--- embedaddon/strongswan/src/libtls/tls.h	2020/06/03 09:46:45	1.1
+++ embedaddon/strongswan/src/libtls/tls.h	2021/03/17 00:20:09	1.1.1.2
@@ -1,4 +1,8 @@
 /*
+ * Copyright (C) 2021 Tobias Brunner
+ * Copyright (C) 2020-2021 Pascal Knecht
+ * HSR Hochschule fuer Technik Rapperswil
+ *
  * Copyright (C) 2010 Martin Willi
  * Copyright (C) 2010 revosec AG
  *
@@ -36,6 +40,7 @@ typedef enum tls_version_t tls_version_t;
 typedef enum tls_content_type_t tls_content_type_t;
 typedef enum tls_handshake_type_t tls_handshake_type_t;
 typedef enum tls_purpose_t tls_purpose_t;
+typedef enum tls_flag_t tls_flag_t;
 typedef struct tls_t tls_t;
 
 #include <library.h>
@@ -47,11 +52,15 @@ typedef struct tls_t tls_t;
  * TLS/SSL version numbers
  */
 enum tls_version_t {
+	TLS_UNSPEC = 0,
 	SSL_2_0 = 0x0200,
 	SSL_3_0 = 0x0300,
 	TLS_1_0 = 0x0301,
+	TLS_SUPPORTED_MIN = TLS_1_0,
 	TLS_1_1 = 0x0302,
 	TLS_1_2 = 0x0303,
+	TLS_1_3 = 0x0304,
+	TLS_SUPPORTED_MAX = TLS_1_3,
 };
 
 /**
@@ -60,6 +69,11 @@ enum tls_version_t {
 extern enum_name_t *tls_version_names;
 
 /**
+ * Simple, numeric enum names for tls_version_t (only supported versions)
+ */
+extern enum_name_t *tls_numeric_version_names;
+
+/**
  * TLS higher level content type
  */
 enum tls_content_type_t {
@@ -81,6 +95,11 @@ enum tls_handshake_type_t {
 	TLS_HELLO_REQUEST = 0,
 	TLS_CLIENT_HELLO = 1,
 	TLS_SERVER_HELLO = 2,
+	TLS_HELLO_VERIFY_REQUEST = 3,
+	TLS_NEW_SESSION_TICKET = 4,
+	TLS_END_OF_EARLY_DATA = 5,
+	TLS_HELLO_RETRY_REQUEST = 6,
+	TLS_ENCRYPTED_EXTENSIONS = 8,
 	TLS_CERTIFICATE = 11,
 	TLS_SERVER_KEY_EXCHANGE = 12,
 	TLS_CERTIFICATE_REQUEST = 13,
@@ -88,6 +107,11 @@ enum tls_handshake_type_t {
 	TLS_CERTIFICATE_VERIFY = 15,
 	TLS_CLIENT_KEY_EXCHANGE = 16,
 	TLS_FINISHED = 20,
+	TLS_CERTIFICATE_URL = 21,
+	TLS_CERTIFICATE_STATUS = 22,
+	TLS_SUPPLEMENTAL_DATA = 23,
+	TLS_KEY_UPDATE = 24,
+	TLS_MESSAGE_HASH = 254,
 };
 
 /**
@@ -107,14 +131,12 @@ enum tls_purpose_t {
 	TLS_PURPOSE_EAP_PEAP,
 	/** non-EAP TLS */
 	TLS_PURPOSE_GENERIC,
-	/** non-EAP TLS accepting NULL encryption */
-	TLS_PURPOSE_GENERIC_NULLOK,
 	/** EAP binding for TNC */
 	TLS_PURPOSE_EAP_TNC
 };
 
