recordmethod.h 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317
  1. /*
  2. * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #ifndef OSSL_INTERNAL_RECORDMETHOD_H
  10. # define OSSL_INTERNAL_RECORDMETHOD_H
  11. # pragma once
  12. # include <openssl/ssl.h>
  13. /*
  14. * We use the term "record" here to refer to a packet of data. Records are
  15. * typically protected via a cipher and MAC, or an AEAD cipher (although not
  16. * always). This usage of the term record is consistent with the TLS concept.
  17. * In QUIC the term "record" is not used but it is analogous to the QUIC term
  18. * "packet". The interface in this file applies to all protocols that protect
  19. * records/packets of data, i.e. (D)TLS and QUIC. The term record is used to
  20. * refer to both contexts.
  21. */
  22. /*
  23. * An OSSL_RECORD_METHOD is a protcol specific method which provides the
  24. * functions for reading and writing records for that protocol. Which
  25. * OSSL_RECORD_METHOD to use for a given protocol is defined by the SSL_METHOD.
  26. */
  27. typedef struct ossl_record_method_st OSSL_RECORD_METHOD;
  28. /*
  29. * An OSSL_RECORD_LAYER is just an externally defined opaque pointer created by
  30. * the method
  31. */
  32. typedef struct ossl_record_layer_st OSSL_RECORD_LAYER;
  33. # define OSSL_RECORD_ROLE_CLIENT 0
  34. # define OSSL_RECORD_ROLE_SERVER 1
  35. # define OSSL_RECORD_DIRECTION_READ 0
  36. # define OSSL_RECORD_DIRECTION_WRITE 1
  37. /*
  38. * Protection level. For <= TLSv1.2 only "NONE" and "APPLICATION" are used.
  39. */
  40. # define OSSL_RECORD_PROTECTION_LEVEL_NONE 0
  41. # define OSSL_RECORD_PROTECTION_LEVEL_EARLY 1
  42. # define OSSL_RECORD_PROTECTION_LEVEL_HANDSHAKE 2
  43. # define OSSL_RECORD_PROTECTION_LEVEL_APPLICATION 3
  44. # define OSSL_RECORD_RETURN_SUCCESS 1
  45. # define OSSL_RECORD_RETURN_RETRY 0
  46. # define OSSL_RECORD_RETURN_NON_FATAL_ERR -1
  47. # define OSSL_RECORD_RETURN_FATAL -2
  48. # define OSSL_RECORD_RETURN_EOF -3
  49. /*
  50. * Template for creating a record. A record consists of the |type| of data it
  51. * will contain (e.g. alert, handshake, application data, etc) along with an
  52. * array of buffers in |bufs| of size |numbufs|. There is a corresponding array
  53. * of buffer lengths in |buflens|. Concatenating all of the buffer data together
  54. * would give you the complete plaintext payload to be sent in a single record.
  55. */
  56. struct ossl_record_template_st {
  57. int type;
  58. void **bufs;
  59. size_t *buflens;
  60. size_t numbufs;
  61. };
  62. typedef struct ossl_record_template_st OSSL_RECORD_TEMPLATE;
  63. /*
  64. * Rather than a "method" approach, we could make this fetchable - Should we?
  65. * There could be some complexity in finding suitable record layer implementations
  66. * e.g. we need to find one that matches the negotiated protocol, cipher,
  67. * extensions, etc. The selection_cb approach given above doesn't work so well
  68. * if unknown third party providers with OSSL_RECORD_METHOD implementations are
  69. * loaded.
  70. */
  71. /*
  72. * If this becomes public API then we will need functions to create and
  73. * free an OSSL_RECORD_METHOD, as well as functions to get/set the various
  74. * function pointers....unless we make it fetchable.
  75. */
  76. struct ossl_record_method_st {
  77. /*
  78. * Create a new OSSL_RECORD_LAYER object for handling the protocol version
  79. * set by |vers|. |role| is 0 for client and 1 for server. |direction|
  80. * indicates either read or write. |level| is the protection level as
  81. * described above. |settings| are mandatory settings that will cause the
  82. * new() call to fail if they are not understood (for example to require
  83. * Encrypt-Then-Mac support). |options| are optional settings that will not
  84. * cause the new() call to fail if they are not understood (for example
  85. * whether to use "read ahead" or not).
  86. *
  87. * The BIO in |transport| is the BIO for the underlying transport layer.
  88. * Where the direction is "read", then this BIO will only ever be used for
  89. * reading data. Where the direction is "write", then this BIO will only
  90. * every be used for writing data.
