Amazon Kinesis Webrtc C SDK
Tls.h
Go to the documentation of this file.
1 #ifndef __KINESIS_VIDEO_WEBRTC_CLIENT_CRYPTO_TLS__
2 #define __KINESIS_VIDEO_WEBRTC_CLIENT_CRYPTO_TLS__
3 
4 #pragma once
5 
6 #ifdef __cplusplus
7 extern "C" {
8 #endif
9 
10 typedef enum {
11  TLS_SESSION_STATE_NEW, /* Tls is just created, but the handshake process has not started */
12  TLS_SESSION_STATE_CONNECTING, /* TLS is in the process of negotiating a secure connection and verifying the remote fingerprint. */
13  TLS_SESSION_STATE_CONNECTED, /* TLS has completed negotiation of a secure connection and verified the remote fingerprint. */
14  TLS_SESSION_STATE_CLOSED, /* The transport has been closed intentionally as the result of receipt of a close_notify alert */
15 } TLS_SESSION_STATE;
16 
17 /* Callback that is fired when Tls session wishes to send packet */
18 typedef STATUS (*TlsSessionOutboundPacketFunc)(UINT64, PBYTE, UINT32);
19 
20 /* Callback that is fired when Tls state has changed */
21 typedef VOID (*TlsSessionOnStateChange)(UINT64, TLS_SESSION_STATE);
22 
23 typedef struct {
24  UINT64 outBoundPacketFnCustomData;
25  // outBoundPacketFn is a required callback to tell TlsSession how to send outbound packets
26  TlsSessionOutboundPacketFunc outboundPacketFn;
27  // stateChangeFn is an optional callback to listen to TlsSession state changes
28  UINT64 stateChangeFnCustomData;
29  TlsSessionOnStateChange stateChangeFn;
30 } TlsSessionCallbacks, *PTlsSessionCallbacks;
31 
32 typedef struct __TlsSession TlsSession, *PTlsSession;
33 struct __TlsSession {
34  TlsSessionCallbacks callbacks;
35  TLS_SESSION_STATE state;
36 
37 #ifdef KVS_USE_OPENSSL
38  SSL_CTX* pSslCtx;
39  SSL* pSsl;
40 #elif KVS_USE_MBEDTLS
41  IOBuffer* pReadBuffer;
42 
43  mbedtls_ssl_context sslCtx;
44  mbedtls_ssl_config sslCtxConfig;
45  mbedtls_entropy_context entropy;
46  mbedtls_ctr_drbg_context ctrDrbg;
47  mbedtls_x509_crt cacert;
48 #else
49 #error "A Crypto implementation is required."
50 #endif
51 };
52 
61 STATUS createTlsSession(PTlsSessionCallbacks, PTlsSession*);
62 
68 STATUS freeTlsSession(PTlsSession*);
69 
77 STATUS tlsSessionStart(PTlsSession, BOOL);
78 
88 STATUS tlsSessionProcessPacket(PTlsSession, PBYTE, UINT32, PUINT32);
89 
98 STATUS tlsSessionPutApplicationData(PTlsSession, PBYTE, UINT32);
99 
104 STATUS tlsSessionShutdown(PTlsSession);
105 
106 /* internal functions */
107 STATUS tlsSessionChangeState(PTlsSession, TLS_SESSION_STATE);
108 
109 #ifdef KVS_USE_OPENSSL
110 INT32 tlsSessionCertificateVerifyCallback(INT32, X509_STORE_CTX*);
111 #elif KVS_USE_MBEDTLS
112 // following are required callbacks for mbedtls
113 // NOTE: const is not a pure C qualifier, they're here because there's no way to type cast
114 // a callback signature.
115 INT32 tlsSessionSendCallback(PVOID, const unsigned char*, ULONG);
116 INT32 tlsSessionReceiveCallback(PVOID, unsigned char*, ULONG);
117 #else
118 #error "A Crypto implementation is required."
