2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/bio.h>
11 #include <openssl/ssl.h>
12 #include <openssl/err.h>
13 #include "../../ssl_local.h"
14 #include "../record_local.h"
16 typedef struct dtls_bitmap_st {
17 /* Track 64 packets */
19 /* Max record number seen so far, 64-bit value in big-endian encoding */
20 unsigned char max_seq_num[SEQ_NUM_SIZE];
23 /* Protocol version specific function pointers */
24 struct record_functions_st
27 * Returns either OSSL_RECORD_RETURN_SUCCESS, OSSL_RECORD_RETURN_FATAL or
28 * OSSL_RECORD_RETURN_NON_FATAL_ERR if we can keep trying to find an
29 * alternative record layer.
31 int (*set_crypto_state)(OSSL_RECORD_LAYER *rl, int level,
32 unsigned char *key, size_t keylen,
33 unsigned char *iv, size_t ivlen,
34 unsigned char *mackey, size_t mackeylen,
35 const EVP_CIPHER *ciph,
43 * 0: if the record is publicly invalid, or an internal error, or AEAD
44 * decryption failed, or EtM decryption failed.
45 * 1: Success or MtE decryption failed (MAC will be randomised)
47 int (*cipher)(OSSL_RECORD_LAYER *rl, SSL3_RECORD *recs, size_t n_recs,
48 int sending, SSL_MAC_BUF *macs, size_t macsize);
49 /* Returns 1 for success or 0 for error */
50 int (*mac)(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec, unsigned char *md,
53 /* Return 1 for success or 0 for error */
54 int (*set_protocol_version)(OSSL_RECORD_LAYER *rl, int version);
56 /* Read related functions */
58 int (*read_n)(OSSL_RECORD_LAYER *rl, size_t n, size_t max, int extend,
59 int clearold, size_t *readbytes);
61 int (*get_more_records)(OSSL_RECORD_LAYER *rl);
63 /* Return 1 for success or 0 for error */
64 int (*validate_record_header)(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec);
66 /* Return 1 for success or 0 for error */
67 int (*post_process_record)(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec);
69 /* Write related functions */
71 size_t (*get_max_records)(OSSL_RECORD_LAYER *rl, int type, size_t len,
72 size_t maxfrag, size_t *preffrag);
74 /* Return 1 for success or 0 for error */
75 int (*write_records)(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
78 /* Allocate the rl->wbuf buffers. Return 1 for success or 0 for error */
79 int (*allocate_write_buffers)(OSSL_RECORD_LAYER *rl,
80 OSSL_RECORD_TEMPLATE *templates,
81 size_t numtempl, size_t *prefix);
84 * Initialise the packets in the |pkt| array using the buffers in |rl->wbuf|.
85 * Some protocol versions may use the space in |prefixtempl| to add
86 * an artificial template in front of the |templates| array and hence may
87 * initialise 1 more WPACKET than there are templates. |*wpinited|
88 * returns the number of WPACKETs in |pkt| that were successfully
89 * initialised. This must be 0 on entry and will be filled in even on error.
91 int (*initialise_write_packets)(OSSL_RECORD_LAYER *rl,
92 OSSL_RECORD_TEMPLATE *templates,
94 OSSL_RECORD_TEMPLATE *prefixtempl,
100 struct ossl_record_layer_st
102 OSSL_LIB_CTX *libctx;
113 * A BIO containing any data read in the previous epoch that was destined
118 /* The transport BIO */
122 * A BIO where we will send any data read by us that is destined for the
127 /* Types match the equivalent fields in the SSL object */
131 /* write IO goes into here */
132 SSL3_BUFFER wbuf[SSL_MAX_PIPELINES + 1];
134 /* Next wbuf with pending data still to write */
137 /* How many pipelines can be used to write data */
140 /* read IO goes into here */
142 /* each decoded record goes in here */
143 SSL3_RECORD rrec[SSL_MAX_PIPELINES];
145 /* How many records have we got available in the rrec bufer */
148 /* The record number in the rrec buffer that can be read next */
151 /* The number of records that have been released via tls_release_record */
154 /* where we are when reading */
