2018-06-18 11:13:25 +01:00
|
|
|
#pragma once
|
|
|
|
#include <wut.h>
|
|
|
|
|
|
|
|
/**
|
|
|
|
* \defgroup nsysnet_nssl Nintendo SSL
|
|
|
|
* \ingroup nsysnet
|
2018-06-28 10:06:39 +10:00
|
|
|
*
|
|
|
|
* The NSSL library is Nintendo's interface for making SSL connections on the
|
|
|
|
* Wii U. To use NSSL directly, call NSSLInit() then NSSLCreateContext() to
|
|
|
|
* create a context. This context - after adding root CAs via NSSLAddServerPKI()
|
|
|
|
* or NSSLAddServerPKIExternal() - can be used to create connections
|
|
|
|
* (NSSLCreateConnection()) that can transfer data using NSSLRead() and
|
|
|
|
* NSSLWrite().
|
|
|
|
*
|
|
|
|
* For HTTPS connections, consider using libcurl.
|
|
|
|
*
|
|
|
|
* \if false
|
|
|
|
* meta: how to link to libcurl?
|
|
|
|
* \endif
|
|
|
|
*
|
2018-06-18 11:13:25 +01:00
|
|
|
* @{
|
|
|
|
*/
|
|
|
|
#ifdef __cplusplus
|
|
|
|
extern "C" {
|
|
|
|
#endif
|
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
//! A handle to a NSSL context created with NSSLCreateContext().
|
2018-06-18 12:17:16 +01:00
|
|
|
typedef int32_t NSSLContextHandle;
|
2018-06-28 10:06:39 +10:00
|
|
|
//! A handle to a NSSL connection created with NSSLCreateConnection().
|
2018-06-18 12:17:16 +01:00
|
|
|
typedef int32_t NSSLConnectionHandle;
|
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
/**
|
|
|
|
* The IDs of a system CA. These certificates are built-in to the system and can
|
|
|
|
* be added to a NSSL context with NSSLAddServerPKI().
|
|
|
|
*/
|
2018-06-18 12:17:16 +01:00
|
|
|
typedef enum NSSLServerCertId
|
|
|
|
{
|
2018-06-28 10:06:39 +10:00
|
|
|
//! Represents the first certificate in the Nintendo CA group.
|
2018-06-18 12:17:16 +01:00
|
|
|
NSSL_SERVER_CERT_GROUP_0_FIRST = 100,
|
2018-06-28 10:06:39 +10:00
|
|
|
//! Represents the last certificate in the Nintendo CA group.
|
2018-06-18 12:17:16 +01:00
|
|
|
NSSL_SERVER_CERT_GROUP_0_LAST = 105,
|
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
//! Represents the first certificate in the commercial CA group.
|
2018-06-18 12:17:16 +01:00
|
|
|
NSSL_SERVER_CERT_GROUP_1_FIRST = 1001,
|
2018-06-28 10:06:39 +10:00
|
|
|
//! Represents the last certificate in the commerical CA group.
|
2018-06-18 12:17:16 +01:00
|
|
|
NSSL_SERVER_CERT_GROUP_1_LAST = 1033,
|
|
|
|
} NSSLServerCertId;
|
2018-06-18 11:13:25 +01:00
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
/**
|
|
|
|
* Initialises the NSSL library for use. This must be called before any other
|
|
|
|
* NSSL functions.
|
|
|
|
*
|
|
|
|
* \returns
|
|
|
|
* 0 on success, or a negative error code on failure.
|
|
|
|
*
|
|
|
|
* \sa
|
|
|
|
* - NSSLFinish()
|
|
|
|
*/
|
2018-06-18 11:13:25 +01:00
|
|
|
int32_t
|
|
|
|
NSSLInit();
|
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
/**
|
|
|
|
* Cleans up and finishes use of the NSSL library.
|
|
|
|
*
|
|
|
|
* \returns
|
|
|
|
* 0 on success, or -1 on error.
