Skip to content

T
TKSDK
Commit 662795bc by guoxin
Options

add file: include/gmssl/gmtls.h

parent 644c0c68
Showing with 163 additions and 0 deletions
.gitignore
...@@ -210,3 +210,38 @@ lib/libTKSDK.so.3 ...@@ -210,3 +210,38 @@ lib/libTKSDK.so.3
lib/libTKSDK.so.3.0 lib/libTKSDK.so.3.0
CMakeLists.txt CMakeLists.txt
test/tlsServertest.cpp test/tlsServertest.cpp
key/demo_tlcp_server_BIN/cacert.pem
key/demo_tlcp_server_BIN/cakey.pem
key/demo_tlcp_server_BIN/careq.pem
key/demo_tlcp_server_BIN/clientcert.pem
key/demo_tlcp_server_BIN/clientkey.pem
key/demo_tlcp_server_BIN/clientpkey.pem
key/demo_tlcp_server_BIN/clientreq.pem
key/demo_tlcp_server_BIN/double_certs.pem
key/demo_tlcp_server_BIN/enccert.pem
key/demo_tlcp_server_BIN/enckey.pem
key/demo_tlcp_server_BIN/encreq.pem
key/demo_tlcp_server_BIN/rootcacert.pem
key/demo_tlcp_server_BIN/rootcakey.pem
key/demo_tlcp_server_BIN/signcert.pem
key/demo_tlcp_server_BIN/signkey.pem
key/demo_tlcp_server_BIN/signreq.pem
key/demo_tlcp_server_BIN/tlcp_server.sh
.gitignore
key/cacert.pem
key/cakey.pem
key/careq.pem
key/clientcert.pem
key/clientkey.pem
key/clientpkey.pem
key/clientreq.pem
key/double_certs.pem
key/enccert.pem
key/enckey.pem
key/encreq.pem
key/rootcacert.pem
key/rootcakey.pem
key/signcert.pem
key/signkey.pem
key/signreq.pem
build/bin/test/tlsServertest.out
include/gmssl/gmtls.h 0 → 100644
#ifndef TKSDK_TLS_H
#define TKSDK_TLS_H
#include <stdint.h>
#include <sys/select.h>
#ifdef __cplusplus
extern "C" {
#endif
//以字节为单位的片段长度
// 国密SSL协议数据类型定义
// 基本数据类型:opaque,uint8,uint16,uint24,unint32,uint64 所有数据网络字节序表示 最小数据的大小是8个字节
/* 6.2.1 */
typedef void* opaque;
typedef uint8_t uint8;
typedef uint16_t uint16;
typedef uint32_t uint24;
typedef uint32_t uint32;
typedef uint64_t uint64;
// 6.3 记录层协议
/*
记录层协议是分层次的,每一层都包括长度字段,描述字段和内容字段。
主要进行的工作:
被传输的消息 : 数据分块、压缩(可选)、计算HMAC、加密、传输
接收到的消息 : 解密、验证、解压(可选)、重新封装、传送上层应用
记录层协议包括握手、报警、密码规格变更和网关对网关类型 支持上述类型分配内容的协议拓展
*/
/* 6.3.1 连接状态*/
typedef enum {
server,
client
} ConnectionEnd;
typedef enum {
sm1,
sm4
} BulkCipherAlgorithm;
typedef enum {
block
} CipherType;
typedef enum {
sha1,
sm3
} MACAlgorithm;
//所以这里用到的压缩算法究竟用啥??? 国密里面也没给提示呀,应该是默认null 木有 除非联系的对端有特殊约定
typedef enum : char{
null,
} CompressionMethod;
// 连接状态的安全参数
struct {
ConnectionEnd entity;
BulkCipherAlgorithm bulk_cipher_algorithm;
CipherType cipher_type;
uint8 key_material_length;
MACAlgorithm mac_algorithm;
uint8 hash_size;
CompressionMethod compression_algorithm;
opaque master_secret[48];
opaque client_random[32];
opaque server_random[32];
uint8 record_iv_length;
uint8 mac_length;
} SecurityParameters;
/* 6.3.2 记录层 */
/*6.3.2.1*/
//片段的记录层协议类型
typedef enum : char{
change_cipher_spec = 20,
alert = 21,
handshark = 22,
applicatioin_data = 23,
site2site = 80
} ContentType;
//所用协议的版本号 本标准版本号为1.1
typedef struct{
uint8 major,minor;
} ProtocolVersion;
//以字节为单位的片段长度小于或等于2^14 就是最大16k
#define GMTLS_TLS_PLAINTEXT_LEN 16384
#define GMTLS_TLS_COMPRESSED_LEN 16384+1024
//片段结构
typedef struct{
ContentType type;
ProtocolVersion verison;
uint16 length;
opaque fragment[GMTLS_TLS_PLAINTEXT_LEN];
} TLSPlaintext;
/*6.3.2.2 压缩和解压缩*/
typedef struct{
ContentType type;
ProtocolVersion verison;
uint16 length;
opaque fragment[GMTLS_TLS_COMPRESSED_LEN];
} TLSCompressed;
/*6.3.2.3 加密和校验*/
// typedef struct{
// ContentType type;
// ProtocolVersion verison;
// uint16 length;
// int select(CipherSpec){
// case block:GenericBlockCipher;
// } fragment;
// } TLSCiphertext;
#ifdef __cplusplus
}
#endif
#endif
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment