]> git.ipfire.org Git - thirdparty/openssl.git/blob - ssl/record/methods/recmethod_local.h
projects / thirdparty / openssl.git / blob
? search:


80cf8fa97376d5d793c7dd68c84076e5f8e6a7a5
[thirdparty/openssl.git] / ssl / record / methods / recmethod_local.h
1 /*
2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <openssl/bio.h>
11 #include <openssl/ssl.h>
12 #include <openssl/err.h>
13 #include "../../ssl_local.h"
14 #include "../record_local.h"
15
16 typedef struct dtls_bitmap_st {
17 /* Track 64 packets */
18 uint64_t map;
19 /* Max record number seen so far, 64-bit value in big-endian encoding */
20 unsigned char max_seq_num[SEQ_NUM_SIZE];
21 } DTLS_BITMAP;
22
23 /* Protocol version specific function pointers */
24 struct record_functions_st
25 {
26 /*
27 * Returns either OSSL_RECORD_RETURN_SUCCESS, OSSL_RECORD_RETURN_FATAL or
28 * OSSL_RECORD_RETURN_NON_FATAL_ERR if we can keep trying to find an
29 * alternative record layer.
30 */
31 int (*set_crypto_state)(OSSL_RECORD_LAYER *rl, int level,
32 unsigned char *key, size_t keylen,
33 unsigned char *iv, size_t ivlen,
34 unsigned char *mackey, size_t mackeylen,
35 const EVP_CIPHER *ciph,
36 size_t taglen,
37 int mactype,
38 const EVP_MD *md,
39 COMP_METHOD *comp);
40
41 /*
42 * Returns:
43 * 0: if the record is publicly invalid, or an internal error, or AEAD
44 * decryption failed, or EtM decryption failed.
45 * 1: Success or MtE decryption failed (MAC will be randomised)
46 */
47 int (*cipher)(OSSL_RECORD_LAYER *rl, SSL3_RECORD *recs, size_t n_recs,
48 int sending, SSL_MAC_BUF *macs, size_t macsize);
49 /* Returns 1 for success or 0 for error */
50 int (*mac)(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec, unsigned char *md,
51 int sending);
52
53 /* Return 1 for success or 0 for error */
54 int (*set_protocol_version)(OSSL_RECORD_LAYER *rl, int version);
55
56 /* Read related functions */
57
58 int (*read_n)(OSSL_RECORD_LAYER *rl, size_t n, size_t max, int extend,
59 int clearold, size_t *readbytes);
60
61 int (*get_more_records)(OSSL_RECORD_LAYER *rl);
62
63 /* Return 1 for success or 0 for error */
64 int (*validate_record_header)(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec);
65
66 /* Return 1 for success or 0 for error */
67 int (*post_process_record)(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec);
68
69 /* Write related functions */
70
71 size_t (*get_max_records)(OSSL_RECORD_LAYER *rl, int type, size_t len,
72 size_t maxfrag, size_t *preffrag);
73
74 /* Return 1 for success or 0 for error */
75 int (*write_records)(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
76 size_t numtempl);
77
78 /* Allocate the rl->wbuf buffers. Return 1 for success or 0 for error */
79 int (*allocate_write_buffers)(OSSL_RECORD_LAYER *rl,
80 OSSL_RECORD_TEMPLATE *templates,
81 size_t numtempl, size_t *prefix);
82
83 /*
84 * Initialise the packets in the |pkt| array using the buffers in |rl->wbuf|.
85 * Some protocol versions may use the space in |prefixtempl| to add
86 * an artificial template in front of the |templates| array and hence may
87 * initialise 1 more WPACKET than there are templates. |*wpinited|
88 * returns the number of WPACKETs in |pkt| that were successfully
89 * initialised. This must be 0 on entry and will be filled in even on error.
