]> git.ipfire.org Git - thirdparty/openssl.git/blame - ssl/record/methods/recmethod_local.h
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Copyright year updates
[thirdparty/openssl.git] / ssl / record / methods / recmethod_local.h
CommitLineData
50023e9b 1/*
b6461792 2 * Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
50023e9b
MC		 3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <openssl/bio.h>
11#include <openssl/ssl.h>
12#include <openssl/err.h>
13#include "../../ssl_local.h"
14#include "../record_local.h"
15
f6aab7b1
MC		 16typedef struct dtls_bitmap_st {
17 /* Track 64 packets */
18 uint64_t map;
19 /* Max record number seen so far, 64-bit value in big-endian encoding */
20 unsigned char max_seq_num[SEQ_NUM_SIZE];
21} DTLS_BITMAP;
22
23c57f00
MC		 23typedef struct ssl_mac_buf_st {
24 unsigned char *mac;
25 int alloced;
26} SSL_MAC_BUF;
27
e9189cc4 28typedef struct tls_buffer_st {
23c57f00
MC		 29 /* at least SSL3_RT_MAX_PACKET_SIZE bytes */
30 unsigned char *buf;
31 /* default buffer size (or 0 if no default set) */
32 size_t default_len;
33 /* buffer size */
34 size_t len;
35 /* where to 'copy from' */
36 size_t offset;
37 /* how many bytes left */
38 size_t left;
39 /* 'buf' is from application for KTLS */
40 int app_buffer;
41 /* The type of data stored in this buffer. Only used for writing */
42 int type;
e9189cc4 43} TLS_BUFFER;
23c57f00 44
22094d11 45typedef struct tls_rl_record_st {
23c57f00
MC		 46 /* Record layer version */
47 /* r */
48 int rec_version;
49 /* type of record */
50 /* r */
51 int type;
52 /* How many bytes available */
53 /* rw */
54 size_t length;
55 /*
56 * How many bytes were available before padding was removed? This is used
57 * to implement the MAC check in constant time for CBC records.
58 */
59 /* rw */
60 size_t orig_len;
61 /* read/write offset into 'buf' */
62 /* r */
63 size_t off;
64 /* pointer to the record data */
65 /* rw */
66 unsigned char *data;
67 /* where the decode bytes are */
68 /* rw */
69 unsigned char *input;
70 /* only used with decompression - malloc()ed */
71 /* r */
72 unsigned char *comp;
73 /* epoch number, needed by DTLS1 */
74 /* r */
75 uint16_t epoch;
76 /* sequence number, needed by DTLS1 */
77 /* r */
78 unsigned char seq_num[SEQ_NUM_SIZE];
22094d11 79} TLS_RL_RECORD;
23c57f00 80
22094d11 81/* Macros/functions provided by the TLS_RL_RECORD component */
23c57f00 82
22094d11
MC		 83#define TLS_RL_RECORD_set_type(r, t) ((r)->type = (t))
84#define TLS_RL_RECORD_set_rec_version(r, v) ((r)->rec_version = (v))
85#define TLS_RL_RECORD_get_length(r) ((r)->length)
86#define TLS_RL_RECORD_set_length(r, l) ((r)->length = (l))
87#define TLS_RL_RECORD_add_length(r, l) ((r)->length += (l))
88#define TLS_RL_RECORD_set_data(r, d) ((r)->data = (d))
89#define TLS_RL_RECORD_set_input(r, i) ((r)->input = (i))
90#define TLS_RL_RECORD_reset_input(r) ((r)->input = (r)->data)
23c57f00
MC		 91
92
50023e9b
MC		 93/* Protocol version specific function pointers */
94struct record_functions_st
95{
7c293999
MC		 96 /*
97 * Returns either OSSL_RECORD_RETURN_SUCCESS, OSSL_RECORD_RETURN_FATAL or
98 * OSSL_RECORD_RETURN_NON_FATAL_ERR if we can keep trying to find an
99 * alternative record layer.
100 */
50023e9b
MC		 101 int (*set_crypto_state)(OSSL_RECORD_LAYER *rl, int level,
102 unsigned char *key, size_t keylen,
103 unsigned char *iv, size_t ivlen,
104 unsigned char *mackey, size_t mackeylen,
105 const EVP_CIPHER *ciph,
106 size_t taglen,
50023e9b
MC		 107 int mactype,
108 const EVP_MD *md,
1e76110b 109 COMP_METHOD *comp);
1853d20a 110
7c293999
MC		 111 /*
112 * Returns:
113 * 0: if the record is publicly invalid, or an internal error, or AEAD
114 * decryption failed, or EtM decryption failed.
