferLen,
FRAME_Msg *msg, uint32_t *parseLen);
* @brief Parse the MSG structure based on the specified parameter of frameType and the TLS record byte stream.
* Only the record message body is parsed
*
* @attention Invoke the Frame_ParseMsgHeader interface to parse the message header
*
* @param frameType [IN] Specified parsing parameters, mainly versionType and keyExType
* @param buffer [IN] TLS record byte stream
* @param bufLen [IN] Input buffer size
* @param msg [OUT] Parsed Message structure
* @param parseLen [OUT] Length of the parsed message
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_ParseMsgBody(FRAME_Type *frameType, const uint8_t *buffer, uint32_t bufLen,
FRAME_Msg *msg, uint32_t *parseLen);
* @brief Parse the message into the msg structure based on the specified parameter of frameType and
* the TLS record byte stream
*
* @param frameType [IN] Specified parsing parameters, mainly versionType and keyExType
* @param buffer [IN] TLS record byte stream
* @param bufLen [IN] Input buffer size
* @param msg [OUT] Parsed Message structure
* @param parseLen [OUT] Length of the parsed message
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_ParseMsg(FRAME_Type *frameType, const uint8_t *buffer, uint32_t bufLen,
FRAME_Msg *msg, uint32_t *parseLen);
* @brief Clear the memory allocated during parsing
*
* @param frameType [IN] Specified parsing parameters, mainly versionType and keyExType
* @param msg [IN] Message structure
*/
void FRAME_CleanMsg(FRAME_Type *frameType, FRAME_Msg *msg);
* @brief Clear the memory allocated during parsing
*
* @param recType [IN] Specified record type
* @param msg [IN] Message structure
*/
void FRAME_CleanNonHsRecord(REC_Type recType, FRAME_Msg *msg);
* @brief Obtain a structure of a specified message type
*
* @attention This interface does not set the callback function. User need to set the callback interface first
* This interface obtains only the HANDSHAKE,Change_CIPHER_SPEC, and ALERT messages
* The existing framework does not support parsing of encrypted finished messages.
* Therefore, the finished messages cannot be obtained.
*
* @param frameType [IN] Specified message parameters
* @param msg [OUT] Returned Message structure
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_GetDefaultMsg(FRAME_Type *frameType, FRAME_Msg *msg);
* @brief Modify a message field
* This method is used to modify the contents of integer fields in a message, such as the message type,
* version number, and field length
*
* @param data [IN] Data content
* @param frameInteger [IN/OUT] IN original field; OUT New field
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_ModifyMsgInteger(const uint64_t data, FRAME_Integer *frameInteger);
* @brief Modify the message field content. User can increase or decrease the length of the message field and modify
* the field content.
* (This implementation performs deep copy of the data content.)
* This method is used to modify the content of the uint8_t array field in a message, such as the session ID,
* cookie, and signature data
*
* @param data [IN] Data content
* @param dataLen [IN] Number of data records
* @param frameArray [IN/OUT] IN original field; OUT New field
* @param frameArrayLen [IN/OUT] IN Original field length; Length of the new field in the OUT field. This parameter
* can be none
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_ModifyMsgArray8(const uint8_t *data, uint32_t dataLen,
FRAME_Array8 *frameArray, FRAME_Integer *frameArrayLen);
* @brief Retain the original handshake message field content and add a string of data data to the end of the data.
* (This implementation performs deep copy of the data content.)
* This method is used to modify the content of the uint8_t array field in a message, such as the session ID,
* cookie, and signature data.
*
* @param data [IN] Data content
* @param dataLen [IN] Number of data records
* @param frameArray [IN/OUT] IN original field; OUT New field
* @param frameArrayLen [IN/OUT] IN Original field length; Length of the new field in the OUT field. This parameter
* can be none
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_AppendMsgArray8(const uint8_t *data, uint32_t dataLen,
FRAME_Array8 *frameArray, FRAME_Integer *frameArrayLen);
* @brief Modify the message field content. User can increase or decrease the length of the message field and modify
* the field content.
* (This implementation performs deep copy of the data content.)
* This method is used to modify the uint16_t array field in a message, for example, cipher suite and support
* group extension
*
* @param data [IN] Data content
* @param dataLen [IN] Number of data records
* @param frameArray [IN/OUT] IN original field; OUT New field
* @param frameArrayLen [IN/OUT] IN Original field length; Length of the new field in the OUT field. This parameter
* can be none
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_ModifyMsgArray16(const uint16_t *data, uint32_t dataLen,
FRAME_Array16 *frameArray, FRAME_Integer *frameArrayLen);
* @brief Retain the original handshake message field content and add a string of data data to the end of the data.
* (This implementation performs deep copy of the data content.)
* This method is used to modify the uint16_t array field in a message, for example, the cipher suite and
* support group extension
*
* @param data [IN] Data content
* @param dataLen [IN] Number of data records
* @param frameArray [IN/OUT] IN original field; OUT New field
* @param frameArrayLen [IN/OUT] IN Original field length; Length of the new field in the OUT field. This parameter
* can be none
*
* @retval HITLS_SUCCESS
* @retval For other error codes, see hitls_error.h
*/
int32_t FRAME_AppendMsgArray16(const uint16_t *data, uint32_t dataLen,
FRAME_Array16 *frameArray, FRAME_Integer *frameArrayLen);
#ifdef __cplusplus
}
#endif
#endif