]>
Commit | Line | Data |
---|---|---|
79a1f3e4 MC |
1 | /* |
2 | * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
79eebb08 MC |
10 | #ifndef OSSL_INTERNAL_RECORDMETHOD_H |
11 | # define OSSL_INTERNAL_RECORDMETHOD_H | |
12 | # pragma once | |
13 | ||
14 | # include <openssl/ssl.h> | |
79a1f3e4 MC |
15 | |
16 | /* | |
17 | * We use the term "record" here to refer to a packet of data. Records are | |
18 | * typically protected via a cipher and MAC, or an AEAD cipher (although not | |
19 | * always). This usage of the term record is consistent with the TLS concept. | |
20 | * In QUIC the term "record" is not used but it is analogous to the QUIC term | |
21 | * "packet". The interface in this file applies to all protocols that protect | |
22 | * records/packets of data, i.e. (D)TLS and QUIC. The term record is used to | |
23 | * refer to both contexts. | |
24 | */ | |
25 | ||
26 | ||
27 | /* | |
28 | * Types of QUIC record layer; | |
29 | * | |
30 | * QUIC reuses the TLS handshake for agreeing secrets. An SSL object representing | |
31 | * a QUIC connection will have an additional SSL object internally representing | |
32 | * the TLS state of the QUIC handshake. This internal TLS is referred to as | |
33 | * QUIC-TLS in this file. | |
34 | * "Records" output from QUIC-TLS contains standard TLS handshake messages and | |
35 | * are *not* encrypted directly but are instead wrapped up in plaintext | |
36 | * CRYPTO frames. These CRYPTO frames could be collected together with other | |
37 | * QUIC frames into a single QUIC packet. The QUIC record layer will then | |
38 | * encrypt the whole packet. | |
39 | * | |
40 | * So we have: | |
41 | * QUIC-TLS record layer: outputs plaintext CRYPTO frames containing TLS | |
42 | * handshake messages only. | |
43 | * QUIC record layer: outputs encrypted packets which may contain CRYPTO frames | |
44 | * or any other type of QUIC frame. | |
45 | */ | |
46 | ||
47 | /* | |
48 | * An OSSL_RECORD_METHOD is a protcol specific method which provides the | |
49 | * functions for reading and writing records for that protocol. Which | |
50 | * OSSL_RECORD_METHOD to use for a given protocol is defined by the SSL_METHOD. | |
51 | */ | |
52 | typedef struct ossl_record_method_st OSSL_RECORD_METHOD; | |
53 | ||
54 | /* | |
55 | * An OSSL_RECORD_LAYER is just an externally defined opaque pointer created by | |
56 | * the method | |
57 | */ | |
58 | typedef struct ossl_record_layer_st OSSL_RECORD_LAYER; | |
59 | ||
60 | ||
79eebb08 MC |
61 | # define OSSL_RECORD_ROLE_CLIENT 0 |
62 | # define OSSL_RECORD_ROLE_SERVER 1 | |
79a1f3e4 | 63 | |
79eebb08 MC |
64 | # define OSSL_RECORD_DIRECTION_READ 0 |
65 | # define OSSL_RECORD_DIRECTION_WRITE 1 | |
79a1f3e4 MC |
66 | |
67 | /* | |
68 | * Protection level. For <= TLSv1.2 only "NONE" and "APPLICATION" are used. | |
69 | */ | |
79eebb08 MC |
70 | # define OSSL_RECORD_PROTECTION_LEVEL_NONE 0 |
71 | # define OSSL_RECORD_PROTECTION_LEVEL_EARLY 1 | |
72 | # define OSSL_RECORD_PROTECTION_LEVEL_HANDSHAKE 2 | |
73 | # define OSSL_RECORD_PROTECTION_LEVEL_APPLICATION 3 | |
79a1f3e4 MC |
74 | |
75 | ||
79eebb08 MC |
76 | # define OSSL_RECORD_RETURN_SUCCESS 1 |
77 | # define OSSL_RECORD_RETURN_RETRY 0 | |
78 | # define OSSL_RECORD_RETURN_NON_FATAL_ERR -1 | |
79 | # define OSSL_RECORD_RETURN_FATAL -2 | |
80 | # define OSSL_RECORD_RETURN_EOF -3 | |
e2d5742b | 81 | |
79a1f3e4 MC |
82 | /* |
83 | * Template for creating a record. A record consists of the |type| of data it | |
84 | * will contain (e.g. alert, handshake, application data, etc) along with an | |