157 /* used internally to point at a raw packet */
158 unsigned char *packet;
159 size_t packet_length;
161 /* Sequence number for the next record */
162 unsigned char sequence[SEQ_NUM_SIZE];
164 /* Alert code to be used if an error occurs */
168 * Read as many input bytes as possible (for non-blocking reads)
172 /* The number of consecutive empty records we have received */
173 size_t empty_record_count;
176 * Do we need to send a prefix empty record before application data as a
177 * countermeasure against known-IV weakness (necessary for SSLv3 and
180 int need_empty_fragments;
182 /* cryptographic state */
183 EVP_CIPHER_CTX *enc_ctx;
185 /* Explicit IV length */
188 /* used for mac generation */
191 /* compress/uncompress */
194 /* Set to 1 if this is the first handshake. 0 otherwise */
195 int is_first_handshake;
198 * The smaller of the configured and negotiated maximum fragment length
199 * or SSL3_RT_MAX_PLAIN_LENGTH if none
201 unsigned int max_frag_len;
203 /* The maxium amount of early data we can receive/send */
204 uint32_t max_early_data;
206 /* The amount of early data that we have sent/received */
207 size_t early_data_count;
209 /* TLSv1.3 record padding */
210 size_t block_padding;
212 /* Only used by SSLv3 */
213 unsigned char mac_secret[EVP_MAX_MD_SIZE];
215 /* TLSv1.0/TLSv1.1/TLSv1.2 */
218 /* Flags for GOST ciphers */
224 unsigned char iv[EVP_MAX_IV_LENGTH];
226 unsigned char read_iv[EVP_MAX_IV_LENGTH];
227 int allow_plain_alerts;
229 /* TLS "any" fields */
230 /* Set to true if this is the first record in a connection */
231 unsigned int is_first_record;
235 /* DTLS received handshake records (processed and unprocessed) */
236 record_pqueue unprocessed_rcds;
237 record_pqueue processed_rcds;
239 /* records being received in the current epoch */
241 /* renegotiation starts a new set of sequence numbers */
242 DTLS_BITMAP next_bitmap;
245 * Whether we are currently in a hanshake or not. Only maintained for DTLS
251 OSSL_FUNC_rlayer_skip_early_data_fn *skip_early_data;
252 OSSL_FUNC_rlayer_msg_callback_fn *msg_callback;
253 OSSL_FUNC_rlayer_security_fn *security;
254 OSSL_FUNC_rlayer_padding_fn *padding;
256 size_t max_pipelines;
258 /* Function pointers for version specific functions */
259 struct record_functions_st *funcs;
262 typedef struct dtls_rlayer_record_data_st {
263 unsigned char *packet;
264 size_t packet_length;
267 } DTLS_RLAYER_RECORD_DATA;
269 extern struct record_functions_st ssl_3_0_funcs;
270 extern struct record_functions_st tls_1_funcs;
271 extern struct record_functions_st tls_1_3_funcs;
272 extern struct record_functions_st tls_any_funcs;
273 extern struct record_functions_st dtls_1_funcs;
274 extern struct record_functions_st dtls_any_funcs;
276 void ossl_rlayer_fatal(OSSL_RECORD_LAYER *rl, int al, int reason,
277 const char *fmt, ...);
279 #define RLAYERfatal(rl, al, r) RLAYERfatal_data((rl), (al), (r), NULL)
280 #define RLAYERfatal_data \
282 ERR_set_debug(OPENSSL_FILE, OPENSSL_LINE, OPENSSL_FUNC), \
285 #define RLAYER_USE_EXPLICIT_IV(rl) ((rl)->version == TLS1_1_VERSION \
286 || (rl)->version == TLS1_2_VERSION \
289 int ossl_set_tls_provider_parameters(OSSL_RECORD_LAYER *rl,
291 const EVP_CIPHER *ciph,
294 __owur char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
295 __owur int ssl3_cbc_digest_record(const EVP_MD *md,
296 unsigned char *md_out,
298 const unsigned char *header,
299 const unsigned char *data,
301 size_t data_plus_mac_plus_padding_size,
302 const unsigned char *mac_secret,
303 size_t mac_secret_length, char is_sslv3);
305 int tls_default_read_n(OSSL_RECORD_LAYER *rl, size_t n, size_t max, int extend,
306 int clearold, size_t *readbytes);
307 int tls_get_more_records(OSSL_RECORD_LAYER *rl);