115 * 1: Success or MtE decryption failed (MAC will be randomised)
116 */
22094d11 117 int (*cipher)(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *recs, size_t n_recs,
8124ab56 118 int sending, SSL_MAC_BUF *macs, size_t macsize);
7c293999 119 /* Returns 1 for success or 0 for error */
22094d11 120 int (*mac)(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec, unsigned char *md,
8124ab56 121 int sending);
1853d20a
MC		 122
123 /* Return 1 for success or 0 for error */
124 int (*set_protocol_version)(OSSL_RECORD_LAYER *rl, int version);
125
bafe524b
MC		 126 /* Read related functions */
127
128 int (*read_n)(OSSL_RECORD_LAYER *rl, size_t n, size_t max, int extend,
129 int clearold, size_t *readbytes);
130
131 int (*get_more_records)(OSSL_RECORD_LAYER *rl);
132
1853d20a 133 /* Return 1 for success or 0 for error */
22094d11 134 int (*validate_record_header)(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec);
1853d20a
MC		 135
136 /* Return 1 for success or 0 for error */
22094d11 137 int (*post_process_record)(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec);
bafe524b
MC		 138
139 /* Write related functions */
140
eb1eaa9a 141 size_t (*get_max_records)(OSSL_RECORD_LAYER *rl, uint8_t type, size_t len,
bafe524b
MC		 142 size_t maxfrag, size_t *preffrag);
143
144 /* Return 1 for success or 0 for error */
145 int (*write_records)(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
146 size_t numtempl);
91fe8ff0
MC		 147
148 /* Allocate the rl->wbuf buffers. Return 1 for success or 0 for error */
149 int (*allocate_write_buffers)(OSSL_RECORD_LAYER *rl,
150 OSSL_RECORD_TEMPLATE *templates,
151 size_t numtempl, size_t *prefix);
152
153 /*
154 * Initialise the packets in the |pkt| array using the buffers in |rl->wbuf|.
155 * Some protocol versions may use the space in |prefixtempl| to add
156 * an artificial template in front of the |templates| array and hence may
157 * initialise 1 more WPACKET than there are templates. |*wpinited|
158 * returns the number of WPACKETs in |pkt| that were successfully
159 * initialised. This must be 0 on entry and will be filled in even on error.
160 */
161 int (*initialise_write_packets)(OSSL_RECORD_LAYER *rl,
162 OSSL_RECORD_TEMPLATE *templates,
163 size_t numtempl,
164 OSSL_RECORD_TEMPLATE *prefixtempl,
165 WPACKET *pkt,
e9189cc4 166 TLS_BUFFER *bufs,
91fe8ff0 167 size_t *wpinited);
7ca61d63
MC		 168
169 /* Get the actual record type to be used for a given template */
eb1eaa9a
TM		 170 uint8_t (*get_record_type)(OSSL_RECORD_LAYER *rl,
171 OSSL_RECORD_TEMPLATE *template);
aca70ca8
MC		 172
173 /* Write the record header data to the WPACKET */
174 int (*prepare_record_header)(OSSL_RECORD_LAYER *rl, WPACKET *thispkt,
175 OSSL_RECORD_TEMPLATE *templ,
eb1eaa9a 176 uint8_t rectype,
aca70ca8 177 unsigned char **recdata);
2582de25
MC		 178
179 int (*add_record_padding)(OSSL_RECORD_LAYER *rl,
180 OSSL_RECORD_TEMPLATE *thistempl,
181 WPACKET *thispkt,
22094d11 182 TLS_RL_RECORD *thiswr);
757ef3ba
MC		 183
184 /*
185 * This applies any mac that might be necessary, ensures that we have enough
186 * space in the WPACKET to perform the encryption and sets up the
22094d11 187 * TLS_RL_RECORD ready for that encryption.
757ef3ba
MC		 188 */
189 int (*prepare_for_encryption)(OSSL_RECORD_LAYER *rl,
190 size_t mac_size,
191 WPACKET *thispkt,
22094d11 192 TLS_RL_RECORD *thiswr);
2a354d54
MC		 193
194 /*
195 * Any updates required to the record after encryption has been applied. For
196 * example, adding a MAC if using encrypt-then-mac
197 */
198 int (*post_encryption_processing)(OSSL_RECORD_LAYER *rl,
199 size_t mac_size,
200 OSSL_RECORD_TEMPLATE *thistempl,
201 WPACKET *thispkt,
22094d11 202 TLS_RL_RECORD *thiswr);
ace38195
MC		 203
204 /*
205 * Some record layer implementations need to do some custom preparation of
206 * the BIO before we write to it. KTLS does this to prevent coalescing of
207 * control and data messages.
