- Add lwkt_serialize_adaptive_enter(9), it is same as lwkt_serialize_enter(9)
[dfdiff.git] / contrib / wpa_supplicant-0.5.8 / tls_internal.c
bloba3858dd8a9c7613c4b3f3925704bd0585b34da6d
1 /*
2 * WPA Supplicant / TLS interface functions and an internal TLS implementation
3 * Copyright (c) 2004-2006, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
12 * See README and COPYING for more details.
14 * This file interface functions for hostapd/wpa_supplicant to use the
15 * integrated TLSv1 implementation.
18 #include "includes.h"
20 #include "common.h"
21 #include "tls.h"
22 #include "tlsv1_client.h"
25 static int tls_ref_count = 0;
27 struct tls_global {
28 int dummy;
31 struct tls_connection {
32 struct tlsv1_client *client;
36 void * tls_init(const struct tls_config *conf)
38 struct tls_global *global;
40 if (tls_ref_count == 0) {
41 if (tlsv1_client_global_init())
42 return NULL;
44 tls_ref_count++;
46 global = os_zalloc(sizeof(*global));
47 if (global == NULL)
48 return NULL;
50 return global;
53 void tls_deinit(void *ssl_ctx)
55 struct tls_global *global = ssl_ctx;
56 tls_ref_count--;
57 if (tls_ref_count == 0) {
58 tlsv1_client_global_deinit();
60 os_free(global);
64 int tls_get_errors(void *tls_ctx)
66 return 0;
70 struct tls_connection * tls_connection_init(void *tls_ctx)
72 struct tls_connection *conn;
74 conn = os_zalloc(sizeof(*conn));
75 if (conn == NULL)
76 return NULL;
78 conn->client = tlsv1_client_init();
79 if (conn->client == NULL) {
80 os_free(conn);
81 return NULL;
84 return conn;
88 void tls_connection_deinit(void *tls_ctx, struct tls_connection *conn)
90 if (conn == NULL)
91 return;
92 tlsv1_client_deinit(conn->client);
93 os_free(conn);
97 int tls_connection_established(void *tls_ctx, struct tls_connection *conn)
99 return tlsv1_client_established(conn->client);
103 int tls_connection_shutdown(void *tls_ctx, struct tls_connection *conn)
105 return tlsv1_client_shutdown(conn->client);
109 int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn,
110 const struct tls_connection_params *params)
112 if (tlsv1_client_set_ca_cert(conn->client, params->ca_cert,
113 params->ca_cert_blob,
114 params->ca_cert_blob_len,
115 params->ca_path)) {
116 wpa_printf(MSG_INFO, "TLS: Failed to configure trusted CA "
117 "certificates");
118 return -1;
121 if (tlsv1_client_set_client_cert(conn->client, params->client_cert,
122 params->client_cert_blob,
123 params->client_cert_blob_len)) {
124 wpa_printf(MSG_INFO, "TLS: Failed to configure client "
125 "certificate");
126 return -1;
129 if (tlsv1_client_set_private_key(conn->client,
130 params->private_key,
131 params->private_key_passwd,
132 params->private_key_blob,
133 params->private_key_blob_len)) {
134 wpa_printf(MSG_INFO, "TLS: Failed to load private key");
135 return -1;
138 return 0;
142 int tls_global_set_params(void *tls_ctx,
143 const struct tls_connection_params *params)
145 wpa_printf(MSG_INFO, "TLS: not implemented - %s", __func__);
146 return -1;
150 int tls_global_set_verify(void *tls_ctx, int check_crl)
152 wpa_printf(MSG_INFO, "TLS: not implemented - %s", __func__);
153 return -1;
157 int tls_connection_set_verify(void *tls_ctx, struct tls_connection *conn,
158 int verify_peer)
160 return -1;
164 int tls_connection_set_ia(void *tls_ctx, struct tls_connection *conn,
165 int tls_ia)
167 return -1;