|
|
|
|
*/
|
2018-06-18 11:13:25 +01:00
|
|
|
int32_t
|
|
|
|
NSSLFinish();
|
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
/**
|
|
|
|
* Creates a context to use with the NSSL library. A context contains root CAs
|
|
|
|
* and connections.
|
|
|
|
*
|
|
|
|
* \param unk
|
|
|
|
* Unknown. A value of 0 appears to work.
|
|
|
|
*
|
|
|
|
* \returns
|
|
|
|
* A #NSSLContextHandle representing the newly created context, or a negative
|
|
|
|
* value on error.
|
|
|
|
*
|
|
|
|
* \sa
|
|
|
|
* - NSSLDestroyContext()
|
|
|
|
*/
|
2018-06-18 12:17:16 +01:00
|
|
|
NSSLContextHandle
|
2018-06-18 11:13:25 +01:00
|
|
|
NSSLCreateContext(int32_t unk);
|
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
/**
|
|
|
|
* Destroys a NSSL context.
|
|
|
|
*
|
|
|
|
* \param context
|
|
|
|
* The NSSL context to destroy.
|
|
|
|
*
|
|
|
|
* \returns
|
|
|
|
* 0 on success, or a negative value if an error occured.
|
|
|
|
*/
|
2018-06-18 11:13:25 +01:00
|
|
|
int32_t
|
2018-06-18 12:17:16 +01:00
|
|
|
NSSLDestroyContext(NSSLContextHandle context);
|
2018-06-18 11:13:25 +01:00
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
/**
|
|
|
|
* Add a custom root CA to the given NSSL context.
|
|
|
|
*
|
|
|
|
* \param context
|
|
|
|
* The NSSL context to add a root CA to.
|
|
|
|
*
|
|
|
|
* \param cert
|
|
|
|
* A pointer to a buffer containing the certificate data.
|
|
|
|
*
|
|
|
|
* \param length
|
|
|
|
* The length of the certificate buffer.
|
|
|
|
*
|
|
|
|
* \param unk
|
|
|
|
* Unknown.
|
|
|
|
*
|
|
|
|
* \returns
|
|
|
|
* 0 on success, or a negative value on error.
|
|
|
|
*
|
|
|
|
* \sa
|
|
|
|
* - NSSLAddServerPKI()
|
|
|
|
*
|
|
|
|
* \if false
|
|
|
|
* meta: what format does the certificate need to be? The internal ones are
|
|
|
|
* x509 in binary DER. What's a working value for unk? 0?
|
|
|
|
* \endif
|
|
|
|
*/
|
2018-06-18 11:13:25 +01:00
|
|
|
int32_t
|
2018-06-18 12:17:16 +01:00
|
|
|
NSSLAddServerPKIExternal(NSSLContextHandle context,
|
2018-06-18 11:13:25 +01:00
|
|
|
const void *cert,
|
|
|
|
int32_t length,
|
|
|
|
int32_t unk);
|
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
/**
|
|
|
|
* Add a system root CA (one of #NSSLServerCertId) to the given NSSL context.
|
|
|
|
*
|
|
|
|
* \param context
|
|
|
|
* The NSSL context to add a root CA to.
|
|
|
|
*
|
|
|
|
* \param pki
|
|
|
|
* The #NSSLServerCertId representing the system CA to add.
|
|
|
|
*
|
|
|
|
* \returns
|
|
|
|
* 0 on success, or a negative value on error.
|
|
|
|
*
|
|
|
|
* \sa
|
|
|
|
* - NSSLAddServerPKIExternal()
|
|
|
|
*/
|
2018-06-18 11:13:25 +01:00
|
|
|
int32_t
|
2018-06-18 12:17:16 +01:00
|
|
|
NSSLAddServerPKI(NSSLContextHandle context,
|
|
|
|
NSSLServerCertId pki);
|
2018-06-18 11:13:25 +01:00
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
/**
|
|
|
|
* Open an SSL connection.
|
|
|
|
*
|
|
|
|
* \param context
|
|
|
|
* The context to open the connection under.
|
|
|
|
*
|
|
|
|
* \param host
|
|
|
|
* The domain or IP of the host to connect to.