208 */
209 int (*prepare_write_bio)(OSSL_RECORD_LAYER *rl, int type);
50023e9b
MC		 210};
211
212struct ossl_record_layer_st
213{
214 OSSL_LIB_CTX *libctx;
215 const char *propq;
216 int isdtls;
217 int version;
218 int role;
219 int direction;
9dd90232 220 int level;
b05fbac1 221 const EVP_MD *md;
222cf410 222 /* DTLS only */
279754d4 223 uint16_t epoch;
359affde
MC		 224
225 /*
226 * A BIO containing any data read in the previous epoch that was destined
227 * for this epoch
228 */
229 BIO *prev;
230
231 /* The transport BIO */
50023e9b 232 BIO *bio;
359affde
MC		 233
234 /*
235 * A BIO where we will send any data read by us that is destined for the
236 * next epoch.
237 */
238 BIO *next;
239
b0a9042e 240 /* Types match the equivalent fields in the SSL object */
50023e9b 241 uint64_t options;
50023e9b
MC		 242 uint32_t mode;
243
151f313e 244 /* write IO goes into here */
e9189cc4 245 TLS_BUFFER wbuf[SSL_MAX_PIPELINES + 1];
151f313e
MC		 246
247 /* Next wbuf with pending data still to write */
248 size_t nextwbuf;
249
e7694c69
MC		 250 /* How many pipelines can be used to write data */
251 size_t numwpipes;
252
50023e9b 253 /* read IO goes into here */
e9189cc4 254 TLS_BUFFER rbuf;
50023e9b 255 /* each decoded record goes in here */
22094d11 256 TLS_RL_RECORD rrec[SSL_MAX_PIPELINES];
50023e9b 257
eb4129e1 258 /* How many records have we got available in the rrec buffer */
50023e9b
MC		 259 size_t num_recs;
260
261 /* The record number in the rrec buffer that can be read next */
262 size_t curr_rec;
263
264 /* The number of records that have been released via tls_release_record */
265 size_t num_released;
266
50023e9b
MC		 267 /* where we are when reading */
268 int rstate;
269
270 /* used internally to point at a raw packet */
271 unsigned char *packet;
272 size_t packet_length;
273
0755722c
MC		 274 /* Sequence number for the next record */
275 unsigned char sequence[SEQ_NUM_SIZE];
276
4bf610bd 277 /* Alert code to be used if an error occurs */
50023e9b
MC		 278 int alert;
279
280 /*
b0a9042e 281 * Read as many input bytes as possible (for non-blocking reads)
50023e9b
MC		 282 */
283 int read_ahead;
284
285 /* The number of consecutive empty records we have received */
286 size_t empty_record_count;
287
b9e4e783
MC		 288 /*
289 * Do we need to send a prefix empty record before application data as a
290 * countermeasure against known-IV weakness (necessary for SSLv3 and
291 * TLSv1.0)
292 */
293 int need_empty_fragments;
294
50023e9b 295 /* cryptographic state */
6366bdd9 296 EVP_CIPHER_CTX *enc_ctx;
1853d20a 297
9251c3c4
MC		 298 /* Explicit IV length */
299 size_t eivlen;
300
50023e9b 301 /* used for mac generation */
6366bdd9
MC		 302 EVP_MD_CTX *md_ctx;
303
9251c3c4
MC		 304 /* compress/uncompress */
305 COMP_CTX *compctx;
50023e9b 306
1853d20a
MC		 307 /* Set to 1 if this is the first handshake. 0 otherwise */
308 int is_first_handshake;
309
435d88d7
MC		 310 /*
311 * The smaller of the configured and negotiated maximum fragment length
312 * or SSL3_RT_MAX_PLAIN_LENGTH if none
313 */
ffbd6e67
MC		 314 unsigned int max_frag_len;
315
eb4129e1 316 /* The maximum amount of early data we can receive/send */
9dd90232
MC		 317 uint32_t max_early_data;
318
