2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/core_dispatch.h>
11 #include "internal/recordmethod.h"
13 /*****************************************************************************
15 * These structures should be considered PRIVATE to the record layer. No *
16 * non-record layer code should be using these structures in any way. *
18 *****************************************************************************/
20 #define SEQ_NUM_SIZE 8
22 typedef struct tls_record_st
{
26 /* The data buffer containing bytes from the record */
27 const unsigned char *data
;
29 * Buffer that we allocated to store data. If non NULL always the same as
30 * data (but non-const)
32 unsigned char *allocdata
;
33 /* Number of remaining to be read in the data buffer */
35 /* Offset into the data buffer where to start reading */
37 /* epoch number. DTLS only */
39 /* sequence number. DTLS only */
40 unsigned char seq_num
[SEQ_NUM_SIZE
];
41 #ifndef OPENSSL_NO_SCTP
42 struct bio_dgram_sctp_rcvinfo recordinfo
;
46 typedef struct dtls_record_layer_st
{
48 * The current data and handshake epoch. This is initially
49 * undefined, and starts at zero once the initial handshake is
56 * Buffered application records. Only for records between CCS and
57 * Finished to prevent either protocol violation or unnecessary message
60 struct pqueue_st
*buffered_app_data
;
63 /*****************************************************************************
65 * This structure should be considered "opaque" to anything outside of the *
66 * record layer. No non-record layer code should be accessing the members of *
69 *****************************************************************************/
71 typedef struct record_layer_st
{
72 /* The parent SSL_CONNECTION structure */
75 /* Custom record layer: always selected if set */
76 const OSSL_RECORD_METHOD
*custom_rlmethod
;
77 /* Record layer specific argument */
79 /* Method to use for the read record layer*/
80 const OSSL_RECORD_METHOD
*rrlmethod
;
81 /* Method to use for the write record layer*/
82 const OSSL_RECORD_METHOD
*wrlmethod
;
83 /* The read record layer object itself */
84 OSSL_RECORD_LAYER
*rrl
;
85 /* The write record layer object itself */
86 OSSL_RECORD_LAYER
*wrl
;
87 /* BIO to store data destined for the next read record layer epoch */
89 /* Default read buffer length to be passed to the record layer */
90 size_t default_read_buf_len
;
93 * Read as many input bytes as possible (for
98 /* number of bytes sent so far */
100 unsigned char handshake_fragment
[4];
101 size_t handshake_fragment_len
;
102 /* partial write - check the numbers match */
103 /* number bytes written */
106 const unsigned char *wpend_buf
;
108 /* Count of the number of consecutive warning alerts received */
109 unsigned int alert_count
;
110 DTLS_RECORD_LAYER
*d
;
112 /* TLS1.3 padding callback */
113 size_t (*record_padding_cb
)(SSL
*s
, int type
, size_t len
, void *arg
);
114 void *record_padding_arg
;
115 size_t block_padding
;
117 /* How many records we have read from the record layer */
119 /* The next record from the record layer that we need to process */
121 /* Record layer data to be processed */
122 TLS_RECORD tlsrecs
[SSL_MAX_PIPELINES
];
126 /*****************************************************************************
128 * The following macros/functions represent the libssl internal API to the *
129 * record layer. Any libssl code may call these functions/macros *
131 *****************************************************************************/
133 #define RECORD_LAYER_set_read_ahead(rl, ra) ((rl)->read_ahead = (ra))
134 #define RECORD_LAYER_get_read_ahead(rl) ((rl)->read_ahead)
136 void RECORD_LAYER_init(RECORD_LAYER
*rl
, SSL_CONNECTION
*s
);
137 int RECORD_LAYER_clear(RECORD_LAYER
*rl
);
138 int RECORD_LAYER_reset(RECORD_LAYER
*rl
);
139 int RECORD_LAYER_read_pending(const RECORD_LAYER
*rl
);
140 int RECORD_LAYER_processed_read_pending(const RECORD_LAYER
*rl
);
141 int RECORD_LAYER_write_pending(const RECORD_LAYER
*rl
);
142 int RECORD_LAYER_is_sslv2_record(RECORD_LAYER
*rl
);
143 __owur
size_t ssl3_pending(const SSL
*s
);
144 __owur
int ssl3_write_bytes(SSL
*s
, uint8_t type
, const void *buf
, size_t len
,
146 __owur
int ssl3_read_bytes(SSL
*s
, uint8_t type
, uint8_t *recvd_type
,
147 unsigned char *buf
, size_t len
, int peek
,
150 int DTLS_RECORD_LAYER_new(RECORD_LAYER
*rl
);
151 void DTLS_RECORD_LAYER_free(RECORD_LAYER
*rl
);
152 void DTLS_RECORD_LAYER_clear(RECORD_LAYER
*rl
);
153 __owur
int dtls1_read_bytes(SSL
*s
, uint8_t type
, uint8_t *recvd_type
,
154 unsigned char *buf
, size_t len
, int peek
,
156 __owur
int dtls1_write_bytes(SSL_CONNECTION
*s
, uint8_t type
, const void *buf
,
157 size_t len
, size_t *written
);
158 int do_dtls1_write(SSL_CONNECTION
*s
, uint8_t type
, const unsigned char *buf
,
159 size_t len
, size_t *written
);
160 void dtls1_increment_epoch(SSL_CONNECTION
*s
, int rw
);
161 uint16_t dtls1_get_epoch(SSL_CONNECTION
*s
, int rw
);
162 int ssl_release_record(SSL_CONNECTION
*s
, TLS_RECORD
*rr
, size_t length
);
164 # define HANDLE_RLAYER_READ_RETURN(s, ret) \
165 ossl_tls_handle_rlayer_return(s, 0, ret, OPENSSL_FILE, OPENSSL_LINE)
167 # define HANDLE_RLAYER_WRITE_RETURN(s, ret) \
168 ossl_tls_handle_rlayer_return(s, 1, ret, OPENSSL_FILE, OPENSSL_LINE)
170 int ossl_tls_handle_rlayer_return(SSL_CONNECTION
*s
, int writing
, int ret
,
171 char *file
, int line
);
173 int ssl_set_new_record_layer(SSL_CONNECTION
*s
, int version
,
174 int direction
, int level
,
175 unsigned char *secret
, size_t secretlen
,
176 unsigned char *key
, size_t keylen
,
177 unsigned char *iv
, size_t ivlen
,
178 unsigned char *mackey
, size_t mackeylen
,
179 const EVP_CIPHER
*ciph
, size_t taglen
,
180 int mactype
, const EVP_MD
*md
,
181 const SSL_COMP
*comp
, const EVP_MD
*kdfdigest
);
182 int ssl_set_record_protocol_version(SSL_CONNECTION
*s
, int vers
);
184 # define OSSL_FUNC_RLAYER_SKIP_EARLY_DATA 1
185 OSSL_CORE_MAKE_FUNC(int, rlayer_skip_early_data
, (void *cbarg
))
186 # define OSSL_FUNC_RLAYER_MSG_CALLBACK 2
187 OSSL_CORE_MAKE_FUNC(void, rlayer_msg_callback
, (int write_p
, int version
,
189 const void *buf
, size_t len
,
191 # define OSSL_FUNC_RLAYER_SECURITY 3
192 OSSL_CORE_MAKE_FUNC(int, rlayer_security
, (void *cbarg
, int op
, int bits
,
193 int nid
, void *other
))
194 # define OSSL_FUNC_RLAYER_PADDING 4
195 OSSL_CORE_MAKE_FUNC(size_t, rlayer_padding
, (void *cbarg
, int type
, size_t len
))