90 */
91 int (*initialise_write_packets)(OSSL_RECORD_LAYER *rl,
92 OSSL_RECORD_TEMPLATE *templates,
93 size_t numtempl,
94 OSSL_RECORD_TEMPLATE *prefixtempl,
95 WPACKET *pkt,
96 SSL3_BUFFER *bufs,
97 size_t *wpinited);
98
99 /* Get the actual record type to be used for a given template */
100 unsigned int (*get_record_type)(OSSL_RECORD_LAYER *rl,
101 OSSL_RECORD_TEMPLATE *template);
102
103 /* Write the record header data to the WPACKET */
104 int (*prepare_record_header)(OSSL_RECORD_LAYER *rl, WPACKET *thispkt,
105 OSSL_RECORD_TEMPLATE *templ,
106 unsigned int rectype,
107 unsigned char **recdata);
108
109 int (*add_record_padding)(OSSL_RECORD_LAYER *rl,
110 OSSL_RECORD_TEMPLATE *thistempl,
111 WPACKET *thispkt,
112 SSL3_RECORD *thiswr);
113
114 /*
115 * This applies any mac that might be necessary, ensures that we have enough
116 * space in the WPACKET to perform the encryption and sets up the
117 * SSL3_RECORD ready for that encryption.
118 */
119 int (*prepare_for_encryption)(OSSL_RECORD_LAYER *rl,
120 size_t mac_size,
121 WPACKET *thispkt,
122 SSL3_RECORD *thiswr);
123
124 /*
125 * Any updates required to the record after encryption has been applied. For
126 * example, adding a MAC if using encrypt-then-mac
127 */
128 int (*post_encryption_processing)(OSSL_RECORD_LAYER *rl,
129 size_t mac_size,
130 OSSL_RECORD_TEMPLATE *thistempl,
131 WPACKET *thispkt,
132 SSL3_RECORD *thiswr);
133
134 /*
135 * Some record layer implementations need to do some custom preparation of
136 * the BIO before we write to it. KTLS does this to prevent coalescing of
137 * control and data messages.
138 */
139 int (*prepare_write_bio)(OSSL_RECORD_LAYER *rl, int type);
140 };
141
142 struct ossl_record_layer_st
143 {
144 OSSL_LIB_CTX *libctx;
145 const char *propq;
146 int isdtls;
147 int version;
148 int role;
149 int direction;
150 int level;
151 const EVP_MD *md;
152 /* DTLS only */
153 uint16_t epoch;
154
155 /*
156 * A BIO containing any data read in the previous epoch that was destined
157 * for this epoch
158 */
159 BIO *prev;
160
161 /* The transport BIO */
162 BIO *bio;
163
164 /*
165 * A BIO where we will send any data read by us that is destined for the
166 * next epoch.
167 */
168 BIO *next;
169
170 /* Types match the equivalent fields in the SSL object */
171 uint64_t options;
172 uint32_t mode;
173
174 /* write IO goes into here */
175 SSL3_BUFFER wbuf[SSL_MAX_PIPELINES + 1];
176
177 /* Next wbuf with pending data still to write */
178 size_t nextwbuf;
179
180 /* How many pipelines can be used to write data */
181 size_t numwpipes;
182
183 /* read IO goes into here */
184 SSL3_BUFFER rbuf;
185 /* each decoded record goes in here */
186 SSL3_RECORD rrec[SSL_MAX_PIPELINES];
187
188 /* How many records have we got available in the rrec bufer */
189 size_t num_recs;
190
191 /* The record number in the rrec buffer that can be read next */
192 size_t curr_rec;
193
194 /* The number of records that have been released via tls_release_record */
195 size_t num_released;
196
197 /* where we are when reading */
198 int rstate;
199
200 /* used internally to point at a raw packet */
201 unsigned char *packet;
202 size_t packet_length;
203
204 /* Sequence number for the next record */
205 unsigned char sequence[SEQ_NUM_SIZE];
206
207 /* Alert code to be used if an error occurs */
208 int alert;
209