319 /* The amount of early data that we have sent/received */
320 size_t early_data_count;
321
eb7d6c2a
MC		 322 /* TLSv1.3 record padding */
323 size_t block_padding;
324
50023e9b
MC		 325 /* Only used by SSLv3 */
326 unsigned char mac_secret[EVP_MAX_MD_SIZE];
327
7f2f0ac7
MC		 328 /* TLSv1.0/TLSv1.1/TLSv1.2 */
329 int use_etm;
330
8124ab56
MC		 331 /* Flags for GOST ciphers */
332 int stream_mac;
333 int tlstree;
334
1853d20a
MC		 335 /* TLSv1.3 fields */
336 /* static IV */
50023e9b 337 unsigned char iv[EVP_MAX_IV_LENGTH];
1853d20a
MC		 338 int allow_plain_alerts;
339
340 /* TLS "any" fields */
341 /* Set to true if this is the first record in a connection */
342 unsigned int is_first_record;
50023e9b
MC		 343
344 size_t taglen;
345
bfc0f10d 346 /* DTLS received handshake records (processed and unprocessed) */
715a74a6
FWH		 347 struct pqueue_st *unprocessed_rcds;
348 struct pqueue_st *processed_rcds;
eddb067e 349
bfc0f10d 350 /* records being received in the current epoch */
f6aab7b1 351 DTLS_BITMAP bitmap;
bfc0f10d 352 /* renegotiation starts a new set of sequence numbers */
f6aab7b1 353 DTLS_BITMAP next_bitmap;
bfc0f10d
MC		 354
355 /*
eb4129e1 356 * Whether we are currently in a handshake or not. Only maintained for DTLS
bfc0f10d
MC		 357 */
358 int in_init;
359
9dd90232
MC		 360 /* Callbacks */
361 void *cbarg;
3c7b9ef9
MC		 362 OSSL_FUNC_rlayer_skip_early_data_fn *skip_early_data;
363 OSSL_FUNC_rlayer_msg_callback_fn *msg_callback;
ed0e298f 364 OSSL_FUNC_rlayer_security_fn *security;
5f95eb77 365 OSSL_FUNC_rlayer_padding_fn *padding;
9dd90232 366
8124ab56
MC		 367 size_t max_pipelines;
368
50023e9b 369 /* Function pointers for version specific functions */
89dd87e1 370 const struct record_functions_st *funcs;
50023e9b
MC		 371};
372
eddb067e
MC		 373typedef struct dtls_rlayer_record_data_st {
374 unsigned char *packet;
375 size_t packet_length;
e9189cc4 376 TLS_BUFFER rbuf;
22094d11 377 TLS_RL_RECORD rrec;
eddb067e
MC		 378} DTLS_RLAYER_RECORD_DATA;
379
89dd87e1
HL		 380extern const struct record_functions_st ssl_3_0_funcs;
381extern const struct record_functions_st tls_1_funcs;
382extern const struct record_functions_st tls_1_3_funcs;
383extern const struct record_functions_st tls_any_funcs;
384extern const struct record_functions_st dtls_1_funcs;
385extern const struct record_functions_st dtls_any_funcs;
50023e9b
MC		 386
387void ossl_rlayer_fatal(OSSL_RECORD_LAYER *rl, int al, int reason,
388 const char *fmt, ...);
389
1704961c
MC		 390#define RLAYERfatal(rl, al, r) RLAYERfatal_data((rl), (al), (r), NULL)
391#define RLAYERfatal_data \
50023e9b
MC		 392 (ERR_new(), \
393 ERR_set_debug(OPENSSL_FILE, OPENSSL_LINE, OPENSSL_FUNC), \
394 ossl_rlayer_fatal)
395
1704961c
MC		 396#define RLAYER_USE_EXPLICIT_IV(rl) ((rl)->version == TLS1_1_VERSION \
397 || (rl)->version == TLS1_2_VERSION \
709637c8
FWH		 398 || (rl)->version == DTLS1_BAD_VER \
399 || (rl)->version == DTLS1_VERSION \
400 || (rl)->version == DTLS1_2_VERSION)
88d61680 401
22094d11
MC		 402void ossl_tls_rl_record_set_seq_num(TLS_RL_RECORD *r,
403 const unsigned char *seq_num);
23c57f00 404
50023e9b
MC		 405int ossl_set_tls_provider_parameters(OSSL_RECORD_LAYER *rl,
406 EVP_CIPHER_CTX *ctx,
407 const EVP_CIPHER *ciph,
