Star1111
683
代码
代码
Issues55
Pull Requests94
流水线
讨论
Wiki
分析
Star1111
683
kcxmkcxmbugfix:
d775410e创建于 2025年1月17日历史提交
/*
 * This file is part of the openHiTLS project.
 *
 * openHiTLS is licensed under the Mulan PSL v2.
 * You can use this software according to the terms and conditions of the Mulan PSL v2.
 * You may obtain a copy of Mulan PSL v2 at:
 *
 *     http://license.coscl.org.cn/MulanPSL2
 *
 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
 * See the Mulan PSL v2 for more details.
 */

#ifndef HS_EXTERNSIONS_H
#define HS_EXTERNSIONS_H

#include <stdint.h>

#ifdef __cplusplus
extern "C" {
#endif

#define HS_EX_HEADER_LEN 4u

/* Handshake Extension message type */
#define HS_EX_TYPE_SERVER_NAME 0u
#define HS_EX_TYPE_MAX_FRAGMENT_LENGTH 1u
#define HS_EX_TYPE_TRUSTED_CA_KEYS 3u
#define HS_EX_TYPE_STATUS_REQUEST 5u
#define HS_EX_TYPE_SUPPORTED_GROUPS 10u
#define HS_EX_TYPE_POINT_FORMATS 11u
#define HS_EX_TYPE_SIGNATURE_ALGORITHMS 13u
#define HS_EX_TYPE_USE_SRTP 14u
#define HS_EX_TYPE_APP_LAYER_PROTOCOLS 16u
#define HS_EX_TYPE_STATUS_REQUEST_V2 17u
#define HS_EX_TYPE_SIGNED_CERTIFICATE_TIMESTAMP 18u
#define HS_EX_TYPE_PADDING 21u
#define HS_EX_TYPE_ENCRYPT_THEN_MAC 22u
#define HS_EX_TYPE_EXTENDED_MASTER_SECRET 23u
#define HS_EX_TYPE_RECORD_SIZE_LIMIT 28u
#define HS_EX_TYPE_SESSION_TICKET 35u
#define HS_EX_TYPE_PRE_SHARED_KEY 41u
#define HS_EX_TYPE_EARLY_DATA 42u
#define HS_EX_TYPE_SUPPORTED_VERSIONS 43u
#define HS_EX_TYPE_COOKIE 44u
#define HS_EX_TYPE_PSK_KEY_EXCHANGE_MODES 45u
#define HS_EX_TYPE_CERTIFICATE_AUTHORITIES 47u
#define HS_EX_TYPE_POST_HS_AUTH 49u
#define HS_EX_TYPE_SIGNATURE_ALGORITHMS_CERT 50u
#define HS_EX_TYPE_KEY_SHARE 51u
#define HS_EX_TYPE_RENEGOTIATION_INFO 0xFF01u
#define HS_EX_TYPE_END 0xFFFFu

#define HS_EX_TYPE_ID_UNRECOGNIZED 0
#define HS_EX_TYPE_ID_SERVER_NAME 1
#define HS_EX_TYPE_ID_MAX_FRAGMENT_LENGTH 2
#define HS_EX_TYPE_ID_TRUSTED_CA_KEYS 3
#define HS_EX_TYPE_ID_STATUS_REQUEST 4
#define HS_EX_TYPE_ID_SUPPORTED_GROUPS 5
#define HS_EX_TYPE_ID_POINT_FORMATS 6
#define HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS 7
#define HS_EX_TYPE_ID_USE_SRTP 8
#define HS_EX_TYPE_ID_APP_LAYER_PROTOCOLS 9
#define HS_EX_TYPE_ID_STATUS_REQUEST_V2 10
#define HS_EX_TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP 11
#define HS_EX_TYPE_ID_PADDING 12
#define HS_EX_TYPE_ID_ENCRYPT_THEN_MAC 13
#define HS_EX_TYPE_ID_EXTENDED_MASTER_SECRET 14
#define HS_EX_TYPE_ID_RECORD_SIZE_LIMIT 15
#define HS_EX_TYPE_ID_SESSION_TICKET 16
#define HS_EX_TYPE_ID_PRE_SHARED_KEY 17
#define HS_EX_TYPE_ID_EARLY_DATA 18
#define HS_EX_TYPE_ID_SUPPORTED_VERSIONS 19
#define HS_EX_TYPE_ID_COOKIE 20
#define HS_EX_TYPE_ID_PSK_KEY_EXCHANGE_MODES 21
#define HS_EX_TYPE_ID_CERTIFICATE_AUTHORITIES 22
#define HS_EX_TYPE_ID_OID_FILTERS 23
#define HS_EX_TYPE_ID_POST_HS_AUTH 24
#define HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS_CERT 25
#define HS_EX_TYPE_ID_KEY_SHARE 26
#define HS_EX_TYPE_ID_RENEGOTIATION_INFO 27