85 | * array of buffers in |bufs| of size |numbufs|. There is a corresponding array | |
86 | * of buffer lengths in |buflens|. Concatenating all of the buffer data together | |
87 | * would give you the complete plaintext payload to be sent in a single record. | |
88 | */ | |
89 | struct ossl_record_template_st { | |
90 | int type; | |
91 | void **bufs; | |
92 | size_t *buflens; | |
93 | size_t numbufs; | |
94 | }; | |
95 | ||
96 | typedef struct ossl_record_template_st OSSL_RECORD_TEMPLATE; | |
97 | ||
98 | /* | |
99 | * Rather than a "method" approach, we could make this fetchable - Should we? | |
100 | * There could be some complexity in finding suitable record layer implementations | |
101 | * e.g. we need to find one that matches the negotiated protocol, cipher, | |
102 | * extensions, etc. The selection_cb approach given above doesn't work so well | |
103 | * if unknown third party providers with OSSL_RECORD_METHOD implementations are | |
104 | * loaded. | |
105 | */ | |
106 | ||
107 | /* | |
108 | * If this becomes public API then we will need functions to create and | |
109 | * free an OSSL_RECORD_METHOD, as well as functions to get/set the various | |
110 | * function pointers....unless we make it fetchable. | |
111 | */ | |
112 | struct ossl_record_method_st { | |
113 | /* | |
114 | * Create a new OSSL_RECORD_LAYER object for handling the protocol version | |
115 | * set by |vers|. |role| is 0 for client and 1 for server. |direction| | |
116 | * indicates either read or write. |level| is the protection level as | |
117 | * described above. |settings| are mandatory settings that will cause the | |
118 | * new() call to fail if they are not understood (for example to require | |
119 | * Encrypt-Then-Mac support). |options| are optional settings that will not | |
120 | * cause the new() call to fail if they are not understood (for example | |
121 | * whether to use "read ahead" or not). | |
122 | * | |
123 | * The BIO in |transport| is the BIO for the underlying transport layer. | |
124 | * Where the direction is "read", then this BIO will only ever be used for | |
125 | * reading data. Where the direction is "write", then this BIO will only | |
126 | * every be used for writing data. | |
127 | * | |
128 | * An SSL object will always have at least 2 OSSL_RECORD_LAYER objects in | |
129 | * force at any one time (one for reading and one for writing). In some | |
130 | * protocols more than 2 might be used (e.g. in DTLS for retransmitting | |
131 | * messages from an earlier epoch). | |
132 | */ | |
133 | ||
134 | /* | |
aedbb71b MC |
135 | * TODO(RECLAYER): Will have to be something other than EVP_CIPHER if we |
136 | * make this fetchable | |
137 | * TODO(RECLAYER): mactype should not be an int | |
79a1f3e4 | 138 | */ |
aedbb71b MC |
139 | OSSL_RECORD_LAYER *(*new_record_layer)(OSSL_LIB_CTX *libctx, |
140 | const char *propq, int vers, | |
141 | int role, int direction, | |
142 | int level, unsigned char *key, | |
143 | size_t keylen, | |
144 | unsigned char *iv, | |
145 | size_t ivlen, | |
146 | unsigned char *mackey, | |
147 | size_t mackeylen, | |
148 | const EVP_CIPHER *ciph, | |
149 | size_t taglen, | |
150 | /* TODO(RECLAYER): This probably should not be an int */ | |
151 | int mactype, | |
152 | const EVP_MD *md, | |
153 | const SSL_COMP *comp, | |
154 | BIO *transport, BIO_ADDR *local, | |
155 | BIO_ADDR *peer, | |
156 | const OSSL_PARAM *settings, | |
157 | const OSSL_PARAM *options, | |
158 | /* TODO(RECLAYER): Remove me */ | |
159 | SSL_CONNECTION *s); | |
11653dcd | 160 | void (*free)(OSSL_RECORD_LAYER *rl); |
79a1f3e4 | 161 | |