|
|
|
|
*
|
|
|
|
* \param hostLength
|
|
|
|
* The length of the "host" buffer.
|
|
|
|
*
|
|
|
|
* \param options
|
|
|
|
* Options for the underlying socket.
|
|
|
|
*
|
|
|
|
* \param socket
|
|
|
|
* An existing socket to use for the connection, or NULL.
|
|
|
|
*
|
|
|
|
* \param block
|
|
|
|
* Whether to block until the connection is open.
|
|
|
|
*
|
|
|
|
* \returns
|
|
|
|
* A #NSSLConnectionHandle representing the current connection.
|
|
|
|
*
|
|
|
|
* \sa
|
|
|
|
* - NSSLRead()
|
|
|
|
* - NSSLWrite()
|
|
|
|
*
|
|
|
|
* \if false
|
|
|
|
* meta: kinda guessing socket and options here, needs confirmation
|
|
|
|
* \endif
|
|
|
|
*/
|
2018-06-18 12:17:16 +01:00
|
|
|
NSSLConnectionHandle
|
|
|
|
NSSLCreateConnection(NSSLContextHandle context,
|
2018-06-18 11:13:25 +01:00
|
|
|
const char *host,
|
|
|
|
int32_t hostLength,
|
|
|
|
int32_t options,
|
|
|
|
int32_t socket,
|
|
|
|
int32_t block);
|
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
/**
|
|
|
|
* Read data from an open NSSL connection into a given buffer.
|
|
|
|
*
|
|
|
|
* \param connection
|
|
|
|
* The connection to read data from.
|
|
|
|
*
|
|
|
|
* \param buffer
|
|
|
|
* A buffer to read decrypted data into.
|
|
|
|
*
|
|
|
|
* \param length
|
|
|
|
* The length of the given buffer.
|
|
|
|
*
|
|
|
|
* \param outBytesRead
|
|
|
|
* A pointer to write the actual number of read bytes into. This may be smaller
|
|
|
|
* than the input buffer.
|
|
|
|
*
|
|
|
|
* \returns
|
|
|
|
* 0 on success, or a negative value on error.
|
|
|
|
*
|
|
|
|
* \sa
|
|
|
|
* - NSSLWrite()
|
|
|
|
*/
|
2018-06-18 11:13:25 +01:00
|
|
|
int32_t
|
2018-06-18 12:17:16 +01:00
|
|
|
NSSLRead(NSSLConnectionHandle connection,
|
2018-06-18 11:13:25 +01:00
|
|
|
const void *buffer,
|
|
|
|
int32_t length,
|
|
|
|
int32_t *outBytesRead);
|
|
|
|
|
2018-06-28 10:06:39 +10:00
|
|
|
/**
|
|
|
|
* Write data to an open NSSL connection from a given buffer.
|
|
|
|
*
|
|
|
|
* \param connection
|
|
|
|
* The connection to write data to.
|
|
|
|
*
|
|
|
|
* \param buffer
|
|
|
|
* A buffer containing the data to be sent.
|
|
|
|
*
|
|
|
|
* \param length
|
|
|
|
* The length of the given buffer.
|
|
|
|
*
|
|
|
|
* \param outBytesWritten
|
|
|
|
* A pointer to write the actual number of written bytes into. This may be
|
|
|
|
* smaller than the input buffer.
|
|
|
|
*
|
|
|
|
* \returns
|
|
|
|
* 0 on success, or a negative value on error.
|
|
|
|
*
|
|
|
|
* \sa
|
|
|
|
* - NSSLRead()
|
|
|
|
*/
|
2018-06-18 11:13:25 +01:00
|
|
|
int32_t
|
2018-06-18 12:17:16 +01:00
|
|
|
NSSLWrite(NSSLConnectionHandle connection,
|
2018-06-18 11:13:25 +01:00
|
|
|
const void *buffer,
|
|
|
|
int32_t length,
|
|
|
|
int32_t *outBytesWritten);
|
|
|
|
|
|
|
|
#ifdef __cplusplus
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/** @} */
|