Amazon Kinesis Webrtc C SDK
 
Loading...
Searching...
No Matches
Tls.h
Go to the documentation of this file.
1#ifndef __KINESIS_VIDEO_WEBRTC_CLIENT_CRYPTO_TLS__
2#define __KINESIS_VIDEO_WEBRTC_CLIENT_CRYPTO_TLS__
3
4#pragma once
5
6#ifdef __cplusplus
7extern "C" {
8#endif
9
10typedef enum {
11 TLS_SESSION_STATE_NEW, /* Tls is just created, but the handshake process has not started */
12 TLS_SESSION_STATE_CONNECTING, /* TLS is in the process of negotiating a secure connection and verifying the remote fingerprint. */
13 TLS_SESSION_STATE_CONNECTED, /* TLS has completed negotiation of a secure connection and verified the remote fingerprint. */
14 TLS_SESSION_STATE_CLOSED, /* The transport has been closed intentionally as the result of receipt of a close_notify alert */
15} TLS_SESSION_STATE;
16
17/* Callback that is fired when Tls session wishes to send packet */
18typedef STATUS (*TlsSessionOutboundPacketFunc)(UINT64, PBYTE, UINT32);
19
20/* Callback that is fired when Tls state has changed */
21typedef VOID (*TlsSessionOnStateChange)(UINT64, TLS_SESSION_STATE);
22
23typedef struct {
24 UINT64 outBoundPacketFnCustomData;
25 // outBoundPacketFn is a required callback to tell TlsSession how to send outbound packets
26 TlsSessionOutboundPacketFunc outboundPacketFn;
27 // stateChangeFn is an optional callback to listen to TlsSession state changes
28 UINT64 stateChangeFnCustomData;
29 TlsSessionOnStateChange stateChangeFn;
30} TlsSessionCallbacks, *PTlsSessionCallbacks;
31
32typedef struct __TlsSession TlsSession, *PTlsSession;
33struct __TlsSession {
34 TlsSessionCallbacks callbacks;
35 TLS_SESSION_STATE state;
36
37#ifdef KVS_USE_OPENSSL
38 SSL_CTX* pSslCtx;
39 SSL* pSsl;
40#elif KVS_USE_MBEDTLS
41 IOBuffer* pReadBuffer;
42
43 mbedtls_ssl_context sslCtx;
44 mbedtls_ssl_config sslCtxConfig;
45 mbedtls_entropy_context entropy;
46 mbedtls_ctr_drbg_context ctrDrbg;
47 mbedtls_x509_crt cacert;
48#else
49#error "A Crypto implementation is required."
50#endif
51};
52
61STATUS createTlsSession(PTlsSessionCallbacks, PTlsSession*);
62
68STATUS freeTlsSession(PTlsSession*);
69
77STATUS tlsSessionStart(PTlsSession, BOOL);
78
88STATUS tlsSessionProcessPacket(PTlsSession, PBYTE, UINT32, PUINT32);
89
98STATUS tlsSessionPutApplicationData(PTlsSession, PBYTE, UINT32);
99
104STATUS tlsSessionShutdown(PTlsSession);
105
106/* internal functions */
107STATUS tlsSessionChangeState(PTlsSession, TLS_SESSION_STATE);
108
109#ifdef KVS_USE_OPENSSL
110INT32 tlsSessionCertificateVerifyCallback(INT32, X509_STORE_CTX*);
111#elif KVS_USE_MBEDTLS
112#if defined(MBEDTLS_VERSION_NUMBER)
113#define MBEDTLS_BEFORE_V3 (MBEDTLS_VERSION_NUMBER < 0x03000000)
114#else
115#define MBEDTLS_BEFORE_V3 (1) /* default to before v3 */
116#endif
117// following are required callbacks for mbedtls
118// NOTE: const is not a pure C qualifier, they're here because there's no way to type cast
119// a callback signature.
120INT32 tlsSessionSendCallback(PVOID, const unsigned char*, ULONG);
121INT32 tlsSessionReceiveCallback(PVOID, unsigned char*, ULONG);
122
123// Add hostname parameter for mbedTLS 3.x compatibility
124STATUS tlsSessionStartWithHostname(PTlsSession, BOOL, PCHAR);
125#else
126#error "A Crypto implementation is required."
127#endif
128
129#ifdef __cplusplus
130}
131#endif
132#endif //__KINESIS_VIDEO_WEBRTC_CLIENT_CRYPTO_TLS__
PTlsSession
struct __TlsSession * PTlsSession
Definition Tls.h:32
tlsSessionStart
STATUS tlsSessionStart(PTlsSession, BOOL)
Definition Tls_mbedtls.c:153
PTlsSessionCallbacks
struct TlsSessionCallbacks * PTlsSessionCallbacks
createTlsSession
STATUS createTlsSession(PTlsSessionCallbacks, PTlsSession *)
Definition Tls_mbedtls.c:7
TLS_SESSION_STATE
TLS_SESSION_STATE
Definition Tls.h:10
TLS_SESSION_STATE_CONNECTING
@ TLS_SESSION_STATE_CONNECTING
Definition Tls.h:12
TLS_SESSION_STATE_CLOSED
@ TLS_SESSION_STATE_CLOSED
Definition Tls.h:14
TLS_SESSION_STATE_NEW
@ TLS_SESSION_STATE_NEW
Definition Tls.h:11
TLS_SESSION_STATE_CONNECTED
@ TLS_SESSION_STATE_CONNECTED
Definition Tls.h:13
freeTlsSession
STATUS freeTlsSession(PTlsSession *)
Definition Tls_mbedtls.c:44
TlsSessionOutboundPacketFunc
STATUS(* TlsSessionOutboundPacketFunc)(UINT64, PBYTE, UINT32)
Definition Tls.h:18
tlsSessionShutdown
STATUS tlsSessionShutdown(PTlsSession)
Definition Tls_mbedtls.c:246
tlsSessionProcessPacket
STATUS tlsSessionProcessPacket(PTlsSession, PBYTE, UINT32, PUINT32)
Definition Tls_mbedtls.c:158
TlsSessionOnStateChange
VOID(* TlsSessionOnStateChange)(UINT64, TLS_SESSION_STATE)
Definition Tls.h:21
tlsSessionPutApplicationData
STATUS tlsSessionPutApplicationData(PTlsSession, PBYTE, UINT32)
Definition Tls_mbedtls.c:217
tlsSessionChangeState
STATUS tlsSessionChangeState(PTlsSession, TLS_SESSION_STATE)
Definition Tls.c:4
tlsSessionSendCallback
INT32 tlsSessionSendCallback(PVOID customData, const unsigned char *buf, ULONG len)
Definition Tls_mbedtls.c:69
tlsSessionStartWithHostname
STATUS tlsSessionStartWithHostname(PTlsSession pTlsSession, BOOL isServer, PCHAR hostname)
Definition Tls_mbedtls.c:103
tlsSessionReceiveCallback
INT32 tlsSessionReceiveCallback(PVOID customData, unsigned char *buf, ULONG len)
Definition Tls_mbedtls.c:83
tlsSessionCertificateVerifyCallback
INT32 tlsSessionCertificateVerifyCallback(INT32 preverify_ok, X509_STORE_CTX *ctx)
Definition Tls_openssl.c:62
TlsSessionCallbacks
Definition Tls.h:23
TlsSessionCallbacks::stateChangeFnCustomData
UINT64 stateChangeFnCustomData
Definition Tls.h:28
TlsSessionCallbacks::outBoundPacketFnCustomData
UINT64 outBoundPacketFnCustomData
Definition Tls.h:24
TlsSessionCallbacks::stateChangeFn
TlsSessionOnStateChange stateChangeFn
Definition Tls.h:29
TlsSessionCallbacks::outboundPacketFn
TlsSessionOutboundPacketFunc outboundPacketFn
Definition Tls.h:26
__IOBuffer
Definition IOBuffer.h:11
__TlsSession
Definition Tls.h:33
__TlsSession::state
TLS_SESSION_STATE state
Definition Tls.h:35
__TlsSession::callbacks
TlsSessionCallbacks callbacks
Definition Tls.h:34