210 /*
211 * Read as many input bytes as possible (for non-blocking reads)
212 */
213 int read_ahead;
214
215 /* The number of consecutive empty records we have received */
216 size_t empty_record_count;
217
218 /*
219 * Do we need to send a prefix empty record before application data as a
220 * countermeasure against known-IV weakness (necessary for SSLv3 and
221 * TLSv1.0)
222 */
223 int need_empty_fragments;
224
225 /* cryptographic state */
226 EVP_CIPHER_CTX *enc_ctx;
227
228 /* Explicit IV length */
229 size_t eivlen;
230
231 /* used for mac generation */
232 EVP_MD_CTX *md_ctx;
233
234 /* compress/uncompress */
235 COMP_CTX *compctx;
236
237 /* Set to 1 if this is the first handshake. 0 otherwise */
238 int is_first_handshake;
239
240 /*
241 * The smaller of the configured and negotiated maximum fragment length
242 * or SSL3_RT_MAX_PLAIN_LENGTH if none
243 */
244 unsigned int max_frag_len;
245
246 /* The maxium amount of early data we can receive/send */
247 uint32_t max_early_data;
248
249 /* The amount of early data that we have sent/received */
250 size_t early_data_count;
251
252 /* TLSv1.3 record padding */
253 size_t block_padding;
254
255 /* Only used by SSLv3 */
256 unsigned char mac_secret[EVP_MAX_MD_SIZE];
257
258 /* TLSv1.0/TLSv1.1/TLSv1.2 */
259 int use_etm;
260
261 /* Flags for GOST ciphers */
262 int stream_mac;
263 int tlstree;
264
265 /* TLSv1.3 fields */
266 /* static IV */
267 unsigned char iv[EVP_MAX_IV_LENGTH];
268 /* static read IV */
269 unsigned char read_iv[EVP_MAX_IV_LENGTH];
270 int allow_plain_alerts;
271
272 /* TLS "any" fields */
273 /* Set to true if this is the first record in a connection */
274 unsigned int is_first_record;
275
276 size_t taglen;
277
278 /* DTLS received handshake records (processed and unprocessed) */
279 record_pqueue unprocessed_rcds;
280 record_pqueue processed_rcds;
281
282 /* records being received in the current epoch */
283 DTLS_BITMAP bitmap;
284 /* renegotiation starts a new set of sequence numbers */
285 DTLS_BITMAP next_bitmap;
286
287 /*
288 * Whether we are currently in a hanshake or not. Only maintained for DTLS
289 */
290 int in_init;
291
292 /* Callbacks */
293 void *cbarg;
294 OSSL_FUNC_rlayer_skip_early_data_fn *skip_early_data;
295 OSSL_FUNC_rlayer_msg_callback_fn *msg_callback;
296 OSSL_FUNC_rlayer_security_fn *security;
297 OSSL_FUNC_rlayer_padding_fn *padding;
298
299 size_t max_pipelines;
300
301 /* Function pointers for version specific functions */
302 struct record_functions_st *funcs;
303 };
304
305 typedef struct dtls_rlayer_record_data_st {
306 unsigned char *packet;
307 size_t packet_length;
308 SSL3_BUFFER rbuf;
309 SSL3_RECORD rrec;
310 } DTLS_RLAYER_RECORD_DATA;
311
312 extern struct record_functions_st ssl_3_0_funcs;
313 extern struct record_functions_st tls_1_funcs;
314 extern struct record_functions_st tls_1_3_funcs;
315 extern struct record_functions_st tls_any_funcs;
316 extern struct record_functions_st dtls_1_funcs;
317 extern struct record_functions_st dtls_any_funcs;
318
319 void ossl_rlayer_fatal(OSSL_RECORD_LAYER *rl, int al, int reason,
320 const char *fmt, ...);
321
322 #define RLAYERfatal(rl, al, r) RLAYERfatal_data((rl), (al), (r), NULL)
323 #define RLAYERfatal_data \
324 (ERR_new(), \
325 ERR_set_debug(OPENSSL_FILE, OPENSSL_LINE, OPENSSL_FUNC), \
326 ossl_rlayer_fatal)
327