7f2f0ac7 408 const EVP_MD *md);
23c57f00 409
bed07b18 410int tls_increment_sequence_ctr(OSSL_RECORD_LAYER *rl);
7eb39ecb
MC		 411int tls_alloc_buffers(OSSL_RECORD_LAYER *rl);
412int tls_free_buffers(OSSL_RECORD_LAYER *rl);
bed07b18 413
1853d20a
MC		 414int tls_default_read_n(OSSL_RECORD_LAYER *rl, size_t n, size_t max, int extend,
415 int clearold, size_t *readbytes);
eddb067e 416int tls_get_more_records(OSSL_RECORD_LAYER *rl);
222cf410 417int dtls_get_more_records(OSSL_RECORD_LAYER *rl);
1853d20a 418
b9e37f8f
MC		 419int dtls_prepare_record_header(OSSL_RECORD_LAYER *rl,
420 WPACKET *thispkt,
421 OSSL_RECORD_TEMPLATE *templ,
eb1eaa9a 422 uint8_t rectype,
b9e37f8f 423 unsigned char **recdata);
421386e3
MC		 424int dtls_post_encryption_processing(OSSL_RECORD_LAYER *rl,
425 size_t mac_size,
426 OSSL_RECORD_TEMPLATE *thistempl,
427 WPACKET *thispkt,
22094d11 428 TLS_RL_RECORD *thiswr);
602ee1f6 429
1853d20a 430int tls_default_set_protocol_version(OSSL_RECORD_LAYER *rl, int version);
22094d11
MC		 431int tls_default_validate_record_header(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *re);
432int tls_do_compress(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *wr);
433int tls_do_uncompress(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec);
434int tls_default_post_process_record(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec);
435int tls13_common_post_process_record(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec);
1853d20a
MC		 436
437int
438tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers,
cfabddfb 439 int role, int direction, int level,
1853d20a 440 const EVP_CIPHER *ciph, size_t taglen,
1e76110b 441 const EVP_MD *md, COMP_METHOD *comp, BIO *prev,
359affde 442 BIO *transport, BIO *next,
1853d20a 443 const OSSL_PARAM *settings, const OSSL_PARAM *options,
9dd90232 444 const OSSL_DISPATCH *fns, void *cbarg,
8124ab56 445 OSSL_RECORD_LAYER **retrl);
359affde 446int tls_free(OSSL_RECORD_LAYER *rl);
1853d20a
MC		 447int tls_unprocessed_read_pending(OSSL_RECORD_LAYER *rl);
448int tls_processed_read_pending(OSSL_RECORD_LAYER *rl);
449size_t tls_app_data_pending(OSSL_RECORD_LAYER *rl);
eb1eaa9a 450size_t tls_get_max_records(OSSL_RECORD_LAYER *rl, uint8_t type, size_t len,
02719d5c 451 size_t maxfrag, size_t *preffrag);
2b71b042
MC		 452int tls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
453 size_t numtempl);
454int tls_retry_write_records(OSSL_RECORD_LAYER *rl);
1853d20a
MC		 455int tls_get_alert_code(OSSL_RECORD_LAYER *rl);
456int tls_set1_bio(OSSL_RECORD_LAYER *rl, BIO *bio);
1704961c 457int tls_read_record(OSSL_RECORD_LAYER *rl, void **rechandle, int *rversion,
1cc8c53b 458 uint8_t *type, const unsigned char **data, size_t *datalen,
8124ab56 459 uint16_t *epoch, unsigned char *seq_num);
7a4e109e 460int tls_release_record(OSSL_RECORD_LAYER *rl, void *rechandle, size_t length);
1853d20a
MC		 461int tls_default_set_protocol_version(OSSL_RECORD_LAYER *rl, int version);
462int tls_set_protocol_version(OSSL_RECORD_LAYER *rl, int version);
463void tls_set_plain_alerts(OSSL_RECORD_LAYER *rl, int allow);
464void tls_set_first_handshake(OSSL_RECORD_LAYER *rl, int first);
8124ab56 465void tls_set_max_pipelines(OSSL_RECORD_LAYER *rl, size_t max_pipelines);
