hs_kx.h

/*
 * This file is part of the openHiTLS project.
 *
 * openHiTLS is licensed under the Mulan PSL v2.
 * You can use this software according to the terms and conditions of the Mulan PSL v2.
 * You may obtain a copy of Mulan PSL v2 at:
 *
 *     http://license.coscl.org.cn/MulanPSL2
 *
 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
 * See the Mulan PSL v2 for more details.
 */
 
#ifndef HS_KX_H
#define HS_KX_H
 
#include <stdint.h>
#include "hs_ctx.h"
#include "hs_msg.h"
 
#ifdef __cplusplus
extern "C" {
#endif
 
#define MASTER_SECRET_LABEL "CLIENT_RANDOM"
#define CLIENT_EARLY_LABEL "CLIENT_EARLY_TRAFFIC_SECRET"
#define CLIENT_HANDSHAKE_LABEL "CLIENT_HANDSHAKE_TRAFFIC_SECRET"
#define SERVER_HANDSHAKE_LABEL "SERVER_HANDSHAKE_TRAFFIC_SECRET"
#define CLIENT_APPLICATION_LABEL "CLIENT_TRAFFIC_SECRET_0"
#define SERVER_APPLICATION_LABEL "SERVER_TRAFFIC_SECRET_0"
#define EARLY_EXPORTER_SECRET_LABEL "EARLY_EXPORTER_SECRET"
#define EXPORTER_SECRET_LABEL "EXPORTER_SECRET"
 
/* The maximum premaster secret calculated by using the PSK may be:
 * |uint16_t|HITLS_MAX_OTHER_SECRET_SIZE|uint16_t|HS_PSK_MAX_LEN| */
#ifndef HITLS_MAX_OTHER_SECRET_SIZE
#define HITLS_MAX_OTHER_SECRET_SIZE 1536
#endif
#define MAX_PRE_MASTER_SECRET_SIZE (sizeof(uint16_t) + HITLS_MAX_OTHER_SECRET_SIZE + sizeof(uint16_t) + \
    HS_PSK_MAX_LEN)
#define MAX_SHA1_SIZE 20
#define MAX_MD5_SIZE 16

KeyExchCtx *HS_KeyExchCtxNew(void);

void HS_KeyExchCtxFree(KeyExchCtx *keyExchCtx);

int32_t HS_ProcessServerKxMsgEcdhe(TLS_Ctx *ctx, const ServerKeyExchangeMsg *serverKxMsg);

int32_t HS_ProcessClientKxMsgEcdhe(TLS_Ctx *ctx, const ClientKeyExchangeMsg *clientKxMsg);

int32_t HS_ProcessServerKxMsgDhe(TLS_Ctx *ctx, const ServerKeyExchangeMsg *serverKxMsg);

int32_t HS_ProcessClientKxMsgDhe(TLS_Ctx *ctx, const ClientKeyExchangeMsg *clientKxMsg);
 
int32_t HS_ProcessClientKxMsgRsa(TLS_Ctx *ctx, const ClientKeyExchangeMsg *clientKxMsg);
 
int32_t HS_ProcessClientKxMsgSm2(TLS_Ctx *ctx, const ClientKeyExchangeMsg *clientKxMsg);

int32_t HS_GenerateMasterSecret(TLS_Ctx *ctx);

int32_t HS_ProcessServerKxMsgIdentityHint(TLS_Ctx *ctx, const ServerKeyExchangeMsg *serverKxMsg);

int32_t HS_TLS13DeriveSecret(CRYPT_KeyDeriveParameters *deriveInfo, bool isHashed, uint8_t *outSecret, uint32_t outLen);
 
int32_t HS_TLS13DeriveBinderKey(HITLS_Lib_Ctx *libCtx, const char *attrName,
    HITLS_HashAlgo hashAlgo, bool isExternalPsk, uint8_t *earlySecret, uint32_t secretLen,
    uint8_t *binderKey, uint32_t keyLen);

int32_t HS_TLS13DeriveEarlySecret(HITLS_Lib_Ctx *libCtx, const char *attrName,
    HITLS_HashAlgo hashAlgo, uint8_t *psk, uint32_t pskLen, uint8_t *earlySecret, uint32_t *outLen);

int32_t HS_TLS13DeriveNextStageSecret(HITLS_Lib_Ctx *libCtx, const char *attrName,
    HITLS_HashAlgo hashAlgo, uint8_t *inSecret, uint32_t inLen, uint8_t *givenSecret,
    uint32_t givenLen, uint8_t *outSecret, uint32_t *outLen);

int32_t HS_TLS13DeriveFinishedKey(HITLS_Lib_Ctx *libCtx, const char *attrName,
    HITLS_HashAlgo hashAlgo, uint8_t *baseKey, uint32_t baseKeyLen, uint8_t *finishedkey, uint32_t finishedkeyLen);

int32_t HS_SwitchTrafficKey(TLS_Ctx *ctx, uint8_t *secret, uint32_t secretLen, bool isOut);

int32_t HS_SetInitPendingStateParam(const TLS_Ctx *ctx, bool isClient, REC_SecParameters *keyPara);

int32_t HS_TLS13CalcServerHelloProcessSecret(TLS_Ctx *ctx);

int32_t HS_TLS13CalcServerFinishProcessSecret(TLS_Ctx *ctx);

int32_t HS_TLS13UpdateTrafficSecret(TLS_Ctx *ctx, bool isOut);

int32_t HS_TLS13DeriveResumptionMasterSecret(TLS_Ctx *ctx);

int32_t HS_TLS13DeriveResumePsk(
    TLS_Ctx *ctx, const uint8_t *ticketNonce, uint32_t ticketNonceSize, uint8_t *resumePsk, uint32_t resumePskLen);
 
int32_t HS_TLS13DeriveHandshakeTrafficSecret(TLS_Ctx *ctx);
 
#ifdef __cplusplus
}
#endif
 
#endif