2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/macros.h>
11 #include <openssl/objects.h>
12 #include "quic_local.h"
14 SSL *ossl_quic_new(SSL_CTX *ctx)
20 qc = OPENSSL_zalloc(sizeof(*qc));
25 if (!ossl_ssl_init(ssl, ctx, SSL_TYPE_QUIC_CONNECTION)) {
30 qc->tls = ossl_ssl_connection_new(ctx);
31 if (qc->tls == NULL || (sc = SSL_CONNECTION_FROM_SSL(qc->tls)) == NULL)
33 /* override the user_ssl of the inner connection */
36 /* We'll need to set proper TLS method on qc->tls here */
43 int ossl_quic_init(SSL *s)
45 return s->method->ssl_clear(s);
48 void ossl_quic_deinit(SSL *s)
53 void ossl_quic_free(SSL *s)
55 QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s);
58 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
61 ossl_ssl_connection_free(s);
69 int ossl_quic_reset(SSL *s)
71 QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s);
74 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
76 return sc != NULL ? ossl_ssl_connection_reset(s) : 0;
79 return ossl_ssl_connection_reset(qc->tls);
82 int ossl_quic_clear(SSL *s)
87 int ossl_quic_accept(SSL *s)
89 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_QUIC_SSL(s);
94 ossl_statem_set_in_init(sc, 0);
98 int ossl_quic_connect(SSL *s)
100 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_QUIC_SSL(s);
105 ossl_statem_set_in_init(sc, 0);
109 int ossl_quic_read(SSL *s, void *buf, size_t len, size_t *readbytes)
112 BIO *rbio = SSL_get_rbio(s);
113 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_QUIC_SSL(s);
115 if (sc == NULL || rbio == NULL)
118 sc->rwstate = SSL_READING;
119 ret = BIO_read_ex(rbio, buf, len, readbytes);
120 if (ret > 0 || !BIO_should_retry(rbio))
121 sc->rwstate = SSL_NOTHING;
122 return ret <= 0 ? -1 : ret;
125 int ossl_quic_peek(SSL *s, void *buf, size_t len, size_t *readbytes)
130 int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written)
132 BIO *wbio = SSL_get_wbio(s);
134 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_QUIC_SSL(s);
136 if (sc == NULL || wbio == NULL)
139 sc->rwstate = SSL_WRITING;
140 ret = BIO_write_ex(wbio, buf, len, written);
141 if (ret > 0 || !BIO_should_retry(wbio))
142 sc->rwstate = SSL_NOTHING;
146 int ossl_quic_shutdown(SSL *s)
151 long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
153 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_QUIC_SSL(s);
161 return ssl_cert_set1_chain(sc, NULL, (STACK_OF(X509) *)parg);
163 return ssl_cert_set0_chain(sc, NULL, (STACK_OF(X509) *)parg);
168 long ossl_quic_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
173 return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
175 return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
177 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
178 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
179 /* TODO(QUIC): these will have to be implemented properly */
185 long ossl_quic_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
190 long ossl_quic_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
195 size_t ossl_quic_pending(const SSL *s)
200 OSSL_TIME ossl_quic_default_timeout(void)
202 return ossl_time_zero();
205 int ossl_quic_num_ciphers(void)
210 const SSL_CIPHER *ossl_quic_get_cipher(unsigned int u)
213 * TODO(QUIC): This is needed so the SSL_CTX_set_cipher_list("DEFAULT");
214 * produces at least one valid TLS-1.2 cipher.
215 * Later we should allow that there are none with QUIC protocol as
216 * SSL_CTX_set_cipher_list should still allow setting a SECLEVEL.
218 static const SSL_CIPHER ciph = {
220 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
221 TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
222 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
227 TLS1_2_VERSION, TLS1_2_VERSION,
228 DTLS1_2_VERSION, DTLS1_2_VERSION,
230 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
238 int ossl_quic_renegotiate_check(SSL *ssl, int initok)
projects / openssl.git / blob