]> git.ipfire.org Git - thirdparty/openssl.git/blob - ssl/record/recordmethod.h
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Create the write record layer method and object and use it
[thirdparty/openssl.git] / ssl / record / recordmethod.h
1 /*
2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #ifndef OSSL_INTERNAL_RECORDMETHOD_H
11 # define OSSL_INTERNAL_RECORDMETHOD_H
12 # pragma once
13
14 # include <openssl/ssl.h>
15
16 /*
17 * We use the term "record" here to refer to a packet of data. Records are
18 * typically protected via a cipher and MAC, or an AEAD cipher (although not
19 * always). This usage of the term record is consistent with the TLS concept.
20 * In QUIC the term "record" is not used but it is analogous to the QUIC term
21 * "packet". The interface in this file applies to all protocols that protect
22 * records/packets of data, i.e. (D)TLS and QUIC. The term record is used to
23 * refer to both contexts.
24 */
25
26 /*
27 * An OSSL_RECORD_METHOD is a protcol specific method which provides the
28 * functions for reading and writing records for that protocol. Which
29 * OSSL_RECORD_METHOD to use for a given protocol is defined by the SSL_METHOD.
30 */
31 typedef struct ossl_record_method_st OSSL_RECORD_METHOD;
32
33 /*
34 * An OSSL_RECORD_LAYER is just an externally defined opaque pointer created by
35 * the method
36 */
37 typedef struct ossl_record_layer_st OSSL_RECORD_LAYER;
38
39
40 # define OSSL_RECORD_ROLE_CLIENT 0
41 # define OSSL_RECORD_ROLE_SERVER 1
42
43 # define OSSL_RECORD_DIRECTION_READ 0
44 # define OSSL_RECORD_DIRECTION_WRITE 1
45
46 /*
47 * Protection level. For <= TLSv1.2 only "NONE" and "APPLICATION" are used.
48 */
49 # define OSSL_RECORD_PROTECTION_LEVEL_NONE 0
50 # define OSSL_RECORD_PROTECTION_LEVEL_EARLY 1
51 # define OSSL_RECORD_PROTECTION_LEVEL_HANDSHAKE 2
52 # define OSSL_RECORD_PROTECTION_LEVEL_APPLICATION 3
53
54 # define OSSL_RECORD_RETURN_SUCCESS 1
55 # define OSSL_RECORD_RETURN_RETRY 0
56 # define OSSL_RECORD_RETURN_NON_FATAL_ERR -1
57 # define OSSL_RECORD_RETURN_FATAL -2
58 # define OSSL_RECORD_RETURN_EOF -3
59
60 /*
61 * Template for creating a record. A record consists of the |type| of data it
62 * will contain (e.g. alert, handshake, application data, etc) along with a
63 * buffer of payload data in |buf| of length |buflen|.
64 */
65 struct ossl_record_template_st {
66 int type;
67 const unsigned char *buf;
68 size_t buflen;
69 };
70
71 typedef struct ossl_record_template_st OSSL_RECORD_TEMPLATE;
72
73 /*
74 * Rather than a "method" approach, we could make this fetchable - Should we?
75 * There could be some complexity in finding suitable record layer implementations
76 * e.g. we need to find one that matches the negotiated protocol, cipher,
77 * extensions, etc. The selection_cb approach given above doesn't work so well
78 * if unknown third party providers with OSSL_RECORD_METHOD implementations are
79 * loaded.
80 */
81
82 /*
83 * If this becomes public API then we will need functions to create and
84 * free an OSSL_RECORD_METHOD, as well as functions to get/set the various
85 * function pointers....unless we make it fetchable.
86 */
87 struct ossl_record_method_st {
88 /*
89 * Create a new OSSL_RECORD_LAYER object for handling the protocol version
90 * set by |vers|. |role| is 0 for client and 1 for server. |direction|
91 * indicates either read or write. |level| is the protection level as
92 * described above. |settings| are mandatory settings that will cause the
93 * new() call to fail if they are not understood (for example to require
94 * Encrypt-Then-Mac support). |options| are optional settings that will not
95 * cause the new() call to fail if they are not understood (for example
96 * whether to use "read ahead" or not).
