FreeRDP
tls.h
1 
20 #ifndef FREERDP_LIB_CRYPTO_TLS_H
21 #define FREERDP_LIB_CRYPTO_TLS_H
22 
23 #include <winpr/crt.h>
24 #include <winpr/sspi.h>
25 
26 #include <openssl/ssl.h>
27 #include <openssl/err.h>
28 
29 #include <freerdp/api.h>
30 #include <freerdp/types.h>
31 #include <freerdp/crypto/certificate_store.h>
32 
33 #include <winpr/stream.h>
34 
35 #define TLS_ALERT_LEVEL_WARNING 1
36 #define TLS_ALERT_LEVEL_FATAL 2
37 
38 #define TLS_ALERT_DESCRIPTION_CLOSE_NOTIFY 0
39 #define TLS_ALERT_DESCRIPTION_UNEXPECTED_MESSAGE 10
40 #define TLS_ALERT_DESCRIPTION_BAD_RECORD_MAC 20
41 #define TLS_ALERT_DESCRIPTION_DECRYPTION_FAILED 21
42 #define TLS_ALERT_DESCRIPTION_RECORD_OVERFLOW 22
43 #define TLS_ALERT_DESCRIPTION_DECOMPRESSION_FAILURE 30
44 #define TLS_ALERT_DESCRIPTION_HANSHAKE_FAILURE 40
45 #define TLS_ALERT_DESCRIPTION_NO_CERTIFICATE 41
46 #define TLS_ALERT_DESCRIPTION_BAD_CERTIFICATE 42
47 #define TLS_ALERT_DESCRIPTION_UNSUPPORTED_CERTIFICATE 43
48 #define TLS_ALERT_DESCRIPTION_CERTIFICATE_REVOKED 44
49 #define TLS_ALERT_DESCRIPTION_CERTIFICATE_EXPIRED 45
50 #define TLS_ALERT_DESCRIPTION_CERTIFICATE_UNKNOWN 46
51 #define TLS_ALERT_DESCRIPTION_ILLEGAL_PARAMETER 47
52 #define TLS_ALERT_DESCRIPTION_UNKNOWN_CA 48
53 #define TLS_ALERT_DESCRIPTION_ACCESS_DENIED 49
54 #define TLS_ALERT_DESCRIPTION_DECODE_ERROR 50
55 #define TLS_ALERT_DESCRIPTION_DECRYPT_ERROR 51
56 #define TLS_ALERT_DESCRIPTION_EXPORT_RESTRICTION 60
57 #define TLS_ALERT_DESCRIPTION_PROTOCOL_VERSION 70
58 #define TLS_ALERT_DESCRIPTION_INSUFFICIENT_SECURITY 71
59 #define TLS_ALERT_DESCRIPTION_INTERNAL_ERROR 80
60 #define TLS_ALERT_DESCRIPTION_USER_CANCELED 90
61 #define TLS_ALERT_DESCRIPTION_NO_RENEGOTIATION 100
62 #define TLS_ALERT_DESCRIPTION_UNSUPPORTED_EXTENSION 110
63 
64 typedef struct rdp_tls rdpTls;
65 
66 struct rdp_tls
67 {
68  SSL* ssl;
69  BIO* bio;
70  void* tsg;
71  SSL_CTX* ctx;
72  BYTE* PublicKey;
73  DWORD PublicKeyLength;
74  rdpContext* context;
75  SecPkgContext_Bindings* Bindings;
76  rdpCertificateStore* certificate_store;
77  BIO* underlying;
78  const char* hostname;
79  const char* serverName;
80  int port;
81  int alertLevel;
82  int alertDescription;
83  BOOL isGatewayTransport;
84  BOOL isClientMode;
85 };
86 
88 typedef enum
89 {
90  TLS_HANDSHAKE_SUCCESS,
91  TLS_HANDSHAKE_CONTINUE,
92  TLS_HANDSHAKE_ERROR,
93  TLS_HANDSHAKE_VERIFY_ERROR
94 } TlsHandshakeResult;
95 
96 #ifdef __cplusplus
97 extern "C"
98 {
99 #endif
100 
101  FREERDP_LOCAL const SSL_METHOD* freerdp_tls_get_ssl_method(BOOL isDtls, BOOL isClient);
102 
103  FREERDP_LOCAL int freerdp_tls_connect(rdpTls* tls, BIO* underlying);
104 
105  FREERDP_LOCAL TlsHandshakeResult freerdp_tls_connect_ex(rdpTls* tls, BIO* underlying,
106  const SSL_METHOD* methods);
107 
108  FREERDP_LOCAL BOOL freerdp_tls_accept(rdpTls* tls, BIO* underlying, rdpSettings* settings);
109 
110  FREERDP_LOCAL TlsHandshakeResult freerdp_tls_accept_ex(rdpTls* tls, BIO* underlying,
111  rdpSettings* settings,
112  const SSL_METHOD* methods);
113 
114  FREERDP_LOCAL TlsHandshakeResult freerdp_tls_handshake(rdpTls* tls);
115 
116  FREERDP_LOCAL BOOL freerdp_tls_send_alert(rdpTls* tls);
117 
118  FREERDP_LOCAL int freerdp_tls_write_all(rdpTls* tls, const BYTE* data, size_t length);
119 
120  FREERDP_LOCAL int freerdp_tls_set_alert_code(rdpTls* tls, int level, int description);
121 
122  FREERDP_LOCAL void freerdp_tls_free(rdpTls* tls);
123 
124  WINPR_ATTR_MALLOC(freerdp_tls_free, 1)
125  FREERDP_LOCAL rdpTls* freerdp_tls_new(rdpContext* context);
126 
127 #ifdef __cplusplus
128 }
129 #endif
130 
131 #endif /* FREERDP_LIB_CRYPTO_TLS_H */
SecPkgContext_Bindings
Definition: include/winpr/sspi.h:551
rdp_tls
Definition: tls.h:67