#define HS_EX_TYPE_MASK(id)       (1ULL << (id))

#define HS_EX_TYPE_TLS_ALLOWED_OF_CLIENT_HELLO                                                                    \
    (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SERVER_NAME) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_MAX_FRAGMENT_LENGTH) |            \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_GROUPS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SESSION_TICKET) |         \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_STATUS_REQUEST) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_APP_LAYER_PROTOCOLS) |      \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_USE_SRTP) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_ENCRYPT_THEN_MAC) |               \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP) |                                             \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_EXTENDED_MASTER_SECRET) |                                                   \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS_CERT) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_POST_HS_AUTH) |  \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_VERSIONS) | \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_PSK_KEY_EXCHANGE_MODES) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_KEY_SHARE) |        \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_EARLY_DATA) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_CERTIFICATE_AUTHORITIES) |      \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_PADDING) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_PRE_SHARED_KEY) |                  \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_RECORD_SIZE_LIMIT) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_RENEGOTIATION_INFO) |    \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_POINT_FORMATS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_COOKIE) |                    \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_UNRECOGNIZED))

#define HS_EX_TYPE_TLS1_3_ALLOWED_OF_ENCRYPTED_EXTENSIONS                                                      \
    (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SERVER_NAME) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_MAX_FRAGMENT_LENGTH) |         \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_GROUPS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_APP_LAYER_PROTOCOLS) | \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_USE_SRTP) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_EARLY_DATA) |                  \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_RECORD_SIZE_LIMIT))

#define HS_EX_TYPE_TLS1_3_ALLOWED_OF_HELLO_RETRY_REQUEST                                            \
    (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_VERSIONS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_KEY_SHARE) | \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_COOKIE))

#define HS_EX_TYPE_TLS1_3_ALLOWED_OF_SERVER_HELLO                                                             \
    (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_VERSIONS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_KEY_SHARE) |           \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_PRE_SHARED_KEY))

#define HS_EX_TYPE_TLS1_3_ALLOWED_OF_CERTIFICATE_REQUEST                                                           \
    (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_STATUS_REQUEST) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP) | \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS_CERT) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_OID_FILTERS) |    \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_CERTIFICATE_AUTHORITIES) | \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_UNRECOGNIZED))

#define HS_EX_TYPE_TLS1_3_ALLOWED_OF_CERTIFICATE (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_STATUS_REQUEST) |                    \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP))

#define HS_EX_TYPE_TLS1_2_ALLOWED_OF_SERVER_HELLO                                                                    \
    (HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SERVER_NAME) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_MAX_FRAGMENT_LENGTH) |               \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SUPPORTED_GROUPS) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_APP_LAYER_PROTOCOLS) |       \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_STATUS_REQUEST) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SESSION_TICKET) |              \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_USE_SRTP) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_ENCRYPT_THEN_MAC) |                  \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_POINT_FORMATS) | \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_EXTENDED_MASTER_SECRET) | HS_EX_TYPE_MASK(HS_EX_TYPE_ID_RECORD_SIZE_LIMIT) |   \
        HS_EX_TYPE_MASK(HS_EX_TYPE_ID_RENEGOTIATION_INFO))

#ifdef __cplusplus
}
#endif /* end __cplusplus */

#endif /* end HS_EXTERNSIONS_H */