src/core/sipe-tls.h

   1 /**
   2  * @file sipe-tls.h
   3  *
   4  * pidgin-sipe
   5  *
   6  * Copyright (C) 2011-12 SIPE Project <http://sipe.sourceforge.net/>
   7  *
   8  *
   9  * This program is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  * GNU General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU General Public License
  20  * along with this program; if not, write to the Free Software
  21  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  22  */
  23
  24 /*
  25  * Interface dependencies:
  26  *
  27  * <glib.h>
  28  */
  29
  30 /**
  31  * Random bytes buffer
  32  */
  33 struct sipe_tls_random {
  34   guchar *buffer;
  35   guint length;   /* in bytes */
  36 };
  37
  38 /**
  39  * Allocate a buffer with N random bits
  40  *
  41  * @param random pointer to random bytes buffer
  42  * @param bits   number of random bits (will be rounded up be dividable by 16)
  43  */
  44 void sipe_tls_fill_random(struct sipe_tls_random *random,
  45                           guint bits);
  46
  47 /**
  48  * Free a random bytes buffer
  49  *
  50  * @param random pointer to random bytes buffer
  51  */
  52 void sipe_tls_free_random(struct sipe_tls_random *random);
  53
  54
  55 /**
  56  * Public part of TLS state tracking
  57  *
  58  * If @c session_key != @c NULL then handshake is complete
  59  */
  60 enum sipe_tls_digest_algorithm {
  61   SIPE_TLS_DIGEST_ALGORITHM_NONE,
  62   SIPE_TLS_DIGEST_ALGORITHM_MD5,
  63   SIPE_TLS_DIGEST_ALGORITHM_SHA1
  64 };
  65 struct sipe_tls_state {
  66   const guchar *in_buffer;
  67   guchar *out_buffer;
  68   gsize in_length;
  69   gsize out_length;
  70   enum sipe_tls_digest_algorithm algorithm;
  71   const guchar *client_key;
  72   const guchar *server_key;
  73   gsize key_length;
  74 };
  75
  76 /**
  77  * TLS data expansion function P_SHA1(secret, seed)
  78  *
  79  * @param secret        pointer to binary secret
  80  * @param secret_length length of secret
  81  * @param seed          pointer to binary seed
  82  * @param seed_length   length of seed
  83  * @param output_length how much data to generate
  84  *
  85  * @return generated data. Must be g_free()'d
  86  */
  87 guchar *sipe_tls_p_sha1(const guchar *secret,
  88                         gsize secret_length,
  89                         const guchar *seed,
  90                         gsize seed_length,
  91                         gsize output_length);
  92
  93 /**
  94  * Initialize TLS state
  95  *
  96  * @param certificate opaque pointer to the user certificate
  97  *
  98  * @return TLS state structure
  99  */
 100 struct sipe_tls_state *sipe_tls_start(gpointer certificate);
 101
 102 /**
 103  * Proceed to next TLS state
 104  *
 105  * @param state     pointer to TLS state structure
 106  * @param incoming  pointer to incoming message (NULL for initial transition)
 107  * @param in_length length of incoming message
 108  *
 109  * @return TLS state structure
 110  */
 111 gboolean sipe_tls_next(struct sipe_tls_state *state);
 112
 113 /**
 114  * Extract expiration time from TLS certificate
 115  *
 116  * @param state     pointer to TLS state structure
 117  *
 118  * @return expiration time in seconds
 119  */
 120 guint sipe_tls_expires(struct sipe_tls_state *state);
 121
 122 /**
 123  * Free TLS state
 124  *
 125  * @param state pointer to TLS state structure
 126  */
 127 void sipe_tls_free(struct sipe_tls_state *state);