119 #endif
120 
121 #ifdef __cplusplus
122 }
123 #endif
124 #endif //__KINESIS_VIDEO_WEBRTC_CLIENT_CRYPTO_TLS__
PTlsSession
struct __TlsSession * PTlsSession
Definition: Tls.h:32
tlsSessionStart
STATUS tlsSessionStart(PTlsSession, BOOL)
Definition: Tls_mbedtls.c:103
PTlsSessionCallbacks
struct TlsSessionCallbacks * PTlsSessionCallbacks
createTlsSession
STATUS createTlsSession(PTlsSessionCallbacks, PTlsSession *)
Definition: Tls_mbedtls.c:7
TLS_SESSION_STATE
TLS_SESSION_STATE
Definition: Tls.h:10
TLS_SESSION_STATE_CONNECTING
@ TLS_SESSION_STATE_CONNECTING
Definition: Tls.h:12
TLS_SESSION_STATE_CLOSED
@ TLS_SESSION_STATE_CLOSED
Definition: Tls.h:14
TLS_SESSION_STATE_NEW
@ TLS_SESSION_STATE_NEW
Definition: Tls.h:11
TLS_SESSION_STATE_CONNECTED
@ TLS_SESSION_STATE_CONNECTED
Definition: Tls.h:13
freeTlsSession
STATUS freeTlsSession(PTlsSession *)
Definition: Tls_mbedtls.c:44
TlsSessionOutboundPacketFunc
STATUS(* TlsSessionOutboundPacketFunc)(UINT64, PBYTE, UINT32)
Definition: Tls.h:18
tlsSessionShutdown
STATUS tlsSessionShutdown(PTlsSession)
Definition: Tls_mbedtls.c:222
tlsSessionProcessPacket
STATUS tlsSessionProcessPacket(PTlsSession, PBYTE, UINT32, PUINT32)
Definition: Tls_mbedtls.c:137
TlsSessionOnStateChange
VOID(* TlsSessionOnStateChange)(UINT64, TLS_SESSION_STATE)
Definition: Tls.h:21
tlsSessionPutApplicationData
STATUS tlsSessionPutApplicationData(PTlsSession, PBYTE, UINT32)
Definition: Tls_mbedtls.c:193
tlsSessionChangeState
STATUS tlsSessionChangeState(PTlsSession, TLS_SESSION_STATE)
Definition: Tls.c:4
tlsSessionSendCallback
INT32 tlsSessionSendCallback(PVOID customData, const unsigned char *buf, ULONG len)
Definition: Tls_mbedtls.c:69
tlsSessionReceiveCallback
INT32 tlsSessionReceiveCallback(PVOID customData, unsigned char *buf, ULONG len)
Definition: Tls_mbedtls.c:83
tlsSessionCertificateVerifyCallback
INT32 tlsSessionCertificateVerifyCallback(INT32 preverify_ok, X509_STORE_CTX *ctx)
Definition: Tls_openssl.c:62
TlsSessionCallbacks
Definition: Tls.h:23
TlsSessionCallbacks::stateChangeFnCustomData
UINT64 stateChangeFnCustomData
Definition: Tls.h:28
TlsSessionCallbacks::outBoundPacketFnCustomData
UINT64 outBoundPacketFnCustomData
Definition: Tls.h:24
TlsSessionCallbacks::stateChangeFn
TlsSessionOnStateChange stateChangeFn
Definition: Tls.h:29
TlsSessionCallbacks::outboundPacketFn
TlsSessionOutboundPacketFunc outboundPacketFn
Definition: Tls.h:26
__IOBuffer
Definition: IOBuffer.h:11
__TlsSession
Definition: Tls.h:33
__TlsSession::state
TLS_SESSION_STATE state
Definition: Tls.h:35
__TlsSession::callbacks
TlsSessionCallbacks callbacks
Definition: Tls.h:34