328 #define RLAYER_USE_EXPLICIT_IV(rl) ((rl)->version == TLS1_1_VERSION \
329 || (rl)->version == TLS1_2_VERSION \
330 || (rl)->isdtls)
331
332 int ossl_set_tls_provider_parameters(OSSL_RECORD_LAYER *rl,
333 EVP_CIPHER_CTX *ctx,
334 const EVP_CIPHER *ciph,
335 const EVP_MD *md);
336 /* ssl3_cbc.c */
337 __owur char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
338 __owur int ssl3_cbc_digest_record(const EVP_MD *md,
339 unsigned char *md_out,
340 size_t *md_out_size,
341 const unsigned char *header,
342 const unsigned char *data,
343 size_t data_size,
344 size_t data_plus_mac_plus_padding_size,
345 const unsigned char *mac_secret,
346 size_t mac_secret_length, char is_sslv3);
347
348 int tls_increment_sequence_ctr(OSSL_RECORD_LAYER *rl);
349 int tls_alloc_buffers(OSSL_RECORD_LAYER *rl);
350 int tls_free_buffers(OSSL_RECORD_LAYER *rl);
351
352 int tls_default_read_n(OSSL_RECORD_LAYER *rl, size_t n, size_t max, int extend,
353 int clearold, size_t *readbytes);
354 int tls_get_more_records(OSSL_RECORD_LAYER *rl);
355 int dtls_get_more_records(OSSL_RECORD_LAYER *rl);
356
357 int dtls_prepare_record_header(OSSL_RECORD_LAYER *rl,
358 WPACKET *thispkt,
359 OSSL_RECORD_TEMPLATE *templ,
360 unsigned int rectype,
361 unsigned char **recdata);
362 int dtls_post_encryption_processing(OSSL_RECORD_LAYER *rl,
363 size_t mac_size,
364 OSSL_RECORD_TEMPLATE *thistempl,
365 WPACKET *thispkt,
366 SSL3_RECORD *thiswr);
367
368 int tls_default_set_protocol_version(OSSL_RECORD_LAYER *rl, int version);
369 int tls_default_validate_record_header(OSSL_RECORD_LAYER *rl, SSL3_RECORD *re);
370 int tls_do_compress(OSSL_RECORD_LAYER *rl, SSL3_RECORD *wr);
371 int tls_do_uncompress(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec);
372 int tls_default_post_process_record(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec);
373 int tls13_common_post_process_record(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec);
374
375 int
376 tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers,
377 int role, int direction, int level, unsigned char *key,
378 size_t keylen, unsigned char *iv, size_t ivlen,
379 unsigned char *mackey, size_t mackeylen,
380 const EVP_CIPHER *ciph, size_t taglen,
381 int mactype,
382 const EVP_MD *md, COMP_METHOD *comp, BIO *prev,
383 BIO *transport, BIO *next,
384 BIO_ADDR *local, BIO_ADDR *peer,
385 const OSSL_PARAM *settings, const OSSL_PARAM *options,
386 const OSSL_DISPATCH *fns, void *cbarg,
387 OSSL_RECORD_LAYER **retrl);
388 int tls_free(OSSL_RECORD_LAYER *rl);
389 int tls_reset(OSSL_RECORD_LAYER *rl);
390 int tls_unprocessed_read_pending(OSSL_RECORD_LAYER *rl);
391 int tls_processed_read_pending(OSSL_RECORD_LAYER *rl);
392 size_t tls_app_data_pending(OSSL_RECORD_LAYER *rl);
393 size_t tls_get_max_records(OSSL_RECORD_LAYER *rl, int type, size_t len,
394 size_t maxfrag, size_t *preffrag);
395 int tls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
396 size_t numtempl);
397 int tls_retry_write_records(OSSL_RECORD_LAYER *rl);
398 int tls_get_alert_code(OSSL_RECORD_LAYER *rl);
399 int tls_set1_bio(OSSL_RECORD_LAYER *rl, BIO *bio);
400 int tls_read_record(OSSL_RECORD_LAYER *rl, void **rechandle, int *rversion,
401 int *type, unsigned char **data, size_t *datalen,
402 uint16_t *epoch, unsigned char *seq_num);
403 int tls_release_record(OSSL_RECORD_LAYER *rl, void *rechandle);