 /**
- * TLS Hello extension types.
+ * TLS Handshake extension types.
  */
 enum tls_extension_t {
 	/** Server name the client wants to talk to */
@@ -129,12 +151,48 @@ enum tls_extension_t {
 	TLS_EXT_TRUNCATED_HMAC = 4,
 	/** list of OCSP responders the client trusts */
 	TLS_EXT_STATUS_REQUEST = 5,
-	/** list of supported elliptic curves */
-	TLS_EXT_ELLIPTIC_CURVES = 10,
+	/** list of supported groups, in legacy tls: elliptic curves */
+	TLS_EXT_SUPPORTED_GROUPS = 10,
 	/** supported point formats */
 	TLS_EXT_EC_POINT_FORMATS = 11,
 	/** list supported signature algorithms */
 	TLS_EXT_SIGNATURE_ALGORITHMS = 13,
+	/** indicate usage of Datagram Transport Layer Security (DTLS) */
+	TLS_EXT_USE_SRTP = 14,
+	/** indicate usage of heartbeat */
+	TLS_EXT_HEARTBEAT = 15,
+	/** indicate usage of application-layer protocol negotiation */
+	TLS_EXT_APPLICATION_LAYER_PROTOCOL_NEGOTIATION = 16,
+	/** exchange raw public key, client side*/
+	TLS_CLIENT_CERTIFICATE_TYPE = 19,
+	/** exchange raw public key, server side*/
+	TLS_SERVER_CERTIFICATE_TYPE = 20,
+	/** use encrypt-then-MAC security mechanism RFC 7366 */
+	TLS_EXT_ENCRYPT_THEN_MAC = 22,
+	/** bind master secret to handshake data RFC 7627 */
+	TLS_EXT_EXTENDED_MASTER_SECRET = 23,
+	/** session resumption without server-side state RFC 5077 */
+	TLS_EXT_SESSION_TICKET = 35,
+	/** negotiate identity of the psk **/
+	TLS_EXT_PRE_SHARED_KEY = 41,
+	/** send data in 0-RTT when psk is used and early data is allowed **/
+	TLS_EXT_EARLY_DATA = 42,
+	/** negotiate supported tls versions **/
+	TLS_EXT_SUPPORTED_VERSIONS = 43,
+	/** identify client **/
+	TLS_EXT_COOKIE = 44,
+	/** psk modes supported by the client **/
+	TLS_EXT_PSK_KEY_EXCHANGE_MODES = 45,
+	/** indicate supported ca's by endpoint **/
+	TLS_EXT_CERTIFICATE_AUTHORITIES = 47,
+	/** provide oid/value pairs to match client's certificate **/
+	TLS_EXT_OID_FILTERS = 48,
+	/** willing to perform post-handshake authentication **/
+	TLS_EXT_POST_HANDSHAKE_AUTH = 49,
+	/** list supported signature algorithms to verify certificates **/
+	TLS_EXT_SIGNATURE_ALGORITHMS_CERT = 50,
+	/** list endpoint's cryptographic parameters **/
+	TLS_EXT_KEY_SHARE = 51,
 	/** cryptographic binding for RFC 5746 renegotiation indication */
 	TLS_EXT_RENEGOTIATION_INFO = 65281,
 };
@@ -144,11 +202,33 @@ enum tls_name_type_t {
 };
 
 /**
+ * Flags that control the behavior of the stack
+ */
+enum tls_flag_t {
+	/** set if cipher suites with null encryption are acceptable */
+	TLS_FLAG_ENCRYPTION_OPTIONAL = 1,
+	/** set if client authentication is optional even if cert req sent */
+	TLS_FLAG_CLIENT_AUTH_OPTIONAL = 2,
+};
+
+/**
  * Enum names for tls_extension_t
  */
 extern enum_name_t *tls_extension_names;
 
 /**
+ * Magic value (SHA-256 of "HelloRetryRequest") for Random to differentiate
+ * ServerHello from HelloRetryRequest.
+ */
+extern chunk_t tls_hello_retry_request_magic;
+
+/**
+ * Magic values for downgrade protection (see RFC 8446, section 4.1.3)
+ */
+extern chunk_t tls_downgrade_protection_tls11;
+extern chunk_t tls_downgrade_protection_tls12;
+
+/**
  * A bottom-up driven TLS stack, suitable for EAP implementations.
  */
 struct tls_t {
@@ -216,19 +296,29 @@ struct tls_t {
 	identification_t* (*get_peer_id)(tls_t *this);
 
 	/**
-	 * Get the negotiated TLS/SSL version.
+	 * Get the maximum and negotiated TLS version.
 	 *
-	 * @return			negotiated TLS version
+	 * @return			max and negotiated TLS version
 	 */
-	tls_version_t (*get_version)(tls_t *this);
+	tls_version_t (*get_version_max)(tls_t *this);
 
 	/**
-	 * Set the negotiated TLS/SSL version.
+	* Get the minimum TLS version.
+	*
+	* @return			min TLS version
+	*/
+	tls_version_t (*get_version_min)(tls_t *this);
+
+	/**
+	 * Set the initial minimum/maximum TLS version, or set both to the same
+	 * value once negotiated.
 	 *
-	 * @param version	negotiated TLS version
-	 * @return			TRUE if version acceptable
+	 * @param min_version	minimum (or negotiated) TLS version
+	 * @param max_version	maximum (or negotiated) TLS version
+	 * @return				TRUE if version(s) acceptable
 	 */
-	bool (*set_version)(tls_t *this, tls_version_t version);
+	bool (*set_version)(tls_t *this, tls_version_t min_version,
+						tls_version_t max_version);
 
 	/**
 	 * Get the purpose of this TLS stack instance.
@@ -238,6 +328,13 @@ struct tls_t {
 	tls_purpose_t (*get_purpose)(tls_t *this);
 
 	/**
+	 * Get the flags controlling this TLS stack instance.
+	 *
+	 * @return			flags given during construction
+	 */
+	tls_flag_t (*get_flags)(tls_t *this);
+
+	/**
 	 * Check if TLS negotiation completed successfully.
 	 *
 	 * @return			TRUE if TLS negotiation and authentication complete
@@ -278,10 +375,12 @@ void libtls_init(void);
  * @param purpose			purpose this TLS stack instance is used for
  * @param application		higher layer application or NULL if none
  * @param cache				session cache to use, or NULL
+ * @param flags				flags that control the behavior of the TLS stack
  * @return					TLS stack
  */
 tls_t *tls_create(bool is_server, identification_t *server,
 				  identification_t *peer, tls_purpose_t purpose,
-				  tls_application_t *application, tls_cache_t *cache);
+				  tls_application_t *application, tls_cache_t *cache,
+				  tls_flag_t flags);
 
 #endif /** TLS_H_ @}*/