97 *
98 * The BIO in |transport| is the BIO for the underlying transport layer.
99 * Where the direction is "read", then this BIO will only ever be used for
100 * reading data. Where the direction is "write", then this BIO will only
101 * every be used for writing data.
102 *
103 * An SSL object will always have at least 2 OSSL_RECORD_LAYER objects in
104 * force at any one time (one for reading and one for writing). In some
105 * protocols more than 2 might be used (e.g. in DTLS for retransmitting
106 * messages from an earlier epoch).
107 *
108 * The created OSSL_RECORD_LAYER object is stored in *ret on success (or
109 * NULL otherwise). The return value will be one of
110 * OSSL_RECORD_RETURN_SUCCESS, OSSL_RECORD_RETURN_FATAL or
111 * OSSL_RECORD_RETURN_NON_FATAL. A non-fatal return means that creation of
112 * the record layer has failed because it is unsuitable, but an alternative
113 * record layer can be tried instead.
114 */
115
116 /*
117 * If we eventually make this fetchable then we will need to use something
118 * other than EVP_CIPHER. Also mactype would not be a NID, but a string. For
119 * now though, this works.
120 */
121 int (*new_record_layer)(OSSL_LIB_CTX *libctx,
122 const char *propq, int vers,
123 int role, int direction,
124 int level,
125 uint16_t epoch,
126 unsigned char *key,
127 size_t keylen,
128 unsigned char *iv,
129 size_t ivlen,
130 unsigned char *mackey,
131 size_t mackeylen,
132 const EVP_CIPHER *ciph,
133 size_t taglen,
134 int mactype,
135 const EVP_MD *md,
136 const SSL_COMP *comp,
137 BIO *prev,
138 BIO *transport,
139 BIO *next,
140 BIO_ADDR *local,
141 BIO_ADDR *peer,
142 const OSSL_PARAM *settings,
143 const OSSL_PARAM *options,
144 const OSSL_DISPATCH *fns,
145 void *cbarg,
146 OSSL_RECORD_LAYER **ret);
147 int (*free)(OSSL_RECORD_LAYER *rl);
148
149 int (*reset)(OSSL_RECORD_LAYER *rl); /* Is this needed? */
150
151 /* Returns 1 if we have unprocessed data buffered or 0 otherwise */
152 int (*unprocessed_read_pending)(OSSL_RECORD_LAYER *rl);
153
154 /*
155 * Returns 1 if we have processed data buffered that can be read or 0 otherwise
156 * - not necessarily app data
157 */
158 int (*processed_read_pending)(OSSL_RECORD_LAYER *rl);
159
160 /*
161 * The amount of processed app data that is internally bufferred and
162 * available to read
163 */
164 size_t (*app_data_pending)(OSSL_RECORD_LAYER *rl);
165
166 int (*write_pending)(OSSL_RECORD_LAYER *rl);
167
168 /*
169 * Find out the maximum amount of plaintext data that the record layer is
170 * prepared to write in a single record. When calling write_records it is
171 * the caller's responsibility to ensure that no record template exceeds
172 * this maximum when calling write_records.
173 */
174 size_t (*get_max_record_len)(OSSL_RECORD_LAYER *rl);
175
176 /*
177 * Find out the maximum number of records that the record layer is prepared
178 * to process in a single call to write_records. It is the caller's
179 * responsibility to ensure that no call to write_records exceeds this
180 * number of records.
181 */
182 size_t (*get_max_records)(OSSL_RECORD_LAYER *rl);
183
184 /*
185 * Write |numtempl| records from the array of record templates pointed to
186 * by |templates|. Each record should be no longer than the value returned
187 * by get_max_record_len(), and there should be no more records than the
188 * value returned by get_max_records().
189 * Where possible the caller will attempt to ensure that all records are the
190 * same length, except the last record. This may not always be possible so
191 * the record method implementation should not rely on this being the case.
192 * In the event of a retry the caller should call retry_write_records()
193 * to try again. No more calls to write_records() should be attempted until
194 * retry_write_records() returns success.
195 * Buffers allocated for the record templates can be freed immediately after
196 * write_records() returns - even in the case a retry.
197 * The record templates represent the plaintext payload. The encrypted
198 * output is written to the |transport| BIO.