308 int dtls_get_more_records(OSSL_RECORD_LAYER *rl);
310 int tls_default_set_protocol_version(OSSL_RECORD_LAYER *rl, int version);
311 int tls_default_validate_record_header(OSSL_RECORD_LAYER *rl, SSL3_RECORD *re);
312 int tls_do_uncompress(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec);
313 int tls_default_post_process_record(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec);
314 int tls13_common_post_process_record(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec);
317 tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers,
318 int role, int direction, int level, unsigned char *key,
319 size_t keylen, unsigned char *iv, size_t ivlen,
320 unsigned char *mackey, size_t mackeylen,
321 const EVP_CIPHER *ciph, size_t taglen,
323 const EVP_MD *md, COMP_METHOD *comp, BIO *prev,
324 BIO *transport, BIO *next,
325 BIO_ADDR *local, BIO_ADDR *peer,
326 const OSSL_PARAM *settings, const OSSL_PARAM *options,
327 const OSSL_DISPATCH *fns, void *cbarg,
328 OSSL_RECORD_LAYER **retrl);
329 int tls_free(OSSL_RECORD_LAYER *rl);
330 int tls_reset(OSSL_RECORD_LAYER *rl);
331 int tls_unprocessed_read_pending(OSSL_RECORD_LAYER *rl);
332 int tls_processed_read_pending(OSSL_RECORD_LAYER *rl);
333 size_t tls_app_data_pending(OSSL_RECORD_LAYER *rl);
334 int tls_write_pending(OSSL_RECORD_LAYER *rl);
335 size_t tls_get_max_record_len(OSSL_RECORD_LAYER *rl);
336 size_t tls_get_max_records(OSSL_RECORD_LAYER *rl, int type, size_t len,
337 size_t maxfrag, size_t *preffrag);
338 int tls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
340 int tls_retry_write_records(OSSL_RECORD_LAYER *rl);
341 int tls_get_alert_code(OSSL_RECORD_LAYER *rl);
342 int tls_set1_bio(OSSL_RECORD_LAYER *rl, BIO *bio);
343 int tls_read_record(OSSL_RECORD_LAYER *rl, void **rechandle, int *rversion,
344 int *type, unsigned char **data, size_t *datalen,
345 uint16_t *epoch, unsigned char *seq_num);
346 int tls_release_record(OSSL_RECORD_LAYER *rl, void *rechandle);
347 int tls_default_set_protocol_version(OSSL_RECORD_LAYER *rl, int version);
348 int tls_set_protocol_version(OSSL_RECORD_LAYER *rl, int version);
349 void tls_set_plain_alerts(OSSL_RECORD_LAYER *rl, int allow);
350 void tls_set_first_handshake(OSSL_RECORD_LAYER *rl, int first);
351 void tls_set_max_pipelines(OSSL_RECORD_LAYER *rl, size_t max_pipelines);
352 void tls_get_state(OSSL_RECORD_LAYER *rl, const char **shortstr,
353 const char **longstr);
354 int tls_set_options(OSSL_RECORD_LAYER *rl, const OSSL_PARAM *options);
355 const COMP_METHOD *tls_get_compression(OSSL_RECORD_LAYER *rl);
356 void tls_set_max_frag_len(OSSL_RECORD_LAYER *rl, size_t max_frag_len);
357 int tls_setup_read_buffer(OSSL_RECORD_LAYER *rl);
358 int tls_setup_write_buffer(OSSL_RECORD_LAYER *rl, size_t numwpipes,
359 size_t firstlen, size_t nextlen);
361 int tls_write_records_multiblock(OSSL_RECORD_LAYER *rl,
362 OSSL_RECORD_TEMPLATE *templates,
365 size_t tls_get_max_records_default(OSSL_RECORD_LAYER *rl, int type, size_t len,
366 size_t maxfrag, size_t *preffrag);
367 int tls_allocate_write_buffers_default(OSSL_RECORD_LAYER *rl,
368 OSSL_RECORD_TEMPLATE *templates,
369 size_t numtempl, size_t *prefix);
370 int tls_initialise_write_packets_default(OSSL_RECORD_LAYER *rl,
371 OSSL_RECORD_TEMPLATE *templates,
373 OSSL_RECORD_TEMPLATE *prefixtempl,
377 int tls1_allocate_write_buffers(OSSL_RECORD_LAYER *rl,
378 OSSL_RECORD_TEMPLATE *templates,
379 size_t numtempl, size_t *prefix);
380 int tls1_initialise_write_packets(OSSL_RECORD_LAYER *rl,
381 OSSL_RECORD_TEMPLATE *templates,
383 OSSL_RECORD_TEMPLATE *prefixtempl,
387 size_t tls_get_max_records_multiblock(OSSL_RECORD_LAYER *rl, int type,
388 size_t len, size_t maxfrag,
390 int tls_write_records_default(OSSL_RECORD_LAYER *rl,
391 OSSL_RECORD_TEMPLATE *templates,