d0b17ea0
MC		 466void tls_get_state(OSSL_RECORD_LAYER *rl, const char **shortstr,
467 const char **longstr);
4566dae7 468int tls_set_options(OSSL_RECORD_LAYER *rl, const OSSL_PARAM *options);
1e76110b 469const COMP_METHOD *tls_get_compression(OSSL_RECORD_LAYER *rl);
435d88d7 470void tls_set_max_frag_len(OSSL_RECORD_LAYER *rl, size_t max_frag_len);
9b7fb65e 471int tls_setup_read_buffer(OSSL_RECORD_LAYER *rl);
bafe524b
MC		 472int tls_setup_write_buffer(OSSL_RECORD_LAYER *rl, size_t numwpipes,
473 size_t firstlen, size_t nextlen);
474
475int tls_write_records_multiblock(OSSL_RECORD_LAYER *rl,
476 OSSL_RECORD_TEMPLATE *templates,
477 size_t numtempl);
478
eb1eaa9a
TM		 479size_t tls_get_max_records_default(OSSL_RECORD_LAYER *rl, uint8_t type,
480 size_t len,
bafe524b 481 size_t maxfrag, size_t *preffrag);
eb1eaa9a 482size_t tls_get_max_records_multiblock(OSSL_RECORD_LAYER *rl, uint8_t type,
aca70ca8
MC		 483 size_t len, size_t maxfrag,
484 size_t *preffrag);
91fe8ff0
MC		 485int tls_allocate_write_buffers_default(OSSL_RECORD_LAYER *rl,
486 OSSL_RECORD_TEMPLATE *templates,
487 size_t numtempl, size_t *prefix);
488int tls_initialise_write_packets_default(OSSL_RECORD_LAYER *rl,
489 OSSL_RECORD_TEMPLATE *templates,
490 size_t numtempl,
491 OSSL_RECORD_TEMPLATE *prefixtempl,
492 WPACKET *pkt,
e9189cc4 493 TLS_BUFFER *bufs,
91fe8ff0
MC		 494 size_t *wpinited);
495int tls1_allocate_write_buffers(OSSL_RECORD_LAYER *rl,
496 OSSL_RECORD_TEMPLATE *templates,
497 size_t numtempl, size_t *prefix);
498int tls1_initialise_write_packets(OSSL_RECORD_LAYER *rl,
499 OSSL_RECORD_TEMPLATE *templates,
500 size_t numtempl,
501 OSSL_RECORD_TEMPLATE *prefixtempl,
502 WPACKET *pkt,
e9189cc4 503 TLS_BUFFER *bufs,
91fe8ff0 504 size_t *wpinited);
aca70ca8
MC		 505int tls_prepare_record_header_default(OSSL_RECORD_LAYER *rl,
506 WPACKET *thispkt,
507 OSSL_RECORD_TEMPLATE *templ,
eb1eaa9a 508 uint8_t rectype,
aca70ca8 509 unsigned char **recdata);
757ef3ba
MC		 510int tls_prepare_for_encryption_default(OSSL_RECORD_LAYER *rl,
511 size_t mac_size,
512 WPACKET *thispkt,
22094d11 513 TLS_RL_RECORD *thiswr);
2a354d54
MC		 514int tls_post_encryption_processing_default(OSSL_RECORD_LAYER *rl,
515 size_t mac_size,
516 OSSL_RECORD_TEMPLATE *thistempl,
517 WPACKET *thispkt,
22094d11 518 TLS_RL_RECORD *thiswr);
bafe524b
MC		 519int tls_write_records_default(OSSL_RECORD_LAYER *rl,
520 OSSL_RECORD_TEMPLATE *templates,
521 size_t numtempl);
e158ada6 522
e9189cc4
MC		 523/* Macros/functions provided by the TLS_BUFFER component */
524
525#define TLS_BUFFER_get_buf(b) ((b)->buf)
526#define TLS_BUFFER_set_buf(b, n) ((b)->buf = (n))
527#define TLS_BUFFER_get_len(b) ((b)->len)
528#define TLS_BUFFER_get_left(b) ((b)->left)
529#define TLS_BUFFER_set_left(b, l) ((b)->left = (l))
530#define TLS_BUFFER_sub_left(b, l) ((b)->left -= (l))
531#define TLS_BUFFER_get_offset(b) ((b)->offset)
532#define TLS_BUFFER_set_offset(b, o) ((b)->offset = (o))
533#define TLS_BUFFER_add_offset(b, o) ((b)->offset += (o))
534#define TLS_BUFFER_set_app_buffer(b, l) ((b)->app_buffer = (l))
535#define TLS_BUFFER_is_app_buffer(b) ((b)->app_buffer)
536
537void ossl_tls_buffer_release(TLS_BUFFER *b);
A mirror of the official openssl repository