FreeRDP
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Modules Pages
tls.h
1
20#ifndef FREERDP_LIB_CRYPTO_TLS_H
21#define FREERDP_LIB_CRYPTO_TLS_H
22
23#include <winpr/crt.h>
24#include <winpr/sspi.h>
25
26#include <openssl/ssl.h>
27#include <openssl/err.h>
28
29#include <freerdp/api.h>
30#include <freerdp/types.h>
31#include <freerdp/crypto/certificate_store.h>
32
33#include <winpr/stream.h>
34
35#define TLS_ALERT_LEVEL_WARNING 1
36#define TLS_ALERT_LEVEL_FATAL 2
37
38#define TLS_ALERT_DESCRIPTION_CLOSE_NOTIFY 0
39#define TLS_ALERT_DESCRIPTION_UNEXPECTED_MESSAGE 10
40#define TLS_ALERT_DESCRIPTION_BAD_RECORD_MAC 20
41#define TLS_ALERT_DESCRIPTION_DECRYPTION_FAILED 21
42#define TLS_ALERT_DESCRIPTION_RECORD_OVERFLOW 22
43#define TLS_ALERT_DESCRIPTION_DECOMPRESSION_FAILURE 30
44#define TLS_ALERT_DESCRIPTION_HANSHAKE_FAILURE 40
45#define TLS_ALERT_DESCRIPTION_NO_CERTIFICATE 41
46#define TLS_ALERT_DESCRIPTION_BAD_CERTIFICATE 42
47#define TLS_ALERT_DESCRIPTION_UNSUPPORTED_CERTIFICATE 43
48#define TLS_ALERT_DESCRIPTION_CERTIFICATE_REVOKED 44
49#define TLS_ALERT_DESCRIPTION_CERTIFICATE_EXPIRED 45
50#define TLS_ALERT_DESCRIPTION_CERTIFICATE_UNKNOWN 46
51#define TLS_ALERT_DESCRIPTION_ILLEGAL_PARAMETER 47
52#define TLS_ALERT_DESCRIPTION_UNKNOWN_CA 48
53#define TLS_ALERT_DESCRIPTION_ACCESS_DENIED 49
54#define TLS_ALERT_DESCRIPTION_DECODE_ERROR 50
55#define TLS_ALERT_DESCRIPTION_DECRYPT_ERROR 51
56#define TLS_ALERT_DESCRIPTION_EXPORT_RESTRICTION 60
57#define TLS_ALERT_DESCRIPTION_PROTOCOL_VERSION 70
58#define TLS_ALERT_DESCRIPTION_INSUFFICIENT_SECURITY 71
59#define TLS_ALERT_DESCRIPTION_INTERNAL_ERROR 80
60#define TLS_ALERT_DESCRIPTION_USER_CANCELED 90
61#define TLS_ALERT_DESCRIPTION_NO_RENEGOTIATION 100
62#define TLS_ALERT_DESCRIPTION_UNSUPPORTED_EXTENSION 110
63
64typedef struct rdp_tls rdpTls;
65
66struct rdp_tls
67{
68 SSL* ssl;
69 BIO* bio;
70 void* tsg;
71 SSL_CTX* ctx;
72 BYTE* PublicKey;
73 DWORD PublicKeyLength;
74 rdpContext* context;
75 SecPkgContext_Bindings* Bindings;
76 rdpCertificateStore* certificate_store;
77 BIO* underlying;
78 const char* hostname;
79 const char* serverName;
80 int port;
81 int alertLevel;
82 int alertDescription;
83 BOOL isGatewayTransport;
84 BOOL isClientMode;
85};
86
88typedef enum
89{
90 TLS_HANDSHAKE_SUCCESS,
91 TLS_HANDSHAKE_CONTINUE,
92 TLS_HANDSHAKE_ERROR,
93 TLS_HANDSHAKE_VERIFY_ERROR
94} TlsHandshakeResult;
95
96#ifdef __cplusplus
97extern "C"
98{
99#endif
100
101 FREERDP_LOCAL const SSL_METHOD* freerdp_tls_get_ssl_method(BOOL isDtls, BOOL isClient);
102
103 FREERDP_LOCAL int freerdp_tls_connect(rdpTls* tls, BIO* underlying);
104
105 FREERDP_LOCAL TlsHandshakeResult freerdp_tls_connect_ex(rdpTls* tls, BIO* underlying,
106 const SSL_METHOD* methods);
107
108 FREERDP_LOCAL BOOL freerdp_tls_accept(rdpTls* tls, BIO* underlying, rdpSettings* settings);
109
110 FREERDP_LOCAL TlsHandshakeResult freerdp_tls_accept_ex(rdpTls* tls, BIO* underlying,
111 rdpSettings* settings,
112 const SSL_METHOD* methods);
113
114 FREERDP_LOCAL TlsHandshakeResult freerdp_tls_handshake(rdpTls* tls);
115
116 FREERDP_LOCAL BOOL freerdp_tls_send_alert(rdpTls* tls);
117
118 FREERDP_LOCAL int freerdp_tls_write_all(rdpTls* tls, const BYTE* data, size_t length);
119
120 FREERDP_LOCAL int freerdp_tls_set_alert_code(rdpTls* tls, int level, int description);
121
122 FREERDP_LOCAL void freerdp_tls_free(rdpTls* tls);
123
124 WINPR_ATTR_MALLOC(freerdp_tls_free, 1)
125 FREERDP_LOCAL rdpTls* freerdp_tls_new(rdpContext* context);
126
127#ifdef __cplusplus
128}
129#endif
130
131#endif /* FREERDP_LIB_CRYPTO_TLS_H */
SecPkgContext_Bindings
Definition include/winpr/sspi.h:552
rdp_tls
Definition tls.h:67