199 * Returns:
200 * 1 on success
201 * 0 on retry
202 * -1 on failure
203 */
204 int (*write_records)(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
205 size_t numtempl);
206
207 /*
208 * Retry a previous call to write_records. The caller should continue to
209 * call this until the function returns with success or failure. After
210 * each retry more of the data may have been incrementally sent.
211 * Returns:
212 * 1 on success
213 * 0 on retry
214 * -1 on failure
215 */
216 int (*retry_write_records)(OSSL_RECORD_LAYER *rl);
217
218 /*
219 * Read a record and return the record layer version and record type in
220 * the |rversion| and |type| parameters. |*data| is set to point to a
221 * record layer buffer containing the record payload data and |*datalen|
222 * is filled in with the length of that data. The |epoch| and |seq_num|
223 * values are only used if DTLS has been negotiated. In that case they are
224 * filled in with the epoch and sequence number from the record.
225 * An opaque record layer handle for the record is returned in |*rechandle|
226 * which is used in a subsequent call to |release_record|. The buffer must
227 * remain available until release_record is called.
228 *
229 * Internally the the OSSL_RECORD_METHOD the implementation may read/process
230 * multiple records in one go and buffer them.
231 */
232 int (*read_record)(OSSL_RECORD_LAYER *rl, void **rechandle, int *rversion,
233 int *type, unsigned char **data, size_t *datalen,
234 uint16_t *epoch, unsigned char *seq_num);
235 /*
236 * Release a buffer associated with a record previously read with
237 * read_record. Records are guaranteed to be released in the order that they
238 * are read.
239 */
240 int (*release_record)(OSSL_RECORD_LAYER *rl, void *rechandle);
241
242 /*
243 * In the event that a fatal error is returned from the functions above then
244 * get_alert_code() can be called to obtain a more details identifier for
245 * the error. In (D)TLS this is the alert description code.
246 */
247 int (*get_alert_code)(OSSL_RECORD_LAYER *rl);
248
249 /*
250 * Update the transport BIO from the one originally set in the
251 * new_record_layer call
252 */
253 int (*set1_bio)(OSSL_RECORD_LAYER *rl, BIO *bio);
254
255 /* Called when protocol negotiation selects a protocol version to use */
256 int (*set_protocol_version)(OSSL_RECORD_LAYER *rl, int version);
257
258 /*
259 * Whether we are allowed to receive unencrypted alerts, even if we might
260 * otherwise expect encrypted records. Ignored by protocol versions where
261 * this isn't relevant
262 */
263 void (*set_plain_alerts)(OSSL_RECORD_LAYER *rl, int allow);
264
265 /*
266 * Called immediately after creation of the record layer if we are in a
267 * first handshake. Also called at the end of the first handshake
268 */
269 void (*set_first_handshake)(OSSL_RECORD_LAYER *rl, int first);
270
271 /*
272 * Set the maximum number of pipelines that the record layer should process.
273 * The default is 1.
274 */
275 void (*set_max_pipelines)(OSSL_RECORD_LAYER *rl, size_t max_pipelines);
276
277 /*
278 * Called to tell the record layer whether we are currently "in init" or
279 * not. Default at creation of the record layer is "yes".
280 */
281 void (*set_in_init)(OSSL_RECORD_LAYER *rl, int in_init);
282
283 /*
284 * Get a short or long human readable description of the record layer state
285 */
286 void (*get_state)(OSSL_RECORD_LAYER *rl, const char **shortstr,
287 const char **longstr);
288
289 /*
290 * Set new options or modify ones that were originaly specified in the
291 * new_record_layer call.
292 */
293 int (*set_options)(OSSL_RECORD_LAYER *rl, const OSSL_PARAM *options);
294 };
295
296
297 /* Standard built-in record methods */
298 extern const OSSL_RECORD_METHOD ossl_tls_record_method;
299 # ifndef OPENSSL_NO_KTLS
300 extern const OSSL_RECORD_METHOD ossl_ktls_record_method;
301 # endif
302 extern const OSSL_RECORD_METHOD ossl_dtls_record_method;
303
304 #endif /* !defined(OSSL_INTERNAL_RECORDMETHOD_H) */
A mirror of the official openssl repository