11653dcd | 162 | int (*reset)(OSSL_RECORD_LAYER *rl); /* Is this needed? */ |
79a1f3e4 MC |
163 | |
164 | /* Returns 1 if we have unprocessed data buffered or 0 otherwise */ | |
11653dcd | 165 | int (*unprocessed_read_pending)(OSSL_RECORD_LAYER *rl); |
79a1f3e4 MC |
166 | /* |
167 | * Returns 1 if we have processed data buffered that can be read or 0 otherwise | |
168 | * - not necessarily app data | |
169 | */ | |
11653dcd | 170 | int (*processed_read_pending)(OSSL_RECORD_LAYER *rl); |
79a1f3e4 MC |
171 | |
172 | /* | |
173 | * The amount of processed app data that is internally bufferred and | |
174 | * available to read | |
175 | */ | |
11653dcd | 176 | size_t (*app_data_pending)(OSSL_RECORD_LAYER *rl); |
79a1f3e4 | 177 | |
11653dcd | 178 | int (*write_pending)(OSSL_RECORD_LAYER *rl); |
79a1f3e4 MC |
179 | |
180 | ||
181 | /* | |
182 | * Find out the maximum amount of plaintext data that the record layer is | |
183 | * prepared to write in a single record. When calling write_records it is | |
184 | * the caller's responsibility to ensure that no record template exceeds | |
185 | * this maximum when calling write_records. | |
186 | */ | |
11653dcd | 187 | size_t (*get_max_record_len)(OSSL_RECORD_LAYER *rl); |
79a1f3e4 MC |
188 | |
189 | /* | |
190 | * Find out the maximum number of records that the record layer is prepared | |
191 | * to process in a single call to write_records. It is the caller's | |
192 | * responsibility to ensure that no call to write_records exceeds this | |
193 | * number of records. | |
194 | */ | |
11653dcd | 195 | size_t (*get_max_records)(OSSL_RECORD_LAYER *rl); |
79a1f3e4 MC |
196 | |
197 | /* | |
198 | * Write |numtempl| records from the array of record templates pointed to | |
199 | * by |templates|. Each record should be no longer than the value returned | |
200 | * by get_max_record_len(), and there should be no more records than the | |
201 | * value returned by get_max_records(). | |
202 | * |allowance| is the maximum amount of "on-the-wire" data that is allowed | |
203 | * to be sent at the moment (including all QUIC headers, but excluding any | |
204 | * UDP/IP headers). After a successful or retry return |*sent| will | |
205 | * be updated with the amount of data that has been sent so far. In the case | |
206 | * of a retry this could be 0. | |
207 | * Where possible the caller will attempt to ensure that all records are the | |
208 | * same length, except the last record. This may not always be possible so | |
209 | * the record method implementation should not rely on this being the case. | |
210 | * In the event of a retry the caller should call retry_write_records() | |
211 | * to try again. No more calls to write_records() should be attempted until | |
212 | * retry_write_records() returns success. | |
213 | * Buffers allocated for the record templates can be freed immediately after | |
214 | * write_records() returns - even in the case a retry. | |
215 | * The record templates represent the plaintext payload. The encrypted | |
216 | * output is written to the |transport| BIO. | |
217 | * Returns: | |
218 | * 1 on success | |
219 | * 0 on retry | |
220 | * -1 on failure | |
221 | */ | |
11653dcd MC |
222 | int (*write_records)(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE **templates, |
223 | size_t numtempl, size_t allowance, size_t *sent); | |
79a1f3e4 MC |
224 | |
225 | /* | |
226 | * Retry a previous call to write_records. The caller should continue to | |
227 | * call this until the function returns with success or failure. After | |
228 | * each retry more of the data may have been incrementally sent. |allowance| | |