171 int tls_connection_get_keys(void *tls_ctx, struct tls_connection *conn,
172 struct tls_keys *keys)
174 return tlsv1_client_get_keys(conn->client, keys);
178 int tls_connection_prf(void *tls_ctx, struct tls_connection *conn,
179 const char *label, int server_random_first,
180 u8 *out, size_t out_len)
182 return tlsv1_client_prf(conn->client, label, server_random_first,
183 out, out_len);
187 u8 * tls_connection_handshake(void *tls_ctx, struct tls_connection *conn,
188 const u8 *in_data, size_t in_len,
189 size_t *out_len, u8 **appl_data,
190 size_t *appl_data_len)
192 if (appl_data)
193 *appl_data = NULL;
195 wpa_printf(MSG_DEBUG, "TLS: %s(in_data=%p in_len=%lu)",
196 __func__, in_data, (unsigned long) in_len);
197 return tlsv1_client_handshake(conn->client, in_data, in_len, out_len);
201 u8 * tls_connection_server_handshake(void *tls_ctx,
202 struct tls_connection *conn,
203 const u8 *in_data, size_t in_len,
204 size_t *out_len)
206 wpa_printf(MSG_INFO, "TLS: not implemented - %s", __func__);
207 return NULL;
211 int tls_connection_encrypt(void *tls_ctx, struct tls_connection *conn,
212 const u8 *in_data, size_t in_len,
213 u8 *out_data, size_t out_len)
215 return tlsv1_client_encrypt(conn->client, in_data, in_len, out_data,
216 out_len);
220 int tls_connection_decrypt(void *tls_ctx, struct tls_connection *conn,
221 const u8 *in_data, size_t in_len,
222 u8 *out_data, size_t out_len)
224 return tlsv1_client_decrypt(conn->client, in_data, in_len, out_data,
225 out_len);
229 int tls_connection_resumed(void *tls_ctx, struct tls_connection *conn)
231 return tlsv1_client_resumed(conn->client);
235 int tls_connection_set_master_key(void *tls_ctx, struct tls_connection *conn,
236 const u8 *key, size_t key_len)
238 return tlsv1_client_set_master_key(conn->client, key, key_len);
242 int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn,
243 u8 *ciphers)
245 return tlsv1_client_set_cipher_list(conn->client, ciphers);
249 int tls_get_cipher(void *tls_ctx, struct tls_connection *conn,
250 char *buf, size_t buflen)
252 if (conn == NULL)
253 return -1;
254 return tlsv1_client_get_cipher(conn->client, buf, buflen);
258 int tls_connection_enable_workaround(void *tls_ctx,
259 struct tls_connection *conn)
261 return -1;
265 int tls_connection_client_hello_ext(void *tls_ctx, struct tls_connection *conn,
266 int ext_type, const u8 *data,
267 size_t data_len)
269 return tlsv1_client_hello_ext(conn->client, ext_type, data, data_len);
273 int tls_connection_get_failed(void *tls_ctx, struct tls_connection *conn)
275 return 0;
279 int tls_connection_get_read_alerts(void *tls_ctx, struct tls_connection *conn)
281 return 0;
285 int tls_connection_get_write_alerts(void *tls_ctx,
286 struct tls_connection *conn)
288 return 0;
292 int tls_connection_get_keyblock_size(void *tls_ctx,
293 struct tls_connection *conn)
295 return tlsv1_client_get_keyblock_size(conn->client);
299 unsigned int tls_capabilities(void *tls_ctx)
301 return 0;
305 int tls_connection_ia_send_phase_finished(void *tls_ctx,
306 struct tls_connection *conn,
307 int final,
308 u8 *out_data, size_t out_len)
310 return -1;
314 int tls_connection_ia_final_phase_finished(void *tls_ctx,
315 struct tls_connection *conn)
317 return -1;
321 int tls_connection_ia_permute_inner_secret(void *tls_ctx,
322 struct tls_connection *conn,
323 const u8 *key, size_t key_len)
325 return -1;