  91. *
  92. * An SSL object will always have at least 2 OSSL_RECORD_LAYER objects in
  93. * force at any one time (one for reading and one for writing). In some
  94. * protocols more than 2 might be used (e.g. in DTLS for retransmitting
  95. * messages from an earlier epoch).
  96. *
  97. * The created OSSL_RECORD_LAYER object is stored in *ret on success (or
  98. * NULL otherwise). The return value will be one of
  99. * OSSL_RECORD_RETURN_SUCCESS, OSSL_RECORD_RETURN_FATAL or
  100. * OSSL_RECORD_RETURN_NON_FATAL. A non-fatal return means that creation of
  101. * the record layer has failed because it is unsuitable, but an alternative
  102. * record layer can be tried instead.
  103. */
  104. /*
  105. * If we eventually make this fetchable then we will need to use something
  106. * other than EVP_CIPHER. Also mactype would not be a NID, but a string. For
  107. * now though, this works.
  108. */
  109. int (*new_record_layer)(OSSL_LIB_CTX *libctx,
  110. const char *propq, int vers,
  111. int role, int direction,
  112. int level,
  113. uint16_t epoch,
  114. unsigned char *key,
  115. size_t keylen,
  116. unsigned char *iv,
  117. size_t ivlen,
  118. unsigned char *mackey,
  119. size_t mackeylen,
  120. const EVP_CIPHER *ciph,
  121. size_t taglen,
  122. int mactype,
  123. const EVP_MD *md,
  124. const SSL_COMP *comp,
  125. BIO *prev,
  126. BIO *transport,
  127. BIO *next,
  128. BIO_ADDR *local,
  129. BIO_ADDR *peer,
  130. const OSSL_PARAM *settings,
  131. const OSSL_PARAM *options,
  132. const OSSL_DISPATCH *fns,
  133. void *cbarg,
  134. OSSL_RECORD_LAYER **ret);
  135. int (*free)(OSSL_RECORD_LAYER *rl);
  136. int (*reset)(OSSL_RECORD_LAYER *rl); /* Is this needed? */
  137. /* Returns 1 if we have unprocessed data buffered or 0 otherwise */
  138. int (*unprocessed_read_pending)(OSSL_RECORD_LAYER *rl);
  139. /*
  140. * Returns 1 if we have processed data buffered that can be read or 0 otherwise
  141. * - not necessarily app data
  142. */
  143. int (*processed_read_pending)(OSSL_RECORD_LAYER *rl);
  144. /*
  145. * The amount of processed app data that is internally bufferred and
  146. * available to read
  147. */
  148. size_t (*app_data_pending)(OSSL_RECORD_LAYER *rl);
  149. int (*write_pending)(OSSL_RECORD_LAYER *rl);
  150. /*
  151. * Find out the maximum amount of plaintext data that the record layer is
  152. * prepared to write in a single record. When calling write_records it is
  153. * the caller's responsibility to ensure that no record template exceeds
  154. * this maximum when calling write_records.
  155. */
  156. size_t (*get_max_record_len)(OSSL_RECORD_LAYER *rl);
  157. /*
  158. * Find out the maximum number of records that the record layer is prepared
  159. * to process in a single call to write_records. It is the caller's
  160. * responsibility to ensure that no call to write_records exceeds this
  161. * number of records.
  162. */
  163. size_t (*get_max_records)(OSSL_RECORD_LAYER *rl);
  164. /*
  165. * Write |numtempl| records from the array of record templates pointed to
  166. * by |templates|. Each record should be no longer than the value returned
  167. * by get_max_record_len(), and there should be no more records than the
  168. * value returned by get_max_records().
  169. * |allowance| is the maximum amount of "on-the-wire" data that is allowed
  170. * to be sent at the moment (including all QUIC headers, but excluding any
  171. * UDP/IP headers). After a successful or retry return |*sent| will
  172. * be updated with the amount of data that has been sent so far. In the case
  173. * of a retry this could be 0.
  174. * Where possible the caller will attempt to ensure that all records are the
  175. * same length, except the last record. This may not always be possible so
  176. * the record method implementation should not rely on this being the case.
  177. * In the event of a retry the caller should call retry_write_records()
  178. * to try again. No more calls to write_records() should be attempted until
  179. * retry_write_records() returns success.
  180. * Buffers allocated for the record templates can be freed immediately after
  181. * write_records() returns - even in the case a retry.
  182. * The record templates represent the plaintext payload. The encrypted
  183. * output is written to the |transport| BIO.