404 int tls_default_set_protocol_version(OSSL_RECORD_LAYER *rl, int version);
405 int tls_set_protocol_version(OSSL_RECORD_LAYER *rl, int version);
406 void tls_set_plain_alerts(OSSL_RECORD_LAYER *rl, int allow);
407 void tls_set_first_handshake(OSSL_RECORD_LAYER *rl, int first);
408 void tls_set_max_pipelines(OSSL_RECORD_LAYER *rl, size_t max_pipelines);
409 void tls_get_state(OSSL_RECORD_LAYER *rl, const char **shortstr,
410 const char **longstr);
411 int tls_set_options(OSSL_RECORD_LAYER *rl, const OSSL_PARAM *options);
412 const COMP_METHOD *tls_get_compression(OSSL_RECORD_LAYER *rl);
413 void tls_set_max_frag_len(OSSL_RECORD_LAYER *rl, size_t max_frag_len);
414 int tls_setup_read_buffer(OSSL_RECORD_LAYER *rl);
415 int tls_setup_write_buffer(OSSL_RECORD_LAYER *rl, size_t numwpipes,
416 size_t firstlen, size_t nextlen);
417
418 int tls_write_records_multiblock(OSSL_RECORD_LAYER *rl,
419 OSSL_RECORD_TEMPLATE *templates,
420 size_t numtempl);
421
422 size_t tls_get_max_records_default(OSSL_RECORD_LAYER *rl, int type, size_t len,
423 size_t maxfrag, size_t *preffrag);
424 size_t tls_get_max_records_multiblock(OSSL_RECORD_LAYER *rl, int type,
425 size_t len, size_t maxfrag,
426 size_t *preffrag);
427 int tls_allocate_write_buffers_default(OSSL_RECORD_LAYER *rl,
428 OSSL_RECORD_TEMPLATE *templates,
429 size_t numtempl, size_t *prefix);
430 int tls_initialise_write_packets_default(OSSL_RECORD_LAYER *rl,
431 OSSL_RECORD_TEMPLATE *templates,
432 size_t numtempl,
433 OSSL_RECORD_TEMPLATE *prefixtempl,
434 WPACKET *pkt,
435 SSL3_BUFFER *bufs,
436 size_t *wpinited);
437 int tls1_allocate_write_buffers(OSSL_RECORD_LAYER *rl,
438 OSSL_RECORD_TEMPLATE *templates,
439 size_t numtempl, size_t *prefix);
440 int tls1_initialise_write_packets(OSSL_RECORD_LAYER *rl,
441 OSSL_RECORD_TEMPLATE *templates,
442 size_t numtempl,
443 OSSL_RECORD_TEMPLATE *prefixtempl,
444 WPACKET *pkt,
445 SSL3_BUFFER *bufs,
446 size_t *wpinited);
447 int tls_prepare_record_header_default(OSSL_RECORD_LAYER *rl,
448 WPACKET *thispkt,
449 OSSL_RECORD_TEMPLATE *templ,
450 unsigned int rectype,
451 unsigned char **recdata);
452 int tls_prepare_for_encryption_default(OSSL_RECORD_LAYER *rl,
453 size_t mac_size,
454 WPACKET *thispkt,
455 SSL3_RECORD *thiswr);
456 int tls_post_encryption_processing_default(OSSL_RECORD_LAYER *rl,
457 size_t mac_size,
458 OSSL_RECORD_TEMPLATE *thistempl,
459 WPACKET *thispkt,
460 SSL3_RECORD *thiswr);
461 int tls_write_records_default(OSSL_RECORD_LAYER *rl,
462 OSSL_RECORD_TEMPLATE *templates,
463 size_t numtempl);
464
465 /* Macros/functions provided by the SSL3_BUFFER component */
466
467 #define SSL3_BUFFER_get_buf(b) ((b)->buf)
468 #define SSL3_BUFFER_set_buf(b, n) ((b)->buf = (n))
469 #define SSL3_BUFFER_get_len(b) ((b)->len)
470 #define SSL3_BUFFER_get_left(b) ((b)->left)
471 #define SSL3_BUFFER_set_left(b, l) ((b)->left = (l))
472 #define SSL3_BUFFER_sub_left(b, l) ((b)->left -= (l))
473 #define SSL3_BUFFER_get_offset(b) ((b)->offset)
474 #define SSL3_BUFFER_set_offset(b, o) ((b)->offset = (o))
475 #define SSL3_BUFFER_add_offset(b, o) ((b)->offset += (o))
476 #define SSL3_BUFFER_set_app_buffer(b, l) ((b)->app_buffer = (l))
477 #define SSL3_BUFFER_is_app_buffer(b) ((b)->app_buffer)
478
479 void SSL3_BUFFER_release(SSL3_BUFFER *b);
A mirror of the official openssl repository