229 | * is the amount of "on-the-wire" data that is allowed to be sent at the | |
230 | * moment. After a successful or retry return |*sent| will | |
231 | * be updated with the amount of data that has been sent by this call to | |
232 | * retry_write_records(). | |
233 | * Returns: | |
234 | * 1 on success | |
235 | * 0 on retry | |
236 | * -1 on failure | |
237 | */ | |
11653dcd MC |
238 | int (*retry_write_records)(OSSL_RECORD_LAYER *rl, size_t allowance, |
239 | size_t *sent); | |
79a1f3e4 MC |
240 | |
241 | /* | |
242 | * Read a record and return the record layer version and record type in | |
243 | * the |rversion| and |type| parameters. |*data| is set to point to a | |
244 | * record layer buffer containing the record payload data and |*datalen| | |
245 | * is filled in with the length of that data. The |epoch| and |seq_num| | |
246 | * values are only used if DTLS has been negotiated. In that case they are | |
247 | * filled in with the epoch and sequence number from the record. | |
248 | * An opaque record layer handle for the record is returned in |*rechandle| | |
249 | * which is used in a subsequent call to |release_record|. The buffer must | |
250 | * remain available until release_record is called. | |
251 | * | |
252 | * Internally the the OSSL_RECORD_METHOD the implementation may read/process | |
253 | * multiple records in one go and buffer them. | |
254 | */ | |
11653dcd MC |
255 | int (*read_record)(OSSL_RECORD_LAYER *rl, void **rechandle, int *rversion, |
256 | int *type, unsigned char **data, size_t *datalen, | |
4030869d MC |
257 | uint16_t *epoch, unsigned char *seq_num, |
258 | /* TODO(RECLAYER): Remove me */ SSL_CONNECTION *s); | |
79a1f3e4 MC |
259 | /* |
260 | * Release a buffer associated with a record previously read with | |
261 | * read_record. Records are guaranteed to be released in the order that they | |
262 | * are read. | |
263 | */ | |
4030869d | 264 | int (*release_record)(OSSL_RECORD_LAYER *rl, void *rechandle); |
79a1f3e4 | 265 | |
e2d5742b MC |
266 | /* |
267 | * In the event that a fatal error is returned from the functions above then | |
268 | * get_alert_code() can be called to obtain a more details identifier for | |
269 | * the error. In (D)TLS this is the alert description code. | |
270 | */ | |
271 | int (*get_alert_code)(OSSL_RECORD_LAYER *rl); | |
272 | ||
273 | /* | |
274 | * Update the transport BIO from the one originally set in the | |
275 | * new_record_layer call | |
276 | */ | |
277 | int (*set1_bio)(OSSL_RECORD_LAYER *rl, BIO *bio); | |
278 | ||
279 | /* | |
280 | * TODO(RECLAYER): Remove these. These function pointers are temporary hacks | |
281 | * during the record layer refactoring. They need to be removed before the | |
282 | * refactor is complete. | |
283 | */ | |
284 | int (*read_n)(OSSL_RECORD_LAYER *rl, size_t n, size_t max, int extend, | |
285 | int clearold, size_t *readbytes); | |
286 | SSL3_BUFFER *(*get0_rbuf)(OSSL_RECORD_LAYER *rl); | |
287 | unsigned char *(*get0_packet)(OSSL_RECORD_LAYER *rl); | |
288 | void (*set0_packet)(OSSL_RECORD_LAYER *rl, unsigned char *packet, | |
289 | size_t packetlen); | |
290 | size_t (*get_packet_length)(OSSL_RECORD_LAYER *rl); | |
291 | void (*reset_packet_length)(OSSL_RECORD_LAYER *rl); | |
79a1f3e4 | 292 | }; |
e2d5742b MC |
293 | |
294 | ||
295 | /* Standard built-in record methods */ | |
296 | extern const OSSL_RECORD_METHOD ossl_tls_record_method; | |
79eebb08 MC |
297 | extern const OSSL_RECORD_METHOD ossl_dtls_record_method; |
298 | ||
299 | #endif /* !defined(OSSL_INTERNAL_RECORDMETHOD_H) */ |