  184. * Returns:
  185. * 1 on success
  186. * 0 on retry
  187. * -1 on failure
  188. */
  189. int (*write_records)(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE **templates,
  190. size_t numtempl, size_t allowance, size_t *sent);
  191. /*
  192. * Retry a previous call to write_records. The caller should continue to
  193. * call this until the function returns with success or failure. After
  194. * each retry more of the data may have been incrementally sent. |allowance|
  195. * is the amount of "on-the-wire" data that is allowed to be sent at the
  196. * moment. After a successful or retry return |*sent| will
  197. * be updated with the amount of data that has been sent by this call to
  198. * retry_write_records().
  199. * Returns:
  200. * 1 on success
  201. * 0 on retry
  202. * -1 on failure
  203. */
  204. int (*retry_write_records)(OSSL_RECORD_LAYER *rl, size_t allowance,
  205. size_t *sent);
  206. /*
  207. * Read a record and return the record layer version and record type in
  208. * the |rversion| and |type| parameters. |*data| is set to point to a
  209. * record layer buffer containing the record payload data and |*datalen|
  210. * is filled in with the length of that data. The |epoch| and |seq_num|
  211. * values are only used if DTLS has been negotiated. In that case they are
  212. * filled in with the epoch and sequence number from the record.
  213. * An opaque record layer handle for the record is returned in |*rechandle|
  214. * which is used in a subsequent call to |release_record|. The buffer must
  215. * remain available until release_record is called.
  216. *
  217. * Internally the the OSSL_RECORD_METHOD the implementation may read/process
  218. * multiple records in one go and buffer them.
  219. */
  220. int (*read_record)(OSSL_RECORD_LAYER *rl, void **rechandle, int *rversion,
  221. int *type, unsigned char **data, size_t *datalen,
  222. uint16_t *epoch, unsigned char *seq_num);
  223. /*
  224. * Release a buffer associated with a record previously read with
  225. * read_record. Records are guaranteed to be released in the order that they
  226. * are read.
  227. */
  228. int (*release_record)(OSSL_RECORD_LAYER *rl, void *rechandle);
  229. /*
  230. * In the event that a fatal error is returned from the functions above then
  231. * get_alert_code() can be called to obtain a more details identifier for
  232. * the error. In (D)TLS this is the alert description code.
  233. */
  234. int (*get_alert_code)(OSSL_RECORD_LAYER *rl);
  235. /*
  236. * Update the transport BIO from the one originally set in the
  237. * new_record_layer call
  238. */
  239. int (*set1_bio)(OSSL_RECORD_LAYER *rl, BIO *bio);
  240. /* Called when protocol negotiation selects a protocol version to use */
  241. int (*set_protocol_version)(OSSL_RECORD_LAYER *rl, int version);
  242. /*
  243. * Whether we are allowed to receive unencrypted alerts, even if we might
  244. * otherwise expect encrypted records. Ignored by protocol versions where
  245. * this isn't relevant
  246. */
  247. void (*set_plain_alerts)(OSSL_RECORD_LAYER *rl, int allow);
  248. /*
  249. * Called immediately after creation of the record layer if we are in a
  250. * first handshake. Also called at the end of the first handshake
  251. */
  252. void (*set_first_handshake)(OSSL_RECORD_LAYER *rl, int first);
  253. /*
  254. * Set the maximum number of pipelines that the record layer should process.
  255. * The default is 1.
  256. */
  257. void (*set_max_pipelines)(OSSL_RECORD_LAYER *rl, size_t max_pipelines);
  258. /*
  259. * Called to tell the record layer whether we are currently "in init" or
  260. * not. Default at creation of the record layer is "yes".
  261. */
  262. void (*set_in_init)(OSSL_RECORD_LAYER *rl, int in_init);
  263. /*
  264. * Get a short or long human readable description of the record layer state
  265. */
  266. void (*get_state)(OSSL_RECORD_LAYER *rl, const char **shortstr,
  267. const char **longstr);
  268. /*
  269. * Set new options or modify ones that were originaly specified in the
  270. * new_record_layer call.
  271. */
  272. int (*set_options)(OSSL_RECORD_LAYER *rl, const OSSL_PARAM *options);
  273. };
  274. /* Standard built-in record methods */
  275. extern const OSSL_RECORD_METHOD ossl_tls_record_method;
  276. # ifndef OPENSSL_NO_KTLS
  277. extern const OSSL_RECORD_METHOD ossl_ktls_record_method;
  278. # endif
  279. extern const OSSL_RECORD_METHOD ossl_dtls_record_method;
  280. #endif /* !defined(OSSL_INTERNAL_RECORDMETHOD_H) */